def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposeExploits(reporto): for key, val in dic.iteritems(): if key == request.fields['vulnid'] and val[1] == 'metasploit': e = NexposeMetasploitModule(val[0], exploittype=val[1], siteid=siteid, scanid=request.fields['scanid'], vulnid=key) e += Label('Metasploit Module URL', val[2]) e += Label('Skill Level', val[3]) response += e return response nexlogout(session)
def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposeVulns(reporto): for key, val in dic.iteritems(): e = NexposeVulnerability(val[0], siteid=siteid, scanid=request.fields['scanid'], vulnid=key) e += Label('cvss Score', val[2]) e += Label('Severity', val[1]) response += e return response nexlogout(session)
def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposeExploits(reporto): for key, val in dic.iteritems(): if key == request.fields['vulnid'] and val[1] == 'exploitdb': e = NexposeEDBExploit(val[0], exploittype=val[1], siteid=siteid, scanid=request.fields['scanid'], vulnid=key) e += Label('Exploit DB URL', val[2]) e += Label('Skill Level', val[3]) response += e return response nexlogout(session)
def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposePort(reporto): for key, val in dic.iteritems(): response += Port(key, siteid=siteid, scanid=request.fields['scanid'], protocol=val[0], status=val[1]) return response nexlogout(session)
def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposeServiceVer(reporto): for key, val in dic.iteritems(): if key == request.value and len(val) == 3: response += ServiceVersion(val[0] + '-' + val[1], siteid=siteid, scanid=request.fields['scanid'], port=request.fields['port'], service=request.value, certainty=val[2]) elif key == request.value and len(val) == 2: response += ServiceVersion(val[0] + '-' + val[1], siteid=siteid, scanid=request.fields['scanid'], port=request.fields['port'], service=request.value) elif key == request.value and len(val) == 1: response += ServiceVersion(val[0], siteid=siteid, scanid=request.fields['scanid'], port=request.fields['port'], service=request.value) return response nexlogout(session)
def dotransform(request, response): checkdir(config['nexpose/reportdir']) # Nexpose API session login session = nexlogin() # Nexpose Adhoc report generation and save to file siteid = request.fields['siteid'] report = '%s.xml' % siteid reportstatus = reportChecker(session, siteid, report) if reportstatus == True: f = open(os.path.join(config['nexpose/reportdir'], report)) reporto = f.read() f.close else: raise MaltegoException('Something went wrong with the report checks') for dic in nexposePortTests(reporto): for key, val in dic.iteritems(): if request.value == key: for key1, val1 in val.iteritems(): test = key1 for dic in nexposeVulns(reporto): for key2, val2 in dic.iteritems(): if test == key2: e = NexposeVulnerability(val2[0], siteid=siteid, scanid=request.fields['scanid'], vulnid=key2) e += Label('cvss Score', val2[2]) e += Label('Severity', val2[1]) response += e else: pass return response nexlogout(session)