def add_vuln(request):
"""
Add network vulnerability.
:param request:
:return:
"""
if request.method == 'GET':
scan_id = request.GET['scan_id']
else:
scan_id = ''
if request.method == 'POST':
vuln_id = uuid.uuid4()
scan_id = request.POST.get("scan_id")
name = request.POST.get("name")
creation_time = request.POST.get("creation_time")
modification_time = request.POST.get("modification_time")
host = request.POST.get("host")
port = request.POST.get("port", )
threat = request.POST.get("threat", )
severity = request.POST.get("severity", )
description = request.POST.get("description", )
family = request.POST.get("family", )
cvss_base = request.POST.get("cvss_base", )
cve = request.POST.get("cve", )
# bid = request.POST.get("bid")
xref = request.POST.get("xref", )
tags = request.POST.get("tags", )
banner = request.POST.get("banner", )
save_vuln = ov_scan_result_db(
name=name,
vul_id=vuln_id,
scan_id=scan_id,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
xref=xref,
tags=tags,
banner=banner,
false_positive='No',
)
save_vuln.save()
messages.success(request, "Vulnerability Added")
return HttpResponseRedirect(
"/networkscanners/vul_details/?scan_id=%s" % scan_id)
return render(request, 'ov_add_vuln.html', {'scan_id': scan_id})
def add_vuln(request):
"""
Add network vulnerability.
:param request:
:return:
"""
if request.method == 'GET':
scan_id = request.GET['scan_id']
else:
scan_id = ''
if request.method == 'POST':
vuln_id = uuid.uuid4()
scan_id = request.POST.get("scan_id")
name = request.POST.get("name")
creation_time = request.POST.get("creation_time")
modification_time = request.POST.get("modification_time")
host = request.POST.get("host")
port = request.POST.get("port", )
threat = request.POST.get("threat", )
severity = request.POST.get("severity", )
description = request.POST.get("description", )
family = request.POST.get("family", )
cvss_base = request.POST.get("cvss_base", )
cve = request.POST.get("cve", )
# bid = request.POST.get("bid")
xref = request.POST.get("xref", )
tags = request.POST.get("tags", )
banner = request.POST.get("banner", )
save_vuln = ov_scan_result_db(name=name,
vul_id=vuln_id,
scan_id=scan_id,
creation_time=creation_time,
modification_time=modification_time,
host=host, port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
xref=xref,
tags=tags,
banner=banner,
false_positive='No',
)
save_vuln.save()
messages.success(request, "Vulnerability Added")
return HttpResponseRedirect("/networkscanners/vul_details/?scan_id=%s" % scan_id)
return render(request, 'ov_add_vuln.html', {'scan_id': scan_id})
def vuln_an_id(scan_id):
"""
The function is filtering all data from OpenVAS and dumping to Archery database.
:param scan_id:
:return:
"""
# ov_user = openvas_setting.openvas_username()
# ov_pass = openvas_setting.openvas_pass()
# ov_ip = openvas_setting.openvas_host()
#
# lod_ov_user = signing.loads(ov_user)
# lod_ov_pass = signing.loads(ov_pass)
# lod_ov_ip = signing.loads(ov_ip)
all_openvas = openvas_setting_db.objects.all()
for openvas in all_openvas:
ov_user = openvas.user
ov_pass = openvas.password
ov_ip = openvas.host
lod_ov_user = ov_user
lod_ov_pass = ov_pass
lod_ov_ip = ov_ip
scanner = VulnscanManager(str(lod_ov_ip), str(lod_ov_user),
str(lod_ov_pass))
openvas_results = scanner.get_raw_xml(str(scan_id))
for openvas in openvas_results.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = timezone.now()
vul_id = uuid.uuid4()
s_data = scan_save_db.objects.filter(scan_id=scan_id)
for data in s_data:
if data.scan_ip == host:
dup_data = name + host + severity
duplicate_hash = hashlib.sha256(dup_data).hexdigest()
save_all = ov_scan_result_db(
scan_id=scan_id,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive='No',
vuln_status='Open',
dup_hash=duplicate_hash)
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id) \
.values('name',
'threat').distinct()
total_vul = len(openvas_vul)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
total_log = len(openvas_vul.filter(threat="Log"))
scan_status = str(scanner.get_progress(str(scan_id)))
scan_save_db.objects.filter(scan_id=scan_id) \
.update(total_vul=total_vul,
high_total=total_high,
medium_total=total_medium,
low_total=total_low,
log_total=total_log,
scan_status=scan_status)
def sav_vul_da(vul_id, openvas_results, scan_id):
print(openvas_results)
try:
for data in openvas_results:
for datas, items in data.attrib.viewitems():
if items == vul_id:
print("-----------------------------------------------------------")
print("The vuln is for :", items)
for r in data.getchildren():
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
save_all = ov_scan_result_db(scan_id=scan_id, vul_id=vul_id, name=name,
creation_time=creation_time, modification_time=modification_time,
host=host, port=port,
threat=threat,
severity=severity,
description=description, family=family, cvss_base=cvss_base, cve=cve,
bid=bid, xref=xref, tags=tags, banner=banner)
save_all.save()
except Exception as e:
print e
def sav_vul_da(vul_id, openvas_results, scan_id):
print(openvas_results)
try:
for data in openvas_results:
for datas, items in data.attrib.viewitems():
if items == vul_id:
print("-----------------------------------------------------------")
print("The vuln is for :", items)
for r in data.getchildren():
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = datetime.datetime.now()
save_all = ov_scan_result_db(scan_id=scan_id, vul_id=vul_id, name=name,
creation_time=creation_time, modification_time=modification_time,
host=host, port=port,
threat=threat,
severity=severity,
description=description,
family=family, cvss_base=cvss_base, cve=cve,
bid=bid, xref=xref, tags=tags, banner=banner,
date_time=date_time, false_positive='No'
)
save_all.save()
except Exception as e:
print e
def updated_xml_parser(root, project_id, scan_id, username):
for openvas in root.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = datetime.now()
vul_id = uuid.uuid4()
dup_data = name + host + severity + port
duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest()
match_dup = ov_scan_result_db.objects.filter(username=username,
vuln_duplicate=duplicate_hash).values('vuln_duplicate').distinct()
lenth_match = len(match_dup)
vuln_color = ''
if threat == 'High':
vuln_color = 'danger'
elif threat == 'Medium':
vuln_color = 'warning'
elif threat == 'Low':
vuln_color = 'info'
elif threat == 'Log':
vuln_color = 'info'
if lenth_match == 1:
duplicate_vuln = 'Yes'
elif lenth_match == 0:
duplicate_vuln = 'No'
else:
duplicate_vuln = 'None'
false_p = ov_scan_result_db.objects.filter(username=username,
false_positive_hash=duplicate_hash)
fp_lenth_match = len(false_p)
if fp_lenth_match == 1:
false_positive = 'Yes'
else:
false_positive = 'No'
save_all = ov_scan_result_db(scan_id=host,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive=false_positive,
vuln_status='Open',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln,
project_id=project_id,
vuln_color=vuln_color,
username=username,
)
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(username=username, scan_id=host)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
total_duplicate = len(openvas_vul.filter(vuln_duplicate='Yes'))
total_vul = total_high + total_medium + total_low
openvas_scan_db.objects.filter(username=username, scan_id=host). \
update(total_vul=total_vul,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
total_dup=total_duplicate,
scan_ip=host,
)
subject = 'Archery Tool Scan Status - OpenVAS Report Uploaded'
message = 'OpenVAS Scanner has completed the scan ' \
' %s <br> Total: %s <br>High: %s <br>' \
'Medium: %s <br>Low %s' % (scan_id, total_vul, total_high, total_medium, total_low)
email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id):
"""
OpenVAS Scanner report parser.
:param root:
:param project_id:
:param scan_id:
:return:
"""
for openvas in root.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = datetime.datetime.now()
vul_id = uuid.uuid4()
save_all = ov_scan_result_db(scan_id=scan_id,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive='No'
)
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id).\
values('name',
'severity',
'vuln_color',
'threat',
'host',
'port').distinct()
total_vul = len(openvas_vul)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
scan_save_db.objects.filter(scan_id=scan_id).\
update(total_vul=total_vul,
high_total=total_high,
medium_total=total_medium,
low_total=total_low)
def xml_parser(root, project_id, scan_id):
for openvas in root.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = datetime.datetime.now()
vul_id = uuid.uuid4()
save_all = ov_scan_result_db(scan_id=scan_id,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive='No')
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id).values(
'name', 'severity', 'vuln_color', 'threat', 'host',
'port').distinct()
total_vul = len(openvas_vul)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
scan_save_db.objects.filter(scan_id=scan_id).update(
total_vul=total_vul,
high_total=total_high,
medium_total=total_medium,
low_total=total_low)
def vuln_an_id(scan_id, project_id):
"""
The function is filtering all data from OpenVAS and dumping to Archery database.
:param scan_id:
:return:
"""
# ov_user = openvas_setting.openvas_username()
# ov_pass = openvas_setting.openvas_pass()
# ov_ip = openvas_setting.openvas_host()
#
# lod_ov_user = signing.loads(ov_user)
# lod_ov_pass = signing.loads(ov_pass)
# lod_ov_ip = signing.loads(ov_ip)
all_openvas = openvas_setting_db.objects.all()
for openvas in all_openvas:
ov_user = openvas.user
ov_pass = openvas.password
ov_ip = openvas.host
lod_ov_user = ov_user
lod_ov_pass = ov_pass
lod_ov_ip = ov_ip
scanner = VulnscanManager(str(lod_ov_ip),
str(lod_ov_user),
str(lod_ov_pass))
openvas_results = scanner.get_raw_xml(str(scan_id))
for openvas in openvas_results.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = timezone.now()
vul_id = uuid.uuid4()
dup_data = name + host + severity + port
duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest()
match_dup = ov_scan_result_db.objects.filter(
vuln_duplicate=duplicate_hash).values('vuln_duplicate').distinct()
lenth_match = len(match_dup)
if lenth_match == 1:
duplicate_vuln = 'Yes'
elif lenth_match == 0:
duplicate_vuln = 'No'
else:
duplicate_vuln = 'None'
false_p = ov_scan_result_db.objects.filter(
false_positive_hash=duplicate_hash)
fp_lenth_match = len(false_p)
if fp_lenth_match == 1:
false_positive = 'Yes'
else:
false_positive = 'No'
save_all = ov_scan_result_db(scan_id=scan_id,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive=false_positive,
vuln_status='Open',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln,
project_id=project_id,
)
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
log_total = len(openvas_vul.filter(threat="Log"))
total_duplicate = len(openvas_vul.filter(vuln_duplicate='Yes'))
total_vul = total_high + total_medium + total_low
scan_save_db.objects.filter(scan_id=scan_id). \
update(total_vul=total_vul,
high_total=total_high,
medium_total=total_medium,
log_total=log_total,
low_total=total_low,
total_dup=total_duplicate,
)
for row in ov_scan_result_db.objects.all():
if ov_scan_result_db.objects.filter(name=row.name, port=row.port, scan_id=scan_id).count() > 1:
row.delete()
def xml_parser(root, project_id, scan_id):
"""
OpenVAS Scanner report parser.
:param root:
:param project_id:
:param scan_id:
:return:
"""
for openvas in root.findall(".//result"):
for r in openvas:
if r.tag == "name":
global name
if r.text is None:
name = "NA"
else:
name = r.text
if r.tag == "creation_time":
global creation_time
if r.text is None:
creation_time = "NA"
else:
creation_time = r.text
if r.tag == "modification_time":
global modification_time
if r.text is None:
modification_time = "NA"
else:
modification_time = r.text
if r.tag == "host":
global host
if r.text is None:
host = "NA"
else:
host = r.text
if r.tag == "port":
global port
if r.text is None:
port = "NA"
else:
port = r.text
if r.tag == "threat":
global threat
if r.text is None:
threat = "NA"
else:
threat = r.text
if r.tag == "severity":
global severity
if r.text is None:
severity = "NA"
else:
severity = r.text
if r.tag == "description":
global description
if r.text is None:
description = "NA"
else:
description = r.text
for rr in r.getchildren():
if rr.tag == "family":
global family
if rr.text is None:
family = "NA"
else:
family = rr.text
if rr.tag == "cvss_base":
global cvss_base
if rr.text is None:
cvss_base = "NA"
else:
cvss_base = rr.text
if rr.tag == "cve":
global cve
if rr.text is None:
cve = "NA"
else:
cve = rr.text
if rr.tag == "bid":
global bid
if rr.text is None:
bid = "NA"
else:
bid = rr.text
if rr.tag == "xref":
global xref
if rr.text is None:
xref = "NA"
else:
xref = rr.text
if rr.tag == "tags":
global tags
if rr.text is None:
tags = "NA"
else:
tags = rr.text
if rr.tag == "type":
global banner
if rr.text is None:
banner = "NA"
else:
banner = rr.text
date_time = datetime.datetime.now()
vul_id = uuid.uuid4()
dup_data = name + host + severity + port
duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest()
match_dup = ov_scan_result_db.objects.filter(
vuln_duplicate=duplicate_hash).values('vuln_duplicate').distinct()
lenth_match = len(match_dup)
vuln_color = ''
if threat == 'High':
vuln_color = 'danger'
elif threat == 'Medium':
vuln_color = 'warning'
elif threat == 'Low':
vuln_color = 'info'
elif threat == 'Log':
vuln_color = 'info'
if lenth_match == 1:
duplicate_vuln = 'Yes'
elif lenth_match == 0:
duplicate_vuln = 'No'
else:
duplicate_vuln = 'None'
false_p = ov_scan_result_db.objects.filter(
false_positive_hash=duplicate_hash)
fp_lenth_match = len(false_p)
if fp_lenth_match == 1:
false_positive = 'Yes'
else:
false_positive = 'No'
save_all = ov_scan_result_db(scan_id=scan_id,
vul_id=vul_id,
name=name,
creation_time=creation_time,
modification_time=modification_time,
host=host,
port=port,
threat=threat,
severity=severity,
description=description,
family=family,
cvss_base=cvss_base,
cve=cve,
bid=bid,
xref=xref,
tags=tags,
banner=banner,
date_time=date_time,
false_positive=false_positive,
vuln_status='Open',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln,
project_id=project_id,
vuln_color=vuln_color)
save_all.save()
openvas_vul = ov_scan_result_db.objects.filter(scan_id=scan_id)
total_high = len(openvas_vul.filter(threat="High"))
total_medium = len(openvas_vul.filter(threat="Medium"))
total_low = len(openvas_vul.filter(threat="Low"))
total_duplicate = len(openvas_vul.filter(vuln_duplicate='Yes'))
total_vul = total_high + total_medium + total_low
scan_save_db.objects.filter(scan_id=scan_id). \
update(total_vul=total_vul,
high_total=total_high,
medium_total=total_medium,
low_total=total_low,
total_dup=total_duplicate,
)