示例#1
0
    def test_parse_output(self):
        script_id = 'smb-check-vulns'
        script_output = 'bla bla MS08-067: VULNERABLE bla bla'

        nsp = NmapScriptParser()
        output = nsp.parse_output(script_id, script_output)
        self.assertIsNotNone(output)
示例#2
0
    def process(self):
        try:
            logging.debug('parsing scan results...')
            self.results = Parser.Parser(self.xml_results)
            session = self.results.get_session()
            if session is None:
                raise SessionError('Unable to read scan session')

            ''' taken from the original pInsertScan sproc:
            CREATE PROCEDURE pInsertScan(IN v_userid INT, IN v_version TEXT, IN v_args TEXT,
               IN v_startstr TEXT, IN v_endstr TEXT)
            BEGIN
            INSERT INTO scans (userId, version, args, startstr, endstr)
            values ( v_userid, v_version, v_args, v_startstr, v_endstr );
            SELECT @@identity;
            END '''
            logging.debug('building scan object')
            try:
                scan = Scan.objects.get(pk=self.scan_id)
            except Scan.DoesNotExist:
                scan = Scan()
            scan.user = User.objects.get(pk=int(self.user_id))
            scan.nmap_version = session.nmap_version
            scan.nmap_args = session.scan_args
            scan.end_time = datetime.datetime.strptime(session.finish_time, '%a %b %d %H:%M:%S %Y')
            scan.save()
            logging.debug('scanid is {0}'.format(scan.pk))

            # save host information
            for h in self.results.all_hosts():
                try:
                    ''' taken from the original pInsertHost sproc:
                    CREATE PROCEDURE pInsertHost(, IN v_sid INT, IN v_ip4 TEXT, IN v_hostname TEXT,
                        IN v_status TEXT, IN v_mac TEXT, IN v_vendor TEXT, IN v_ip6 TEXT, IN v_distance INT,
                        IN v_uptime TEXT, IN v_upstr TEXT)
                    BEGIN
                    INSERT INTO hosts ( sid, ip4, hostname, status, mac, vendor, ip6, distance, uptime,
                    upstr) VALUES ( v_sid, v_ip4, v_hostname, v_status, v_mac, v_vendor, v_ip6, v_distance,
                    v_uptime, v_upstr);
                    SELECT @@identity;
                    END '''
                    logging.debug('parsing host {0}'.format(h.ipv4))
                    host = Host()
                    host.scan = scan
                    host.ip4 = h.ipv4
                    host.hostname = h.hostname
                    host.status = h.status
                    host.mac = h.macaddr
                    # host.ip6 = h.ipv6
                    host.distance = h.distance
                    host.uptime = h.uptime
                    host.last_boot = h.lastboot
                    host.save()
                    logging.debug('hostid is {0}'.format(host.pk))

                    for os_node in h.get_OS():
                        ''' taken from the original pInsertOS sproc:
                        CREATE PROCEDURE pInsertOS (IN v_hid INT, IN v_name TEXT, IN v_family TEXT,
                            IN v_generation TEXT, IN v_type TEXT, IN v_vendor TEXT, IN v_accuracy INT)
                        BEGIN
                        INSERT INTO os (hid, name, family, generation, type, vendor, accuracy)
                        VALUES ( v_hid, v_name, v_family, v_generation, v_type, v_vendor, v_accuracy);
                        END '''
                        os = OperatingSystem()
                        os.name = os_node.name
                        os.family = os_node.family
                        os.generation = os_node.generation
                        os.os_type = os_node.os_type
                        os.vendor = os_node.vendor
                        os.save()
                        host.operating_system = os
                        host.save()

                    # parse TCP and UDP ports
                    self.parse_ports(h, host, proto='tcp')
                    self.parse_ports(h, host, proto='udp')

                    #parse script output
                    try:
                        nsp = NmapScriptParser()
                        for scr in h.get_scripts():
                            vulnId = nsp.parse_output(scr.scriptId, scr.output, host)
                    except Exception as ex:
                        logging.error('Error parsing script output:\n{0}'.format(ex))

                except Exception as ex:
                    logging.error('Error parsing host information.\n{0}'.format(ex))

            scan.state = Scan.COMPLETE
            scan.save()

            from scanner.tasks import send_scan_report # importing here prevents a circular reference
            send_scan_report.delay(scan.pk)

        except Exception as ex:
            logging.error('Error processing results:\n{0}'.format(ex))