def do_host_status(records=[], query=None, asset_group=None, hosts=[]):
"""
Runs through the t_hosts table and updates the *_count entries.
Can also run through a specific list of record IDs instead.
"""
from skaldship.general import do_host_status
do_host_status(records=records, query=query, asset_group=asset_group, hosts=hosts)
return True
def update_dynamic_fields():
"""
Executes the following functions that update dynamic field entries:
skaldship.general.do_host_status
skaldship.exploits.connect_exploits
"""
response.title = "%s :: Update Dynamic Fields" % (settings.title)
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append([user.id, user.username])
ag = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True).as_list()
asset_groups = map((lambda x: x["f_asset_group"]), ag)
form = SQLFORM.factory(
Field("f_exploit_link", type="boolean", default=True, label=T("Exploit linking")),
Field("f_host_status", type="boolean", default=True, label=T("Host Service/Vuln counts")),
Field(
"f_asset_group",
type="list:string",
label=T("Asset Group"),
requires=IS_EMPTY_OR(IS_IN_SET(asset_groups, multiple=False)),
),
Field("f_taskit", type="boolean", default=auth.user.f_scheduler_tasks, label=T("Run in background task")),
)
from skaldship.general import do_host_status
from skaldship.exploits import connect_exploits
if form.accepts(request.vars, session):
if form.vars.f_exploit_link:
connect_exploits()
if form.vars.f_host_status:
if form.vars.f_taskit:
task = scheduler.queue_task(
do_host_status,
pvars=dict(asset_group=form.vars.f_asset_group),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=300, # 5 minutes
)
if task.id:
redirect(URL("tasks", "status", args=task.id))
else:
resp_text = "Error submitting job: %s" % (task.errors)
else:
do_host_status(asset_group=form.vars.f_asset_group)
response.flash = "Task completed!"
elif form.errors:
response.flash = "Error in form"
return dict(form=form, err404=get_oreally_404(request.folder))
task = msf_api.pro_import_data(
msf_settings.get("workspace"),
"".join(scan_data),
{
#'preserve_hosts': form.vars.preserve_hosts,
"blacklist_hosts": "\n".join(ip_ignore_list)
},
)
msf_workspace_num = session.msf_workspace_num or "unknown"
msfurl = os.path.join(msf_settings.get("url"), "workspaces", msf_workspace_num, "tasks", task["task_id"])
log(" [*] Added file to MSF Pro: %s" % msfurl)
# any new nexpose vulns need to be checked against exploits table and connected
log(" [*] Connecting exploits to vulns and performing do_host_status")
do_host_status(asset_group=asset_group)
log(" [*] Import complete: hosts: %s added, %s skipped" % (hoststats["added"], hoststats["skipped"]))
##-------------------------------------------------------------------------
def run_scan(blacklist=None, target_list=None, scan_options=None):
"""
Executes nmap scan
"""
from zenmapCore_Kvasir.NmapCommand import NmapCommand
from zenmapCore_Kvasir.NmapOptions import NmapOptions
from time import sleep
# new account record
acct_data = dict(
f_services_id=svc_id,
f_username=user,
f_password=f_password,
f_source=f_source,
f_compromised=True
)
acct_id = db.t_accounts.insert(**acct_data)
db.commit()
stats['accounts_added'] += 1
didwhat = "Added"
print(" [-] Account %s: (%s) %s" % (didwhat, ipaddr, user))
do_host_status()
msg = " [*] Import complete: hosts: (%s/A, %s/U, %s/S) - services: (%s/A, %s/U), creds: (%s/A, %s/U)"\
% (
stats['hosts_added'],
stats['hosts_updated'],
stats['hosts_skipped'],
stats['services_added'],
stats['services_updated'],
stats['accounts_added'],
stats['accounts_updated']
)
print(msg)
return msg
