Adds imported file metadata to imported hosts as a "host.imported" note, indicating the source filename, the detected file type, and the imported time.
git-svn-id: file:///home/svn/framework3/trunk@9227 4d416f70-5f16-0410-b530-b9f4589650daunstable
Tod Beardsley
parent
47cea7bbb3
commit
8632146be4
|
|
@ -1118,6 +1118,8 @@ class DBManager
|
|||
# file, there shouldn't be any false detections, but no guarantees.
|
||||
#
|
||||
def import_file(filename, wspace=workspace)
|
||||
@import_filedata = {}
|
||||
@import_filedata[:filename] = filename
|
||||
f = File.open(filename, 'rb')
|
||||
data = f.read(f.stat.size)
|
||||
import(data, wspace)
|
||||
|
|
@ -1142,7 +1144,9 @@ class DBManager
|
|||
end
|
||||
firstline = data[0, di]
|
||||
if (firstline.index("<NeXposeSimpleXML"))
|
||||
@import_filedata[:type] = "NeXpose Report (SimpleXML)" if @import_filedata
|
||||
return import_nexpose_simplexml(data, wspace)
|
||||
@import_filedata[:type] = "NeXpose Report" if @import_filedata
|
||||
elsif (firstline.index("<NexposeReport"))
|
||||
return import_nexpose_rawxml(data, wspace)
|
||||
elsif (firstline.index("<?xml"))
|
||||
|
|
@ -1152,16 +1156,22 @@ class DBManager
|
|||
line =~ /<([a-zA-Z0-9\-\_]+)[ >]/
|
||||
case $1
|
||||
when "nmaprun"
|
||||
@import_filedata[:type] = "Nmap Scan" if @import_filedata
|
||||
return import_nmap_xml(data, wspace)
|
||||
when "openvas-report"
|
||||
@import_filedata[:type] = "OpenVAS Report" if @import_filedata
|
||||
return import_openvas_xml(data, wspace)
|
||||
when "NessusClientData"
|
||||
@import_filedata[:type] = "Nessus Report" if @import_filedata
|
||||
return import_nessus_xml(data, wspace)
|
||||
when "NessusClientData_v2"
|
||||
@import_filedata[:type] = "Nessus Report (v2)" if @import_filedata
|
||||
return import_nessus_xml_v2(data, wspace)
|
||||
when "SCAN"
|
||||
@import_filedata[:type] = "Qualys Scan" if @import_filedata
|
||||
return import_qualys_xml(data, wspace)
|
||||
when "MetasploitExpressV1"
|
||||
@import_filedata[:type] = "Metasploit Express Report" if @import_filedata
|
||||
return import_msfe_v1_xml(data, wspace)
|
||||
else
|
||||
# Give up if we haven't hit the root tag in the first few lines
|
||||
|
|
@ -1170,13 +1180,16 @@ class DBManager
|
|||
line_count += 1
|
||||
}
|
||||
elsif (firstline.index("timestamps|||scan_start"))
|
||||
@import_filedata[:type] = "Nessus NBE Report" if @import_filedata
|
||||
# then it's a nessus nbe
|
||||
return import_nessus_nbe(data, wspace)
|
||||
elsif (firstline.index("# amap v"))
|
||||
# then it's an amap mlog
|
||||
@import_filedata[:type] = "Amap Log" if @import_filedata
|
||||
return import_amap_mlog(data, wspace)
|
||||
elsif (firstline =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)
|
||||
# then its an IP list
|
||||
@import_filedata[:type] = "IP List Text File" if @import_filedata
|
||||
return import_ip_list(data, wspace)
|
||||
end
|
||||
raise DBImportError.new("Could not automatically determine file type")
|
||||
|
|
@ -1655,6 +1668,8 @@ class DBManager
|
|||
)
|
||||
end
|
||||
|
||||
report_import_note(wspace,addr)
|
||||
|
||||
# Put all the ports, regardless of state, into the db.
|
||||
h["ports"].each { |p|
|
||||
extra = ""
|
||||
|
|
@ -1679,6 +1694,17 @@ class DBManager
|
|||
REXML::Document.parse_stream(data, parser)
|
||||
end
|
||||
|
||||
def report_import_note(wspace,addr)
|
||||
if @import_filedata.kind_of?(Hash) && @import_filedata[:type]
|
||||
report_note(
|
||||
:workspace => wspace,
|
||||
:host => addr,
|
||||
:type => 'host.imported',
|
||||
:data => @import_filedata.merge(:time=> Time.now.utc)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
# Import Nessus NBE files
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue