def createAndAddHost(self, name, os="unknown", hostnames=None, mac=None):
host_obj = factory.createModelObject(Host.class_signature,
name,
os=os,
parent_id=None,
workspace_name=self.workspace,
hostnames=hostnames,
mac=mac)
host_obj._metadata.creatoserverr = self.id
self.__addPendingAction(Modelactions.ADDHOST, host_obj)
return host_obj.getID()
def main(workspace='', args=None, parser=None):
parser.add_argument('host_id', help='Service Parent Host ID')
parser.add_argument('name', help='Service Name')
parser.add_argument('ports',
help='Service ports, as a comma separated list')
parser.add_argument('--protocol', help='Service protocol', default='tcp')
parser.add_argument('--status', help='Service status', default='open')
parser.add_argument('--version', help='Service version', default='unknown')
parser.add_argument('--description',
help='Service description',
default='')
parser.add_argument(
'--dry-run',
action='store_true',
help='Do not touch the database. Only print the object ID')
parsed_args = parser.parse_args(args)
ports = list(filter(None, parsed_args.ports.split(',')))
res_ids = [] #new service or old services ids affected by the command
for port in ports:
params = {
'name': parsed_args.name,
'port': port,
'protocol': parsed_args.protocol,
'host_id': parsed_args.host_id
}
obj = factory.createModelObject(models.Service.class_signature,
parsed_args.name,
workspace,
protocol=parsed_args.protocol,
ports=[port],
status=parsed_args.status,
version=parsed_args.version,
description=parsed_args.description,
parent_id=parsed_args.host_id)
old = models.get_service(workspace, **params)
if old is None:
if not parsed_args.dry_run:
models.create_service(workspace, obj)
old = models.get_service(workspace, **params)
else:
print("A service with ID %s already exists!" % old.getID())
res_ids.append(old.getID())
return 0, res_ids
def main(workspace='', args=None, parser=None):
parser.add_argument('parent', help='Parent ID')
parser.add_argument('name', help='Credential Name')
parser.add_argument('username', help='Username')
parser.add_argument('password', help='Password')
parser.add_argument('--parent_type',
help='Vulnerability severity',
choices=['Host', 'Service'],
default='unclassified')
parser.add_argument(
'--dry-run',
action='store_true',
help='Do not touch the database. Only print the object ID')
parsed_args = parser.parse_args(args)
params = {
'username': parsed_args.username,
}
if parsed_args.parent_type == 'Host':
params.update({'host_id': parsed_args.parent})
elif parsed_args.parent_type == 'Service':
params.update({'service_id': parsed_args.parent})
else:
raise UserWarning(
'Credential only allow Host or Service as parent_type')
obj = factory.createModelObject(models.Credential.class_signature,
parsed_args.name,
workspace,
username=parsed_args.username,
password=parsed_args.password,
parent_type=parsed_args.parent_type,
parent=parsed_args.parent)
old = models.get_credential(workspace, **params)
if old is None:
if not parsed_args.dry_run:
models.create_credential(workspace, obj)
old = models.get_credential(workspace, **params)
else:
print("A credential with ID %s already exists!" % old.getID())
return 2, None
return 0, old.getID()
def main(workspace='', args=None, parser=None):
parser.add_argument('ip', help='Host IP')
parser.add_argument('os', help='OS')
parser.add_argument('mac', help='Interface MAC Address')
parser.add_argument('--gateway',
help='IPV4 or IPV6 Gateway',
default='0.0.0.0')
parser.add_argument('--netsegment', help='Network Segment', default='')
parser.add_argument(
'--dry-run',
action='store_true',
help='Do not touch the database. Only print the object ID')
parsed_args = parser.parse_args(args)
params = {
'ip': parsed_args.ip,
}
obj_host = factory.createModelObject(
models.Host.class_signature,
parsed_args.ip,
workspace,
os=parsed_args.os,
mac=parsed_args.mac,
network_segment=parsed_args.netsegment,
parent_id=None)
old_host = models.get_host(workspace, **params)
if old_host is None:
if not parsed_args.dry_run:
models.create_host(workspace, obj_host)
old_host = models.get_host(workspace, **params)
else:
return 0, None
else:
print("A host with ID %s already exists!" % old_host.getID())
return 2, None
return 0, old_host.getID()
def main(workspace='', args=None, parser=None):
parser.add_argument('service', help='Parent service ID')
parser.add_argument('name', help='Vulnerability name')
parser.add_argument('--reference', help='Vulnerability reference', default='') # Fixme
parser.add_argument('--severity',
help='Vulnerability severity',
choices=['critical', 'high', 'med', 'low', 'info', 'unclassified'],
default='unclassified')
parser.add_argument('--resolution', help='Resolution', default='')
parser.add_argument('--description', help='Vulnerability description', default='')
parser.add_argument('--website', help='Website', default='')
parser.add_argument('--path', help='Path', default='')
parser.add_argument('--request', help='Request', default='')
parser.add_argument('--response', help='Response', default='')
parser.add_argument('--method', help='Method', default='')
parser.add_argument('--pname', help='pname', default='') # FIXME
parser.add_argument('--params', help='Parameters', default='')
parser.add_argument('--query', help='Query', default='')
parser.add_argument('--category', help='Category', default='')
parser.add_argument('--confirmed', help='Is the vulnerability confirmed',
choices=['true', 'false'],
default='false')
parser.add_argument('--dry-run', action='store_true', help='Do not touch the database. Only print the object ID')
parsed_args = parser.parse_args(args)
params = {
'name': parsed_args.name,
'description': parsed_args.description,
'service_id': parsed_args.service,
'method': parsed_args.method,
'parameter_name': parsed_args.params,
'path': parsed_args.path,
'website': parsed_args.website,
}
obj = factory.createModelObject(models.VulnWeb.class_signature, parsed_args.name, workspace,
desc=parsed_args.description,
ref=parsed_args.reference,
severity=parsed_args.severity,
resolution=parsed_args.resolution,
website=parsed_args.website,
path=parsed_args.path,
request=parsed_args.request,
response=parsed_args.response,
method=parsed_args.method,
pname=parsed_args.pname,
params=parsed_args.params,
query=parsed_args.query,
category=parsed_args.category,
confirmed=(parsed_args.confirmed == 'true'),
parent_id=parsed_args.service,
parent_type='Service'
)
old = models.get_web_vuln(workspace, **params)
if old is None:
if not parsed_args.dry_run:
models.create_vuln_web(workspace, obj)
old = models.get_web_vuln(workspace, **params)
else:
print("A web vulnerability with ID %s already exists!" % old.getID())
return 2, None
return 0, old.getID()
def main(workspace='', args=None, parser=None):
parser.add_argument('parent_type', choices=['Host', 'Service'])
parser.add_argument('parent', help='Parent ID')
parser.add_argument('name', help='Vulnerability Name')
parser.add_argument('--reference',
help='Vulnerability reference',
default='') # Fixme
parser.add_argument(
'--severity',
help='Vulnerability severity',
choices=['critical', 'high', 'med', 'low', 'info', 'unclassified'],
default='unclassified')
parser.add_argument('--resolution', help='Resolution', default='')
parser.add_argument('--confirmed',
help='Is the vulnerability confirmed',
choices=['true', 'false'],
default='false')
parser.add_argument('--description',
help='Vulnerability description',
default='')
parsed_args = parser.parse_args(args)
obj = factory.createModelObject(
models.Vuln.class_signature,
parsed_args.name,
workspace,
ref=parsed_args.reference,
severity=parsed_args.severity,
resolution=parsed_args.resolution,
confirmed=(parsed_args.confirmed == 'true'),
desc=parsed_args.description,
parent_id=parsed_args.parent,
parent_type=parsed_args.parent_type.capitalize())
params = {
'name': parsed_args.name,
'description': parsed_args.description,
'parent_type': parsed_args.parent_type.capitalize(),
'parent': parsed_args.parent,
}
try:
models.create_vuln(workspace, obj)
except ConflictInDatabase as ex:
if ex.answer.status_code == 409:
try:
old_id = ex.answer.json()['object']['_id']
except KeyError:
print("Vulnerability already exists. Couldn't fetch ID")
return 2, None
else:
print("A vulnerability with ID %s already exists!" % old_id)
return 2, None
else:
print("Unknown error while creating the vulnerability")
return 2, None
except CantCommunicateWithServerError as ex:
print("Error while creating vulnerability:", ex.response.text)
return 2, None
new = models.get_vulns(workspace, **params)
return 0, new[0].getID()
def main(workspace='', args=None, parser=None):
parser.add_argument('-s',
'--source',
nargs='*',
help='Filter packets by source'),
parser.add_argument('-d',
'--dest',
nargs='*',
help='Filter packets by destination'),
parser.add_argument(
'--dry-run',
action='store_true',
help='Do not touch the database. Only print the object ID')
parser.add_argument('-v',
'--verbose',
action='store_true',
help='Verbose output from the pcapfile library.')
parser.add_argument('pcap', help='Path to the PCAP file'),
parsed_args = parser.parse_args(args)
try:
from pcapfile import savefile
import pcapfile
except ImportError:
print('capfile not found, please install it to use this plugin.' \
' You can do it executing pip2 install pcapfile in a shell.')
return 1, None
if not os.path.isfile(parsed_args.pcap):
print("pcap file not found: " % parsed_args.pcap)
return 2, None
testcap = open(parsed_args.pcap, 'rb')
try:
capfile = savefile.load_savefile(testcap,
layers=2,
verbose=parsed_args.verbose)
except pcapfile.Error:
print("Invalid pcap file")
return 3, None
print('pcap file loaded. Parsing packets...')
# Set() to store already added hosts. This will save an enormous amount of time by not querying the database
# for hosts we already know are in Faraday
added = set()
for packet in capfile.packets:
if packet.packet.type != 2048:
continue
src = packet.packet.payload.src
dst = packet.packet.payload.dst
if parsed_args.source and not src in parsed_args.source:
continue
if parsed_args.dest and not dst in parsed_args.dest:
continue
if src not in added:
# Lets save additional queries for this IP, it will already be on the database anyway!
added.add(packet.packet.payload.src)
# Parsing of source field
obj = factory.createModelObject(models.Host.class_signature,
src,
workspace,
os=None,
parent_id=None)
old = models.get_host(workspace, obj.getID())
if old is None:
if not parsed_args.dry_run:
models.create_host(workspace, obj)
print('%s\t%s' % (src, obj.getID()))
if dst not in added:
# Lets save additional queries for this IP, it will already be on the database anyway!
added.add(packet.packet.payload.dst)
# Parsing of destination field
obj = factory.createModelObject(models.Host.class_signature,
dst,
workspace,
os=None,
parent_id=None)
old = models.get_host(workspace, obj.getID())
if old is None:
if not parsed_args.dry_run:
models.create_host(workspace, obj)
print('%s\t%s' % (dst, obj.getID()))
return 0, None