def initialize_api(password):
config = rapid7vmconsole.Configuration(name='Rapid7')
config.username = '******'
config.password = password
config.host = ''
config.verify_ssl = False
config.assert_hostname = False
config.proxy = None
config.ssl_ca_cert = None
config.connection_pool_maxsize = None
config.cert_file = None
config.key_file = None
config.safe_chars_for_path_param = ''
# Logging
logger = logging.getLogger()
logger.setLevel(logging.DEBUG)
ch = logging.StreamHandler(sys.stdout)
ch.setLevel(logging.INFO)
logger.addHandler(ch)
config.debug = False
auth = "%s:%s" % (config.username, config.password)
auth = base64.b64encode(auth.encode('ascii')).decode()
client = rapid7vmconsole.ApiClient(configuration=config)
client.default_headers['Authorization'] = "Basic %s" % auth
return client
def generate_report():
config = rapid7vmconsole.Configuration(name='Rapid7')
config.username = '******'
config.password = '******'
config.host = 'https://localhost:3780'
config.verify_ssl = False
config.assert_hostname = False
config.proxy = None
config.ssl_ca_cert = None
config.connection_pool_maxsize = None
config.cert_file = None
config.key_file = None
config.safe_chars_for_path_param = ''
auth = "%s:%s" % (config.username, config.password)
auth = base64.b64encode(auth.encode('ascii')).decode()
client = rapid7vmconsole.ApiClient(configuration=config)
client.default_headers['Authorization'] = "Basic %s" % auth
report_client = rapid7vmconsole.ReportApi(client)
report_id = create_report_sql(report_client, 'Assets',
'select * from dim_asset')
print(report_id)
report_instance_id = run_report(report_client, report_id)
print(report_instance_id)
report = download_report(report_client, report_id, report_instance_id)
print(report)
delete_report(report_client, report_id)
def __init__(self):
self.nexpose_config = rapid7vmconsole.Configuration(name='Scanner')
self.nexpose_config.username = config['USERNAME']
self.nexpose_config.password = config['PASSWORD']
self.nexpose_config.host = config['HOST']
self.nexpose_config.assert_hostname = False
self.nexpose_config.verify_ssl = False
self.nexpose_config.ssl_ca_cert = None
self.nexpose_config.connection_pool_maxsize = None
self.nexpose_config.proxy = None
self.nexpose_config.cert_file = None
self.nexpose_config.key_file = None
self.nexpose_config.safe_chars_for_path_param = ''
auth_token = f'{config["USERNAME"]}:{config["PASSWORD"]}'
auth_token = base64.b64encode(auth_token.encode('ascii')).decode()
api_client = rapid7vmconsole.ApiClient(
configuration=self.nexpose_config)
api_client.default_headers['Authorization'] = f'Basic {auth_token}'
self.nexpose_admin = rapid7vmconsole.AdministrationApi(api_client)
self.nexpose = rapid7vmconsole.ScanApi(api_client)
self.nexpose_site = rapid7vmconsole.SiteApi(api_client)
self.nexpose_assets = rapid7vmconsole.AssetApi(api_client)
self.nexpose_report = rapid7vmconsole.ReportApi(api_client)
self.storage_service = StorageService()
from __future__ import print_function import sys sys.path.append(r'/opt/bmc/rapid7/vm-console-client-python') import rapid7vmconsole import base64 import logging import sys import time import json import re from rapid7vmconsole.rest import ApiException from pprint import pprint config = rapid7vmconsole.Configuration(name='Rapid7') config.username = '******'******' config.host = 'https://<RAPID7-FQDN>:<PORT>' config.verify_ssl = False config.assert_hostname = False config.proxy = None config.ssl_ca_cert = None config.connection_pool_maxsize = None config.cert_file = None config.key_file = None config.safe_chars_for_path_param = '' # Logging logger = logging.getLogger() logger.setLevel(logging.DEBUG)
#!/usr/bin/env python3
import base64
import rapid7vmconsole
from bs4 import BeautifulSoup
from terminaltables import AsciiTable, SingleTable, DoubleTable
config = {
'HOST': 'https://life.do:3780',
'USERNAME': '',
'PASSWORD': ''
}
nexpose_config = rapid7vmconsole.Configuration(name='Scanner')
nexpose_config.username = config['USERNAME']
nexpose_config.password = config['PASSWORD']
nexpose_config.host = config['HOST']
nexpose_config.assert_hostname = False
nexpose_config.verify_ssl = False
nexpose_config.ssl_ca_cert = None
nexpose_config.connection_pool_maxsize = None
nexpose_config.proxy = None
nexpose_config.cert_file = None
nexpose_config.key_file = None
nexpose_config.safe_chars_for_path_param = ''
auth = f'{config["USERNAME"]}:{config["PASSWORD"]}'
auth = base64.b64encode(auth.encode('ascii')).decode()
api_client = rapid7vmconsole.ApiClient(configuration=nexpose_config)
def generate_report():
config = rapid7vmconsole.Configuration(name='Rapid7')
#There is no OAuth. We know this is dumb. For demo purposes
config.username = '******'
config.password = '******'
config.host = '<insert field>'
config.verify_ssl = False
config.assert_hostname = False
config.proxy = None
config.ssl_ca_cert = None
config.connection_pool_maxsize = None
config.cert_file = None
config.key_file = None
config.safe_chars_for_path_param = ''
auth = "%s:%s" % (config.username, config.password)
auth = base64.b64encode(auth.encode('ascii')).decode()
client = rapid7vmconsole.ApiClient(configuration=config)
client.default_headers['Authorization'] = "Basic %s" % auth
report_client = rapid7vmconsole.ReportApi(client)
report_id = create_report_sql(
report_client, 'vulnReport', '''
select da.asset_id, da.mac_address, da.ip_address, das.port, dv.vulnerability_id,
dv.title, dv.description, dv.severity, dv.cvss_score, dv.exploits, dv.nexpose_id
from fact_asset_vulnerability_finding as fpr
join dim_vulnerability as dv on fpr.vulnerability_id = dv.vulnerability_id
join dim_asset as da on fpr.asset_id = da.asset_id
join dim_asset_service as das on fpr.asset_id = das.asset_id''')
#print(report_id)
report_instance_id = run_report(report_client, report_id)
#print(report_instance_id)
report = download_report(report_client, report_id, report_instance_id)
with open('nexpose_vul_report1.txt', 'w') as f:
f.write(report)
reader = csv.DictReader(StringIO(report))
reader.next()
critical_vulns = []
for row in reader:
try:
if float(row['cvss_score']) > 9.5 and int(row['exploits']) >= 1:
critical_vulns.append(row)
except Exception as e:
print(e)
"""with open('test', 'w') as a:
vulnCount = 0
for row in reader:
try:
if float(row['cvss_score']) > 9.5 and int(row['exploits']) >= 1:
a.write(json.dumps(row, indent=4))
vulnCount += 1
except Exception as e:
print(e)
print(vulnCount) """
delete_report(report_client, report_id)
return critical_vulns
