Exemplo n.º 1
0
    def on_message(self, message):
        global flag
        s = ""
        #self.write_message("hello")
        if flag == "b":
            #read PID's
            #save them in an array
            filepath = globalPath + "/pw_analysis_attack_graph_current.xml"
            prevfilepath = globalPath + "/pw_analysis_attack_graph_previous.xml"
            print "This is csvfile path timer " + filepath
            percentage = 0
            sumtotal = 0
            counter = 0
            assets = {}
            dup = 0
            csvfilepath = globalPath + "/patched.csv"
            print "This is csvfile path timer" + csvfilepath
            patched = []
            #read patched csv file and store elements already patched
            if os.path.isfile(csvfilepath):
                with open(csvfilepath) as csvfile:
                    reader = csv.DictReader(csvfile)
                    for row in reader:
                        if (row['Patch'] == "1"):
                            patched.append(row['IP Address'])
                    #else:
                    #    print row['Patch']
            #print patched[1]
            if os.path.isfile(filepath):
                tree = ET.parse(filepath)
                for Nmap in tree.findall('NmapAnalysis'):
                    source = Nmap.get('sourceNode')
                    destination = Nmap.get('destinationNode')
                    for path in Nmap.findall('Path'):
                        performanceIndex = path.get('performanceIndex')
                        securityIndex = path.get('securityIndex')
                        cyberCost = path.get('cyberCost')
                        for node in path.findall('Node'):
                            ipAddress = node.get('IPAddress')
                            vulID = node.get('vulnID')
                            if ipAddress == source:
                                type = "source"
                            elif ipAddress == destination:
                                type = "destination"
                            else:
                                type = "intermediate"
                            for ip in assets:
                                if (assets[ip][1] == ipAddress
                                        and assets[ip][0] == type):
                                    dupkey = ip
                                    dup = 1
                                    break
                            if dup == 1:
                                assets[dupkey][2] += float(performanceIndex)
                                assets[dupkey][3] += float(securityIndex)
                                assets[dupkey][4] += float(cyberCost)
                                assets[dupkey][5] += 1
                                assets[dupkey][10] += "," + vulID
                                percentage += float(securityIndex)
                                sumtotal += 1
                                assets[dupkey][11] = percentage
                                assets[dupkey][12] = sumtotal
                            else:
                                arr = []
                                arr.append(type)
                                arr.append(ipAddress)
                                arr.append(float(performanceIndex))
                                arr.append(float(securityIndex))
                                arr.append(float(cyberCost))
                                arr.append(1)
                                arr.append(0)
                                arr.append(0)
                                arr.append(0)
                                arr.append(0)
                                arr.append(vulID)
                                percentage += float(securityIndex)
                                sumtotal += 1
                                arr.append(percentage)
                                arr.append(sumtotal)
                                if (ipAddress in patched):
                                    arr.append(1)
                                else:
                                    arr.append(0)
                                assets[counter] = arr
                                counter += 1
                            dup = 0
                            type = ""
                            dupkey = ""
            if os.path.isfile(prevfilepath):
                tree = ET.parse(prevfilepath)
                for Nmap in tree.findall('NmapAnalysis'):
                    source = Nmap.get('sourceNode')
                    destination = Nmap.get('destinationNode')
                    for path in Nmap.findall('Path'):
                        performanceIndex = path.get('performanceIndex')
                        securityIndex = path.get('securityIndex')
                        cyberCost = path.get('cyberCost')
                    for node in path.findall('Node'):
                        ipAddress = node.get('IPAddress')
                        vulID = node.get('vulnID')
                        if ipAddress == source:
                            type = "source"
                        elif ipAddress == destination:
                            type = "destination"
                        else:
                            type = "intermediate"

                        for ip in assets:
                            if (assets[ip][1] == ipAddress
                                    and assets[ip][0] == type):
                                dupkey = ip
                                dup = 1
                                break

                        if dup == 1:
                            assets[dupkey][6] += float(performanceIndex)
                            assets[dupkey][7] += float(securityIndex)
                            assets[dupkey][8] += float(cyberCost)
                            assets[dupkey][9] += 1
                            assets[dupkey][10] += "," + vulID
                            assets[dupkey][11] = percentage
                            assets[dupkey][12] = sumtotal
                            print assets[dupkey]

                        else:
                            arr = []
                            arr.append(type)
                            arr.append(ipAddress)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(float(performanceIndex))
                            arr.append(float(securityIndex))
                            arr.append(float(cyberCost))
                            arr.append(1)
                            arr.append(vulID)
                            arr.append(percentage)
                            arr.append(sumtotal)
                            if (ipAddress in patched):
                                arr.append(1)
                            else:
                                arr.append(0)
                            assets[counter] = arr
                            counter += 1
                        dup = 0
                        type = ""
                        dupkey = ""

            for ip in assets:
                assets[ip][11] = percentage
                assets[ip][12] = sumtotal
            json_data = json.dumps(assets)
            flag = "a"
            self.write_message(json_data)
        else:
            self.write_message(flag)
Exemplo n.º 2
0
    def on_message(self, message):
        global flag
        s=""
        #self.write_message("hello")
        if flag == "b":
            #read PID's
            #save them in an array
            filepath=globalPath+"/pw_analysis_attack_graph_current.xml"
            prevfilepath=globalPath+"/pw_analysis_attack_graph_previous.xml"
            print "This is csvfile path timer "+filepath
            percentage=0
            sumtotal=0
            counter=0
            assets = {}
            dup=0
            csvfilepath=globalPath+"/patched.csv"
            print "This is csvfile path timer"+csvfilepath
            patched = []
            #read patched csv file and store elements already patched
            if os.path.isfile(csvfilepath):
                with open(csvfilepath) as csvfile:
                    reader = csv.DictReader(csvfile)
                    for row in reader:
                        if(row['Patch']=="1"):
                            patched.append(row['IP Address'])
                    #else:
                    #    print row['Patch']
            #print patched[1]
            if os.path.isfile(filepath):
                tree = ET.parse(filepath)
                for Nmap in tree.findall('NmapAnalysis'):
                    source = Nmap.get('sourceNode')
                    destination = Nmap.get('destinationNode')
                    for path in Nmap.findall('Path'):
                        performanceIndex = path.get('performanceIndex')
                        securityIndex = path.get('securityIndex')
                        cyberCost = path.get('cyberCost')
                        for node in path.findall('Node'):
                            ipAddress = node.get('IPAddress')
                            vulID = node.get('vulnID')
                            if ipAddress == source:
                                type = "source"
                            elif ipAddress == destination:
                                type = "destination"
                            else:
                                type = "intermediate"
                            for ip in assets:
                                if (assets[ip][1]==ipAddress and assets[ip][0]==type):
                                    dupkey = ip
                                    dup=1
                                    break
                            if dup == 1:
                                assets[dupkey][2]+=float(performanceIndex)
                                assets[dupkey][3]+=float(securityIndex)
                                assets[dupkey][4]+=float(cyberCost)
                                assets[dupkey][5]+=1
                                assets[dupkey][10]+=","+vulID
                                percentage+=float(securityIndex)
                                sumtotal+=1
                                assets[dupkey][11]=percentage
                                assets[dupkey][12]=sumtotal
                            else:
                                arr = []
                                arr.append(type)
                                arr.append(ipAddress)
                                arr.append(float(performanceIndex))
                                arr.append(float(securityIndex))
                                arr.append(float(cyberCost))
                                arr.append(1)
                                arr.append(0)
                                arr.append(0)
                                arr.append(0)
                                arr.append(0)
                                arr.append(vulID)
                                percentage+=float(securityIndex)
                                sumtotal+=1
                                arr.append(percentage)
                                arr.append(sumtotal)
                                if(ipAddress in patched):
                                    arr.append(1)
                                else:
                                    arr.append(0)
                                assets[counter] = arr
                                counter+=1
                            dup=0
                            type=""
                            dupkey=""
            if os.path.isfile(prevfilepath):
                tree = ET.parse(prevfilepath)
                for Nmap in tree.findall('NmapAnalysis'):
                    source = Nmap.get('sourceNode')
                    destination=Nmap.get('destinationNode')
                    for path in Nmap.findall('Path'):
                        performanceIndex = path.get('performanceIndex')
                        securityIndex = path.get('securityIndex')
                        cyberCost = path.get('cyberCost')
                    for node in path.findall('Node'):
                        ipAddress = node.get('IPAddress')
                        vulID = node.get('vulnID')
                        if ipAddress == source:
                            type = "source"
                        elif ipAddress == destination:
                            type = "destination"
                        else:
                            type = "intermediate"


                        for ip in assets:
                            if (assets[ip][1]==ipAddress and assets[ip][0]==type):
                                dupkey = ip
                                dup=1
                                break

                        if dup == 1:
                            assets[dupkey][6]+=float(performanceIndex)
                            assets[dupkey][7]+=float(securityIndex)
                            assets[dupkey][8]+=float(cyberCost)
                            assets[dupkey][9]+=1
                            assets[dupkey][10]+=","+vulID
                            assets[dupkey][11]=percentage
                            assets[dupkey][12]=sumtotal
                            print assets[dupkey]


                        else:
                            arr = []
                            arr.append(type)
                            arr.append(ipAddress)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(float(performanceIndex))
                            arr.append(float(securityIndex))
                            arr.append(float(cyberCost))
                            arr.append(1)
                            arr.append(vulID)
                            arr.append(percentage)
                            arr.append(sumtotal)
                            if(ipAddress in patched):
                                arr.append(1)
                            else:
                                arr.append(0)
                            assets[counter] = arr
                            counter+=1
                        dup=0
                        type=""
                        dupkey=""

            for ip in assets:
                assets[ip][11]=percentage
                assets[ip][12]=sumtotal
            json_data = json.dumps(assets)
            flag = "a"
            self.write_message(json_data)
        else:
            self.write_message(flag)
Exemplo n.º 3
0
    def on_message(self, message):
        global globalPath
        a = message.split(",")
        project = (a[0].split("/"))
        #batFileCmd = CypsaEnginePath+" " + project[len(project)-2] +" " + a[1]
        #print batFileCmd
        #from subprocess import Popen
        #p = Popen(batFileCmd, cwd=CypsaEngineRoot)
        #stdout, stderr = p.communicate()
        xmlfilepath = a[0] + "/pw_analysis_attack_graph_current.xml"
        csvfilepath = a[0] + "/patched.csv"
        percentage = 0
        sumtotal = 0
        counter = 0
        assets = {}
        dup = 0
        patched = []
        #read patched csv file and store elements already patched
        with open(csvfilepath) as csvfile:
            reader = csv.DictReader(csvfile)
            for row in reader:
                if (row['Patch'] == "1"):
                    patched.append(row['IP Address'])
                else:
                    print row['Patch']
        #print patched[1]
        from xml.etree import ElementTree
        with open(xmlfilepath, 'rt') as f:
            tree = ElementTree.parse(f)
            for Nmap in tree.findall('NmapAnalysis'):
                source = Nmap.get('sourceNode')
                destination = Nmap.get('destinationNode')
                for path in Nmap.findall('Path'):
                    performanceIndex = path.get('performanceIndex')
                    securityIndex = path.get('securityIndex')
                    cyberCost = path.get('cyberCost')
                    for node in path.findall('Node'):
                        ipAddress = node.get('IPAddress')
                        vulID = node.get('vulnID')
                        if ipAddress == source:
                            type = "source"
                        elif ipAddress == destination:
                            type = "destination"
                        else:
                            type = "intermediate"

                        for ip in assets:
                            if (assets[ip][1] == ipAddress
                                    and assets[ip][0] == type):
                                dupkey = ip
                                dup = 1
                                break

                        if dup == 1:
                            assets[dupkey][2] += float(performanceIndex)
                            assets[dupkey][3] += float(securityIndex)
                            assets[dupkey][4] += float(cyberCost)
                            assets[dupkey][5] += 1
                            assets[dupkey][10] += "," + vulID
                            percentage += float(securityIndex)
                            sumtotal += 1
                            assets[dupkey][11] = percentage
                            assets[dupkey][12] = sumtotal

                        else:
                            arr = []
                            arr.append(type)
                            arr.append(ipAddress)
                            arr.append(float(performanceIndex))
                            arr.append(float(securityIndex))
                            arr.append(float(cyberCost))
                            arr.append(1)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(vulID)
                            percentage += float(securityIndex)
                            sumtotal += 1
                            arr.append(percentage)
                            arr.append(sumtotal)
                            if (ipAddress in patched):
                                arr.append(1)
                            else:
                                arr.append(0)
                            assets[counter] = arr
                            counter += 1
                        dup = 0
                        type = ""
                        dupkey = ""

            xmlfilepath1 = a[0] + "/pw_analysis_attack_graph_previous.xml"
            if os.path.isfile(xmlfilepath1):
                from xml.etree import ElementTree
                with open(xmlfilepath1, 'rt') as f:
                    tree = ElementTree.parse(f)
                    for Nmap in tree.findall('NmapAnalysis'):
                        source = Nmap.get('sourceNode')
                        destination = Nmap.get('destinationNode')
                        for path in Nmap.findall('Path'):
                            performanceIndex = path.get('performanceIndex')
                            securityIndex = path.get('securityIndex')
                            cyberCost = path.get('cyberCost')
                            for node in path.findall('Node'):
                                ipAddress = node.get('IPAddress')
                                vulID = node.get('vulnID')
                                if ipAddress == source:
                                    type = "source"
                                elif ipAddress == destination:
                                    type = "destination"
                                else:
                                    type = "intermediate"

                                for ip in assets:
                                    if (assets[ip][1] == ipAddress
                                            and assets[ip][0] == type):
                                        dupkey = ip
                                        dup = 1
                                        break

                                if dup == 1:
                                    assets[dupkey][6] += float(
                                        performanceIndex)
                                    assets[dupkey][7] += float(securityIndex)
                                    assets[dupkey][8] += float(cyberCost)
                                    assets[dupkey][9] += 1
                                    assets[dupkey][10] += "," + vulID
                                    assets[dupkey][11] = percentage
                                    assets[dupkey][12] = sumtotal
                                    print assets[dupkey]

                                else:
                                    arr = []
                                    arr.append(type)
                                    arr.append(ipAddress)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(float(performanceIndex))
                                    arr.append(float(securityIndex))
                                    arr.append(float(cyberCost))
                                    arr.append(1)
                                    arr.append(vulID)
                                    arr.append(percentage)
                                    arr.append(sumtotal)
                                    if (ipAddress in patched):
                                        arr.append(1)
                                    else:
                                        arr.append(0)
                                    assets[counter] = arr
                                    counter += 1
                                dup = 0
                                type = ""
                                dupkey = ""

            for ip in assets:
                assets[ip][11] = percentage
                assets[ip][12] = sumtotal
            json_data = json.dumps(assets)
            event_handler = MyHandler()
            args = a[0]
            if args:
                print args[0]
            else:
                print "helo"
            observer = Observer()
            observer.schedule(event_handler, path=a[0], recursive=False)
            observer.start()
            globalPath = a[0]
            print globalPath + " This is intializing"
            self.write_message(json_data)

        def on_close(self):
            pass
Exemplo n.º 4
0
    def on_message(self, message):
        global globalPath
        a=message.split(",")
        project=(a[0].split("/"))
        #batFileCmd = CypsaEnginePath+" " + project[len(project)-2] +" " + a[1]
        #print batFileCmd
        #from subprocess import Popen
        #p = Popen(batFileCmd, cwd=CypsaEngineRoot)
        #stdout, stderr = p.communicate()
        xmlfilepath=a[0]+"/pw_analysis_attack_graph_current.xml"
        csvfilepath=a[0]+"/patched.csv"
        percentage=0
        sumtotal=0
        counter=0
        assets = {}
        dup=0
        patched = []
        #read patched csv file and store elements already patched
        with open(csvfilepath) as csvfile:
            reader = csv.DictReader(csvfile)
            for row in reader:
                if(row['Patch']=="1"):
                    patched.append(row['IP Address'])
                else:
                    print row['Patch']
        #print patched[1]
        from xml.etree import ElementTree
        with open(xmlfilepath, 'rt') as f:
            tree = ElementTree.parse(f)
            for Nmap in tree.findall('NmapAnalysis'):
                source = Nmap.get('sourceNode')
                destination = Nmap.get('destinationNode')
                for path in Nmap.findall('Path'):
                    performanceIndex = path.get('performanceIndex')
                    securityIndex = path.get('securityIndex')
                    cyberCost = path.get('cyberCost')
                    for node in path.findall('Node'):
                        ipAddress = node.get('IPAddress')
                        vulID = node.get('vulnID')
                        if ipAddress == source:
                            type = "source"
                        elif ipAddress == destination:
                            type = "destination"
                        else:
                            type = "intermediate"

                        for ip in assets:
                            if (assets[ip][1]==ipAddress and assets[ip][0]==type):
                                dupkey = ip
                                dup=1
                                break


                        if dup == 1:
                            assets[dupkey][2]+=float(performanceIndex)
                            assets[dupkey][3]+=float(securityIndex)
                            assets[dupkey][4]+=float(cyberCost)
                            assets[dupkey][5]+=1
                            assets[dupkey][10]+=","+vulID
                            percentage+=float(securityIndex)
                            sumtotal+=1
                            assets[dupkey][11]=percentage
                            assets[dupkey][12]=sumtotal

                        else:
                            arr = []
                            arr.append(type)
                            arr.append(ipAddress)
                            arr.append(float(performanceIndex))
                            arr.append(float(securityIndex))
                            arr.append(float(cyberCost))
                            arr.append(1)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(0)
                            arr.append(vulID)
                            percentage+=float(securityIndex)
                            sumtotal+=1
                            arr.append(percentage)
                            arr.append(sumtotal)
                            if(ipAddress in patched):
                                arr.append(1)
                            else:
                                arr.append(0)
                            assets[counter] = arr
                            counter+=1
                        dup=0
                        type=""
                        dupkey=""


            xmlfilepath1=a[0]+"/pw_analysis_attack_graph_previous.xml"
            if os.path.isfile(xmlfilepath1):
                from xml.etree import ElementTree
                with open(xmlfilepath1,'rt') as f:
                    tree = ElementTree.parse(f)
                    for Nmap in tree.findall('NmapAnalysis'):
                        source = Nmap.get('sourceNode')
                        destination=Nmap.get('destinationNode')
                        for path in Nmap.findall('Path'):
                            performanceIndex = path.get('performanceIndex')
                            securityIndex = path.get('securityIndex')
                            cyberCost = path.get('cyberCost')
                            for node in path.findall('Node'):
                                ipAddress = node.get('IPAddress')
                                vulID = node.get('vulnID')
                                if ipAddress == source:
                                    type = "source"
                                elif ipAddress == destination:
                                    type = "destination"
                                else:
                                    type = "intermediate"


                                for ip in assets:
                                    if (assets[ip][1]==ipAddress and assets[ip][0]==type):
                                        dupkey = ip
                                        dup=1
                                        break

                                if dup == 1:
                                    assets[dupkey][6]+=float(performanceIndex)
                                    assets[dupkey][7]+=float(securityIndex)
                                    assets[dupkey][8]+=float(cyberCost)
                                    assets[dupkey][9]+=1
                                    assets[dupkey][10]+=","+vulID
                                    assets[dupkey][11]=percentage
                                    assets[dupkey][12]=sumtotal
                                    print assets[dupkey]


                                else:
                                    arr = []
                                    arr.append(type)
                                    arr.append(ipAddress)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(0)
                                    arr.append(float(performanceIndex))
                                    arr.append(float(securityIndex))
                                    arr.append(float(cyberCost))
                                    arr.append(1)
                                    arr.append(vulID)
                                    arr.append(percentage)
                                    arr.append(sumtotal)
                                    if(ipAddress in patched):
                                        arr.append(1)
                                    else:
                                        arr.append(0)
                                    assets[counter] = arr
                                    counter+=1
                                dup=0
                                type=""
                                dupkey=""



            for ip in assets:
                assets[ip][11]=percentage
                assets[ip][12]=sumtotal
            json_data = json.dumps(assets)
            event_handler = MyHandler()
            args = a[0]
            if args:
                print args[0]
            else:
                print "helo"
            observer = Observer()
            observer.schedule(event_handler, path=a[0], recursive=False)
            observer.start()
            globalPath=a[0]
            print globalPath+" This is intializing"
            self.write_message(json_data)


        def on_close(self):
            pass