def _get_phantom_base_url(self, action_result): """ Get base url of phantom. :param action_result: object of ActionResult class :return: status phantom.APP_ERROR/phantom.APP_SUCCESS(along with appropriate message), base url of phantom """ url = '{0}{1}{2}'.format(BaseConnector._get_phantom_base_url(), 'rest', PHANTOM_SYSTEM_INFO_ENDPOINT) ret_val, resp_json = self._make_rest_call(action_result=action_result, endpoint=url, verify=False) if phantom.is_fail(ret_val): return ret_val, None phantom_base_url = resp_json.get('base_url') if not phantom_base_url: return action_result.set_status( phantom.APP_ERROR, WEBEX_ERR_PHANTOM_BASE_URL_NOT_FOUND), None return phantom.APP_SUCCESS, phantom_base_url.rstrip('/')
args = argparser.parse_args() session_id = None username = args.username password = args.password if (username is not None and password is None): # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: "******"Accessing the Login page") r = requests.get(BaseConnector._get_phantom_base_url() + "login", verify=False) csrftoken = r.cookies['csrftoken'] data = dict() data['username'] = username data['password'] = password data['csrfmiddlewaretoken'] = csrftoken headers = dict() headers['Cookie'] = 'csrftoken=' + csrftoken headers['Referer'] = BaseConnector._get_phantom_base_url() + 'login' print ("Logging into Platform to get the session id") r2 = requests.post(BaseConnector._get_phantom_base_url() + "login", verify=False, data=data, headers=headers) session_id = r2.cookies['sessionid'] except Exception as e:
argparser.add_argument('-p', '--password', help='password', required=False) args = argparser.parse_args() session_id = None username = args.username password = args.password if (username is not None and password is None): # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: "******"login" try: print("Accessing the Login page") r = requests.get(login_url, verify=False) csrftoken = r.cookies['csrftoken'] data = dict() data['username'] = username data['password'] = password data['csrfmiddlewaretoken'] = csrftoken headers = dict() headers['Cookie'] = 'csrftoken=' + csrftoken headers['Referer'] = login_url print("Logging into Platform to get the session id")
args = argparser.parse_args() session_id = None username = args.username password = args.password if (username is not None and password is None): # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: "******"Accessing the Login page") login_url = BaseConnector._get_phantom_base_url() + "login" r = requests.get(login_url, verify=False) csrftoken = r.cookies['csrftoken'] data = dict() data['username'] = username data['password'] = password data['csrfmiddlewaretoken'] = csrftoken headers = dict() headers['Cookie'] = 'csrftoken=' + csrftoken headers['Referer'] = BaseConnector._get_phantom_base_url( ) + 'login' print("Logging into Platform to get the session id") r2 = requests.post(login_url,
def main(): import pudb import argparse pudb.set_trace() argparser = argparse.ArgumentParser() argparser.add_argument('input_test_json', help='Input Test JSON file') argparser.add_argument('-u', '--username', help='username', required=False) argparser.add_argument('-p', '--password', help='password', required=False) args = argparser.parse_args() session_id = None username = args.username password = args.password if username is not None and password is None: import getpass password = getpass.getpass("Password: "******"Unable to get session id from the platform. Error: " + str(e)) exit(1) with open(args.input_test_json) as f: in_json = f.read() in_json = json.loads(in_json) connector = ConsolidatedScreeningListConnector() connector.print_progress_message = True if session_id is not None: in_json['user_session_token'] = session_id connector._set_csrf_info(csrftoken, headers['Referer']) ret_val = connector._handle_action(json.dumps(in_json), None) print(json.dumps(json.loads(ret_val), indent=4)) exit(0)
args = argparser.parse_args() session_id = None username = args.username password = args.password if username is not None and password is None: # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: "******"Accessing the Login page") r = requests.get(BaseConnector._get_phantom_base_url() + "login", verify=False) csrftoken = r.cookies['csrftoken'] data = dict() data['username'] = username data['password'] = password data['csrfmiddlewaretoken'] = csrftoken headers = dict() headers['Cookie'] = 'csrftoken=' + csrftoken headers['Referer'] = BaseConnector._get_phantom_base_url() print("Logging into Platform to get the session id") r2 = requests.post(BaseConnector._get_phantom_base_url(), verify=False,
session_id = None username = args.username password = args.password if (username is not None and password is None): # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: "******"Accessing the Login page") login_url = "{}/login".format( BaseConnector._get_phantom_base_url()) r = requests.get(login_url, verify=False) csrftoken = r.cookies['csrftoken'] data = dict() data['username'] = username data['password'] = password data['csrfmiddlewaretoken'] = csrftoken headers = dict() headers['Cookie'] = 'csrftoken=' + csrftoken headers['Referer'] = login_url print("Logging into Platform to get the session id") r2 = requests.post(login_url, verify=False,
def _on_poll(self, param): self.__print('_on_poll()') login_url = BaseConnector._get_phantom_base_url() config = self.get_config() # Integer Validation for 'container_count' parameter hours = param.get('container_count') ret_val, hours = self._validate_integer(self, hours, CONTAINER_COUNT_KEY) if phantom.is_fail(ret_val): return self.get_status() date = None if self.is_poll_now(): self.debug_print( "There might be timezone variance. Please check for the timezone variance." ) date = (datetime.datetime.now() - datetime.timedelta(hours=hours) ).strftime('%Y-%m-%dT%H:%M:%S.%fZ') else: m = param.get('start_time') s = m / 1000 date = datetime.datetime.fromtimestamp(s).strftime( '%Y-%m-%dT%H:%M:%S.%fZ') program = config['program_name'] try: state = config['state_filter'] except: state = None try: assignment = config['assignment_filter'] except: assignment = None add_comments = config.get('full_comments', False) reports = self._get_filtered_reports(program, state, assignment, add_comments, date) if reports is not None: self.__print('{0} reports were returned'.format(len(reports))) self.save_progress('{0} reports were returned'.format( len(reports))) for report in reports: existing_container = None container_name = 'H1 {0}: {1}'.format(report['id'], report['title']) endpoint = login_url + '/rest/container?_filter_name__startswith="H1 {0}"'.format( report['id']) containers = self._get_phantom_data(endpoint) if containers['count'] > 0: existing_container = containers['data'][0]['id'] container = {} container[ 'source_data_identifier'] = 'HackerOne Report - {0}'.format( report['id']) container['name'] = container_name artifacts = [] artifact = {} artifact['label'] = 'report' artifact['name'] = 'HackerOne Report - {0}'.format( report['id']) artifact['source_data_identifier'] = '{0}-{1}'.format( report['id'], self.get_container_id()) artifact['severity'] = 'medium' artifact['cef'] = report artifacts.append(artifact) try: for comment in report['comments']: artifact = {} artifact['label'] = 'report comment' artifact['name'] = 'Comment - {0}'.format( comment['id']) artifact[ 'source_data_identifier'] = 'HackerOne report - {0}: Comment - {1}'.format( report['id'], comment['id']) artifact['severity'] = 'medium' artifact['cef'] = comment artifacts.append(artifact) except: pass try: for attachment in report['attachments']: artifact = {} artifact['label'] = 'report attachment' artifact['name'] = 'Attachment - {0}'.format( attachment['id']) artifact[ 'source_data_identifier'] = 'HackerOne report - {0}: Attachment - {1}'.format( report['id'], attachment['id']) artifact['severity'] = 'medium' artifact['cef'] = attachment artifacts.append(artifact) except: pass if not existing_container: container['artifacts'] = artifacts self.save_container(container) else: endpoint = login_url + '/rest/container/{0}/artifacts?page_size=0'.format( existing_container) container_artifacts = self._get_phantom_data( endpoint)['data'] duplicates = {} for container_artifact in container_artifacts: duplicates[container_artifact[ 'name']] = container_artifact['id'] for artifact in artifacts: if 'report' == artifact['label']: if artifact['name'] in duplicates: artifact['cef']['updated'] = True artifact['container_id'] = existing_container artifact['run_automation'] = True self.debug_print( "There might be timezone variance. Please check for the timezone variance." ) artifact[ 'source_data_identifier'] = '{0}-{1}'.format( report['id'], datetime.datetime.now().strftime( '%Y-%m-%d-%H-%M-%S')) endpoint = login_url + '/rest/artifact/{0}'.format( duplicates[artifact['name']]) self._delete_phantom_data(endpoint) status, message, artid = self.save_artifact( artifact) self.__print(status) self.__print(message) self.__print(artid) if artifact['name'] not in duplicates: artifact['container_id'] = existing_container self.save_artifact(artifact) self.__print('Successfully stored report container') self.save_progress('Successfully stored report container') return self.set_status(phantom.APP_SUCCESS, 'Successfully stored report data') else: self.__print('Failed to connect to HackerOne') self.save_progress('Failed to connect to HackerOne') return self.set_status(phantom.APP_ERROR, 'Failed to connect to HackerOne')