def import_xml_scan(): """ Upload/import Nexpose XML Scan file via scheduler task """ from NexposeAPI import NexposeAPI, Sites, Report from skaldship.general import check_datadir from skaldship.metasploit import msf_get_config import time import os msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nexpose XML Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) # check to see if nexpose is configured/active and get site listing nexpose_config = nexpose_get_config() nxsitelist = [] if nexpose_config['host'] is not None and nexpose_config[ 'user'] is not None: # see if the host is open/active first if nexpose_config['host'] is not None: sites = Sites() sites.host = nexpose_config['host'] sites.port = nexpose_config['port'] try: if sites.login(user_id=nexpose_config['user'], password=nexpose_config['password']): sites = sites.listings() nxsitelist.append([0, None]) for k, v in sites.iteritems(): nxsitelist.append([int(k), sites[k]['name']]) except Exception, e: pass
def import_xml_scan(): """ Upload/import Nexpose XML Scan file via scheduler task """ from NexposeAPI import NexposeAPI, Sites, Report from skaldship.general import check_datadir from skaldship.metasploit import msf_get_config import time import os msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings["url"], apikey=msf_settings["key"]) working_msf_api = msf_api.login() except: working_msf_api = False filedir = os.path.join(request.folder, "data", "scanfiles") response.title = "%s :: Import Nexpose XML Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) # check to see if nexpose is configured/active and get site listing nexpose_config = nexpose_get_config() nxsitelist = [] if nexpose_config["host"] is not None and nexpose_config["user"] is not None: # see if the host is open/active first if nexpose_config["host"] is not None: sites = Sites() sites.host = nexpose_config["host"] sites.port = nexpose_config["port"] try: if sites.login(user_id=nexpose_config["user"], password=nexpose_config["password"]): sites = sites.listings() nxsitelist.append([0, None]) for k, v in sites.iteritems(): nxsitelist.append([int(k), sites[k]["name"]]) except Exception, e: pass
def import_xml_scan(): """ Upload/import Nexpose XML Scan file via scheduler task """ from NexposeAPI import NexposeAPI, Sites, Report from skaldship.general import check_datadir import time import os try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitAPI import MetasploitAPI msf_api = MetasploitAPI(host=auth.user.f_msf_pro_url, apikey=auth.user.f_msf_pro_key) working_msf_api = msf_api.login() except: working_msf_api = False filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nexpose XML Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append( [ user.id, user.username ] ) # check to see if nexpose is configured/active and get site listing nxsitelist = [] if auth.user.f_nexpose_host is not None and auth.user.f_nexpose_user is not None: # see if the host is open/active first if auth.user.f_nexpose_host is not None: sites = Sites() sites.host = auth.user.f_nexpose_host sites.port = auth.user.f_nexpose_port try: if sites.login(user_id=auth.user.f_nexpose_user, password=auth.user.f_nexpose_pw): sites = sites.listings() nxsitelist.append( [ 0, None ] ) for k,v in sites.iteritems(): nxsitelist.append( [int(k), sites[k]['name']] ) except Exception, e: pass
def import_xml_scan(): """ Upload/import Nexpose XML Scan file via scheduler task """ from NexposeAPI import NexposeAPI, Sites, Report from skaldship.general import check_datadir from skaldship.metasploit import msf_get_config import time import os msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nexpose XML Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) # check to see if nexpose is configured/active and get site listing nexpose_config = nexpose_get_config() nxsitelist = [] if nexpose_config['host'] is not None and nexpose_config[ 'user'] is not None: # see if the host is open/active first if nexpose_config['host'] is not None: sites = Sites() sites.host = nexpose_config['host'] sites.port = nexpose_config['port'] try: if sites.login(user_id=nexpose_config['user'], password=nexpose_config['password']): sites = sites.listings() nxsitelist.append([0, None]) for k, v in sites.items(): nxsitelist.append([int(k), sites[k]['name']]) except Exception as e: pass if nxsitelist: fields.append( Field('f_nexpose_site', type='integer', label=T('Nexpose Site'), requires=IS_IN_SET(nxsitelist, zero=None))) fields.append( Field('f_filename', 'upload', uploadfolder=filedir, label=T('Nexpose XML File'))) fields.append( Field('f_engineer', type='integer', label=T('Engineer'), default=auth.user.id, requires=IS_IN_SET(userlist))) fields.append( Field('f_asset_group', type='string', label=T('Asset Group'), requires=IS_NOT_EMPTY())) # If Metasploit available, pull a list of the workspaces and present them if working_msf_api: msf_workspaces = [] msf_workspaces.append("None") for w in list(msf_api.pro_workspaces().keys()): msf_workspaces.append(w) fields.append( Field('f_msf_workspace', type='string', label=T('MSF Pro Workspace'), requires=IS_EMPTY_OR(IS_IN_SET(msf_workspaces, zero=None)))) fields.append( Field('f_include_list', type='text', label=T('Hosts to Only Include'))) fields.append( Field('f_ignore_list', type='text', label=T('Hosts to Ignore'))) fields.append( Field('f_update_hosts', type='boolean', label=T('Update Host Information'), default=False)) fields.append( Field('f_taskit', type='boolean', default=auth.user.f_scheduler_tasks, label=T('Run in background task'))) form = SQLFORM.factory(*fields, table_name='nexpose_xml') # form processing if form.errors: response.flash = 'Error in form' elif form.accepts(request.vars, session): # process a nexpose file if not nxsitelist: nexpose_site = '0' else: nexpose_site = form.vars.f_nexpose_site if nexpose_site != '0': report = Report() report.host = nexpose_config['host'] report.port = nexpose_config['port'] nx_loggedin = report.login(user_id=nexpose_config['user'], password=nexpose_config['password']) if nx_loggedin: # have nexpose generate the adhoc report check_datadir(request.folder) filename = os.path.join( filedir, "%s-%s.xml" % (form.vars.f_asset_group, int(time.time()))) fout = open(filename, "w") fout.write(report.adhoc_generate(filterid=nexpose_site)) fout.close() else: response.flash = "Unable to login to Nexpose" return dict(form=form) else: filename = form.vars.f_filename filename = os.path.join(filedir, form.vars.f_filename) # build the hosts only/exclude list ip_exclude = [] data = form.vars.get('f_ignore_list') if data: ip_exclude = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals ip_include = [] data = form.vars.get('f_include_list') if data: ip_include = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals if form.vars.f_msf_workspace: msf_workspace = form.vars.f_msf_workspace if msf_workspace == "None": msf_workspace = None else: msf_workspace = None msf_settings = { 'workspace': msf_workspace, 'url': msf_settings['url'], 'key': msf_settings['key'] } if form.vars.f_taskit: task = scheduler.queue_task( scanner_import, pvars=dict( scanner='nexpose', filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, msf_settings=msf_settings, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ), group_name=settings.scheduler_group_name, sync_output=5, timeout=settings.scheduler_timeout) if task.id: redirect(URL('tasks', 'status', args=task.id)) else: response.flash = "Error submitting job: %s" % (task.errors) else: from skaldship.nexpose import process_xml log("Starting Nexpose XML Import") process_xml( filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, msf_settings=msf_settings, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ) response.flash = "Nexpose XML upload complete" redirect(URL('default', 'index')) return dict(form=form)