def __init__(self):
''' Set the proxy ip, port and Apitoken of OWASP ZAP '''
self.api_logger = logger()
self.dbupdate = Database_update()
self.ip = get_value('config.property', 'Configuration', 'ZAP_ip')
self.port = get_value('config.property', 'Configuration', 'ZAP_port')
self.proxy = {
"http": "http://" + self.ip + ":" + self.port,
"https": "http://" + self.ip + ":" + self.port
}
self.apitoken = get_value('config.property', 'Configuration',
'ZAP_apikey')
self.zap_url = 'http://' + self.ip + ':' + str(self.port)
from modules.csrf import csrf_check
from modules.jwt_attack import jwt_check
from modules.sqli import sqli_check
from modules.xss import xss_check
from modules.redirect import open_redirect_check
from modules.xxe import xxe_scan
from modules.crlf import crlf_check
from core.zap_config import zap_start
from multiprocessing import Process
from utils.db import Database_update
if os.getcwd().split('/')[-1] != 'API':
from API.api import main
dbupdate = Database_update()
def parse_collection(collection_name,collection_type):
if collection_type == 'Postman':
parse_data.postman_parser(collection_name)
else:
print "[-]Failed to Parse collection"
sys.exit(1)
def scan_complete():
print "[+]Scan has been completed"
webbrowser.open("http://127.0.0.1:8094/reports.html#"+scanid)
while True:
pass
def generate_scanid():
import utils.logs as logs
import time
import os
from utils.sendemail import send_email
from utils.config import get_value
from utils.db import Database_update
try:
from API.scanstatus import scan_status
except Exception as e:
SCRIPT_PATH= os.path.split(os.path.realpath(__file__))[0]
sys.path.append(os.path.join(SCRIPT_PATH,'..','API'))
from scanstatus import scan_status
email_db = Database_update()
emails = send_email()
def send_email_notification():
time.sleep(20)
while True:
try:
schedule = get_value('config.property','SMTP','email_schedule')
records = email_db.db.email.find({})
for data in records:
notification = data['email_notification']
scan_id = data['scanid']
scan_result = scan_status(scan_id)
if notification == 'N' and scan_result == 'Completed':
try:
class zap_scan:
def __init__(self):
''' Set the proxy ip, port and Apitoken of OWASP ZAP '''
self.api_logger = logger()
self.dbupdate = Database_update()
self.ip = get_value('config.property', 'Configuration', 'ZAP_ip')
self.port = get_value('config.property', 'Configuration', 'ZAP_port')
self.proxy = {
"http": "http://" + self.ip + ":" + self.port,
"https": "http://" + self.ip + ":" + self.port
}
self.apitoken = get_value('config.property', 'Configuration',
'ZAP_apikey')
self.zap_url = 'http://' + self.ip + ':' + str(self.port)
def generate_report(self):
zap_report = '{0}/OTHER/core/other/htmlreport/?apikey={1}&formMethod=GET'.format(
self.zap_url, self.apitoken)
generate_report = requests.get(zap_report)
try:
write_report = open('report.html', 'w')
write_report.write(generate_report.text)
write_report.close()
return True
except e:
return False
def check_scanstatus(self, scan_id):
scan_status = '{0}/JSON/ascan/view/status/?zapapiformat=JSON&apikey={1}&formMethod=GET&scanId={2}'.format(
self.zap_url, self.apitoken, scan_id)
status = requests.get(scan_status)
try:
status = json.loads(status.text)['status']
return status
except Exception as e:
raise e
def update_db(self, scanid, url, alert, impact, description, solution,
messageId):
''' This function gathers all the info of alert and update it into DB '''
message_url = '{0}/JSON/core/view/message/?zapapiformat=JSON&apikey={1}&formMethod=GET&id={2}'.format(
self.zap_url, self.apitoken, messageId)
message_req = requests.get(message_url)
message_data = json.loads(message_req.text)
req_headers, req_body, res_headers, res_body = message_data['message'][
'requestHeader'], message_data['message'][
'requestBody'], message_data['message'][
'responseHeader'], message_data['message']['responseBody']
attack_result = {
"id": "NA",
"scanid": scanid,
"url": url,
"name": alert,
"impact": impact,
"req_headers": req_headers,
"req_body": req_body,
"res_headers": res_headers,
"res_body": res_body,
"Description": description,
"remediation": solution
}
self.dbupdate.insert_record(attack_result)
def check_scanalerts(self, url, scan_id, scanid):
scan_alerts = '{0}/JSON/core/view/alerts/?zapapiformat=JSON&apikey={1}&formMethod=GET&baseurl={2}&start=&count='.format(
self.zap_url, self.apitoken, url)
alert_id = 0
while True:
time.sleep(10)
scan_status = self.check_scanstatus(scan_id)
if int(scan_status) == 100:
break
else:
alerts = requests.get(scan_alerts)
zap_alerts = json.loads(alerts.text)
try:
url = zap_alerts['alerts'][alert_id]['url']
alert = zap_alerts['alerts'][alert_id]['alert']
messageId = zap_alerts['alerts'][alert_id]['messageId']
impact = zap_alerts['alerts'][alert_id]['risk']
description = zap_alerts['alerts'][alert_id]['description']
solution = zap_alerts['alerts'][alert_id]['solution']
print "%s[+]{0} is vulnerable to {1}%s".format(
url, alert) % (self.api_logger.G, self.api_logger.W)
try:
self.update_db(scanid, url, alert, impact, description,
solution, messageId)
except Exception as e:
logs.logging.info("Failed to update in db : %s", e)
alert_id = alert_id + 1
except:
pass
def start_scan(self, url, method, Headers=None, data=None, scanid=None):
try:
data = json.dumps(data)
data = data.replace('\\"', "'")
except:
pass
try:
cookies = get_value('config.property', 'login', 'auth')
cookies = ast.literal_eval(cookies)
if cookies is None or '':
cookies = ''
except:
cookies = ''
if method.upper() == 'GET':
try:
access_url = requests.get(url,
headers=Headers,
proxies=self.proxy,
cookies=cookies)
except requests.exceptions.RequestException as e:
print e
elif method.upper() == 'POST':
try:
access_url = requests.post(url,
headers=Headers,
data=data,
proxies=self.proxy,
cookies=cookies,
verify=False)
except requests.exceptions.RequestException as e:
return
elif method.upper() == 'PUT':
try:
access_url = requests.put(url,
headers=Headers,
data=data,
proxies=self.proxy)
except requests.exceptions.RequestException as e:
return
''' Check if URL is now present at scanning tree of ZAP.
If it's not present then something is wrong with access_url
'''
view_urls = '{0}/JSON/core/view/urls/?zapapiformat=JSON&formMethod=GET&apikey={1}'.format(
self.zap_url, self.apitoken)
view_urls = requests.get(view_urls)
scantree_urls = json.loads(view_urls.text)
if url or url + '/' in scantree_urls['urls']:
data = "'" + data + "'"
if method.upper() == 'GET':
if '&' in url:
url = url.replace('&', '%26')
active_scan = '{0}/JSON/ascan/action/scan/?zapapiformat=JSON&url={1}&recurse=False&inScopeOnly=False&scanPolicyName=&method={2}&postData=&apikey={3}'.format(
self.zap_url, url, method, self.apitoken)
else:
active_scan = '{0}/JSON/ascan/action/scan/?zapapiformat=JSON&url={1}&recurse=False&inScopeOnly=False&scanPolicyName=&method={2}&postData={3}&apikey={4}'.format(
self.zap_url, url, method, urllib.quote(data),
self.apitoken)
start_ascan = requests.get(active_scan)
try:
scan_id = json.loads(start_ascan.text)['scan']
if int(scan_id) >= 0:
print "[+]Active Scan Started Successfully"
self.check_scanalerts(url, scan_id, scanid)
except:
pass