def run_recon(scan_information): slack.send_notification_to_channel( 'Starting recon against %s' % scan_information['domain'], '#vm-recon-module') mongo.add_module_status_log({ 'module_keyword': "recon_module", 'state': "start", 'domain': scan_information[ 'domain'], #En los casos de start/stop de genericos, va None 'found': None, 'arguments': scan_information }) #We add the domain to our domain database mongo.add_domain(scan_information, True, True) # Scanning for subdomains subdomain_recon_task(scan_information) # We resolve to get http/https urls resolver_recon_task(scan_information) mongo.add_module_status_log({ 'module_keyword': "recon_module", 'state': "start", 'domain': scan_information[ 'domain'], #En los casos de start/stop de genericos, va None 'found': None, 'arguments': scan_information }) recon_finished(scan_information) return
def send_module_status_log(scan_info, status): mongo.add_module_status_log({ 'module_keyword': MODULE_IDENTIFIER, 'state': status, 'domain': scan_info['domain'], 'found': None, 'arguments': scan_info }) return
def start_scan_on_approved_resources(): slack.send_notification_to_channel( '_ Starting scan against approved resources _', '#vm-ondemand') resources = mongo.get_data_for_approved_scan() print(resources) for resource in resources: scan_info = resource scan_info['email'] = None scan_info['nessus_scan'] = settings['PROJECT']['ACTIVATE_NESSUS'] scan_info['acunetix_scan'] = settings['PROJECT']['ACTIVATE_ACUNETIX'] scan_info['burp_scan'] = settings['PROJECT']['ACTIVATE_BURP'] scan_info['invasive_scans'] = settings['PROJECT'][ 'ACTIVATE_INVASIVE_SCANS'] mongo.add_module_status_log({ 'module_keyword': "general_vuln_module", 'state': "start", 'domain': scan_info[ 'domain'], #En los casos de start/stop de genericos, va None 'found': None, 'arguments': scan_info }) if scan_info['type'] == 'domain': execution_chord = chord( [ run_web_scanners.si(scan_info).set(queue='fast_queue'), run_ip_scans.si(scan_info).set(queue='slow_queue') ], body=on_demand_scan_finished.s(scan_info).set( queue='fast_queue'), immutable=True) execution_chord.apply_async(queue='fast_queue', interval=300) elif scan_info['type'] == 'ip': execution_chord = chord( [run_ip_scans.si(scan_info).set(queue='slow_queue')], body=on_demand_scan_finished.s(scan_info).set( queue='fast_queue'), immutable=True) execution_chord.apply_async(queue='fast_queue', interval=300) elif scan_info['type'] == 'url': execution_chord = chord( [ run_web_scanners.si(scan_info).set(queue='fast_queue'), run_ip_scans.si(scan_info).set(queue='slow_queue') ], body=on_demand_scan_finished.s(scan_info).set( queue='fast_queue'), immutable=True) execution_chord.apply_async(queue='fast_queue', interval=300) return
def project_monitor_task(): monitor_data = mongo.get_domains_for_monitor() mongo.add_module_status_log({ 'module_keyword': "monitor_recon_module", 'state': "start", 'domain': None, #En los casos de start/stop de genericos, va None 'found': None, 'arguments': monitor_data }) print(monitor_data) slack.send_notification_to_channel( 'Starting monitor against %s' % str(monitor_data), '#vm-monitor') for data in monitor_data: scan_info = data scan_info['is_first_run'] = False scan_info['email'] = None scan_info['type'] = 'domain' if scan_info['type'] == 'domain': run_recon.apply_async(args=[scan_info], queue='fast_queue') return
def recon_against_target(information): information['is_first_run'] = True information['type'] = 'domain' slack.send_notification_to_channel( '_ Starting recon only scan against %s _' % str(information['domain']), '#vm-ondemand') mongo.add_module_status_log({ 'module_keyword': "on_demand_recon_module", 'state': "start", 'domain': None, #En los casos de start/stop de genericos, va None 'found': None, 'arguments': information }) for domain in information['domain']: current_scan_info = copy.deepcopy(information) current_scan_info['domain'] = domain execution_chain = chain( tasks.run_recon.si(current_scan_info).set(queue='slow_queue')) execution_chain.apply_async(queue='fast_queue', interval=300)
def gather_data(project_dir, scan_info): # Take final text file and run through API that checks information # Here we call the add_to_db lines = open(project_dir + '/all.txt', 'r').readlines() # List is empty if not lines: mongo.add_module_status_log({ 'module_keyword': "subdomain_recon_module", 'state': "start", 'domain': scan_info['domain'], #En los casos de start/stop de genericos, va None 'found': "not_found", 'arguments': scan_info }) else: mongo.add_module_status_log({ 'module_keyword': "subdomain_recon_module", 'state': "start", 'domain': scan_info['domain'], #En los casos de start/stop de genericos, va None 'found': "found", 'arguments': scan_info }) for url in lines: url = url.replace('\n', '') try: is_alive = subprocess.check_output(['dig', url, '+short', '|', 'sed', "'/[a-z]/d'"]) except subprocess.CalledProcessError: print('ERROR Called proces error at dig gather data') continue if is_alive.decode(): is_alive_clause = 'True' else: is_alive_clause = 'False' try: has_ip = subprocess.check_output(['dig', url, '+short', '|', 'sed', "'/[a-z]/d'", '|', 'sed', '-n', 'lp']) except subprocess.CalledProcessError: print('ERROR Called proces error at dig gather data bis') continue url_info={ 'domain': scan_info['domain'], 'subdomain': url, 'is_alive': is_alive_clause, 'ip': None, 'isp': None, 'asn': None, 'country': None, 'region': None, 'city': None, 'org': None, 'lat': '0', 'lon': '0' } if has_ip.decode(): value = has_ip.decode().split('\n') ip = value[-2] url_info['ip'] = ip # If alive with IP, we try to find more information gather_additional_info(url_info, scan_info) else: # If not alive, we just add the info we have mongo.add_resource(url_info, scan_info) return