def import_scan(): """ Upload and import Nexpose Scan file """ msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False from skaldship.general import check_datadir import time import os filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nessus Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) nessus_config = nessus_get_config() # {'ignored_vulnids': [19506, 11219, 34277], # 'servers': {'server_1': {'password': '******', # 'url': 'https://localhost:8834/', # 'user': '******'}}} nessusreports = [[0, None]] import NessusAPI #if auth.user.f_nessus_host is not None: servers = nessus_config.get('servers', {}) for k, v in servers.iteritems(): try: # check to see if NessusAPI is working nessus = NessusAPI.NessusConnection(v.get('user'), v.get('password'), url=v.get('url')) reports = nessus.list_reports() for report in reports: ts = time.ctime(float(report.timestamp)) nessusreports.append([ "%s:%s" % (k, report.name), "%s: %s - %s (%s)" % (k, report.readablename, ts, report.status) ]) except Exception, e: logger.error("Error communicating with %s: %s" % (k, str(e)))
def import_scan(): """ Upload and import Nexpose Scan file """ msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitAPI import MetasploitAPI msf_api = MetasploitAPI(host=msf_settings["url"], apikey=msf_settings["key"]) working_msf_api = msf_api.login() except: working_msf_api = False from skaldship.general import check_datadir import time import os filedir = os.path.join(request.folder, "data", "scanfiles") response.title = "%s :: Import Nessus Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) nessus_config = nessus_get_config(session) # {'ignored_vulnids': [19506, 11219, 34277], # 'servers': {'server_1': {'password': '******', # 'url': 'https://localhost:8834/', # 'user': '******'}}} nessusreports = [[0, None]] import NessusAPI # if auth.user.f_nessus_host is not None: servers = nessus_config.get("servers", {}) for k, v in servers.iteritems(): try: # check to see if NessusAPI is working nessus = NessusAPI.NessusConnection(v.get("user"), v.get("password"), url=v.get("url")) reports = nessus.list_reports() for report in reports: ts = time.ctime(float(report.timestamp)) nessusreports.append( ["%s:%s" % (k, report.name), "%s: %s - %s (%s)" % (k, report.readablename, ts, report.status)] ) except Exception, e: logger.error("Error communicating with %s: %s" % (k, str(e)))
def import_scan(): """ Upload and import Nessus Scan file """ msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False from skaldship.general import check_datadir import time import os filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nessus Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) nessus_config = nessus_get_config() # {'ignored_vulnids': [19506, 11219, 34277], # 'servers': {'server_1': {'password': '******', # 'url': 'https://localhost:8834/', # 'user': '******'}}} nessusreports = [[0, None]] import NessusAPI from skaldship.nessus.ness6api import Nessus6API servers = nessus_config.get('servers', {}) for k, v in servers.items(): if v.get('version') == 6: # nessus >= 6 try: nessus = Nessus6API(url=v.get('url'), username=v.get('username'), password=v.get('password'), access_key=v.get('access_key'), secret_key=v.get('secret_key'), verify=v.get('verify_ssl'), proxies=v.get('proxies')) except Exception as e: logger.error("Error communicating with %s: %s" % (k, str(e))) try: for report in nessus.get_scans(): ts = time.ctime( float(report.get('last_modification_date', 0))) nessusreports.append([ "%s:%s" % (k, report.get('id')), "%s: %s - %s (%s)" % (k, report.get('name'), ts, report.get('status')) ]) except Exception as e: logger.error("Error making scan list: %s" % (str(e))) else: # nessus <= 5 try: # check to see if NessusAPI is working nessus = NessusAPI.NessusConnection(v.get('user'), v.get('password'), url=v.get('url')) reports = nessus.list_reports() for report in reports: ts = time.ctime(float(report.timestamp)) nessusreports.append([ "%s:%s" % (k, report.name), "%s: %s - %s (%s)" % (k, report.readablename, ts, report.status) ]) except Exception as e: logger.error("Error communicating with %s: %s" % (k, str(e))) if len(nessusreports) > 1: fields.append( Field('f_nessus_report', type='integer', label=T('Nessus Report'), requires=IS_IN_SET(nessusreports, zero=None))) fields.append( Field('f_filename', 'upload', uploadfolder=filedir, label=T('Nessus Scan File'))) fields.append( Field('f_engineer', type='integer', label=T('Engineer'), default=auth.user.id, requires=IS_IN_SET(userlist))) fields.append( Field('f_asset_group', type='string', label=T('Asset Group'), requires=IS_NOT_EMPTY())) # check to see if we have a Metasploit Pro instance configured and talking # if so pull a list of the workspaces and present them if working_msf_api: msf_workspaces = ["None"] for w in list(msf_api.pro_workspaces().keys()): msf_workspaces.append(w) fields.append( Field('f_msf_workspace', type='string', label=T('MSF Pro Workspace'), requires=IS_EMPTY_OR(IS_IN_SET(msf_workspaces, zero=None)))) fields.append( Field('f_include_list', type='text', label=T('Hosts to Only Include'))) fields.append( Field('f_ignore_list', type='text', label=T('Hosts to Ignore'))) fields.append( Field('f_update_hosts', type='boolean', label=T('Update Host Information'), default=False)) fields.append( Field('f_taskit', type='boolean', default=auth.user.f_scheduler_tasks, label=T('Run in background task'))) form = SQLFORM.factory(*fields, table_name='nessus_scan') # form processing if form.errors: response.flash = 'Error in form' elif form.accepts(request.vars, session): # if no Nessus servers configured or valid, set report_name to 0 if nessusreports == [[0, None]]: report_name = '0' else: if form.vars.f_nessus_report != "0": # If a nessus report is selected, try to parse it to set report_name try: (server, report_name) = form.vars.f_nessus_report.split(':') except ValueError as e: msg = "Invalid report name sent: %s" % ( form.vars.f_nessus_report) response.flash = msg logging.error(msg) return dict(form=form) else: # set report_name to 0 if no f_nessus_report sent report_name = '0' if report_name != '0': # download a report from a Nessus server n_server = nessus_config.get('servers').get(server) filename = os.path.join( filedir, "nessus-%s-%s.xml" % (form.vars.f_asset_group, int(time.time()))) check_datadir(request.folder) if n_server.get('version') == 6: # nessus version => 6 try: nessus = Nessus6API(url=n_server.get('url'), username=n_server.get('username'), password=n_server.get('password'), access_key=n_server.get('access_key'), secret_key=n_server.get('secret_key'), verify=n_server.get('verify_ssl'), proxies=n_server.get('proxies')) nessus_report = nessus.report_download(report_name) fout = open(filename, "w") fout.write(nessus_report) fout.close() except Exception as e: msg = ("Error download Nessus report: %s" % (e)) logger.error(msg) response.flash = msg return dict(form=form) else: # nessus version <= 5 try: # build a new nessus connection with the configured server details and download the report n_server = nessus_config.get('servers').get(server) nessus = NessusAPI.NessusConnection( n_server.get('user'), n_server.get('password'), url=n_server.get('url')) fout = open(filename, "w") nessus.download_report(report_name, fout) fout.close() except Exception as e: msg = ("Error download Nessus report: %s" % (e)) logger.error(msg) response.flash = msg return dict(form=form) else: filename = os.path.join(filedir, form.vars.f_filename) # build the hosts only/exclude list ip_exclude = [] data = form.vars.get('f_ignore_list') if data: ip_exclude = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals ip_include = [] data = form.vars.get('f_include_list') if data: ip_include = data.split('\r\n') # TODO: check for ip subnet/range and break it out to individuals if form.vars.f_msf_workspace: msf_workspace = form.vars.f_msf_workspace if msf_workspace == "None": msf_workspace = None else: msf_workspace = None msf_settings = { 'workspace': msf_workspace, 'url': msf_settings['url'], 'key': msf_settings['key'] } if form.vars.f_taskit: task = scheduler.queue_task( scanner_import, pvars=dict( scanner='nessus', filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, msf_settings=msf_settings, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ), group_name=settings.scheduler_group_name, sync_output=5, timeout=settings.scheduler_timeout) if task.id: redirect(URL('tasks', 'status', args=task.id)) else: response.flash = "Error submitting job: %s" % (task.errors) else: from skaldship.nessus.processor import process_scanfile logger.info("Starting Nessus Report Import") response.flash = process_scanfile( filename=filename, asset_group=form.vars.f_asset_group, engineer=form.vars.f_engineer, msf_settings=msf_settings, ip_ignore_list=ip_exclude, ip_include_list=ip_include, update_hosts=form.vars.f_update_hosts, ) redirect(URL('default', 'index')) return dict(form=form)
def import_scan(): """ Upload and import Nessus Scan file """ msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False from skaldship.general import check_datadir import time import os filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nessus Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) nessus_config = nessus_get_config() # {'ignored_vulnids': [19506, 11219, 34277], # 'servers': {'server_1': {'password': '******', # 'url': 'https://localhost:8834/', # 'user': '******'}}} nessusreports = [[0, None]] import NessusAPI from skaldship.nessus.ness6api import Nessus6API servers = nessus_config.get('servers', {}) for k, v in servers.iteritems(): if v.get('version') == 6: # nessus >= 6 try: nessus = Nessus6API( url=v.get('url'), username=v.get('username'), password=v.get('password'), access_key=v.get('access_key'), secret_key=v.get('secret_key'), verify=v.get('verify_ssl'), proxies=v.get('proxies') ) except Exception, e: logger.error("Error communicating with %s: %s" % (k, str(e))) try: for report in nessus.get_scans(): ts = time.ctime(float(report.get('last_modification_date', 0))) nessusreports.append([ "%s:%s" % (k, report.get('id')), "%s: %s - %s (%s)" % (k, report.get('name'), ts, report.get('status')) ]) except Exception, e: logger.error("Error making scan list: %s" % (str(e)))
def import_scan(): """ Upload and import Nessus Scan file """ msf_settings = msf_get_config(session) try: # check to see if we have a Metasploit RPC instance configured and talking from MetasploitProAPI import MetasploitProAPI msf_api = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) working_msf_api = msf_api.login() except: working_msf_api = False from skaldship.general import check_datadir import time import os filedir = os.path.join(request.folder, 'data', 'scanfiles') response.title = "%s :: Import Nessus Scan Results" % (settings.title) fields = [] # buld the dropdown user list users = db(db.auth_user).select() userlist = [] for user in users: userlist.append([user.id, user.username]) nessus_config = nessus_get_config() # {'ignored_vulnids': [19506, 11219, 34277], # 'servers': {'server_1': {'password': '******', # 'url': 'https://localhost:8834/', # 'user': '******'}}} nessusreports = [[0, None]] import NessusAPI from skaldship.nessus.ness6api import Nessus6API servers = nessus_config.get('servers', {}) for k, v in servers.iteritems(): if v.get('version') == 6: # nessus >= 6 try: nessus = Nessus6API(url=v.get('url'), username=v.get('username'), password=v.get('password'), access_key=v.get('access_key'), secret_key=v.get('secret_key'), verify=v.get('verify_ssl'), proxies=v.get('proxies')) except Exception, e: logger.error("Error communicating with %s: %s" % (k, str(e))) try: for report in nessus.get_scans(): ts = time.ctime( float(report.get('last_modification_date', 0))) nessusreports.append([ "%s:%s" % (k, report.get('id')), "%s: %s - %s (%s)" % (k, report.get('name'), ts, report.get('status')) ]) except Exception, e: logger.error("Error making scan list: %s" % (str(e)))