/// <summary> /// Retrieves Job shortname corresponding to ID. /// </summary> /// <param name="id">Job ID</param> /// <returns>Job shortname</returns> public static string GetJobShortname(JOB id) { return RunLinqQuery( string.Format("{0}/{1}", Constants.ResourceParser.RESOURCES_FOLDER, Constants.ResourceParser.JOB_FILE), "ClassJob", "Key", "Abbreviation_" + Constants.ResourceParser.RESOURCES_LANGUAGE, (byte) id); }
/* Choix de typage pour la var. policy * en string plutot que int car en fait il y a la possibilité de passer aussi des chaines de char : "aggressive"... */ public void Run(string target, int jobID, string policy, string strategy) { //TODO: Input Validation Utils.Helper_Trace("XORCISM PROVIDER W3AF", "Entering Run()"); Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Target = {0} , JobID = {1} , Policy = {2}", target, jobID, policy)); /* On initialise une var */ W3afParser w3afParser = null; /* Name of XML result */ string xml_file; xml_file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode()); try { w3afParser = new W3afParser(target, jobID, policy, strategy, xml_file); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Exception w3afParser = " + ex.Message + " " + ex.InnerException); } string status = XCommon.STATUS.FINISHED.ToString(); // ============================== // Have an instance of W3afScript // ============================== // Create the script w3af w3afParser.create_Script(); // ================================================= // Change the status of the job to FINISHED or ERROR // ================================================= if (w3afParser.Parse(xml_file) == false) { status = XCommon.STATUS.ERROR.ToString(); Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Updating job {0} status to ERROR", jobID)); XCommon.Utils.Helper_SendEmail("*****@*****.**", "W3af ERROR", "W3af ERROR for job:" + jobID); } else { Utils.Helper_Trace("XORCISM PROVIDER W3AF", string.Format("Updating job {0} status to FINISHED", jobID)); } try { XORCISMEntities model = new XORCISMEntities(); var Q = from j in model.JOB where j.JobID == jobID select j; JOB myJob = Q.FirstOrDefault(); myJob.Status = status; myJob.DateEnd = DateTimeOffset.Now; //image System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); myJob.XmlResult = encoding.GetBytes(m_data); model.SaveChanges(); //FREE MEMORY model.Dispose(); w3afParser = null; } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Exception UpdateJob = " + ex.Message + " " + ex.InnerException); } Utils.Helper_Trace("XORCISM PROVIDER W3AF", "JobID:" + jobID + "Leaving Run()"); }
public List <ScannableAsset> DiscoverHost(string target, HostStatus hostStatus, int jobid) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Entering DiscoverHost"); Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Target is '{0}'", target)); string outputXml = string.Empty; Assembly a; a = Assembly.GetCallingAssembly(); string program; program = Path.GetDirectoryName(a.Location) + @"\Nmap\nmap.exe"; //Hardcoded Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Using nmap at '{0}'", program)); string nmapfile; nmapfile = string.Format("nmap{0}_{1}", DateTime.Now.Ticks, this.GetHashCode()); Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Command line is [nmap {0}]", "--no-stylesheet -O -A -sC -P0 -oX " + nmapfile + ".xml " + target)); Process process; process = new Process(); process.StartInfo.UseShellExecute = true; try { process.StartInfo.FileName = program; //process.StartInfo.WorkingDirectory = Path.GetDirectoryName(a.Location) + @"\Nmap\"; process.StartInfo.Arguments = " --no-stylesheet -O -A -sC -P0 -oX " + nmapfile + ".xml " + target; //Hardcoded process.StartInfo.UseShellExecute = false; process.StartInfo.RedirectStandardOutput = true; process.StartInfo.RedirectStandardError = false; process.StartInfo.CreateNoWindow = true; // process.EnableRaisingEvents = true; // process.Exited += new EventHandler(Process_Exited); process.Start(); // Process.Start(vProgram,vIAnnotationLocal.Folder + vIAnnotationLocal.EntryPoint); } catch (Win32Exception vException) { if (vException.NativeErrorCode == ERROR_FILE_NOT_FOUND) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("ERROR_FILE_NOT_FOUND : Exception = {0}", vException.Message)); //return null; } else if (vException.NativeErrorCode == ERROR_ACCESS_DENIED) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("ERROR_ACCESS_DENIED : Exception = {0}", vException.Message)); //return null; } } Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Nmap is running")); XmlDocument doc; try { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Waiting for Nmap to finish")); process.WaitForExit(600000); //HARDCODED 1 hour } catch (Exception vException) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Exception = {0}", vException.Message)); //return null; } Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Nmap has finished"); StreamReader SR = process.StandardOutput; string strOutput = SR.ReadToEnd(); Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Output: " + strOutput)); if (strOutput.Contains("0 hosts up")) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "0 hosts up"); process.Close(); //return null; } if (strOutput.Contains("Windows does not support scanning your own machine")) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Windows does not support scanning your own machine"); process.Close(); //return null; } doc = new XmlDocument(); string m_data = string.Empty; try { //TODO: Input Validation (XML) //doc.Load(process.StandardOutput); doc.Load(nmapfile + ".xml"); m_data = doc.InnerXml; } catch (Exception vException) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Exception Load = {0}", vException.Message)); process.Close(); //return null; } process.Close(); //doc.Save("C:\\NmapResults.xml"); //Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("XML results have been saved to 'C:\\NmapResults.xml'")); List <ScannableAsset> tabNmapAsset; tabNmapAsset = new List <ScannableAsset>(); try { string xpath = string.Empty; if (hostStatus == HostStatus.Both) { //xpath = string.Format("/nmaprun/host/status[@state='up']"); xpath = "/nmaprun/host/status"; //Hardcoded } else if (hostStatus == HostStatus.Alive) { xpath = "/nmaprun/host/status[@state='up']"; } else { xpath = "/nmaprun/host/status[@state='down']"; } XmlNodeList nodes; nodes = doc.SelectNodes(xpath); foreach (XmlNode node in nodes) { ScannableAsset nmapAsset; nmapAsset = new ScannableAsset(); XmlNode nodeHost; nodeHost = node.ParentNode; // ==================== // Handle the addresses // ==================== Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handles the addresses"); XmlNodeList addressNodes; addressNodes = nodeHost.SelectNodes("address"); //Hardcoded foreach (XmlNode addressNode in addressNodes) { string addr = addressNode.Attributes["addr"].InnerText; ScannableAddress.ADDRESSTYPE addrtype = (ScannableAddress.ADDRESSTYPE)Enum.Parse(typeof(ScannableAddress.ADDRESSTYPE), addressNode.Attributes["addrtype"].InnerText); nmapAsset.Addresses.Add(new ScannableAddress() { Address = addr, AddressType = addrtype }); } //=== // Scripts //=== Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handles the scripts"); XmlNodeList ScriptsNodes; ScriptsNodes = nodeHost.SelectNodes("hostscript/script"); //Hardcoded string strTemp = string.Empty; string sambaversion = string.Empty; string sambaosversion = string.Empty; string macaddress = string.Empty; Regex myRegex = new Regex(""); foreach (XmlNode scriptNode in ScriptsNodes) { switch (scriptNode.Attributes["id"].InnerText) { case "nbstat": //<script id="nbstat" output="NetBIOS name: xmachine, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>"/> //<script id="nbstat" output="NetBIOS name: XORCISM-LXTE4KS, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:23:13:b9 (VMware)
"/> myRegex = new Regex("NetBIOS MAC: [^<>]*"); strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString(); if (strTemp != "") { if (strTemp.Contains("unknown")) { } else { strTemp = strTemp.Replace("NetBIOS MAC: ", ""); strTemp = strTemp.Replace("
", ""); //Console.WriteLine("strTemp=" + strTemp); macaddress = strTemp; Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("macaddress = {0}", macaddress)); } } break; case "smbv2-enabled": //<script id="smbv2-enabled" output="Server doesn't support SMBv2 protocol"/> //<script id="smbv2-enabled" output="Server doesn't support SMBv2 protocol"/> break; case "smb-os-discovery": //<script id="smb-os-discovery" output="
 OS: Unix (Samba 3.4.7)
 Name: Unknown\Unknown
 System time: 2011-04-14 15:14:49 UTC+2
"/> //<script id="smb-os-discovery" output=" 
 OS: Windows Server 2003 R2 3790 Service Pack 1 (Windows Server 2003 R2 5.2)
 Name: WORKGROUP\XORCISM-LXTE4KS
 System time: 2011-04-15 09:41:57 UTC+0
"/> myRegex = new Regex(Regex.Escape("(") + "Samba [^<>]*" + Regex.Escape(")")); strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString(); if (strTemp != "") { strTemp = strTemp.Replace("(", ""); strTemp = strTemp.Replace(")", ""); //Console.WriteLine("strTemp=" + strTemp); sambaversion = strTemp; } myRegex = new Regex("OS: Windows [^<>]*" + Regex.Escape(")")); strTemp = myRegex.Match(scriptNode.Attributes["output"].InnerText).ToString(); if (strTemp != "") { strTemp = strTemp.Replace("OS: ", ""); //Console.WriteLine("strTemp=" + strTemp); sambaosversion = strTemp; } break; default: break; } } // ================ // Handles the ports // ================ Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Handle the ports"); XmlNodeList portNodes; portNodes = nodeHost.SelectNodes("ports/port"); //Hardcoded foreach (XmlNode portNode in portNodes) { XProviderCommon.PROTOCOL protocol = (XProviderCommon.PROTOCOL)Enum.Parse(typeof(XProviderCommon.PROTOCOL), portNode.Attributes["protocol"].InnerText); int portid = Convert.ToInt32(portNode.Attributes["portid"].InnerText); string service = ""; XmlNode node1; node1 = portNode.SelectSingleNode("service/@name"); if (node1 != null) { service = node1.InnerText.ToUpper(); } string version = ""; node1 = portNode.SelectSingleNode("service/@product"); if (node1 != null) { version = node1.InnerText; } node1 = portNode.SelectSingleNode("service/@version"); if (node1 != null) { version = version + " " + node1.InnerText; } version = version.Trim(); //Check if we retrieved the exact version of the service with the scripts if (sambaversion != "" && version.Contains("Samba") && version.Contains(".X")) { version = sambaversion; } ScannablePort nmapPort; try { nmapPort = new ScannablePort() { Protocol = protocol, Port = portid, Service = service, Version = version }; nmapAsset.Ports.Add(nmapPort); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception ScannablePort = " + ex.Message + " " + ex.InnerException); //return null; } } //==== // OS //==== Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Looking at OSname"); XmlNodeList OsNodes; OsNodes = nodeHost.SelectNodes("os/osmatch"); //Hardcoded XmlNode nodeOs = OsNodes[0]; if (nodeOs != null) { string name = nodeOs.Attributes["name"].InnerText; int accuracy = Convert.ToInt32(nodeOs.Attributes["accuracy"].InnerText); nmapAsset.OS.OSName = name; if (sambaosversion != "") { nmapAsset.OS.OSName = sambaosversion; } nmapAsset.OS.Accuracy = accuracy; nmapAsset.OS.Description = ""; } tabNmapAsset.Add(nmapAsset); } } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception while parsing XML results = " + ex.Message + " " + ex.InnerException); //return null; } Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Number of assets found = " + tabNmapAsset.Count); try { Utils.Helper_Trace("XORCISM PROVIDER NMAP", string.Format("Updating job {0} status to FINISHED", jobid)); string status = XCommon.STATUS.FINISHED.ToString(); XORCISMEntities model = new XORCISMEntities(); var Q = from j in model.JOB where j.JobID == jobid select j; JOB myJob = Q.FirstOrDefault(); myJob.Status = status; myJob.DateEnd = DateTimeOffset.Now; //image System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); myJob.XmlResult = encoding.GetBytes(m_data); model.SaveChanges(); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Exception = " + ex.Message); return(null); } Utils.Helper_Trace("XORCISM PROVIDER NMAP", "Leaving DiscoverHost"); return(tabNmapAsset); }
public ST_EMPLOYEE_INFO(float st1, float st2, float st3, float st4, int money, string name, JOB myjob,int myfaceidx) { State1 = st1; State2 = st2; State3 = st3; State4 = st4; MaxState1 = st1; MaxState2 = st2; MaxState3 = st3; MaxState4 = st4; Money = money; Name = name; MyJob = myjob; MyFaceidx = myfaceidx; }
protected void bAdd_Click(object sender, EventArgs e) { //bAdd.Enabled = false; JOB J; int special = 0; try { lError.Text = ""; if (tbPlate.Text.Length < 6) { lError.Text = "Государственный номер автомобиля должен содержать минимум 6 знаков!"; bAdd.Enabled = true; return; } if ((chbManual.Checked) && (tbCar.Text == "")) { lError.Text = "Введите название автомобиля!"; bAdd.Enabled = true; return; } /*bool ISPrice = false; * foreach (ListItem c in chblPrice.Items) * { * if (c.Selected) * { * ISPrice = true; * break; * } * } * if (!ISPrice) * { * lError.Text = "Отметьте хотя бы одну услугу!"; * bAdd.Enabled = true; * * return; * }*/ int y = ddlEmployees.SelectedIndex; if (y == -1) { lError.Text = "Добавьте сотрудников в базу!"; bAdd.Enabled = true; return; } J = new JOB(); J.IDCLASS = int.Parse(ddlClass.SelectedValue); if (chbManual.Checked) { J.IDCAR = AddNewCar(tbCar.Text, J.IDCLASS); } else { J.IDCAR = int.Parse(ddlCar.SelectedValue); } J.IDEMP = int.Parse(ddlEmployees.SelectedValue); J.JOBDATE = DateTime.Now; J.LINE = int.Parse(ddlLine.SelectedValue); J.NPLATE = tbPlate.Text; J.IDPACKAGE = -1; if (ddlSpecial.Text == "НЕТ") { special = 0; } else { special = 1; } /*if (chbPlus_50.Checked) * { * J.PLUS_50 = true; * }*/ //пока не сохраняем. сохраним на шаге 2 //using (CWMEntities cwm = new CWMEntities(EnCon)) //{ // cwm.AddToJOB(J); // int i = cwm.SaveChanges(); //} } catch (Exception ex) { lError.Text = "Ошибка при добавлении задания! Попробуйте обновить страницу и попробовать еще раз. " + ex.Message;// +ex.InnerException.Message; bAdd.Enabled = true; return; } //ScriptManager.RegisterStartupScript(this.UpdatePanel1, GetType(), "success", @"alert('Работа успешно добавлена!');location = ""Default.aspx""", true); Session.Add("JOB", J); Session.Add("special", special); ScriptManager.RegisterStartupScript(this.UpdatePanel1, GetType(), "success", "location = 'AddJobStep2.aspx'", true); //Response.Redirect(@"~\default.aspx"); //bAdd.Enabled = true; }
public void parse() { Assembly a; a = Assembly.GetExecutingAssembly(); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Assembly location = " + a.Location); XmlDocument doc = new XmlDocument(); #region HackCenzic /* string filename; filename = @"C:\Cenzic_webscan.xml"; //Hardcoded doc.Load(filename); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("HackFile should be located at : " + filename)); */ #endregion // ============================================ // Parse the XML Document and populate the database // ============================================ string protocol = string.Empty; //int port = -1; string service = string.Empty; //bool PatchUpgrade = false; //string title; //string MSPatch = ""; //string Solution; m_data = m_data.Replace("Configurable format #", "Configurable"); //Hardcoded Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("m_data = {0}", m_data)); try { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Loading the XML document"); doc.LoadXml(m_data); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Exception = {0} / {1}", ex.Message, ex.InnerException == null ? "" : ex.InnerException.Message)); } XORCISMEntities model; model = new XORCISMEntities(); string query = "/AssessmentRunData/SmartAttacks/SmartAttacksData"; //Hardcoded XmlNodeList report; report = null; try { report = doc.SelectNodes(query); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error SelectNodes({0}) : Exception = {1}", query, ex.Message)); return; } //We should retrieve the target for an import string m_target = string.Empty; string patterntoken = "<Url>(.*?)</Url>"; MatchCollection matchesurl = Regex.Matches(m_data, patterntoken); foreach (Match match in matchesurl) { m_target = match.Value.Replace("<Url>", "").Replace("</Url>", ""); //Console.WriteLine(mytoken); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "target: " + m_target); } int myPort = 80; if (m_target.Contains("https://")) { myPort = 443; } //Check if we have a custom port, ex: http://10.20.30.40:8080/test string strTargetTest = m_target; strTargetTest = strTargetTest.Replace("http://", ""); strTargetTest = strTargetTest.Replace("https://", ""); try { if (strTargetTest.Contains(":")) { char[] splitter = { ':' }; string[] strSplit = strTargetTest.Split(splitter); strTargetTest = strSplit[1]; if (strTargetTest.Contains("/")) { strSplit = strTargetTest.Split(new Char[] { '/' }); strTargetTest = strSplit[0]; } try { myPort = Convert.ToInt32(strTargetTest); } catch (FormatException e) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", strTargetTest + " is not a sequence of digits."); } Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Custom Port:{0}", strTargetTest)); } else { if (strTargetTest.Contains("/")) { string[] strSplit = strTargetTest.Split(new Char[] { '/' }); strTargetTest = strSplit[0]; if (m_target.Contains("https://")) { m_target = "https://" + strTargetTest; } if (m_target.Contains("http://")) { m_target = "http://" + strTargetTest; } } } } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in strTargetTest : Exception = {0}", ex.Message)); } Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "the m_target=" + m_target); // =============================================== // If necessary, creates an asset in the database // =============================================== //TODO var myass = from ass in model.ASSET where ass.ipaddressIPv4 == m_target //&& ass.AccountID == m_AccountID select ass; ASSET asset = myass.FirstOrDefault(); if (asset == null) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creates a new entry in table ASSET for this IP"); asset = new ASSET(); //asset.AccountID = m_AccountID; asset.AssetName = m_target; asset.AssetDescription = m_target; asset.ipaddressIPv4 = m_target; asset.Enabled = true; //asset.JobID = m_jobId; model.ASSET.Add(asset); model.SaveChanges(); } else { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "This IP already corresponds to an existing asset"); } int m_assetId = asset.AssetID; int m_sessionId = (int)model.JOB.Single(x => x.JobID == m_jobId).SessionID; Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creating ASSETINSESSION reference"); ASSETSESSION assinsess = new ASSETSESSION(); assinsess.AssetID = asset.AssetID; assinsess.SessionID = m_sessionId; // model.JOB.Single(x => x.JobID == m_jobId).SessionID; model.ASSETSESSION.Add(assinsess); model.SaveChanges(); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Update JOB with ASSETINSESSIONID"); JOB daJob = model.JOB.Single(x => x.JobID == m_jobId); daJob.AssetSessionID = assinsess.AssetSessionID; model.SaveChanges(); VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint(); vulnerabilityEndPoint.IpAdress = m_target; vulnerabilityEndPoint.Protocol = "TCP"; // "http"; vulnerabilityEndPoint.Port = myPort; vulnerabilityEndPoint.Service = "WWW"; int myEndpointID = 0; var testEndpoint = from e in model.ENDPOINT where e.AssetID == m_assetId && e.SessionID == m_sessionId select e; if (testEndpoint.Count() == 0) { ENDPOINT newEndpoint = new ENDPOINT(); newEndpoint.AssetID = m_assetId; newEndpoint.SessionID = m_sessionId; newEndpoint.ProtocolName = "TCP"; // "http"; newEndpoint.PortNumber = myPort; newEndpoint.Service = "WWW"; model.ENDPOINT.Add(newEndpoint); model.SaveChanges(); myEndpointID = newEndpoint.EndPointID; } else { myEndpointID = testEndpoint.FirstOrDefault().EndPointID; } Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myEndpointID:{0}", myEndpointID)); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found {0} SmartAttacks to parse", report.Count)); foreach (XmlNode reportHost in report) { // ================================== // Handle every SmartAttacksData tag // ================================== string myInnerXml = string.Empty; string myTitle = string.Empty; string myDescription = string.Empty; string myConsequence = string.Empty; string myResult = string.Empty; string mySolution = string.Empty; string myCVE = string.Empty; MatchCollection myCVEs; string myPCI = string.Empty; string myMessage = string.Empty; foreach (XmlNode n in reportHost.ChildNodes) { //SmartAttackInfo //ReportItems XmlNodeList Childs = n.ChildNodes; Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 1")); try { if (n.Name == "SmartAttackInfo") { myInnerXml = n.OuterXml; myTitle = HelperGetChildInnerText(n, "SmartAttackName"); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found SmartAttackName:{0}", myTitle)); Regex myRegex = new Regex("PCI [0-9].[0-9].[0-9]"); myPCI = myRegex.Match(myTitle).ToString(); if (myPCI != "") { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "PCI=" + myPCI); } //Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myInnerXml:{0}", myInnerXml)); //Hardcoded myDescription = HelperGetChildInnerText(n, "Description"); myConsequence = HelperGetChildInnerText(n, "HowItWorks"); myResult = HelperGetChildInnerText(n, "Impact"); mySolution = HelperGetChildInnerText(n, "Remediation"); } } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in SmartAttackInfo : Exception = {0}", ex.Message)); } if (n.Name == "ReportItems") { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 2")); foreach (XmlNode x in n.ChildNodes) { //HARDCODED //ReportItem foreach (XmlNode ReportItem in x.ChildNodes) { myMessage = ""; if (ReportItem.Name == "ReportItemType") { //Pass if (ReportItem.InnerText == "Information") { try { //TODO /* Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Information")); INFORMATION newInformation = new INFORMATION(); //newInformation.InnerXml newInformation.Title = myTitle; newInformation.Description = myDescription; newInformation.Consequence = myConsequence; newInformation.Result = myResult; newInformation.Solution = mySolution; newInformation.Severity = HelperGetChildInnerText(x, "Severity"); newInformation.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore")); myMessage = HelperGetChildInnerText(x, "Message"); newInformation.Message = myMessage; //TODO A FAIRE //Matching avec les références //http://www.securityfocus.com/bid/43140/info //http://www.securityfocus.com/bid/43140/solution newInformation.Url = HelperGetChildInnerText(x, "Url"); newInformation.rawrequest = HelperGetChildInnerText(x, "HttpRequest"); newInformation.rawresponse = HelperGetChildInnerText(x, "HttpResponse"); if (myPCI != "") { newInformation.PCI_FLAG = true; } newInformation.JobID = m_jobId; newInformation.EndPointID = myEndpointID; model.AddToINFORMATION(newInformation); model.SaveChanges(); */ } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Information : Exception = {0}. {1}", ex.Message, ex.InnerException)); } } if (ReportItem.InnerText == "Warning") { try { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Warning")); VulnerabilityFound vulnerabilityFound = new VulnerabilityFound(); vulnerabilityFound.InnerXml = myInnerXml; vulnerabilityFound.Title = myTitle; Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle)); vulnerabilityFound.Description = myDescription; vulnerabilityFound.Consequence = myConsequence; vulnerabilityFound.Result = myResult; vulnerabilityFound.Solution = mySolution; if (myPCI != "") { vulnerabilityFound.PCI_FLAG = true; } //ReportItemCreateDate vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity"); //Low, Medium, High //Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("WARNING Severity:{0}", HelperGetChildInnerText(x, "Severity"))); vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore")); //Count myMessage=HelperGetChildInnerText(x, "Message"); //vulnerabilityFound.Message = myMessage; //not exact because same VULNERABILITY will have various Messages vulnerabilityFound.rawresponse = myMessage; //Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]"); Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})"); //TODO: Update this? //https://cve.mitre.org/cve/identifiers/tech-guidance.html /* myCVE = objNaturalPattern.Match(myMessage).ToString(); if (myCVE != "") { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE); } */ List<VulnerabilityFound.Item> l; l = new List<VulnerabilityFound.Item>(); myCVEs = myRegexCVE.Matches(myMessage); foreach (Match match in myCVEs) { foreach (Capture capture in match.Captures) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value)); VulnerabilityFound.Item item; item = new VulnerabilityFound.Item(); item.Value = capture.Value; item.ID = "cve"; l.Add(item); } } vulnerabilityFound.ListItem = l; vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url"); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url"))); vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest"); //vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse"); //StructuredData //*** Compliances? voir en bas //http://www.cenzic.com/downloads/Cenzic_CWE.pdf int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Warning : Exception = {0}. {1}", ex.Message, ex.InnerException)); } } if (ReportItem.InnerText == "Vulnerable") { try { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerable")); VulnerabilityFound vulnerabilityFound = new VulnerabilityFound(); vulnerabilityFound.InnerXml = myInnerXml; vulnerabilityFound.Title = myTitle; Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle)); vulnerabilityFound.Description = myDescription; vulnerabilityFound.Consequence = myConsequence; vulnerabilityFound.Result = myResult; vulnerabilityFound.Solution = mySolution; //ReportItemCreateDate vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity"); //Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("VULNERABLE Severity:{0}", HelperGetChildInnerText(x, "Severity"))); vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore")); //Count myMessage = HelperGetChildInnerText(x, "Message"); //vulnerabilityFound.Message = myMessage; vulnerabilityFound.rawresponse = myMessage; //Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]"); Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})"); //https://cve.mitre.org/cve/identifiers/tech-guidance.html /* myCVE = objNaturalPattern.Match(myMessage).ToString(); if (myCVE != "") { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE); } */ List<VulnerabilityFound.Item> l; l = new List<VulnerabilityFound.Item>(); myCVEs = myRegexCVE.Matches(myMessage); foreach (Match match in myCVEs) { foreach (Capture capture in match.Captures) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value)); VulnerabilityFound.Item item; item = new VulnerabilityFound.Item(); item.Value = capture.Value; item.ID = "cve"; l.Add(item); } } vulnerabilityFound.ListItem = l; vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url"); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url"))); vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest"); //vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse"); //StructuredData if (myPCI != "") { //TODO /* vulnerabilityFound.PCI_FLAG = true; int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model); List<int> myIds = new List<int>(); var id = from o in model.COMPLIANCECATEG where o.Title == myTitle && o.COMPLIANCE.Title == "PCIDSS" select o.ComplianceCategID; int Id = id.FirstOrDefault(); myIds.Add(Id); List<int> Compliances = new List<int>(); Compliances = myIds; Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerability persisted , VulnID = {0} & Compliance count = {1}", VulnID, Compliances.Count)); var V = from tmpVuln in model.VULNERABILITYFOUND where tmpVuln.VulnerabilityFoundID == VulnID select tmpVuln; VULNERABILITYFOUND VF = V.FirstOrDefault(); foreach (int i in Compliances) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Categorie Compliance => ", i)); var C = from Comp in model.COMPLIANCECATEG where Comp.ComplianceCategID == i select Comp; COMPLIANCECATEG myCompliance = new COMPLIANCECATEG(); myCompliance = C.FirstOrDefault(); VF.COMPLIANCECATEG.Add(myCompliance); model.SaveChanges(); Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Mapping Compliance-Vulnerability Added"); } */ } else { int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model); } } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in Vulnerable : Exception = {0}. {1}", ex.Message, ex.InnerException)); } } } } } } } } }