private bool OpenVASScanIsRunning(string openvasTaskID) { using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration["openvasHost"])) { using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) { XmlDocument taskInfo = openvasManager .GetTasks(openvasTaskID, true, false, false, string.Empty, string.Empty); foreach (XmlNode child in taskInfo.FirstChild.ChildNodes) { if (child.Name != "task") { continue; } foreach (XmlNode c in child.ChildNodes) { if (c.Name != "status") { continue; } if (c.InnerText == "Done") { return(false); } } } return(true); } } }
private XmlNode GetOpenVASReport(string id) { string report = string.Empty; using (OpenVASManagerSession session = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) { using (OpenVASObjectManager manager = new OpenVASObjectManager(session)) { report = manager.GetReportByID(id).OuterXml; } } XmlDocument doc = new XmlDocument(); doc.LoadXml(report); return(doc.LastChild); }
public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary <NMapHost, IList <IToolResults> > toolResults) { if (this.Configuration == null) { throw new Exception("Configuration not set"); } DateTime start = DateTime.Now; metasploitScan = null; nessusScan = null; nexposeScan = null; openvasScan = null; string openvasTaskID = string.Empty; string nessusScanID = string.Empty; string nexposeScanID = string.Empty; int uniqueNo = new Random().Next(); IList <NMapHost> hosts = this.ParentProfile.CurrentResults.Hosts; if (hosts.Count() == 0) { Console.WriteLine("ERROR: no hosts in the profile. Aborting."); toolResults = null; return; } csv = string.Empty; foreach (NMapHost host in hosts) { csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case } string openvasReportID = string.Empty; if (this.ScanOptions.IsOpenVASAssessment) { Console.WriteLine("Creating OpenVAS Scan..."); OpenVASTarget target = new OpenVASTarget(); target.Hosts = csv; target.Name = this.ParentProfile.Name + uniqueNo.ToString(); target.SMBCredentials = new OpenVASLSCCredential(); target.SSHCredentials = new OpenVASLSCCredential(); using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) { using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) { target = openvasManager.CreateTarget(target); OpenVASConfig config = openvasManager.GetAllConfigs() .Where(c => c.RemoteConfigID == new Guid(this.Configuration ["openvasConfig"])) .SingleOrDefault(); OpenVASTask task = new OpenVASTask(); task.Comment = string.Format("Task for scan {0}", this.Name); task.Target = target; task.Config = config; task = openvasManager.CreateTask(task); XmlDocument taskResponse = openvasManager.StartTask(task.RemoteTaskID.ToString()); if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith("20")) { throw new Exception("Creating OpenVAS scan failed: " + taskResponse.FirstChild.Attributes ["status_text"].Value ); } openvasReportID = taskResponse.FirstChild.FirstChild.InnerText; openvasTaskID = task.RemoteTaskID.ToString(); } Console.WriteLine("Done creating and starting OpenVAS scan."); } } if (this.ScanOptions.IsNessusAssessment) { Console.WriteLine("Creating Nessus scan..."); using (NessusManagerSession nessusSession = new NessusManagerSession(this.Configuration["nessusHost"])) { bool loggedIn = false; nessusSession.Authenticate(this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn); if (!loggedIn) { throw new Exception("Invalid username/password"); } using (NessusObjectManager nessusManager = new NessusObjectManager(nessusSession)) { var tmp = nessusManager.CreateAndStartScan(csv, -2, this.Name + uniqueNo.ToString()); string scanName = tmp.Name; nessusScanID = scanName; string reportID = string.Empty; foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes) { if (node.Name == "contents") { string tmpReportID = string.Empty; foreach (XmlNode child in node.FirstChild.ChildNodes) { foreach (XmlNode c in child.ChildNodes) { if (c.Name == "name") { tmpReportID = c.InnerText; } else if (c.Name == "readableName" && c.InnerText == scanName) { reportID = tmpReportID; } } } tmpReportID = string.Empty; } } } Console.WriteLine("Done creating and starting Nessus scan."); } } if (this.ScanOptions.IsNexposeAssessment) { Console.WriteLine("Creating NeXpose scan..."); int siteID = 0; if (this.ScanOptions.RemoteNexposeSiteID <= 0) { XmlDocument d = null; string id = "-1"; string template = "full-audit"; string name = this.Name + uniqueNo.ToString(); string description = "A site for the the profile " + this.ParentProfile.Name; string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">"; siteXml = siteXml + "<Hosts>"; foreach (string host in csv.Split(',')) { siteXml = siteXml + "<host>" + host + "</host>"; } siteXml = siteXml + "</Hosts>" + "<Credentials></Credentials>" + "<Alerting></Alerting>" + "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" + "</Site>"; XmlDocument doc = new XmlDocument(); doc.LoadXml(siteXml); using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.SaveOrUpdateSite(doc.FirstChild); d = response; } } siteID = int.Parse(d.FirstChild.Attributes ["site-id"].Value); this.ScanOptions.RemoteNexposeSiteID = siteID; } else { siteID = this.ScanOptions.RemoteNexposeSiteID; } using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.ScanSite(siteID.ToString()); nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value; } } Console.WriteLine("Done creating and starting NeXpose scan."); } Dictionary <NMapHost, IList <IToolResults> > results = new Dictionary <NMapHost, IList <IToolResults> > (); services = new List <string> (); foreach (var host in hosts) { foreach (Port port in (host as NMapHost).Ports) { services.Add(port.Service); } NMapHost threadHost = host as NMapHost; Console.WriteLine("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")"); results.Add(threadHost, ScanHost(threadHost, this.ScanOptions.SQLMapOptions, this.Configuration)); } toolResults = results; bool done = false; if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment) { while (!done) { if (!string.IsNullOrEmpty(openvasTaskID) && this.OpenVASScanIsRunning(openvasTaskID)) { Console.WriteLine("Waiting on OpenVAS scan " + openvasTaskID); Thread.Sleep(new TimeSpan(0, 0, 60)); continue; } if (!string.IsNullOrEmpty(nessusScanID) && this.NessusScanIsRunning(nessusScanID)) { Console.WriteLine("Waiting on Nessus scan " + nessusScanID); Thread.Sleep(new TimeSpan(0, 0, 60)); continue; } if (!string.IsNullOrEmpty(nexposeScanID) && this.NexposeScanIsRunning(nexposeScanID)) { Console.WriteLine("Waiting on NeXpose scan " + nexposeScanID); Thread.Sleep(new TimeSpan(0, 0, 60)); continue; } done = true; } Dictionary <VulnerabilityScanType, string> scans = new Dictionary <VulnerabilityScanType, string> (); if (!string.IsNullOrEmpty(openvasReportID)) { scans.Add(VulnerabilityScanType.OpenVAS, openvasReportID); } if (!string.IsNullOrEmpty(nexposeScanID)) { scans.Add(VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString()); } if (!string.IsNullOrEmpty(nessusScanID)) { scans.Add(VulnerabilityScanType.Nessus, nessusScanID); } Dictionary <VulnerabilityScanType, XmlNode> reports = this.GetReports(scans); foreach (var report in reports) { if (report.Key == VulnerabilityScanType.Nessus) { nessusScan = new NessusScan(report.Value); } else if (report.Key == VulnerabilityScanType.Nexpose) { nexposeScan = new NexposeScan(report.Value); } else if (report.Key == VulnerabilityScanType.OpenVAS) { openvasScan = new OpenVASScan(report.Value); } else { throw new Exception("Don't know this scan type"); } } if (this.ScanOptions.IsMetasploitAssessment) { string workspace = Guid.NewGuid().ToString(); this.CreateNewMetasploitWorkspace(workspace); this.ImportScansIntoMetasploitPro(reports, workspace); string proTaskID = this.BeginMetasploitProAssessment(workspace, csv, false); while (this.MetasploitProAssessmentIsRunning(proTaskID)) { Console.WriteLine("Waiting on exploit assessment from metasploit: task " + proTaskID); System.Threading.Thread.Sleep(new TimeSpan(0, 0, 30)); } metasploitScan = new MetasploitScan(this.GetMetasploitProReport(workspace)); } } TimeSpan duration = DateTime.Now - start; this.Duration = duration.TotalSeconds.ToString(); this.HasRun = true; }