def test_project_hostlist(): """test project hostlist""" pidb = ParsedItemsDb() pidb.hosts.upsert(ParsedHost(address='127.0.2.1')) pidb.hosts.upsert(ParsedHost(address='::1')) ctx = Context(data=pidb) ctx = project_hostlist(ctx) expected = ['127.0.2.1', '::1'] assert ctx.data == expected
def upsert(pidb, data): host = ParsedHost(address=data['address']) service = ParsedService(host_handle=host.handle, proto='tcp', port=data['port'], state='open:nc') pidb.hosts.upsert(host) pidb.services.upsert(service) return pidb
def _parse_host(ihost): """parse host""" host = ParsedHost(address=ihost.address) cpe_note = None if ihost.hostnames: host.hostnames = list(set(ihost.hostnames)) if not host.hostname: host.hostname = host.hostnames[0] for osmatch in ihost.os_match_probabilities(): if osmatch.accuracy == 100: host.os = osmatch.name cpe_note = ParsedNote(host_handle=host.handle, xtype='cpe', data=json.dumps(osmatch.get_cpe())) return host, cpe_note
def test_project_servicelist(): """test project servicelist""" pidb = ParsedItemsDb() host = ParsedHost(address='127.0.2.1') pidb.hosts.upsert(host) pidb.services.upsert( ParsedService(host_handle=host.handle, proto='tcp', port='1')) host = ParsedHost(address='::1') pidb.hosts.upsert(host) pidb.services.upsert( ParsedService(host_handle=host.handle, proto='tcp', port='1')) ctx = Context(data=pidb) ctx = project_servicelist(ctx) expected = ['tcp://127.0.2.1:1', 'tcp://[::1]:1'] assert ctx.data == expected
def test_filter_tarpits(app): # pylint: disable=unused-argument """test filter tarpits""" pidb = ParsedItemsDb() host = ParsedHost(address='127.0.3.1') pidb.hosts.upsert(host) pidb.services.upsert( ParsedService(host_handle=host.handle, proto='tcp', port=1)) host = ParsedHost(address='127.0.4.1') pidb.hosts.upsert(host) for port in range(201): pidb.services.upsert( ParsedService(host_handle=host.handle, proto='tcp', port=port)) ctx = Context(job=Job(id='atestjobid'), data=pidb) ctx = filter_tarpits(ctx) assert len(ctx.data.hosts) == 1 assert len(ctx.data.services) == 1
def parse_path(cls, path): """parse path and returns list of hosts/addresses""" pidb = ParsedItemsDb() with ZipFile(path) as fzip: for fname in filter(lambda x: re.match(cls.ARCHIVE_PATHS, x), fzip.namelist()): for addr in file_from_zip(path, fname).decode('utf-8').splitlines(): pidb.hosts.upsert(ParsedHost(address=addr)) return pidb
def _parse_host(cls, report_item): """parse host data from report item""" host = ParsedHost(address=report_item['host-ip']) hostnames = [] if 'host-fqdn' in report_item: hostnames.append(report_item['host-fqdn']) # host-rdns might contain address if ('host-rdns' in report_item) and (not cls.is_addr( report_item['host-rdns'])): hostnames.append(report_item['host-rdns']) hostnames = list(set(hostnames)) if hostnames: host.hostnames = hostnames if not host.hostname: host.hostname = host.hostnames[0] if 'operating-system' in report_item: host.os = report_item['operating-system'] return host
def parse_path(path): """parse data from path""" pidb = ParsedItemsDb() data = json.loads(file_from_zip(path, 'output.json')) for addr, via in data.items(): host = ParsedHost(address=addr) note = ParsedNote(host_handle=host.handle, xtype='six_dns_discover.via', data=json.dumps(via)) pidb.hosts.upsert(host) pidb.notes.upsert(note) return pidb
def test_run_group(app): # pylint: disable=unused-argument """test run steps by group definition""" current_app.config['SNER_PLANNER']['step_groups'] = { 'a_test_group': [{ 'step': 'project_servicelist' }] } pidb = ParsedItemsDb() host = ParsedHost(address='127.0.3.1') service = ParsedService(host_handle=host.handle, proto='tcp', port=1) pidb.hosts.upsert(host) pidb.services.upsert(service) ctx = Context(job=Job(id='atestjobid'), data=pidb) ctx = run_group(ctx, 'a_test_group') assert ctx.data == ['tcp://127.0.3.1:1']
def _parse_data(data): """parse raw string data""" pidb = ParsedItemsDb() host = None service = None via_target = None note = None for line in data.splitlines(): if line.startswith('Domain:'): via_target = line.split(' ')[-1] if line.startswith('Resolved IP:'): address = line.split(' ')[-1] host = ParsedHost(address=address) if host and line.startswith('Port:'): port = line.split(' ')[-1] service = ParsedService(host_handle=host.handle, proto='tcp', port=port) if service and line.startswith('JARM:'): jarm = line.split(' ')[-1] if jarm != '00000000000000000000000000000000000000000000000000000000000000': note = ParsedNote(host_handle=host.handle, service_handle=service.handle, via_target=via_target, xtype='jarm.fp', data=jarm) if host and service and note: pidb.hosts.upsert(host) pidb.services.upsert(service) pidb.notes.upsert(note) return pidb