2010-12-28 17:45:05 +00:00
|
|
|
#!/usr/bin/env ruby
|
|
|
|
#
|
2011-10-10 16:10:20 +00:00
|
|
|
# This plugin provides integration with OpenVAS. Written by kost and
|
|
|
|
# averagesecurityguy.
|
|
|
|
#
|
2011-10-23 11:56:13 +00:00
|
|
|
# $Id$
|
|
|
|
# $Revision$
|
|
|
|
#
|
|
|
|
# Distributed under MIT license:
|
2010-12-28 17:45:05 +00:00
|
|
|
# http://www.opensource.org/licenses/mit-license.php
|
|
|
|
#
|
|
|
|
|
2016-08-18 22:02:46 +00:00
|
|
|
require 'openvas-omp'
|
2010-12-28 17:45:05 +00:00
|
|
|
|
|
|
|
module Msf
|
|
|
|
class Plugin::OpenVAS < Msf::Plugin
|
2013-09-30 18:47:53 +00:00
|
|
|
class OpenVASCommandDispatcher
|
|
|
|
include Msf::Ui::Console::CommandDispatcher
|
|
|
|
|
|
|
|
def name
|
|
|
|
"OpenVAS"
|
|
|
|
end
|
|
|
|
|
|
|
|
def commands
|
|
|
|
{
|
|
|
|
'openvas_help' => "Displays help",
|
|
|
|
'openvas_version' => "Display the version of the OpenVAS server",
|
|
|
|
'openvas_debug' => "Enable/Disable debugging",
|
|
|
|
'openvas_connect' => "Connect to an OpenVAS manager using OMP",
|
|
|
|
'openvas_disconnect' => "Disconnect from OpenVAS manager",
|
|
|
|
|
|
|
|
'openvas_task_create' => "Create a task (name, comment, target, config)",
|
|
|
|
'openvas_task_delete' => "Delete task by ID",
|
|
|
|
'openvas_task_list' => "Display list of tasks",
|
|
|
|
'openvas_task_start' => "Start task by ID",
|
|
|
|
'openvas_task_stop' => "Stop task by ID",
|
|
|
|
'openvas_task_pause' => "Pause task by ID",
|
|
|
|
'openvas_task_resume' => "Resume task by ID",
|
|
|
|
'openvas_task_resume_or_start' => "Resume task or start task by ID",
|
|
|
|
|
|
|
|
'openvas_target_create' => "Create target (name, hosts, comment)",
|
|
|
|
'openvas_target_delete' => "Delete target by ID",
|
|
|
|
'openvas_target_list' => "Display list of targets",
|
|
|
|
|
|
|
|
'openvas_config_list' => "Quickly display list of configs",
|
|
|
|
|
|
|
|
'openvas_format_list' => "Display list of available report formats",
|
|
|
|
|
|
|
|
'openvas_report_list' => "Display a list of available report formats",
|
|
|
|
'openvas_report_delete' => "Delete a report specified by ID",
|
|
|
|
'openvas_report_download' => "Save a report to disk",
|
|
|
|
'openvas_report_import' => "Import report specified by ID into framework",
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_help()
|
|
|
|
print_status("openvas_help Display this help")
|
|
|
|
print_status("openvas_debug Enable/Disable debugging")
|
|
|
|
print_status("openvas_version Display the version of the OpenVAS server")
|
|
|
|
print_status
|
|
|
|
print_status("CONNECTION")
|
|
|
|
print_status("==========")
|
|
|
|
print_status("openvas_connect Connects to OpenVAS")
|
|
|
|
print_status("openvas_disconnect Disconnects from OpenVAS")
|
|
|
|
print_status
|
|
|
|
print_status("TARGETS")
|
|
|
|
print_status("=======")
|
|
|
|
print_status("openvas_target_create Create target")
|
|
|
|
print_status("openvas_target_delete Deletes target specified by ID")
|
|
|
|
print_status("openvas_target_list Lists targets")
|
|
|
|
print_status
|
|
|
|
print_status("TASKS")
|
|
|
|
print_status("=====")
|
|
|
|
print_status("openvas_task_create Create task")
|
|
|
|
print_status("openvas_task_delete Delete a task and all associated reports")
|
|
|
|
print_status("openvas_task_list Lists tasks")
|
|
|
|
print_status("openvas_task_start Starts task specified by ID")
|
|
|
|
print_status("openvas_task_stop Stops task specified by ID")
|
|
|
|
print_status("openvas_task_pause Pauses task specified by ID")
|
|
|
|
print_status("openvas_task_resume Resumes task specified by ID")
|
|
|
|
print_status("openvas_task_resume_or_start Resumes or starts task specified by ID")
|
|
|
|
print_status
|
|
|
|
print_status("CONFIGS")
|
|
|
|
print_status("=======")
|
|
|
|
print_status("openvas_config_list Lists scan configurations")
|
|
|
|
print_status
|
|
|
|
print_status("FORMATS")
|
|
|
|
print_status("=======")
|
|
|
|
print_status("openvas_format_list Lists available report formats")
|
|
|
|
print_status
|
|
|
|
print_status("REPORTS")
|
|
|
|
print_status("=======")
|
|
|
|
print_status("openvas_report_list Lists available reports")
|
|
|
|
print_status("openvas_report_delete Delete a report specified by ID")
|
|
|
|
print_status("openvas_report_import Imports an OpenVAS report specified by ID")
|
|
|
|
print_status("openvas_report_download Downloads an OpenVAS report specified by ID")
|
|
|
|
end
|
|
|
|
|
|
|
|
# Verify the database is connected and usable
|
|
|
|
def database?
|
|
|
|
if !(framework.db and framework.db.usable)
|
|
|
|
return false
|
|
|
|
else
|
|
|
|
return true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Verify there is an active OpenVAS connection
|
|
|
|
def openvas?
|
|
|
|
if @ov
|
|
|
|
return true
|
|
|
|
else
|
|
|
|
print_error("No OpenVAS connection available. Please use openvas_connect.")
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Verify correct number of arguments and verify -h was not given. Return
|
|
|
|
# true if correct number of arguments and help was not requested.
|
|
|
|
def args?(args, min=1, max=nil)
|
|
|
|
if not max then max = min end
|
|
|
|
if (args.length < min or args.length > max or args[0] == "-h")
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
|
|
|
|
return true
|
|
|
|
end
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Basic Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_debug(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.debug(args[0].to_i)
|
|
|
|
print_good(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage:")
|
|
|
|
print_status("openvas_debug integer")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_version()
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-18 22:02:46 +00:00
|
|
|
ver = @ov.version_get
|
2013-09-30 18:47:53 +00:00
|
|
|
print_good("Using OMP version #{ver}")
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Connection Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_connect(*args)
|
|
|
|
# Is the database configured?
|
|
|
|
if not database?
|
|
|
|
print_error("No database has been configured.")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
# Don't allow duplicate sessions
|
|
|
|
if @ov then
|
|
|
|
print_error("Session already open, please use openvas_disconnect first.")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
# Make sure the correct number of arguments are present.
|
|
|
|
if args?(args, 4, 5)
|
|
|
|
|
|
|
|
user, pass, host, port, sslv = args
|
|
|
|
|
|
|
|
# SSL warning. User is required to confirm.
|
|
|
|
if(host != "localhost" and host != "127.0.0.1" and sslv != "ok")
|
|
|
|
print_error("Warning: SSL connections are not verified in this release, it is possible for an attacker")
|
|
|
|
print_error(" with the ability to man-in-the-middle the OpenVAS traffic to capture the OpenVAS")
|
|
|
|
print_error(" credentials. If you are running this on a trusted network, please pass in 'ok'")
|
|
|
|
print_error(" as an additional parameter to this command.")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
begin
|
|
|
|
print_status("Connecting to OpenVAS instance at #{host}:#{port} with username #{user}...")
|
2016-08-18 22:02:46 +00:00
|
|
|
ov = OpenVASOMP::OpenVASOMP.new('user' => user, 'password' => pass, 'host' => host, 'port' => port)
|
2013-09-30 18:47:53 +00:00
|
|
|
rescue OpenVASOMP::OMPAuthError => e
|
|
|
|
print_error("Authentication failed: #{e.reason}")
|
|
|
|
return
|
|
|
|
rescue OpenVASOMP::OMPConnectionError => e
|
|
|
|
print_error("Connection failed: #{e.reason}")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
print_good("OpenVAS connection successful")
|
|
|
|
@ov = ov
|
|
|
|
|
|
|
|
else
|
|
|
|
print_status("Usage:")
|
|
|
|
print_status("openvas_connect username password host port <ssl-confirm>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Disconnect from an OpenVAS manager
|
|
|
|
def cmd_openvas_disconnect()
|
|
|
|
return unless openvas?
|
|
|
|
@ov.logout
|
|
|
|
@ov = nil
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Target Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_target_create(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args, 3)
|
|
|
|
begin
|
2016-08-19 20:11:28 +00:00
|
|
|
resp = @ov.target_create('name' => args[0], 'hosts' => args[1], 'comment' => args[2])
|
2013-09-30 18:47:53 +00:00
|
|
|
print_status(resp)
|
|
|
|
cmd_openvas_target_list
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_target_create <name> <hosts> <comment>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_target_delete(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.target_delete(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
cmd_openvas_target_list
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_target_delete <target_id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_target_list(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-10 18:30:09 +00:00
|
|
|
tbl = Rex::Text::Table.new(
|
2013-09-30 18:47:53 +00:00
|
|
|
'Columns' => ["ID", "Name", "Hosts", "Max Hosts", "In Use", "Comment"])
|
|
|
|
@ov.target_get_all().each do |target|
|
2016-09-10 00:37:49 +00:00
|
|
|
tbl << [ target["id"], target["name"], target["hosts"], target["max_hosts"],
|
2013-09-30 18:47:53 +00:00
|
|
|
target["in_use"], target["comment"] ]
|
|
|
|
end
|
|
|
|
print_good("OpenVAS list of targets")
|
|
|
|
print_line
|
|
|
|
print_line tbl.to_s
|
|
|
|
print_line
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Task Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_task_create(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args, 4)
|
|
|
|
begin
|
2016-08-19 20:11:28 +00:00
|
|
|
resp = @ov.task_create('name' => args[0], 'comment' => args[1], 'config' => args[2], 'target'=> args[3])
|
2013-09-30 18:47:53 +00:00
|
|
|
print_status(resp)
|
|
|
|
cmd_openvas_task_list
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_create <name> <comment> <config_id> <target_id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_delete(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args, 2)
|
|
|
|
|
|
|
|
# User is required to confirm before deleting task.
|
|
|
|
if(args[1] != "ok")
|
|
|
|
print_error("Warning: Deleting a task will also delete all reports associated with the ")
|
|
|
|
print_error("task, please pass in 'ok' as an additional parameter to this command.")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
begin
|
|
|
|
resp = @ov.task_delete(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
cmd_openvas_task_list
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_delete <id> ok")
|
|
|
|
print_error("This will delete the task and all associated reports.")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_list(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-10 18:30:09 +00:00
|
|
|
tbl = Rex::Text::Table.new(
|
2013-09-30 18:47:53 +00:00
|
|
|
'Columns' => ["ID", "Name", "Comment", "Status", "Progress"])
|
|
|
|
@ov.task_get_all().each do |task|
|
2016-09-10 00:37:49 +00:00
|
|
|
tbl << [ task["id"], task["name"], task["comment"], task["status"], task["progress"] ]
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
|
|
|
print_good("OpenVAS list of tasks")
|
|
|
|
print_line
|
|
|
|
print_line tbl.to_s
|
|
|
|
print_line
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_start(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.task_start(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_start <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_stop(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.task_stop(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_stop <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_pause(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.task_pause(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_pause <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_resume(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.task_resume_paused(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_resume <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_task_resume_or_start(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.task_resume_or_start(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_task_resume_or_start <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Config Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_config_list(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-10 18:30:09 +00:00
|
|
|
tbl = Rex::Text::Table.new(
|
2013-09-30 18:47:53 +00:00
|
|
|
'Columns' => [ "ID", "Name" ])
|
|
|
|
|
2016-08-18 22:02:46 +00:00
|
|
|
@ov.config_get_all.each do |config|
|
2016-09-10 00:37:49 +00:00
|
|
|
tbl << [ config["id"], config["name"] ]
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
|
|
|
print_good("OpenVAS list of configs")
|
|
|
|
print_line
|
|
|
|
print_line tbl.to_s
|
|
|
|
print_line
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Format Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_format_list(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-10 18:30:09 +00:00
|
|
|
tbl = Rex::Text::Table.new(
|
2013-09-30 18:47:53 +00:00
|
|
|
'Columns' => ["ID", "Name", "Extension", "Summary"])
|
2016-08-18 22:02:46 +00:00
|
|
|
format_get_all.each do |format|
|
2016-09-10 00:37:49 +00:00
|
|
|
tbl << [ format["id"], format["name"], format["extension"], format["summary"] ]
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
|
|
|
print_good("OpenVAS list of report formats")
|
|
|
|
print_line
|
|
|
|
print_line tbl.to_s
|
|
|
|
print_line
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Report Functions
|
|
|
|
#--------------------------
|
|
|
|
def cmd_openvas_report_list(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
begin
|
2016-08-10 18:30:09 +00:00
|
|
|
tbl = Rex::Text::Table.new(
|
2013-09-30 18:47:53 +00:00
|
|
|
'Columns' => ["ID", "Task Name", "Start Time", "Stop Time"])
|
2016-09-10 00:37:49 +00:00
|
|
|
|
2016-08-18 22:02:46 +00:00
|
|
|
resp = @ov.report_get_raw
|
|
|
|
|
|
|
|
resp.elements.each("//get_reports_response/report") do |report|
|
2016-09-10 00:37:49 +00:00
|
|
|
report_id = report.elements["report"].attributes["id"]
|
|
|
|
report_task = report.elements["task/name"].get_text
|
|
|
|
report_start_time = report.elements["creation_time"].get_text
|
|
|
|
report_stop_time = report.elements["modification_time"].get_text
|
|
|
|
|
|
|
|
tbl << [ report_id, report_task, report_start_time, report_stop_time ]
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
|
|
|
print_good("OpenVAS list of reports")
|
|
|
|
print_line
|
|
|
|
print_line tbl.to_s
|
|
|
|
print_line
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_report_delete(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args)
|
|
|
|
begin
|
|
|
|
resp = @ov.report_delete(args[0])
|
|
|
|
print_status(resp)
|
|
|
|
cmd_openvas_report_list
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_report_delete <id>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_report_download(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args, 4)
|
|
|
|
begin
|
2016-08-19 20:11:28 +00:00
|
|
|
report = @ov.report_get_raw("report_id"=>args[0],"format"=>args[1])
|
2013-09-30 18:47:53 +00:00
|
|
|
::FileUtils.mkdir_p(args[2])
|
|
|
|
name = ::File.join(args[2], args[3])
|
|
|
|
print_status("Saving report to #{name}")
|
|
|
|
output = ::File.new(name, "w")
|
2016-08-19 20:11:28 +00:00
|
|
|
data = nil
|
|
|
|
report.elements.each("//get_reports_response"){|r| data = r.to_s}
|
|
|
|
output.puts(data)
|
2013-09-30 18:47:53 +00:00
|
|
|
output.close
|
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_report_download <report_id> <format_id> <path> <report_name>")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def cmd_openvas_report_import(*args)
|
|
|
|
return unless openvas?
|
|
|
|
|
|
|
|
if args?(args, 2)
|
|
|
|
begin
|
2016-08-19 20:11:28 +00:00
|
|
|
report = @ov.report_get_raw("report_id"=>args[0],"format"=>args[1])
|
|
|
|
data = nil
|
|
|
|
report.elements.each("//get_reports_response"){|r| data = r.to_s}
|
2013-09-30 18:47:53 +00:00
|
|
|
print_status("Importing report to database.")
|
2016-08-19 20:11:28 +00:00
|
|
|
framework.db.import({:data => data})
|
2013-09-30 18:47:53 +00:00
|
|
|
rescue OpenVASOMP::OMPError => e
|
|
|
|
print_error(e.to_s)
|
|
|
|
end
|
|
|
|
else
|
|
|
|
print_status("Usage: openvas_report_import <report_id> <format_id>")
|
|
|
|
print_status("Only the NBE and XML formats are supported for importing.")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-08-18 22:02:46 +00:00
|
|
|
|
|
|
|
|
|
|
|
#--------------------------
|
|
|
|
# Format Functions
|
|
|
|
#--------------------------
|
|
|
|
# Get a list of report formats
|
|
|
|
def format_get_all
|
|
|
|
begin
|
|
|
|
resp = @ov.omp_request_xml("<get_report_formats/>")
|
|
|
|
if @debug then print resp end
|
|
|
|
|
|
|
|
list = Array.new
|
|
|
|
resp.elements.each('//get_report_formats_response/report_format') do |report|
|
|
|
|
td = Hash.new
|
|
|
|
td["id"] = report.attributes["id"]
|
|
|
|
td["name"] = report.elements["name"].text
|
|
|
|
td["extension"] = report.elements["extension"].text
|
|
|
|
td["summary"] = report.elements["summary"].text
|
|
|
|
list.push td
|
|
|
|
end
|
|
|
|
@formats = list
|
|
|
|
return list
|
|
|
|
rescue
|
|
|
|
raise OMPResponseError
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
end # End OpenVAS class
|
2010-12-28 17:45:05 +00:00
|
|
|
|
2011-10-10 16:10:20 +00:00
|
|
|
#------------------------------
|
|
|
|
# Plugin initialization
|
|
|
|
#------------------------------
|
2010-12-28 17:45:05 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
def initialize(framework, opts)
|
|
|
|
super
|
|
|
|
add_console_dispatcher(OpenVASCommandDispatcher)
|
|
|
|
print_status("Welcome to OpenVAS integration by kost and averagesecurityguy.")
|
|
|
|
print_status
|
|
|
|
print_status("OpenVAS integration requires a database connection. Once the ")
|
|
|
|
print_status("database is ready, connect to the OpenVAS server using openvas_connect.")
|
|
|
|
print_status("For additional commands use openvas_help.")
|
|
|
|
print_status
|
|
|
|
@ov = nil
|
|
|
|
@formats = nil
|
2016-08-18 22:02:46 +00:00
|
|
|
@debug = nil
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def cleanup
|
|
|
|
remove_console_dispatcher('OpenVAS')
|
|
|
|
end
|
|
|
|
|
|
|
|
def name
|
|
|
|
"OpenVAS"
|
|
|
|
end
|
|
|
|
|
|
|
|
def desc
|
|
|
|
"Integrates with the OpenVAS - open source vulnerability management"
|
|
|
|
end
|
2010-12-28 17:45:05 +00:00
|
|
|
end
|
|
|
|
end
|