def details(self, rowid):
vulnerability = self.aucote.storage.vulnerability_by_id(rowid)
return self.not_found(
'Vulnerability not found') if vulnerability is None else {
'id':
vulnerability.rowid,
'url':
self._url_vulnerability(vulnerability.rowid),
'port':
self.pretty_port(vulnerability.port),
'scan':
self.pretty_scan(vulnerability.scan),
'time':
vulnerability.time,
'time_human':
parse_timestamp_to_time(vulnerability.time),
'exploit':
vulnerability.exploit.id,
'output':
vulnerability.output,
'expired':
vulnerability.expiration_time,
'expired_human':
parse_timestamp_to_time(vulnerability.expiration_time),
'scans': [
self.pretty_scan(scan) for scan in
self.aucote.storage.scans_by_vulnerability(vulnerability)
]
}
def details(self, rowid):
sec_scan = self.aucote.storage.security_scan_by_id(rowid)
return self.not_found(
'Security scan not found') if sec_scan is None else {
'id':
sec_scan.rowid,
'url':
self._url_security_scan(sec_scan.rowid),
'port':
self.pretty_port(sec_scan.port),
'scan':
self.pretty_scan(sec_scan.scan),
'scan_end':
sec_scan.scan_end,
'scan_end_human':
parse_timestamp_to_time(sec_scan.scan_end),
'scan_start':
sec_scan.scan_start,
'scan_start_human':
parse_timestamp_to_time(sec_scan.scan_start),
'exploit': {
'id': sec_scan.exploit.id,
'app': sec_scan.exploit.app,
'name': sec_scan.exploit.name
},
'scan_url':
self._url_scan(sec_scan.scan.rowid),
'scans': [
self.pretty_scan(scan) for scan in
self.aucote.storage.scans_by_security_scan(sec_scan)
]
}
def details(self, rowid):
scan = self.aucote.storage.get_scan_by_id(rowid)
return self.not_found('Scan not found') if scan is None else {
'scan':
rowid,
'url':
self._url_scan(rowid),
'start':
scan.start,
'start_human':
parse_timestamp_to_time(scan.start),
'end':
scan.end,
'end_human':
parse_timestamp_to_time(scan.end),
'nodes_scans': [
self.pretty_node(nodes_scans) for nodes_scans in
self.aucote.storage.nodes_scans_by_scan(scan)
],
'ports_scans': [
self.pretty_port_scan(port_scan)
for port_scan in self.aucote.storage.ports_scans_by_scan(scan)
]
}
def scanner_status(self, scan):
"""
Get scanner status
"""
scanner = self.get_scanner(name=scan)
if not scanner:
return self.not_found('Scanner not found')
if isinstance(scanner, ToolsScanner):
return self.internal_error(
'Security scanners are not implemented right now')
stats = {
'scan': scan,
'current_scan': scanner.scan.start,
'current_scan_human': parse_timestamp_to_time(scanner.scan.start),
'previous_scan': scanner.previous_scan,
'previous_scan_human':
parse_timestamp_to_time(scanner.previous_scan),
'next_scan': scanner.next_scan,
'next_scan_human': parse_timestamp_to_time(scanner.next_scan),
'scanners': {
protocol:
[subscanner.command.NAME for subscanner in subscanners]
for protocol, subscanners in scanner.scanners.items()
},
'status':
scanner.status.value if scanner.status is not None else None,
'nodes': [str(node) for node in scanner.nodes]
}
return stats
def pretty_sec_scan(self, sec_scan):
return {
'id': sec_scan.rowid,
'url': self._url_security_scan(sec_scan.rowid),
'port': self.pretty_port(sec_scan.port),
'scan': self.pretty_scan(sec_scan.scan),
'scan_end': sec_scan.scan_end,
'scan_end_human': parse_timestamp_to_time(sec_scan.scan_end),
'scan_start': sec_scan.scan_start,
'scan_start_human': parse_timestamp_to_time(sec_scan.scan_start),
'exploit': {
'id': sec_scan.exploit.id,
'app': sec_scan.exploit.app,
'name': sec_scan.exploit.name
}
}
def details(self, rowid):
port_scan = self.aucote.storage.port_scan_by_id(rowid)
return self.not_found(
'Port scan not found') if port_scan is None else {
'id':
port_scan.rowid,
'url':
self._url_ports_scan(port_scan.rowid),
'timestamp':
port_scan.timestamp,
'human_timestamp':
parse_timestamp_to_time(port_scan.timestamp),
'port_number':
port_scan.port.number,
'protocol':
port_scan.port.transport_protocol.db_val,
'node': {
'id': port_scan.node.id,
'ip': str(port_scan.node.ip)
},
'scan':
self.pretty_scan(port_scan.scan),
'scans': [
self.pretty_scan(scan) for scan in
self.aucote.storage.scans_by_port_scan(port_scan)
]
}
def pretty_vulnerability(self, vulnerability):
return {
'id': vulnerability.rowid,
'url': self._url_vulnerability(vulnerability.rowid),
'port': str(vulnerability.port),
'scan': self.pretty_scan(vulnerability.scan),
'output': vulnerability.output[:100],
'exploit': vulnerability.exploit.id,
'vuln_subid': vulnerability.subid,
'time': vulnerability.time,
'time_human': parse_timestamp_to_time(vulnerability.time),
'cvss': vulnerability.cvss,
}
def test_pasrsers_from_time_to_time(self):
initial = '2017-06-04T13:26:17+01:00'
expected = '2017-06-04T12:26:17+00:00'
result = parse_timestamp_to_time(parse_time_to_timestamp(initial))
self.assertEqual(result, expected)
def test_pasrsers_from_timestamp_to_timestamp(self):
expected = 197
result = parse_time_to_timestamp(parse_timestamp_to_time(expected))
self.assertEqual(result, expected)
def test_parse_timestamp_to_time(self):
result = parse_timestamp_to_time(12)
expected = '1970-01-01T00:00:12+00:00'
self.assertEqual(result, expected)