def __validate_sort_field(self): """ Ensure that the field in self.sort_field is a valid field to be sorted upon. :return: None """ ValidationHelper.validate_in(to_check=self.sort_field, contained_by=self.sortable_fields)
def __validate_export_value(self): """ Ensure that the value in self.export_argument is a valid string to export via. :return: None """ ValidationHelper.validate_in(to_check=self.export_argument, contained_by=self.exporter_map_keys)
def test_ssl_service_for_ssl_vulnerability( self, org_uuid=None, network_service_uuid=None, network_service_scan_uuid=None, vulnerability_name=None, ): """ Test the given network service for the specified SSL vulnerability. :param org_uuid: The UUID of the organization to enumerate SSL vulnerabilities on behalf of. :param network_service_uuid: The UUID of the network service that is being scanned. :param network_service_scan_uuid: The UUID of the network service scan that this enumeration is a part of. :param vulnerability_name: A string representing the vulnerability to test for. :return: None """ logger.info( "Now testing network service %s for SSL vulnerability %s." % (network_service_uuid, vulnerability_name) ) command_map = get_ssl_vulnerabilities_command_map() ValidationHelper.validate_in(to_check=vulnerability_name, contained_by=command_map.keys()) command = command_map[vulnerability_name]["command"] ip_address, port, protocol = self.get_endpoint_information(network_service_uuid) scanner = SynchronousScanner() server_info = ServerConnectivityInfo(hostname=ip_address, ip_address=ip_address, port=port) try: server_info.test_connectivity_to_server() except ServerConnectivityError as e: logger.warning( "ServerConnectivityError thrown when attempting to test SSL at %s:%s for %s vulnerability: %s" % (ip_address, port, vulnerability_name, e.message) ) return try: result = scanner.run_scan_command(server_info, command()) vuln_model = SslVulnerabilityModel.from_database_model_uuid( uuid=network_service_scan_uuid, db_session=self.db_session, test_errored=False, vuln_test_name=vulnerability_name, ) vuln_model.test_results = [] for field in command_map[vulnerability_name]["fields"]: vuln_model.test_results.append({ "key": field, "value": getattr(result, field), }) vuln_model.save(org_uuid) except (socket.error, OpenSSLError): vuln_model = SslVulnerabilityModel.from_database_model_uuid( uuid=network_service_scan_uuid, db_session=self.db_session, test_errored=True, ) vuln_model.save(org_uuid) logger.info( "Network service %s successfully tested for SSL vulnerability %s." % (network_service_uuid, vulnerability_name) )
def _validate_queryable_field(self, field): """ Validate that the given field is a field that can be queried upon in self.queried_class. :param field: The field to check. :return: None """ if "." in field: field = field[:field.find(".")] ValidationHelper.validate_in(to_check=field, contained_by=self.queryable_fields)
def probe_module(self, new_value): """ Set the probe module that Zmap should use to connect to the referenced endpoints. :param new_value: A string representing the probe module that Zmap should use to connect to the referenced endpoints. :return: None """ ValidationHelper.validate_in( to_check=new_value, contained_by=self.possible_probe_modules, ) self._probe_module = new_value
def add_aggregate_for_class(self, model_class=None, aggregate=None): """ Add the given aggregate to the nested aggregates currently held by this object for the given class. :param model_class: The model class to add the aggregate for. :param aggregate: The aggregate to add. :return: None """ ValidationHelper.validate_in(to_check=model_class, contained_by=self.queried_classes) doc_type = model_class.get_doc_type() if doc_type not in self._aggregates: nested_aggregate = NestedElasticsearchAggregate(name=doc_type) nested_aggregate.filter_by_class(model_class) self.add_aggregate(nested_aggregate) self._aggregates[doc_type].add_child_aggregate(aggregate)