def _create_asset_on_import(asset_value, scan, asset_type='unknown', parent=None): evt_prefix = "[EngineTasks/_create_asset_on_import()]" Event.objects.create(message="{} Create: '{}/{} from parent {}'.".format( evt_prefix, asset_value, asset_type, parent), type="DEBUG", severity="INFO", scan=scan) # create assets if data_type is ip-subnet or ip-range if scan and net.is_valid_ip(asset_value): assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range']) asset_type = "ip" # Search parent asset parent_asset = None for pa in assets: if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value): parent_asset = pa break if parent_asset: name = asset_value criticity = parent_asset.criticity owner = parent_asset.owner else: name = asset_value criticity = 'medium' owner = get_user_model().objects.filter(username='******').first() else: if net.is_valid_ip(asset_value): asset_type = "ip" elif net._is_valid_domain(asset_value): asset_type = "domain" elif net._is_valid_url(asset_value): asset_type = "url" else: asset_type = "keyword" # default :/ name = asset_value criticity = 'medium' owner = get_user_model().objects.filter(username='******').first() # Create the new asset ... asset_args = { 'value': asset_value, 'name': name, 'type': asset_type, 'criticity': criticity, 'description': "Asset dynamically created", 'owner': owner } asset = Asset(**asset_args) asset.save() # Add teams related to scan for team in scan.scan_definition.teams.all(): asset.teams.add(team) # Add the asset to the scan scan.assets.add(asset) # Then add the asset to every related asset groups for ag in AssetGroup.objects.filter( assets__type__in=['ip-subnet', 'ip-range']): for aga in ag.assets.all(): if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value): ag.assets.add(asset) ag.save() ag.calc_risk_grade() ag.save() # Creation/Update of the AssetGroup if parent is not None: Event.objects.create( message="{} Looking for a group named : {}".format( evt_prefix, parent), type="DEBUG", severity="INFO", scan=scan) asset_group = AssetGroup.objects.filter( name="{} assets".format(parent)).first() if asset_group is None: # Create an asset group dynamically Event.objects.create(message="{} Create a group named : {}".format( evt_prefix, parent), type="DEBUG", severity="INFO", scan=scan) assetgroup_args = { 'name': "{} assets".format(parent), 'criticity': criticity, 'description': "AssetGroup dynamically created", 'owner': owner } asset_group = AssetGroup(**assetgroup_args) asset_group.save() Event.objects.create(message="{} Add {} in group {}".format( evt_prefix, asset, parent), type="DEBUG", severity="INFO", scan=scan) # Add the asset to the new group asset_group.assets.add(asset) asset_group.save() # Caculate the risk grade asset_group.calc_risk_grade() asset_group.save() if "new_assets_group" in scan.scan_definition.engine_policy.options.keys( ) and scan.scan_definition.engine_policy.options[ "new_assets_group"] not in ["", None]: asset_groupname = str( scan.scan_definition.engine_policy.options["new_assets_group"]) Event.objects.create( message="{} Looking for a group named : {}".format( evt_prefix, asset_groupname), type="DEBUG", severity="INFO", scan=scan) asset_group = AssetGroup.objects.filter(name=asset_groupname).first() if asset_group is None: assetgroup_args = { 'name': asset_groupname, 'criticity': criticity, 'description': "AssetGroup dynamically created by policy", 'owner': owner } asset_group = AssetGroup(**assetgroup_args) asset_group.save() Event.objects.create(message="{} Add {} in group {}".format( evt_prefix, asset, asset_groupname), type="DEBUG", severity="INFO", scan=scan) # Add the asset to the group asset_group.assets.add(asset) asset_group.save() # Caculate the risk grade asset_group.calc_risk_grade() asset_group.save() return asset
def _create_asset_on_import(asset_value, scan, asset_type='unknown', parent=None): Event.objects.create( message= "[EngineTasks/_create_asset_on_import()] create: '{}/{} from parent {}'." .format(asset_value, asset_type, parent), type="DEBUG", severity="INFO", scan=scan) # create assets if data_type is ip-subnet or ip-range if scan and net.is_valid_ip(asset_value): assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range']) asset_type = "ip" # Search parent asset parent_asset = None for pa in assets: if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value): parent_asset = pa break if parent_asset: name = "{} (from '{}')".format(asset_value, parent_asset.name) criticity = parent_asset.criticity owner = parent_asset.owner else: name = asset_value criticity = 'medium' owner = User.objects.filter(username='******').first() else: if net.is_valid_ip(asset_value): asset_type = "ip" elif net._is_valid_domain(asset_value): asset_type = "domain" elif net._is_valid_url(asset_value): asset_type = "url" else: asset_type = "fqdn" # default :/ name = asset_value criticity = 'medium' owner = User.objects.filter(username='******').first() # Create the new asset ... asset_args = { 'value': asset_value, 'name': name, 'type': asset_type, 'criticity': criticity, 'description': "Asset dynamically created", 'owner': owner } asset = Asset(**asset_args) asset.save() scan.assets.add(asset) # Then add the asset to every related asset groups for ag in AssetGroup.objects.filter( assets__type__in=['ip-subnet', 'ip-range']): for aga in ag.assets.all(): if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value): ag.assets.add(asset) ag.save() ag.calc_risk_grade() ag.save() # Creation/Update of the AssetGroup if parent is not None: Event.objects.create( message= "[EngineTasks/_create_asset_on_import()] Looking for a group named : {}" .format(parent), type="DEBUG", severity="INFO", scan=scan) asset_group = AssetGroup.objects.filter( name="{} assets".format(parent)).first() if asset_group is None: # Create an asset group dynamically Event.objects.create( message= "[EngineTasks/_create_asset_on_import()] Create a group named : {}" .format(parent), type="DEBUG", severity="INFO", scan=scan) assetgroup_args = { 'name': "{} assets".format(parent), 'criticity': criticity, 'description': "AssetGroup dynamically created", 'owner': owner } asset_group = AssetGroup(**assetgroup_args) asset_group.save() Event.objects.create( message="[EngineTasks/_create_asset_on_import()] Add {} in group {}" .format(asset, parent), type="DEBUG", severity="INFO", scan=scan) # Add the asset to the new group asset_group.assets.add(asset) asset_group.save() # Caculate the risk grade asset_group.calc_risk_grade() asset_group.save() return asset
def _create_asset_on_import(asset_value, scan, asset_type='ip'): Event.objects.create( message="[EngineTasks/_create_asset_on_import()] create: '{}/{}'.". format(asset_value, asset_type), type="DEBUG", severity="INFO", scan=scan) # create assets if data_type is ip-subnet or ip-range assets = scan.assets.filter(type__in=['ip-subnet', 'ip-range']) if assets.count() == 0: Event.objects.create( message= "[EngineTasks/_create_asset_on_import()] asset '{}/{}' not created." .format(asset_value, asset_type), type="DEBUG", severity="INFO", scan=scan, description="Not an ip-subnet or ip-range") return False # Search parent asset parent_asset = None for pa in assets: if net.is_ip_in_ipset(ip=asset_value, ipset=pa.value): parent_asset = pa break if parent_asset == None: Event.objects.create( message= "[EngineTasks/_create_asset_on_import()] asset '{}/{}' not created." .format(asset_value, asset_type), type="DEBUG", severity="INFO", scan=scan, description="No parent asset found") return False # Create the new asset ... asset_args = { 'value': asset_value, 'name': "{} (from '{}')".format(asset_value, parent_asset.name), 'type': asset_type, 'criticity': parent_asset.criticity, 'description': "Asset dynamically created. Imported desc: {}".format( parent_asset.description), 'owner': parent_asset.owner } asset = Asset(**asset_args) asset.save() scan.assets.add(asset) # Then add the asset to every related asset groups for ag in AssetGroup.objects.filter( assets__type__in=['ip-subnet', 'ip-range']): for aga in ag.assets.all(): if net.is_ip_in_ipset(ip=asset_value, ipset=aga.value): ag.assets.add(asset) ag.save() ag.calc_risk_grade() ag.save() return asset