def add_vuln(request):
"""
:param request:
:return:
"""
scanid = None
severity_color = None
project_id = None
if request.method == 'GET':
scanid = request.GET['scan_id']
project_id = request.GET['project_id']
if request.method == 'POST':
vuln_name = request.POST.get('vuln_name')
severity = request.POST.get('vuln_severity')
vuln_url = request.POST.get('vuln_instance')
description = request.POST.get('vuln_description')
solution = request.POST.get('vuln_solution')
reference = request.POST.get('vuln_reference')
scan_id = request.POST.get('scan_id')
project_id = request.POST.get('project_id')
date_time = datetime.now()
vuln_id = uuid.uuid4()
if severity == "High":
severity_color = "danger"
elif severity == 'Medium':
severity_color = "warning"
elif severity == 'Low':
severity_color = "info"
dump_data = manual_scan_results_db(vuln_id=vuln_id,
vuln_name=vuln_name,
severity_color=severity_color,
severity=severity,
vuln_url=vuln_url,
description=description,
solution=solution,
reference=reference,
scan_id=scan_id,
project_id=project_id)
dump_data.save()
all_scan_data = manual_scan_results_db.objects.filter(scan_id=scan_id)
total_vuln = len(all_scan_data)
total_high = len(all_scan_data.filter(severity="High"))
total_medium = len(all_scan_data.filter(severity="Medium"))
total_low = len(all_scan_data.filter(severity="Low"))
manual_scans_db.objects.filter(scan_id=scan_id).update(
date_time=date_time,
total_vul=total_vuln,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
)
return HttpResponseRedirect(reverse('manual_scan:list_scan'))
return render(request, 'add_manual_vuln.html', {'scanid': scanid})
def add_vuln(request):
"""
:param request:
:return:
"""
scanid = None
severity_color = None
project_id = None
username = request.user.username
if request.method == 'GET':
scanid = request.GET['scan_id']
project_id = request.GET['project_id']
if request.method == 'POST' and request.FILES['poc']:
vuln_name = request.POST.get('vuln_name')
severity = request.POST.get('vuln_severity')
vuln_url = request.POST.get('vuln_instance')
description = request.POST.get('vuln_description')
solution = request.POST.get('vuln_solution')
reference = request.POST.get('vuln_reference')
scan_id = request.POST.get('scan_id')
project_id = request.POST.get('project_id')
pentest_type = request.POST.get('pentest_type')
poc = request.FILES['poc']
poc_description = request.POST.get('poc_description')
date_time = datetime.now()
vuln_id = uuid.uuid4()
fs = FileSystemStorage()
filename = fs.save(poc.name, poc)
uploaded_poc_url = fs.url(filename)
if severity == "High":
severity_color = "danger"
elif severity == 'Medium':
severity_color = "warning"
elif severity == 'Low':
severity_color = "info"
dump_data = manual_scan_results_db(
vuln_id=vuln_id,
vuln_name=vuln_name,
severity_color=severity_color,
severity=severity,
vuln_url=vuln_url,
description=description,
solution=solution,
reference=reference,
scan_id=scan_id,
pentest_type=pentest_type,
vuln_status='Open',
project_id=project_id,
Poc_Img=uploaded_poc_url,
poc_description=poc_description,
username=username,
)
dump_data.save()
all_scan_data = manual_scan_results_db.objects.filter(
username=username, scan_id=scan_id)
total_vuln = len(all_scan_data)
total_high = len(all_scan_data.filter(severity="High"))
total_medium = len(all_scan_data.filter(severity="Medium"))
total_low = len(all_scan_data.filter(severity="Low"))
manual_scans_db.objects.filter(username=username,
scan_id=scan_id).update(
date_time=date_time,
total_vul=total_vuln,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
username=username,
)
return HttpResponseRedirect(reverse('manual_scan:list_scan'))
return render(request, 'add_manual_vuln.html', {'scanid': scanid})
def add_vuln(request):
"""
:param request:
:return:
"""
scanid = None
severity_color = None
if request.method == 'GET':
scanid = request.GET['scan_id']
if request.method == 'POST':
vuln_name = request.POST.get('vuln_name')
# project_id = request.POST.get('project_id')
severity = request.POST.get('severity')
vuln_url = request.POST.get('vuln_url')
description = request.POST.get('description')
solution = request.POST.get('solution')
request_header = request.POST.get('request_header')
response_header = request.POST.get('response_header')
reference = request.POST.get('reference')
scan_id = request.POST.get('scan_id')
date_time = datetime.now()
vuln_id = uuid.uuid4()
if severity == "Critical":
severity_color = "important"
elif severity == "High":
severity_color = 'important'
elif severity == "Important":
severity_color = "important"
elif severity == 'Medium':
severity_color = "warning"
elif severity == 'Low':
severity_color = "info"
elif severity == 'informational':
severity_color = "info"
dump_data = manual_scan_results_db(
vuln_id=vuln_id,
vuln_name=vuln_name,
# project_id=project_id,
severity_color=severity_color,
severity=severity,
vuln_url=vuln_url,
description=description,
solution=solution,
request_header=request_header,
response_header=response_header,
reference=reference,
scan_id=scan_id
)
dump_data.save()
all_scan_data = manual_scan_results_db.objects.filter(scan_id=scan_id)
total_vuln = len(all_scan_data)
total_high = len(all_scan_data.filter(severity="High"))
total_medium = len(all_scan_data.filter(severity="Medium"))
total_low = len(all_scan_data.filter(severity="Low"))
manual_scans_db.objects.filter(scan_id=scan_id).update(
date_time=date_time,
scan_url=vuln_url,
# project_id=project_id,
total_vul=total_vuln,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
)
return HttpResponseRedirect('/manual_scan/')
return render(request,
'add_manual_vuln.html',
{'scanid': scanid})