def cpe_import_xml(filename=None, download=False, wipe=False):
"""
Process the CPE data through an uploaded file or have it download directly
from the MITRE webserver
"""
from skaldship.cpe import process_xml
process_xml(filename, download, wipe)
return True
def cpe_import_xml(filename=None, download=False, wipe=False):
"""
Process the CPE data through an uploaded file or have it download directly
from the MITRE webserver
"""
from skaldship.cpe import process_xml
process_xml(filename, download, wipe)
return True
def run_scanner(
scanner=None,
asset_group=None,
engineer=None,
target_list=None,
blacklist=None,
scan_options=None,
addnoports=False,
update_hosts=False,
**kwargs
):
'''
Schedule handler to process nmap scan
'''
from skaldship.log import log
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
logger.info(" [*] Processing Nmap scan ")
if scanner == 'NMAP':
from skaldship.nmap import run_scan
nmap_xml_file = run_scan(
blacklist=blacklist,
target_list=target_list,
scan_options=scan_options,
)
if nmap_xml_file:
from skaldship.nmap import process_xml
log("Processing nmap xml file: %s" % (nmap_xml_file))
process_xml(
filename=nmap_xml_file,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=update_hosts,
)
def run_scanner(
scanner=None,
asset_group=None,
engineer=None,
target_list=None,
blacklist=None,
scan_options=None,
addnoports=False,
update_hosts=False,
**kwargs
):
'''
Schedule handler to process nmap scan
'''
from skaldship.log import log
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
logger.info(" [*] Processing Nmap scan ")
if scanner == 'NMAP':
from skaldship.nmap import run_scan
nmap_xml_file = run_scan(
blacklist=blacklist,
target_list=target_list,
scan_options=scan_options,
)
if nmap_xml_file:
from skaldship.nmap import process_xml
log("Processing nmap xml file: %s" % (nmap_xml_file))
process_xml(
filename=nmap_xml_file,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=update_hosts,
)
def scanner_import(scanner=None,
filename=None,
addnoports=False,
asset_group=None,
engineer=None,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=False,
**kwargs):
"""
Imports a Scanner XML file to Kvasir
"""
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
if scanner == 'NMAP':
from skaldship.nmap import process_xml
logger.info("Processing nmap file: %s" % (filename))
process_xml(
filename=filename,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NEXPOSE':
from skaldship.nexpose import process_xml
logger.info("Processing Nexpose file: %s" % (filename))
process_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NESSUS':
from skaldship.nessus.processor import process_scanfile
logger.info("Processing Nessus file: %s" % (filename))
process_scanfile(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'METASPLOIT':
from skaldship.metasploit.pro import process_report_xml
logger.info("Processing Metasploit Pro file: %s" % filename)
process_report_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'SHODANHQ':
from skaldship.shodanhq import process_report
logger.info("Processing ShodanHQ file: %s" % (filename))
process_report(
filename=filename,
host_list=kwargs.get('hosts') or [],
query=kwargs.get('query') or None,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
#update_hosts=update_hosts,
)
return True
def scanner_import(
scanner=None,
filename=None,
addnoports=False,
asset_group=None,
engineer=None,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=False,
**kwargs
):
"""
Imports a Scanner XML file to Kvasir
"""
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
if scanner == 'NMAP':
from skaldship.nmap import process_xml
logger.info("Processing nmap file: %s" % (filename))
process_xml(
filename=filename,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NEXPOSE':
from skaldship.nexpose import process_xml
logger.info("Processing Nexpose file: %s" % (filename))
process_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NESSUS':
from skaldship.nessus.processor import process_scanfile
logger.info("Processing Nessus file: %s" % (filename))
process_scanfile(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'METASPLOIT':
from skaldship.metasploit.pro import process_report_xml
logger.info("Processing Metasploit Pro file: %s" % filename)
process_report_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'SHODANHQ':
from skaldship.shodanhq import process_report
logger.info("Processing ShodanHQ file: %s" % (filename))
process_report(
filename=filename,
host_list=kwargs.get('hosts') or [],
query=kwargs.get('query') or None,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
#update_hosts=update_hosts,
)
return True
def import_xml_scan():
"""
Upload/import Nmap XML Scan file via scheduler task
"""
import time
from skaldship.general import check_datadir
from skaldship.metasploit import msf_get_config
msf_settings = msf_get_config(session)
try:
# check to see if we have a Metasploit RPC instance configured and talking
from MetasploitProAPI import MetasploitProAPI
msf_api = MetasploitProAPI(host=msf_settings['url'],
apikey=msf_settings['key'])
working_msf_api = msf_api.login()
except:
working_msf_api = False
filedir = os.path.join(request.folder, 'data', 'scanfiles')
check_datadir(request.folder)
response.title = "%s :: Import Nmap XML Scan Results" % (settings.title)
fields = []
# buld the dropdown user list
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append([user.id, user.username])
fields.append(
Field('f_filename',
'upload',
uploadfolder=filedir,
label=T('Nmap XML File')))
fields.append(
Field('f_engineer',
type='integer',
label=T('Engineer'),
default=auth.user.id,
requires=IS_IN_SET(userlist)))
fields.append(
Field('f_asset_group',
type='string',
label=T('Asset Group'),
requires=IS_NOT_EMPTY()))
# If Metasploit available, pull a list of the workspaces and present them
if working_msf_api:
msf_workspaces = []
msf_workspaces.append("None")
for w in list(msf_api.pro_workspaces().keys()):
msf_workspaces.append(w)
fields.append(
Field('f_msf_workspace',
type='string',
label=T('MSF Pro Workspace'),
requires=IS_EMPTY_OR(IS_IN_SET(msf_workspaces, zero=None))))
fields.append(
Field('f_addnoports',
type='boolean',
label=T('Add Hosts w/o Ports'),
default=False))
fields.append(
Field('f_include_list', type='text', label=T('Hosts to Only Include')))
fields.append(
Field('f_ignore_list', type='text', label=T('Hosts to Ignore')))
fields.append(
Field('f_update_hosts',
type='boolean',
label=T('Update Host Information'),
default=False))
fields.append(
Field('f_taskit',
type='boolean',
default=auth.user.f_scheduler_tasks,
label=T('Run in background task')))
form = SQLFORM.factory(*fields, table_name='nmap_xml')
if form.errors:
response.flash = 'Error in form'
elif form.accepts(request.vars, session):
# process a nmap file
filename = os.path.join(filedir, form.vars.f_filename)
# build the hosts only/exclude list
ip_exclude = []
data = form.vars.get('f_ignore_list')
if data:
ip_exclude = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
ip_include = []
data = form.vars.get('f_include_list')
if data:
ip_include = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
if form.vars.f_msf_workspace:
msf_workspace = form.vars.f_msf_workspace
if msf_workspace == "None":
msf_workspace = None
else:
msf_workspace = None
msf_settings = {
'workspace': msf_workspace,
'url': msf_settings['url'],
'key': msf_settings['key']
}
if form.vars.f_taskit:
task = scheduler.queue_task(
scanner_import,
pvars=dict(
scanner='nmap',
filename=filename,
addnoports=form.vars.f_addnoports,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
response.flash = "Error submitting job: %s" % (task.errors)
else:
from skaldship.nmap import process_xml
print("Starting Nmap XML Import")
process_xml(
filename=filename,
addnoports=form.vars.f_addnoports,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
)
response.flash = "Nmap XML upload complete"
redirect(URL('default', 'index'))
return dict(form=form)
def import_xml_scan():
"""
Upload/import Nmap XML Scan file via scheduler task
"""
import time
from skaldship.general import check_datadir
from skaldship.metasploit import msf_get_config
msf_settings = msf_get_config(session)
try:
# check to see if we have a Metasploit RPC instance configured and talking
from MetasploitProAPI import MetasploitProAPI
msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key'])
working_msf_api = msf_api.login()
except:
working_msf_api = False
filedir = os.path.join(request.folder,'data','scanfiles')
check_datadir(request.folder)
response.title = "%s :: Import Nmap XML Scan Results" % (settings.title)
fields = []
# buld the dropdown user list
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append( [ user.id, user.username ] )
fields.append(Field('f_filename', 'upload', uploadfolder=filedir, label=T('Nmap XML File')))
fields.append(Field('f_engineer', type='integer', label=T('Engineer'), default=auth.user.id, requires=IS_IN_SET(userlist)))
fields.append(Field('f_asset_group', type='string', label=T('Asset Group'), requires=IS_NOT_EMPTY()))
# If Metasploit available, pull a list of the workspaces and present them
if working_msf_api:
msf_workspaces = []
msf_workspaces.append( "None" )
for w in msf_api.pro_workspaces().keys():
msf_workspaces.append(w)
fields.append(Field('f_msf_workspace', type='string', label=T('MSF Pro Workspace'), requires=IS_EMPTY_OR(IS_IN_SET(msf_workspaces, zero=None))))
fields.append(Field('f_addnoports', type='boolean', label=T('Add Hosts w/o Ports'), default=False))
fields.append(Field('f_include_list', type='text', label=T('Hosts to Only Include')))
fields.append(Field('f_ignore_list', type='text', label=T('Hosts to Ignore')))
fields.append(Field('f_update_hosts', type='boolean', label=T('Update Host Information'), default=False))
fields.append(Field('f_taskit', type='boolean', default=auth.user.f_scheduler_tasks, label=T('Run in background task')))
form = SQLFORM.factory(*fields, table_name='nmap_xml')
if form.errors:
response.flash = 'Error in form'
elif form.accepts(request.vars, session):
# process a nmap file
filename = os.path.join(filedir, form.vars.f_filename)
# build the hosts only/exclude list
ip_exclude = []
data = form.vars.get('f_ignore_list')
if data:
ip_exclude = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
ip_include = []
data = form.vars.get('f_include_list')
if data:
ip_include = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
if form.vars.f_msf_workspace:
msf_workspace = form.vars.f_msf_workspace
if msf_workspace == "None":
msf_workspace = None
else:
msf_workspace = None
msf_settings = {'workspace': msf_workspace, 'url': msf_settings['url'], 'key': msf_settings['key']}
if form.vars.f_taskit:
task = scheduler.queue_task(
scanner_import,
pvars=dict(
scanner='nmap',
filename=filename,
addnoports=form.vars.f_addnoports,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout
)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
response.flash = "Error submitting job: %s" % (task.errors)
else:
from skaldship.nmap import process_xml
print("Starting Nmap XML Import")
process_xml(
filename=filename,
addnoports=form.vars.f_addnoports,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
)
response.flash = "Nmap XML upload complete"
redirect(URL('default', 'index'))
return dict(form=form)
