def get_location(self): """ Jeśli zmieni się struktura odpowiedzi to tutaj tylko zmieniać """ location = DictX(self.data.get("location")) if location: response = {} response.update({"country" : location.country}) response.update({"longitude" : location.longitude}) response.update({"latitude" : location.latitude}) response.update({"timezone" : location.timezone}) response.update({"continent" : location.continent}) response.update({"registered_country" : {location.registered_country_code : location.registered_country}}) return DictX(response)
def get_autonomous_system(self): """ Jeśli zmieni się struktura odpowiedzi to tutaj tylko zmieniać autonomous_system": {"description": "GOOGLE", "rir": "unknown", "routed_prefix": "8.8.8.0/24", "country_code": "US", "path": [15169], "asn": 15169, "name": "GOOGLE"}, """ autonomous_system = DictX(self.data.get("autonomous_system")) if autonomous_system: response = {} response.update({"description" : autonomous_system.description}) response.update({"rir" : autonomous_system.rir}) response.update({"routed_prefix" : autonomous_system.routed_prefix}) response.update({"path" : autonomous_system.path}) response.update({"asn" : autonomous_system.asn}) response.update({"name" : autonomous_system.name}) return DictX(response)
class DNSWrapper: def __init__(self, data): self.__lookup = DictX(data.get("lookup")) self.__names = self.get_names() def get_names(self): answers = self.__lookup.get("answers") names = [] if answers: for answer in answers: names.append(answer.get("name")) return list(set(names)) #unikalne tylko @property def names(self): return self.__names @property def is_resolves_correctly(self): return self.__lookup.get("resolves_correctly") @property def is_support(self): return self.__lookup.get("support") @property def is_open_resolver(self): return self.__lookup.get("open_resolver") @property def is_erros(self): return self.__lookup.get("errors") if self.__lookup.get("errors") else None def __str__(self): return f"Names:{self.names}\nis_erros:{self.is_erros}\nis_resolves_correctly:{self.is_resolves_correctly}\nis_support:{self.is_support}\nis_open_resolver:{self.is_open_resolver}"
class IPParser: # TODO zabezpieczenia na brak danych """ Zna strukturę odpowiedzi od censysa dla zapytań dotyczących adresu ip https://censys.io/ipv4/8.8.8.8 """ def __init__(self, data): self.data = DictX(data) def get_ports(self): """ Osobno z pierwszego zagnieżdzęnia wyciągam porty - moze być przydatne w porównywaniu z self.get_protocols() """ ports = [] for key in list(self.data.keys()): if key.isnumeric(): ports.append(key) return ports # ---- protokoły ---- def get_dns(self): """ Bo różne usługi nie musza być na standardowych portach """ ports = self.get_ports() for port in ports: data_dns = self.data[port].get("dns") if data_dns: return DNSWrapper(data_dns) def get_https(self): """ Bo różne usługi nie musza być na standardowych portach """ ports = self.get_ports() for port in ports: data_https = self.data[port].get("https") if data_https: return HTTPSWrapper(data_https).to_json def get_os(self): """ W metadata są os i os_description """ response = None metadata = self.data.get("metadata") if metadata: os = metadata.get("os") os_description = metadata.get("os_description") response = list(set([os, os_description])) return response def get_protocols(self): """ Ten sam protokół moze być wykorzystywany używany na kilku portach """ protocols = self.data.get("protocols") protocols_port = {} used_protocols = [] for protocol in protocols: port, protocol_name = protocol.split("/") if protocol_name in protocols_port: protocols_port[protocol_name].append(port) else: protocols_port.update({protocol_name: [port]}) used_protocols.append(protocol_name) return protocols_port, used_protocols def get_location(self): """ Jeśli zmieni się struktura odpowiedzi to tutaj tylko zmieniać """ location = DictX(self.data.get("location")) if location: response = {} response.update({"country" : location.country}) response.update({"longitude" : location.longitude}) response.update({"latitude" : location.latitude}) response.update({"timezone" : location.timezone}) response.update({"continent" : location.continent}) response.update({"registered_country" : {location.registered_country_code : location.registered_country}}) return DictX(response) def get_autonomous_system(self): """ Jeśli zmieni się struktura odpowiedzi to tutaj tylko zmieniać autonomous_system": {"description": "GOOGLE", "rir": "unknown", "routed_prefix": "8.8.8.0/24", "country_code": "US", "path": [15169], "asn": 15169, "name": "GOOGLE"}, """ autonomous_system = DictX(self.data.get("autonomous_system")) if autonomous_system: response = {} response.update({"description" : autonomous_system.description}) response.update({"rir" : autonomous_system.rir}) response.update({"routed_prefix" : autonomous_system.routed_prefix}) response.update({"path" : autonomous_system.path}) response.update({"asn" : autonomous_system.asn}) response.update({"name" : autonomous_system.name}) return DictX(response) @property def updated_at(self): return self.data.get("updated_at") if self.data.get("updated_at") else None
def __init__(self, data): self.data = DictX(data)
def __init__(self, data): self.data = DictX(data) self.__tls = self.get_tls()
class HTTPSWrapper: def __init__(self, data): self.data = DictX(data) self.__tls = self.get_tls() @property def status_code(self): get_data = self.data.get("get") return get_data.get("status_code") @property def get_metadata(self): """ Data from https://censys.io/ipv4/50.56.73.47 dla Apache httpd 2.2.17 https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-66/version_id-109443/Apache-Http-Server-2.2.17.html https://www.netcompliancesolutions.com/.htaccess - sprawdizć czy jest ta ściezka - jeśli tak tomamy apache """ get_data = self.data.get("get", {}) metadata = get_data.get("metadata") response = { "product": None, "version": None, "description": None, "manufacturer": None } if metadata: response["product"] = metadata.get("product") response["version"] = metadata.get("version") response["description"] = metadata.get("description") response["manufacturer"] = metadata.get("manufacturer") return response @property def webpage_title(self): """ Webpage title """ get_data = self.data.get("get", {}) title = get_data.get("title") return title @property def webpage_body_sha256(self): """ Webpage body_sha256 """ get_data = self.data.get("get", {}) body_sha256 = get_data.get("body_sha256") return body_sha256 @property def heartbleed(self): info = self.data.get("heartbleed", {}) if info.get("heartbeat_enabled") or info.get("heartbleed_vulnerable"): return True return False @property def rsa_export(self): return self.data.rsa_export.get("support") @property def rsa_params(self): rsa_params = self.data.rsa_export.get("rsa_params") response = {"lenght": None, "modulus": None, "exponent": None} if rsa_params: response["lenght"] = rsa_params.get("lenght") response["modulus"] = rsa_params.get("modulus") response["exponent"] = rsa_params.get("exponent") return response @property def rsa_length(self): return self.rsa_params.get("length") @property def rsa_modulus(self): return self.rsa_params.get("modulus") @property def rsa_exponent(self): return self.rsa_params.get("exponent") @property def ssl_3_support(self): return self.data.get("ssl_3", {}).get("support") @property def dhe_export(self): """ https://crypto.stackexchange.com/questions/33859/what-is-dhe-export-cipher-suite """ return self.data.dhe_export.get("support") @property def dh_params(self): dh = self.data.dhe_export.get("dh_params") response = { "prime_length": None, "prime_value": None, "generator_length": None, "generator_value": None } if dh: response["prime_length"] = dh.get("prime", {}).get("lenght") response["prime_value"] = dh.get("prime", {}).get("value") response["generator_length"] = dh.get("generator", {}).get("lenght") response["generator_value"] = dh.get("generator", {}).get("value") return response @property def dhe_support(self): return self.data.dhe.get("support") @property def logjam_attack(self): """ https://weakdh.org/ Export DHE True -> This host is vulnerable to the Logjam attack. """ return self.rsa_export @property def freak_attack(self): """ Export RSA True -> This host is vulnerable to the FREAK attack. """ return self.dhe_export @property def poodle_attack(self): """ SSLv3 Support True -> This host is vulnerable to the POODLE attack. """ return self.ssl_3_support def get_tls(self): return TLSWrapper(self.data.tls).to_json @property def tls(self): return self.__tls @property def to_json(self): result = {} result.update({"status_code": self.status_code}) result.update({"get_metadata": self.get_metadata}) result.update({"heartbleed": self.heartbleed}) result.update({"rsa_export": self.rsa_export}) result.update({"rsa_length": self.rsa_length}) result.update({"rsa_modulus": self.rsa_modulus}) result.update({"rsa_exponent": self.rsa_exponent}) result.update({"dhe_export": self.dhe_export}) result.update({"dh_params": self.dh_params}) result.update({"dhe_support": self.dhe_support}) result.update({"logjam_attack": self.logjam_attack}) result.update({"freak_attack": self.freak_attack}) result.update({"poodle_attack": self.poodle_attack}) result.update({"poodle_attack": self.poodle_attack}) result.update({"webpage_title": self.webpage_title}) result.update({"webpage_body_sha256": self.webpage_body_sha256}) result.update({"tls": self.tls}) return result def __str__(self): return Common.dict_to_string(self.to_json)
def __init__(self, data): self.data = DictX(data) self.__certificate = TLSCertificateWrapper( self.data.get("certificate", {})) self.__chain = self.__get_chain()
class TLSWrapper: def __init__(self, data): self.data = DictX(data) self.__certificate = TLSCertificateWrapper( self.data.get("certificate", {})) self.__chain = self.__get_chain() def __get_chain(self): result = [] for chain in self.data.get("chain"): result.append(TLSCertificateWrapper(chain).to_json) return result @property def chain(self): return self.__chain @property def certificate(self): return self.__certificate @property def version(self): return self.data.get("version") @property def dh_params(self): return self.data.get("server_key_exchange", {}).get("dh_params") @property def dh_prime(self): response = {"prime_length": None, "prime_value": None} prime = self.data.get("dh_params", {}).get("prime", {}) if prime: response["prime_length"] = prime.get("length") response["prime_value"] = prime.get("value") return response @property def dh_generator(self): response = {"generator_lenght": None, "generator_value": None} generator = self.data.get("dh_params", {}).get("generator", {}) if generator: response["generator_lenght"] = generator.get("length") response["generator_value"] = generator.get("value") return response @property def cipher_suite(self): return self.data.get("cipher_suite", {}) @property def cipher_suite_id(self): return self.cipher_suite.get("id") @property def cipher_suite_name(self): return self.cipher_suite.get("name") @property def session_ticket_length(self): return self.data.get("session_ticket", {}).get("length") @property def ocsp_stapling(self): return self.data.get("ocsp_stapling") @property def signature_valid(self): return self.data.get("singature", {}).get("valid") @property def validation(self): return self.data.get("validation", {}) @property def validation_browser_trusted(self): return self.validation.get("browser_trusted") @property def validation_browser_error(self): return self.validation.get("browser_error") @property def to_json(self): result = {} result.update({"chain": self.chain}) # result.update({"certificate": self.certificate}) # result.update({"version": self.version}) # result.update({"cipher_suite_id": self.cipher_suite_id}) # result.update({"cipher_suite_name": self.cipher_suite_name}) # result.update({"dh_prime": self.dh_prime}) # result.update({"dh_generator": self.dh_generator}) # result.update({"session_ticket_length": self.session_ticket_length}) # result.update({"ocsp_stapling": self.ocsp_stapling}) # result.update({"validation_browser_trusted": self.validation_browser_trusted}) # result.update({"validation_browser_error": self.validation_browser_error}) # result.update({"certificate": self.certificate.extensions}) return result def __str__(self): # return Common.dict_to_string(self.to_json) result = "" for i in self.chain: print(i) print("\n\n\n\n\n") return result
def __init__(self, data): self.__lookup = DictX(data.get("lookup")) self.__names = self.get_names()