예제 #1
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeExploits(reporto):
        for key, val in dic.iteritems():
            if key == request.fields['vulnid'] and val[1] == 'exploitdb':
                e = NexposeEDBExploit(val[0],
                                      exploittype=val[1],
                                      siteid=siteid,
                                      scanid=request.fields['scanid'],
                                      vulnid=key)

                e += Label('Exploit DB URL', val[2])
                e += Label('Skill Level', val[3])
                response += e

    return response
    nexlogout(session)
예제 #2
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeVulns(reporto):
        for key, val in dic.iteritems():
            e = NexposeVulnerability(val[0],
                                     siteid=siteid,
                                     scanid=request.fields['scanid'],
                                     vulnid=key)

            e += Label('cvss Score', val[2])
            e += Label('Severity', val[1])
            response += e

    return response
    nexlogout(session)
예제 #3
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposeExploits(reporto):
		for key, val in dic.iteritems():
			if key == request.fields['vulnid'] and val[1] == 'metasploit':
				e = NexposeMetasploitModule(val[0],
						exploittype=val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	vulnid=key)

				e += Label('Metasploit Module URL', val[2])
				e += Label('Skill Level', val[3])
				response += e
				
	return response
	nexlogout(session)
예제 #4
0
파일: scanhost.py 프로젝트: 5l1v3r1/Nextego
def dotransform(request, response):
    # Nespose API session login
    session = nexlogin()
    # Nexpose site creation
    sitename = datetime.today().strftime("%Y%m%d-%H%M%S") + '-MaltegoSite'
    newsite = host_site(sitename, request.value)
    nexsite = sitesave(session, newsite)
    resxml = ET.fromstring(nexsite)
    siteid = resxml.attrib.get('site-id')
    progress(10)
    if resxml.attrib.get('success') == '1':
        # Nexpose Scan Site
        launchscan = sitescan(session, siteid)
        launchres = ET.fromstring(launchscan)
        progress(25)
        if launchres.attrib.get('success') == '1':
            for child in launchres:
                scanid = child.attrib.get('scan-id')
                status = scanstatus(session, scanid)
                statusxml = ET.fromstring(status)
                progress(50)
                while statusxml.attrib.get('status') == 'running':
                    sleep(5)
                    status = scanstatus(session, scanid)
                    statusxml = ET.fromstring(status)
                    continue
                progress(100)
                response += NexposeSite(sitename,
                                        siteid=siteid,
                                        scanid=scanid,
                                        targetip=request.value)

    return response
    nexlogout(session)
예제 #5
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposePort(reporto):
		for key, val in dic.iteritems():
			response += Port(key,
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	protocol=val[0],
                    	status=val[1])

	return response
	nexlogout(session)
예제 #6
0
def dotransform(request, response):
    # Nespose API session login
    session = nexlogin()
    # Nexpose site creation
    sitename = datetime.today().strftime("%Y%m%d-%H%M%S") + '-MaltegoSite'
    newsite = host_site(sitename, request.value)
    nexsite = sitesave(session, newsite)
    resxml = ET.fromstring(nexsite)
    siteid = resxml.attrib.get('site-id')
    progress(10)
    if resxml.attrib.get('success') == '1':
        # Nexpose Scan Site
        launchscan = sitescan(session, siteid)
        launchres = ET.fromstring(launchscan)
        progress(25)
        if launchres.attrib.get('success') == '1':
            for child in launchres:
                scanid = child.attrib.get('scan-id')
                status = scanstatus(session, scanid)
                statusxml = ET.fromstring(status)
                progress(50)
                while statusxml.attrib.get('status') == 'running':
                    sleep(5)
                    status = scanstatus(session, scanid)
                    statusxml = ET.fromstring(status)
                    continue
                progress(100)
                response += NexposeSite(
                    sitename,
                    siteid=siteid,
                    scanid=scanid,
                    targetip=request.value)

    return response
    nexlogout(session)
예제 #7
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposeServiceVer(reporto):
		for key, val in dic.iteritems():
			if key == request.value and len(val) == 3:
				response += ServiceVersion(val[0] + '-' + val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value,
                    	certainty=val[2])
			elif key == request.value and len(val) == 2:
				response += ServiceVersion(val[0] + '-' + val[1],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value)
			elif key == request.value and len(val) == 1:
				response += ServiceVersion(val[0],
                    	siteid=siteid,
                    	scanid=request.fields['scanid'],
                    	port=request.fields['port'],
                    	service=request.value)

	return response
	nexlogout(session)
예제 #8
0
def dotransform(request, response):
    checkdir(config['nexpose/reportdir'])
    # Nexpose API session login
    session = nexlogin()
    # Nexpose Adhoc report generation and save to file
    siteid = request.fields['siteid']
    report = '%s.xml' % siteid
    reportstatus = reportChecker(session, siteid, report)
    if reportstatus == True:
        f = open(os.path.join(config['nexpose/reportdir'], report))
        reporto = f.read()
        f.close
    else:
        raise MaltegoException('Something went wrong with the report checks')

    for dic in nexposeServiceVer(reporto):
        for key, val in dic.iteritems():
            if key == request.value and len(val) == 3:
                response += ServiceVersion(val[0] + '-' + val[1],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value,
                                           certainty=val[2])
            elif key == request.value and len(val) == 2:
                response += ServiceVersion(val[0] + '-' + val[1],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value)
            elif key == request.value and len(val) == 1:
                response += ServiceVersion(val[0],
                                           siteid=siteid,
                                           scanid=request.fields['scanid'],
                                           port=request.fields['port'],
                                           service=request.value)

    return response
    nexlogout(session)
예제 #9
0
def dotransform(request, response):
	checkdir(config['nexpose/reportdir'])
	# Nexpose API session login
	session = nexlogin()
	# Nexpose Adhoc report generation and save to file
	siteid = request.fields['siteid']
	report = '%s.xml' % siteid
	reportstatus = reportChecker(session, siteid, report)
	if reportstatus == True:
		f = open(os.path.join(config['nexpose/reportdir'], report))
		reporto = f.read()
		f.close
	else:
		raise MaltegoException('Something went wrong with the report checks')
	
	for dic in nexposePortTests(reporto):
		for key, val in dic.iteritems():
			if request.value == key:
				for key1, val1 in val.iteritems():
					test = key1
					for dic in nexposeVulns(reporto):
						for key2, val2 in dic.iteritems():
							if test == key2:
								e = NexposeVulnerability(val2[0],
                    				siteid=siteid,
                    				scanid=request.fields['scanid'],
                    				vulnid=key2)

								e += Label('cvss Score', val2[2])
								e += Label('Severity', val2[1])
								response += e
			else:
				pass

	return response
	nexlogout(session)