def import_scan(pid): """ Import scan data into the database associated with the pid. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) if flask.request.method == 'GET': files = db.importdb.get_imported_files() return flask.render_template('import.html', pid=pid, files=files, name=project['name']) else: i = importscan.Import(project['dbfile']) scans = flask.request.files.getlist("scans[]") for scan in scans: res = i.import_scan(scan.read()) if res is True: db.importdb.add_import_file(scan.filename) a = attacks.Attack(project['dbfile']) a.find_attacks() return flask.redirect(flask.url_for('get_project', pid=pid))
def host(pid, ip): """ Get all the information about a host. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) if flask.request.method == 'POST': note = flask.request.form['note'] db.hostdb.update_host_note(ip, note) data = db.get_host_details(ip) if data is None: flask.abort(404) details = {} for item in data['items']: key = "{0}/{1}".format(item['port'], item['protocol']) if details.get(key) is None: details[key] = [] details[key].append(item['note']) else: details[key].append(item['note']) keys = sorted(details.keys(), key=lambda x: int(x.split('/')[0])) note = data['note'] return flask.render_template('host.html', pid=pid, host=ip, details=details, keys=keys, note=note, name=project['name'])
def host_notes(pid): """ Display all host notes. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) notes = db.get_host_notes() return flask.render_template('notes.html', pid=pid, notes=notes)
def item(pid, item_id): """ Get all the information about an item. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) item = db.get_item(item_id) if item is None: flask.abort(404) return flask.render_template('item.html', pid=pid, item=item)
def attack_notes(pid): """ Display all attack notes. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) notes = db.attackdb.get_attack_notes() return flask.render_template('notes.html', pid=pid, notes=notes, name=project['name'])
def get_project(pid): """ Get a project, including the list of hosts attacks. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) attacks = db.attackdb.get_attacks() return flask.render_template('project.html', pid=pid, note=project['note'], name=project['name'], attacks=attacks)
def hosts(pid): """ Get summary inforation about all imported hosts. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) hosts = db.get_summary() unique = db.get_unique() return flask.render_template('hosts.html', pid=pid, name=project['name'], hosts=hosts, unique=unique)
def host(pid, ip): """ Get all the information about a host. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) if flask.request.method == 'POST': note = flask.request.form['note'] db.update_host_note(ip, note) data = db.get_host(ip) if data is None: flask.abort(404) return flask.render_template('host.html', pid=pid, host=ip, data=data)
def projects(): """ Get a list of all projects. """ pdb = database.ProjectDatabase() stats = {} if flask.request.method == 'POST': name = flask.request.form['project_name'] pdb.create_project(name) project_list = pdb.get_projects() for project in project_list: db = database.ScanDatabase(project['dbfile']) stats[project['id']] = db.get_stats() return flask.render_template('projects.html', projects=project_list, stats=stats)
def hosts(pid): """ Get summary inforation about all imported hosts. """ project = get_project_db(pid) ports = {} db = database.ScanDatabase(project['dbfile']) hosts = db.itemdb.get_ports() for host in hosts: ports[host] = { 'tcp': sorted(set([p[1] for p in hosts[host] if p[0] == 'tcp'])), 'udp': sorted(set([p[1] for p in hosts[host] if p[0] == 'udp'])) } return flask.render_template('hosts.html', pid=pid, name=project['name'], ports=ports)
def get_attack(pid, aid): """ Get list of all the hosts possibly vulnerable to the attack. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) if flask.request.method == 'POST': note = flask.request.form['note'] db.update_attack_note(aid, note) attack = db.get_attack(aid) if attack is None: flask.abort(404) items = [i.split(':') for i in attack['items'].split(',')] return flask.render_template('attack.html', pid=pid, attack=attack, items=items)
def get_project(pid): """ Get a project, including the list of hosts attacks. """ project = get_project_db(pid) ports = {} db = database.ScanDatabase(project['dbfile']) hosts = db.get_hosts() attacks = db.get_attacks() for host in hosts: ip = host['ip'] data = db.get_host(host['ip']) ports[ip] = [str(p) for p in data['ports'] if p != 0] return flask.render_template('project.html', pid=pid, project=project['name'], hosts=hosts, ports=ports, attacks=attacks)
def hosts(pid): """ Get summary inforation about all imported hosts. """ project = get_project_db(pid) db = database.ScanDatabase(project['dbfile']) summary = db.itemdb.get_summary() hosts = {} ips = sorted(summary['ips'], key=lambda x: ip_key(x[0])) tcp = [str(p) for p in summary['tcp']] udp = [str(p) for p in summary['udp']] for host in summary['hosts']: ip = host['ip'] port = host['port'] proto = host['protocol'] if ip not in hosts: hosts[ip] = {'tcp': [], 'udp': []} if host['protocol'] == 'tcp': hosts[ip]['tcp'].append(port) elif host['protocol'] == 'udp': hosts[ip]['udp'].append(port) else: pass for host in hosts: hosts[host]['tcp'] = [str(t) for t in sorted(set(hosts[host]['tcp']))] hosts[host]['udp'] = [str(t) for t in sorted(set(hosts[host]['udp']))] return flask.render_template('hosts.html', pid=pid, name=project['name'], hosts=hosts, ips=ips, tcp=tcp, udp=udp)
def __init__(self, db_file): self.log = logging.getLogger('IMPORT') self.db = database.ScanDatabase(db_file)
def __init__(self, project_file): self.db = database.ScanDatabase(project_file) self.log = logging.getLogger('ATTACK') self.attacks = self.load_attacks(ATK_FILE)