def list_scans(self): self.tasks = self.gmp.get_tasks() task_names = self.tasks.xpath('task/name/text()') print("Available scan names from openvas") pretty_print(task_names) return task_names
def get_task(gmp, task_id): """ Retrieve a task from the tasks pool Examples ----- curl -d '{"id":"task_id"}' -H "Content-Type: application/json" -X POST http://localhost:5000/getTask Parameters ---------- gmp The connection created by create_connection() task_id The task's id to retrieve :return: the task """ task = gmp.get_task(task_id) tree = ET.fromstring(task) pretty_print(task) task_name = tree.find('task/name').text task_target_id = tree.find('task/target').attrib['id'] task_scanner_id = tree.find('task/scanner').attrib['id'] task_config_id = tree.find('task/config').attrib['id'] task_comment = tree.find('task/comment').text return task_name, task_target_id, task_scanner_id, task_config_id, task_comment
def get_task(self, id, username, password): try: with self.gmp: self.gmp.authenticate(username, password) reponse = self.gmp.get_task(id) pretty_print(reponse) except GvmError as e: print(e)
def get_target_name(inputxml): xmlstr = ElementTree.tostring(inputxml, encoding='utf8', method='xml') regexid = re.findall(r'\<target id="[0-9a-z-]*', xmlstr.decode('utf8')) target_id = regexid[0][:12] with Gmp(connection, transform=transform) as gmp: gmp.authenticate(user, password) result = gmp.get_target(target_id) pretty_print(result) return regexid[0][:12]
def get_tasks(self, username, password): try: with self.gmp: self.gmp.authenticate(username, password) response = self.gmp.get_tasks() for task in response.xpath('task'): pretty_print(task.xpath('@id')) except GvmError as e: print(e)
def create_task(self, task_name, config_id, target_id, scanner_id, username, password): try: with self.gmp: self.gmp.authenticate(username, password) response = self.gmp.create_task( task_name, config_id, target_id, scanner_id) pretty_print(response) id = response.xpath('@id') return id[0] except GvmError as e: print(e) return 'bad'
def exportReports(): ''' This will add a target to the list and start the sca of the targets ''' with Gmp(connection) as gmp: # Login gmp.authenticate(config['DEFAULT']['username'], config['DEFAULT']['password']) #Get the CSV report type reportFormatID = "" report_format = gmp.get_report_formats() report_root = ET.fromstring(report_format) for report in report_root: report.tag == "report_format" for report_format in report: if report_format.text == 'CSV result list.': reportFormatID = report.attrib.get('id') #reportFromatData = gmp.get_report_format(reportFormatID) #pretty_print(reportFromatData) getReports = [] allreports = gmp.get_reports() allreports_root = ET.fromstring(allreports) for report in allreports_root: if report.tag == 'report': for onereport in report: if onereport.tag == 'report': pretty_print(onereport) print(report.attrib) getReports.append(report.attrib.get('id')) #Get out the reports and get them as csv files to use for reportID in getReports: print("################{0}".format(reportID)) reportscv = gmp.get_report(reportID, report_format_id=reportFormatID, filter="apply_overrides=0 min_qod=70", ignore_pagination=True, details=True) #pretty_print(reportscv) obj = untangle.parse(reportscv) resultID = obj.get_reports_response.report['id'] base64CVSData = obj.get_reports_response.report.cdata data = str(base64.b64decode(base64CVSData), "utf-8") #print(data) #Write the result to file #Check if we have already process the result if the skip if haveThisBeanDone(resultID): writeResultToFile(resultID, data)
def createSchedule(gmp, scheduleName, scheduleComment, period, duration): t = gmp.create_schedule(name=scheduleName, comment=scheduleComment, first_time_day_of_month="1", first_time_hour="0", first_time_minute="0", first_time_month="1", first_time_year="2019", period=period, period_unit="day", duration=duration, duration_unit="hour") pretty_print(t)
def test_pretty_print_with_string_to_stdout(self, mock_stdout): xml_str = '<test><this><with id="a">and text</with></this></test>' expected_xml_string = ("<test>\n" " <this>\n" ' <with id="a">and text</with>\n' " </this>\n" "</test>\n") pretty_print(xml_str, sys.stdout) xml_string = mock_stdout.getvalue() self.assertEqual(xml_string, expected_xml_string)
def test_pretty_print_to_stdout(self, mock_stdout): xml_str = '<test><this><with id="a">and text</with></this></test>' elem = secET.fromstring(xml_str) expected_xml_string = ('<test>\n' ' <this>\n' ' <with id="a">and text</with>\n' ' </this>\n' '</test>\n') pretty_print(elem, sys.stdout) xml_string = mock_stdout.getvalue() self.assertEqual(xml_string, expected_xml_string)
def create_task(gmp, task_name, target_id, scanner_id="08b69003-5fc2-4037-a479-93b440211c73", config_id="daba56c8-73ec-11df-a475-002264764cea", task_comment=""): """ Creates a scanning task for a target or targets (depending on how many hosts the target contains) Examples ----- curl -d '{"name":"Task name", "id":"target_id_value"}' -H "Content-Type: application/json" -X POST http://localhost:5000/createTask Parameters ---------- gmp The connection created by create_connection() task_name A task name must be given task_comment A task comment may be given (notes, details etc) OPTIONAL target_id The target_id from the targets pool scanned_id The type of scanner. OpenVAS scanner is the default OPTIONAL config_id The scan's configuration file OPTIONAL :return: The task id of the newly created task """ task = gmp.create_task(name=task_name, comment=task_comment, target_id=target_id, scanner_id=scanner_id, config_id=config_id) pretty_print(task) tree = ET.fromstring(task) task_id = (tree.attrib['id']) return task_id
def test_pretty_print_with_string(self): xml_str = '<test><this><with id="a">and text</with></this></test>' expected_xml_string = ("<test>\n" " <this>\n" ' <with id="a">and text</with>\n' " </this>\n" "</test>\n") stringio = StringIO() pretty_print(xml_str, file=stringio) xml_string = stringio.getvalue() self.assertEqual(xml_string, expected_xml_string)
def test_pretty_print_with_string(self): xml_str = '<test><this><with id="a">and text</with></this></test>' # elem = secET.fromstring(xml_str) expected_xml_string = ('<test>\n' ' <this>\n' ' <with id="a">and text</with>\n' ' </this>\n' '</test>\n') stringio = StringIO() pretty_print(xml_str, file=stringio) xml_string = stringio.getvalue() self.assertEqual(xml_string, expected_xml_string)
def delete_all_targets(self, username, password): try: with self.gmp: self.gmp.authenticate(username, password) response = self.gmp.get_targets() for target in response.xpath('target'): target_id = target.xpath('@id')[0] response = self.gmp.delete_target(target_id) pretty_print(response) result = {'status': 'good'} return result except GvmError as e: print(e) result = {'status': 'bad'} return result
def test_pretty_print_to_file(self): xml_str = '<test><this><with id="a">and text</with></this></test>' elem = secET.fromstring(xml_str) expected_xml_string = ('<test>\n' ' <this>\n' ' <with id="a">and text</with>\n' ' </this>\n' '</test>\n') with open('test.file', 'w') as f: pretty_print(elem, file=f) with open('test.file', 'r') as f: xml_string = f.read() self.assertEqual(xml_string, expected_xml_string)
def test_pretty_print_to_file(self): xml_str = '<test><this><with id="a">and text</with></this></test>' elem = secET.fromstring(xml_str) expected_xml_string = ("<test>\n" " <this>\n" ' <with id="a">and text</with>\n' " </this>\n" "</test>\n") with open("test.file", "w", encoding="utf-8") as f: pretty_print(elem, file=f) with open("test.file", "r", encoding="utf-8") as f: xml_string = f.read() self.assertEqual(xml_string, expected_xml_string)
def test_pretty_print_with_dict_str(self): xml_str = '<test><this><with id="a">and text</with></this></test>' no_xml = "</test>" elem = secET.fromstring(xml_str) expected_xml_string = ("<test>\n" " <this>\n" ' <with id="a">and text</with>\n' " </this>\n" "</test>\n" "</test>\n") stringio = StringIO() pretty_print([elem, no_xml], file=stringio) xml_string = stringio.getvalue() self.assertEqual(xml_string, expected_xml_string)
def scan(self, scan_name, target): print(f'[{self.name}] Scan Name: {scan_name}') address = self._get_address(target) # Creating Target target_response = self.gmp.create_target(name=scan_name, hosts=[address]) # print('target_response') pretty_print(target_response) target_id = target_response.get('id') if not target_id: print(f'[{self.name}] could not able to create target: ', target_response.get('status_text')) return False # target_id = '69ca3c65-af09-48b8-bb3a-59e2e6cccb96' print(f'[{self.name}] Target Created: {target_id}') scan_data = self.storage_service.get_by_name(scan_name) if not scan_data: scan_data = { 'scan_name': scan_name, 'scan_id': '', 'target': target, 'status': '' } self.storage_service.add(scan_data) scan_data['OPENVAS'] = { 'openvas_id': target_id, 'target_id': target_id, 'scan_status': { 'status': 'INPROGRESS' } } self.storage_service.update_by_name(scan_name, scan_data) time.sleep(4) self._create_report(scan_name) return scan_data
def get_all_targets(gmp): """ Retrieves all previously created targets that can be used to create tasks (the targets pool) Examples ------- curl -X GET 'http://localhost:5000/getAllTargets' Parameters ---------- gmp The connection created by create_connection() :return: All the created targets """ all_targets = {} targets_list = [] temp_target = {} targets = gmp.get_targets() tree = ET.fromstring(targets) pretty_print(all_targets) for name in tree.findall('target'): target_name = name.find('name').text # print(target_name) target_id = name.attrib['id'] temp_target['name'] = target_name temp_target['id'] = target_id # print(temp_target) targets_list.append(temp_target) temp_target = {} # print(targets_list) all_targets['targets'] = targets_list return all_targets
def create_target(self, target_name, targets_list, username, password): try: with self.gmp: self.gmp.authenticate(username, password) response = self.gmp.create_target( target_name, hosts=targets_list,alive_test=AliveTest.CONSIDER_ALIVE) pretty_print(response) if(response.xpath("@status_text")[0] == 'Target exists already'): with self.gmp: self.gmp.authenticate(username, password) response = self.gmp.get_targets( filter="name={0}".format(target_name)) target_id = response.xpath('target/@id')[0] return target_id else: id = response.xpath('@id')[0] return id except GvmError as e: print(e) return 'bad'
def create_target(gmp, hosts, target_name, target_comment="", port_list=None): """ Creates a target that needs to be scanned Examples ----- curl -d '{"name":"Target_name_value", "hosts:["IP1","IP2","subnet1"]}' -H "Content-Type: application/json" -X POST http://localhost:5000/createTarget Parameters ---------- gmp The connection created by create_connection() hosts A list that contain a host, a subnet or multiple hosts target_name A target name must be given target_comment A target comment (notes, details etc) OPTIONAL :return: The target id of the newly created target """ target = gmp.create_target(name=target_name, hosts=hosts, comment=target_comment, port_list_id=port_list) pretty_print(target) tree = ET.fromstring(target) target_id = (tree.attrib['id']) print(target_id) return target_id
def scan(target_name, ipList, config_id): thread_list = [] connection = UnixSocketConnection() transform = EtreeTransform() with Gmp(connection, transform=transform) as gmp: gmp.authenticate('scanner', 'scanner') # #target creation custome_port_table(ipList) #target creation with custome port list with open("ports/ports.txt", "r") as f: inhoud2 = f.read() #Creating a new portlist portListName = target_name.replace( ' ', '-').lower() + "_" + datetime.now().strftime("%d/%m/%Y_%H:%M:%S") superCooleLijst = gmp.create_port_list(portListName, inhoud2) pretty_print(superCooleLijst) superCooleLijstID = get_id(superCooleLijst) target = gmp.create_target(target_name, hosts=ipList, port_list_id=superCooleLijstID) target_id = get_id(target) # task creation # arguments: target_name, config_id, target_id, scanner_id task = gmp.create_task(target_name, config_id, target_id, '08b69003-5fc2-4037-a479-93b440211c73') task_id = get_id(task) #task start gmp.start_task(task_id) return task_id #for cli version (old) print("task started succesfully!")
def exportReports(filterID, filterString, optPagination, optDetails, optRewrite, taskName, genPDF): print('Loading previously completed reports data') ranReports = readRanReportsFile(taskName) #connect to our host as defined in the config file print("Trying to connect to: '", config['DEFAULT']['host'], "' on port: '", config['DEFAULT']['port'], "'") connection = SSHConnection(hostname=config['DEFAULT']['host'], timeout=18000) if config['DEFAULT']['port']: connection = SSHConnection(hostname=config['DEFAULT']['host'], port=config['DEFAULT']['port'], timeout=18000) print('Starting report processing') with Gmp(connection) as gmp: # Login print("Attempting to authenticate") gmp.authenticate(config['DEFAULT']['username'], config['DEFAULT']['password']) print('Connected to:', config['DEFAULT']['host']) #Get the CSV report format ID. We use CSV as the base format to transform into json reportFormatID = "c1645568-627a-11e3-a660-406186ea4fc5" #holds the format id for CSV report_format = gmp.get_report_formats() report_root = ET.fromstring(report_format) for report in report_root: report.tag == "report_format" for report_format in report: if report_format.text == 'CSV result list.': reportFormatID = report.attrib.get('id') getReports = [] #array of reportIDs print('Getting reports') allreports = gmp.get_reports( filter=taskName, details=0 ) #we only need the reportID so minimize the data returned print('Retreived reports') allreports_root = ET.fromstring(allreports) print("Fetched the following scans from %s" % (config['DEFAULT']['host'])) for report in allreports_root: if report.tag == 'report': for onereport in report: if onereport.tag == 'report': pretty_print(onereport) print(report.attrib) getReports.append(report.attrib.get('id')) #Step through the reportID list and grab them as csv files for reportID in getReports: print("Processing Report ID: {0}".format(reportID)) # we have a reportID. Check to see if it matches any existing reports already written to disk # if it does then we can skip this one. Note: we make sure filterID is null because we # only need to do the hashing once. if filterString and not filterID: # we need a consistent identify for this string so hashes to the rescue # we are going to reuse the filterID variable to hold it sha_1 = hashlib.sha1() #instantiate hash sha_1.update( filterString.encode('utf-8') ) #hash the string being sure to use proper encoding filterID = sha_1.hexdigest() #return the hash as a hex string # we use the filterID and the reportID to create a key for the ranReports dict. If it exists then skip # that report unless we are over writing (or regenerating) reports. ranReportsKey = filterID + reportID if ranReportsKey in ranReports and not optRewrite: print("This report was processed on %s" % (ranReports[ranReportsKey])) continue if filterString: #if they are using a custom filter string entered on the CLI reportscv = gmp.get_report(reportID, filter=filterString, report_format_id=reportFormatID, ignore_pagination=optPagination, details=optDetails) else: reportscv = gmp.get_report(reportID, filter_id=filterID, report_format_id=reportFormatID, ignore_pagination=optPagination, details=optDetails) obj = untangle.parse(reportscv) resultID = obj.get_reports_response.report['id'] base64CVSData = obj.get_reports_response.report.cdata data = str(base64.b64decode(base64CVSData), "utf-8") #Write the result to file writeResultToFile(resultID, data, filterID, filterString, taskName, genPDF, gmp, optPagination, optDetails)
def get_version(self): # Retrieve current GMP version version = self.gmp.get_version() # Prints the XML in beautiful form pretty_print(version)
def main(argv): filterID = '' filterString = '' taskName = '' pagination = True details = True rewriteReports = False configSuffix = 'ini' genPDF = False try: opts, args = getopt.getopt(argv, "hpdf:s:oi:t:P") except getopt.GetoptError: print('getReport.py -t taskname [string]') print(' -f <filter id> [string]') print(' -i config file sufix [string]') print(' -d disable details') print(' -p enable pagination') print(' -s custom filter string [string]') print(' -o overwrite previously processed reports') print(' -P generate PDF file of results') pretty_print(getopt.GetoptError) sys.exit(2) #end except for opt, arg in opts: if opt == '-h': print('getReport.py -t taskname') print(' -f <filter id>') print(' -i config file sufix [string]') print(' -d disable details') print(' -p enable pagination') print(' -s custom filter string') print(' -o over write previously processed reports') print(' -P generate PDF file of results') sys.exit() elif opt == '-t': taskName = arg.strip() elif opt == '-f': filterID = arg elif opt == '-p': pagination = False elif opt == '-d': details = False elif opt == '-s': filterString = arg elif opt == '-o': rewriteReports = True elif opt == '-i': configSuffix = arg elif opt == '-P': genPDF = True #end for configFile = './config/config.' + configSuffix config.sections() if os.path.isfile(configFile): try: config.read(configFile) except: print('Cannot open config file at', configFile) sys.exit() else: print('Config file does not exist at', configFile) sys.exit() if filterID and filterString: print('-f and -s are mutually exclusive. Please use one or the other.') sys.exit() print('Getting Ibex configuration from', configFile) if details: print('Details enabled') else: print('Details disabled') if pagination: print('Ignore pagination enabled') else: print('Ignore pagaination disabled') if filterID: print('Running reports with filter: ', filterID) else: print('Running reports with no filter id') if filterString: print('Running custom report with filter: ', filterString) exportReports(filterID, filterString, pagination, details, rewriteReports, taskName, genPDF)
from gvm.connections import UnixSocketConnection from gvm.protocols.gmp import Gmp from gvm.transforms import EtreeTransform from gvm.xml import pretty_print connection = UnixSocketConnection() transform = EtreeTransform() with Gmp(connection, transform=transform) as gmp: # Retrieve GMP version supported by the remote daemon version = gmp.get_version() # Prints the XML in beautiful form pretty_print(version) # Login gmp.authenticate('admin', '24dd0dc1-0d00-4182-b21e-48ce4f142006') # Retrieve all tasks tasks = gmp.get_tasks() # Get names of tasks task_names = tasks.xpath('task/name/text()') # get targets target_id = tasks.xpath('task/target/@id')[0] target = gmp.get_target(target_id) pretty_print(target)
def test_pretty_print_type_error(self): xml_str = '<test><this><with id="a">and text</with></this></test>' elem = secET.fromstring(xml_str) with self.assertRaises(TypeError): pretty_print(elem, file='string')
scan_result['description'] = '' # vuln.get('description') scan_result['solution'] = 'N/A' scan_result['reported_by'] = 'OpenVAS' scan_results[name] = scan_result return scan_results connection = UnixSocketConnection(path='/var/run/openvasmd.sock') transform = EtreeTransform() gmp = Gmp(connection, transform=transform) # Retrieve GMP version supported by the remote daemon version = gmp.get_version() # Prints the XML in beautiful form pretty_print(version) # Login gmp.authenticate('admin', 'admin') name = 'name-5' ip_address = 'scanme.nmap.org' # ip_address = 'webscantest.com' # ip_address = 'slack.com' # response = gmp.create_target(name=name, hosts=[ip_address]) # pretty_print(response) # target_id = response.get('id') # print('target_id: ', target_id) # target_id = 'b7b3b26d-5e19-482c-a1b5-d5c46b89edaa' target_id = '69ca3c65-af09-48b8-bb3a-59e2e6cccb96'
def main(): do_not_run_as_root() parser = create_parser(description=HELP_TEXT, logfilename='gvm-cli.log') parser.add_protocol_argument() parser.add_argument('-X', '--xml', help='XML request to send') parser.add_argument('-r', '--raw', help='Return raw XML', action='store_true', default=False) parser.add_argument( '--pretty', help='Pretty format the returned xml', action='store_true', default=False, ) parser.add_argument('--duration', action='store_true', help='Measure command execution time') parser.add_argument('infile', nargs='?', help='File to read XML commands from.') args = parser.parse_args() # If timeout value is -1, then the socket has no timeout for this session if args.timeout == -1: args.timeout = None if args.xml is not None: xml = args.xml else: try: xml = _load_infile(args.infile) except IOError as e: print(e, file=sys.stderr) sys.exit(1) # If no command was given, program asks for one if len(xml) == 0: xml = input() try: validate_xml_string(xml) except GvmError as e: print(e, file=sys.stderr) sys.exit(1) connection = create_connection(**vars(args)) if args.raw: transform = None else: transform = CheckCommandTransform() if args.protocol == PROTOCOL_OSP: protocol_class = Osp else: protocol_class = Gmp try: with protocol_class(connection, transform=transform) as protocol: if args.protocol == PROTOCOL_GMP: # Ask for password if none are given authenticate(protocol, args.gmp_username, args.gmp_password) if args.duration: starttime = time.time() result = protocol.send_command(xml) if args.duration: duration = time.time() - starttime print(f'Elapsed time: {duration} seconds') elif args.pretty: pretty_print(result) else: print(result) except Exception as e: # pylint: disable=broad-except logger.error(e) sys.exit(1) sys.exit(0)
from gvm.connections import TLSConnection from gvm.protocols.gmp import Gmp from gvm.transforms import EtreeTransform from gvm.xml import pretty_print connection = TLSConnection(hostname='127.0.0.1', port=9390) transform = EtreeTransform() with Gmp(connection, transform=transform) as gmp: # Retrieve GMP version supported by the remote daemon version = gmp.get_version() # Prints the XML in beautiful form pretty_print(version) # Login gmp.authenticate('admin', 'admin') # Retrieve all tasks tasks = gmp.get_tasks() # Get names of tasks task_names = tasks.xpath('task/name/text()') pretty_print(task_names)