def _create_asset_on_import(asset_value,
scan,
asset_type='unknown',
parent=None):
evt_prefix = "[EngineTasks/_create_asset_on_import()]"
Event.objects.create(message="{} Create: '{}/{} from parent {}'.".format(
evt_prefix, asset_value, asset_type, parent),
type="DEBUG",
severity="INFO",
scan=scan)
# create assets if data_type is ip-subnet or ip-range
if scan and net.is_valid_ip(asset_value):
assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range'])
asset_type = "ip"
# Search parent asset
parent_asset = None
for pa in assets:
if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value):
parent_asset = pa
break
if parent_asset:
name = asset_value
criticity = parent_asset.criticity
owner = parent_asset.owner
else:
name = asset_value
criticity = 'medium'
owner = get_user_model().objects.filter(username='******').first()
else:
if net.is_valid_ip(asset_value):
asset_type = "ip"
elif net._is_valid_domain(asset_value):
asset_type = "domain"
elif net._is_valid_url(asset_value):
asset_type = "url"
else:
asset_type = "keyword" # default :/
name = asset_value
criticity = 'medium'
owner = get_user_model().objects.filter(username='******').first()
# Create the new asset ...
asset_args = {
'value': asset_value,
'name': name,
'type': asset_type,
'criticity': criticity,
'description': "Asset dynamically created",
'owner': owner
}
asset = Asset(**asset_args)
asset.save()
# Add teams related to scan
for team in scan.scan_definition.teams.all():
asset.teams.add(team)
# Add the asset to the scan
scan.assets.add(asset)
# Then add the asset to every related asset groups
for ag in AssetGroup.objects.filter(
assets__type__in=['ip-subnet', 'ip-range']):
for aga in ag.assets.all():
if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value):
ag.assets.add(asset)
ag.save()
ag.calc_risk_grade()
ag.save()
# Creation/Update of the AssetGroup
if parent is not None:
Event.objects.create(
message="{} Looking for a group named : {}".format(
evt_prefix, parent),
type="DEBUG",
severity="INFO",
scan=scan)
asset_group = AssetGroup.objects.filter(
name="{} assets".format(parent)).first()
if asset_group is None: # Create an asset group dynamically
Event.objects.create(message="{} Create a group named : {}".format(
evt_prefix, parent),
type="DEBUG",
severity="INFO",
scan=scan)
assetgroup_args = {
'name': "{} assets".format(parent),
'criticity': criticity,
'description': "AssetGroup dynamically created",
'owner': owner
}
asset_group = AssetGroup(**assetgroup_args)
asset_group.save()
Event.objects.create(message="{} Add {} in group {}".format(
evt_prefix, asset, parent),
type="DEBUG",
severity="INFO",
scan=scan)
# Add the asset to the new group
asset_group.assets.add(asset)
asset_group.save()
# Caculate the risk grade
asset_group.calc_risk_grade()
asset_group.save()
if "new_assets_group" in scan.scan_definition.engine_policy.options.keys(
) and scan.scan_definition.engine_policy.options[
"new_assets_group"] not in ["", None]:
asset_groupname = str(
scan.scan_definition.engine_policy.options["new_assets_group"])
Event.objects.create(
message="{} Looking for a group named : {}".format(
evt_prefix, asset_groupname),
type="DEBUG",
severity="INFO",
scan=scan)
asset_group = AssetGroup.objects.filter(name=asset_groupname).first()
if asset_group is None:
assetgroup_args = {
'name': asset_groupname,
'criticity': criticity,
'description': "AssetGroup dynamically created by policy",
'owner': owner
}
asset_group = AssetGroup(**assetgroup_args)
asset_group.save()
Event.objects.create(message="{} Add {} in group {}".format(
evt_prefix, asset, asset_groupname),
type="DEBUG",
severity="INFO",
scan=scan)
# Add the asset to the group
asset_group.assets.add(asset)
asset_group.save()
# Caculate the risk grade
asset_group.calc_risk_grade()
asset_group.save()
return asset
def _create_asset_on_import(asset_value,
scan,
asset_type='unknown',
parent=None):
Event.objects.create(
message=
"[EngineTasks/_create_asset_on_import()] create: '{}/{} from parent {}'."
.format(asset_value, asset_type, parent),
type="DEBUG",
severity="INFO",
scan=scan)
# create assets if data_type is ip-subnet or ip-range
if scan and net.is_valid_ip(asset_value):
assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range'])
asset_type = "ip"
# Search parent asset
parent_asset = None
for pa in assets:
if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value):
parent_asset = pa
break
if parent_asset:
name = "{} (from '{}')".format(asset_value, parent_asset.name)
criticity = parent_asset.criticity
owner = parent_asset.owner
else:
name = asset_value
criticity = 'medium'
owner = User.objects.filter(username='******').first()
else:
if net.is_valid_ip(asset_value):
asset_type = "ip"
elif net._is_valid_domain(asset_value):
asset_type = "domain"
elif net._is_valid_url(asset_value):
asset_type = "url"
else:
asset_type = "fqdn" # default :/
name = asset_value
criticity = 'medium'
owner = User.objects.filter(username='******').first()
# Create the new asset ...
asset_args = {
'value': asset_value,
'name': name,
'type': asset_type,
'criticity': criticity,
'description': "Asset dynamically created",
'owner': owner
}
asset = Asset(**asset_args)
asset.save()
scan.assets.add(asset)
# Then add the asset to every related asset groups
for ag in AssetGroup.objects.filter(
assets__type__in=['ip-subnet', 'ip-range']):
for aga in ag.assets.all():
if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value):
ag.assets.add(asset)
ag.save()
ag.calc_risk_grade()
ag.save()
# Creation/Update of the AssetGroup
if parent is not None:
Event.objects.create(
message=
"[EngineTasks/_create_asset_on_import()] Looking for a group named : {}"
.format(parent),
type="DEBUG",
severity="INFO",
scan=scan)
asset_group = AssetGroup.objects.filter(
name="{} assets".format(parent)).first()
if asset_group is None: # Create an asset group dynamically
Event.objects.create(
message=
"[EngineTasks/_create_asset_on_import()] Create a group named : {}"
.format(parent),
type="DEBUG",
severity="INFO",
scan=scan)
assetgroup_args = {
'name': "{} assets".format(parent),
'criticity': criticity,
'description': "AssetGroup dynamically created",
'owner': owner
}
asset_group = AssetGroup(**assetgroup_args)
asset_group.save()
Event.objects.create(
message="[EngineTasks/_create_asset_on_import()] Add {} in group {}"
.format(asset, parent),
type="DEBUG",
severity="INFO",
scan=scan)
# Add the asset to the new group
asset_group.assets.add(asset)
asset_group.save()
# Caculate the risk grade
asset_group.calc_risk_grade()
asset_group.save()
return asset
def _create_asset_on_import(asset_value, scan, asset_type='ip'):
Event.objects.create(
message="[EngineTasks/_create_asset_on_import()] create: '{}/{}'.".
format(asset_value, asset_type),
type="DEBUG",
severity="INFO",
scan=scan)
# create assets if data_type is ip-subnet or ip-range
assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range'])
if assets.count() == 0:
Event.objects.create(
message=
"[EngineTasks/_create_asset_on_import()] asset '{}/{}' not created."
.format(asset_value, asset_type),
type="DEBUG",
severity="INFO",
scan=scan,
description="Not an ip-subnet or ip-range")
return False
# Search parent asset
parent_asset = None
for pa in assets:
if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value):
parent_asset = pa
break
if parent_asset == None:
Event.objects.create(
message=
"[EngineTasks/_create_asset_on_import()] asset '{}/{}' not created."
.format(asset_value, asset_type),
type="DEBUG",
severity="INFO",
scan=scan,
description="No parent asset found")
return False
# Create the new asset ...
asset_args = {
'value':
asset_value,
'name':
"{} (from '{}')".format(asset_value, parent_asset.name),
'type':
asset_type,
'criticity':
parent_asset.criticity,
'description':
"Asset dynamically created. Imported desc: {}".format(
parent_asset.description),
'owner':
parent_asset.owner
}
asset = Asset(**asset_args)
asset.save()
scan.assets.add(asset)
# Then add the asset to every related asset groups
for ag in AssetGroup.objects.filter(
assets__type__in=['ip-subnet', 'ip-range']):
for aga in ag.assets.all():
if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value):
ag.assets.add(asset)
ag.save()
ag.calc_risk_grade()
ag.save()
return asset