def test_zap(self):
asset = factories.AssetFactory.create()
list_vuln = []
for i in range(1, 4):
hostIP = asset.host_address
hostName = asset.name
hostPort = '8443'
hostSSL = 'false'
pluginID = '10015'
pluginName = 'ZAPVulnerability' + str(i)
severity = '12'
desc = 'This is description' + str(i)
ref = 'N/A'
path = 'https://satoffice043:8443/wavsep/active/index.jsp'
sol = 'testSOL'
date = 'Fri, 29 Mar 2019 21:02:52'
cvss = ''
# Create a vulnerability OBJECT
vuln = TempVulnerability(hostIP, hostName, hostPort, hostSSL,
pluginID, pluginName, severity, desc,
path, sol, ref, date, cvss)
# Push Object into the end of the list.
list_vuln.append(vuln)
build_vulns('ZAP', asset.company.pk, list_vuln) # serialize the vulns
total_vulns = len(list_vuln)
actual_vuln = Vulnerability.objects.count()
# print('Expected: ', total_vulns, ' Actual: ', actual_vuln)
self.assertEqual(total_vulns, actual_vuln)
def test_nes(self):
asset = factories.AssetFactory.create()
list_vuln = []
for i in range(1, 4):
hostIP = asset.host_address
hostName = asset.mac_address # MAC ADDRESS
hostPort = '0'
hostSSL = 'N/A'
pluginID = '12'
pluginName = 'NESVulnerability' + str(i)
severity = '3'
desc = 'This is description' + str(i)
ref = '''http://support.microsoft.com/kb/887429
http://www.nessus.org/u?74b80723
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html'''
path = 'N/A'
sol = 'Fix the reverse DNS or host file.'
date = 'Mon Jul 1 11:33:11 2013'
cvss = ''
# Create a vulnerability OBJECT
vuln = TempVulnerability(hostIP, hostName, hostPort, hostSSL,
pluginID, pluginName, severity, desc,
path, sol, ref, date, cvss)
# Push Object into the end of the list.
list_vuln.append(vuln)
build_vulns('Nes', asset.company.pk, list_vuln) # serialize the vulns
total_vulns = len(list_vuln)
actual_vuln = Vulnerability.objects.count()
# print('Expected: ', total_vulns, ' Actual: ', actual_vuln)
self.assertEqual(total_vulns, actual_vuln)
def test_nex(self):
asset = factories.AssetFactory.create()
list_vuln = []
for i in range(1, 4):
hostIP = asset.host_address # IP ADDRESS
hostName = asset.mac_address # MAC ADDRESS
hostPort = 'N/A'
hostSSL = 'N/A'
pluginID = 'N/A'
vulnName = 'NEXVulnerability' + str(i)
severity = '2' # 0-10
desc = [
'This is description' + str(i) + 'a',
'This is description' + str(i) + 'b',
'This is description' + str(i) + 'c'
]
ref = [
'This is a reference' + str(i) + 'a',
'This is a reference' + str(i) + 'b',
'This is a reference' + str(i) + 'c'
]
path = 'N/A'
sol = [
'This is a solution' + str(i) + 'a',
'This is a solution' + str(i) + 'b',
'This is a solution' + str(i) + 'c'
]
date = '20160218T203218272'
cvss = '4.5'
# Create a vulnerability OBJECT
vuln = TempVulnerability(hostIP, hostName, hostPort, hostSSL,
pluginID, vulnName, severity, desc, path,
sol, ref, date, cvss)
# Push Object into the end of the list.
list_vuln.append(vuln)
build_vulns('Nex', asset.company.pk, list_vuln) # serialize the vulns
total_vulns = len(list_vuln)
actual_vuln = Vulnerability.objects.count()
# print('Expected: ', total_vulns, ' Actual: ', actual_vuln)
self.assertEqual(total_vulns, actual_vuln)
def zapHandler(root, request):
company = request.user.company.pk
listVuln = []
bad_vuln = []
# Iterate through root
for elem in root:
date = root.get(
'generated'
) # The date of when the scan, example format = Thu, 19 Sep 2013 17:34:05
hostAddress = elem.get(
'host') # The IP Address of the host scanned or f2dn or DNS name
hostName = elem.get(
'name') # The name of the Host contains the http://<url>
port = elem.get('port') # The port scanned
ssl = elem.get(
'SSL') # This is the SSL inspection? It is either true or false
cvss = 'none'
# Root has a child node, that contains another child node.
for node in elem:
for node2 in node:
# The 3rd child node contains all the details needed.
for child in node2:
if child.tag == 'pluginid':
if child.text == 'None':
vulnID = 'N/A'
else:
vulnID = child.text # This is the vulnerability ID according to ZAP database
if child.tag == 'alert':
if child.text == 'None':
vulnName = 'N/A'
else:
vulnName = child.text # The name of the vulnerability
if child.tag == 'riskcode':
if child.text == 'None':
severity = 'N/A'
else:
severity = child.text # This is the severity of the vulnerability (0-4)
if child.tag == 'desc':
if child.text == 'None':
desc = 'N/A'
else:
desc = child.text # This is the description of the vulnerability
if child.tag == 'uri':
if child.text == 'None':
path = 'N/A'
else:
path = child.text # This is a ZAP only thing. It is the extension of the url (or path)
# e.g /extend/this/
if child.tag == 'solution':
if child.text == 'None':
solution = 'N/A'
else:
solution = child.text # This is the Solution for the vulnerability
if child.tag == 'reference':
if child.text == 'None':
ref = 'N/A'
else:
ref = child.text
# Storing the vulns into a class called Vulnerability
vulnerability = TempVulnerability(
hostAddress, hostName, port, ssl, vulnID, vulnName,
severity, desc, path, solution, ref, date, cvss)
# vulnerability.print()
# If The vulnerabilities are not entered into the object then send a bad request
if vulnerability is None:
return Response(status=400)
if valid_import_vuln_zap(vulnerability):
listVuln.append(vulnerability)
else:
bad_vuln.append(vulnerability)
# ADD METHOD HERE TO SEND THE LIST OF VULN TO ANOTHER METHOD
"""
To iterate through the list and grab the individual data of the vulnerabilties below is an example:
for i in listVuln:
i.print()
# OR
i.getHostIp()
# .... Need to add more functions to the vulnerability
"""
'''for i in listVuln:
i.print()'''
response = build_vulns('ZAP', company,
listVuln) # Pass off the vulns to be read.
return response
def nessusRead(root, request):
company = request.user.company.pk
# The dynamic array(list) that the vulnerabilities would be stored in.
listVuln = []
bad_vuln = [] # The rejected vulns
for elem in root:
if elem.tag == 'Report':
for report in elem:
for host in report.findall('HostProperties'):
# This grabs the Host Name and IP address of the host.
hostName = host[4].text
hostAddress = host[7].text
date = host[
10].text # The date of when the scan, example format =
for host2 in report.findall('ReportItem'):
ref = 'none' # If the reference is empty set it as none
path = 'none' # If the path is empty set it as none
cvss = 'none' # This is the common vulnerability score
port = host2.get('port') # This is the port scanned
ssl = 'none'
vulnID = host2.get(
'pluginID'
) # This is the vulnerability ID according to the nessus database
vulnName = host2.get(
'pluginName') # This is the name of the vulnerability
severity = host2.get(
'severity'
) # This is the severity of the vulnerability (0-4)
for cvssIter in host2.iter('cvss_base_score'):
cvss = cvssIter.text
for descIter in host2.iter('description'):
desc = descIter.text # This is the description of the vulnerability
for refIter in host2.iter('see_also'):
ref = refIter.text # This is the reference of the vulnerability.
# Note: There possible may be multiple urls in one string
# (Did not array this one)
for solIter in host2.iter('solution'):
sol = solIter.text # Solution of the vulnerability detected
vulnerability = TempVulnerability(hostAddress, hostName,
port, ssl, vulnID,
vulnName, severity, desc,
path, sol, ref, date,
cvss)
# Push Object into the end of the list.
# vulnerability.print()
if valid_import_vuln_nes(vulnerability):
listVuln.append(vulnerability)
else:
bad_vuln.append(vulnerability)
# This is a print method to print out the vulnerability -- For TESTING ONLY
'''for i in listVuln:
i.print()'''
response = build_vulns('Nes', company,
listVuln) # Pass off the vulns to be read.
return response
def nexposeRead(root, request):
"""
Note: Nexpose desc, reference and solution is an array that has to be iterated through to get all of the data.
"""
company = request.user.company.pk
listVuln = []
bad_vuln = []
for child in root:
for scans in child.findall('scan'):
date = scans.get(
'startTime'
) # The date of when the scan, example format = 20160218T203218272
for nodes in child.findall('node'):
hostAddress = nodes.get(
'address') # The ip address of the host scanned
hostName = nodes.get('hardware-address')
for vuln in child.findall('vulnerability'):
vulnID = vuln.get(
'id') # The vulnerability ID according to the Nexpose Database
vulnName = vuln.get('title') # The name of the vulnerability
severity = vuln.get(
'severity') # The severity of Nexpose 0-10 (int)
cvss = vuln.get('cvss') # This is the common vulnerability score
port = 'n/a' # There is no ports scanned in the Nexpose
ssl = 'n/a' # SSl is only for ZAP
path = 'n/a' # This is a ZAP only variable
desc = [] # This is an array for the long description for Nexpose
sol = [] # This is an array for the long solution text for Nexpose
ref = [
] # This is an array for the multiple reference Nexpose gives
# This are the for loops which enters the details into the array.
for elem in vuln.iter('description'):
for description in elem.iter('Paragraph'):
desc.append(description.text)
for reference in vuln.iter('reference'):
ref.append(reference.get('source') + ' ' + reference.text)
for solution in vuln.iter('solution'):
for para in solution.iter('Paragraph'):
sol.append(para.text)
vulnerability = TempVulnerability(hostAddress, hostName, port, ssl,
vulnID, vulnName, severity, desc,
path, sol, ref, date, cvss)
#vulnerability.printNexpose()
if valid_import_vuln_nex(vulnerability):
listVuln.append(vulnerability)
else:
bad_vuln.append(vulnerability)
response = build_vulns('Nex', company,
listVuln) # Pass off the vulns to be read.
# This is a print method to print out the vulnerability -- For TESTING ONLY
'''for i in listVuln:
i.printNexpose()'''
return response
def fileHandlerCSV(file, request):
"""
This is a dynamic a CSV file reader.
It will scan through the rows available and count them to assign them to a variable
"""
filepath = file.temporary_file_path()
company = request.user.company.pk
listVuln = []
bad_vuln = []
array = []
# The counters for the dynamic reader
counter = 0 - 1
hostAddress_counter = 0 - 1
hostName_counter = 0 - 1
port_counter = 0 - 1
ssl = 'none'
vulnID_counter = 0 - 1
vulnName_counter = 0 - 1
severity_counter = 0 - 1
desc_counter = 0 - 1
path = 'none'
sol_counter = 0 - 1
ref_counter = 0 - 1
date_counter = 0 - 1
cvss_counter = 0 - 1
nexposeTrigger = False
nessusTrigger = False
with open(filepath) as file:
readCSV = csv.reader(file, delimiter=',')
for row in readCSV:
for elements in row:
counter = counter + 1
if elements == 'Host':
hostAddress_counter = counter
nessusTrigger = True
elif elements == 'Asset IP Address':
hostAddress_counter = counter
nexposeTrigger = True
if hostName_counter == 'MAC Address':
hostName_counter = counter
elif elements == 'Asset MAC Addresses':
hostName_counter = counter
if elements == 'Port':
port_counter = counter
elif elements == 'Service Port':
port_counter = counter
if elements == 'Plugin ID':
vulnID_counter = counter
elif elements == 'Vulnerability ID':
vulnID_counter = counter
if elements == 'Name':
vulnName_counter = counter
elif elements == 'Vulnerability Title':
vulnName_counter = counter
if elements == 'Risk':
severity_counter = counter
elif elements == 'Vulnerability Severity Level':
severity_counter = counter
if elements == 'Description':
desc_counter = counter
elif elements == 'Vulnerability Description':
desc_counter = counter
if elements == 'Solution':
sol_counter = counter
elif elements == 'Vulnerability Solution':
sol_counter = counter
if elements == 'See Also':
ref_counter = counter
elif elements == 'Vulnerability CVE IDs':
ref_counter = counter
if elements == 'Date':
date_counter = counter
if elements == 'CVSS':
cvss_counter = counter
elif elements == 'Vulnerability CVSS Score':
cvss_counter = counter
if nessusTrigger or nexposeTrigger == True:
if hostAddress_counter > -1:
hostAddress = row[hostAddress_counter]
else:
hostAddress = 'none'
if hostName_counter > -1:
hostName = row[hostName_counter]
else:
hostName = 'none'
if port_counter > -1:
port = row[port_counter]
else:
port = 'none'
if vulnID_counter > -1:
vulnID = row[vulnID_counter]
else:
vulnID = 'none'
if vulnName_counter > -1:
vulnName = row[vulnName_counter]
else:
vulnName = 'none'
if severity_counter > -1:
severity = row[severity_counter]
if severity == 'Critical':
severity = '4'
elif severity == 'High':
severity = '3'
elif severity == 'Medium':
severity = '2'
elif severity == 'Low':
severity = '1'
elif severity == 'None':
severity = '0'
elif severity == 'Vulnerability Severity Level':
severity = '0'
else:
severity = 'none'
if desc_counter > -1:
desc = row[desc_counter]
else:
desc = 'none'
if sol_counter > -1:
sol = row[sol_counter]
else:
sol = 'none'
if ref_counter > -1:
ref = row[ref_counter]
else:
ref = 'none'
if date_counter > -1:
date = row[date_counter]
else:
# SET TO CURRENT DATE IF CSV FILE HAS NO DATE TO BE READ
today = datetime.now()
if nessusTrigger == True:
date = today.strftime("%a %b %d %H:%M:%S %Y")
elif nexposeTrigger == True:
date = today.strftime("%Y%m%dT%H%M%s")
if cvss_counter > -1:
cvss = row[cvss_counter]
else:
cvss = 'none'
else:
return Response(
"Error: Not a supported CSV File is being read")
# if hostAddress != 'Host':
vulnerability = TempVulnerability(hostAddress, hostName, port, ssl,
vulnID, vulnName, severity, desc,
path, sol, ref, date, cvss)
listVuln.append(vulnerability)
if vulnerability is None:
return Response(
" Error: Not a supported CSV File is being read")
# Push Object into the end of the list.
# vulnerability.print()
if nessusTrigger == True:
tempArray = []
for i in listVuln:
if i.host != 'Host':
tempArray.append(i)
elif i.host == 'Host':
bad_vuln.append(i)
for i in tempArray:
if valid_import_vuln_nes(i):
array.append(i)
else:
bad_vuln.append(i)
response = build_vulns('Nes', company, array)
elif nexposeTrigger == True:
tempArray = []
for i in listVuln:
# print(i.host)
if i.host != 'Asset IP Address':
tempArray.append(i)
elif i.host == 'Asset IP Address':
bad_vuln.append(i)
else:
return Response(
"Not a supported CSV File is being read")
for i in tempArray:
if valid_import_vuln_nex(i):
array.append(i)
else:
bad_vuln.append(i)
response = build_vulns('Nex', company, array)
else:
return Response("Not a supported CSV File is being read")
# This is a print method to print out the vulnerability -- For TESTING ONLY
'''for i in array:
i.print()'''
return response