def on_demand_scan_finished(results, information):
add_scanned_resources(information)
if information['email'] is None:
return
# TODO REMOVE Send email with scan results
vulnerabilities = mongo.get_vulnerabilities_for_email(information)
df = pd.DataFrame(vulnerabilities)
if df.empty:
print('No vulns found! Canceling email')
return
from VM_OrchestratorApp.src.utils import email_handler
ROOT_DIR = os.path.dirname(os.path.abspath(__file__))
df.to_csv(ROOT_DIR + '/output.csv',
index=False,
columns=[
'domain', 'resource', 'vulnerability_name', 'extra_info',
'date_found', 'last_seen', 'language', 'state'
])
email_handler.send_email_with_attachment(
ROOT_DIR + '/output.csv', information['email'],
"CSV with vulnerabilities attached to email",
"Orchestrator: Vulnerabilities found!")
try:
os.remove(ROOT_DIR + '/output.csv')
except FileNotFoundError:
print('ERROR:Output for on demand scan was not found')
pass
slack.send_notification_to_channel(
'_ On demand scan against %s finished! _' % information['resource'],
'#vm-ondemand')
return
def run_recon(scan_information):
slack.send_notification_to_channel(
'Starting recon against %s' % scan_information['domain'],
'#vm-recon-module')
mongo.add_module_status_log({
'module_keyword': "recon_module",
'state': "start",
'domain': scan_information[
'domain'], #En los casos de start/stop de genericos, va None
'found': None,
'arguments': scan_information
})
#We add the domain to our domain database
mongo.add_domain(scan_information, True, True)
# Scanning for subdomains
subdomain_recon_task(scan_information)
# We resolve to get http/https urls
resolver_recon_task(scan_information)
mongo.add_module_status_log({
'module_keyword': "recon_module",
'state': "start",
'domain': scan_information[
'domain'], #En los casos de start/stop de genericos, va None
'found': None,
'arguments': scan_information
})
recon_finished(scan_information)
return
def scan_target(scan_info, url_to_scan):
# We take every .css file from our linkfinder utils
css_files_found = utils.get_css_files(url_to_scan)
if css_files_found:
slack.send_notification_to_channel(
'_ Found %s css files at %s _' %
(str(len(css_files_found)), url_to_scan),
SLACK_NOTIFICATION_CHANNEL)
for css_file in css_files_found:
url_split = css_file.split('/')
host_split = url_to_scan.split('/')
if css_file[-1] == '\\' or css_file[-1] == '/':
css_file = css_file[:-1]
response = get_response(url_to_scan)
if response is None:
if url_split[2] != host_split[2]:
add_vulnerability_to_mongo(scan_info, css_file, 'Access')
return
return
if response.status_code != 200:
if url_split[2] != host_split[2]:
add_vulnerability_to_mongo(scan_info, css_file, 'Status')
return
def scan_target(scan_info, url_for_scanning):
# We scan javascript files
javascript_files_found = utils.get_js_files(url_for_scanning)
if javascript_files_found:
slack.send_notification_to_channel('_ Found %s javascript files at %s _' % (str(len(javascript_files_found)), url_for_scanning), SLACK_NOTIFICATION_CHANNEL)
for javascript in javascript_files_found:
scan_for_tokens(scan_info, url_for_scanning, javascript)
return
def scan_target(scan_information, url_to_scan):
# We first search for buckets inside the html code
get_buckets(scan_information, url_to_scan)
# We now scan javascript files
javascript_files_found = utils.get_js_files(url_to_scan)
if javascript_files_found:
slack.send_notification_to_channel(
'_ Found %s javascript files at %s _' %
(str(len(javascript_files_found)), url_to_scan),
SLACK_NOTIFICATION_CHANNEL)
for javascript in javascript_files_found:
get_buckets(scan_information, javascript)
return
def start_scan_on_approved_resources():
slack.send_notification_to_channel(
'_ Starting scan against approved resources _', '#vm-ondemand')
resources = mongo.get_data_for_approved_scan()
print(resources)
for resource in resources:
scan_info = resource
scan_info['email'] = None
scan_info['nessus_scan'] = settings['PROJECT']['ACTIVATE_NESSUS']
scan_info['acunetix_scan'] = settings['PROJECT']['ACTIVATE_ACUNETIX']
scan_info['burp_scan'] = settings['PROJECT']['ACTIVATE_BURP']
scan_info['invasive_scans'] = settings['PROJECT'][
'ACTIVATE_INVASIVE_SCANS']
mongo.add_module_status_log({
'module_keyword': "general_vuln_module",
'state': "start",
'domain': scan_info[
'domain'], #En los casos de start/stop de genericos, va None
'found': None,
'arguments': scan_info
})
if scan_info['type'] == 'domain':
execution_chord = chord(
[
run_web_scanners.si(scan_info).set(queue='fast_queue'),
run_ip_scans.si(scan_info).set(queue='slow_queue')
],
body=on_demand_scan_finished.s(scan_info).set(
queue='fast_queue'),
immutable=True)
execution_chord.apply_async(queue='fast_queue', interval=300)
elif scan_info['type'] == 'ip':
execution_chord = chord(
[run_ip_scans.si(scan_info).set(queue='slow_queue')],
body=on_demand_scan_finished.s(scan_info).set(
queue='fast_queue'),
immutable=True)
execution_chord.apply_async(queue='fast_queue', interval=300)
elif scan_info['type'] == 'url':
execution_chord = chord(
[
run_web_scanners.si(scan_info).set(queue='fast_queue'),
run_ip_scans.si(scan_info).set(queue='slow_queue')
],
body=on_demand_scan_finished.s(scan_info).set(
queue='fast_queue'),
immutable=True)
execution_chord.apply_async(queue='fast_queue', interval=300)
return
def project_monitor_task():
monitor_data = mongo.get_domains_for_monitor()
mongo.add_module_status_log({
'module_keyword': "monitor_recon_module",
'state': "start",
'domain': None, #En los casos de start/stop de genericos, va None
'found': None,
'arguments': monitor_data
})
print(monitor_data)
slack.send_notification_to_channel(
'Starting monitor against %s' % str(monitor_data), '#vm-monitor')
for data in monitor_data:
scan_info = data
scan_info['is_first_run'] = False
scan_info['email'] = None
scan_info['type'] = 'domain'
if scan_info['type'] == 'domain':
run_recon.apply_async(args=[scan_info], queue='fast_queue')
return
def recon_against_target(information):
information['is_first_run'] = True
information['type'] = 'domain'
slack.send_notification_to_channel(
'_ Starting recon only scan against %s _' % str(information['domain']),
'#vm-ondemand')
mongo.add_module_status_log({
'module_keyword': "on_demand_recon_module",
'state': "start",
'domain': None, #En los casos de start/stop de genericos, va None
'found': None,
'arguments': information
})
for domain in information['domain']:
current_scan_info = copy.deepcopy(information)
current_scan_info['domain'] = domain
execution_chain = chain(
tasks.run_recon.si(current_scan_info).set(queue='slow_queue'))
execution_chain.apply_async(queue='fast_queue', interval=300)
def on_demand_scan(information):
information['is_first_run'] = True
information['language'] = settings['LANGUAGE']
# The "Information" argument on chord body is temporary
if information['type'] == 'domain':
slack.send_notification_to_channel(
'_ Starting on demand scan of type domain against %s _' %
information['domain'], '#vm-ondemand')
execution_chain = chain(
tasks.run_recon.si(information).set(queue='slow_queue'),
chord([
tasks.run_web_scanners.si(information).set(queue='fast_queue'),
tasks.run_ip_scans.si(information).set(queue='slow_queue')
],
body=tasks.on_demand_scan_finished.s(information).set(
queue='fast_queue'),
immutable=True))
execution_chain.apply_async(queue='fast_queue', interval=300)
elif information['type'] == 'ip':
slack.send_notification_to_channel(
'_ Starting on demand scan of type ip against %s _' %
information['resource'], '#vm-ondemand')
execution_chord = chord(
[tasks.run_ip_scans.si(information).set(queue='slow_queue')],
body=tasks.on_demand_scan_finished.s(information).set(
queue='fast_queue'),
immutable=True)
execution_chord.apply_async(queue='fast_queue', interval=300)
elif information['type'] == 'url':
slack.send_notification_to_channel(
'_ Starting on demand scan of type url against %s _' %
information['resource'], '#vm-ondemand')
execution_chord = chord(
[
tasks.run_web_scanners.si(information).set(queue='fast_queue'),
tasks.run_ip_scans.si(information).set(queue='slow_queue')
],
body=tasks.on_demand_scan_finished.s(information).set(
queue='fast_queue'),
immutable=True)
execution_chord.apply_async(queue='fast_queue', interval=300)
def recon_finished(scan_information):
slack.send_notification_to_channel(
'_ Recon against %s finished _' % scan_information['domain'],
'#vm-recon-module')
print('Recon finished!')
return
def on_demand_scan_finished(results, information):
#add_scanned_resources(information)
slack.send_notification_to_channel(
'_ On demand scan against %s finished! _' % information['target'],
'#vm-ondemand')
return
def force_redmine_sync():
slack.send_notification_to_channel('_ Forcing redmine sync... _',
'#vm-ondemand')
execution_chain = chain(
tasks.check_redmine_for_updates.si().set(queue='fast_queue'))
execution_chain.apply_async(queue='fast_queue', interval=300)
def force_update_elasticsearch_logs():
slack.send_notification_to_channel(
'_ Forcing update on elasticsearch... _', '#vm-ondemand')
execution_chain = chain(
tasks.update_elasticsearch_logs.si().set(queue='fast_queue'))
execution_chain.apply_async(queue='fast_queue', interval=300)
