def scanner_import(scanner=None,
filename=None,
addnoports=False,
asset_group=None,
engineer=None,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=False,
**kwargs):
"""
Imports a Scanner XML file to Kvasir
"""
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
if scanner == 'NMAP':
from skaldship.nmap import process_xml
logger.info("Processing nmap file: %s" % (filename))
process_xml(
filename=filename,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NEXPOSE':
from skaldship.nexpose import process_xml
logger.info("Processing Nexpose file: %s" % (filename))
process_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NESSUS':
from skaldship.nessus.processor import process_scanfile
logger.info("Processing Nessus file: %s" % (filename))
process_scanfile(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'METASPLOIT':
from skaldship.metasploit.pro import process_report_xml
logger.info("Processing Metasploit Pro file: %s" % filename)
process_report_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'SHODANHQ':
from skaldship.shodanhq import process_report
logger.info("Processing ShodanHQ file: %s" % (filename))
process_report(
filename=filename,
host_list=kwargs.get('hosts') or [],
query=kwargs.get('query') or None,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
#update_hosts=update_hosts,
)
return True
def import_report_xml():
"""
Upload/import Metasploit XML export file
"""
import time
import os
from skaldship.general import check_datadir
msf_settings = msf_get_config(session)
response.title = "%s :: Import Metasploit Pro Report XML" % (
settings.title)
filedir = os.path.join(request.folder, 'data', 'scanfiles')
fields = []
alert = False
error = None
# buld the dropdown user list
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append([user.id, user.username])
fields.append(
Field('f_filename',
'upload',
uploadfolder=filedir,
label=T('Metasploit XML File')))
# check to see if we have a Metasploit Pro instance configured and talking
# if so pull a list of the workspaces and present them
try:
from MetasploitProAPI import MetasploitProAPI, MSFProAPIError
msf = MetasploitProAPI(host=msf_settings['url'],
apikey=msf_settings['key'])
except ImportError as error:
msf = None
if msf:
try:
msf_reports_res = msf.report_list(
workspace=msf_settings['workspace'])
except MSFProAPIError as error:
msf_reports_res = None
if msf_reports_res:
from datetime import datetime
msf_reports = []
for rpt in list(msf_reports_res.keys()):
report_name = "Generated: %s" % (datetime.strftime(
datetime.fromtimestamp(msf_reports_res[rpt]['created_at']),
"%m-%d-%y %H:%M:%S"))
msf_reports.append([rpt, report_name])
fields.append(
Field('f_msf_report',
type='string',
label=T('MSF Pro Report'),
requires=IS_EMPTY_OR(IS_IN_SET(msf_reports, zero=None))))
fields.append(
Field('f_engineer',
type='integer',
label=T('Engineer'),
default=auth.user.id,
requires=IS_IN_SET(userlist)))
fields.append(
Field('f_asset_group',
type='string',
label=T('Asset Group for new Hosts'),
default="Metasploit Import",
requires=IS_NOT_EMPTY()))
fields.append(
Field('f_include_list', type='text', label=T('Hosts to Only Include')))
fields.append(
Field('f_ignore_list', type='text', label=T('Hosts to Ignore')))
fields.append(
Field('f_update_hosts',
type='boolean',
default=True,
label=T('Update Existing Hosts')))
fields.append(
Field('f_taskit',
type='boolean',
default=auth.user.f_scheduler_tasks,
label=T('Run in background task')))
form = SQLFORM.factory(*fields, table_name='metasploit_xml')
if form.errors:
response.flash = 'Error in form'
elif form.accepts(request.vars, session):
# build the hosts only/exclude list
ip_exclude = []
data = form.vars.get('f_ignore_list')
if data:
ip_exclude = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
ip_include = []
data = form.vars.get('f_include_list')
if data:
ip_include = data.split('\r\n')
# TODO: check for ip subnet/range and break it out to individuals
if form.vars.f_msf_report:
try:
msf_report = msf.report_download(rptid=form.vars.f_msf_report)
except MSFProAPIError as error:
error = "Unable to download report from Metasploit Pro: %s" % (
str(error))
return dict(form=form, alert=True, error=error)
check_datadir(request.folder)
filename = os.path.join(
filedir, "msfpro-%s-%s.xml" %
(msf_settings['workspace'], int(time.time())))
fout = open(filename, "w")
fout.write(msf_report['data'])
fout.close()
del (msf_report)
else:
filename = os.path.join(filedir, form.vars.f_filename)
if form.vars.f_taskit:
task = scheduler.queue_task(
scanner_import,
pvars=dict(
scanner='metasploit',
filename=filename,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
response.flash = "Error submitting job: %s" % (task.errors)
else:
from skaldship.metasploit.pro import process_report_xml
logger.info("Starting Metasploit XML Import")
result = process_report_xml(
filename=filename,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
)
response.flash = result
redirect(URL('default', 'index'))
return dict(form=form, alert=alert, error=error)
),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout
)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
response.flash = "Error submitting job: %s" % (task.errors)
else:
from skaldship.metasploit.pro import process_report_xml
logger.info("Starting Metasploit XML Import")
result = process_report_xml(
filename=filename,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
)
response.flash = result
redirect(URL('default', 'index'))
return dict(form=form, alert=alert, error=error)
##-------------------------------------------------------------------------
## sending data to metasploit
##-------------------------------------------------------------------------
@auth.requires_login()
def send_scanxml():
def scanner_import(
scanner=None,
filename=None,
addnoports=False,
asset_group=None,
engineer=None,
msf_settings={},
ip_ignore_list=None,
ip_include_list=None,
update_hosts=False,
**kwargs
):
"""
Imports a Scanner XML file to Kvasir
"""
if not isinstance(scanner, str):
return False
scanner = scanner.upper()
if scanner == 'NMAP':
from skaldship.nmap import process_xml
logger.info("Processing nmap file: %s" % (filename))
process_xml(
filename=filename,
addnoports=addnoports,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NEXPOSE':
from skaldship.nexpose import process_xml
logger.info("Processing Nexpose file: %s" % (filename))
process_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'NESSUS':
from skaldship.nessus.processor import process_scanfile
logger.info("Processing Nessus file: %s" % (filename))
process_scanfile(
filename=filename,
asset_group=asset_group,
engineer=engineer,
msf_settings=msf_settings,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'METASPLOIT':
from skaldship.metasploit.pro import process_report_xml
logger.info("Processing Metasploit Pro file: %s" % filename)
process_report_xml(
filename=filename,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
update_hosts=update_hosts,
)
elif scanner == 'SHODANHQ':
from skaldship.shodanhq import process_report
logger.info("Processing ShodanHQ file: %s" % (filename))
process_report(
filename=filename,
host_list=kwargs.get('hosts') or [],
query=kwargs.get('query') or None,
asset_group=asset_group,
engineer=engineer,
ip_ignore_list=ip_ignore_list,
ip_include_list=ip_include_list,
#update_hosts=update_hosts,
)
return True
),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout
)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
response.flash = "Error submitting job: %s" % (task.errors)
else:
from skaldship.metasploit.pro import process_report_xml
logger.info("Starting Metasploit XML Import")
result = process_report_xml(
filename=filename,
asset_group=form.vars.f_asset_group,
engineer=form.vars.f_engineer,
ip_ignore_list=ip_exclude,
ip_include_list=ip_include,
update_hosts=form.vars.f_update_hosts,
)
response.flash = result
redirect(URL('default', 'index'))
return dict(form=form, alert=alert, error=error)
##-------------------------------------------------------------------------
## sending data to metasploit
##-------------------------------------------------------------------------
@auth.requires_login()
def send_scanxml():
