def main(workspace='', args=None, parser=None): parser.add_argument('parent', help='Parent ID') parser.add_argument('name', help='Vulnerability Name') parser.add_argument('--reference', help='Vulnerability reference', default='') # Fixme parser.add_argument( '--severity', help='Vulnerability severity', choices=['critical', 'high', 'med', 'low', 'info', 'unclassified'], default='unclassified') parser.add_argument('--resolution', help='Resolution', default='') parser.add_argument('--confirmed', help='Is the vulnerability confirmed', choices=['true', 'false'], default='false') parser.add_argument('--description', help='Vulnerability description', default='') parser.add_argument( '--dry-run', action='store_true', help='Do not touch the database. Only print the object ID') parsed_args = parser.parse_args(args) obj = factory.createModelObject( models.Vuln.class_signature, parsed_args.name, workspace, ref=parsed_args.reference, severity=parsed_args.severity, resolution=parsed_args.resolution, confirmed=(parsed_args.confirmed == 'true'), desc=parsed_args.description, parent_id=parsed_args.parent) old = models.get_vuln(workspace, obj.getID()) if old is None: if not parsed_args.dry_run: models.create_vuln(workspace, obj) else: print "A vulnerability with ID %s already exists!" % obj.getID() return 2, None return 0, obj.getID()
def main(workspace='', args=None, parser=None): parser.add_argument('parent', help='Parent ID') parser.add_argument('name', help='Vulnerability Name') parser.add_argument('--reference', help='Vulnerability reference', default='') # Fixme parser.add_argument('--severity', help='Vulnerability severity', choices=['critical', 'high', 'med', 'low', 'info', 'unclassified'], default='unclassified') parser.add_argument('--resolution', help='Resolution', default='') parser.add_argument('--confirmed', help='Is the vulnerability confirmed', choices=['true', 'false'], default='false') parser.add_argument('--description', help='Vulnerability description', default='') parser.add_argument('--dry-run', action='store_true', help='Do not touch the database. Only print the object ID') parsed_args = parser.parse_args(args) obj = factory.createModelObject(models.Vuln.class_signature, parsed_args.name, workspace, ref=parsed_args.reference, severity=parsed_args.severity, resolution=parsed_args.resolution, confirmed=(parsed_args.confirmed == 'true'), desc=parsed_args.description, parent_id=parsed_args.parent ) old = models.get_vuln(workspace, obj.getID()) if old is None: if not parsed_args.dry_run: models.create_vuln(workspace, obj) else: print "A vulnerability with ID %s already exists!" % obj.getID() return 2, None return 0, obj.getID()
def main(workspace="", args=None, parser=None): WORKSPACE = workspace parser.add_argument("--csv", help="Csv file to import") parsed_args = parser.parse_args(args) if not parsed_args.csv: print "Error: Give a CSV file to import with --csv" return 2, None try: file_csv = open(parsed_args.csv, "r") except: print "Error: Unreadeable CSV file, check the path" raise counter = 0 csv_reader = csv.DictReader(file_csv, delimiter=",", quotechar='"') for register in csv_reader: host, interface, service, vulnerability, vulnerability_web = parse_register(register) # Set all IDs and create objects if host is not None: host.setID(None) if not models.get_host(WORKSPACE, host.getID()): counter += 1 print "New host: " + host.getName() models.create_host(WORKSPACE, host) if interface is not None: interface.setID(host.getID()) if not models.get_interface(WORKSPACE, interface.getID()): counter += 1 print "New interface: " + interface.getName() models.create_interface(WORKSPACE, interface) if service is not None: service.setID(interface.getID()) if not models.get_service(WORKSPACE, service.getID()): counter += 1 print "New service: " + service.getName() models.create_service(WORKSPACE, service) # Check if Service exist, then create the vuln with parent Service. # If not exist the Service, create the vuln with parent Host. if vulnerability is not None: if service is None: vulnerability.setID(host.getID()) else: vulnerability.setID(service.getID()) if not models.get_vuln(WORKSPACE, vulnerability.getID()): counter += 1 print "New vulnerability: " + vulnerability.getName() models.create_vuln(WORKSPACE, vulnerability) elif vulnerability_web is not None: vulnerability_web.setID(service.getID()) if not models.get_web_vuln(WORKSPACE, vulnerability_web.getID()): counter += 1 print "New web vulnerability: " + vulnerability_web.getName() models.create_vuln_web(WORKSPACE, vulnerability_web) print "[*]", counter, "new Faraday objects created." file_csv.close() return 0, None
def main(workspace="", args=None, parser=None): WORKSPACE = workspace parser.add_argument("--csv", help="Csv file to import") parsed_args = parser.parse_args(args) if not parsed_args.csv: print "Error: Give a CSV file to import with --csv" return 2, None try: file_csv = open(parsed_args.csv, "r") except: print "Error: Unreadeable CSV file, check the path" raise counter = 0 csv_reader = csv.DictReader(file_csv, delimiter=",", quotechar='"') for register in csv_reader: host, service, vulnerability, vulnerability_web = parse_register(register) # Set all IDs and create objects if host is not None: old_host = models.get_host(WORKSPACE, ip=host.getName()) if not old_host: counter += 1 print "New host: " + host.getName() models.create_host(WORKSPACE, host) host = models.get_host(WORKSPACE, ip=host.getName()) if service is not None: service.setParent(host.getID()) service_params = { 'name': service.getName(), 'port': service.getPorts()[0], 'protocol': service.getProtocol(), 'host_id': service.getParent() } old_service = models.get_service(WORKSPACE, **service_params) if not old_service: counter += 1 print "New service: " + service.getName() models.create_service(WORKSPACE, service) service = models.get_service(WORKSPACE, **service_params) # Check if Service exist, then create the vuln with parent Service. # If not exist the Service, create the vuln with parent Host. if vulnerability is not None: if host and not service: parent_type = 'Host' parent_id = host.getID() if host and service: parent_type = 'Service' parent_id = service.getID() vulnerability.setParent(parent_id) vulnerability.setParentType(parent_type) vuln_params = { 'name': vulnerability.getName(), 'description': vulnerability.getDescription(), 'parent_type': parent_type, 'parent': parent_id, } if not models.get_vuln(WORKSPACE, **vuln_params): counter += 1 print "New vulnerability: " + vulnerability.getName() models.create_vuln(WORKSPACE, vulnerability) elif vulnerability_web is not None: vuln_web_params = { 'name': vulnerability_web.getName(), 'description': vulnerability_web.getDescription(), 'parent': service.getID(), 'parent_type': 'Service', 'method': vulnerability_web.getMethod(), 'parameter_name': vulnerability_web.getParams(), 'path': vulnerability_web.getPath(), 'website': vulnerability_web.getWebsite(), } vulnerability_web.setParent(service.getID()) if not models.get_web_vuln(WORKSPACE, **vuln_web_params): counter += 1 print "New web vulnerability: " + vulnerability_web.getName() models.create_vuln_web(WORKSPACE, vulnerability_web) print "[*]", counter, "new Faraday objects created." file_csv.close() return 0, None
def main(workspace="", args=None, parser=None): WORKSPACE = workspace parser.add_argument("--csv", help="Csv file to import") parsed_args = parser.parse_args(args) if not parsed_args.csv: print "Error: Give a CSV file to import with --csv" return 2, None try: file_csv = open(parsed_args.csv, "r") except: print "Error: Unreadeable CSV file, check the path" raise counter = 0 csv_reader = csv.DictReader(file_csv, delimiter=",", quotechar='"') for register in csv_reader: host, interface, service, vulnerability, vulnerability_web = parse_register( register) # Set all IDs and create objects if host is not None: host.setID(None) if not models.get_host(WORKSPACE, host.getID()): counter += 1 print "New host: " + host.getName() models.create_host(WORKSPACE, host) if interface is not None: interface.setID(host.getID()) if not models.get_interface(WORKSPACE, interface.getID()): counter += 1 print "New interface: " + interface.getName() models.create_interface(WORKSPACE, interface) if service is not None: service.setID(interface.getID()) if not models.get_service(WORKSPACE, service.getID()): counter += 1 print "New service: " + service.getName() models.create_service(WORKSPACE, service) # Check if Service exist, then create the vuln with parent Service. # If not exist the Service, create the vuln with parent Host. if vulnerability is not None: if service is None: vulnerability.setID(host.getID()) else: vulnerability.setID(service.getID()) if not models.get_vuln(WORKSPACE, vulnerability.getID()): counter += 1 print "New vulnerability: " + vulnerability.getName() models.create_vuln(WORKSPACE, vulnerability) elif vulnerability_web is not None: vulnerability_web.setID(service.getID()) if not models.get_web_vuln(WORKSPACE, vulnerability_web.getID()): counter += 1 print "New web vulnerability: " + vulnerability_web.getName() models.create_vuln_web(WORKSPACE, vulnerability_web) print "[*]", counter, "new Faraday objects created." file_csv.close() return 0, None
def main(workspace="", args=None, parser=None): WORKSPACE = workspace parser.add_argument("--csv", help="Csv file to import") parsed_args = parser.parse_args(args) if not parsed_args.csv: print "Error: Give a CSV file to import with --csv" return 2, None try: file_csv = open(parsed_args.csv, "r") except: print "Error: Unreadeable CSV file, check the path" raise counter = 0 csv_reader = csv.DictReader(file_csv, delimiter=",", quotechar='"') for register in csv_reader: try: host, service, vulnerability, vulnerability_web = parse_register(register) # Set all IDs and create objects if host is not None: old_host = models.get_host(WORKSPACE, ip=host.getName()) if not old_host: counter += 1 print "New host: " + host.getName() try: models.create_host(WORKSPACE, host) except Exception as ex: import ipdb; ipdb.set_trace() host = models.get_host(WORKSPACE, ip=host.getName()) if service is not None: service.setParent(host.getID()) service_params = { 'name': service.getName(), 'port': service.getPorts()[0], 'protocol': service.getProtocol(), 'host_id': service.getParent() } old_service = models.get_service(WORKSPACE, **service_params) if not old_service: counter += 1 print "New service: " + service.getName() models.create_service(WORKSPACE, service) service = models.get_service(WORKSPACE, **service_params) # Check if Service exist, then create the vuln with parent Service. # If not exist the Service, create the vuln with parent Host. if vulnerability is not None: if host and not service: parent_type = 'Host' parent_id = host.getID() if host and service: parent_type = 'Service' parent_id = service.getID() vulnerability.setParent(parent_id) vulnerability.setParentType(parent_type) vuln_params = { 'name': vulnerability.getName(), 'description': vulnerability.getDescription(), 'parent_type': parent_type, 'parent': parent_id, } if not models.get_vuln(WORKSPACE, **vuln_params): counter += 1 print "New vulnerability: " + vulnerability.getName() models.create_vuln(WORKSPACE, vulnerability) elif vulnerability_web is not None: vuln_web_params = { 'name': vulnerability_web.getName(), 'description': vulnerability_web.getDescription(), 'parent': service.getID(), 'parent_type': 'Service', 'method': vulnerability_web.getMethod(), 'parameter_name': vulnerability_web.getParams(), 'path': vulnerability_web.getPath(), 'website': vulnerability_web.getWebsite(), } vulnerability_web.setParent(service.getID()) if not models.get_web_vuln(WORKSPACE, **vuln_web_params): counter += 1 print "New web vulnerability: " + vulnerability_web.getName() models.create_vuln_web(WORKSPACE, vulnerability_web) except ConflictInDatabase: print('Conflict in Database, skiping csv row') except CantCommunicateWithServerError as ex: print(register) print('Error', ex) print "[*]", counter, "new Faraday objects created." file_csv.close() return 0, None