コード例 #1
0
def launch_web_scan(target_url, project_id):
    try:
        with open(api_key_path, 'r+') as f:
            data = json.load(f)
            lod_apikey = data['zap_api_key']
            apikey = signing.loads(lod_apikey)
            zapath = data['zap_path']
            zap_port = data['zap_port']
    except Exception as e:
        print e

    zap = ZAPv2(apikey=apikey,
                proxies={
                    'http': 'http://127.0.0.1' + ':' + zap_port,
                    'https': 'http://127.0.0.1' + ':' + zap_port
                })

    print target_url
    try:
        abc = zapscanner.start_zap()
        print abc

    except Exception as e:
        print e
        return HttpResponseRedirect("/webscanners/scans_list/")

    time.sleep(10)

    all_excluded = excluded_db.objects.filter(
        Q(exclude_url__icontains=target_url))

    for data in all_excluded:
        global excluded_url
        excluded_url = data.exclude_url

    print "Exclude url ", excluded_url
    url_exclude = zap.spider.exclude_from_scan(regex=excluded_url)

    print "URL Excluded:", url_exclude

    all_cookie = cookie_db.objects.filter(url=target_url)
    for da in all_cookie:
        global cookies
        cookies = da.cookie
    remove_cookie = zap.replacer.remove_rule(target_url)
    print "Remove Cookie :", remove_cookie
    cookie_add = zap.replacer.add_rule(apikey=apikey,
                                       description=target_url,
                                       enabled="true",
                                       matchtype='REQ_HEADER',
                                       matchregex="false",
                                       replacement=cookies,
                                       matchstring="Cookie",
                                       initiators="")

    print "Cookies Added :", cookie_add
    zap.ajaxSpider.scan(target_url)
    scanid = zap.spider.scan(target_url)

    save_all = zap_spider_db(spider_url=target_url, spider_scanid=scanid)
    save_all.save()
    try:
        while (int(zap.spider.status(scanid)) < 100):
            # print 'Spider progress %:' + zap.spider.status(scanid)
            global spider_status
            spider_status = zap.spider.status(scanid)
            print "Spider progress", spider_status
            time.sleep(5)
    except Exception as e:
        print e

    spider_status = "100"

    spider_res_out = zap.spider.results(scanid)
    data_out = ("\n".join(map(str, spider_res_out)))
    print data_out
    total_spider = len(spider_res_out)
    # save_spider_results = zap_spider_results(spider_id=(scanid), spider_urls=(data_out))
    # save_spider_results.save()
    # del_temp = zap_spider_db.objects.filter(spider_scanid__icontains=scanid).order_by('spider_scanid')
    # del_temp.delete()
    # save_all = zap_spider_db(spider_url=target_url, spider_scanid=scanid, urls_num=total_spider)
    # save_all.save()

    print 'Spider Completed------'
    print 'Target :', target_url
    global spider_alert
    spider_alert = "Spider Completed"

    time.sleep(5)

    print 'Scanning Target %s' % target_url
    scan_scanid = zap.ascan.scan(target_url)
    un_scanid = uuid.uuid4()
    print "updated scanid :", un_scanid
    try:
        save_all_scan = zap_scans_db(project_id=project_id,
                                     scan_url=target_url,
                                     scan_scanid=un_scanid)
        save_all_scan.save()
    except Exception as e:
        print e
    # zap_scans_db.objects.filter(pk=some_value).update(field1='some value')
    try:
        while (int(zap.ascan.status(scan_scanid)) < 100):
            print 'Scan progress from zap_scan_lauch function  %: ' + zap.ascan.status(
                scan_scanid)
            global scans_status
            scans_status = zap.ascan.status(scan_scanid)
            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
                vul_status=scans_status)
            time.sleep(5)
    except Exception as e:
        print e

    # Save Vulnerability in database
    scans_status = "100"
    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
        vul_status=scans_status)
    print target_url
    time.sleep(5)

    all_vuln = zap.core.alerts(target_url)
    # print all_vuln

    for vuln in all_vuln:
        vuln_id = uuid.uuid4()
        confidence = vuln['confidence']
        wascid = vuln['wascid']
        cweid = vuln['cweid']
        risk = vuln['risk']
        reference = vuln['reference']
        url = vuln['url']
        name = vuln['name']
        solution = vuln['solution']
        param = vuln['param']
        evidence = vuln['evidence']
        sourceid = vuln['sourceid']
        pluginId = vuln['pluginId']
        other = vuln['other']
        attack = vuln['attack']
        messageId = vuln['messageId']
        method = vuln['method']
        alert = vuln['alert']
        ids = vuln['id']
        description = vuln['description']

        global vul_col

        if risk == 'High':
            vul_col = "important"
        elif risk == 'Medium':
            vul_col = "warning"
        elif risk == 'Low':
            vul_col = "info"

        dump_all = zap_scan_results_db(vuln_id=vuln_id,
                                       vuln_color=vul_col,
                                       scan_id=un_scanid,
                                       project_id=project_id,
                                       confidence=confidence,
                                       wascid=wascid,
                                       cweid=cweid,
                                       risk=risk,
                                       reference=reference,
                                       url=url,
                                       name=name,
                                       solution=solution,
                                       param=param,
                                       evidence=evidence,
                                       sourceid=sourceid,
                                       pluginId=pluginId,
                                       other=other,
                                       attack=attack,
                                       messageId=messageId,
                                       method=method,
                                       alert=alert,
                                       id=ids,
                                       description=description)
        dump_all.save()

    time.sleep(5)

    zap_all_vul = zap_scan_results_db.objects.filter(
        scan_id=un_scanid).order_by('scan_id')
    total_vul = len(zap_all_vul)
    total_high = len(zap_all_vul.filter(risk="High"))
    total_medium = len(zap_all_vul.filter(risk="Medium"))
    total_low = len(zap_all_vul.filter(risk="Low"))

    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
        total_vul=total_vul,
        high_vul=total_high,
        medium_vul=total_medium,
        low_vul=total_low)

    spider_alert = "Scan Completed"

    time.sleep(5)

    for msg in zap_all_vul:
        msg_id = msg.messageId
        request_response = zap.core.message(id=msg_id)
        ja_son = json.dumps(request_response)
        ss = ast.literal_eval(ja_son)
        for key, value in ss.viewitems():
            global note
            if key == "note":
                note = value
            global rtt
            if key == "rtt":
                rtt = value
            global tags
            if key == "tags":
                tags = value
            global timestamp
            if key == "timestamp":
                timestamp = value
            global responseHeader
            if key == "responseHeader":
                responseHeader = value
            global requestBody
            if key == "requestBody":
                requestBody = value
            global responseBody
            if key == "responseBody":
                responseBody = value
            global requestHeader
            if key == "requestHeader":
                requestHeader = value
            global cookieParams
            if key == "cookieParams":
                cookieParams = value
            global res_type
            if key == "type":
                res_type = value
            global res_id
            if key == "id":
                res_id = value

        zap_scan_results_db.objects.filter(messageId=msg_id).update(
            note=note,
            rtt=rtt,
            tags=tags,
            timestamp=timestamp,
            responseHeader=responseHeader,
            requestBody=requestBody,
            responseBody=responseBody,
            requestHeader=requestHeader,
            cookieParams=cookieParams,
            res_type=res_type,
            res_id=res_id)
        print msg_id
        print res_id
コード例 #2
0
ファイル: web_views.py プロジェクト: pombredanne/archerysec
def launch_web_scan(target_url, project_id):
    try:
        with open(api_key_path, 'r+') as f:
            data = json.load(f)
            lod_apikey = data['zap_api_key']
            apikey = signing.loads(lod_apikey)
            zapath = data['zap_path']
            zap_port = data['zap_port']
    except Exception as e:
        print e

    # Define settings to ZAP Proxy
    zap = ZAPv2(apikey=apikey,
                proxies={
                    'http': 'http://127.0.0.1' + ':' + zap_port,
                    'https': 'http://127.0.0.1' + ':' + zap_port
                })
    """
        Zap scan start
    """
    try:
        # ZAP launch function
        zapscanner.start_zap()

    except Exception as e:
        print e
        print "ZAP Failed.............."
        print "ZAP Restarting"

    time.sleep(15)

    # Get Excluded URL from excluded_db models
    try:
        all_excluded = excluded_db.objects.filter(
            Q(exclude_url__icontains=target_url))

        for data in all_excluded:
            global excluded_url
            excluded_url = data.exclude_url
            print "excluded url ", excluded_url

        print "Excluded url ", excluded_url

        # Excluding URL from scans in zap API
        url_exclude = zap.spider.exclude_from_scan(regex=excluded_url)

        print "URL Excluded:", url_exclude
    except Exception as e:
        print "ZAP Failed.............."
        print "ZAP Restarting"

    all_cookie = cookie_db.objects.filter(Q(url__icontains=target_url))
    for da in all_cookie:
        global cookies
        cookies = da.cookie
        print da.url
        print "Cookies from database:", cookies
    try:
        remove_cookie = zap.replacer.remove_rule(target_url)
    except Exception as e:
        print e
    print "Remove Cookie :", remove_cookie
    # Adding cookies value
    try:
        cookie_add = zap.replacer.add_rule(apikey=apikey,
                                           description=target_url,
                                           enabled="true",
                                           matchtype='REQ_HEADER',
                                           matchregex="false",
                                           replacement=cookies,
                                           matchstring="Cookie",
                                           initiators="")

        print "Cookies Added :", cookie_add
    except Exception as e:
        print e

    zap.ajaxSpider.scan(target_url)
    try:

        scanid = zap.spider.scan(target_url)
        save_all = zap_spider_db(spider_url=target_url, spider_scanid=scanid)
        save_all.save()
    except Exception as e:
        print e

    try:
        while (int(zap.spider.status(scanid)) < 100):
            global spider_status
            spider_status = zap.spider.status(scanid)
            print "Spider progress", spider_status
            time.sleep(5)
    except Exception as e:
        print e

    spider_status = "100"

    spider_res_out = zap.spider.results(scanid)
    data_out = ("\n".join(map(str, spider_res_out)))
    print data_out

    print 'Spider Completed------'
    print 'Target :', target_url
    global spider_alert
    spider_alert = "Spider Completed"

    time.sleep(5)

    print 'Scanning Target %s' % target_url
    """
        ZAP Scan trigger on target_url
    """
    try:
        scan_scanid = zap.ascan.scan(target_url)
    except Exception as e:
        print e

    un_scanid = uuid.uuid4()
    date_time = datetime.datetime.now()
    try:
        save_all_scan = zap_scans_db(project_id=project_id,
                                     scan_url=target_url,
                                     scan_scanid=un_scanid,
                                     date_time=date_time)
        save_all_scan.save()
    except Exception as e:
        print e

    try:
        while (int(zap.ascan.status(scan_scanid)) < 100):
            print 'ZAP Scan Status  %: ' + zap.ascan.status(scan_scanid)
            global scans_status
            scans_status = zap.ascan.status(scan_scanid)
            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
                vul_status=scans_status)
            time.sleep(5)
    except Exception as e:
        print e

    # Save Vulnerability in database
    scans_status = "100"
    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
        vul_status=scans_status)
    print target_url
    time.sleep(5)
    all_vuln = zap.core.alerts(target_url)

    for vuln in all_vuln:
        vuln_id = uuid.uuid4()
        confidence = vuln['confidence']
        wascid = vuln['wascid']
        cweid = vuln['cweid']
        risk = vuln['risk']
        reference = vuln['reference']
        url = vuln['url']
        name = vuln['name']
        solution = vuln['solution']
        param = vuln['param']
        evidence = vuln['evidence']
        sourceid = vuln['sourceid']
        pluginId = vuln['pluginId']
        other = vuln['other']
        attack = vuln['attack']
        messageId = vuln['messageId']
        method = vuln['method']
        alert = vuln['alert']
        ids = vuln['id']
        description = vuln['description']

        global vul_col

        if risk == 'High':
            vul_col = "important"
        elif risk == 'Medium':
            vul_col = "warning"
        elif risk == 'Low':
            vul_col = "info"
        else:
            vul_col = "info"

        # date_time = datetime.datetime.now()

        dump_all = zap_scan_results_db(vuln_id=vuln_id,
                                       vuln_color=vul_col,
                                       scan_id=un_scanid,
                                       project_id=project_id,
                                       confidence=confidence,
                                       wascid=wascid,
                                       cweid=cweid,
                                       risk=risk,
                                       reference=reference,
                                       url=url,
                                       name=name,
                                       solution=solution,
                                       param=param,
                                       evidence=evidence,
                                       sourceid=sourceid,
                                       pluginId=pluginId,
                                       other=other,
                                       attack=attack,
                                       messageId=messageId,
                                       method=method,
                                       alert=alert,
                                       ids=ids,
                                       description=description)
        dump_all.save()

    time.sleep(5)

    zap_all_vul = zap_scan_results_db.objects.filter(scan_id=un_scanid).values(
        'name', 'risk', 'vuln_color').distinct()

    total_vul = len(zap_all_vul)
    total_high = len(zap_all_vul.filter(risk="High"))
    total_medium = len(zap_all_vul.filter(risk="Medium"))
    total_low = len(zap_all_vul.filter(risk="Low"))

    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
        total_vul=total_vul,
        high_vul=total_high,
        medium_vul=total_medium,
        low_vul=total_low)

    spider_alert = "Scan Completed"

    time.sleep(10)

    print un_scanid

    zap_web_all = zap_scan_results_db.objects.filter(scan_id=un_scanid)
    for m in zap_web_all:
        msg_id = m.messageId
        request_response = zap.core.message(id=msg_id)
        ja_son = json.dumps(request_response)
        ss = ast.literal_eval(ja_son)

        for key, value in ss.viewitems():
            global note
            if key == "note":
                note = value
            global rtt
            if key == "rtt":
                rtt = value
            global tags
            if key == "tags":
                tags = value
            global timestamp
            if key == "timestamp":
                timestamp = value
            global responseHeader
            if key == "responseHeader":
                responseHeader = value
            global requestBody
            if key == "requestBody":
                requestBody = value
            global responseBody
            if key == "responseBody":
                responseBody = value
            global requestHeader
            if key == "requestHeader":
                requestHeader = value
            global cookieParams
            if key == "cookieParams":
                cookieParams = value
            global res_type
            if key == "type":
                res_type = value
            global res_id
            if key == "id":
                res_id = value

        zap_scan_results_db.objects.filter(messageId=msg_id).update(
            note=note,
            rtt=rtt,
            tags=tags,
            timestamp=timestamp,
            responseHeader=responseHeader,
            requestBody=requestBody,
            responseBody=responseBody,
            requestHeader=requestHeader,
            cookieParams=cookieParams,
            res_type=res_type,
            res_id=res_id)

    zapscanner.stop_zap()
    try:
        email_notification.email_notify()
    except Exception as e:
        print e

    return HttpResponse(status=201)
コード例 #3
0
def url_api_scan(request):
    if request.POST.get("auth_val"):
        auth_val = request.POST.get("auth_val")
        print auth_val
        if auth_val == 'No':
            target_url = request.POST.get("scan_url")
            req_header = ast.literal_eval(request.POST.get("req_header"))
            req_body = request.POST.get("req_body")
            method = request.POST.get("method")
            project_id = request.POST.get("project_id")
            scan_id = request.POST.get("scan_id")
            auth_token_key = request.POST.get("auth_token_key")
            try:
                with open(api_key_path, 'r+') as f:
                    data = json.load(f)
                    lod_apikey = data['zap_api_key']
                    apikey = signing.loads(lod_apikey)
                    zapath = data['zap_path']
                    zap_port = data['zap_port']
            except Exception as e:
                print e

            zap = ZAPv2(apikey=apikey,
                        proxies={
                            'http': 'http://127.0.0.1' + ':' + zap_port,
                            'https': 'http://127.0.0.1' + ':' + zap_port
                        })

            print target_url
            """
                ***Starting ZAP Scanner***
            """
            try:
                zap_scanner = zapscanner.start_zap()
                print "Status of zap scanner:", zap_scanner

            except Exception as e:
                print e
                return HttpResponseRedirect("/webscanners/scans_list/")
            """
                *****End zap scanner****
            """

            time.sleep(10)
            """ Excluding URL from scanner """

            scanid = zap.spider.scan(target_url)

            save_all = zap_spider_db(spider_url=target_url,
                                     spider_scanid=scanid)
            save_all.save()
            try:
                while (int(zap.spider.status(scanid)) < 100):
                    # print 'Spider progress %:' + zap.spider.status(scanid)
                    global spider_status
                    spider_status = zap.spider.status(scanid)
                    print "Spider progress", spider_status
                    time.sleep(5)
            except Exception as e:
                print e

            spider_status = "100"

            spider_res_out = zap.spider.results(scanid)
            data_out = ("\n".join(map(str, spider_res_out)))
            print data_out
            total_spider = len(spider_res_out)

            print 'Spider Completed------'
            print 'Target :', target_url
            global spider_alert
            spider_alert = "Spider Completed"

            time.sleep(5)

            print 'Scanning Target %s' % target_url
            scan_scanid = zap.ascan.scan(target_url)
            un_scanid = uuid.uuid4()
            print "updated scanid :", un_scanid
            try:
                save_all_scan = zap_scans_db(project_id=project_id,
                                             scan_url=target_url,
                                             scan_scanid=un_scanid)
                save_all_scan.save()
            except Exception as e:
                print e
            # zap_scans_db.objects.filter(pk=some_value).update(field1='some value')
            try:
                while (int(zap.ascan.status(scan_scanid)) < 100):
                    print 'Scan progress from zap_scan_lauch function  %: ' + zap.ascan.status(
                        scan_scanid)
                    global scans_status
                    scans_status = zap.ascan.status(scan_scanid)
                    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
                        vul_status=scans_status)
                    time.sleep(5)
            except Exception as e:
                print e

            # Save Vulnerability in database
            scans_status = "100"
            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
                vul_status=scans_status)
            print target_url
            time.sleep(5)

            all_vuln = zap.core.alerts(target_url)
            # print all_vuln

            for vuln in all_vuln:
                vuln_id = uuid.uuid4()
                confidence = vuln['confidence']
                wascid = vuln['wascid']
                cweid = vuln['cweid']
                risk = vuln['risk']
                reference = vuln['reference']
                url = vuln['url']
                name = vuln['name']
                solution = vuln['solution']
                param = vuln['param']
                evidence = vuln['evidence']
                sourceid = vuln['sourceid']
                pluginId = vuln['pluginId']
                other = vuln['other']
                attack = vuln['attack']
                messageId = vuln['messageId']
                method = vuln['method']
                alert = vuln['alert']
                ids = vuln['id']
                description = vuln['description']

                global vul_col

                if risk == 'High':
                    vul_col = "important"
                elif risk == 'Medium':
                    vul_col = "warning"
                elif risk == 'Low':
                    vul_col = "info"

                dump_all = zap_scan_results_db(vuln_id=vuln_id,
                                               vuln_color=vul_col,
                                               scan_id=un_scanid,
                                               project_id=project_id,
                                               confidence=confidence,
                                               wascid=wascid,
                                               cweid=cweid,
                                               risk=risk,
                                               reference=reference,
                                               url=url,
                                               name=name,
                                               solution=solution,
                                               param=param,
                                               evidence=evidence,
                                               sourceid=sourceid,
                                               pluginId=pluginId,
                                               other=other,
                                               attack=attack,
                                               messageId=messageId,
                                               method=method,
                                               alert=alert,
                                               id=ids,
                                               description=description)
                dump_all.save()

            time.sleep(5)

            zap_all_vul = zap_scan_results_db.objects.filter(
                scan_id=un_scanid).order_by('scan_id')
            total_vul = len(zap_all_vul)
            total_high = len(zap_all_vul.filter(risk="High"))
            total_medium = len(zap_all_vul.filter(risk="Medium"))
            total_low = len(zap_all_vul.filter(risk="Low"))

            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(
                total_vul=total_vul,
                high_vul=total_high,
                medium_vul=total_medium,
                low_vul=total_low)

            spider_alert = "Scan Completed"

            time.sleep(5)

            for msg in zap_all_vul:
                msg_id = msg.messageId
                request_response = zap.core.message(id=msg_id)
                ja_son = json.dumps(request_response)
                ss = ast.literal_eval(ja_son)
                for key, value in ss.viewitems():
                    global note
                    if key == "note":
                        note = value
                    global rtt
                    if key == "rtt":
                        rtt = value
                    global tags
                    if key == "tags":
                        tags = value
                    global timestamp
                    if key == "timestamp":
                        timestamp = value
                    global responseHeader
                    if key == "responseHeader":
                        responseHeader = value
                    global requestBody
                    if key == "requestBody":
                        requestBody = value
                    global responseBody
                    if key == "responseBody":
                        responseBody = value
                    global requestHeader
                    if key == "requestHeader":
                        requestHeader = value
                    global cookieParams
                    if key == "cookieParams":
                        cookieParams = value
                    global res_type
                    if key == "type":
                        res_type = value
                    global res_id
                    if key == "id":
                        res_id = value

                zap_scan_results_db.objects.filter(messageId=msg_id).update(
                    note=note,
                    rtt=rtt,
                    tags=tags,
                    timestamp=timestamp,
                    responseHeader=responseHeader,
                    requestBody=requestBody,
                    responseBody=responseBody,
                    requestHeader=requestHeader,
                    cookieParams=cookieParams,
                    res_type=res_type,
                    res_id=res_id)
                print msg_id
                print res_id

            zap_scanner = zapscanner.stop_zap()
            print "Status of zap scanner:", zap_scanner

            return HttpResponseRedirect('/scanapi/')

    return render(request, 'api_scan_list.html')
コード例 #4
0
def authenticate(request):
    global keyl
    if request.POST.get("scan_url"):
        auth_val = request.POST.get("auth_val")
        if auth_val == 'Yes':
            scan_url = request.POST.get("scan_url")
            req_header = ast.literal_eval(request.POST.get("req_header"))
            req_body = request.POST.get("req_body")
            method = request.POST.get("method")
            project_id = request.POST.get("project_id")
            scan_id = request.POST.get("scan_id")
            auth_token_key = request.POST.get("auth_token_key")
            extra_val_in_auth = request.POST.get("extra_auth_value")

            print scan_url
            p = json.loads(json.dumps(req_header))
            print p
            for key, value in p.iteritems():
                print key, value

            r = requests.post(scan_url, headers=req_header, data=req_body)

            data = json.loads(r.text)
            for key, value in data.viewitems():
                keyl = data[key]
                api_token = extra_val_in_auth + " " + keyl
                print api_token

                try:
                    with open(api_key_path, 'r+') as f:
                        data = json.load(f)
                        lod_apikey = data['zap_api_key']
                        apikey = signing.loads(lod_apikey)
                        zapath = data['zap_path']
                        zap_port = data['zap_port']
                except Exception as e:
                    print e

                zap = ZAPv2(apikey=apikey,
                            proxies={
                                'http': 'http://127.0.0.1' + ':' + zap_port,
                                'https': 'http://127.0.0.1' + ':' + zap_port
                            })
                try:
                    zap_scanner = zapscanner.start_zap()
                    print "Status of zap scanner:", zap_scanner

                except Exception as e:
                    print e
                    return HttpResponseRedirect("/webscanners/scans_list/")

                time.sleep(10)
                """ Excluding URL from scanner """

                remove_auth = zap.replacer.remove_rule(scan_url)
                print "Remove Auth :", remove_auth
                print "Auth token Key :", auth_token_key
                auth_token_add = zap.replacer.add_rule(
                    apikey=apikey,
                    description=scan_url,
                    enabled="true",
                    matchtype='REQ_HEADER',
                    matchregex="false",
                    replacement=api_token,
                    matchstring=auth_token_key,
                    initiators="")

                print "Auth Added :", auth_token_add

                p = json.loads(json.dumps(req_header))
                print p
                for key, value in p.iteritems():
                    print key, value
                # remove_header = zap.replacer.remove_rule(target_url)
                # print "Remove extra value header :", remove_header
                header_add = zap.replacer.add_rule(apikey=apikey,
                                                   description=scan_url,
                                                   enabled="true",
                                                   matchtype='REQ_HEADER',
                                                   matchregex="false",
                                                   replacement=value,
                                                   matchstring=key,
                                                   initiators="")
                print "Cookies Added :", header_add

                api_token_db.objects.filter(scan_url=scan_url).update(
                    api_token=api_token)

                return HttpResponseRedirect('/scanapi/')

    else:

        return HttpResponseRedirect('/scanapi/')
コード例 #5
0
ファイル: views.py プロジェクト: Spr1ngBr0ther/archerysec
def url_api_scan(request):
    if request.POST.get("auth_val"):
        auth_val = request.POST.get("auth_val")
        print auth_val
        if auth_val == 'No':
            target_url = request.POST.get("scan_url")
            req_header = ast.literal_eval(request.POST.get("req_header"))
            req_body = request.POST.get("req_body")
            method = request.POST.get("method")
            project_id = request.POST.get("project_id")
            scan_id = request.POST.get("scan_id")
            auth_token_key = request.POST.get("auth_token_key")
            try:
                with open(api_key_path, 'r+') as f:
                    data = json.load(f)
                    lod_apikey = data['zap_api_key']
                    apikey = signing.loads(lod_apikey)
                    zapath = data['zap_path']
                    zap_port = data['zap_port']
            except Exception as e:
                print e

            zap = ZAPv2(apikey=apikey,
                        proxies={'http': 'http://127.0.0.1' + ':' + zap_port,
                                 'https': 'http://127.0.0.1' + ':' + zap_port})

            print target_url

            """
                ***Starting ZAP Scanner***
            """
            try:
                zap_scanner = zapscanner.start_zap()
                print "Status of zap scanner:", zap_scanner

            except Exception as e:
                print e
                return HttpResponseRedirect("/webscanners/scans_list/")

            """
                *****End zap scanner****
            """

            time.sleep(10)

            """ Excluding URL from scanner """

            scanid = zap.spider.scan(target_url)

            save_all = zap_spider_db(spider_url=target_url, spider_scanid=scanid)
            save_all.save()
            try:
                while (int(zap.spider.status(scanid)) < 100):
                    # print 'Spider progress %:' + zap.spider.status(scanid)
                    global spider_status
                    spider_status = zap.spider.status(scanid)
                    print "Spider progress", spider_status
                    time.sleep(5)
            except Exception as e:
                print e

            spider_status = "100"

            spider_res_out = zap.spider.results(scanid)
            data_out = ("\n".join(map(str, spider_res_out)))
            print data_out
            total_spider = len(spider_res_out)

            print 'Spider Completed------'
            print 'Target :', target_url
            global spider_alert
            spider_alert = "Spider Completed"

            time.sleep(5)

            print 'Scanning Target %s' % target_url
            scan_scanid = zap.ascan.scan(target_url)
            un_scanid = uuid.uuid4()
            print "updated scanid :", un_scanid
            try:
                save_all_scan = zap_scans_db(project_id=project_id, scan_url=target_url, scan_scanid=un_scanid)
                save_all_scan.save()
            except Exception as e:
                print e
            # zap_scans_db.objects.filter(pk=some_value).update(field1='some value')
            try:
                while (int(zap.ascan.status(scan_scanid)) < 100):
                    print 'Scan progress from zap_scan_lauch function  %: ' + zap.ascan.status(scan_scanid)
                    global scans_status
                    scans_status = zap.ascan.status(scan_scanid)
                    zap_scans_db.objects.filter(scan_scanid=un_scanid).update(vul_status=scans_status)
                    time.sleep(5)
            except Exception as e:
                print e

            # Save Vulnerability in database
            scans_status = "100"
            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(vul_status=scans_status)
            print target_url
            time.sleep(5)

            all_vuln = zap.core.alerts(target_url)
            # print all_vuln

            for vuln in all_vuln:
                vuln_id = uuid.uuid4()
                confidence = vuln['confidence']
                wascid = vuln['wascid']
                cweid = vuln['cweid']
                risk = vuln['risk']
                reference = vuln['reference']
                url = vuln['url']
                name = vuln['name']
                solution = vuln['solution']
                param = vuln['param']
                evidence = vuln['evidence']
                sourceid = vuln['sourceid']
                pluginId = vuln['pluginId']
                other = vuln['other']
                attack = vuln['attack']
                messageId = vuln['messageId']
                method = vuln['method']
                alert = vuln['alert']
                ids = vuln['id']
                description = vuln['description']

                global vul_col

                if risk == 'High':
                    vul_col = "important"
                elif risk == 'Medium':
                    vul_col = "warning"
                elif risk == 'Low':
                    vul_col = "info"

                dump_all = zap_scan_results_db(vuln_id=vuln_id, vuln_color=vul_col, scan_id=un_scanid,
                                               project_id=project_id,
                                               confidence=confidence, wascid=wascid,
                                               cweid=cweid,
                                               risk=risk, reference=reference, url=url, name=name,
                                               solution=solution,
                                               param=param, evidence=evidence, sourceid=sourceid, pluginId=pluginId,
                                               other=other, attack=attack, messageId=messageId, method=method,
                                               alert=alert, id=ids, description=description)
                dump_all.save()

            time.sleep(5)

            zap_all_vul = zap_scan_results_db.objects.filter(scan_id=un_scanid).order_by('scan_id')
            total_vul = len(zap_all_vul)
            total_high = len(zap_all_vul.filter(risk="High"))
            total_medium = len(zap_all_vul.filter(risk="Medium"))
            total_low = len(zap_all_vul.filter(risk="Low"))

            zap_scans_db.objects.filter(scan_scanid=un_scanid).update(total_vul=total_vul, high_vul=total_high,
                                                                      medium_vul=total_medium, low_vul=total_low)

            spider_alert = "Scan Completed"

            time.sleep(5)

            for msg in zap_all_vul:
                msg_id = msg.messageId
                request_response = zap.core.message(id=msg_id)
                ja_son = json.dumps(request_response)
                ss = ast.literal_eval(ja_son)
                for key, value in ss.viewitems():
                    global note
                    if key == "note":
                        note = value
                    global rtt
                    if key == "rtt":
                        rtt = value
                    global tags
                    if key == "tags":
                        tags = value
                    global timestamp
                    if key == "timestamp":
                        timestamp = value
                    global responseHeader
                    if key == "responseHeader":
                        responseHeader = value
                    global requestBody
                    if key == "requestBody":
                        requestBody = value
                    global responseBody
                    if key == "responseBody":
                        responseBody = value
                    global requestHeader
                    if key == "requestHeader":
                        requestHeader = value
                    global cookieParams
                    if key == "cookieParams":
                        cookieParams = value
                    global res_type
                    if key == "type":
                        res_type = value
                    global res_id
                    if key == "id":
                        res_id = value

                zap_scan_results_db.objects.filter(messageId=msg_id).update(note=note, rtt=rtt, tags=tags,
                                                                            timestamp=timestamp,
                                                                            responseHeader=responseHeader,
                                                                            requestBody=requestBody,
                                                                            responseBody=responseBody,
                                                                            requestHeader=requestHeader,
                                                                            cookieParams=cookieParams,
                                                                            res_type=res_type,
                                                                            res_id=res_id)
                print msg_id
                print res_id

            zap_scanner = zapscanner.stop_zap()
            print "Status of zap scanner:", zap_scanner

            return HttpResponseRedirect('/scanapi/')

    return render(request, 'api_scan_list.html')
コード例 #6
0
ファイル: views.py プロジェクト: Spr1ngBr0ther/archerysec
def authenticate(request):
    global keyl
    if request.POST.get("scan_url"):
        auth_val = request.POST.get("auth_val")
        if auth_val == 'Yes':
            scan_url = request.POST.get("scan_url")
            req_header = ast.literal_eval(request.POST.get("req_header"))
            req_body = request.POST.get("req_body")
            method = request.POST.get("method")
            project_id = request.POST.get("project_id")
            scan_id = request.POST.get("scan_id")
            auth_token_key = request.POST.get("auth_token_key")
            extra_val_in_auth = request.POST.get("extra_auth_value")

            print scan_url
            p = json.loads(json.dumps(req_header))
            print p
            for key, value in p.iteritems():
                print key, value

            r = requests.post(scan_url, headers=req_header, data=req_body)

            data = json.loads(r.text)
            for key, value in data.viewitems():
                keyl = data[key]
                api_token = extra_val_in_auth + " " + keyl
                print api_token

                try:
                    with open(api_key_path, 'r+') as f:
                        data = json.load(f)
                        lod_apikey = data['zap_api_key']
                        apikey = signing.loads(lod_apikey)
                        zapath = data['zap_path']
                        zap_port = data['zap_port']
                except Exception as e:
                    print e

                zap = ZAPv2(apikey=apikey,
                            proxies={'http': 'http://127.0.0.1' + ':' + zap_port,
                                     'https': 'http://127.0.0.1' + ':' + zap_port})
                try:
                    zap_scanner = zapscanner.start_zap()
                    print "Status of zap scanner:", zap_scanner

                except Exception as e:
                    print e
                    return HttpResponseRedirect("/webscanners/scans_list/")

                time.sleep(10)

                """ Excluding URL from scanner """

                remove_auth = zap.replacer.remove_rule(scan_url)
                print "Remove Auth :", remove_auth
                print "Auth token Key :", auth_token_key
                auth_token_add = zap.replacer.add_rule(apikey=apikey, description=scan_url, enabled="true",
                                                       matchtype='REQ_HEADER', matchregex="false",
                                                       replacement=api_token,
                                                       matchstring=auth_token_key, initiators="")

                print "Auth Added :", auth_token_add

                p = json.loads(json.dumps(req_header))
                print p
                for key, value in p.iteritems():
                    print key, value
                # remove_header = zap.replacer.remove_rule(target_url)
                # print "Remove extra value header :", remove_header
                header_add = zap.replacer.add_rule(apikey=apikey, description=scan_url, enabled="true",
                                                   matchtype='REQ_HEADER', matchregex="false",
                                                   replacement=value,
                                                   matchstring=key, initiators="")
                print "Cookies Added :", header_add

                api_token_db.objects.filter(scan_url=scan_url).update(api_token=api_token)

                return HttpResponseRedirect('/scanapi/')

    else:

        return HttpResponseRedirect('/scanapi/')