def dotransform(request, response):
r = Wappalyzer().analyze(request.value)
for i in r:
e = BuiltWithTechnology(i)
e += Field('categories', ', '.join(r[i]))
response += e
return response
def dotransform(request, response):
p0f = config['locations/p0f']
pcap = request.value
cmd = p0f + ' -s ' + pcap + ' -NUql'
p0f_list = []
src_ip = []
p = os.popen(cmd).readlines()
for x in p:
s_ip = ''
s_os = ''
for s in re.finditer(
'(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}):\d{1,5} - (\S*.\S*)', x):
s_ip = s.group(1)
s_os = s.group(2)
rec = s_ip, s_os
if rec not in p0f_list:
p0f_list.append(rec)
for s_ip, s_os in p0f_list:
if s_os == '':
pass
else:
e = BuiltWithTechnology(s_os)
e += Field('source_ip',
s_ip,
displayname='Source IP',
matchingrule='strict')
e += Field('pcapsrc', pcap, displayname='Original pcap File')
response += e
return response
def dotransform(request, response):
i = fingerprint(request.value)
if i['status'] == P0fStatus.OK and i['os_name']:
d = '%s %s' % (i['os_name'], i['os_flavor'])
if i['http_name']:
d = '%s (%s)' % (i['http_name'], d)
response += BuiltWithTechnology(d)
return response
def dotransform(request, response):
s = AmapScanner()
f = NamedTemporaryFile(suffix='.gnmap', mode='wb')
f.write(NmapReportParser(file(request.entity.file).read()).greppable)
f.flush()
r = s.scan(['-bqi', f.name], AmapReportParser)
f.close()
for b in r.banners:
e = BuiltWithTechnology(b[1])
e += Label('Destination', b[0])
e += Label('Extra Information', b[2])
response += e
return response
def dotransform(request, response):
s = getscanner()
args = ['-n', '-Pn', '-sV', '-p', request.value] + request.params
if not request.entity.protocol:
request.entity.protocol = 'TCP'
elif request.entity.protocol.upper() == 'UDP':
args.insert(0, '-sU')
r = s.scan(request.entity.destination, *args)
if r is not None:
for host in r.addresses:
for port in r.ports(host):
e = BuiltWithTechnology(r.tobanner(port))
if 'servicefp' in port:
e += Label('Service Fingerprint', port['servicefp'])
if 'extrainfo' in port:
e += Label('Extra Information', port['extrainfo'])
if 'method' in port:
e += Label('Method', port['method'])
response += e
else:
response += UIMessage(s.error)
return response
def dotransform(request, response):
s = getscanner()
args = [
'-n', '-sV', '-p', request.value, request.fields['ip.destination']
] + request.params
if request.fields['protocol'] == 'UDP':
args.insert(0, '-sU')
r = s.scan(args, NmapReportParser)
if r is not None:
for host in r.addresses:
for port in r.ports(host):
e = BuiltWithTechnology(r.tobanner(port))
if 'servicefp' in port:
e += Label('Service Fingerprint', port['servicefp'])
if 'extrainfo' in port:
e += Label('Extra Information', port['extrainfo'])
if 'method' in port:
e += Label('Method', port['method'])
response += e
else:
response += UIMessage(s.error)
return response