def demarrerScanPlannifie(request, id_scan):
cursor = connection.cursor()
cursor.execute(
'SELECT ip_hote FROM scan_plannifie_hote WHERE id_scan_plannifie=%s',
[id_scan])
liste_ip = dictfetchall(cursor)
tableau_ip = []
for ip in liste_ip:
tableau_ip.append(ip['ip_hote'])
del liste_ip
cursor.execute(
'SELECT id_application FROM scan_plannifie_application WHERE id_scan_plannifie=%s',
[id_scan])
liste_id_appli = dictfetchall(cursor)
for id_appli in liste_id_appli:
cursor.execute(
'SELECT ip FROM application_hote WHERE id_application=%s',
[id_appli['id_application']])
liste_ip_appli = dictfetchall(cursor)
for adresse in liste_ip_appli:
if (adresse['ip'] in tableau_ip) == False:
tableau_ip.append(adresse['ip'])
cursor.close()
try:
conn = socketTCP()
data = {
'action': 'addScan',
'parametres': {
'cibles': tableau_ip,
'id_scan': id_scan,
'type_scan': 'plannifie'
}
}
conn.envoyer(json.dumps(data))
rep = conn.recevoir()
conn.fermer()
if rep != 'done':
return HttpResponse(status=500)
return redirect('scans:status_scans')
except:
return HttpResponse(status=500)
def getStatusScans(request):
'''
Affiche le status de l'ensemble des scans démarrés
'''
try:
conn = socketTCP()
data = {'action': 'listeScan'}
conn.envoyer(json.dumps(data))
rep = conn.recevoir()
conn.fermer()
return json.loads(rep)
except Exception as e:
return HttpResponse(status=400)
def getStatusScans(request):
'''
Affiche le status de l'ensemble des scans démarrés
'''
try:
conn=socketTCP()
data={'action':'listeScan'}
conn.envoyer(json.dumps(data))
rep=conn.recevoir()
conn.fermer()
return json.loads(rep)
except Exception as e:
return HttpResponse(status=400)
def demarrerScanPlannifie(request,id_scan):
cursor=connection.cursor()
cursor.execute('SELECT ip_hote FROM scan_plannifie_hote WHERE id_scan_plannifie=%s',[id_scan])
liste_ip=dictfetchall(cursor)
tableau_ip=[]
for ip in liste_ip:
tableau_ip.append(ip['ip_hote'])
del liste_ip
cursor.execute('SELECT id_application FROM scan_plannifie_application WHERE id_scan_plannifie=%s',[id_scan])
liste_id_appli=dictfetchall(cursor)
for id_appli in liste_id_appli:
cursor.execute('SELECT ip FROM application_hote WHERE id_application=%s',[id_appli['id_application']])
liste_ip_appli=dictfetchall(cursor)
for adresse in liste_ip_appli:
if (adresse['ip'] in tableau_ip)==False:
tableau_ip.append(adresse['ip'])
cursor.close()
try:
conn=socketTCP()
data={'action':'addScan',
'parametres':{
'cibles':tableau_ip,
'id_scan':id_scan,
'type_scan':'plannifie'}
}
conn.envoyer(json.dumps(data))
rep=conn.recevoir()
conn.fermer()
if rep!='done':
return HttpResponse(status=500)
return redirect('scans:status_scans')
except:
return HttpResponse(status=500)
def __init__(self, client, srv, lock):
Thread.__init__(self)
self.client = socketTCP(client)
self.srv = srv
self.lock = lock
def __init__(self, client,srv,lock):
Thread.__init__(self)
self.client=socketTCP(client)
self.srv=srv
self.lock=lock
def ajoutScanManuel(request, ip=None):
cursor = connection.cursor()
cursor.execute('SELECT DISTINCT(ip) FROM hotes ORDER BY ip')
liste_ip = dictfetchall(cursor)
cursor.execute('SELECT nom,id FROM application')
liste_appli = dictfetchall(cursor)
error_nessus = {'indisponible': False, 'policy': False}
try:
ScannerNessus = Nessus()
ScannerNessus.connexion()
dict_policies = ScannerNessus.listePolicies()
liste_policies = dict_policies['policies']
ScannerNessus.deconnexion()
except:
error_nessus['indisponible'] = True
liste_policies = []
error_nessus['policy'] = True if len(liste_policies) == 0 else False
cursor.close()
if request.method == 'POST':
#Obligatoire, car dans le cas où la perte de connexion avec Nessus intervient entre le moment où l'utilisateur appelle le formulaire
#et le moment où il l'envoie; les champs 'nessus' et 'nessus_policy' seront supprimés de la validation
temp_nessus = error_nessus.copy()
error_nessus['policy'] = False
error_nessus['indisponible'] = False
form = scanManuel(request.POST,
liste_ip=liste_ip,
liste_policies=liste_policies,
ip=ip,
liste_appli=liste_appli,
errors=error_nessus)
if form.is_valid():
type_scan = 'manuel'
Nmap = form.cleaned_data['nmap']
nmapOptions = form.cleaned_data['nmapOptions']
if form.cleaned_data.has_key('nessus'):
nessus = form.cleaned_data['nessus']
nessusPolicy_id = form.cleaned_data['nessus_policy']
nessusPolicy_id = None if nessusPolicy_id == "" else nessusPolicy_id
else:
nessus = False
nessusPolicy_id = None
if ip == None:
liste_ip = form.cleaned_data['adresses']
selection = form.cleaned_data['type_selection']
applis = form.cleaned_data['applis']
else:
liste_ip = [ip]
selection = None
cursor = connection.cursor()
cursor.execute(
'INSERT INTO scans_manuels (nmap,nmap_options,nessus,nessus_policy_id) VALUES(%s,%s,%s,%s)',
[Nmap, nmapOptions, nessus, nessusPolicy_id])
cursor.execute(
'SELECT id FROM scans_manuels ORDER BY id DESC LIMIT 1')
id_scan = dictfetchall(cursor)[0]['id']
if selection == 'id_applis':
liste_ip = []
for appli in applis:
for elem in liste_appli:
if elem['nom'] == appli:
id_appli = elem['id']
break
cursor.execute(
'SELECT ip FROM application_hote WHERE id_application=%s',
[id_appli])
hotes_application = dictfetchall(cursor)
for ip in hotes_application:
adresse = ip['ip']
if (adresse in liste_ip) == False:
liste_ip.append(adresse)
for adresse in liste_ip:
cursor.execute(
'INSERT INTO scan_manuel_hote (ip_hote,id_scan_manuel) VALUES(%s,%s)',
[adresse, id_scan])
try:
conn = socketTCP()
data = {
'action': 'addScan',
'parametres': {
'cibles': liste_ip,
'id_scan': id_scan,
'type_scan': type_scan
}
}
conn.envoyer(json.dumps(data))
rep = conn.recevoir()
if rep != 'done':
conn.fermer()
return HttpResponse(status=500)
conn.fermer()
except Exception as e:
cursor.close()
return HttpResponse(status=500)
cursor.close()
return redirect('scans:status_scans')
else:
error_nessus = temp_nessus
del form
form = scanManuel(request.POST,
liste_ip=liste_ip,
liste_policies=liste_policies,
ip=ip,
liste_appli=liste_appli,
errors=temp_nessus)
return render(request, 'scans/ajout_manuel.html', locals())
else:
form = scanManuel(liste_ip=liste_ip,
liste_policies=liste_policies,
ip=ip,
liste_appli=liste_appli,
errors=error_nessus)
return render(request, 'scans/ajout_manuel.html', locals())
def ajoutScanManuel(request, ip=None):
cursor=connection.cursor()
cursor.execute('SELECT DISTINCT(ip) FROM hotes ORDER BY ip')
liste_ip=dictfetchall(cursor)
cursor.execute('SELECT nom,id FROM application')
liste_appli=dictfetchall(cursor)
error_nessus={
'indisponible':False,
'policy':False
}
try:
ScannerNessus=Nessus()
ScannerNessus.connexion()
dict_policies=ScannerNessus.listePolicies()
liste_policies=dict_policies['policies']
ScannerNessus.deconnexion()
except:
error_nessus['indisponible']=True
liste_policies=[]
error_nessus['policy']=True if len(liste_policies)==0 else False
cursor.close()
if request.method == 'POST':
#Obligatoire, car dans le cas où la perte de connexion avec Nessus intervient entre le moment où l'utilisateur appelle le formulaire
#et le moment où il l'envoie; les champs 'nessus' et 'nessus_policy' seront supprimés de la validation
temp_nessus=error_nessus.copy()
error_nessus['policy']=False
error_nessus['indisponible']=False
form = scanManuel(request.POST,liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=error_nessus)
if form.is_valid():
type_scan='manuel'
Nmap=form.cleaned_data['nmap']
nmapOptions=form.cleaned_data['nmapOptions']
if form.cleaned_data.has_key('nessus'):
nessus=form.cleaned_data['nessus']
nessusPolicy_id=form.cleaned_data['nessus_policy']
nessusPolicy_id=None if nessusPolicy_id=="" else nessusPolicy_id
else:
nessus=False
nessusPolicy_id=None
if ip==None:
liste_ip=form.cleaned_data['adresses']
selection=form.cleaned_data['type_selection']
applis=form.cleaned_data['applis']
else:
liste_ip=[ip]
selection=None
cursor=connection.cursor()
cursor.execute('INSERT INTO scans_manuels (nmap,nmap_options,nessus,nessus_policy_id) VALUES(%s,%s,%s,%s)',[Nmap,nmapOptions,nessus,nessusPolicy_id])
cursor.execute('SELECT id FROM scans_manuels ORDER BY id DESC LIMIT 1')
id_scan=dictfetchall(cursor)[0]['id']
if selection=='id_applis':
liste_ip=[]
for appli in applis:
for elem in liste_appli:
if elem['nom']==appli:
id_appli=elem['id']
break
cursor.execute('SELECT ip FROM application_hote WHERE id_application=%s',[id_appli])
hotes_application=dictfetchall(cursor)
for ip in hotes_application:
adresse=ip['ip']
if (adresse in liste_ip)==False:
liste_ip.append(adresse)
for adresse in liste_ip:
cursor.execute('INSERT INTO scan_manuel_hote (ip_hote,id_scan_manuel) VALUES(%s,%s)',[adresse,id_scan])
try:
conn=socketTCP()
data={'action':'addScan',
'parametres':{
'cibles':liste_ip,
'id_scan':id_scan,
'type_scan':type_scan}
}
conn.envoyer(json.dumps(data))
rep=conn.recevoir()
if rep!='done':
conn.fermer()
return HttpResponse(status=500)
conn.fermer()
except Exception as e:
cursor.close()
return HttpResponse(status=500)
cursor.close()
return redirect('scans:status_scans')
else:
error_nessus=temp_nessus
del form
form = scanManuel(request.POST,liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=temp_nessus)
return render(request, 'scans/ajout_manuel.html', locals())
else:
form = scanManuel(liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=error_nessus)
return render(request, 'scans/ajout_manuel.html', locals())
