コード例 #1
0
ファイル: parsers.py プロジェクト: rajivraj/vmc
    def parse(self, report) -> [Dict, Dict]:
        for host in iter_elements_by_name(report, "ReportHost"):
            self.__scanned_hosts.append(host.get('name'))
            for item in host.iter('ReportItem'):
                if item.get('severity') != NessusReportParser.INFO:
                    vuln = dict()
                    vuln['asset'] = AssetFactory.create(host, self.__config)
                    vuln['plugin_id'] = item.get('pluginID')
                    vuln['port'] = item.get('port')

                    if vuln['port'] != '0':
                        vuln['svc_name'] = item.get('svc_name')
                        vuln['protocol'] = item.get('protocol')
                    else:
                        vuln['port'] = None
                        vuln['svc_name'] = None
                        vuln['protocol'] = None
                    vuln['description'] = get_value(item.find('description'))
                    vuln['solution'] = get_value(item.find('solution'))
                    vuln['exploit_available'] = True if get_value(item.find('exploit_available')) == 'true' else False
                    vuln['id'] = self._vuln_id(vuln['asset'].ip_address, vuln['protocol'], vuln['plugin_id'])

                    cves = item.findall('cve')
                    if cves:
                        for cve in cves:
                            vuln['cve_id'] = get_value(cve)
                            vuln['cve'] = CveDocument.get_or_create(cve_id=vuln['cve_id'])
                            self._create(vuln)
                    else:
                        vuln['cve'] = self._create_nessus_cve(item)
                        self._create(vuln)

        return self.__parsed, self.__scanned_hosts
コード例 #2
0
ファイル: parsers.py プロジェクト: rajivraj/vmc
    def get_cve(cve_id, oid, tags):

        if cve_id == 'NOCVE':
            cve_id = F'NOCVE-{oid}'
            cve = CveDocument.get_or_create(cve_id=cve_id)

            vector = tags['cvss_base_vector']
            vector = dict(x.split(':') for x in vector.split('/'))
            new_cve = CveDocument(id=cve_id)
            new_cve.access_vector_v2 = metrics.AccessVectorV2(vector['AV'])
            new_cve.access_complexity_v2 = metrics.AccessComplexityV2(vector['AC'])
            new_cve.authentication_v2 = metrics.AuthenticationV2(vector['Au'])
            new_cve.confidentiality_impact_v2 = metrics.ImpactV2(vector['C'])
            new_cve.integrity_impact_v2 = metrics.ImpactV2(vector['I'])
            new_cve.availability_impact_v2 = metrics.ImpactV2(vector['A'])
            new_cve.base_score_v2 = calculate_base_score_v2(new_cve)
            if cve.has_changed(new_cve):
                return cve.update(new_cve, refresh=True)
            return cve

        return CveDocument.get_or_create(cve_id=cve_id)
コード例 #3
0
ファイル: parsers.py プロジェクト: lukkol/vmc
    def parse(self, report, file_url) -> [Dict, Dict]:
        for host in iter_elements_by_name(report, "ReportHost"):
            scan_date = host.find(
                'HostProperties/tag[@name="HOST_START_TIMESTAMP"]').text
            scan_date = datetime.fromtimestamp(int(scan_date))

            asset = AssetFactory.create(host, self.__config)
            asset.last_scan_date = scan_date
            self.__scanned_hosts.append(asset)

            for item in host.iter('ReportItem'):
                if item.get('severity') != NessusReportParser.INFO:
                    vuln = dict()
                    vuln['scan_date'] = scan_date
                    vuln['scan_file_url'] = file_url
                    vuln['asset'] = asset
                    vuln['plugin_id'] = item.get('pluginID')
                    vuln['name'] = item.get('pluginName')
                    vuln['port'] = item.get('port')

                    if vuln['port'] != '0':
                        vuln['svc_name'] = item.get('svc_name')
                        vuln['protocol'] = item.get('protocol')
                    else:
                        vuln['port'] = None
                        vuln['svc_name'] = None
                        vuln['protocol'] = None

                    vuln['description'] = get_value(item.find('description'))
                    vuln['solution'] = get_value(item.find('solution'))
                    vuln['exploit_available'] = True if get_value(
                        item.find('exploit_available')) == 'true' else False

                    vuln[
                        'tenant'] = self.__config.tenant.name if self.__config.tenant else None
                    cves = item.findall('cve')
                    if cves:
                        for cve in cves:
                            vuln['cve_id'] = get_value(cve)
                            vuln['cve'] = CveDocument.get_or_create(
                                cve_id=vuln['cve_id'])
                            vuln['id'] = self._vuln_id(vuln, vuln['cve_id'])
                            self._create(vuln)
                    else:
                        vuln['cve'] = self._create_nessus_cve(item)
                        vuln['id'] = self._vuln_id(vuln, vuln['cve'].id)
                        self._create(vuln)

        return self.__parsed, self.__scanned_hosts