/// <summary>
/// Retrieves Job shortname corresponding to ID.
/// </summary>
/// <param name="id">Job ID</param>
/// <returns>Job shortname</returns>
public static string GetJobShortname(JOB id)
{
return
RunLinqQuery(
string.Format("{0}/{1}", Constants.ResourceParser.RESOURCES_FOLDER,
Constants.ResourceParser.JOB_FILE), "ClassJob", "Key",
"Abbreviation_" + Constants.ResourceParser.RESOURCES_LANGUAGE, (byte) id);
}
/* Choix de typage pour la var. policy
* en string plutot que int car en fait il y a la possibilité de passer aussi des chaines de char : "aggressive"...
*/
public void Run(string target, int jobID, string policy, string strategy)
{
//TODO: Input Validation
Utils.Helper_Trace("XORCISM PROVIDER W3AF", "Entering Run()");
Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Target = {0} , JobID = {1} , Policy = {2}", target, jobID, policy));
/* On initialise une var */
W3afParser w3afParser = null;
/* Name of XML result */
string xml_file;
xml_file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode());
try
{
w3afParser = new W3afParser(target, jobID, policy, strategy, xml_file);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Exception w3afParser = " + ex.Message + " " + ex.InnerException);
}
string status = XCommon.STATUS.FINISHED.ToString();
// ==============================
// Have an instance of W3afScript
// ==============================
// Create the script w3af
w3afParser.create_Script();
// =================================================
// Change the status of the job to FINISHED or ERROR
// =================================================
if (w3afParser.Parse(xml_file) == false)
{
status = XCommon.STATUS.ERROR.ToString();
Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Updating job {0} status to ERROR", jobID));
XCommon.Utils.Helper_SendEmail("*****@*****.**", "W3af ERROR", "W3af ERROR for job:" + jobID);
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Updating job {0} status to FINISHED", jobID));
}
try
{
XORCISMEntities model = new XORCISMEntities();
var Q = from j in model.JOB
where j.JobID == jobID
select j;
JOB myJob = Q.FirstOrDefault();
myJob.Status = status;
myJob.DateEnd = DateTimeOffset.Now;
//image
System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
myJob.XmlResult = encoding.GetBytes(m_data);
model.SaveChanges();
//FREE MEMORY
model.Dispose();
w3afParser = null;
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Exception UpdateJob = " + ex.Message + " " + ex.InnerException);
}
Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Leaving Run()");
}
public List <ScannableAsset> DiscoverHost(string target, HostStatus hostStatus, int jobid)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Entering DiscoverHost");
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Target is '{0}'", target));
string outputXml = string.Empty;
Assembly a;
a = Assembly.GetCallingAssembly();
string program;
program = Path.GetDirectoryName(a.Location) + @"\Nmap\nmap.exe"; //Hardcoded
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Using nmap at '{0}'", program));
string nmapfile;
nmapfile = string.Format("nmap{0}_{1}", DateTime.Now.Ticks, this.GetHashCode());
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Command line is [nmap {0}]", "--no-stylesheet -O -A -sC -P0 -oX " + nmapfile + ".xml " + target));
Process process;
process = new Process();
process.StartInfo.UseShellExecute = true;
try
{
process.StartInfo.FileName = program;
//process.StartInfo.WorkingDirectory = Path.GetDirectoryName(a.Location) + @"\Nmap\";
process.StartInfo.Arguments = " --no-stylesheet -O -A -sC -P0 -oX " + nmapfile + ".xml " + target; //Hardcoded
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.StartInfo.RedirectStandardError = false;
process.StartInfo.CreateNoWindow = true;
// process.EnableRaisingEvents = true;
// process.Exited += new EventHandler(Process_Exited);
process.Start();
// Process.Start(vProgram,vIAnnotationLocal.Folder + vIAnnotationLocal.EntryPoint);
}
catch (Win32Exception vException)
{
if (vException.NativeErrorCode == ERROR_FILE_NOT_FOUND)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("ERROR_FILE_NOT_FOUND : Exception = {0}", vException.Message));
//return null;
}
else if (vException.NativeErrorCode == ERROR_ACCESS_DENIED)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("ERROR_ACCESS_DENIED : Exception = {0}", vException.Message));
//return null;
}
}
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Nmap is running"));
XmlDocument doc;
try
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Waiting for Nmap to finish"));
process.WaitForExit(600000); //HARDCODED 1 hour
}
catch (Exception vException)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Exception = {0}", vException.Message));
//return null;
}
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Nmap has finished");
StreamReader SR = process.StandardOutput;
string strOutput = SR.ReadToEnd();
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Output: " + strOutput));
if (strOutput.Contains("0 hosts up"))
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "0 hosts up");
process.Close();
//return null;
}
if (strOutput.Contains("Windows does not support scanning your own machine"))
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Windows does not support scanning your own machine");
process.Close();
//return null;
}
doc = new XmlDocument();
string m_data = string.Empty;
try
{
//TODO: Input Validation (XML)
//doc.Load(process.StandardOutput);
doc.Load(nmapfile + ".xml");
m_data = doc.InnerXml;
}
catch (Exception vException)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Exception Load = {0}", vException.Message));
process.Close();
//return null;
}
process.Close();
//doc.Save("C:\\NmapResults.xml");
//Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("XML results have been saved to 'C:\\NmapResults.xml'"));
List <ScannableAsset> tabNmapAsset;
tabNmapAsset = new List <ScannableAsset>();
try
{
string xpath = string.Empty;
if (hostStatus == HostStatus.Both)
{
//xpath = string.Format("/nmaprun/host/status[@state='up']");
xpath = "/nmaprun/host/status"; //Hardcoded
}
else if (hostStatus == HostStatus.Alive)
{
xpath = "/nmaprun/host/status[@state='up']";
}
else
{
xpath = "/nmaprun/host/status[@state='down']";
}
XmlNodeList nodes;
nodes = doc.SelectNodes(xpath);
foreach (XmlNode node in nodes)
{
ScannableAsset nmapAsset;
nmapAsset = new ScannableAsset();
XmlNode nodeHost;
nodeHost = node.ParentNode;
// ====================
// Handle the addresses
// ====================
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handles the addresses");
XmlNodeList addressNodes;
addressNodes = nodeHost.SelectNodes("address"); //Hardcoded
foreach (XmlNode addressNode in addressNodes)
{
string addr = addressNode.Attributes["addr"].InnerText;
ScannableAddress.ADDRESSTYPE addrtype = (ScannableAddress.ADDRESSTYPE)Enum.Parse(typeof(ScannableAddress.ADDRESSTYPE), addressNode.Attributes["addrtype"].InnerText);
nmapAsset.Addresses.Add(new ScannableAddress()
{
Address = addr, AddressType = addrtype
});
}
//===
// Scripts
//===
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handles the scripts");
XmlNodeList ScriptsNodes;
ScriptsNodes = nodeHost.SelectNodes("hostscript/script"); //Hardcoded
string strTemp = string.Empty;
string sambaversion = string.Empty;
string sambaosversion = string.Empty;
string macaddress = string.Empty;
Regex myRegex = new Regex("");
foreach (XmlNode scriptNode in ScriptsNodes)
{
switch (scriptNode.Attributes["id"].InnerText)
{
case "nbstat":
//<script id="nbstat" output="NetBIOS name: xmachine, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>"/>
//<script id="nbstat" output="NetBIOS name: XORCISM-LXTE4KS, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:23:13:b9 (VMware)
"/>
myRegex = new Regex("NetBIOS MAC: [^<>]*");
strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString();
if (strTemp != "")
{
if (strTemp.Contains("unknown"))
{
}
else
{
strTemp = strTemp.Replace("NetBIOS MAC: ", "");
strTemp = strTemp.Replace("
", "");
//Console.WriteLine("strTemp=" + strTemp);
macaddress = strTemp;
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("macaddress = {0}", macaddress));
}
}
break;
case "smbv2-enabled":
//<script id="smbv2-enabled" output="Server doesn't support SMBv2 protocol"/>
//<script id="smbv2-enabled" output="Server doesn't support SMBv2 protocol"/>
break;
case "smb-os-discovery":
//<script id="smb-os-discovery" output="
 OS: Unix (Samba 3.4.7)
 Name: Unknown\Unknown
 System time: 2011-04-14 15:14:49 UTC+2
"/>
//<script id="smb-os-discovery" output=" 
 OS: Windows Server 2003 R2 3790 Service Pack 1 (Windows Server 2003 R2 5.2)
 Name: WORKGROUP\XORCISM-LXTE4KS
 System time: 2011-04-15 09:41:57 UTC+0
"/>
myRegex = new Regex(Regex.Escape("(") + "Samba [^<>]*" + Regex.Escape(")"));
strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString();
if (strTemp != "")
{
strTemp = strTemp.Replace("(", "");
strTemp = strTemp.Replace(")", "");
//Console.WriteLine("strTemp=" + strTemp);
sambaversion = strTemp;
}
myRegex = new Regex("OS: Windows [^<>]*" + Regex.Escape(")"));
strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString();
if (strTemp != "")
{
strTemp = strTemp.Replace("OS: ", "");
//Console.WriteLine("strTemp=" + strTemp);
sambaosversion = strTemp;
}
break;
default:
break;
}
}
// ================
// Handles the ports
// ================
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handle the ports");
XmlNodeList portNodes;
portNodes = nodeHost.SelectNodes("ports/port"); //Hardcoded
foreach (XmlNode portNode in portNodes)
{
XProviderCommon.PROTOCOL protocol = (XProviderCommon.PROTOCOL)Enum.Parse(typeof(XProviderCommon.PROTOCOL), portNode.Attributes["protocol"].InnerText);
int portid = Convert.ToInt32(portNode.Attributes["portid"].InnerText);
string service = "";
XmlNode node1;
node1 = portNode.SelectSingleNode("service/@name");
if (node1 != null)
{
service = node1.InnerText.ToUpper();
}
string version = "";
node1 = portNode.SelectSingleNode("service/@product");
if (node1 != null)
{
version = node1.InnerText;
}
node1 = portNode.SelectSingleNode("service/@version");
if (node1 != null)
{
version = version + " " + node1.InnerText;
}
version = version.Trim();
//Check if we retrieved the exact version of the service with the scripts
if (sambaversion != "" && version.Contains("Samba") && version.Contains(".X"))
{
version = sambaversion;
}
ScannablePort nmapPort;
try
{
nmapPort = new ScannablePort()
{
Protocol = protocol, Port = portid, Service = service, Version = version
};
nmapAsset.Ports.Add(nmapPort);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception ScannablePort = " + ex.Message + " " + ex.InnerException);
//return null;
}
}
//====
// OS
//====
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Looking at OSname");
XmlNodeList OsNodes;
OsNodes = nodeHost.SelectNodes("os/osmatch"); //Hardcoded
XmlNode nodeOs = OsNodes[0];
if (nodeOs != null)
{
string name = nodeOs.Attributes["name"].InnerText;
int accuracy = Convert.ToInt32(nodeOs.Attributes["accuracy"].InnerText);
nmapAsset.OS.OSName = name;
if (sambaosversion != "")
{
nmapAsset.OS.OSName = sambaosversion;
}
nmapAsset.OS.Accuracy = accuracy;
nmapAsset.OS.Description = "";
}
tabNmapAsset.Add(nmapAsset);
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception while parsing XML results = " + ex.Message + " " + ex.InnerException);
//return null;
}
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Number of assets found = " + tabNmapAsset.Count);
try
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Updating job {0} status to FINISHED", jobid));
string status = XCommon.STATUS.FINISHED.ToString();
XORCISMEntities model = new XORCISMEntities();
var Q = from j in model.JOB
where j.JobID == jobid
select j;
JOB myJob = Q.FirstOrDefault();
myJob.Status = status;
myJob.DateEnd = DateTimeOffset.Now;
//image
System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
myJob.XmlResult = encoding.GetBytes(m_data);
model.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception = " + ex.Message);
return(null);
}
Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Leaving DiscoverHost");
return(tabNmapAsset);
}
public ST_EMPLOYEE_INFO(float st1, float st2, float st3, float st4, int money, string name, JOB myjob,int myfaceidx)
{
State1 = st1;
State2 = st2;
State3 = st3;
State4 = st4;
MaxState1 = st1;
MaxState2 = st2;
MaxState3 = st3;
MaxState4 = st4;
Money = money;
Name = name;
MyJob = myjob;
MyFaceidx = myfaceidx;
}
protected void bAdd_Click(object sender, EventArgs e)
{
//bAdd.Enabled = false;
JOB J;
int special = 0;
try
{
lError.Text = "";
if (tbPlate.Text.Length < 6)
{
lError.Text = "Государственный номер автомобиля должен содержать минимум 6 знаков!";
bAdd.Enabled = true;
return;
}
if ((chbManual.Checked) && (tbCar.Text == ""))
{
lError.Text = "Введите название автомобиля!";
bAdd.Enabled = true;
return;
}
/*bool ISPrice = false;
* foreach (ListItem c in chblPrice.Items)
* {
* if (c.Selected)
* {
* ISPrice = true;
* break;
* }
* }
* if (!ISPrice)
* {
* lError.Text = "Отметьте хотя бы одну услугу!";
* bAdd.Enabled = true;
*
* return;
* }*/
int y = ddlEmployees.SelectedIndex;
if (y == -1)
{
lError.Text = "Добавьте сотрудников в базу!";
bAdd.Enabled = true;
return;
}
J = new JOB();
J.IDCLASS = int.Parse(ddlClass.SelectedValue);
if (chbManual.Checked)
{
J.IDCAR = AddNewCar(tbCar.Text, J.IDCLASS);
}
else
{
J.IDCAR = int.Parse(ddlCar.SelectedValue);
}
J.IDEMP = int.Parse(ddlEmployees.SelectedValue);
J.JOBDATE = DateTime.Now;
J.LINE = int.Parse(ddlLine.SelectedValue);
J.NPLATE = tbPlate.Text;
J.IDPACKAGE = -1;
if (ddlSpecial.Text == "НЕТ")
{
special = 0;
}
else
{
special = 1;
}
/*if (chbPlus_50.Checked)
* {
* J.PLUS_50 = true;
* }*/
//пока не сохраняем. сохраним на шаге 2
//using (CWMEntities cwm = new CWMEntities(EnCon))
//{
// cwm.AddToJOB(J);
// int i = cwm.SaveChanges();
//}
}
catch (Exception ex)
{
lError.Text = "Ошибка при добавлении задания! Попробуйте обновить страницу и попробовать еще раз. " + ex.Message;// +ex.InnerException.Message;
bAdd.Enabled = true;
return;
}
//ScriptManager.RegisterStartupScript(this.UpdatePanel1, GetType(), "success", @"alert('Работа успешно добавлена!');location = ""Default.aspx""", true);
Session.Add("JOB", J);
Session.Add("special", special);
ScriptManager.RegisterStartupScript(this.UpdatePanel1, GetType(), "success", "location = 'AddJobStep2.aspx'", true);
//Response.Redirect(@"~\default.aspx");
//bAdd.Enabled = true;
}
public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Assembly location = " + a.Location);
XmlDocument doc = new XmlDocument();
#region HackCenzic
/*
string filename;
filename = @"C:\Cenzic_webscan.xml"; //Hardcoded
doc.Load(filename);
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("HackFile should be located at : " + filename));
*/
#endregion
// ============================================
// Parse the XML Document and populate the database
// ============================================
string protocol = string.Empty;
//int port = -1;
string service = string.Empty;
//bool PatchUpgrade = false;
//string title;
//string MSPatch = "";
//string Solution;
m_data = m_data.Replace("Configurable format #", "Configurable"); //Hardcoded
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("m_data = {0}", m_data));
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Loading the XML document");
doc.LoadXml(m_data);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Exception = {0} / {1}", ex.Message, ex.InnerException == null ? "" : ex.InnerException.Message));
}
XORCISMEntities model;
model = new XORCISMEntities();
string query = "/AssessmentRunData/SmartAttacks/SmartAttacksData"; //Hardcoded
XmlNodeList report;
report = null;
try
{
report = doc.SelectNodes(query);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error SelectNodes({0}) : Exception = {1}", query, ex.Message));
return;
}
//We should retrieve the target for an import
string m_target = string.Empty;
string patterntoken = "<Url>(.*?)</Url>";
MatchCollection matchesurl = Regex.Matches(m_data, patterntoken);
foreach (Match match in matchesurl)
{
m_target = match.Value.Replace("<Url>", "").Replace("</Url>", "");
//Console.WriteLine(mytoken);
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "target: " + m_target);
}
int myPort = 80;
if (m_target.Contains("https://"))
{
myPort = 443;
}
//Check if we have a custom port, ex: http://10.20.30.40:8080/test
string strTargetTest = m_target;
strTargetTest = strTargetTest.Replace("http://", "");
strTargetTest = strTargetTest.Replace("https://", "");
try
{
if (strTargetTest.Contains(":"))
{
char[] splitter = { ':' };
string[] strSplit = strTargetTest.Split(splitter);
strTargetTest = strSplit[1];
if (strTargetTest.Contains("/"))
{
strSplit = strTargetTest.Split(new Char[] { '/' });
strTargetTest = strSplit[0];
}
try
{
myPort = Convert.ToInt32(strTargetTest);
}
catch (FormatException e)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", strTargetTest + " is not a sequence of digits.");
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Custom Port:{0}", strTargetTest));
}
else
{
if (strTargetTest.Contains("/"))
{
string[] strSplit = strTargetTest.Split(new Char[] { '/' });
strTargetTest = strSplit[0];
if (m_target.Contains("https://"))
{
m_target = "https://" + strTargetTest;
}
if (m_target.Contains("http://"))
{
m_target = "http://" + strTargetTest;
}
}
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in strTargetTest : Exception = {0}", ex.Message));
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "the m_target=" + m_target);
// ===============================================
// If necessary, creates an asset in the database
// ===============================================
//TODO
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == m_target //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = m_target;
asset.AssetDescription = m_target;
asset.ipaddressIPv4 = m_target;
asset.Enabled = true;
//asset.JobID = m_jobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "This IP already corresponds to an existing asset");
}
int m_assetId = asset.AssetID;
int m_sessionId = (int)model.JOB.Single(x => x.JobID == m_jobId).SessionID;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = m_sessionId; // model.JOB.Single(x => x.JobID == m_jobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_jobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = m_target;
vulnerabilityEndPoint.Protocol = "TCP"; // "http";
vulnerabilityEndPoint.Port = myPort;
vulnerabilityEndPoint.Service = "WWW";
int myEndpointID = 0;
var testEndpoint = from e in model.ENDPOINT
where e.AssetID == m_assetId && e.SessionID == m_sessionId
select e;
if (testEndpoint.Count() == 0)
{
ENDPOINT newEndpoint = new ENDPOINT();
newEndpoint.AssetID = m_assetId;
newEndpoint.SessionID = m_sessionId;
newEndpoint.ProtocolName = "TCP"; // "http";
newEndpoint.PortNumber = myPort;
newEndpoint.Service = "WWW";
model.ENDPOINT.Add(newEndpoint);
model.SaveChanges();
myEndpointID = newEndpoint.EndPointID;
}
else
{
myEndpointID = testEndpoint.FirstOrDefault().EndPointID;
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myEndpointID:{0}", myEndpointID));
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found {0} SmartAttacks to parse", report.Count));
foreach (XmlNode reportHost in report)
{
// ==================================
// Handle every SmartAttacksData tag
// ==================================
string myInnerXml = string.Empty;
string myTitle = string.Empty;
string myDescription = string.Empty;
string myConsequence = string.Empty;
string myResult = string.Empty;
string mySolution = string.Empty;
string myCVE = string.Empty;
MatchCollection myCVEs;
string myPCI = string.Empty;
string myMessage = string.Empty;
foreach (XmlNode n in reportHost.ChildNodes)
{
//SmartAttackInfo
//ReportItems
XmlNodeList Childs = n.ChildNodes;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 1"));
try
{
if (n.Name == "SmartAttackInfo")
{
myInnerXml = n.OuterXml;
myTitle = HelperGetChildInnerText(n, "SmartAttackName");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found SmartAttackName:{0}", myTitle));
Regex myRegex = new Regex("PCI [0-9].[0-9].[0-9]");
myPCI = myRegex.Match(myTitle).ToString();
if (myPCI != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "PCI=" + myPCI);
}
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myInnerXml:{0}", myInnerXml));
//Hardcoded
myDescription = HelperGetChildInnerText(n, "Description");
myConsequence = HelperGetChildInnerText(n, "HowItWorks");
myResult = HelperGetChildInnerText(n, "Impact");
mySolution = HelperGetChildInnerText(n, "Remediation");
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in SmartAttackInfo : Exception = {0}", ex.Message));
}
if (n.Name == "ReportItems")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 2"));
foreach (XmlNode x in n.ChildNodes)
{
//HARDCODED
//ReportItem
foreach (XmlNode ReportItem in x.ChildNodes)
{
myMessage = "";
if (ReportItem.Name == "ReportItemType")
{
//Pass
if (ReportItem.InnerText == "Information")
{
try
{
//TODO
/*
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Information"));
INFORMATION newInformation = new INFORMATION();
//newInformation.InnerXml
newInformation.Title = myTitle;
newInformation.Description = myDescription;
newInformation.Consequence = myConsequence;
newInformation.Result = myResult;
newInformation.Solution = mySolution;
newInformation.Severity = HelperGetChildInnerText(x, "Severity");
newInformation.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
myMessage = HelperGetChildInnerText(x, "Message");
newInformation.Message = myMessage;
//TODO A FAIRE
//Matching avec les références
//http://www.securityfocus.com/bid/43140/info
//http://www.securityfocus.com/bid/43140/solution
newInformation.Url = HelperGetChildInnerText(x, "Url");
newInformation.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
newInformation.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
if (myPCI != "")
{
newInformation.PCI_FLAG = true;
}
newInformation.JobID = m_jobId;
newInformation.EndPointID = myEndpointID;
model.AddToINFORMATION(newInformation);
model.SaveChanges();
*/
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Information : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
if (ReportItem.InnerText == "Warning")
{
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Warning"));
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
vulnerabilityFound.InnerXml = myInnerXml;
vulnerabilityFound.Title = myTitle;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle));
vulnerabilityFound.Description = myDescription;
vulnerabilityFound.Consequence = myConsequence;
vulnerabilityFound.Result = myResult;
vulnerabilityFound.Solution = mySolution;
if (myPCI != "")
{
vulnerabilityFound.PCI_FLAG = true;
}
//ReportItemCreateDate
vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity");
//Low, Medium, High
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("WARNING Severity:{0}", HelperGetChildInnerText(x, "Severity")));
vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
//Count
myMessage=HelperGetChildInnerText(x, "Message");
//vulnerabilityFound.Message = myMessage; //not exact because same VULNERABILITY will have various Messages
vulnerabilityFound.rawresponse = myMessage;
//Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]");
Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})"); //TODO: Update this?
//https://cve.mitre.org/cve/identifiers/tech-guidance.html
/*
myCVE = objNaturalPattern.Match(myMessage).ToString();
if (myCVE != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE);
}
*/
List<VulnerabilityFound.Item> l;
l = new List<VulnerabilityFound.Item>();
myCVEs = myRegexCVE.Matches(myMessage);
foreach (Match match in myCVEs)
{
foreach (Capture capture in match.Captures)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value));
VulnerabilityFound.Item item;
item = new VulnerabilityFound.Item();
item.Value = capture.Value;
item.ID = "cve";
l.Add(item);
}
}
vulnerabilityFound.ListItem = l;
vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url")));
vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
//vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
//StructuredData
//*** Compliances? voir en bas
//http://www.cenzic.com/downloads/Cenzic_CWE.pdf
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Warning : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
if (ReportItem.InnerText == "Vulnerable")
{
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerable"));
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
vulnerabilityFound.InnerXml = myInnerXml;
vulnerabilityFound.Title = myTitle;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle));
vulnerabilityFound.Description = myDescription;
vulnerabilityFound.Consequence = myConsequence;
vulnerabilityFound.Result = myResult;
vulnerabilityFound.Solution = mySolution;
//ReportItemCreateDate
vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity");
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("VULNERABLE Severity:{0}", HelperGetChildInnerText(x, "Severity")));
vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
//Count
myMessage = HelperGetChildInnerText(x, "Message");
//vulnerabilityFound.Message = myMessage;
vulnerabilityFound.rawresponse = myMessage;
//Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]");
Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})");
//https://cve.mitre.org/cve/identifiers/tech-guidance.html
/*
myCVE = objNaturalPattern.Match(myMessage).ToString();
if (myCVE != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE);
}
*/
List<VulnerabilityFound.Item> l;
l = new List<VulnerabilityFound.Item>();
myCVEs = myRegexCVE.Matches(myMessage);
foreach (Match match in myCVEs)
{
foreach (Capture capture in match.Captures)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value));
VulnerabilityFound.Item item;
item = new VulnerabilityFound.Item();
item.Value = capture.Value;
item.ID = "cve";
l.Add(item);
}
}
vulnerabilityFound.ListItem = l;
vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url")));
vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
//vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
//StructuredData
if (myPCI != "")
{
//TODO
/*
vulnerabilityFound.PCI_FLAG = true;
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
List<int> myIds = new List<int>();
var id = from o in model.COMPLIANCECATEG
where o.Title == myTitle &&
o.COMPLIANCE.Title == "PCIDSS"
select o.ComplianceCategID;
int Id = id.FirstOrDefault();
myIds.Add(Id);
List<int> Compliances = new List<int>();
Compliances = myIds;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerability persisted , VulnID = {0} & Compliance count = {1}", VulnID, Compliances.Count));
var V = from tmpVuln in model.VULNERABILITYFOUND
where tmpVuln.VulnerabilityFoundID == VulnID
select tmpVuln;
VULNERABILITYFOUND VF = V.FirstOrDefault();
foreach (int i in Compliances)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Categorie Compliance => ", i));
var C = from Comp in model.COMPLIANCECATEG
where Comp.ComplianceCategID == i
select Comp;
COMPLIANCECATEG myCompliance = new COMPLIANCECATEG();
myCompliance = C.FirstOrDefault();
VF.COMPLIANCECATEG.Add(myCompliance);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Mapping Compliance-Vulnerability Added");
}
*/
}
else
{
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in Vulnerable : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
}
}
}
}
}
}
}
