def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.User.users(self.connection.console_url, params.get('user_id')) self.logger.info("Using %s ..." % endpoint) # Get the existing details so the specific role ID key can be modified payload = resource_helper.resource_request(endpoint=endpoint) # Delete keys not required for user update del(payload['links']) del(payload['role']['name']) del(payload['role']['privileges']) # Set role and permissions payload['role']['id'] = params.get('role_id') payload['role']['allAssetGroups'] = params.get('access_all_asset_groups') payload['role']['allSites'] = params.get('access_all_sites') # Validate/fix the user configuration payload = resource_helper.validate_user(self.connection.console_url, payload) # Modify the role if validated response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=payload) return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) name = params.get("name") address = params.get("address") endpoint = endpoints.ScanEngine.scan_engines( self.connection.console_url) engines = resource_helper.resource_request(endpoint=endpoint) # Not paged for some reason... engines = engines['resources'] # Process filters if name == '': name = None if address == '': address = None if name: regex = re.compile(name, re.IGNORECASE) filtered_engines = [] for e in engines: if regex.match(e['name']): filtered_engines.append(e) self.logger.info("Returning %d scan engines based on filters..." % (len(filtered_engines))) engines = filtered_engines if address: regex = re.compile(address, re.IGNORECASE) filtered_engines = [] for e in engines: if regex.match(e['address']): filtered_engines.append(e) self.logger.info("Returning %d scan engines based on filters..." % (len(filtered_engines))) engines = filtered_engines # Remove the default engine pool if it's in the list... for idx, e in enumerate(engines): if e['name'] == 'Default Engine Pool': del (engines[idx]) # Request engine pools separately because the API is broken atm for e in engines: endpoint = endpoints.ScanEngine.scan_engine_pools( self.connection.console_url, e['id']) scan_engine_pools_response = resource_helper.resource_request( endpoint=endpoint) pools = [] for pool in scan_engine_pools_response['resources']: pools.append(pool['id']) e['enginePools'] = pools return {"scan_engines": engines}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) engine_id = params.get('id') endpoint = endpoints.ScanEngine.scan_engines(self.connection.console_url, engine_id) scan_engine_response = resource_helper.resource_request(endpoint=endpoint) # Request engine pools separately because the API is broken atm endpoint = endpoints.ScanEngine.scan_engine_pools(self.connection.console_url, engine_id) scan_engine_pools_response = resource_helper.resource_request(endpoint=endpoint) pools = [] for pool in scan_engine_pools_response['resources']: pools.append(pool['id']) scan_engine_response['enginePools'] = pools return {"scan_engine": scan_engine_response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) site_id = params.get('id') state = params.get('active') params = {"active": state} # # If a filter was provided, first get the site name because it's not provided # in the results from the site scans endpoint and this action should be # consistent even when the API is not. # if site_id: endpoint = endpoints.Site.sites(self.connection.console_url, site_id) response = resource_helper.resource_request(endpoint) site_name = response['name'] endpoint = endpoints.Scan.site_scans(self.connection.console_url, site_id) else: site_name = None endpoint = endpoints.Scan.scans(self.connection.console_url) response = resource_helper.paged_resource_request(endpoint=endpoint, params=params) # Add the name and ID if necessary if site_id: for r in response: r['siteId'] = site_id r['siteName'] = site_name return {"scans": response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) cve_id = params.get('cve_id') endpoint = endpoints.Vulnerability.vulnerability_checks( self.connection.console_url) self.logger.info(f"Using {endpoint}...") params = {"search": cve_id} results = resource_helper.paged_resource_request(endpoint=endpoint, method='get', params=params) # Get unique vulnerability IDs vuln_ids = set() for r in results: vuln_ids.add(r['vulnerability']) self.logger.info( f"Received {len(vuln_ids)} vulnerability IDs from search, getting details..." ) # Get vulnerability details vulns = [] for v in vuln_ids: endpoint = endpoints.Vulnerability.vulnerability( self.connection.console_url, v) response = resource_helper.resource_request(endpoint=endpoint) vulns.append(response) return {"vulnerabilities": vulns}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) name = params.get("name") endpoint = endpoints.ScanEnginePool.scan_engine_pools(self.connection.console_url) engine_pools = resource_helper.resource_request(endpoint=endpoint) # Not paged for some reason... engine_pools = engine_pools['resources'] # Process filters if name == '': name = None if name: regex = re.compile(name, re.IGNORECASE) filtered_engine_pools = [] for e in engine_pools: if regex.match(e['name']): filtered_engine_pools.append(e) self.logger.info("Returning %d scan engine pools based on filters..." % (len(filtered_engine_pools))) engine_pools = filtered_engine_pools # Add an engines key to the default engine pool if it's in the list... for e in engine_pools: if e['name'] == 'Default Engine Pool': e['engines'] = [] return {"scan_engine_pools": engine_pools}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) payload = {} scope = {} submit = {} scope['id'] = params.get('scope') scope['type'] = params.get('type') if scope['type'] == 'Instance': if params.get('key', '') != '': scope['key'] = params.get('key') if params.get('port', 0) != 0: scope['port'] = params.get('port') scope['vulnerability'] = params.get('vulnerability') submit['reason'] = params.get('reason', 'Other') submit['comment'] = params.get('comment', 'Created with InsightConnect') payload['scope'] = scope payload['submit'] = submit payload['expires'] = params.get('expiration', '') if payload['expires'] == '': payload.pop('expires', None) payload['state'] = 'Under Review' endpoint = endpoints.VulnerabilityException.vulnerability_exceptions( self.connection.console_url) response = resource_helper.resource_request(endpoint=endpoint, method='post', payload=payload) return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) tag_id = params.get("id") endpoint = endpoints.Tag.tags(self.connection.console_url, tag_id) self.logger.info("Using %s ..." % endpoint) tag = resource_helper.resource_request(endpoint) return {"tag": tag}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) scan_id = params.get('id') status = params.get('status') endpoint = endpoints.Scan.scan_status(self.connection.console_url, scan_id, status) response = resource_helper.resource_request(endpoint=endpoint, method='post') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) site_id = params.get("id") endpoint = endpoints.Site.sites(self.connection.console_url, site_id) self.logger.info("Using %s ..." % endpoint) site = resource_helper.resource_request(endpoint) return {"site": site}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) tag_id = params.get("id") endpoint = endpoints.Tag.tag_asset_groups(self.connection.console_url, tag_id) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='delete') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) site_id = params.get("site_id") endpoint = endpoints.Scan.site_scans(self.connection.console_url, site_id) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='post') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) asset_group_id = params.get("id") endpoint = endpoints.AssetGroup.asset_groups( self.connection.console_url, asset_group_id) self.logger.info("Using %s ..." % endpoint) asset_group = resource_helper.resource_request(endpoint) return {"asset_group": asset_group}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.User.user_sites(self.connection.console_url, params.get('user_id'), params.get('site_id')) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='put') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) id = params.get('id') endpoint = endpoints.Vulnerability.vulnerability( self.connection.console_url, id) self.logger.info(f"Using {endpoint}...") response = resource_helper.resource_request(endpoint=endpoint) return {"vulnerability": response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.AuthenticationSource.authentication_sources( self.connection.console_url, params.get('id')) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint) return {"authentication_source": response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) self.logger.info(f"Deleting site ID {params.get(Input.ID)}") endpoint = endpoints.Site.sites(self.connection.console_url, params.get(Input.ID)) response = resource_helper.resource_request(endpoint=endpoint, method='delete') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.User.users(self.connection.console_url, params.get('id')) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint) return {"user": response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.ScanEnginePool.scan_engine_pools( self.connection.console_url, params['id']) response = resource_helper.resource_request(endpoint=endpoint, method='delete') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) asset_id = params.get(Input.ID) endpoint = endpoints.Asset.assets(self.connection.console_url, asset_id) self.logger.info("Using %s ..." % endpoint) asset = resource_helper.resource_request(endpoint) return {Output.ASSET: asset}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.User.user_asset_groups(self.connection.console_url, params.get('user_id')) payload = params.get('asset_group_ids') self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=payload) return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) id_ = params['exception_id'] endpoint = endpoints.VulnerabilityException.vulnerability_exception( self.connection.console_url, id_) response = resource_helper.resource_request(endpoint=endpoint, method='delete') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) tag_id = params.get('id') self.logger.info("Deleting tag ID %d" % tag_id) endpoint = endpoints.Tag.tags(self.connection.console_url, tag_id) response = resource_helper.resource_request(endpoint=endpoint, method='delete') return response
def run(self, params={}): scope = params.get(Input.INCLUDED_TARGETS) resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.Site.site_included_targets( self.connection.console_url, params.get(Input.ID)) # Pull current site scope in order to append to list instead of overwriting if not params.get(Input.OVERWRITE): current_scope = resource_helper.resource_request(endpoint=endpoint, method='get') self.logger.info(f"Appending to current list of included targets") scope.extend(current_scope['addresses']) self.logger.info(f"Using {endpoint} ...") response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=scope) return {"id": params.get(Input.ID), "links": response['links']}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) engine_pool_id = params.get('id') endpoint = endpoints.ScanEnginePool.scan_engine_pools( self.connection.console_url, engine_pool_id) response = resource_helper.resource_request(endpoint=endpoint) # Add the engines key if it is the Default Engine Pool if response['name'] == 'Default Engine Pool': response['engines'] = [] return {"scan_engine_pool": response}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) asset_id = params.get(Input.ASSET_ID) endpoint = endpoints.Asset.asset_software(self.connection.console_url, asset_id) self.logger.info("Using %s ..." % endpoint) software = resource_helper.resource_request(endpoint=endpoint) return {Output.SOFTWARE: software['resources']}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) tag_id = params.get("id") endpoint = endpoints.Tag.tag_asset_groups(self.connection.console_url, tag_id) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint) if 'resources' in response: return {"asset_group_ids": response['resources']} else: return {"asset_group_ids": []}
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) asset_group_id = params.get("asset_group_id") tag_id = params.get("tag_id") endpoint = endpoints.AssetGroup.asset_group_tags( self.connection.console_url, asset_group_id, tag_id) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='put') return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) endpoint = endpoints.User.users(self.connection.console_url, params.get('id')) self.logger.info("Using %s ..." % endpoint) # Get the existing details so the specific key can be modified payload = resource_helper.resource_request(endpoint=endpoint) # Delete keys not required for user update del (payload['links']) del (payload['role']['name']) del (payload['role']['privileges']) # Set status payload['enabled'] = True response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=payload) return response
def run(self, params={}): resource_helper = ResourceHelper(self.connection.session, self.logger) asset_group_id = params.get("id") search_criteria = params.get("searchCriteria") endpoint = endpoints.AssetGroup.asset_group_search_criteria( self.connection.console_url, asset_group_id) self.logger.info("Using %s ..." % endpoint) response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=search_criteria) return response