Python VulnscanManager.get_progress Exemples, openvas_lib.VulnscanManager.get_progress Python Exemples

Exemple #1

0

Afficher le fichier

def vuln_an_id(scan_id):
    """
    The function is filtering all data from OpenVAS and dumping to Archery database.
    :param scan_id:
    :return:
    """
    # ov_user = openvas_setting.openvas_username()
    # ov_pass = openvas_setting.openvas_pass()
    # ov_ip = openvas_setting.openvas_host()
    #
    # lod_ov_user = signing.loads(ov_user)
    # lod_ov_pass = signing.loads(ov_pass)
    # lod_ov_ip = signing.loads(ov_ip)

    all_openvas = openvas_setting_db.objects.all()

    for openvas in all_openvas:
        ov_user = openvas.user
        ov_pass = openvas.password
        ov_ip = openvas.host

    lod_ov_user = ov_user
    lod_ov_pass = ov_pass
    lod_ov_ip = ov_ip

    scanner = VulnscanManager(str(lod_ov_ip), str(lod_ov_user),
                              str(lod_ov_pass))
    openvas_results = scanner.get_raw_xml(str(scan_id))

    for openvas in openvas_results.findall(".//result"):
        for r in openvas:
            if r.tag == "name":
                global name
                if r.text is None:
                    name = "NA"
                else:
                    name = r.text

            if r.tag == "creation_time":
                global creation_time
                if r.text is None:
                    creation_time = "NA"
                else:
                    creation_time = r.text

            if r.tag == "modification_time":
                global modification_time
                if r.text is None:
                    modification_time = "NA"
                else:
                    modification_time = r.text
            if r.tag == "host":
                global host
                if r.text is None:
                    host = "NA"
                else:
                    host = r.text

            if r.tag == "port":
                global port
                if r.text is None:
                    port = "NA"
                else:
                    port = r.text
            if r.tag == "threat":
                global threat
                if r.text is None:
                    threat = "NA"
                else:
                    threat = r.text
            if r.tag == "severity":
                global severity
                if r.text is None:
                    severity = "NA"
                else:
                    severity = r.text
            if r.tag == "description":
                global description
                if r.text is None:
                    description = "NA"
                else:
                    description = r.text

            for rr in r.getchildren():
                if rr.tag == "family":
                    global family
                    if rr.text is None:
                        family = "NA"
                    else:
                        family = rr.text
                if rr.tag == "cvss_base":
                    global cvss_base
                    if rr.text is None:
                        cvss_base = "NA"
                    else:
                        cvss_base = rr.text
                if rr.tag == "cve":
                    global cve
                    if rr.text is None:
                        cve = "NA"
                    else:
                        cve = rr.text
                if rr.tag == "bid":
                    global bid
                    if rr.text is None:
                        bid = "NA"
                    else:
                        bid = rr.text

                if rr.tag == "xref":
                    global xref
                    if rr.text is None:
                        xref = "NA"
                    else:
                        xref = rr.text

                if rr.tag == "tags":
                    global tags
                    if rr.text is None:
                        tags = "NA"
                    else:
                        tags = rr.text
                if rr.tag == "type":
                    global banner
                    if rr.text is None:
                        banner = "NA"
                    else:
                        banner = rr.text

        date_time = timezone.now()
        vul_id = uuid.uuid4()

        s_data = scan_save_db.objects.filter(scan_id=scan_id)

        for data in s_data:
            if data.scan_ip == host:

                dup_data = name + host + severity
                duplicate_hash = hashlib.sha256(dup_data).hexdigest()

                save_all = ov_scan_result_db(
                    scan_id=scan_id,
                    vul_id=vul_id,
                    name=name,
                    creation_time=creation_time,
                    modification_time=modification_time,
                    host=host,
                    port=port,
                    threat=threat,
                    severity=severity,
                    description=description,
                    family=family,
                    cvss_base=cvss_base,
                    cve=cve,
                    bid=bid,
                    xref=xref,
                    tags=tags,
                    banner=banner,
                    date_time=date_time,
                    false_positive='No',
                    vuln_status='Open',
                    dup_hash=duplicate_hash)
                save_all.save()

                openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id) \
                    .values('name',
                            'threat').distinct()
                total_vul = len(openvas_vul)
                total_high = len(openvas_vul.filter(threat="High"))
                total_medium = len(openvas_vul.filter(threat="Medium"))
                total_low = len(openvas_vul.filter(threat="Low"))
                total_log = len(openvas_vul.filter(threat="Log"))
                scan_status = str(scanner.get_progress(str(scan_id)))

                scan_save_db.objects.filter(scan_id=scan_id) \
                    .update(total_vul=total_vul,
                            high_total=total_high,
                            medium_total=total_medium,
                            low_total=total_low,
                            log_total=total_log,
                            scan_status=scan_status)

Exemple #2

0

Afficher le fichier

Fichier : views.py Projet : Spr1ngBr0ther/archerysec

def Scan_Launch(scan_ip, project_id, sel_profile):

    with open(openvas_data, 'r+') as f:
        data = json.load(f)
        ov_user = data['open_vas_user']
        ov_pass = data['open_vas_pass']
        ov_ip = data['open_vas_ip']

        lod_ov_user = signing.loads(ov_user)
        lod_ov_pass = signing.loads(ov_pass)
        lod_ov_ip = signing.loads(ov_ip)

    scanner = VulnscanManager(str(lod_ov_ip), str(lod_ov_user), str(lod_ov_pass))
    time.sleep(5)
    profile = None
    if profile is None:
        profile = "Full and fast"
    else:
        profile = sel_profile
    scan_id, target_id = scanner.launch_scan(target=str(scan_ip), profile=str(profile))
    date_time = datetime.datetime.now()
    save_all = scan_save_db(scan_id=str(scan_id), project_id=str(project_id), scan_ip=str(scan_ip),
                            target_id=str(target_id), date_time=date_time)
    save_all.save()

    while int(scanner.get_progress(str(scan_id))) < 100.0:
        print 'Scan progress %: ' + str(scanner.get_progress(str(scan_id)))
        status = str(scanner.get_progress(str(scan_id)))
        scan_save_db.objects.filter(scan_id=scan_id).update(scan_status=status)
        time.sleep(5)

    global status
    status = "100"
    scan_save_db.objects.filter(scan_id=scan_id).update(scan_status=status)

    if profile == "Discovery":
        print "returning....."

    else:
        time.sleep(10)
        try:
            openvas_results = scanner.get_raw_xml(str(scan_id))
            vul_an_id(scan_id, openvas_results)
        except Exception as e:
            print e

        try:
            openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id).values('name', 'severity', 'vuln_color', 'threat', 'host', 'port').distinct()
            total_vul = len(openvas_vul)
            total_high = len(openvas_vul.filter(threat="High"))
            total_medium = len(openvas_vul.filter(threat="Medium"))
            total_low = len(openvas_vul.filter(threat="Low"))

            scan_save_db.objects.filter(scan_id=scan_id).update(total_vul=total_vul, high_total=total_high,
                                                                medium_total=total_medium, low_total=total_low)
        except Exception as e:
            print e

        try:
            for vul_id in ov_scan_result_db.objects.values_list('vul_id', flat=True).distinct():
                ov_scan_result_db.objects.filter(
                    pk=ov_scan_result_db.objects.filter(vul_id=vul_id).values_list('id', flat=True)[1:]).delete()
        except Exception as e:
            print e

Exemple #3

0

Afficher le fichier

Fichier : views.py Projet : voidp34r/archerysec

def Scan_Launch(scan_ip, project_id, sel_profile):

    with open(openvas_data, 'r+') as f:
        data = json.load(f)
        ov_user = data['open_vas_user']
        ov_pass = data['open_vas_pass']
        ov_ip = data['open_vas_ip']

        lod_ov_user = signing.loads(ov_user)
        lod_ov_pass = signing.loads(ov_pass)
        lod_ov_ip = signing.loads(ov_ip)

    scanner = VulnscanManager(str(lod_ov_ip), str(lod_ov_user), str(lod_ov_pass))
    time.sleep(5)
    profile = None
    if profile is None:
        profile = "Full and fast"
    else:
        profile = sel_profile
    scan_id, target_id = scanner.launch_scan(target=str(scan_ip), profile=str(profile))
    save_all = scan_save_db(scan_id=str(scan_id), project_id=str(project_id), scan_ip=str(scan_ip),
                            target_id=str(target_id))
    save_all.save()

    while int(scanner.get_progress(str(scan_id))) < 100.0:
        print 'Scan progress %: ' + str(scanner.get_progress(str(scan_id)))
        status = str(scanner.get_progress(str(scan_id)))
        scan_save_db.objects.filter(scan_id=scan_id).update(scan_status=status)
        time.sleep(5)

    global status
    status = "100"
    scan_save_db.objects.filter(scan_id=scan_id).update(scan_status=status)

    if profile == "Discovery":
        print "returning....."

    else:
        time.sleep(10)
        try:
            openvas_results = scanner.get_raw_xml(str(scan_id))
            vul_an_id(scan_id, openvas_results)
        except Exception as e:
            print e

        try:
            openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id).order_by('scan_id')
            total_vul = len(openvas_vul)
            total_high = len(openvas_vul.filter(threat="High"))
            total_medium = len(openvas_vul.filter(threat="Medium"))
            total_low = len(openvas_vul.filter(threat="Low"))

            scan_save_db.objects.filter(scan_id=scan_id).update(total_vul=total_vul, high_total=total_high,
                                                                medium_total=total_medium, low_total=total_low)
        except Exception as e:
            print e

        try:
            for vul_id in ov_scan_result_db.objects.values_list('vul_id', flat=True).distinct():
                ov_scan_result_db.objects.filter(
                    pk=ov_scan_result_db.objects.filter(vul_id=vul_id).values_list('id', flat=True)[1:]).delete()
        except Exception as e:
            print e

Exemple #4

0

Afficher le fichier

Fichier : views.py Projet : yeyingtomorrow/archerysec

def launch_scan(request):
    all_ip = scan_save_db.objects.all()

    scanner = VulnscanManager(scan_host, user, password)
    time.sleep(5)
    if request.method == 'POST':
        all_ip = scan_save_db.objects.all()
        scan_ip = request.POST.get('ip')
        profile = None
        if profile is None:
            profile = "Full and fast"
        else:
            profile = request.POST.get('scan_profile')
        scan_id, target_id = scanner.launch_scan(target=str(scan_ip),
                                                 profile=str(profile))
        save_all = scan_save_db(scan_id=str(scan_id),
                                scan_ip=str(scan_ip),
                                target_id=str(target_id))
        save_all.save()

        while int(scanner.get_progress(str(scan_id))) < 100.0:
            print 'Scan progress %: ' + str(scanner.get_progress(str(scan_id)))
            status = str(scanner.get_progress(str(scan_id)))
            scan_save_db.objects.filter(scan_id=scan_id).update(
                scan_status=status)
            time.sleep(5)

        global status
        status = "100"
        scan_save_db.objects.filter(scan_id=scan_id).update(scan_status=status)

        if profile == "Discovery":
            print "returning....."

        else:
            time.sleep(10)
            try:
                openvas_results = scanner.get_raw_xml(str(scan_id))
                vul_an_id(scan_id, openvas_results)
            except Exception as e:
                print e

            try:
                openvas_vul = ov_scan_result_db.objects.filter(
                    Q(scan_id=scan_id)).order_by('scan_id')
                total_vul = len(openvas_vul)
                total_high = len(openvas_vul.filter(threat="High"))
                total_medium = len(openvas_vul.filter(threat="Medium"))
                total_low = len(openvas_vul.filter(threat="Low"))

                scan_save_db.objects.filter(scan_id=scan_id).update(
                    total_vul=total_vul,
                    high_total=total_high,
                    medium_total=total_medium,
                    low_total=total_low)
            except Exception as e:
                print e

            try:
                for vul_id in ov_scan_result_db.objects.values_list(
                        'vul_id', flat=True).distinct():
                    ov_scan_result_db.objects.filter(
                        pk=ov_scan_result_db.objects.filter(vul_id=vul_id).
                        values_list('id', flat=True)[1:]).delete()
            except Exception as e:
                print e

    return render_to_response('vul_details.html', {'all_ip': all_ip})