def execute_action(ws, objects, rule, _server):
logger.info("Running actions of rule '%s' :" % rule['id'])
actions = rule['actions']
_objs_value = None
if 'object' in rule:
_objs_value = rule['object']
for obj in objects:
for action in actions:
action = action.strip('--')
command, expression = action.split(':')
if command == 'UPDATE':
key, value = expression.split('=')
if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability':
if update_vulnerability(ws, obj, key, value, _server):
insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=key, value=value)
if obj.class_signature == 'Service':
update_service(ws, obj, key, value)
if obj.class_signature == 'Host':
update_host(ws, obj, key, value)
elif command == 'DELETE':
if obj.class_signature == 'VulnerabilityWeb':
models.delete_vuln_web(ws, obj.id)
logger.info(" Deleting vulnerability web '%s' with id '%s':" % (obj.name, obj.id))
insert_rule(rule['id'], command, obj, _objs_value)
elif obj.class_signature == 'Vulnerability':
models.delete_vuln(ws, obj.id)
logger.info("Deleting vulnerability '%s' with id '%s':" % (obj.name, obj.id))
elif obj.class_signature == 'Service':
models.delete_service(ws, obj.id)
logger.info("Deleting service '%s' with id '%s':" % (obj.name, obj.id))
elif obj.class_signature == 'Host':
models.delete_host(ws, obj.id)
logger.info("Deleting host '%s' with id '%s':" % (obj.name, obj.id))
elif command == 'EXECUTE':
if subprocess.call(expression, shell=True, stdin=None) is 0:
logger.info("Running command: '%s'" % expression)
insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression)
else:
logger.error("Operation fail running command: '%s'" % expression)
return False
else:
subject = 'Faraday searcher alert'
body = '%s %s have been modified by rule %s at %s' % (
obj.class_signature, obj.name, rule['id'], str(datetime.now()))
send_mail(expression, subject, body)
insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression)
logger.info("Sending mail to: '%s'" % expression)
return True
def main(workspace='', args=None, parser=None):
parser.add_argument('-y', '--yes', action="store_true")
parsed_args = parser.parse_args(args)
if not parsed_args.yes:
if not query_yes_no("Are you sure you want to delete all closed services in the "
"workspace %s" % workspace, default='no'):
return 1, None
for service in models.get_services(workspace):
if service.status != 'open' and service.status != 'opened':
print('Deleted service: ' + service.name)
models.delete_service(workspace, service.id)
return 0, None
def main(workspace='', args=None, parser=None):
parser.add_argument('-y', '--yes', action="store_true")
parsed_args = parser.parse_args(args)
if not parsed_args.yes:
if not query_yes_no(
"Are you sure you want to delete all closed services in the "
"workspace %s" % workspace,
default='no'):
return 1, None
for service in models.get_services(workspace):
if service.status != 'open' and service.status != 'opened':
print('Deleted service: ' + service.name)
models.delete_service(workspace, service.id)
return 0, None
def execute_action(ws, objects, rule, _server):
logger.info("Running actions of rule '%s' :" % rule['id'])
actions = rule['actions']
_objs_value = None
if 'object' in rule:
_objs_value = rule['object']
for obj in objects:
for action in actions:
action = action.strip('--')
command, expression = action.split(':')
if command == 'UPDATE':
key, value = expression.split('=')
if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability':
if update_vulnerability(ws, obj, key, value, _server):
insert_rule(rule['id'],
command,
obj,
_objs_value,
fields=None,
key=key,
value=value)
if obj.class_signature == 'Service':
update_service(ws, obj, key, value)
if obj.class_signature == 'Host':
update_host(ws, obj, key, value)
elif command == 'DELETE':
if obj.class_signature == 'VulnerabilityWeb':
models.delete_vuln_web(ws, obj.id)
logger.info(
" Deleting vulnerability web '%s' with id '%s':" %
(obj.name, obj.id))
insert_rule(rule['id'], command, obj, _objs_value)
elif obj.class_signature == 'Vulnerability':
models.delete_vuln(ws, obj.id)
logger.info("Deleting vulnerability '%s' with id '%s':" %
(obj.name, obj.id))
elif obj.class_signature == 'Service':
models.delete_service(ws, obj.id)
logger.info("Deleting service '%s' with id '%s':" %
(obj.name, obj.id))
elif obj.class_signature == 'Host':
models.delete_host(ws, obj.id)
logger.info("Deleting host '%s' with id '%s':" %
(obj.name, obj.id))
elif command == 'EXECUTE':
if subprocess.call(expression, shell=True, stdin=None) is 0:
logger.info("Running command: '%s'" % expression)
insert_rule(rule['id'],
command,
obj,
_objs_value,
fields=None,
key=None,
value=expression)
else:
logger.error("Operation fail running command: '%s'" %
expression)
return False
else:
subject = 'Faraday searcher alert'
body = '%s %s have been modified by rule %s at %s' % (
obj.class_signature, obj.name, rule['id'],
str(datetime.now()))
send_mail(expression, subject, body)
insert_rule(rule['id'],
command,
obj,
_objs_value,
fields=None,
key=None,
value=expression)
logger.info("Sending mail to: '%s'" % expression)
return True
def main(workspace=''):
for service in models.get_services(workspace):
if service.status != 'open' and service.status != 'opened':
print('Deleted service: ' + service.name)
models.delete_service(workspace, service.id)