def demarrerScanPlannifie(request, id_scan): cursor = connection.cursor() cursor.execute( 'SELECT ip_hote FROM scan_plannifie_hote WHERE id_scan_plannifie=%s', [id_scan]) liste_ip = dictfetchall(cursor) tableau_ip = [] for ip in liste_ip: tableau_ip.append(ip['ip_hote']) del liste_ip cursor.execute( 'SELECT id_application FROM scan_plannifie_application WHERE id_scan_plannifie=%s', [id_scan]) liste_id_appli = dictfetchall(cursor) for id_appli in liste_id_appli: cursor.execute( 'SELECT ip FROM application_hote WHERE id_application=%s', [id_appli['id_application']]) liste_ip_appli = dictfetchall(cursor) for adresse in liste_ip_appli: if (adresse['ip'] in tableau_ip) == False: tableau_ip.append(adresse['ip']) cursor.close() try: conn = socketTCP() data = { 'action': 'addScan', 'parametres': { 'cibles': tableau_ip, 'id_scan': id_scan, 'type_scan': 'plannifie' } } conn.envoyer(json.dumps(data)) rep = conn.recevoir() conn.fermer() if rep != 'done': return HttpResponse(status=500) return redirect('scans:status_scans') except: return HttpResponse(status=500)
def getStatusScans(request): ''' Affiche le status de l'ensemble des scans démarrés ''' try: conn = socketTCP() data = {'action': 'listeScan'} conn.envoyer(json.dumps(data)) rep = conn.recevoir() conn.fermer() return json.loads(rep) except Exception as e: return HttpResponse(status=400)
def getStatusScans(request): ''' Affiche le status de l'ensemble des scans démarrés ''' try: conn=socketTCP() data={'action':'listeScan'} conn.envoyer(json.dumps(data)) rep=conn.recevoir() conn.fermer() return json.loads(rep) except Exception as e: return HttpResponse(status=400)
def demarrerScanPlannifie(request,id_scan): cursor=connection.cursor() cursor.execute('SELECT ip_hote FROM scan_plannifie_hote WHERE id_scan_plannifie=%s',[id_scan]) liste_ip=dictfetchall(cursor) tableau_ip=[] for ip in liste_ip: tableau_ip.append(ip['ip_hote']) del liste_ip cursor.execute('SELECT id_application FROM scan_plannifie_application WHERE id_scan_plannifie=%s',[id_scan]) liste_id_appli=dictfetchall(cursor) for id_appli in liste_id_appli: cursor.execute('SELECT ip FROM application_hote WHERE id_application=%s',[id_appli['id_application']]) liste_ip_appli=dictfetchall(cursor) for adresse in liste_ip_appli: if (adresse['ip'] in tableau_ip)==False: tableau_ip.append(adresse['ip']) cursor.close() try: conn=socketTCP() data={'action':'addScan', 'parametres':{ 'cibles':tableau_ip, 'id_scan':id_scan, 'type_scan':'plannifie'} } conn.envoyer(json.dumps(data)) rep=conn.recevoir() conn.fermer() if rep!='done': return HttpResponse(status=500) return redirect('scans:status_scans') except: return HttpResponse(status=500)
def __init__(self, client, srv, lock): Thread.__init__(self) self.client = socketTCP(client) self.srv = srv self.lock = lock
def __init__(self, client,srv,lock): Thread.__init__(self) self.client=socketTCP(client) self.srv=srv self.lock=lock
def ajoutScanManuel(request, ip=None): cursor = connection.cursor() cursor.execute('SELECT DISTINCT(ip) FROM hotes ORDER BY ip') liste_ip = dictfetchall(cursor) cursor.execute('SELECT nom,id FROM application') liste_appli = dictfetchall(cursor) error_nessus = {'indisponible': False, 'policy': False} try: ScannerNessus = Nessus() ScannerNessus.connexion() dict_policies = ScannerNessus.listePolicies() liste_policies = dict_policies['policies'] ScannerNessus.deconnexion() except: error_nessus['indisponible'] = True liste_policies = [] error_nessus['policy'] = True if len(liste_policies) == 0 else False cursor.close() if request.method == 'POST': #Obligatoire, car dans le cas où la perte de connexion avec Nessus intervient entre le moment où l'utilisateur appelle le formulaire #et le moment où il l'envoie; les champs 'nessus' et 'nessus_policy' seront supprimés de la validation temp_nessus = error_nessus.copy() error_nessus['policy'] = False error_nessus['indisponible'] = False form = scanManuel(request.POST, liste_ip=liste_ip, liste_policies=liste_policies, ip=ip, liste_appli=liste_appli, errors=error_nessus) if form.is_valid(): type_scan = 'manuel' Nmap = form.cleaned_data['nmap'] nmapOptions = form.cleaned_data['nmapOptions'] if form.cleaned_data.has_key('nessus'): nessus = form.cleaned_data['nessus'] nessusPolicy_id = form.cleaned_data['nessus_policy'] nessusPolicy_id = None if nessusPolicy_id == "" else nessusPolicy_id else: nessus = False nessusPolicy_id = None if ip == None: liste_ip = form.cleaned_data['adresses'] selection = form.cleaned_data['type_selection'] applis = form.cleaned_data['applis'] else: liste_ip = [ip] selection = None cursor = connection.cursor() cursor.execute( 'INSERT INTO scans_manuels (nmap,nmap_options,nessus,nessus_policy_id) VALUES(%s,%s,%s,%s)', [Nmap, nmapOptions, nessus, nessusPolicy_id]) cursor.execute( 'SELECT id FROM scans_manuels ORDER BY id DESC LIMIT 1') id_scan = dictfetchall(cursor)[0]['id'] if selection == 'id_applis': liste_ip = [] for appli in applis: for elem in liste_appli: if elem['nom'] == appli: id_appli = elem['id'] break cursor.execute( 'SELECT ip FROM application_hote WHERE id_application=%s', [id_appli]) hotes_application = dictfetchall(cursor) for ip in hotes_application: adresse = ip['ip'] if (adresse in liste_ip) == False: liste_ip.append(adresse) for adresse in liste_ip: cursor.execute( 'INSERT INTO scan_manuel_hote (ip_hote,id_scan_manuel) VALUES(%s,%s)', [adresse, id_scan]) try: conn = socketTCP() data = { 'action': 'addScan', 'parametres': { 'cibles': liste_ip, 'id_scan': id_scan, 'type_scan': type_scan } } conn.envoyer(json.dumps(data)) rep = conn.recevoir() if rep != 'done': conn.fermer() return HttpResponse(status=500) conn.fermer() except Exception as e: cursor.close() return HttpResponse(status=500) cursor.close() return redirect('scans:status_scans') else: error_nessus = temp_nessus del form form = scanManuel(request.POST, liste_ip=liste_ip, liste_policies=liste_policies, ip=ip, liste_appli=liste_appli, errors=temp_nessus) return render(request, 'scans/ajout_manuel.html', locals()) else: form = scanManuel(liste_ip=liste_ip, liste_policies=liste_policies, ip=ip, liste_appli=liste_appli, errors=error_nessus) return render(request, 'scans/ajout_manuel.html', locals())
def ajoutScanManuel(request, ip=None): cursor=connection.cursor() cursor.execute('SELECT DISTINCT(ip) FROM hotes ORDER BY ip') liste_ip=dictfetchall(cursor) cursor.execute('SELECT nom,id FROM application') liste_appli=dictfetchall(cursor) error_nessus={ 'indisponible':False, 'policy':False } try: ScannerNessus=Nessus() ScannerNessus.connexion() dict_policies=ScannerNessus.listePolicies() liste_policies=dict_policies['policies'] ScannerNessus.deconnexion() except: error_nessus['indisponible']=True liste_policies=[] error_nessus['policy']=True if len(liste_policies)==0 else False cursor.close() if request.method == 'POST': #Obligatoire, car dans le cas où la perte de connexion avec Nessus intervient entre le moment où l'utilisateur appelle le formulaire #et le moment où il l'envoie; les champs 'nessus' et 'nessus_policy' seront supprimés de la validation temp_nessus=error_nessus.copy() error_nessus['policy']=False error_nessus['indisponible']=False form = scanManuel(request.POST,liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=error_nessus) if form.is_valid(): type_scan='manuel' Nmap=form.cleaned_data['nmap'] nmapOptions=form.cleaned_data['nmapOptions'] if form.cleaned_data.has_key('nessus'): nessus=form.cleaned_data['nessus'] nessusPolicy_id=form.cleaned_data['nessus_policy'] nessusPolicy_id=None if nessusPolicy_id=="" else nessusPolicy_id else: nessus=False nessusPolicy_id=None if ip==None: liste_ip=form.cleaned_data['adresses'] selection=form.cleaned_data['type_selection'] applis=form.cleaned_data['applis'] else: liste_ip=[ip] selection=None cursor=connection.cursor() cursor.execute('INSERT INTO scans_manuels (nmap,nmap_options,nessus,nessus_policy_id) VALUES(%s,%s,%s,%s)',[Nmap,nmapOptions,nessus,nessusPolicy_id]) cursor.execute('SELECT id FROM scans_manuels ORDER BY id DESC LIMIT 1') id_scan=dictfetchall(cursor)[0]['id'] if selection=='id_applis': liste_ip=[] for appli in applis: for elem in liste_appli: if elem['nom']==appli: id_appli=elem['id'] break cursor.execute('SELECT ip FROM application_hote WHERE id_application=%s',[id_appli]) hotes_application=dictfetchall(cursor) for ip in hotes_application: adresse=ip['ip'] if (adresse in liste_ip)==False: liste_ip.append(adresse) for adresse in liste_ip: cursor.execute('INSERT INTO scan_manuel_hote (ip_hote,id_scan_manuel) VALUES(%s,%s)',[adresse,id_scan]) try: conn=socketTCP() data={'action':'addScan', 'parametres':{ 'cibles':liste_ip, 'id_scan':id_scan, 'type_scan':type_scan} } conn.envoyer(json.dumps(data)) rep=conn.recevoir() if rep!='done': conn.fermer() return HttpResponse(status=500) conn.fermer() except Exception as e: cursor.close() return HttpResponse(status=500) cursor.close() return redirect('scans:status_scans') else: error_nessus=temp_nessus del form form = scanManuel(request.POST,liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=temp_nessus) return render(request, 'scans/ajout_manuel.html', locals()) else: form = scanManuel(liste_ip=liste_ip,liste_policies=liste_policies,ip=ip,liste_appli=liste_appli,errors=error_nessus) return render(request, 'scans/ajout_manuel.html', locals())