def scanner(): utils = Utils() scanner = Scanner() logger.info('Scanner process started') while True: if not rds.is_session_active(): time.sleep(10) continue conf = rds.get_scan_config() if not conf: time.sleep(10) continue hosts = rds.get_ips_to_scan( limit=conf['config']['scan_opts']['parallel_scan']) if hosts: conf = rds.get_scan_config() scan_data = scanner.scan( hosts, max_ports=conf['config']['scan_opts']['max_ports'], custom_ports=conf['config']['scan_opts']['custom_ports'], interface=conf['config']['scan_opts']['interface']) if scan_data: for host, values in scan_data.items(): if 'ports' in values and values['ports']: logger.info('Discovered Asset: {}'.format(host)) logger.debug('Host: {}, Open Ports: {}'.format( host, values['ports'])) rds.store_topology(host) rds.store_sca(host, values) rds.store_inv(host, values) else: if values['status_reason'] == 'echo-reply': logger.info('Discovered Asset: {}'.format(host)) rds.store_topology(host)
def scanner(): scanner = Scanner() logger.info('Scanner process started') while True: if not rds.is_session_active(): time.sleep(10) continue conf = rds.get_scan_config() if not conf: time.sleep(10) continue c = ConfParser(conf) hosts = rds.get_ips_to_scan(limit=c.get_cfg_scan_threads()) if hosts: conf = rds.get_scan_config() scan_data = scanner.scan(hosts, max_ports=c.get_cfg_max_ports(), custom_ports=c.get_cfg_custom_ports(), interface=c.get_cfg_netinterface()) if scan_data: for host, values in scan_data.items(): if 'ports' in values and values['ports']: logger.info('Discovered Asset: {}'.format(host)) logger.debug('Host: {}, Open Ports: {}'.format( host, values['ports'])) rds.store_topology(host) rds.store_sca(host, values) rds.store_inv(host, values) else: if values['status_reason'] == 'echo-reply': logger.info('Discovered Asset: {}'.format(host)) rds.store_topology(host)
def view_download(file): if not file: return {'status': 'file is missing'}, 400 if file == 'server_log': response = send_from_directory(directory='logs', filename=config.WEB_LOG, as_attachment=True, cache_timeout=0) return response else: data = rds.get_vuln_data() conf = rds.get_scan_config() if not data and not conf: flash('There is no data in the system for report generation', 'error') return redirect('/reports') if file == 'report_html': report_file = generate_html(data, conf) response = send_from_directory(directory='reports', filename=report_file, as_attachment=True, cache_timeout=0) return response elif file == 'report_txt': report_file = generate_txt(data) response = send_from_directory(directory='reports', filename=report_file, as_attachment=True, cache_timeout=0) return response elif file == 'report_csv': report_file = generate_csv(data) response = send_from_directory(directory='reports', filename=report_file, as_attachment=True, cache_timeout=0) return response elif file == 'report_xml': report_file = generate_xml(data) response = send_from_directory(directory='reports', filename=report_file, as_attachment=True, cache_timeout=0) return response
def get(self, action=None): if not action: return {'status':'action type is missing'}, 400 if action == 'status': state = rds.get_session_state() data = rds.get_vuln_data() cfg = rds.get_scan_config() if not state: state = 'idle' return {'status':state, 'vulnerabilities':data, 'scan_config':cfg} return {'status':'unsupported action'}, 400
def dashboard(): chart = Charts() networks = [] domains = [] hosts = rds.get_topology() cfg = rds.get_scan_config() vulns = rds.get_vuln_data() if cfg: networks = cfg['targets']['networks'] domains = cfg['targets']['domains'] return render_template('dashboard.html', hosts=hosts, networks=networks, last_scan=rds.get_last_scan(), scan_count=rds.get_scan_count(), domains=domains, vulns=vulns, chart=chart.make_doughnut(vulns), radar=chart.make_radar(vulns))
def attacker(): count = 0 logger.info('Attacker process started') while True: conf = rds.get_scan_config() if not conf: time.sleep(10) continue run_rules(conf) count += 1 if count == conf['config']['scan_opts']['parallel_attack']: time.sleep(30) count = 0 if threading.active_count() > 50: logger.debug( 'Sleeping for 30 seconds to control threads (Threads: {})'. format(threading.active_count())) time.sleep(30)
def show_frequency(): config = rds.get_scan_config() scan_frequency = None if config: scan_frequency = config['config']['frequency'] return dict(frequency=scan_frequency)
if rule.rule in exclusions and ip in exclusions[rule.rule]: logger.debug('Skipping rule {} for target {}'.format(rule.rule, ip)) continue if conf['config']['allow_aggressive'] >= rule.intensity: thread = threading.Thread(target=rule.check_rule, args=(ip, port, values, conf)) thread.start() def attacker(): count = 0 logger.info('Attacker process started') while True: conf = rds.get_scan_config() if not conf: time.sleep(10) continue run_rules(conf) count += 1 if count == conf['config']['scan_opts']['parallel_attack']: time.sleep(30) count = 0 if threading.active_count() > 50: logger.debug('Sleeping for 30 seconds to control threads (Threads: {})'.format(threading.active_count())) time.sleep(30)
def scheduler(): logger.info('Scheduler process started') net_utils = Network() int_utils = Integration() while True: time.sleep(10) session_state = rds.get_session_state() if not session_state or session_state != 'created': continue config = rds.get_scan_config() if not config: continue conf = ConfParser(config) networks = conf.get_cfg_networks() domains = conf.get_cfg_domains() excluded_networks = conf.get_cfg_exc_networks() excluded_networks.append(net_utils.get_primary_ip() + '/32') frequency = conf.get_cfg_frequency() if frequency == 'once': rds.start_session() if networks: schedule_ips(networks, excluded_networks) if domains: schedule_domains(domains) checks = 0 while True: if rds.is_session_active(): checks = 0 else: checks += 1 if checks == 10: logger.info('Session is about to end...') webhook = conf.get_cfg_webhook() email_settings = rds.get_email_settings() slack_settings = rds.get_slack_settings() vuln_data = rds.get_vuln_data() logger.info('Post assessment actions will now be taken...') if webhook: int_utils.submit_webhook(webhook, cfg = conf.get_raw_cfg(), data = vuln_data) if email_settings: logger.info('Sending email...') email_settings['action'] = 'send' send_email(email_settings, vuln_data) if slack_settings: int_utils.submit_slack(hook = slack_settings, data = vuln_data) rds.end_session() break time.sleep(20) elif frequency == 'continuous': rds.start_session() if networks: schedule_ips(networks, excluded_networks) if domains: schedule_domains(domains) checks = 0 while True: if rds.is_session_active(): checks = 0 else: checks += 1 if checks == 10: logger.info('Session is about to end...') webhook = conf.get_cfg_webhook() vuln_data = rds.get_vuln_data() logger.info('Post assessment actions will now be taken...') if webhook: int_utils.submit_webhook(webhook, cfg = conf.get_raw_cfg(), data = vuln_data) rds.create_session() break time.sleep(20)