parent
dd5ae26174
commit
11bcac8a4e
|
@ -2353,103 +2353,6 @@ module Msf::DBManager::Import
|
|||
end
|
||||
end
|
||||
|
||||
def import_qualys_scan_xml(args={}, &block)
|
||||
data = args[:data]
|
||||
wspace = args[:wspace] || workspace
|
||||
bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
|
||||
|
||||
|
||||
doc = rexmlify(data)
|
||||
doc.elements.each('/SCAN/IP') do |host|
|
||||
hobj = nil
|
||||
addr = host.attributes['value']
|
||||
if bl.include? addr
|
||||
next
|
||||
else
|
||||
yield(:address,addr) if block
|
||||
end
|
||||
hname = host.attributes['name'] || ''
|
||||
|
||||
hobj = report_host(:workspace => wspace, :host => addr, :name => hname, :state => Msf::HostState::Alive, :task => args[:task])
|
||||
report_import_note(wspace,hobj)
|
||||
|
||||
if host.elements["OS"]
|
||||
hos = host.elements["OS"].text
|
||||
report_note(
|
||||
:workspace => wspace,
|
||||
:task => args[:task],
|
||||
:host => hobj,
|
||||
:type => 'host.os.qualys_fingerprint',
|
||||
:data => {
|
||||
:os => hos
|
||||
}
|
||||
)
|
||||
end
|
||||
|
||||
# Open TCP Services List (Qualys ID 82023)
|
||||
services_tcp = host.elements["SERVICES/CAT/SERVICE[@number='82023']/RESULT"]
|
||||
if services_tcp
|
||||
services_tcp.text.scan(/([0-9]+)\t(.*?)\t.*?\t([^\t\n]*)/) do |match|
|
||||
if match[2] == nil or match[2].strip == 'unknown'
|
||||
name = match[1].strip
|
||||
else
|
||||
name = match[2].strip
|
||||
end
|
||||
handle_qualys(wspace, hobj, match[0].to_s, 'tcp', 0, nil, nil, name, nil, args[:task])
|
||||
end
|
||||
end
|
||||
# Open UDP Services List (Qualys ID 82004)
|
||||
services_udp = host.elements["SERVICES/CAT/SERVICE[@number='82004']/RESULT"]
|
||||
if services_udp
|
||||
services_udp.text.scan(/([0-9]+)\t(.*?)\t.*?\t([^\t\n]*)/) do |match|
|
||||
if match[2] == nil or match[2].strip == 'unknown'
|
||||
name = match[1].strip
|
||||
else
|
||||
name = match[2].strip
|
||||
end
|
||||
handle_qualys(wspace, hobj, match[0].to_s, 'udp', 0, nil, nil, name, nil, args[:task])
|
||||
end
|
||||
end
|
||||
|
||||
# VULNS are confirmed, PRACTICES are unconfirmed vulnerabilities
|
||||
host.elements.each('VULNS/CAT | PRACTICES/CAT') do |cat|
|
||||
port = cat.attributes['port']
|
||||
protocol = cat.attributes['protocol']
|
||||
cat.elements.each('VULN | PRACTICE') do |vuln|
|
||||
refs = []
|
||||
qid = vuln.attributes['number']
|
||||
severity = vuln.attributes['severity']
|
||||
title = vuln.elements['TITLE'].text.to_s
|
||||
vuln.elements.each('VENDOR_REFERENCE_LIST/VENDOR_REFERENCE') do |ref|
|
||||
refs.push(ref.elements['ID'].text.to_s)
|
||||
end
|
||||
vuln.elements.each('CVE_ID_LIST/CVE_ID') do |ref|
|
||||
refs.push('CVE-' + /C..-([0-9\-]{9})/.match(ref.elements['ID'].text.to_s)[1])
|
||||
end
|
||||
vuln.elements.each('BUGTRAQ_ID_LIST/BUGTRAQ_ID') do |ref|
|
||||
refs.push('BID-' + ref.elements['ID'].text.to_s)
|
||||
end
|
||||
|
||||
handle_qualys(wspace, hobj, port, protocol, qid, severity, refs, nil,title, args[:task])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
# Import Qualys' Scan xml output
|
||||
#
|
||||
def import_qualys_scan_xml_file(args={})
|
||||
filename = args[:filename]
|
||||
wspace = args[:wspace] || workspace
|
||||
|
||||
data = ""
|
||||
::File.open(filename, 'rb') do |f|
|
||||
data = f.read(f.stat.size)
|
||||
end
|
||||
import_qualys_scan_xml(args.merge(:data => data))
|
||||
end
|
||||
|
||||
# @param report [REXML::Element] to be imported
|
||||
# @param args [Hash]
|
||||
# @param base_dir [String]
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
module Msf::DBManager::Import::Qualys
|
||||
autoload :Asset, 'msf/core/db_manager/import/qualys/asset'
|
||||
autoload :Scan, 'msf/core/db_manager/import/qualys/scan'
|
||||
|
||||
include Msf::DBManager::Import::Qualys::Asset
|
||||
include Msf::DBManager::Import::Qualys::Scan
|
||||
end
|
|
@ -0,0 +1,98 @@
|
|||
module Msf::DBManager::Import::Qualys::Scan
|
||||
def import_qualys_scan_xml(args={}, &block)
|
||||
data = args[:data]
|
||||
wspace = args[:wspace] || workspace
|
||||
bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
|
||||
|
||||
|
||||
doc = rexmlify(data)
|
||||
doc.elements.each('/SCAN/IP') do |host|
|
||||
hobj = nil
|
||||
addr = host.attributes['value']
|
||||
if bl.include? addr
|
||||
next
|
||||
else
|
||||
yield(:address,addr) if block
|
||||
end
|
||||
hname = host.attributes['name'] || ''
|
||||
|
||||
hobj = report_host(:workspace => wspace, :host => addr, :name => hname, :state => Msf::HostState::Alive, :task => args[:task])
|
||||
report_import_note(wspace,hobj)
|
||||
|
||||
if host.elements["OS"]
|
||||
hos = host.elements["OS"].text
|
||||
report_note(
|
||||
:workspace => wspace,
|
||||
:task => args[:task],
|
||||
:host => hobj,
|
||||
:type => 'host.os.qualys_fingerprint',
|
||||
:data => {
|
||||
:os => hos
|
||||
}
|
||||
)
|
||||
end
|
||||
|
||||
# Open TCP Services List (Qualys ID 82023)
|
||||
services_tcp = host.elements["SERVICES/CAT/SERVICE[@number='82023']/RESULT"]
|
||||
if services_tcp
|
||||
services_tcp.text.scan(/([0-9]+)\t(.*?)\t.*?\t([^\t\n]*)/) do |match|
|
||||
if match[2] == nil or match[2].strip == 'unknown'
|
||||
name = match[1].strip
|
||||
else
|
||||
name = match[2].strip
|
||||
end
|
||||
handle_qualys(wspace, hobj, match[0].to_s, 'tcp', 0, nil, nil, name, nil, args[:task])
|
||||
end
|
||||
end
|
||||
# Open UDP Services List (Qualys ID 82004)
|
||||
services_udp = host.elements["SERVICES/CAT/SERVICE[@number='82004']/RESULT"]
|
||||
if services_udp
|
||||
services_udp.text.scan(/([0-9]+)\t(.*?)\t.*?\t([^\t\n]*)/) do |match|
|
||||
if match[2] == nil or match[2].strip == 'unknown'
|
||||
name = match[1].strip
|
||||
else
|
||||
name = match[2].strip
|
||||
end
|
||||
handle_qualys(wspace, hobj, match[0].to_s, 'udp', 0, nil, nil, name, nil, args[:task])
|
||||
end
|
||||
end
|
||||
|
||||
# VULNS are confirmed, PRACTICES are unconfirmed vulnerabilities
|
||||
host.elements.each('VULNS/CAT | PRACTICES/CAT') do |cat|
|
||||
port = cat.attributes['port']
|
||||
protocol = cat.attributes['protocol']
|
||||
cat.elements.each('VULN | PRACTICE') do |vuln|
|
||||
refs = []
|
||||
qid = vuln.attributes['number']
|
||||
severity = vuln.attributes['severity']
|
||||
title = vuln.elements['TITLE'].text.to_s
|
||||
vuln.elements.each('VENDOR_REFERENCE_LIST/VENDOR_REFERENCE') do |ref|
|
||||
refs.push(ref.elements['ID'].text.to_s)
|
||||
end
|
||||
vuln.elements.each('CVE_ID_LIST/CVE_ID') do |ref|
|
||||
refs.push('CVE-' + /C..-([0-9\-]{9})/.match(ref.elements['ID'].text.to_s)[1])
|
||||
end
|
||||
vuln.elements.each('BUGTRAQ_ID_LIST/BUGTRAQ_ID') do |ref|
|
||||
refs.push('BID-' + ref.elements['ID'].text.to_s)
|
||||
end
|
||||
|
||||
handle_qualys(wspace, hobj, port, protocol, qid, severity, refs, nil,title, args[:task])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
# Import Qualys' Scan xml output
|
||||
#
|
||||
def import_qualys_scan_xml_file(args={})
|
||||
filename = args[:filename]
|
||||
wspace = args[:wspace] || workspace
|
||||
|
||||
data = ""
|
||||
::File.open(filename, 'rb') do |f|
|
||||
data = f.read(f.stat.size)
|
||||
end
|
||||
import_qualys_scan_xml(args.merge(:data => data))
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue