def doAction(self,data):
actionResult = {}
ip = helpers.evalString(self.ip,{"data" : data["flowData"]})
port = helpers.evalString(self.port,{"data" : data["flowData"]})
scanName = helpers.evalString(self.scanName,{"data" : data["flowData"]})
domainName = helpers.evalString(self.domainName,{"data" : data["flowData"]})
result = []
protocols = ["http", "https"]
for protocol in protocols:
timeout = 5
if self.timeout != 0:
timeout = self.timeout
response = remoteHelpers.runRemoteFunction(self.runRemote,data["eventData"],webserverConnect,{"protocol" : protocol, "ip" : ip, "port" : port, "timeout" : timeout, "domainName" : domainName},False)
if "error" not in response:
headers = helpers.lower_dict(response["headers"])
for excludeHeader in self.excludeHeaders:
if excludeHeader in headers:
del headers[excludeHeader]
# Update scan if updateScan mapping was provided
if len(scanName) > 0:
if domainName == "":
inga._inga()._dbCollection.update_one({ "scanName": scanName, "ip": ip, "ports.tcp.port" : port },{ "$set" : { "ports.tcp.$.data.webServerDetect" : { "protocol" : protocol, "headers" : headers, "lastSeen" : time.time() } } })
url = "{0}://{1}:{2}".format(protocol,ip,port)
else:
inga._inga()._dbCollection.update_one({ "scanName": scanName, "ip": ip, "domains.domain" : domainName },{ "$set" : { "domains.$.data.webServerDetect.{0}".format(protocol) : { "protocol" : protocol, "headers" : headers, "lastSeen" : time.time() } } })
url = "{0}://{1}".format(protocol,domainName)
# Detect HTTP -> HTTPS redirect upgrade
insecureUpgrade = None
try:
if protocol == "http" and "https://" in headers["location"]:
insecureUpgrade = True
except KeyError:
if protocol == "http":
insecureUpgrade = False
result.append({ "protocol" : protocol, "headers" : headers, "url" : url, "insecureUpgrade" : insecureUpgrade })
else:
actionResult["result"] = False
actionResult["rc"] = 500
actionResult["msg"] = response["error"]
actionResult["stderr"] = response["stderr"]
actionResult["stdout"] = response["stdout"]
return actionResult
if result:
actionResult["result"] = True
actionResult["rc"] = 0
actionResult["serverDetails"] = result
else:
actionResult["result"] = False
actionResult["rc"] = 404
return actionResult
def doAction(self,data):
actionResult = {}
scanName = helpers.evalString(self.scanName,{"data" : data["flowData"]})
topLevelDomain = helpers.evalString(self.topLevelDomain,{"data" : data["flowData"]})
response = remoteHelpers.runRemoteFunction(self.runRemote,data["eventData"],runtheHarvester,{"topLevelDomain" : topLevelDomain},False)
if "error" not in response:
if len(scanName) > 0:
scanResults = inga._inga().getAsClass(query={ "scanName" : scanName },fields=["scanName","ip","up","lastScan","domains"])
for domain in response["domains"]:
if domain["ip"] != "":
scanFound = False
for scanResult in scanResults:
if scanResult.ip == domain["ip"]:
currentEntry = scanResult
scanFound = True
break
if not scanFound:
newId = str(inga._inga().new(self.acl,scanName,domain["ip"],False).inserted_id)
newEntry = inga._inga().getAsClass(id=newId)[0]
scanResults.append(newEntry)
currentEntry = newEntry
currentEntryDomainFound = False
for currentEntryDomain in currentEntry.domains:
if currentEntryDomain["domain"] == domain["domain"]:
currentEntryDomainFound = True
currentEntry._dbCollection.update_one({ "scanName" : scanName, "ip" : domain["ip"], "domains.domain" : domain["domain"] },{ "$set" : { "domains.$.lastSeen" : domain["lastSeen"] } })
break
if not currentEntryDomainFound:
currentEntry.domains.append(domain)
currentEntry._dbCollection.update_one({ "scanName" : scanName, "ip" : domain["ip"] },{ "$push" : { "domains" : domain } })
actionResult["result"] = True
actionResult["rc"] = 0
actionResult["domains"] = response["domains"]
else:
actionResult["result"] = False
actionResult["rc"] = 500
actionResult["msg"] = response["error"]
actionResult["stderr"] = response["stderr"]
actionResult["stdout"] = response["stdout"]
return actionResult
def doAction(self,data):
actionResult = {}
ip = helpers.evalString(self.ip,{"data" : data["flowData"]})
port = helpers.evalString(self.port,{"data" : data["flowData"]})
scanName = helpers.evalString(self.scanName,{"data" : data["flowData"]})
url = helpers.evalString(self.url,{"data" : data["flowData"]})
domainName = helpers.evalString(self.domainName,{"data" : data["flowData"]})
outputDir = helpers.evalString(self.outputDir,{"data" : data["flowData"]})
timeout = 5
if self.timeout != 0:
timeout = self.timeout
response = remoteHelpers.runRemoteFunction(self.runRemote,data["eventData"],takeScreenshot,{"url" : url, "timeout" : timeout, "outputDir" : outputDir},False)
if "error" not in response:
# check for existing screenshot and delete it
scan = inga._inga().getAsClass(query={ "scanName": scanName, "ip": ip })
if len(scan) > 0:
scan = scan[0]
try:
for scanPort in scan.ports["tcp"]:
if scanPort["port"] == port:
storage._storage().api_delete(id=scanPort["data"]["webScreenShot"]["storageID"])
except KeyError:
pass
newStorageItem = storage._storage().new(self.acl,"_ingaWebScreenShot",response["fileData"])
if domainName == "":
inga._inga()._dbCollection.update_one({ "scanName": scanName, "ip": ip, "ports.tcp.port" : port },{ "$set" : { "ports.tcp.$.data.webScreenShot" : { "storageID" : str(newStorageItem.inserted_id), "lastSeen" : time.time() } } })
else:
protocol = "http"
if "https://" in url:
protocol = "https"
inga._inga()._dbCollection.update_one({ "scanName": scanName, "ip": ip, "domains.domain" : domainName },{ "$set" : { "domains.$.data.webScreenShot.{0}".format(protocol) : { "storageID" : str(newStorageItem.inserted_id), "lastSeen" : time.time() } } })
actionResult["result"] = True
actionResult["rc"] = 0
actionResult["storageID"] = str(newStorageItem.inserted_id)
else:
actionResult["result"] = False
actionResult["rc"] = 500
actionResult["msg"] = response["error"]
actionResult["stderr"] = response["stderr"]
actionResult["stdout"] = response["stdout"]
return actionResult
def run(self, data, persistentData, actionResult):
host = helpers.evalString(self.scanHost, {"data": data})
# port = helpers.evalString(self.webServer_port,{"data" : data})
if host != "":
if not self.isValidDomain(host):
actionResult["result"] = False
actionResult["rc"] = 400
actionResult["data"][
"message"] = "Please supply a valid domain"
return actionResult
scanResults = sslscan._sslscan().query(
query={"scanHost": self.scanHost})["results"]
# In the case you perform a query and it resturns an empty list
if not scanResults:
sslscan._sslscan().new(self.scanHost)
if self.scan_publish == True:
publish = "on"
else:
publish = "off"
if self.scan_ignoreMismatch == True:
ignoreMismatch = "on"
else:
ignoreMismatch = "off"
if self.scanCache == True:
scan_cache = "on"
else:
scan_cache = "off"
proxy = {"http": "http://", "https": "http://"}
if self.useProxy == True:
sslLabsClient = sslHelper._sslassist(host, proxy)
else:
sslLabsClient = sslHelper._sslassist(host)
if self.runRemote == True:
#If persistent data found
if "remote" in persistentData:
#If Remote module can be imported
if CAN_IMPORT_REMOTE:
while True:
try:
remote = remoteHelpers.runRemoteFunction(
True,
persistentData,
sslHelper.runIPfunction, {
"host": host,
"publish": publish,
"ignoreMismatch": ignoreMismatch,
"scan_cache": scan_cache
},
elevate=False)
_blob = remote["response"]
if remote["statusCode"] == 200:
if _blob["status"] == "DNS":
print("DNS")
sleep(10)
continue
elif _blob["status"] == "IN_PROGRESS":
print("IN PRO")
sleep(10)
continue
elif _blob["status"] == "READY":
break
elif _blob["status"] == "ERROR":
break
# if statuscode not 200 (err has ouccred prevent null keys from erroring)
else:
actionResult["result"] = False
actionResult["rc"] = -1
actionResult["data"][
"message"] = "ERROR connecting to API please investigate"
except SSLException as msg:
actionResult["result"] = False
actionResult["rc"] = -1
actionResult["data"]["message"] = msg
# response = remote["response"]["status"]
else:
actionResult["result"] = False
actionResult["rc"] = -1
actionResult["data"][
"message"] = "Remote Config supplied, client data not found exiting"
return actionResult
#
# Scan Locally
#
else:
while True:
try:
_blob = sslLabsClient.apiCall(
publish=publish,
ignoreMismatch=ignoreMismatch,
scan_cache=scan_cache,
all="on")
if _blob["status"] == "DNS":
print("DNS")
sleep(10)
continue
elif _blob["status"] == "IN_PROGRESS":
print("IN PRO")
sleep(10)
continue
elif _blob["status"] == "READY":
break
elif _blob["status"] == "ERROR":
break
except Exception as msg:
actionResult["result"] = False
actionResult["rc"] = -1
actionResult["data"]["message"] = msg
# # # # # # # # # # # # # #
# # Parse Cert Info
# # # # # # # # # # # # # #
ipAddress = _blob["endpoints"][0]["ipAddress"]
ssl_grade = _blob["endpoints"][0]["grade"]
tls_ciphers = sslLabsClient.get_cipher_suites(
_blob["endpoints"][0]["details"]["suites"])
cert_info = sslLabsClient.get_cert(_blob)
vulns = sslLabsClient.get_vulns(_blob["endpoints"][0]["details"])
try:
server_sig = _blob["endpoints"][0]["details"][
"serverSignature"]
except KeyError as e:
server_sig = "Server sig not found"
sslscan._sslscan().api_update(
query={"scanHost": f"{self.scanHost}"},
update={
"$set": {
"supportedTLSCiphers": tls_ciphers,
"cert_info": cert_info,
"vulnerableCiphers": vulns,
"SSL_grade": f"{ssl_grade}",
"ipAddress": f"{ipAddress}",
"serverSignature": f"{server_sig}"
}
})
actionResult["data"]["ipAddress"] = ipAddress
actionResult["data"]["serverSignature"] = server_sig
actionResult["data"]["serverScore"] = ssl_grade
actionResult["data"]["supportedTLSCiphers"] = tls_ciphers
actionResult["data"]["certificateInfo"] = cert_info
actionResult["data"]["vulnerabilityResults"] = vulns
actionResult["result"] = True
actionResult["rc"] = 200
actionResult["data"]["message"] = "Host was successfully scanned"
# #**** look for the header where the response code is 200 not 302 ****
# headers = _blob["endpoints"][0]["details"]["httpTransactions"] #, responseHeadersRaw
else:
actionResult["result"] = False
actionResult["rc"] = -1
actionResult["data"]["message"] = "Please specify a host to scan"
return actionResult