Exemple #1
0
    def close_old_cases(self, current_hosts, scan_time):
        """ Go through the database and if a case is open in it,
            but doesn't exist in the list of current vulnerabilities,
            close it.

            NB: This should be run before open_new_cases(). """

        current_vulnerabilities = [
            vulnerability for sublist in [host.vulnerabilities for host in current_hosts] for vulnerability in sublist
        ]
        current_credentials = [
            credential for sublist in [host.credentials for host in current_hosts] for credential in sublist
        ]

        for historical_hole in self.holes:
            found = 0
            if historical_hole[-1] is not None:
                continue
            if historical_hole[4] == "V":
                for current_vulnerability in current_vulnerabilities:
                    if (
                        historical_hole[2] == current_vulnerability.uuid
                        and historical_hole[3] == current_vulnerability.address
                        and historical_hole[4] == current_vulnerability.service
                        and historical_hole[5] == current_vulnerability.port
                        and historical_hole[6] == current_vulnerability.name
                    ):
                        found = 1
                        break
            elif historical_hole[4] == "C":
                for current_credential in current_credentials:
                    if (
                        historical_hole[2] == current_credential.uuid
                        and historical_hole[3] == current_credential.address
                        and historical_hole[4] == current_credential.service
                        and historical_hole[5] == current_credential.port
                        and historical_hole[7] == current_credential.user
                        and historical_hole[8] == current_credential.password
                    ):
                        found = 1
                        break
            else:
                print("Strange line:\n", historical_hole, "\nIn file:", CONF.database)
            if not found:
                historical_hole[-1] = canonicalise_date(scan_time)
Exemple #2
0
    def open_new_cases(self, current_hosts, scan_time, scan_id):
        """ Compare the list of currently-detected security holes against
            those in the database. If the current hole is not already
            in the database (and marked open), a new (open) entry is
            put in. Otherwise, the case is deleted. As well as opening
            new cases, this function filters the list of current hosts
            so that the only ones remaining are these new ones.

            NB: This should be run after close_old_cases()."""

        for current_host in current_hosts:
            for current_vulnerability in current_host.vulnerabilities:
                found = 0
                for historical_hole in self.holes:
                    if (
                        historical_hole[2] == current_host.uuid
                        and historical_hole[3] == current_host.ip
                        and historical_hole[4] == "V"
                        and historical_hole[5] == current_vulnerability.service
                        and historical_hole[6] == current_vulnerability.port
                        and historical_hole[7] == current_vulnerability.name
                        and historical_hole[-1] is not None
                    ):
                        found = 1
                        break

                if found:
                    # Delete the vulnerability - we already know about it.
                    current_host.vulnerabilities.remove(current_vulnerability)
                else:
                    # Create a new entry and put it in the "database".
                    line = [
                        scan_time,
                        scan_id,
                        current_host.uuid,
                        current_host.ip,
                        "V",
                        current_vulnerability.service,
                        current_vulnerability.port,
                        current_vulnerability.name,
                        None,
                        None,
                        canonicalise_date(scan_time),
                        None,
                    ]
                    self.holes.append(line)

            for current_credential in current_host.credentials:
                found = 0
                for historical_hole in self.holes:
                    if (
                        historical_hole[2] == current_host.uuid
                        and historical_hole[3] == current_host.ip
                        and historical_hole[4] == "C"
                        and historical_hole[5] == current_credential.service
                        and historical_hole[6] == current_credential.port
                        and historical_hole[8] == current_credential.user
                        and historical_hole[9] == current_credential.password
                        and historical_hole[-1] is not None
                    ):
                        found = 1
                        break

                if found:
                    # Delete the credential - we already know about it.
                    current_host.credentials.remove(current_credential)
                else:
                    line = [
                        scan_time,
                        scan_id,
                        current_host.uuid,
                        current_host.ip,
                        "C",
                        current_credential.service,
                        current_credential.port,
                        None,
                        current_credential.user,
                        current_credential.password,
                        canonicalise_date(scan_time),
                        None,
                    ]
                    self.holes.append(line)

            if not (current_host.vulnerabilities or current_host.credentials):
                current_hosts.remove(current_host)