public static void Main(string[] args)
{
string conn = "Server=192.168.1.5;";
conn += "Port=5433;";
conn += "Database=rising_sun;";
conn += "User Id=postgres;";
conn += "Password=password;";
conn += "SSL=true;";
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82
.ConnectionString (conn);
ISessionFactory factory = Fluently.Configure ()
.Database (config)
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentMetasploitScan> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentOpenVASNVT> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentNessusScan> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentNexposeScan> ())
.BuildSessionFactory ();
string msf = "/home/bperry/tmp/metasploit.xml";
string ovas = "/home/bperry/tmp/openvas.xml";
string nx = "/home/bperry/tmp/nexpose.xml";
string nss = "/home/bperry/tmp/nessus.xml";
XmlDocument doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(ovas));
OpenVASScan ovasScan = new OpenVASScan(doc.FirstChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(nx));
NexposeScan nxScan = new NexposeScan(doc.FirstChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(nss));
NessusScan nssScan = new NessusScan(doc.LastChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(msf));
MetasploitScan msfScan = new MetasploitScan(doc.LastChild);
PersistentMetasploitScan pmsfScan = new PersistentMetasploitScan(msfScan);
pmsfScan.SetCreationInfo(Guid.Empty, true);
PersistentNessusScan pnssScan = new PersistentNessusScan(nssScan);
pnssScan.SetCreationInfo(Guid.Empty, true);
PersistentOpenVASScan povasScan = new PersistentOpenVASScan(ovasScan);
povasScan.SetCreationInfo(Guid.Empty, true);
PersistentNexposeScan pnxScan = new PersistentNexposeScan(nxScan);
pnxScan.SetCreationInfo(Guid.Empty, true);
using(ISession session = factory.OpenSession())
{
using (ITransaction x = session.BeginTransaction())
{
try
{
pmsfScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving metasploit");
session.Save(pmsfScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
pnssScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving nessus");
session.Save(pnssScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
povasScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving openvas");
session.Save(povasScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
pnxScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving nexpose");
session.Save(pnxScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
}
Console.WriteLine("yay?");
}
public static void Main()
{
string conn = "Server=" + ConfigurationManager.AppSettings ["PostgreSQL"] + ";";
conn += "Port=" + ConfigurationManager.AppSettings ["PostgreSQLPort"] + ";";
conn += "Database=rising_sun;";
conn += "User Id=" + ConfigurationManager.AppSettings ["PostgreSQLUser"] + ";";
conn += "Password="******"PostgreSQLPass"] + ";";
conn += "SSL=true;";
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82
.ConnectionString (conn);
ISessionFactory factory = Fluently.Configure ()
.Database (config)
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentProfile> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentOpenVASNVT> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentNessusScan> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentNexposeScan> ())
.Mappings (m =>
m.FluentMappings.AddFromAssemblyOf<PersistentMetasploitScan> ())
.BuildSessionFactory ();
Dictionary<string, string> conf = null;
IList<PersistentProfile > profilesToRun;
using (ISession session = factory.OpenSession())
using (ITransaction trans = session.BeginTransaction()) {
profilesToRun = session.CreateCriteria<PersistentProfile> ()
.Add (Restrictions.Eq ("HasRun", false))
.Add (Restrictions.Eq ("IsActive", true))
.List<PersistentProfile> ();
foreach (PersistentProfile profile in profilesToRun) {
if (profile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in profile.VirtualMachines)
manager.StartVirtualMachine(vm);
}
Console.WriteLine("Letting vm's settle...waiting a bit");
for (int i = 0;i< 10;i++)
{
Console.Write(i);
System.Threading.Thread.Sleep(new TimeSpan(0,0,60));
}
}
List<List<IToolResults>> toolResults = null;
conf = new Dictionary<string, string> ();
conf.Add ("sqlmapPath", ConfigurationManager.AppSettings ["sqlmapPath"]);
conf.Add ("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
conf.Add ("nmapPath", ConfigurationManager.AppSettings ["nmapPath"]);
conf.Add ("niktoPath", ConfigurationManager.AppSettings ["niktoPath"]);
conf.Add ("onesixtyonePath", ConfigurationManager.AppSettings ["onesixtyonePath"]);
conf.Add ("sslscanPath", ConfigurationManager.AppSettings ["sslscanPath"]);
conf.Add ("smbclientPath", ConfigurationManager.AppSettings ["smbclientPath"]);
conf.Add ("traceroutePath", ConfigurationManager.AppSettings ["traceroutePath"]);
conf.Add ("whoisPath", ConfigurationManager.AppSettings ["whoisPath"]);
conf.Add ("profileID", profile.ID.ToString());
conf.Add ("API", ConfigurationManager.AppSettings["API"]);
conf.Add ("UserID", ConfigurationManager.AppSettings["userID"]);
profile.Configuration = conf;
string newRange = string.Empty;
foreach (var host in profile.ProfileHosts)
newRange += host.IPv4Address + " ";
profile.Range = newRange;
profile.Run (out toolResults);
profile.CurrentResults.SetCreationInfo (profile.WebUserID);
foreach (PersistentNMapHost host in profile.CurrentResults.PersistentHosts) {
host.CleanHost ();
host.ProfileHost = profile.ProfileHosts.Where (ph => ph.IPv4Address == host.IPAddressv4).Single ();
foreach (PersistentPort port in host.PersistentPorts) {
port.CleanPort ();
port.ParentProfile = profile;
port.SetCreationInfo (profile.WebUserID);
}
foreach (List<IToolResults> list in toolResults) {
foreach (IToolResults results in list.Where(k => k.HostIPAddressV4 == host.IPAddressv4)) {
//this isn't very refactor friendly
//You can't switch on the Type supplied by GetType() since types can be ambiguous
switch (results.GetType ().Name) {
case "SSLScanToolResults":
PersistentSSLScanResults ssl = new PersistentSSLScanResults (results as SSLScanToolResults);
ssl.HostPortID = host.PersistentPorts.Where (pp => pp.PortNumber == ssl.HostPort).FirstOrDefault ().ID;
ssl.SetCreationInfo (Guid.Empty);
session.Save (ssl);
break;
case "NiktoToolResults":
PersistentNiktoResults nikto = new PersistentNiktoResults (results as NiktoToolResults);
nikto.Items = new List<PersistentNiktoItem>();
string[] items = nikto.ParseOutput().ToArray();
foreach (string item in items)
{
PersistentNiktoItem i = new PersistentNiktoItem();
DateTime now = DateTime.Now;
i.ID = Guid.NewGuid();
i.CreatedBy = Guid.Empty;
i.CreatedOn = now;
i.Data = item;
i.LastModifiedBy = Guid.Empty;
i.LastModifiedOn = now;
i.IsActive = true;
session.Save(i);
nikto.Items.Add(i);
}
nikto.HostPortID = host.PersistentPorts.Where (pp => pp.PortNumber == nikto.HostPort).FirstOrDefault ().ID;
nikto.SetCreationInfo (Guid.Empty);
session.Save (nikto);
break;
case "OneSixtyOneToolResults":
PersistentOneSixtyOneResults onesixtyone = new PersistentOneSixtyOneResults (results as OneSixtyOneToolResults);
onesixtyone.ParentPort = host.PersistentPorts.Where (pp => pp.PortNumber == onesixtyone.HostPort).FirstOrDefault ();
onesixtyone.HostPortID = onesixtyone.ParentPort.ID;
onesixtyone.SetCreationInfo (Guid.Empty);
session.Save (onesixtyone);
break;
case "SMBClientToolResults":
PersistentSMBClientResults smb = new PersistentSMBClientResults (results as SMBClientToolResults);
smb.ParentPort = host.PersistentPorts.Where (pp => pp.PortNumber == smb.HostPort).FirstOrDefault ();
smb.SetCreationInfo (Guid.Empty);
//session.Save (smb);
break;
case "WhoisToolResults":
PersistentWhoisResults whois = new PersistentWhoisResults (results as WhoisToolResults);
whois.ParentNMapHost = host;
whois.SetCreationInfo (Guid.Empty);
session.Save (whois);
break;
case "TracerouteToolResults":
PersistentTracerouteResults tracert = new PersistentTracerouteResults (results as TracerouteToolResults);
tracert.ParentNMapHost = host;
tracert.SetCreationInfo (Guid.Empty);
session.Save (tracert);
break;
default:
throw new Exception ("Don't know type: " + results.GetType ().Name);
}
}
}
host.SetCreationInfo (profile.WebUserID);
}
profile.RunAfter = DateTime.Now.AddDays (profile.RunEvery.Days);
profile.HasRun = true;
session.SaveOrUpdate (profile);
}
try {
trans.Commit ();
} catch (Exception ex) {
trans.Rollback ();
throw ex;
}
}
IList<PersistentScan > scansToRun;
using (ISession session = factory.OpenSession()) {
scansToRun = session.CreateCriteria<PersistentScan> ()
.Add (Restrictions.Eq ("HasRun", false))
.Add (Restrictions.Eq ("IsActive", true))
.List<PersistentScan> ();
foreach (var scan in scansToRun) {
scan.ParentProfile.CurrentResults.PopulateNonPersistentHosts ();
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
manager.StartVirtualMachine(vm);
}
}
NessusScan nessusScan = null;
NexposeScan nexposeScan = null;
OpenVASScan openvasScan = null;
MetasploitScan metasploitScan = null;
Dictionary<NMapHost, IList<IToolResults >> toolResults = new Dictionary<NMapHost, IList<IToolResults>> ();
conf = new Dictionary<string, string> ();
if (scan.ScanOptions.IsSQLMap)
{
conf.Add ("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
conf.Add ("sqlmapPath", ConfigurationManager.AppSettings ["sqlmapPath"]);
conf.Add("isSQLMap", "true");
}
else
conf.Add("isSQLMap", "false");
if (scan.ScanOptions.IsDSXS)
{
if (!conf.ContainsKey("wapitiPath"))
conf.Add ("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
conf.Add ("dsxsPath", ConfigurationManager.AppSettings ["dsxsPath"]);
}
if (scan.ScanOptions.IsNessusAssessment) {
conf.Add ("nessusHost", ConfigurationManager.AppSettings ["nessusHost"]);
conf.Add ("nessusUser", ConfigurationManager.AppSettings ["nessusUser"]);
conf.Add ("nessusPass", ConfigurationManager.AppSettings ["nessusPass"]);
}
if (scan.ScanOptions.IsNexposeAssessment) {
conf.Add ("nexposeHost", ConfigurationManager.AppSettings ["nexposeHost"]);
conf.Add ("nexposeUser", ConfigurationManager.AppSettings ["nexposeUser"]);
conf.Add ("nexposePass", ConfigurationManager.AppSettings ["nexposePass"]);
}
if (scan.ScanOptions.IsOpenVASAssessment) {
conf.Add ("openvasHost", ConfigurationManager.AppSettings ["openvasHost"]);
conf.Add ("openvasUser", ConfigurationManager.AppSettings ["openvasUser"]);
conf.Add ("openvasPass", ConfigurationManager.AppSettings ["openvasPass"]);
string url = ConfigurationManager.AppSettings ["API"] + "/GetOpenVASConfigs.ashx";
HttpWebRequest request = WebRequest.Create (url) as HttpWebRequest;
string xml = string.Empty;
using (StreamReader reader = new StreamReader(request.GetResponse().GetResponseStream()))
xml = reader.ReadToEnd ();
XmlDocument doc = new XmlDocument ();
doc.LoadXml (xml);
List<OpenVASConfig> configs = new List<OpenVASConfig> ();
foreach (XmlNode c in doc.FirstChild.ChildNodes)
configs.Add (new OpenVASConfig (c));
conf.Add ("openvasConfig", configs.Where (c => c.Name == "Full and fast").Single ().RemoteConfigID.ToString ());
}
if (scan.ScanOptions.IsMetasploitAssessment) {
conf.Add ("tmpSshfsDir", ConfigurationManager.AppSettings ["tmpSshfsDir"]);
conf.Add ("metasploitHost", ConfigurationManager.AppSettings ["metasploitHost"]);
conf.Add ("metasploitUser", ConfigurationManager.AppSettings ["metasploitUser"]);
conf.Add ("metasploitPass", ConfigurationManager.AppSettings ["metasploitPass"]);
}
scan.Configuration = conf;
scan.Run (out nessusScan, out nexposeScan, out openvasScan, out metasploitScan, out toolResults);
if (toolResults == null)
{
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
manager.StopVirtualMachine(vm);
}
}
continue;
}
///this is really super dirty
///coded myself into a corner, gotta unwind
foreach (KeyValuePair<NMapHost, IList<IToolResults>> pair in toolResults) {
foreach (IToolResults results in pair.Value) {
if (results is WapitiToolResults) {
PersistentWapitiResults wapiti = new PersistentWapitiResults (results as WapitiToolResults);
foreach (var host in scan.ParentProfile.CurrentResults.PersistentHosts) {
foreach (PersistentPort pport in host.PersistentPorts) {
if (pport.PortNumber == (results as WapitiToolResults).HostPort &&
pport.ParentHost.IPAddressv4 == (results as WapitiToolResults).HostIPAddressV4) {
wapiti.HostPortID = pport.ID;
wapiti.SetCreationInfo (Guid.Empty);
session.Save (wapiti);
}
}
}
} else if (results is SQLMapResults) {
PersistentSQLMapResults pr = new PersistentSQLMapResults (results as SQLMapResults);
foreach (var host in scan.ParentProfile.CurrentResults.PersistentHosts) {
foreach (PersistentPort pport in host.PersistentPorts) {
if (pport.PortNumber == (results as SQLMapResults).ParentHostPort.PortNumber &&
pport.ParentHost.IPAddressv4 == (results as SQLMapResults).ParentHostPort.ParentIPAddress) {
pr.ParentHostPort = pport;
pr.SetCreationInfo (Guid.Empty);
session.Save (pr);
}
}
}
}
}
}
if (scan.ScanOptions.IsNessusAssessment) {
PersistentNessusScan s = new PersistentNessusScan(nessusScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save (s);
}
if (scan.ScanOptions.IsOpenVASAssessment) {
PersistentOpenVASScan s = new PersistentOpenVASScan(openvasScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save (s);
}
if (scan.ScanOptions.IsNexposeAssessment) {
PersistentNexposeScan s = new PersistentNexposeScan(nexposeScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save (s);
}
if (scan.ScanOptions.IsMetasploitAssessment) {
PersistentMetasploitScan s = new PersistentMetasploitScan(metasploitScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save (s);
}
scan.HasRun = true;
Console.WriteLine("Saving!");
using (ITransaction trans = session.BeginTransaction()) {
session.SaveOrUpdate (scan);
try {
trans.Commit ();
} catch (Exception ex) {
trans.Rollback ();
Console.WriteLine("Save failed!");
throw ex;
}
}
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
manager.StopVirtualMachine(vm);
}
}
}
}
// while (true) {
// DateTime start = new DateTime ();
// IPAddress ipAd = IPAddress.Parse ("127.0.0.1");
//
// TcpListener list = new TcpListener (ipAd, 8082);
//
// list.Start ();
//
// TcpClient c = list.AcceptTcpClient ();
//
// ASCIIEncoding enc = new ASCIIEncoding ();
// byte[] b = new byte[1024];
// string xml = string.Empty;
//
// using (NetworkStream stream = c.GetStream ()) {
// do {
// stream.Read (b, 0, b.Length);
// xml += xml + enc.GetString (b);
//
// } while (stream.DataAvailable);
//
// start = DateTime.Now;
//
// XmlDocument doc = new XmlDocument ();
// doc.LoadXml (xml);
//
// foreach (XmlNode node in doc.ChildNodes) {
//
// if (node.Name == "create") {
// if (node.Name == "scan") {
//
// Scan scan = new Scan ();
//
// if (node.HasChildNodes) {
// foreach (XmlNode child in node.ChildNodes) {
//
// if (child.Name == "host")
// scan.Host = child.InnerText; else if (child.Name == "range")
//
// scan.Range = child.InnerText; else if (child.Name == "type") {
// if (child.InnerText == "profile")
//
// scan.ScanType = ScanType.Profile; else if (child.InnerText == "full")
// scan.ScanType = ScanType.Full;
// }
// }
// }
//
//
//
// scan.Run ();
// } else if (node.Name == "get") {
//
// } else if (node.Name == "destroy") {
//
// }
//
// }
//
// }
//
// TimeSpan tt = DateTime.Now.Subtract (start);
//
// string complete = String.Format ("The scan has been run... Took {0} minutes, {1} seconds.\n", tt.Minutes, tt.Seconds);
//
// stream.Write (enc.GetBytes (complete), 0, complete.Length);
// }
//
// list.Stop ();
// }
}
