def getWebApp(api: QualysAPI.QualysAPI, webappid: str): fullurl = '%s/qps/rest/3.0/get/was/webapp/%s' % (api.server, webappid) resp = api.makeCall(method='GET', url=fullurl) return resp
def createOptionProfileFromXML(api: QualysAPI.QualysAPI, profilexml: ET.Element): fullurl = '%s/qps/rest/3.0/create/was/optionprofile' % api.server payload = ET.tostring(profilexml, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, payload=payload) return resp
def searchDNSOverride(api: QualysAPI.QualysAPI, recordid: str = None, recordname: str = None, tagid: str = None, tagname: str = None, createddate: str = None, updateddate: str = None, ownerid: str = None, ownername: str = None, owneruser: str = None): fullurl = '%s/qps/rest/3.0/search/was/dnsoverride/' % api.server sr = ET.Element('ServiceRequest') filters = ET.SubElement(sr, 'filters') if recordid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'IN') criteria.text = recordid if recordname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'name') criteria.set('operator', 'CONTAINS') criteria.text = recordname if tagid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.id') criteria.set('operator', 'IN') criteria.text = tagid if tagname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.name') criteria.set('operator', 'CONTAINS') criteria.text = tagname if createddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'createDate') criteria.set('operator', 'GREATER') criteria.text = createddate if updateddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'updatedDate') criteria.set('operator', 'GREATER') criteria.text = updateddate if ownerid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.id') criteria.set('operator', 'EQUALS') criteria.text = ownerid if ownername is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.name') criteria.set('operator', 'CONTAINS') criteria.text = ownername if owneruser is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.username') criteria.set('operator', 'CONTAINS') criteria.text = owneruser if len(filters) > 0: payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() else: payload = "" resp = api.makeCall(url=fullurl, payload=payload) return resp
def createUser(target_api: QualysAPI.QualysAPI, payload: dict): url = '%s/msp/user.php' % target_api.server payload['action'] = 'add' resp = target_api.makeCall(url=url, payload=payload) return responseHandler(resp)
def get_configuration_profile(source_api: QualysAPI, id: str): url = '%s/qps/rest/1.0/get/ca/agentconfig/%s' % (source_api.server, id) resp = source_api.makeCall(url=url, method='GET') return resp
def searchAuthRecord(api: QualysAPI.QualysAPI, recordid: str = None, recordname: str = None, tagids: str = None, tagname: str = None, createdate: str = None, updateddate: str = None, lastscandate: str = None, lastscanauthstatus: str = None, isused: bool = None, contents: str = None): fullurl = '%s/qps/rest/3.0/search/was/webappauthrecord' % api.server sr = ET.Element('ServiceRequest') filters = ET.SubElement(sr, 'filters') if recordid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'IN') criteria.text = recordid if recordname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'name') criteria.set('operator', 'CONTAINS') criteria.text = recordname if tagids is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.id') criteria.set('operator', 'IN') criteria.text = tagids if tagname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.name') criteria.set('operator', 'CONTAINS') criteria.text = tagname if createdate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'createdDate') criteria.set('operator', 'GREATER') criteria.text = createdate if updateddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'updatedDate') criteria.set('operator', 'GREATER') criteria.text = updateddate if lastscandate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan.date') criteria.set('operator', 'GREATER') criteria.text = lastscandate if lastscanauthstatus is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan.authStatus') criteria.set('operator', 'IN') criteria.text = lastscanauthstatus if isused is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'isUsed') criteria.set('operator', 'EQUALS') criteria.text = str(isused).lower() if contents is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'IN') criteria.text = contents if len(filters) > 0: payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() else: payload = '' resp = api.makeCall(url=fullurl, payload=payload) return resp
def createVirtualHost(target_api: QualysAPI.QualysAPI, url: str): fullurl = '%s%s' % (target_api.server, url) resp = target_api.makeCall(url=fullurl) if not responseHandler(resp): return None return resp
def searchWebApplication(api: QualysAPI.QualysAPI, webappid: str = None, name: str = None, url: str = None, tagname: str = None, tagid: int = None, createddate: str = None, updateddate: str = None, isscheduled: bool = None, isscanned: bool = None, lastscanstatus: str = None): sr = ET.Element('ServiceRequest') filters = ET.Element('filters') if webappid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'IN') criteria.text = webappid if name is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'name') criteria.set('operator', 'CONTAINS') criteria.text = name if url is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'url') criteria.set('operator', 'CONTAINS') criteria.text = url if tagname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.name') criteria.set('operator', 'CONTAINS') criteria.text = tagname if tagid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.id') criteria.set('operator', 'CONTAINS') criteria.text = str(tagid) if createddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'createdDate') criteria.set('operator', 'GREATER') criteria.text = createddate if updateddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'updatedDate') criteria.set('operator', 'GREATER') criteria.text = updateddate if isscheduled is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'isScheduled') criteria.set('operator', 'CONTAINS') criteria.text = str(isscheduled) if isscanned is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'isScanned') criteria.set('operator', 'CONTAINS') criteria.text = str(isscanned) if lastscanstatus is not None: if lastscanstatus in ['SUBMITTED', 'RUNNING', 'FINISHED', 'TIME_LIMIT_EXCEEDED', 'SCAN_NOT_LAUNCHED', 'SCANNER_NOT_AVAILABLE', 'ERROR', 'CANCELED']: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan.status') criteria.set('operator', 'IN') criteria.text = lastscanstatus if len(filters) > 0: sr.append(filters) prefs = ET.SubElement(sr, 'preferences') verbose = ET.SubElement(prefs, 'verbose') verbose.text = 'true' payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() url = '%s/qps/rest/3.0/search/was/webapp' % api.server resp = api.makeCall(url=url, payload=payload) return resp
def createScanReport(api: QualysAPI.QualysAPI, reportname: str, targetscans: str, filtersearchlistids: str = None, filterurls: str = None, filterstatus: str = None, filtershowpatched: str = 'SHOW_BOTH', filterignoredreasons: str = None, displaycontents: str = None, displaygraphs: str = None, displaygroups: str = None, rawlevels: str = None, filtersshowignored: bool = None, reportformat: str = None, templateid: int = None): fullurl = '%s/qps/rest/3.0/create/was/report' % api.server sr = createBaseReport(reporttype='WAS_SCAN_REPORT', reportname=reportname, reportformat=reportformat, templateid=templateid) report = sr.find('ServiceRequest/data/Report') config = ET.SubElement(report, 'config') scanrpt = ET.SubElement(config, 'scanReport') tgt = ET.SubElement(scanrpt, 'target') scans = ET.SubElement(tgt, 'WasScan') idxml = ET.SubElement(scans, 'id') idxml.text = targetscans if displaycontents is not None and displaygraphs is not None and displaygroups is not None and rawlevels is not None: display = ET.SubElement(scanrpt, 'display') contents = ET.SubElement(display, 'contents') for content in displaycontents.split(','): contentxml = ET.SubElement(contents, 'ScanReportContent') contentxml.text = content graphs = ET.SubElement(display, 'graphs') for graph in displaygraphs.split(','): graphxml = ET.SubElement(graphs, 'ScanReportGraph') graphxml.text = graph groups = ET.SubElement(display, 'groups') for group in displaygroups.split(','): groupxml = ET.SubElement(groups, 'ScanReportGroup') groupxml.text = group if rawlevels is not None: options = ET.SubElement(display, 'options') rawlevelsxml = ET.SubElement(options, 'rawLevels') rawlevelsxml.text = rawlevels if (filtershowpatched is not None) or \ (filterurls is not None) or \ (filterstatus is not None) or \ (filtersshowignored is not None) or \ (filtersearchlistids is not None) or \ (filterignoredreasons is not None): filters = ET.SubElement(report, 'filters') if filtershowpatched is not None: showpatched = ET.SubElement(filters, 'showPatched') showpatched.text = filtershowpatched if filtersearchlistids is not None: searchlists = ET.SubElement(filters, 'searchlists') for searchlist in filtersearchlistids.split(','): slxml = ET.SubElement(searchlists, 'SearchList') idxml = ET.SubElement(slxml, 'id') idxml.text = searchlist.strip() if filterstatus is not None: statuses = ET.SubElement(filters, 'status') for status in filterstatus.split(','): statusxml = ET.SubElement(statuses, 'ScanFindingStatus') statusxml.text = status.strip() if filterurls is not None: for url in filterurls.split(','): urlxml = ET.SubElement(filters, 'url') urlxml.text = url.strip() if filtersshowignored is not None or filterignoredreasons is not None: remediation = ET.SubElement(filters, 'remediation') if filtersshowignored is not None: showignored = ET.SubElement(remediation, 'showIgnored') showignored.text = str(filtersshowignored).lower() if filterignoredreasons is not None: ignoredreasons = ET.SubElement(remediation, 'ignoredReasons') for reason in filterignoredreasons.split(','): ignoredreason = ET.SubElement(ignoredreasons, 'IgnoredReason') ignoredreason.text = reason payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, payload=payload) return resp
def getSchedule(api: QualysAPI.QualysAPI, id: str): fullurl = '%s/qps/rest/3.0/get/was/wasscanschedule/%s' % (api.server, id) resp = api.makeCall(url=fullurl, method='GET') return resp
def updateReport(api: QualysAPI.QualysAPI, reportid: int): fullurl = '%s/qps/rest/3.0/update/was/report/%s' % (api.server, str(reportid)) resp = api.makeCall(url=fullurl, method='GET') return resp
def searchSchedule(api: QualysAPI.QualysAPI, scheduleid: str = None, name: str = None, ownerid: str = None, createddate: str = None, updated: str = None, active: bool = None, type: str = None, webappname: str = None, webappid: str = None, webapptags: str = None, webapptagsid: str = None, invalid: bool = None, lastScan: bool = None, lastscandate: str = None, lastscanstatus: str = None, multi: bool = None): fullurl = '%s/qps/rest/3.0/search/was/wasscanschedule' % api.server sr = ET.Element('ServiceRequest') filters = ET.Element('filters') if scheduleid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'IN') criteria.text = scheduleid if name is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'name') criteria.set('operator', 'CONTAINS') criteria.text = name if ownerid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.id') criteria.set('operator', 'IN') criteria.text = ownerid if createddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'createdDate') criteria.set('operator', 'GREATER') criteria.text = createddate if updated is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'updatedDate') criteria.set('operator', 'GREATER') criteria.text = updated if active is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'active') criteria.set('operator', 'EQUALS') criteria.text = str(active) if type is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'type') criteria.set('operator', 'IN') criteria.text = type if webappname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'webApp.name') criteria.set('operator', 'CONTAINS') criteria.text = webappname if webappid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'webApp.id') criteria.set('operator', 'IN') criteria.text = webappid if webapptags is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'webApp.tags') criteria.set('operator', 'NONE') criteria.text = webapptags if webapptagsid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'webApp.tags.id') criteria.set('operator', 'IN') criteria.text = id if invalid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'invalid') criteria.set('operator', 'EQUALS') criteria.text = str(invalid) if lastScan is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan') criteria.set('operator', 'NONE') criteria.text = str(lastScan) if lastscandate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan.launchedDate') criteria.set('operator', 'GREATER') criteria.text = lastscandate if lastscanstatus is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'lastScan.status') criteria.set('operator', 'IN') criteria.text = lastscanstatus if multi is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'multi') criteria.set('operator', 'EQUALS') criteria.text = str(multi) if len(filters) > 0: sr.append(filters) payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, payload=payload) return resp
def getAuthRecord(api: QualysAPI.QualysAPI, recordid: int): fullurl = '%s/qps/rest/3.0/get/was/webappauthrecord/%s' % (api.server, str(recordid)) resp = api.makeCall(url=fullurl) return resp
def updateWebAppFromXML(api: QualysAPI.QualysAPI, payloadxml: ET.Element, webappid: int): fullurl = '%s/qps/rest/3.0/update/was/webapp/%s' % (api.server, str(webappid)) payload = ET.tostring(payloadxml, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, method='POST', payload=payload) return resp
def getDNSOverride(api: QualysAPI.QualysAPI, recordid: int): fullurl = '%s/qps/rest/3.0/get/was/dnsoverride/%s' % (api.server, str(recordid)) resp = api.makeCall(url=fullurl) return resp
def createScorecardReport(api: QualysAPI.QualysAPI, reportname: str, webappids: str = None, inctagids: str = None, inctagopts: str = None, exctagids: str = None, exctagopts: str = None, searchlistids: str = None, scanstatus: str = None, authstatus: str = None, reportformat: str = None, scandatestart: str = None, scandateend: str = None, displaycontents: str = None, displaygraphs: str = None, displaygroups: str = None, displayoptions: str = None): fullurl = '%s/qps/rest/3.0/create/was/report' % api.server sr = createBaseReport(reporttype='WAS_SCORECARD_REPORT', reportname=reportname, reportformat=reportformat) report = sr.find('ServiceRequest/data/Report') config = ET.SubElement(report, 'config') scorecard = ET.SubElement(config, 'scorecardReport') tgt = ET.SubElement(scorecard, 'target') if inctagids is not None and webappids is not None: print('ERROR: QualysWASProcessor.createScorecardReport failed - specify targets with tags or webapp IDs, ' 'not both') return None if (scandatestart is not None and scandateend is None) or (scandatestart is None and scandateend is not None): print('ERROR: QualysWASProcessor.createScorecardReport failed - must specify stand AND end dates') return None if webappids is not None: webapps = ET.SubElement(tgt, 'webapps') for webappid in webappids.split(','): webapp = ET.SubElement(webapps, 'WebApp') idxml = ET.SubElement(webapp, 'id') idxml.text = webappid.strip() if inctagids is not None: tags = ET.SubElement(tgt, 'tags') included = ET.SubElement(tags, 'included') includeopt = ET.SubElement(included, 'option') includeopt.text = inctagopts taglist = ET.SubElement(included, 'tagList') for tagid in inctagids.split(','): tag = ET.SubElement(taglist, 'Tag') idxml = ET.SubElement(tag, 'id') idxml.text = tagid if exctagids is not None: excluded = ET.SubElement(tags, 'excluded') excludeopt = ET.SubElement(excluded, 'option') excludeopt.text = exctagopts taglist = ET.SubElement(excluded, 'tagList') for tagid in exctagids.split(','): tag = ET.SubElement(taglist, 'Tag') idxml = ET.SubElement(tag, 'id') idxml.text = tagid if searchlistids is not None or scandatestart is not None or scanstatus is not None or authstatus is not None: filters = ET.SubElement(scorecard, 'filters') if searchlistids is not None: searchlists = ET.SubElement(filters, 'searchlists') for searchlist in searchlistids.split(','): slistxml = ET.SubElement(searchlists, 'SearchList') idxml = ET.SubElement(slistxml, 'id') idxml.text = searchlist.strip() if scandatestart is not None: scandate = ET.SubElement(filters, 'scanDate') start = ET.SubElement(scandate, 'startDate') start.text = scandatestart end = ET.SubElement(scandate, 'endDate') end.text = scandateend if scanstatus is not None: scanstatusxml = ET.SubElement(filters, 'scanStatus') scanstatusxml.text = scanstatus if authstatus is not None: authstatusxml = ET.SubElement(filters, 'scanAuthStatus') authstatusxml.text = authstatus if displaycontents is not None or displayoptions is not None or displaygroups is not None or \ displaygraphs is not None: display = ET.SubElement(scorecard, 'display') if displaycontents is not None: contents = ET.SubElement(display, 'contents') for content in displaycontents.split(','): contentxml = ET.SubElement(contents, 'ScorecardReportContent') contentxml.text = content.strip() if displayoptions is not None: options = ET.SubElement(display, 'options') rawlevels = ET.SubElement(options, 'rawLevels') rawlevels.text = displayoptions if displaygroups is not None: groups = ET.SubElement(display, 'groups') for group in displaygroups.split(','): groupxml = ET.SubElement(groups, 'scorecardReportGroup') groupxml.text = group.strip() if displaygraphs is not None: graphs = ET.SubElement(display, 'graphs') for graph in displaygraphs.split(','): graphxml = ET.SubElement(graphs, 'ScorecardReportGraph') graphxml.text = graph.strip() payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, payload=payload) return resp
def createWebApp(api: QualysAPI.QualysAPI, payloadxml: ET.Element): fullurl = '%s/qps/rest/3.0/create/was/webapp' % api.server payload = ET.tostring(payloadxml, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, method='POST', payload=payload) return resp
def createCatalogReport(api: QualysAPI.QualysAPI, reportname: str, reportformat: str = None, filters_url: str = None, filters_ip: str = None, filters_os: str = None, filters_status: str = None, scandate_start: str = None, scandate_end: str = None, display_contents: str = None, display_graphs: str = None, display_groups: str = None, display_options: str = None): fullurl = '%s/qps/rest/3.0/create/was/report' % api.server sr = createBaseReport(reporttype='WAS_CATALOG_REPORT', reportname=reportname, reportformat=reportformat) report = sr.find('ServiceRequest/data/Report') config = ET.SubElement(report, 'config') catalog = ET.SubElement(config, 'catalogReport') if scandate_start is not None and scandate_end is None or scandate_start is None and scandate_end is not None: print('ERROR: QualysWASProcessor.createCatalogReport failed - Start Date and End Date must be specified ' 'together') return None if display_contents is not None or display_options is not None or display_groups is not None or \ display_graphs is not None: display = ET.SubElement(catalog, 'display') if display_contents is not None: contents = ET.SubElement(display, 'contents') for content in display_contents.split(','): contentxml = ET.SubElement(contents, 'CatalogReportContent') contentxml.text = content.strip() if display_options is not None: options = ET.SubElement(display, 'options') rawlevels = ET.SubElement(options, 'rawLevels') rawlevels.text = display_options if display_groups is not None: groups = ET.SubElement(display, 'groups') for group in display_groups.split(','): groupxml = ET.SubElement(groups, 'CatalogReportContent') groupxml.text = group.strip() if display_graphs is not None: graphs = ET.SubElement(display, 'graphs') for graph in display_graphs.split(','): graphxml = ET.SubElement(graphs, 'CatalogReportContent') graphxml.text = graph if scandate_start is not None or filters_status is not None or filters_url is not None or filters_ip is not None \ or filters_os is not None: filters = ET.SubElement(catalog, 'filters') if scandate_start is not None: scandate = ET.SubElement(filters, 'scanDate') start = ET.SubElement(scandate, 'startDate') start.text = scandate_start end = ET.SubElement(scandate, 'endDate') end.text = scandate_end if filters_status is not None: status = ET.SubElement(filters, 'status') for entrystatus in filters_status.split(','): statusxml = ET.SubElement(status, 'EntryStatus') statusxml.text = filters_status.strip() if filters_url is not None: for url in filters_url.split(','): urlxml = ET.SubElement(filters, 'url') urlxml.text = url.strip() if filters_ip is not None: for ip in filters_ip.split(','): ipxml = ET.SubElement(filters, 'ip') ipxml.text = ip.strip() if filters_os is not None: for os in filters_os.split(','): osxml = ET.SubElement(filters, 'os') osxml.text = os payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() resp = api.makeCall(url=fullurl, payload=payload) return resp
def createAssetGroup(target_api: QualysAPI.QualysAPI, url: str, payload: dict): fullurl = '%s%s' % (target_api.server, url) resp = target_api.makeCall(url=fullurl, payload=payload) return resp
def searchOptionProfiles(api: QualysAPI.QualysAPI, profileid: str = None, profilename: str = None, tagname: str = None, tagid: int = None, createddate: str = None, updateddate: str = None, usedbywebapps: bool = None, usedbyschedules: bool = None, ownername: str = None, owneruser: str = None): fullurl = '%s/qps/rest/3.0/search/was/optionprofile' % api.server sr = ET.Element('ServiceRequest') filters = ET.SubElement(sr, 'filters') if profileid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'id') criteria.set('operator', 'EQUALS') criteria.text = profileid if profilename is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'name') criteria.set('operator', 'EQUALS') criteria.text = profilename if tagname is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.name') criteria.set('operator', 'EQUALS') criteria.text = tagname if tagid is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'tags.id') criteria.set('operator', 'EQUALS') criteria.text = tagid if createddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'createdDate') criteria.set('operator', 'GREATER') criteria.text = createddate if updateddate is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'updatedDate') criteria.set('operator', 'GREATER') criteria.text = updateddate if usedbywebapps is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'usedByWebApps') criteria.set('operator', 'EQUALS') criteria.text = str(usedbywebapps).lower() if usedbyschedules is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'usedBySchedules') criteria.set('operator', 'EQUALS') criteria.text = str(usedbyschedules).lower() if ownername is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.name') criteria.set('operator', 'CONTAINS') criteria.text = ownername if owneruser is not None: criteria = ET.SubElement(filters, 'Criteria') criteria.set('field', 'owner.username') criteria.set('operator', 'EQUALS') criteria.text = owneruser if len(filters) > 0: payload = ET.tostring(sr, method='xml', encoding='utf-8').decode() else: payload = "" resp = api.makeCall(url=fullurl, payload=payload) return resp
def createIPTrackedVM(target_api: QualysAPI.QualysAPI, addurl: str, payload: dict): fullurl = '%s%s' % (target_api.server, addurl) resp = target_api.makeCall(url=fullurl, payload=payload) return resp
def getOptionProfile(api: QualysAPI.QualysAPI, profileid: int): fullurl = '%s/qps/rest/3.0/get/was/optionprofile/%s' % (api.server, str(profileid)) resp = api.makeCall(url=fullurl, method='GET') return resp
def getUsers(source_api: QualysAPI.QualysAPI): fullurl = "%s/msp/user_list.php" % source_api.server resp = source_api.makeCall(url=fullurl) return resp.find('USER_LIST')
def createDynamicSearchList(target_api: QualysAPI.QualysAPI, searchlist: ET.Element, simulate: bool = False): searchliststr = '' # criteria = searchlist.find('CRITERIA') criteria_map = { 'vuln_title': 'VULNERABILITY_TITLE', 'not_vuln_title': 'VULNERABILITY_TITLE', 'discovery_methods': 'DISCOVERY_METHOD', 'auth_types': 'AUTHENTICATION_TYPE', 'user_configuration': 'USER_CONFIGURATION', 'categories': 'CATEGORY', 'not_categories': 'CATEGORY', 'confirmed_severities': 'CONFIRMED_SEVERITY', 'potential_severities': 'POTENTIAL_SEVERITY', 'ig_severities': 'INFORMATION_SEVERITY', 'products': 'PRODUCT', 'not_products': 'PRODUCT', 'patch_available': 'PATCH_AVAILABLE', 'virtual_patch_available': 'VIRTUAL_PATCH_AVAILABLE', 'cve_ids': 'CVE_ID', 'not_cve_ids': 'CVE_ID', 'exploitability': 'EXPLOITABILITY', 'malware_associated': 'ASSOCIATED_MALWARE', 'vendor_refs': 'VENDOR_REFERENCE', 'not_vendor_refs': 'VENDOR_REFERENCE', 'bugtraq_id': 'BUGTRAQ_ID', 'not_bugtraq_id': 'BUGTRAQ_ID', 'vuln_details': 'VULNERABILITY_DETAILS', 'compliance_details': 'COMPLIANCE_DETAILS', 'supported_modules': 'SUPPORTED_MODULES', 'compliance_types': 'COMPLIANCE_TYPES', 'qualys_top_lists': 'QUALYS_TOP_20', 'cpe': 'CPE', 'qids_not_exploitable': 'OTHER', 'non_running_services': 'OTHER', 'sans_20': 'OTHER', 'nac_nam': 'NETWORK_ACCESS', 'cvss_base': 'CVSS_BASE_SCORE', 'cvss_temp': 'CVSS_TEMPORAL_SCORE', 'cvss_access_vector': 'CVSS_ACCESS_VECTOR', 'cvss_base_operand': 'CVSS_BASE_SCORE_OPERAND', 'cvss_temp_operand': 'CVSS_TEMPORAL_SCORE_OPERAND', 'cvss3_base': 'CVSS3_BASE_SCORE', 'cvss3_temp': 'CVSS3_TEMPORAL_SCORE', 'cvss3_base_operand': 'CVSS3_BASE_SCORE_OPERAND', 'cvss3_temp_operand': 'CVSS3_TEMPORAL_SCORE_OPERAND', 'user_modified': 'USER_MODIFIED', 'published': 'PUBLISHED', 'service_modified': 'SERVICE_MODIFIED' } globalsl = '0' if searchlist.find('GLOBAL').text == 'Yes': globalsl = '1' fullurl = '%s/api/2.0/fo/qid/search_list/dynamic/?action=create&title=%s&global=%s&%s' % ( target_api.server, parse.quote( searchlist.find('TITLE').text), globalsl, searchliststr) if searchlist.find('COMMENTS') is not None: fullurl = '%s&comments=%s' % ( fullurl, parse.quote(searchlist.find('COMMENTS').text)) criteria = searchlist.find('CRITERIA') done_other = False for param in criteria_map.keys(): if criteria_map[param] == 'OTHER' and criteria.find( 'OTHER') is not None: if done_other: continue fullurl = '%s&%s' % (fullurl, convertOther(criteria.find('OTHER').text)) done_other = True continue if criteria_map[param] == 'USER_MODIFIED' and criteria.find( 'USER_MODIFIED') is not None: fullurl = '%s&%s' % (fullurl, convertModifiedFilters( criteria.find('USER_MODIFIED').text, 'user_modified')) continue if criteria_map[param] == 'SERVICE_MODIFIED' and criteria.find( 'SERVICE_MODIFIED') is not None: fullurl = '%s&%s' % (fullurl, convertModifiedFilters( criteria.find('SERVICE_MODIFIED').text, 'service_modified')) continue if criteria_map[param] == 'PUBLISHED' and criteria.find( 'PUBLISHED') is not None: fullurl = '%s&%s' % (fullurl, convertModifiedFilters( criteria.find('PUBLISHED').text, 'published')) continue if criteria_map[param] == 'DISCOVERY_METHOD': if criteria.find('DISCOVERY_METHOD').text == 'All': fullurl = '%s&%s' % (fullurl, 'discovery_methods=ALL') else: dm = criteria.find('DISCOVERY_METHOD').text if dm.find(' and ') >= 0: dmlist = dm.split(' and ') dmstr = ','.join(dmlist) else: dmstr = dm fullurl = '%s&%s' % (fullurl, 'discovery_methods=%s' % dmstr) continue if criteria_map[param] == 'PATCH_AVAILABLE' and criteria.find( 'PATCH_AVAILABLE') is not None: if criteria.find('PATCH_AVAILABLE').text == 'Yes': fullurl = '%s&%s' % (fullurl, 'patch_available=1') else: fullurl = '%s&%s' % (fullurl, 'patch_available=0') continue if criteria_map[param] == 'VIRTUAL_PATCH_AVAILABLE' and criteria.find( 'VIRTUAL_PATCH_AVAILABLE') is not None: if criteria.find('VIRTUAL_PATCH_AVAILABLE').text == 'Yes': fullurl = '%s&%s' % (fullurl, 'virtual_patch_available=1') else: fullurl = '%s&%s' % (fullurl, 'virtual_patch_available=0') continue if criteria_map[param] == 'QUALYS_TOP_20' and criteria.find( 'QUALYS_TOP_20') is not None: toplists = [] for toplist in criteria.find('QUALYS_TOP_20').text.split(','): if toplist == 'Top Internal 10': toplists.append('Internal_10') if toplist == 'Top External 10': toplists.append('External_10') fullurl = '%s&qualys_top_lists=%s' % (fullurl, ','.join(toplists)) continue if criteria.find('%s' % criteria_map[param]) is not None: if param[0:4] == 'not_': val = '0' if criteria.find('%s' % criteria_map[param]).text[0:3] == 'NOT': val = '1' fullurl = '%s&%s=%s' % (fullurl, param, val) else: if criteria_map[param][0:4] == 'NOT ': fullurl = '%s&%s=%s' % ( fullurl, param, parse.quote( criteria.find( '%s' % criteria_map[param]).text[4:])) else: fullurl = '%s&%s=%s' % ( fullurl, param, parse.quote( criteria.find('%s' % criteria_map[param]).text)) if simulate: print('Request String : %s' % fullurl) return '' resp = target_api.makeCall(url=fullurl) if not responseHandler(resp): print('QualysSearchListProcessor.createDynamicSearchList failed') return None return resp