Esempio n. 1
0
    def details(self, rowid):
        vulnerability = self.aucote.storage.vulnerability_by_id(rowid)

        return self.not_found(
            'Vulnerability not found') if vulnerability is None else {
                'id':
                vulnerability.rowid,
                'url':
                self._url_vulnerability(vulnerability.rowid),
                'port':
                self.pretty_port(vulnerability.port),
                'scan':
                self.pretty_scan(vulnerability.scan),
                'time':
                vulnerability.time,
                'time_human':
                parse_timestamp_to_time(vulnerability.time),
                'exploit':
                vulnerability.exploit.id,
                'output':
                vulnerability.output,
                'expired':
                vulnerability.expiration_time,
                'expired_human':
                parse_timestamp_to_time(vulnerability.expiration_time),
                'scans': [
                    self.pretty_scan(scan) for scan in
                    self.aucote.storage.scans_by_vulnerability(vulnerability)
                ]
            }
Esempio n. 2
0
    def details(self, rowid):
        sec_scan = self.aucote.storage.security_scan_by_id(rowid)

        return self.not_found(
            'Security scan not found') if sec_scan is None else {
                'id':
                sec_scan.rowid,
                'url':
                self._url_security_scan(sec_scan.rowid),
                'port':
                self.pretty_port(sec_scan.port),
                'scan':
                self.pretty_scan(sec_scan.scan),
                'scan_end':
                sec_scan.scan_end,
                'scan_end_human':
                parse_timestamp_to_time(sec_scan.scan_end),
                'scan_start':
                sec_scan.scan_start,
                'scan_start_human':
                parse_timestamp_to_time(sec_scan.scan_start),
                'exploit': {
                    'id': sec_scan.exploit.id,
                    'app': sec_scan.exploit.app,
                    'name': sec_scan.exploit.name
                },
                'scan_url':
                self._url_scan(sec_scan.scan.rowid),
                'scans': [
                    self.pretty_scan(scan) for scan in
                    self.aucote.storage.scans_by_security_scan(sec_scan)
                ]
            }
Esempio n. 3
0
    def details(self, rowid):
        scan = self.aucote.storage.get_scan_by_id(rowid)

        return self.not_found('Scan not found') if scan is None else {
            'scan':
            rowid,
            'url':
            self._url_scan(rowid),
            'start':
            scan.start,
            'start_human':
            parse_timestamp_to_time(scan.start),
            'end':
            scan.end,
            'end_human':
            parse_timestamp_to_time(scan.end),
            'nodes_scans': [
                self.pretty_node(nodes_scans) for nodes_scans in
                self.aucote.storage.nodes_scans_by_scan(scan)
            ],
            'ports_scans': [
                self.pretty_port_scan(port_scan)
                for port_scan in self.aucote.storage.ports_scans_by_scan(scan)
            ]
        }
Esempio n. 4
0
    def scanner_status(self, scan):
        """
        Get scanner status

        """
        scanner = self.get_scanner(name=scan)
        if not scanner:
            return self.not_found('Scanner not found')

        if isinstance(scanner, ToolsScanner):
            return self.internal_error(
                'Security scanners are not implemented right now')

        stats = {
            'scan': scan,
            'current_scan': scanner.scan.start,
            'current_scan_human': parse_timestamp_to_time(scanner.scan.start),
            'previous_scan': scanner.previous_scan,
            'previous_scan_human':
            parse_timestamp_to_time(scanner.previous_scan),
            'next_scan': scanner.next_scan,
            'next_scan_human': parse_timestamp_to_time(scanner.next_scan),
            'scanners': {
                protocol:
                [subscanner.command.NAME for subscanner in subscanners]
                for protocol, subscanners in scanner.scanners.items()
            },
            'status':
            scanner.status.value if scanner.status is not None else None,
            'nodes': [str(node) for node in scanner.nodes]
        }
        return stats
Esempio n. 5
0
 def pretty_sec_scan(self, sec_scan):
     return {
         'id': sec_scan.rowid,
         'url': self._url_security_scan(sec_scan.rowid),
         'port': self.pretty_port(sec_scan.port),
         'scan': self.pretty_scan(sec_scan.scan),
         'scan_end': sec_scan.scan_end,
         'scan_end_human': parse_timestamp_to_time(sec_scan.scan_end),
         'scan_start': sec_scan.scan_start,
         'scan_start_human': parse_timestamp_to_time(sec_scan.scan_start),
         'exploit': {
             'id': sec_scan.exploit.id,
             'app': sec_scan.exploit.app,
             'name': sec_scan.exploit.name
         }
     }
Esempio n. 6
0
    def details(self, rowid):
        port_scan = self.aucote.storage.port_scan_by_id(rowid)

        return self.not_found(
            'Port scan not found') if port_scan is None else {
                'id':
                port_scan.rowid,
                'url':
                self._url_ports_scan(port_scan.rowid),
                'timestamp':
                port_scan.timestamp,
                'human_timestamp':
                parse_timestamp_to_time(port_scan.timestamp),
                'port_number':
                port_scan.port.number,
                'protocol':
                port_scan.port.transport_protocol.db_val,
                'node': {
                    'id': port_scan.node.id,
                    'ip': str(port_scan.node.ip)
                },
                'scan':
                self.pretty_scan(port_scan.scan),
                'scans': [
                    self.pretty_scan(scan) for scan in
                    self.aucote.storage.scans_by_port_scan(port_scan)
                ]
            }
Esempio n. 7
0
 def pretty_vulnerability(self, vulnerability):
     return {
         'id': vulnerability.rowid,
         'url': self._url_vulnerability(vulnerability.rowid),
         'port': str(vulnerability.port),
         'scan': self.pretty_scan(vulnerability.scan),
         'output': vulnerability.output[:100],
         'exploit': vulnerability.exploit.id,
         'vuln_subid': vulnerability.subid,
         'time': vulnerability.time,
         'time_human': parse_timestamp_to_time(vulnerability.time),
         'cvss': vulnerability.cvss,
     }
Esempio n. 8
0
    def test_pasrsers_from_time_to_time(self):
        initial = '2017-06-04T13:26:17+01:00'
        expected = '2017-06-04T12:26:17+00:00'
        result = parse_timestamp_to_time(parse_time_to_timestamp(initial))

        self.assertEqual(result, expected)
Esempio n. 9
0
    def test_pasrsers_from_timestamp_to_timestamp(self):
        expected = 197
        result = parse_time_to_timestamp(parse_timestamp_to_time(expected))

        self.assertEqual(result, expected)
Esempio n. 10
0
 def test_parse_timestamp_to_time(self):
     result = parse_timestamp_to_time(12)
     expected = '1970-01-01T00:00:12+00:00'
     self.assertEqual(result, expected)