def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposeExploits(reporto):
		for key, val in dic.iteritems():
			if key == request.fields['vulnid'] and val[1] == 'metasploit':
				e = NexposeMetasploitModule(val[0],
						exploittype=val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	vulnid=key)

				e += Label('Metasploit Module URL', val[2])
				e += Label('Skill Level', val[3])
				response += e
				
	return response
	nexlogout(session)
Esempio n. 2
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeVulns(reporto):
        for key, val in dic.iteritems():
            e = NexposeVulnerability(val[0],
                                     siteid=siteid,
                                     scanid=request.fields['scanid'],
                                     vulnid=key)

            e += Label('cvss Score', val[2])
            e += Label('Severity', val[1])
            response += e

    return response
    nexlogout(session)
Esempio n. 3
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeExploits(reporto):
        for key, val in dic.iteritems():
            if key == request.fields['vulnid'] and val[1] == 'exploitdb':
                e = NexposeEDBExploit(val[0],
                                      exploittype=val[1],
                                      siteid=siteid,
                                      scanid=request.fields['scanid'],
                                      vulnid=key)

                e += Label('Exploit DB URL', val[2])
                e += Label('Skill Level', val[3])
                response += e

    return response
    nexlogout(session)
Esempio n. 4
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposePort(reporto):
		for key, val in dic.iteritems():
			response += Port(key,
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	protocol=val[0],
                    	status=val[1])

	return response
	nexlogout(session)
Esempio n. 5
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposeServiceVer(reporto):
		for key, val in dic.iteritems():
			if key == request.value and len(val) == 3:
				response += ServiceVersion(val[0] + '-' + val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value,
                    	certainty=val[2])
			elif key == request.value and len(val) == 2:
				response += ServiceVersion(val[0] + '-' + val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value)
			elif key == request.value and len(val) == 1:
				response += ServiceVersion(val[0],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value)

	return response
	nexlogout(session)
Esempio n. 6
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeServiceVer(reporto):
        for key, val in dic.iteritems():
            if key == request.value and len(val) == 3:
                response += ServiceVersion(val[0] + '-' + val[1],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value,
                                           certainty=val[2])
            elif key == request.value and len(val) == 2:
                response += ServiceVersion(val[0] + '-' + val[1],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value)
            elif key == request.value and len(val) == 1:
                response += ServiceVersion(val[0],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value)

    return response
    nexlogout(session)
Esempio n. 7
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposePortTests(reporto):
		for key, val in dic.iteritems():
			if request.value == key:
				for key1, val1 in val.iteritems():
					test = key1
					for dic in nexposeVulns(reporto):
						for key2, val2 in dic.iteritems():
							if test == key2:
								e = NexposeVulnerability(val2[0],
                    				siteid=siteid,
                    				scanid=request.fields['scanid'],
                    				vulnid=key2)

								e += Label('cvss Score', val2[2])
								e += Label('Severity', val2[1])
								response += e
			else:
				pass

	return response
	nexlogout(session)