Exemplo n.º 1
0
 def __validate_sort_field(self):
     """
     Ensure that the field in self.sort_field is a valid field to be sorted upon.
     :return: None
     """
     ValidationHelper.validate_in(to_check=self.sort_field,
                                  contained_by=self.sortable_fields)
Exemplo n.º 2
0
 def __validate_export_value(self):
     """
     Ensure that the value in self.export_argument is a valid string to export via.
     :return: None
     """
     ValidationHelper.validate_in(to_check=self.export_argument,
                                  contained_by=self.exporter_map_keys)
Exemplo n.º 3
0
def test_ssl_service_for_ssl_vulnerability(
        self,
        org_uuid=None,
        network_service_uuid=None,
        network_service_scan_uuid=None,
        vulnerability_name=None,
):
    """
    Test the given network service for the specified SSL vulnerability.
    :param org_uuid: The UUID of the organization to enumerate SSL vulnerabilities on behalf of.
    :param network_service_uuid: The UUID of the network service that is being scanned.
    :param network_service_scan_uuid: The UUID of the network service scan that this enumeration is
    a part of.
    :param vulnerability_name: A string representing the vulnerability to test for.
    :return: None
    """
    logger.info(
        "Now testing network service %s for SSL vulnerability %s."
        % (network_service_uuid, vulnerability_name)
    )
    command_map = get_ssl_vulnerabilities_command_map()
    ValidationHelper.validate_in(to_check=vulnerability_name, contained_by=command_map.keys())
    command = command_map[vulnerability_name]["command"]
    ip_address, port, protocol = self.get_endpoint_information(network_service_uuid)
    scanner = SynchronousScanner()
    server_info = ServerConnectivityInfo(hostname=ip_address, ip_address=ip_address, port=port)
    try:
        server_info.test_connectivity_to_server()
    except ServerConnectivityError as e:
        logger.warning(
            "ServerConnectivityError thrown when attempting to test SSL at %s:%s for %s vulnerability: %s"
            % (ip_address, port, vulnerability_name, e.message)
        )
        return
    try:
        result = scanner.run_scan_command(server_info, command())
        vuln_model = SslVulnerabilityModel.from_database_model_uuid(
            uuid=network_service_scan_uuid,
            db_session=self.db_session,
            test_errored=False,
            vuln_test_name=vulnerability_name,
        )
        vuln_model.test_results = []
        for field in command_map[vulnerability_name]["fields"]:
            vuln_model.test_results.append({
                "key": field,
                "value": getattr(result, field),
            })
        vuln_model.save(org_uuid)
    except (socket.error, OpenSSLError):
        vuln_model = SslVulnerabilityModel.from_database_model_uuid(
            uuid=network_service_scan_uuid,
            db_session=self.db_session,
            test_errored=True,
        )
        vuln_model.save(org_uuid)
    logger.info(
        "Network service %s successfully tested for SSL vulnerability %s."
        % (network_service_uuid, vulnerability_name)
    )
Exemplo n.º 4
0
 def _validate_queryable_field(self, field):
     """
     Validate that the given field is a field that can be queried upon in self.queried_class.
     :param field: The field to check.
     :return: None
     """
     if "." in field:
         field = field[:field.find(".")]
     ValidationHelper.validate_in(to_check=field,
                                  contained_by=self.queryable_fields)
Exemplo n.º 5
0
 def probe_module(self, new_value):
     """
     Set the probe module that Zmap should use to connect to the referenced endpoints.
     :param new_value: A string representing the probe module that Zmap should use to connect
     to the referenced endpoints.
     :return: None
     """
     ValidationHelper.validate_in(
         to_check=new_value,
         contained_by=self.possible_probe_modules,
     )
     self._probe_module = new_value
Exemplo n.º 6
0
 def add_aggregate_for_class(self, model_class=None, aggregate=None):
     """
     Add the given aggregate to the nested aggregates currently held by this object for the given
     class.
     :param model_class: The model class to add the aggregate for.
     :param aggregate: The aggregate to add.
     :return: None
     """
     ValidationHelper.validate_in(to_check=model_class,
                                  contained_by=self.queried_classes)
     doc_type = model_class.get_doc_type()
     if doc_type not in self._aggregates:
         nested_aggregate = NestedElasticsearchAggregate(name=doc_type)
         nested_aggregate.filter_by_class(model_class)
         self.add_aggregate(nested_aggregate)
     self._aggregates[doc_type].add_child_aggregate(aggregate)