示例#1
0
	def parse(self,file_=None,p_id=None,mode=None,action="store"):
		"""
		Objective :
		This method is actually responsible for parsing the report from xml format into a class
		object list where each object/instance would represent a nessus report item /host.
		It would further invoke return_results method passing the nessus object list to it
		"""

		print "In side parse :"
		try:
			try:
				#print "arg is :"+str(sys.argv[0])
				nessus_obj_list = NessusParser.parse_fromfile(file_)
			except Exception ,eee:
				print("file cannot be imported : %s" % file)
				print "Exception 1 :"+str(eee)
				return #continue
			docu = {}
			if mode=="demo":
				self.demo_print(nessus_obj_list)
			else:
				if p_id !=None:
					
					return_val=self.return_results(nessus_obj_list,int(p_id),action)
				else:
					return_val=self.return_results(nessus_obj_list,0,action)
				return return_val
示例#2
0
 def parse(self):
     file_ = self.n_file
     try:
         nessus_obj_list = NessusParser.parse_fromfile(file_)
     except Exception as eee:
         print("file cannot be imported : %s" % file_)
         print("Exception 1 :" + str(eee))
         return
     self.demo_print(nessus_obj_list)
def nessus_parser(nessus_db):
    """
    If user chooses to start from scan.nessus, read the xml and return an nessus_report object
    :param nessus_db:
    :return: nessus_report
    """
    try:
        nessus_report = report = NessusParser.parse_fromfile(nessus_db)
        return nessus_report
    except:
        print("\n[!] Error reading {0}. Does it exist?\n".format(nessus_db))
        exit()
示例#4
0
def main():
    nessus_file = sys.argv[1]
    nessus = NessusParser.parse_fromfile(nessus_file)
    for host in nessus.hosts:
        for vuln in host.get_report_items:
            info = vuln.get_vuln_info
            if info['pluginID'] == '24260':
                port = info['port']
                ip = host.ip
                ssl = verify_ssl(info['plugin_output'])
                take_screenshot(ip, port, ssl)
                continue
    driver.quit()
示例#5
0
tracer = logging.getLogger('elasticsearch.trace')
tracer.setLevel(logging.ERROR)
tracer.addHandler(logging.FileHandler(args.es_trace))

listfiles = args.filename
print listfiles
files = glob.glob(listfiles)

idate = datetime.now().strftime('%Y.%m.%d')
iindex = "nessus-{date}".format(date=idate)
backend.es.indices.create(index=iindex, body=index_settings, ignore=400)
print iindex

for file in files:
    try:
        nessus_obj_list = NessusParser.parse_fromfile(file)
    except:
        print "file cannot be imported : %s" % file
        continue
    for i in nessus_obj_list.hosts:
        docu = {}
        docu['scantime'] = nessus_obj_list.endtime
        docu['host_ip'] = i.ip
        docu['host_name'] = i.name
        docu['host-fqdn'] = i.get_host_property('host-fqdn')
        docu['operating-system'] = i.get_host_property('operating-system')
        docu['system-type'] = i.get_host_property('system-type')
        for v in i.get_report_items:
            docu['vulninfo'] = v.get_vuln_info
            backend.es.index(index=iindex, doc_type="vulnerability", body=docu)
    print "file imported successfully : %s" % file
def parse_nessus():
    '''
    Parse .nessus file
    '''
    report = NessusParser.parse_fromfile(args.nessus)
    return report
示例#7
0
    CLIENT.call('console.read', [c_id])[b'data'].decode('utf8').splitlines()

    if args.nessus:
        # exploits = {'msf_module_name':[(ip, port), (ip, port)]
        exploits = get_exploitable_hosts(report)
        run_nessus_exploits(c_id, exploits)
        remainder_output = wait_on_busy_console(c_id)
    else:
        # hosts = {ip : [(port, banner), (port2, banner2)]
        hosts = get_hosts(report, False)
        nse_scripts = get_nse_scripts(hosts)
        nse_report = run_nse_scripts(nse_scripts)
        nse_hosts = get_hosts(nse_report, True)
        run_nmap_exploits(c_id, hosts, nse_hosts)
        remainder_output = wait_on_busy_console(c_id)


if __name__ == "__main__":
    args = parse_args()
    if os.geteuid():
        print_bad('Run as root')
        sys.exit()
    if args.nessus:
        report = NessusParser.parse_fromfile(args.nessus)
    else:
        report = parse_nmap(args)
    main(report, args)

#TODO
# Add JBoss, Tomcat, Jenkins, WebSphere
示例#8
0
    def import_nessus(self, path_to_directory):
        for file in os.listdir(path_to_directory):
            if file.endswith(".nessus"):
                print "\n[*] importing nessus file: %s\n" % file
                file = "%s%s" % (path_to_directory, file)
                report = NessusParser.parse_fromfile(file)

                for host in report.hosts:
                    ip = host.ip

                    os_fingerprint = host.get_host_property('operating-system')
                    for vuln in host.get_report_items:
                        service = vuln.service
                        proto = vuln.protocol
                        vuln_info = vuln.get_vuln_info
                        port = vuln_info['port']

                        #############################
                        #Vulnerability Infos
                        #############################
                        #vuln db references
                        vuln_cvss_score = ''
                        vuln_cve = ''
                        vuln_osvdb = ''

                        if 'cvss_base_score' in vuln_info:
                            vuln_cvss_score = vuln_info['cvss_base_score']

                        if 'cve' in vuln_info:
                            vuln_cve = ', '.join(vuln_info['cve'])

                        if 'osdvdb' in vuln_info:
                            vuln_osvdb = ', '.join(vuln_info['osvdb'])

                        ##################
                        #vuln descriptions
                        ##################
                        vuln_description = ''
                        vuln_plugin_output = ''
                        vuln_solution = ''
                        vuln_risk = ''
                        vuln_metasploit_availability = ''
                        vuln_patch_pub_date = ''
                        vuln_exploit_available = ''
                        vuln_metaasploit_name = ''
                        vuln_risk_factor = ''
                        vuln_exploitability = ''
                        vuln_metasploit_name = ''
                        vuln_references = ''
                        vuln_plugin_name = ''
                        vuln_metasploit_name = ''

                        if 'description' in vuln_info:
                            vuln_description = vuln_info['description']

                        if 'plugin_name' in vuln_info:
                            vuln_plugin_name = vuln_info['plugin_name']

                        if 'plugin_output' in vuln_info:
                            vuln_plugin_output = vuln_info['plugin_output']

                        if 'solution' in vuln_info:
                            vuln_solution = vuln_info['solution']

                        if 'synopsis' in vuln_info:
                            vuln_risk = vuln_info['synopsis']

                        if 'exploit_framework_metasploit' in vuln_info:
                            vuln_metasploit_availability = str(
                                vuln_info['exploit_framework_metasploit']
                            )  #True or False

                        if 'patch_publication_date' in vuln_info:
                            vuln_patch_pub_date = vuln_info[
                                'patch_publication_date']

                        if 'exploit_available' in vuln_info:
                            vuln_exploit_available = vuln_info[
                                'exploit_available']  #true or false

                        if 'metasploit_name' in vuln_info:
                            vuln_metasploit_name = vuln_info['metasploit_name']

                        if 'risk_factor' in vuln_info:
                            vuln_risk_factor = vuln_info['risk_factor']

                        if 'see_also' in vuln_info:
                            vuln_references = vuln_info['see_also']

                        if 'exploitability_ease' in vuln_info:
                            vuln_exploitability = vuln_info[
                                'exploitability_ease']

                        self.insert_nessus_data(
                            ip, proto, port, service, vuln_risk_factor,
                            vuln_plugin_name, vuln_description, vuln_risk,
                            vuln_solution, vuln_patch_pub_date,
                            vuln_plugin_output, vuln_cvss_score, vuln_cve,
                            vuln_osvdb, vuln_exploitability,
                            vuln_exploit_available,
                            vuln_metasploit_availability, vuln_metasploit_name,
                            vuln_references)
示例#9
0
listfiles = args.filename
print(listfiles)
files = glob.glob(listfiles)

idate = datetime.now().strftime('%Y.%m.%d')
iindex = "nessus-{date}".format(date=idate)
backend.es.indices.create(index=iindex,
                  body=index_settings,
                  ignore=400
                  )
print(iindex)

for file in files:
    try:
        nessus_obj_list = NessusParser.parse_fromfile(file)
    except:
        print("file cannot be imported : %s" % file)
        continue
    for i in nessus_obj_list.hosts:
        docu = {}
        docu['scantime'] = nessus_obj_list.endtime
        docu['host_ip'] = i.ip
        docu['host_name'] = i.name
        docu['host-fqdn'] = i.get_host_property('host-fqdn')
        docu['operating-system'] = i.get_host_property('operating-system')
        docu['system-type'] = i.get_host_property('system-type')
        for v in i.get_report_items:
            docu['vulninfo'] = v.get_vuln_info
            backend.es.index(index=iindex, doc_type="vulnerability", body=docu)
    print("file imported successfully : %s" % file)