def OpenVAS_xml_upload(request):
username = request.user.username
"""
OpenVAS XML file upload.
:param request:
:return:
"""
all_project = project_db.objects.filter(username=username)
if request.method == "POST":
project_id = request.POST.get("project_id")
scanner = request.POST.get("scanner")
xml_file = request.FILES['xmlfile']
scan_ip = request.POST.get("scan_url")
scan_id = uuid.uuid4()
scan_status = "100"
if scanner == "openvas":
date_time = datetime.now()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
hosts = OpenVas_Parser.get_hosts(root_xml)
for host in hosts:
scan_dump = openvas_scan_db(scan_ip=host,
scan_id=host,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
username=username)
scan_dump.save()
OpenVas_Parser.updated_xml_parser(project_id=project_id,
scan_id=scan_id,
root=root_xml,
username=username)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse('networkscanners:index'))
elif scanner == "nessus":
date_time = datetime.now()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
Nessus_Parser.updated_nessus_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
username=username,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse('nessus:nessus_list'))
elif scanner == "nmap":
tree = ET.parse(xml_file)
root_xml = tree.getroot()
nmap_parser.xml_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
username=username,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse('tools:nmap_scan'))
return render(request, 'net_upload_xml.html', {'all_project': all_project})
def OpenVAS_xml_upload(request):
"""
OpenVAS XML file upload.
:param request:
:return:
"""
all_project = project_db.objects.all()
if request.method == "POST":
project_id = request.POST.get("project_id")
scanner = request.POST.get("scanner")
xml_file = request.FILES['xmlfile']
scan_ip = request.POST.get("scan_url")
scan_id = uuid.uuid4()
scan_status = "100"
if scanner == "openvas":
date_time = datetime.now()
scan_dump = scan_save_db(scan_ip=scan_ip,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status)
scan_dump.save()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
OpenVas_Parser.xml_parser(project_id=project_id,
scan_id=scan_id,
root=root_xml)
return HttpResponseRedirect(reverse('networkscanners:index'))
elif scanner == "nessus":
date_time = datetime.now()
scan_dump = nessus_scan_db(scan_ip=scan_ip,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status)
scan_dump.save()
scan_dump.save()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
Nessus_Parser.nessus_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
return HttpResponseRedirect(reverse('networkscanners:nessus_scan'))
elif scanner == "nmap":
tree = ET.parse(xml_file)
root_xml = tree.getroot()
nmap_parser.xml_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
return HttpResponseRedirect(reverse('tools:nmap_scan'))
return render(request, 'net_upload_xml.html', {'all_project': all_project})
def nmap(request):
"""
:return:
"""
global all_nmap
username = request.user.username
if request.method == 'GET':
ip_address = request.GET['ip']
all_nmap = nmap_result_db.objects.filter(username=username,
ip_address=ip_address)
if request.method == 'POST':
ip_address = request.POST.get('ip')
project_id = request.POST.get('project_id')
scan_id = uuid.uuid4()
try:
print('Start Nmap scan')
subprocess.check_output([
'nmap', '-v', '-sV', '-Pn', '-p', '1-65535', ip_address, '-oX',
'output.xml'
])
print('Completed nmap scan')
except Exception as e:
print('Eerror in nmap scan:', e)
try:
tree = ET.parse('output.xml')
root_xml = tree.getroot()
nmap_parser.xml_parser(root=root_xml,
scan_id=scan_id,
project_id=project_id,
username=username)
except Exception as e:
print('Error in xml parser:', e)
return HttpResponseRedirect('/tools/nmap_scan/')
return render(request, 'nmap_list.html', {'all_nmap': all_nmap})
def nmap(request):
"""
:return:
"""
if request.method == 'GET':
ip_address = request.GET['ip']
all_nmap = nmap_result_db.objects.filter(ip_address=ip_address)
if request.method == 'POST':
ip_address = request.POST.get('ip')
project_id = request.POST.get('project_id')
scan_id = uuid.uuid4()
try:
print('Start Nmap scan')
subprocess.check_output(
['nmap', '-v', '-sV', '-Pn', '-p', '1-65535', ip_address, '-oX', 'output.xml']
)
print('Completed nmap scan')
except Exception as e:
print('Eerror in nmap scan:', e)
try:
tree = ET.parse('output.xml')
root_xml = tree.getroot()
nmap_parser.xml_parser(root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
except Exception as e:
print('Error in xml parser:', e)
return HttpResponseRedirect('/tools/nmap_scan/')
return render(request,
'nmap_list.html',
{'all_nmap': all_nmap}
)
def post(self, request):
ip_address = request.POST.get("ip")
project_id = request.POST.get("project_id")
scan_id = uuid.uuid4()
try:
print("Start Nmap scan")
subprocess.check_output([
"nmap",
"-v",
"-sV",
"-Pn",
"-p",
"1-65535",
ip_address,
"-oX",
"output.xml",
])
print("Completed nmap scan")
except Exception as e:
print("Eerror in nmap scan:", e)
try:
tree = ET.parse("output.xml")
root_xml = tree.getroot()
nmap_parser.xml_parser(root=root_xml,
scan_id=scan_id,
project_id=project_id)
except Exception as e:
print("Error in xml parser:", e)
return HttpResponseRedirect("/tools/nmap_scan/")
def post(self, request):
all_project = ProjectDb.objects.filter()
project_uu_id = request.POST.get("project_id")
project_id = (ProjectDb.objects.filter(
uu_id=project_uu_id).values("id").get()["id"])
scanner = request.POST.get("scanner")
file = request.FILES["file"]
target = request.POST.get("target")
scan_id = uuid.uuid4()
scan_status = "100"
if scanner == "zap_scan":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request,
"ZAP Scanner Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
tree = ET.parse(file)
date_time = datetime.now()
root_xml = tree.getroot()
en_root_xml = ET.tostring(root_xml, encoding="utf8").decode(
"ascii", "ignore")
root_xml_en = ET.fromstring(en_root_xml)
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
rescan="No",
scanner="Zap",
)
scan_dump.save()
zap_xml_parser.xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml_en,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "burp_scan":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Burp Scan Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
# Burp scan XML parser
tree = ET.parse(file)
root_xml = tree.getroot()
en_root_xml = ET.tostring(root_xml, encoding="utf8").decode(
"ascii", "ignore")
root_xml_en = ET.fromstring(en_root_xml)
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Burp",
)
scan_dump.save()
burp_xml_parser.burp_scan_data(root_xml_en, project_id,
scan_id)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "arachni":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Arachni Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Arachni",
)
scan_dump.save()
arachni_xml_parser.xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml,
target_url=target,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "netsparker":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Netsparker Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Netsparker",
)
scan_dump.save()
netsparker_xml_parser.xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "webinspect":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Webinspect Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Webinspect",
)
scan_dump.save()
webinspect_xml_parser.xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "acunetix":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Acunetix Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
scan_dump = WebScansDb(
scan_url=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scanner="Acunetix",
scan_status=scan_status,
)
scan_dump.save()
acunetix_xml_parser.xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("webscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "dependencycheck":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request,
"Dependencycheck Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
data = etree.parse(file)
root = data.getroot()
scan_dump = StaticScansDb(
project_name=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Dependencycheck",
)
scan_dump.save()
dependencycheck_report_parser.xml_parser(project_id=project_id,
scan_id=scan_id,
data=root)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "checkmarx":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Checkmarx Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
data = etree.parse(file)
root = data.getroot()
scan_dump = StaticScansDb(
project_name=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
)
scan_dump.save()
checkmarx_xml_report_parser.checkmarx_report_xml(
project_id=project_id, scan_id=scan_id, data=root)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "findbugs":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Findbugs Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root = tree.getroot()
scan_dump = StaticScansDb(
project_name=target,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
)
scan_dump.save()
findbugs_report_parser.xml_parser(project_id=project_id,
scan_id=scan_id,
root=root)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
elif scanner == "nikto":
try:
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Nikto Only XML file Support")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
scan_dump = NiktoResultDb(
date_time=date_time,
scan_url=target,
scan_id=scan_id,
project_id=project_id,
)
scan_dump.save()
nikto_html_parser(file, project_id, scan_id)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("tools:nikto"))
except:
messages.error(request, "File Not Supported")
return render(request, "report_upload/upload.html",
{"all_project": all_project})
if scanner == "bandit_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Bandit Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Bandit"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "retirejs_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Retirejs Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Retirejs"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "clair_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Clair Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Clair"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "trivy_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Trivy Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Trivy"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "npmaudit_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"NPM Audit Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Npmaudit"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "nodejsscan_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Nodejs scan Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Nodejsscan"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "semgrepscan_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Semgrep scan Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Semgrep"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "tfsec_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Tfsec Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Tfsec"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "whitesource_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Whitesource Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Whitesource"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "inspec_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Inspec Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scan_dump = InspecScanDb(
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
)
scan_dump.save()
inspec_report_json(
data=data,
project_id=project_id,
scan_id=scan_id,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("inspec:inspec_list"))
except:
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "dockle_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request, "Dockle Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scan_dump = DockleScanDb(
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
)
scan_dump.save()
dockle_report_json(
data=data,
project_id=project_id,
scan_id=scan_id,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("dockle:dockle_list"))
except:
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "gitlabsast_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Gitlabsast Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Gitlabsast"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "gitlabcontainerscan_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(
request,
"Gitlabcontainerscan Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Gitlabcontainerscan"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "gitlabsca_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Gitlabsca Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Gitlabsca"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "twistlock_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Twistlock Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Twistlock"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "brakeman_scan":
try:
if self.check_file_ext(str(file)) != ".json":
messages.error(request,
"Brakeman Only JSON file Supported")
return HttpResponseRedirect(
reverse("report_upload:upload"))
date_time = datetime.now()
j = file.read()
data = json.loads(j)
scanner = "Brakeman_scan"
upload(
target,
scan_id,
date_time,
project_id,
scan_status,
scanner,
data,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(
reverse("staticscanners:list_scans"))
except Exception as e:
print(e)
messages.error(request, "File Not Supported")
return render(
request,
"report_upload/upload.html",
{"all_project": all_project},
)
if scanner == "openvas":
if self.check_file_ext(str(file)) != ".xml":
messages.error(request, "Openvas Only XML file Supported")
return HttpResponseRedirect(reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
hosts = OpenVas_Parser.get_hosts(root_xml)
for host in hosts:
scan_dump = NetworkScanDb(
ip=host,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status,
scanner="Openvas",
)
scan_dump.save()
OpenVas_Parser.updated_xml_parser(
project_id=project_id,
scan_id=scan_id,
root=root_xml,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("networkscanners:list_scans"))
elif scanner == "nessus":
if self.check_file_ext(str(file)) != ".nessus":
messages.error(request, "Nessus Only .nessus file Supported")
return HttpResponseRedirect(reverse("report_upload:upload"))
date_time = datetime.now()
tree = ET.parse(file)
root_xml = tree.getroot()
Nessus_Parser.updated_nessus_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("networkscanners:list_scans"))
elif scanner == "nmap":
tree = ET.parse(file)
root_xml = tree.getroot()
nmap_parser.xml_parser(
root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
messages.success(request, "File Uploaded")
return HttpResponseRedirect(reverse("tools:nmap_scan"))
def OpenVas_xml_upload(request):
"""
OpenVAS XML file upload.
:param request:
:return:
"""
all_project = project_db.objects.all()
if request.method == "POST":
project_id = request.POST.get("project_id")
scanner = request.POST.get("scanner")
xml_file = request.FILES['xmlfile']
scan_ip = request.POST.get("scan_url")
scan_id = uuid.uuid4()
scan_status = "100"
if scanner == "openvas":
date_time = datetime.now()
scan_dump = scan_save_db(scan_ip=scan_ip,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status)
scan_dump.save()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
OpenVas_Parser.xml_parser(project_id=project_id,
scan_id=scan_id,
root=root_xml)
return HttpResponseRedirect("/networkscanners/")
elif scanner == "nessus":
date_time = datetime.now()
scan_dump = nessus_scan_db(
scan_ip=scan_ip,
scan_id=scan_id,
date_time=date_time,
project_id=project_id,
scan_status=scan_status
)
scan_dump.save()
scan_dump.save()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
Nessus_Parser.nessus_parser(root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
return HttpResponseRedirect("/networkscanners/nessus_scan")
elif scanner == "nmap":
# date_time = datetime.now()
# scan_dump = nessus_scan_db(
# scan_ip=scan_ip,
# scan_id=scan_id,
# date_time=date_time,
# project_id=project_id,
# scan_status=scan_status
# )
# scan_dump.save()
tree = ET.parse(xml_file)
root_xml = tree.getroot()
nmap_parser.xml_parser(root=root_xml,
scan_id=scan_id,
project_id=project_id,
)
return HttpResponseRedirect("/tools/nmap_scan/")
return render(request,
'net_upload_xml.html',
{'all_project': all_project})
