def test_reopen_vulnerability(self):
vulnerability = create_vulnerability(self.asset, self.cve)
self.assertEqual(VulnerabilityDocument.search().count(), 1)
VulnerabilityDocument.create_or_update({}, [self.asset.ip_address],
ConfigMock())
thread_pool_executor.wait_for_all()
self.assertEqual(VulnerabilityDocument.search().count(), 1)
result = VulnerabilityDocument.search().filter(
'term', asset__ip_address=self.asset.ip_address).execute()
self.assertEqual(result.hits[0].tags,
['test', VulnerabilityStatus.FIXED])
VulnerabilityDocument.create_or_update(
{vulnerability.id: vulnerability}, [self.asset.ip_address],
ConfigMock())
thread_pool_executor.wait_for_all()
self.assertEqual(VulnerabilityDocument.search().count(), 1)
result = VulnerabilityDocument.search().filter(
'term', asset__ip_address=self.asset.ip_address).execute()
self.assertEqual(result.hits[0].tags,
['test', VulnerabilityStatus.REOPEN])
def _update_scans(config_pk: int):
LOGGER.debug(F'Starting update scans: {config_pk}')
config = Config.objects.filter(pk=config_pk)
if config.exists():
config = config.first()
else:
LOGGER.error(F'Config: {config_pk} not exist!')
return None
try:
config.set_status(Config.Status.IN_PROGRESS)
manager = scanners_registry.get(config)
client = manager.get_client()
parser = manager.get_parser()
now_date = now()
LOGGER.info(F'Trying to download scan lists')
scan_list = client.get_scans()
scan_list = parser.get_scans_ids(scan_list)
LOGGER.info(F'scan list downloaded')
LOGGER.debug(F'Scan list: {scan_list}')
for scan_id in scan_list:
LOGGER.info(F'Trying to download report form {config.name}')
file = client.download_scan(scan_id, client.ReportFormat.XML)
path = _get_save_path(config)
file_name = '{}-{}.zip'.format(config.scanner, now().strftime('%H-%M-%S'))
full_file_path = Path(path) / file_name
LOGGER.info(F"Saving file: {full_file_path}")
thread_pool_executor.submit(save_scan, client, scan_id, file, full_file_path)
saved_scan = Scan.objects.create(config=config, file=str(full_file_path))
file_url = F"{getattr(settings, 'ABSOLUTE_URI', '')}{reverse('download_scan', args=[saved_scan.file_id])}"
targets = copy.deepcopy(file)
LOGGER.info(F'Retrieving discovered assets for {config.name}')
discovered_assets = AssetDocument.get_assets_with_tag(tag=AssetStatus.DISCOVERED, config=config)
LOGGER.info(F'Trying to parse scan file {scan_id}')
vulns, scanned_hosts = parser.parse(file, file_url)
LOGGER.info(F'File parsed: {scan_id}')
LOGGER.info(F'Trying to parse targets from file {scan_id}')
targets = parser.get_targets(targets)
LOGGER.info(F'Targets parsed: {scan_id}')
if targets:
LOGGER.info(F'Attempting to update discovered assets in {config.name}')
AssetDocument.update_gone_discovered_assets(targets=targets, scanned_hosts=scanned_hosts,
discovered_assets=discovered_assets, config=config)
LOGGER.info(F'Attempting to update vulns data in {config.name}')
VulnerabilityDocument.create_or_update(vulns, scanned_hosts, config)
config.last_scans_pull = now_date
config.set_status(Config.Status.SUCCESS)
config.save(update_fields=['last_scans_pull'])
except Exception as e:
config.set_status(status=Config.Status.ERROR, error_description=e)
LOGGER.error(F'Error while loading vulnerability data {e}')
finally:
thread_pool_executor.wait_for_all()
def test_not_updated_existing_vulnerability(self):
vuln = create_vulnerability(self.asset, self.cve)
self.assertEqual(VulnerabilityDocument.search().count(), 1)
updated_vuln = vuln.clone()
VulnerabilityDocument.create_or_update({updated_vuln.id: updated_vuln}, [], ConfigMock())
thread_pool_executor.wait_for_all()
self.assertEqual(VulnerabilityDocument.search().count(), 1)
result_2 = VulnerabilityDocument.search().filter(
'term', asset__ip_address=self.asset.ip_address).sort('-modified_date').filter(
'term', cve__id=self.cve.id).execute()
self.assertEqual(result_2.hits[0].description, 'description')
def _update_scans(config_pk: int):
config = Config.objects.filter(pk=config_pk)
if config.exists():
config = config.first()
try:
config.set_status(Config.Status.IN_PROGRESS)
client, parser = scanners_registry.get(config)
now_date = now()
scan_list = client.get_scans(last_modification_date=config.last_scans_pull)
scan_list = parser.get_scans_ids(scan_list)
for scan_id in scan_list:
LOGGER.info(F'Trying to download report form {config.name}')
file = client.download_scan(scan_id)
targets = copy.deepcopy(file)
LOGGER.info(F'Retrieving discovered assets for {config.name}')
discovered_assets = AssetDocument.get_assets_with_tag(tag=AssetStatus.DISCOVERED, config=config)
LOGGER.info(F'Trying to parse scan file {scan_id}')
vulns, scanned_hosts = parser.parse(file)
LOGGER.info(F'File parsed: {scan_id}')
LOGGER.info(F'Trying to parse targets from file {scan_id}')
if hasattr(parser, "get_targets"):
targets = parser.get_targets(targets)
else:
targets = client.get_targets(targets)
LOGGER.info(F'Targets parsed: {scan_id}')
if targets:
LOGGER.info(F'Attempting to update discovered assets in {config.name}')
AssetDocument.update_gone_discovered_assets(targets=targets, scanned_hosts=scanned_hosts,
discovered_assets=discovered_assets, config=config)
LOGGER.info(F'Attempting to update vulns data in {config.name}')
VulnerabilityDocument.create_or_update(vulns, scanned_hosts, config)
config.last_scans_pull = now_date
config.set_status(Config.Status.SUCCESS)
config.save(update_fields=['last_scans_pull'])
except Exception as e:
config.set_status(status=Config.Status.ERROR, error_description=e)
LOGGER.error(F'Error while loading vulnerability data {e}')
finally:
thread_pool_executor.wait_for_all()