def burp_scan_data(self, xml_data):
global vuln_id, burp_status, vul_col
for issue in xml_data:
for data in issue.getchildren():
vuln_id = uuid.uuid4()
if data.tag == "serialNumber":
global serialNumber
if data.text is None:
serialNumber = "NA"
else:
serialNumber = data.text
if data.tag == "type":
global types
if data.text is None:
types = "NA"
else:
types = data.text
if data.tag == "name":
global name
if data.text is None:
name = "NA"
else:
name = data.text
if data.tag == "host":
global host
if data.text is None:
host = "NA"
else:
host = data.text
if data.tag == "path":
global path
if data.text is None:
path = "NA"
else:
path = data.text
if data.tag == "location":
global location
if data.text is None:
location = "NA"
else:
location = data.text
if data.tag == "severity":
global severity
if data.text is None:
severity = "NA"
else:
severity = data.text
if data.tag == "confidence":
global confidence
if data.text is None:
confidence = "NA"
else:
confidence = data.text
if data.tag == "issueBackground":
global issueBackground
if data.text is None:
issueBackground = "NA"
else:
issueBackground = data.text
if data.tag == "remediationBackground":
global remediationBackground
if data.text is None:
remediationBackground = "NA"
else:
remediationBackground = data.text
if data.tag == "references":
global references
if data.text is None:
references = "NA"
else:
references = data.text
if data.tag == "vulnerabilityClassifications":
global vulnerabilityClassifications
if data.text is None:
vulnerabilityClassifications = "NA"
else:
vulnerabilityClassifications = data.text
if data.tag == "issueDetail":
global issueDetail
if data.text is None:
issueDetail = "NA"
else:
issueDetail = data.text
if data.tag == "requestresponse":
global requestresponse
if data.text is None:
requestresponse = "NA"
else:
requestresponse = data.text
for d in data:
req = d.tag
met = d.attrib
if req == "request":
global dec_req
reqst = d.text
dec_req = base64.b64decode(reqst) # reqst
if req == "response":
global dec_res
res_dat = d.text
# print res_dat
dec_res = base64.b64decode(res_dat) # res_dat
for key, items in met.iteritems():
global methods
if key == "method":
methods = items
global vul_col
if severity == 'High':
vul_col = "important"
elif severity == 'Medium':
vul_col = "warning"
elif severity == 'Low':
vul_col = "info"
else:
vul_col = "info"
try:
data_dump = burp_scan_result_db(scan_id=self.scan_id, types=types, method=methods,
scan_request=dec_req,
scan_response=dec_res,
project_id=self.project_id, vuln_id=vuln_id,
serialNumber=serialNumber, name=name, host=host,
path=path, location=location,
severity=severity, severity_color=vul_col, confidence=confidence,
issueBackground=issueBackground,
remediationBackground=remediationBackground,
references=references,
vulnerabilityClassifications=vulnerabilityClassifications,
issueDetail=issueDetail, requestresponse=requestresponse,
false_positive='No')
data_dump.save()
except Exception as e:
print e
burp_all_vul = burp_scan_result_db.objects.filter(scan_id=self.scan_id)
total_vul = len(burp_all_vul)
total_high = len(burp_all_vul.filter(severity="High"))
total_medium = len(burp_all_vul.filter(severity="Medium"))
total_low = len(burp_all_vul.filter(severity="Low"))
total_info = len(burp_all_vul.filter(severity="Information"))
burp_scan_db.objects.filter(scan_id=self.scan_id).update(total_vul=total_vul, high_vul=total_high,
medium_vul=total_medium, low_vul=total_low)
try:
email_notification.email_notify()
except Exception as e:
print e
HttpResponse(status=201)
def burp_scan_data(self, xml_data):
"""
The function parse the burp result as xml data
and stored into archery database.
:param xml_data:
:return:
"""
global vuln_id, burp_status, vul_col
for issue in xml_data:
for data in issue.getchildren():
vuln_id = uuid.uuid4()
if data.tag == "serialNumber":
global serialNumber
if data.text is None:
serialNumber = "NA"
else:
serialNumber = data.text
if data.tag == "type":
global types
if data.text is None:
types = "NA"
else:
types = data.text
if data.tag == "name":
global name
if data.text is None:
name = "NA"
else:
name = data.text
if data.tag == "host":
global host
if data.text is None:
host = "NA"
else:
host = data.text
if data.tag == "path":
global path
if data.text is None:
path = "NA"
else:
path = data.text
if data.tag == "location":
global location
if data.text is None:
location = "NA"
else:
location = data.text
if data.tag == "severity":
global severity
if data.text is None:
severity = "NA"
else:
severity = data.text
if data.tag == "confidence":
global confidence
if data.text is None:
confidence = "NA"
else:
confidence = data.text
if data.tag == "issueBackground":
global issueBackground
if data.text is None:
issueBackground = "NA"
else:
issueBackground = data.text
if data.tag == "remediationBackground":
global remediationBackground
if data.text is None:
remediationBackground = "NA"
else:
remediationBackground = data.text
if data.tag == "references":
global references
if data.text is None:
references = "NA"
else:
references = data.text
if data.tag == "vulnerabilityClassifications":
global vulnerabilityClassifications
if data.text is None:
vulnerabilityClassifications = "NA"
else:
vulnerabilityClassifications = data.text
if data.tag == "issueDetail":
global issueDetail
if data.text is None:
issueDetail = "NA"
else:
issueDetail = data.text
if data.tag == "requestresponse":
global requestresponse
if data.text is None:
requestresponse = "NA"
else:
requestresponse = data.text
for d in data:
req = d.tag
met = d.attrib
if req == "request":
global dec_req
reqst = d.text
dec_req = base64.b64decode(reqst) # reqst
if req == "response":
global dec_res
res_dat = d.text
dec_res = base64.b64decode(res_dat) # res_dat
for key, items in met.iteritems():
global methods
if key == "method":
methods = items
global vul_col
if severity == 'High':
vul_col = "important"
elif severity == 'Medium':
vul_col = "warning"
elif severity == 'Low':
vul_col = "info"
else:
vul_col = "info"
dup_data = name + location + severity
duplicate_hash = hashlib.sha256(dup_data).hexdigest()
match_dup = burp_scan_result_db.objects.filter(
dup_hash=duplicate_hash).values('dup_hash').distinct()
lenth_match = len(match_dup)
if lenth_match == 1:
duplicate_vuln = 'Yes'
elif lenth_match == 0:
duplicate_vuln = 'No'
else:
duplicate_vuln = 'None'
false_p = burp_scan_result_db.objects.filter(
false_positive_hash=duplicate_hash)
fp_lenth_match = len(false_p)
global false_positive
if fp_lenth_match == 1:
false_positive = 'Yes'
elif lenth_match == 0:
false_positive = 'No'
else:
false_positive = 'No'
try:
data_dump = burp_scan_result_db(
scan_id=self.scan_id,
types=types,
method=methods,
scan_request=dec_req,
scan_response=dec_res,
project_id=self.project_id,
vuln_id=vuln_id,
serialNumber=serialNumber,
name=name,
host=host,
path=path,
location=location,
severity=severity,
severity_color=vul_col,
confidence=confidence,
issueBackground=issueBackground,
remediationBackground=remediationBackground,
references=references,
vulnerabilityClassifications=vulnerabilityClassifications,
issueDetail=issueDetail,
requestresponse=requestresponse,
false_positive=false_positive,
vuln_status='Open',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln)
data_dump.save()
except Exception as e:
print e
burp_all_vul = burp_scan_result_db.objects.filter(
scan_id=self.scan_id).values('name', 'severity').distinct()
total_vul = len(burp_all_vul)
total_high = len(burp_all_vul.filter(severity="High"))
total_medium = len(burp_all_vul.filter(severity="Medium"))
total_low = len(burp_all_vul.filter(severity="Low"))
total_info = len(burp_all_vul.filter(severity="Information"))
total_duplicate = len(burp_all_vul.filter(vuln_duplicate='Yes'))
burp_scan_db.objects.filter(scan_id=self.scan_id).update(
total_vul=total_vul,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
info_vul=total_info,
total_dup=total_duplicate)
try:
email_notification.email_notify()
except Exception as e:
print e
HttpResponse(status=201)
def add_zap_vuln(request):
"""
Adding vulnerability in Databse.
:param request:
:return:
"""
if request.method == 'GET':
scan_id = request.GET['scan_id']
scanners = request.GET['scanner']
else:
scan_id = ''
scanners = ''
if request.method == 'POST':
vuln_id = uuid.uuid4()
scan_id = request.POST.get("scan_id")
scanners = request.POST.get("scanners")
vuln_name = request.POST.get("vuln_name")
risk = request.POST.get("risk")
url = request.POST.get("url")
param = request.POST.get("param")
sourceid = request.POST.get("sourceid")
attack = request.POST.get("attack")
ref = request.POST.get("ref")
description = request.POST.get("description")
solution = request.POST.get("solution")
req_header = request.POST.get("req_header")
res_header = request.POST.get("res_header")
vuln_col = request.POST.get("vuln_color")
if scanners == 'zap':
save_vuln = zap_scan_results_db(scan_id=scan_id,
vuln_color=vuln_col,
risk=risk,
url=url,
param=param,
sourceid=sourceid,
attack=attack,
vuln_id=vuln_id,
name=vuln_name,
description=description,
reference=ref,
solution=solution,
requestHeader=req_header,
responseHeader=res_header)
save_vuln.save()
messages.success(request, "Vulnerability Added")
zap_all_vul = zap_scan_results_db.objects.filter(
scan_id=scan_id).values('name', 'risk',
'vuln_color').distinct()
total_vul = len(zap_all_vul)
total_high = len(zap_all_vul.filter(risk="High"))
total_medium = len(zap_all_vul.filter(risk="Medium"))
total_low = len(zap_all_vul.filter(risk="Low"))
zap_scans_db.objects.filter(scan_scanid=scan_id).update(
total_vul=total_vul,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low)
return HttpResponseRedirect(
"/zapscanner/web_vuln_list/?scan_id=%s" % scan_id)
elif scanners == 'burp':
save_burp_vuln = burp_scan_result_db(
scan_id=scan_id,
severity_color=vuln_col,
severity=risk,
host=url,
location=param,
vuln_id=vuln_id,
name=vuln_name,
issueBackground=description,
references=ref,
remediationBackground=solution,
scan_request=req_header,
scan_response=res_header)
save_burp_vuln.save()
burp_all_vul = burp_scan_result_db.objects.filter(scan_id=scan_id)
total_vul = len(burp_all_vul)
total_high = len(burp_all_vul.filter(severity="High"))
total_medium = len(burp_all_vul.filter(severity="Medium"))
total_low = len(burp_all_vul.filter(severity="Low"))
burp_scan_db.objects.filter(scan_id=scan_id).update(
total_vul=total_vul,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low)
return HttpResponseRedirect(
"/zapscanner/burp_vuln_list?scan_id=%s" % scan_id)
return render(request, 'zapscanner/add_zap_vuln.html', {
'scan_id': scan_id,
'scanners': scanners
})
def burp_scan_data(root, project_id, scan_id, username):
date_time = datetime.now()
"""
The function parse the burp result as xml data
and stored into archery database.
:param xml_data:
:return:
"""
global vuln_id, burp_status, vul_col, \
issue_description, \
issue_remediation, \
issue_reference, \
issue_vulnerability_classifications, \
vul_col, severity, name, path, host, location, \
confidence, types, serialNumber, request_datas, response_datas, url
for issue in root:
for data in issue:
vuln_id = uuid.uuid4()
if data.tag == "serialNumber":
global serialNumber
if data.text is None:
serialNumber = "NA"
else:
serialNumber = data.text
if data.tag == "type":
global types
if data.text is None:
types = "NA"
else:
types = data.text
if data.tag == "name":
global name
if data.text is None:
name = "NA"
else:
name = data.text
if data.tag == "host":
global host
if data.text is None:
host = "NA"
else:
host = data.text
if data.tag == "path":
global path
if data.text is None:
path = "NA"
else:
path = data.text
if data.tag == "location":
global location
if data.text is None:
location = "NA"
else:
location = data.text
if data.tag == "severity":
global severity
if data.text is None:
severity = "NA"
else:
severity = data.text
if data.tag == "confidence":
global confidence
if data.text is None:
confidence = "NA"
else:
confidence = data.text
if data.tag == "requestresponse":
global requestresponse
if data.text is None:
requestresponse = "NA"
else:
requestresponse = data.text
for d in data:
req = d.tag
met = d.attrib
if req == "request":
global request_datas
reqst = d.text
request_datas = base64.b64decode(reqst) # reqst
if req == "response":
global response_datas
res_dat = d.text
response_datas = base64.b64decode(res_dat) # res_dat
for key, items in met.items():
global methods
if key == "method":
methods = items
if data.tag == "issueBackground":
global issue_description
if data.text is None:
issue_description = "NA"
else:
issue_description = data.text
if data.tag == "remediationBackground":
global issue_remediation
if data.text is None:
issue_remediation = "NA"
else:
issue_remediation = data.text
if data.tag == "references":
global issue_reference
if data.text is None:
issue_reference = "NA"
else:
issue_reference = data.text
if data.tag == "vulnerabilityClassifications":
global issue_vulnerability_classifications
if data.text is None:
issue_vulnerability_classifications = "NA"
else:
issue_vulnerability_classifications = data.text
if severity == 'High':
vul_col = "danger"
elif severity == 'Medium':
vul_col = "warning"
elif severity == 'Low':
vul_col = "info"
else:
severity = 'Low'
vul_col = "info"
vuln_id = uuid.uuid4()
dup_data = name + host + severity
duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest()
match_dup = burp_scan_result_db.objects.filter(
username=username,
dup_hash=duplicate_hash).values('dup_hash').distinct()
lenth_match = len(match_dup)
if lenth_match == 0:
duplicate_vuln = 'No'
false_p = burp_scan_result_db.objects.filter(
username=username, false_positive_hash=duplicate_hash)
fp_lenth_match = len(false_p)
global false_positive
if fp_lenth_match == 1:
false_positive = 'Yes'
elif lenth_match == 0:
false_positive = 'No'
else:
false_positive = 'No'
url = host + location
# all_issue_definitions = burp_issue_definitions.objects.filter(issue_type_id=types)
# for def_data in all_issue_definitions:
# issue_description = def_data.description
# issue_remediation = def_data.remediation
# issue_vulnerability_classifications = def_data.vulnerability_classifications
# issue_reference = def_data.reference
try:
data_dump = burp_scan_result_db(
scan_id=scan_id,
project_id=project_id,
date_time=date_time,
vuln_id=vuln_id,
name=name,
path=path,
severity=severity,
severity_color=vul_col,
confidence=confidence,
false_positive=false_positive,
vuln_status='Open',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln,
type_index=types,
serial_number=serialNumber,
origin=host,
request_response_url=url,
request_response_request_data=request_datas,
request_response_response_data=response_datas,
description=issue_description,
remediation=issue_remediation,
reference=issue_reference,
vulnerability_classifications=
issue_vulnerability_classifications,
username=username)
data_dump.save()
except Exception as e:
print(e)
else:
duplicate_vuln = 'Yes'
try:
data_dump = burp_scan_result_db(
scan_id=scan_id,
project_id=project_id,
date_time=date_time,
vuln_id=vuln_id,
name=name,
path=path,
severity=severity,
severity_color=vul_col,
confidence=confidence,
false_positive='Duplicate',
vuln_status='Duplicate',
dup_hash=duplicate_hash,
vuln_duplicate=duplicate_vuln,
type_index=types,
serial_number=serialNumber,
origin=host,
request_response_url=url,
request_response_request_data=request_datas,
request_response_response_data=response_datas,
description=issue_description,
remediation=issue_remediation,
reference=issue_reference,
vulnerability_classifications=
issue_vulnerability_classifications,
username=username)
data_dump.save()
except Exception as e:
print(e)
burp_all_vul = burp_scan_result_db.objects.filter(username=username,
scan_id=scan_id,
false_positive='No')
duplicate_count = burp_scan_result_db.objects.filter(username=username,
scan_id=scan_id,
vuln_duplicate='Yes')
total_vul = len(burp_all_vul)
total_high = len(burp_all_vul.filter(severity="High"))
total_medium = len(burp_all_vul.filter(severity="Medium"))
total_low = len(burp_all_vul.filter(severity="Low"))
total_info = len(burp_all_vul.filter(severity="Information"))
total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes'))
burp_scan_db.objects.filter(username=username, scan_id=scan_id).update(
url=host,
date_time=date_time,
total_vul=total_vul,
high_vul=total_high,
medium_vul=total_medium,
low_vul=total_low,
info_vul=total_info,
total_dup=total_duplicate)
trend_update(username=username)
subject = 'Archery Tool Scan Status - Burp Report Uploaded'
message = 'Burp Scanner has completed the scan ' \
' %s <br> Total: %s <br>High: %s <br>' \
'Medium: %s <br>Low %s' % (host, total_vul, total_high, total_medium, total_low)
email_sch_notify(subject=subject, message=message)
try:
email_notification.email_notify()
except Exception as e:
print(e)
HttpResponse(status=201)