def scanner_import(scanner=None, filename=None, addnoports=False, asset_group=None, engineer=None, msf_settings={}, ip_ignore_list=None, ip_include_list=None, update_hosts=False, **kwargs): """ Imports a Scanner XML file to Kvasir """ if not isinstance(scanner, str): return False scanner = scanner.upper() if scanner == 'NMAP': from skaldship.nmap import process_xml logger.info("Processing nmap file: %s" % (filename)) process_xml( filename=filename, addnoports=addnoports, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'NEXPOSE': from skaldship.nexpose import process_xml logger.info("Processing Nexpose file: %s" % (filename)) process_xml( filename=filename, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'NESSUS': from skaldship.nessus.processor import process_scanfile logger.info("Processing Nessus file: %s" % (filename)) process_scanfile( filename=filename, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'METASPLOIT': from skaldship.metasploit.pro import process_report_xml logger.info("Processing Metasploit Pro file: %s" % filename) process_report_xml( filename=filename, asset_group=asset_group, engineer=engineer, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'SHODANHQ': from skaldship.shodanhq import process_report logger.info("Processing ShodanHQ file: %s" % (filename)) process_report( filename=filename, host_list=kwargs.get('hosts') or [], query=kwargs.get('query') or None, asset_group=asset_group, engineer=engineer, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, #update_hosts=update_hosts, ) return True
def import_report_xml(): """ Upload/import Metasploit XML export file """ import time import os from skaldship.general import check_datadir msf_settings = msf_get_config(session) response.title = "%s :: Import Metasploit Pro Report XML" % ( settings.title) filedir = os.path.join(request.folder, 'data', 'scanfiles') fields = [] alert = False error = None # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) fields.append( Field('f_filename', 'upload', uploadfolder=filedir, label=T('Metasploit XML File'))) # check to see if we have a Metasploit Pro instance configured and talking # if so pull a list of the workspaces and present them try: from MetasploitProAPI import MetasploitProAPI, MSFProAPIError msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) except ImportError as error: msf = None if msf: try: msf_reports_res = msf.report_list( workspace=msf_settings['workspace']) except MSFProAPIError as error: msf_reports_res = None if msf_reports_res: from datetime import datetime msf_reports = [] for rpt in list(msf_reports_res.keys()): report_name = "Generated: %s" % (datetime.strftime( datetime.fromtimestamp(msf_reports_res[rpt]['created_at']), "%m-%d-%y %H:%M:%S")) msf_reports.append([rpt, report_name]) fields.append( Field('f_msf_report', type='string', label=T('MSF Pro Report'), requires=IS_EMPTY_OR(IS_IN_SET(msf_reports, zero=None)))) fields.append( Field('f_engineer', type='integer', label=T('Engineer'), default=auth.user.id, requires=IS_IN_SET(userlist))) fields.append( Field('f_asset_group', type='string', label=T('Asset Group for new Hosts'), default="Metasploit Import", requires=IS_NOT_EMPTY())) fields.append( Field('f_include_list', type='text', label=T('Hosts to Only Include'))) fields.append( Field('f_ignore_list', type='text', label=T('Hosts to Ignore'))) fields.append( Field('f_update_hosts', type='boolean', default=True, label=T('Update Existing Hosts'))) fields.append( Field('f_taskit', type='boolean', default=auth.user.f_scheduler_tasks, label=T('Run in background task'))) form = SQLFORM.factory(*fields, table_name='metasploit_xml') if form.errors: response.flash = 'Error in form' elif form.accepts(request.vars, session): # build the hosts only/exclude list ip_exclude = [] data = form.vars.get('f_ignore_list') if data: ip_exclude = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals ip_include = [] data = form.vars.get('f_include_list') if data: ip_include = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals if form.vars.f_msf_report: try: msf_report = msf.report_download(rptid=form.vars.f_msf_report) except MSFProAPIError as error: error = "Unable to download report from Metasploit Pro: %s" % ( str(error)) return dict(form=form, alert=True, error=error) check_datadir(request.folder) filename = os.path.join( filedir, "msfpro-%s-%s.xml" % (msf_settings['workspace'], int(time.time()))) fout = open(filename, "w") fout.write(msf_report['data']) fout.close() del (msf_report) else: filename = os.path.join(filedir, form.vars.f_filename) if form.vars.f_taskit: task = scheduler.queue_task( scanner_import, pvars=dict( scanner='metasploit', filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ), group_name=settings.scheduler_group_name, sync_output=5, timeout=settings.scheduler_timeout) if task.id: redirect(URL('tasks', 'status', args=task.id)) else: response.flash = "Error submitting job: %s" % (task.errors) else: from skaldship.metasploit.pro import process_report_xml logger.info("Starting Metasploit XML Import") result = process_report_xml( filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ) response.flash = result redirect(URL('default', 'index')) return dict(form=form, alert=alert, error=error)
), group_name=settings.scheduler_group_name, sync_output=5, timeout=settings.scheduler_timeout ) if task.id: redirect(URL('tasks', 'status', args=task.id)) else: response.flash = "Error submitting job: %s" % (task.errors) else: from skaldship.metasploit.pro import process_report_xml logger.info("Starting Metasploit XML Import") result = process_report_xml( filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ) response.flash = result redirect(URL('default', 'index')) return dict(form=form, alert=alert, error=error) ##------------------------------------------------------------------------- ## sending data to metasploit ##------------------------------------------------------------------------- @auth.requires_login() def send_scanxml():
def scanner_import( scanner=None, filename=None, addnoports=False, asset_group=None, engineer=None, msf_settings={}, ip_ignore_list=None, ip_include_list=None, update_hosts=False, **kwargs ): """ Imports a Scanner XML file to Kvasir """ if not isinstance(scanner, str): return False scanner = scanner.upper() if scanner == 'NMAP': from skaldship.nmap import process_xml logger.info("Processing nmap file: %s" % (filename)) process_xml( filename=filename, addnoports=addnoports, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'NEXPOSE': from skaldship.nexpose import process_xml logger.info("Processing Nexpose file: %s" % (filename)) process_xml( filename=filename, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'NESSUS': from skaldship.nessus.processor import process_scanfile logger.info("Processing Nessus file: %s" % (filename)) process_scanfile( filename=filename, asset_group=asset_group, engineer=engineer, msf_settings=msf_settings, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'METASPLOIT': from skaldship.metasploit.pro import process_report_xml logger.info("Processing Metasploit Pro file: %s" % filename) process_report_xml( filename=filename, asset_group=asset_group, engineer=engineer, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, update_hosts=update_hosts, ) elif scanner == 'SHODANHQ': from skaldship.shodanhq import process_report logger.info("Processing ShodanHQ file: %s" % (filename)) process_report( filename=filename, host_list=kwargs.get('hosts') or [], query=kwargs.get('query') or None, asset_group=asset_group, engineer=engineer, ip_ignore_list=ip_ignore_list, ip_include_list=ip_include_list, #update_hosts=update_hosts, ) return True