def burp_import(xml, requests_and_responses=False):
# initially: Burp Suite Pro (1.6beta2 / 1.6.01 used), recently: 1.6.16
issues_list = []
issues = xml.xpath('/issues/issue')
for issue in issues:
full_host = issue.xpath('./host')[0].text
scheme_split = full_host.split('://')
scheme = scheme_split[0]
full_host_parts = scheme_split[1].split(':')
host = full_host_parts[0]
if len(full_host_parts) > 1:
port = int(full_host_parts[-1])
elif scheme.lower() == 'https':
port = 443
else:
port = 80
# remove port if not needed
if scheme.lower() == 'http' and port == 80:
port = ''
if scheme.lower() == 'https' and port == 443:
port = ''
del scheme_split, full_host_parts
request_element = issue.xpath('./requestresponse/request')
if request_element:
request = base64.b64decode(request_element[0].text).replace('\r','')
method = request_element[0].attrib['method']
post = _extract_post(request, method)
else:
request = ''
method = None
post = ''
response_element = issue.xpath('./requestresponse/response')
if response_element:
response = base64.b64decode(response_element[0].text).replace('\r','')
else:
response = ''
method = None
status_parts = response.split('\n')[0].split(' ')
status_code, status_description = (None, None)
if response_element and len(status_parts) > 1:
try:
status_code, status_description = (int(status_parts[1]), ' '.join(status_parts[2:]))
except:
pass
del status_parts
location = ' '.join(request.split('\n')[0].split(' ')[1:-1])
vulnparam = issue.xpath('./location')[0].text[len(issue.xpath('./path')[0].text):]
if vulnparam:
vulnparam = vulnparam[2:-1-10]
if ' ' in vulnparam:
vulnparam = ''
severity = issue.xpath('./severity')[0].text
if severity == 'Information':
severity = 'Informational'
severity_id = ['Informational', 'Low', 'Medium', 'High'].index(severity)
#confidence = issue.xpath('./confidence')[0].text
name = issue.xpath('./name')[0].text
vuln_id = issue.xpath('./type')[0].text
issue_background_element = issue.xpath('./issueBackground')
if issue_background_element:
issue_background = issue_background_element[0].text
else:
issue_background = ''
issue_detail_element = issue.xpath('./issueDetail')
if issue_detail_element:
issue_detail = issue_detail_element[0].text
else:
issue_detail = ''
remediation_background_element = issue.xpath('./remediationBackground')
if remediation_background_element:
remediation_background = remediation_background_element[0].text
else:
remediation_background = ''
report_sections = UnsortableOrderedDict([
['issueBackground', etree.tostring(soupparser.fromstring(issue_background))],
['issueDetail', etree.tostring(soupparser.fromstring(issue_detail))],
['remediationBackground', etree.tostring(soupparser.fromstring(remediation_background))],
])
#if 'Host header poisoning' in name:
#if vuln_id == '134217728':
# print name
for i in report_sections:
report_sections[i] = fine_tune(report_sections[i], i)
issues_item = [
['Severity', severity],
['severity_id', severity_id],
['Name', name],
['vuln_id', vuln_id],
['Scheme', scheme],
['Host', host],
['Port', port],
['Method', method],
['Location', location],
['Post', post],
['VulnParam', vulnparam],
['Example', UnsortableOrderedDict([('VulnParam',vulnparam,),('Request',mangle.request_tune(request),),('Response',mangle.response_tune(response),)])],
]
if requests_and_responses:
issues_item += [
#['Request', base64.b64encode (zlib.compress (request.encode('utf-8')))],
#['Response', base64.b64encode (zlib.compress (response.encode('utf-8')))],
['Request', base64.b64encode (zlib.compress (request))],
['Response', base64.b64encode (zlib.compress (response))],
]
issues_item += [
['StatusCode', status_code],
['StatusDescription', status_description],
#['Classifications', map(lambda x: UnsortableOrderedDict([['Name', x[3]], ['URL', x[2]]]), classifications)],
['ReportSections', UnsortableOrderedDict(
map(lambda x: [x.replace(' ', ''), report_sections[x]], report_sections.keys()))],
]
issues_list += [UnsortableOrderedDict(issues_item)]
findings = []
for vuln_name in sorted(set(map(lambda x: x['Name'], issues_list))):
issue = UnsortableOrderedDict()
for i in filter(lambda x: x['Name'] == vuln_name, issues_list):
for j in ['Name', 'Severity', 'severity_id', 'ReportSections', 'Example']: #, 'Classifications'
if j not in issue:
issue[j] = i[j]
#else:
# if issue[j] != i[j]:
# print j
for j in ['Occurrences']:
if j not in issue:
issue[j] = []
v = UnsortableOrderedDict()
for k in ['Scheme', 'Host', 'Port', 'Method', 'Location', 'Post', 'VulnParam', 'StatusCode', 'StatusDescription']:
v[k] = i[k]
if requests_and_responses:
for k in ['Request','Response']:
v[k] = i[k]
issue[j] += [v]
findings += [issue]
findings.sort(key=lambda x: x['severity_id'], reverse=True)
for i in findings:
del i['severity_id']
return UnsortableOrderedDict([['Findings', findings], ])
def burp_import(xml, requests_and_responses=False):
# initially: Burp Suite Pro (1.6beta2 / 1.6.01 used), recently: 1.6.16
issues_list = []
issues = xml.xpath('/issues/issue')
for issue in issues:
full_host = issue.xpath('./host')[0].text
scheme_split = full_host.split('://')
scheme = scheme_split[0]
full_host_parts = scheme_split[1].split(':')
host = full_host_parts[0]
if len(full_host_parts) > 1:
port = int(full_host_parts[-1])
elif scheme.lower() == 'https':
port = 443
else:
port = 80
# remove port if not needed
if scheme.lower() == 'http' and port == 80:
port = ''
if scheme.lower() == 'https' and port == 443:
port = ''
del scheme_split, full_host_parts
request_element = issue.xpath('./requestresponse/request')
if request_element:
request = base64.b64decode(request_element[0].text).replace('\r','')
method = request_element[0].attrib['method']
post = _extract_post(request, method)
else:
request = ''
method = None
post = ''
response_element = issue.xpath('./requestresponse/response')
if response_element:
response = base64.b64decode(response_element[0].text).replace('\r','')
else:
response = ''
method = None
status_parts = response.split('\n')[0].split(' ')
status_code, status_description = (None, None)
if response_element and len(status_parts) > 1:
try:
status_code, status_description = (int(status_parts[1]), ' '.join(status_parts[2:]))
except:
pass
del status_parts
location = ' '.join(request.split('\n')[0].split(' ')[1:-1])
vulnparam = issue.xpath('./location')[0].text[len(issue.xpath('./path')[0].text):]
if vulnparam:
vulnparam = vulnparam[2:-1-10]
if ' ' in vulnparam:
vulnparam = ''
severity = issue.xpath('./severity')[0].text
if severity == 'Information':
severity = 'Informational'
severity_id = ['Informational', 'Low', 'Medium', 'High'].index(severity)
confidence = issue.xpath('./confidence')[0].text
name = issue.xpath('./name')[0].text
vuln_id = issue.xpath('./type')[0].text
issue_background_element = issue.xpath('./issueBackground')
if issue_background_element:
issue_background = issue_background_element[0].text
else:
issue_background = ''
issue_detail_element = issue.xpath('./issueDetail')
if issue_detail_element:
issue_detail = issue_detail_element[0].text
else:
issue_detail = ''
remediation_background_element = issue.xpath('./remediationBackground')
if remediation_background_element:
remediation_background = remediation_background_element[0].text
else:
remediation_background = ''
report_sections = UnsortableOrderedDict([
['issueBackground', mangle.soap_flatten(issue_background)],
['issueDetail', mangle.soap_flatten(issue_detail)],
['remediationBackground', mangle.soap_flatten(remediation_background)],
])
#if 'Host header poisoning' in name:
#if vuln_id == '134217728':
# print name
for i in report_sections:
report_sections[i] = fine_tune(report_sections[i], i)
issues_item = [
['Severity', severity],
['severity_id', severity_id],
['Name', name],
['Confidence', confidence],
['vuln_id', vuln_id],
['Scheme', scheme],
['Host', host],
['Port', port],
['Method', method],
['Location', location],
['Post', post],
['VulnParam', vulnparam],
['Example', UnsortableOrderedDict([('VulnParam',vulnparam,),('Request',mangle.request_tune(request),),('Response',mangle.response_tune(response),)])],
]
if requests_and_responses:
issues_item += [
#['Request', base64.b64encode (zlib.compress (request.encode('utf-8')))],
#['Response', base64.b64encode (zlib.compress (response.encode('utf-8')))],
['Request', base64.b64encode (zlib.compress (request))],
['Response', base64.b64encode (zlib.compress (response))],
]
issues_item += [
['StatusCode', status_code],
['StatusDescription', status_description],
#['Classifications', map(lambda x: UnsortableOrderedDict([['Name', x[3]], ['URL', x[2]]]), classifications)],
['ReportSections', UnsortableOrderedDict(
map(lambda x: [x.replace(' ', ''), report_sections[x]], report_sections.keys()))],
]
issues_list += [UnsortableOrderedDict(issues_item)]
findings = []
for vuln_name in sorted(set(map(lambda x: x['Name'], issues_list))):
issue = UnsortableOrderedDict()
for i in filter(lambda x: x['Name'] == vuln_name, issues_list):
for j in ['Name', 'Severity', 'severity_id', 'Confidence']: #, 'Classifications'
if j not in issue:
issue[j] = i[j]
issue['Summary'] = UnsortableOrderedDict()
issue['Summary']['Description'] = ''
issue['Summary']['Recommendation'] = ''
issue['Description'] = mangle.soap_flatten(issue_detail)
issue['Recommendation'] = mangle.soap_flatten(issue_background)
for j in ['ReportSections', 'Example']:
if j not in issue:
issue[j] = i[j]
for j in ['Occurrences']:
if j not in issue:
issue[j] = []
v = UnsortableOrderedDict()
for k in ['Scheme', 'Host', 'Port', 'Method', 'Location', 'Post', 'VulnParam', 'StatusCode', 'StatusDescription']:
v[k] = i[k]
if requests_and_responses:
for k in ['Request','Response']:
v[k] = i[k]
issue[j] += [v]
findings += [issue]
def webinspect_import(xml, requests_and_responses=False):
# initially, HP WebInspect (10.1.177.0), recently 10.40
issues_list = []
issues = xml.xpath('/Sessions/Session/Issues/Issue')
for issue in issues:
session = issue.getparent().getparent()
scheme = session.xpath('./Scheme')[0].text
host = session.xpath('./Host')[0].text
port = int(session.xpath('./Port')[0].text)
# remove port if not needed
if scheme.lower() == 'http' and port == 80:
port = ''
if scheme.lower() == 'https' and port == 443:
port = ''
#print scheme, host, port
request = session.xpath('./RawRequest')[0].text
response = session.xpath('./RawResponse')[0].text
method = session.xpath('./Request/Method')[0].text
response_element = session.xpath('./Response')
if response_element:
status_code = int(response_element[0].xpath('./StatusCode')[0].text)
status_description = response_element[0].xpath('./StatusDescription')[0].text
else:
status_code, status_description = (None, None)
#print status_code, status_description
location = ' '.join(request.split('\n')[0].split(' ')[1:-1])
fullurl = scheme+'://'+host+['', ':'+str(port)][bool(port)]+location
#print method, location
if method == 'POST':
# fix tested only for Burp reports:
#post = request.split('\n')[-1]
request_temp = request.replace('\r','')
loc = request_temp.find('\n\n')
if loc != -1:
post = request_temp[loc:].strip()
del request_temp
else:
post = ''
vulnparam = session.xpath('./AttackParamDescriptor')[0].text
if vulnparam == None:
vulnparam = ''
severity_id = int(issue.xpath('./Severity')[0].text)
severity = ['Informational', 'Low', 'Medium', 'High', 'Critical'][severity_id]
name = issue.xpath('./Name')[0].text
if issue.xpath('./CheckTypeID')[0].text == 'Best Practices':
severity = 'Best Practices'
vuln_id = issue.xpath('./VulnerabilityID')[0].text
#print severity,'\t',name
classifications = map(lambda x: [x.attrib['kind'], x.attrib['identifier'], x.attrib['href'], x.text],
issue.xpath('./Classifications/Classification'))
report_sections = map(lambda x: [x.xpath('./Name')[0].text, x.xpath('./SectionText')[0].text],
issue.xpath('./ReportSection'))
for i in range(len(report_sections)):
if report_sections[i][1]:
report_sections[i][1] = fine_tune(etree.tostring(soupparser.fromstring(report_sections[i][1])), fullurl)
#print issue.xpath ('./DetectionSelection/*')
issues_item = [
['Severity', severity],
['severity_id', severity_id],
['Name', name],
['vuln_id', vuln_id],
['Scheme', scheme],
['Host', host],
['Port', port],
['Method', method],
['Location', location],
['Post', post],
['VulnParam', vulnparam],
['Example', UnsortableOrderedDict([('VulnParam',vulnparam,),('Request',mangle.request_tune(request),),('Response',mangle.response_tune(response),)])],
#['Request', request],
]
if requests_and_responses:
issues_item += [
['Request', base64.b64encode (zlib.compress (request.encode('utf-8')))],
['Response', base64.b64encode (zlib.compress (response.encode('utf-8')))],
]
issues_item += [
['StatusCode', status_code],
['StatusDescription', status_description],
['Classifications', map(lambda x: UnsortableOrderedDict([['Name', x[3]], ['URL', '<ihtml><a href="'+x[2]+'">'+x[2]+'</a></ihtml>']]), classifications)],
['ReportSections', UnsortableOrderedDict(map(lambda x: [x[0].replace(' ', ''), x[1]], report_sections))],
]
issues_list += [UnsortableOrderedDict(issues_item)]
findings = []
for vuln_id in sorted(set(map(lambda x: str(x['vuln_id']), issues_list))):
issue = UnsortableOrderedDict()
for i in filter(lambda x: str(x['vuln_id']) == vuln_id, issues_list):
for j in ['Name', 'Severity', 'severity_id', 'ReportSections', 'Classifications', 'Example']:
if j not in issue:
issue[j] = i[j]
#else:
# if issue[j] != i[j]:
# print j
for j in ['Occurrences']:
if j not in issue:
issue[j] = []
v = UnsortableOrderedDict()
for k in ['Scheme', 'Host', 'Port', 'Method', 'Location', 'Post', 'VulnParam', 'StatusCode', 'StatusDescription']:
v[k] = i[k]
if requests_and_responses:
for k in ['Request','Response']:
v[k] = i[k]
issue[j] += [v]
findings += [issue]
findings.sort(key=lambda x: x['severity_id'], reverse=True)
for i in findings:
del i['severity_id']
return UnsortableOrderedDict([['Findings', findings], ])
def webinspect_import(xml, requests_and_responses=False):
# initially, HP WebInspect (10.1.177.0), recently 10.40
issues_list = []
issues = xml.xpath('/Sessions/Session/Issues/Issue')
for issue in issues:
session = issue.getparent().getparent()
scheme = session.xpath('./Scheme')[0].text
host = session.xpath('./Host')[0].text
port = int(session.xpath('./Port')[0].text)
# remove port if not needed
if scheme.lower() == 'http' and port == 80:
port = ''
if scheme.lower() == 'https' and port == 443:
port = ''
#print scheme, host, port
request = session.xpath('./RawRequest')[0].text
response = session.xpath('./RawResponse')[0].text
method = session.xpath('./Request/Method')[0].text
response_element = session.xpath('./Response')
if response_element:
status_code = int(response_element[0].xpath('./StatusCode')[0].text)
status_description = response_element[0].xpath('./StatusDescription')[0].text
else:
status_code, status_description = (None, None)
#print status_code, status_description
location = ' '.join(request.split('\n')[0].split(' ')[1:-1])
fullurl = scheme+'://'+host+['', ':'+str(port)][bool(port)]+location
#print method, location
if method == 'POST':
# fix tested only for Burp reports:
#post = request.split('\n')[-1]
request_temp = request.replace('\r','')
loc = request_temp.find('\n\n')
if loc != -1:
post = request_temp[loc:].strip()
del request_temp
else:
post = ''
vulnparam = session.xpath('./AttackParamDescriptor')[0].text
if vulnparam == None:
vulnparam = ''
severity_id = int(issue.xpath('./Severity')[0].text)
severity = ['Informational', 'Low', 'Medium', 'High', 'Critical'][severity_id]
name = issue.xpath('./Name')[0].text
if issue.xpath('./CheckTypeID')[0].text == 'Best Practices':
severity = 'Best Practices'
vuln_id = issue.xpath('./VulnerabilityID')[0].text
#print severity,'\t',name
classifications = map(lambda x: [x.attrib['kind'], x.attrib['identifier'], x.attrib['href'], x.text],
issue.xpath('./Classifications/Classification'))
report_sections = map(lambda x: [x.xpath('./Name')[0].text, x.xpath('./SectionText')[0].text],
issue.xpath('./ReportSection'))
for i in range(len(report_sections)):
if report_sections[i][1]:
report_sections[i][1] = fine_tune(etree.tostring(soupparser.fromstring(report_sections[i][1])), fullurl)
#print issue.xpath ('./DetectionSelection/*')
issues_item = [
['Severity', severity],
['severity_id', severity_id],
['Name', name],
['vuln_id', vuln_id],
['Scheme', scheme],
['Host', host],
['Port', port],
['Method', method],
['Location', location],
['Post', post],
['VulnParam', vulnparam],
['Example', UnsortableOrderedDict([('VulnParam',vulnparam,),('Request',mangle.request_tune(request),),('Response',mangle.response_tune(response),)])],
#['Request', request],
]
if requests_and_responses:
issues_item += [
['Request', base64.b64encode (zlib.compress (request.encode('utf-8')))],
['Response', base64.b64encode (zlib.compress (response.encode('utf-8')))],
]
issues_item += [
['StatusCode', status_code],
['StatusDescription', status_description],
['Classifications', map(lambda x: UnsortableOrderedDict([['Name', x[3]], ['URL', '<ihtml><a href="'+x[2]+'">'+x[2]+'</a></ihtml>']]), classifications)],
['ReportSections', UnsortableOrderedDict(map(lambda x: [x[0].replace(' ', ''), x[1]], report_sections))],
]
issues_list += [UnsortableOrderedDict(issues_item)]
findings = []
for vuln_id in sorted(set(map(lambda x: str(x['vuln_id']), issues_list))):
issue = UnsortableOrderedDict()
for i in filter(lambda x: str(x['vuln_id']) == vuln_id, issues_list):
for j in ['Name', 'Severity', 'severity_id', 'ReportSections', 'Classifications', 'Example']:
if j not in issue:
issue[j] = i[j]
#else:
# if issue[j] != i[j]:
# print j
for j in ['Occurrences']:
if j not in issue:
issue[j] = []
v = UnsortableOrderedDict()
for k in ['Scheme', 'Host', 'Port', 'Method', 'Location', 'Post', 'VulnParam', 'StatusCode', 'StatusDescription']:
v[k] = i[k]
if requests_and_responses:
for k in ['Request','Response']:
v[k] = i[k]
issue[j] += [v]
findings += [issue]
findings.sort(key=lambda x: x['severity_id'], reverse=True)
for i in findings:
del i['severity_id']
return UnsortableOrderedDict([['Findings', findings], ])
