public static void Main(string[] args)
{
string conn = "Server=192.168.1.5;";
conn += "Port=5433;";
conn += "Database=rising_sun;";
conn += "User Id=postgres;";
conn += "Password=password;";
conn += "SSL=true;";
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82
.ConnectionString(conn);
ISessionFactory factory = Fluently.Configure()
.Database(config)
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentMetasploitScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentOpenVASNVT> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNessusScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNexposeScan> ())
.BuildSessionFactory();
string msf = "/home/bperry/tmp/metasploit.xml";
string ovas = "/home/bperry/tmp/openvas.xml";
string nx = "/home/bperry/tmp/nexpose.xml";
string nss = "/home/bperry/tmp/nessus.xml";
XmlDocument doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(ovas));
OpenVASScan ovasScan = new OpenVASScan(doc.FirstChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(nx));
NexposeScan nxScan = new NexposeScan(doc.FirstChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(nss));
NessusScan nssScan = new NessusScan(doc.LastChild);
doc = new XmlDocument();
doc.LoadXml(System.IO.File.ReadAllText(msf));
MetasploitScan msfScan = new MetasploitScan(doc.LastChild);
PersistentMetasploitScan pmsfScan = new PersistentMetasploitScan(msfScan);
pmsfScan.SetCreationInfo(Guid.Empty, true);
PersistentNessusScan pnssScan = new PersistentNessusScan(nssScan);
pnssScan.SetCreationInfo(Guid.Empty, true);
PersistentOpenVASScan povasScan = new PersistentOpenVASScan(ovasScan);
povasScan.SetCreationInfo(Guid.Empty, true);
PersistentNexposeScan pnxScan = new PersistentNexposeScan(nxScan);
pnxScan.SetCreationInfo(Guid.Empty, true);
using (ISession session = factory.OpenSession())
{
using (ITransaction x = session.BeginTransaction())
{
try
{
pmsfScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving metasploit");
session.Save(pmsfScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
pnssScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving nessus");
session.Save(pnssScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
povasScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving openvas");
session.Save(povasScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
using (ITransaction x = session.BeginTransaction())
{
try
{
pnxScan.ParentScanID = Guid.NewGuid();
Console.WriteLine("Saving nexpose");
session.Save(pnxScan);
x.Commit();
}
catch (Exception ex)
{
Console.WriteLine("I broke, rolling back...");
x.Rollback();
throw ex;
}
}
}
Console.WriteLine("yay?");
}
public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary <NMapHost, IList <IToolResults> > toolResults)
{
if (this.Configuration == null)
{
throw new Exception("Configuration not set");
}
DateTime start = DateTime.Now;
metasploitScan = null;
nessusScan = null;
nexposeScan = null;
openvasScan = null;
string openvasTaskID = string.Empty;
string nessusScanID = string.Empty;
string nexposeScanID = string.Empty;
int uniqueNo = new Random().Next();
IList <NMapHost> hosts = this.ParentProfile.CurrentResults.Hosts;
if (hosts.Count() == 0)
{
Console.WriteLine("ERROR: no hosts in the profile. Aborting.");
toolResults = null;
return;
}
csv = string.Empty;
foreach (NMapHost host in hosts)
{
csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case
}
string openvasReportID = string.Empty;
if (this.ScanOptions.IsOpenVASAssessment)
{
Console.WriteLine("Creating OpenVAS Scan...");
OpenVASTarget target = new OpenVASTarget();
target.Hosts = csv;
target.Name = this.ParentProfile.Name + uniqueNo.ToString();
target.SMBCredentials = new OpenVASLSCCredential();
target.SSHCredentials = new OpenVASLSCCredential();
using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) {
using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) {
target = openvasManager.CreateTarget(target);
OpenVASConfig config = openvasManager.GetAllConfigs()
.Where(c => c.RemoteConfigID == new Guid(this.Configuration ["openvasConfig"]))
.SingleOrDefault();
OpenVASTask task = new OpenVASTask();
task.Comment = string.Format("Task for scan {0}", this.Name);
task.Target = target;
task.Config = config;
task = openvasManager.CreateTask(task);
XmlDocument taskResponse = openvasManager.StartTask(task.RemoteTaskID.ToString());
if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith("20"))
{
throw new Exception("Creating OpenVAS scan failed: " +
taskResponse.FirstChild.Attributes ["status_text"].Value
);
}
openvasReportID = taskResponse.FirstChild.FirstChild.InnerText;
openvasTaskID = task.RemoteTaskID.ToString();
}
Console.WriteLine("Done creating and starting OpenVAS scan.");
}
}
if (this.ScanOptions.IsNessusAssessment)
{
Console.WriteLine("Creating Nessus scan...");
using (NessusManagerSession nessusSession = new NessusManagerSession(this.Configuration["nessusHost"])) {
bool loggedIn = false;
nessusSession.Authenticate(this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);
if (!loggedIn)
{
throw new Exception("Invalid username/password");
}
using (NessusObjectManager nessusManager = new NessusObjectManager(nessusSession)) {
var tmp = nessusManager.CreateAndStartScan(csv, -2, this.Name + uniqueNo.ToString());
string scanName = tmp.Name;
nessusScanID = scanName;
string reportID = string.Empty;
foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes)
{
if (node.Name == "contents")
{
string tmpReportID = string.Empty;
foreach (XmlNode child in node.FirstChild.ChildNodes)
{
foreach (XmlNode c in child.ChildNodes)
{
if (c.Name == "name")
{
tmpReportID = c.InnerText;
}
else if (c.Name == "readableName" && c.InnerText == scanName)
{
reportID = tmpReportID;
}
}
}
tmpReportID = string.Empty;
}
}
}
Console.WriteLine("Done creating and starting Nessus scan.");
}
}
if (this.ScanOptions.IsNexposeAssessment)
{
Console.WriteLine("Creating NeXpose scan...");
int siteID = 0;
if (this.ScanOptions.RemoteNexposeSiteID <= 0)
{
XmlDocument d = null;
string id = "-1";
string template = "full-audit";
string name = this.Name + uniqueNo.ToString();
string description = "A site for the the profile " + this.ParentProfile.Name;
string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">";
siteXml = siteXml + "<Hosts>";
foreach (string host in csv.Split(','))
{
siteXml = siteXml + "<host>" + host + "</host>";
}
siteXml = siteXml + "</Hosts>" +
"<Credentials></Credentials>" +
"<Alerting></Alerting>" +
"<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" +
"</Site>";
XmlDocument doc = new XmlDocument();
doc.LoadXml(siteXml);
using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);
using (NexposeManager11 manager = new NexposeManager11(session)) {
XmlDocument response = manager.SaveOrUpdateSite(doc.FirstChild);
d = response;
}
}
siteID = int.Parse(d.FirstChild.Attributes ["site-id"].Value);
this.ScanOptions.RemoteNexposeSiteID = siteID;
}
else
{
siteID = this.ScanOptions.RemoteNexposeSiteID;
}
using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);
using (NexposeManager11 manager = new NexposeManager11(session)) {
XmlDocument response = manager.ScanSite(siteID.ToString());
nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value;
}
}
Console.WriteLine("Done creating and starting NeXpose scan.");
}
Dictionary <NMapHost, IList <IToolResults> > results = new Dictionary <NMapHost, IList <IToolResults> > ();
services = new List <string> ();
foreach (var host in hosts)
{
foreach (Port port in (host as NMapHost).Ports)
{
services.Add(port.Service);
}
NMapHost threadHost = host as NMapHost;
Console.WriteLine("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")");
results.Add(threadHost, ScanHost(threadHost, this.ScanOptions.SQLMapOptions, this.Configuration));
}
toolResults = results;
bool done = false;
if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment)
{
while (!done)
{
if (!string.IsNullOrEmpty(openvasTaskID) && this.OpenVASScanIsRunning(openvasTaskID))
{
Console.WriteLine("Waiting on OpenVAS scan " + openvasTaskID);
Thread.Sleep(new TimeSpan(0, 0, 60));
continue;
}
if (!string.IsNullOrEmpty(nessusScanID) && this.NessusScanIsRunning(nessusScanID))
{
Console.WriteLine("Waiting on Nessus scan " + nessusScanID);
Thread.Sleep(new TimeSpan(0, 0, 60));
continue;
}
if (!string.IsNullOrEmpty(nexposeScanID) && this.NexposeScanIsRunning(nexposeScanID))
{
Console.WriteLine("Waiting on NeXpose scan " + nexposeScanID);
Thread.Sleep(new TimeSpan(0, 0, 60));
continue;
}
done = true;
}
Dictionary <VulnerabilityScanType, string> scans = new Dictionary <VulnerabilityScanType, string> ();
if (!string.IsNullOrEmpty(openvasReportID))
{
scans.Add(VulnerabilityScanType.OpenVAS, openvasReportID);
}
if (!string.IsNullOrEmpty(nexposeScanID))
{
scans.Add(VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString());
}
if (!string.IsNullOrEmpty(nessusScanID))
{
scans.Add(VulnerabilityScanType.Nessus, nessusScanID);
}
Dictionary <VulnerabilityScanType, XmlNode> reports = this.GetReports(scans);
foreach (var report in reports)
{
if (report.Key == VulnerabilityScanType.Nessus)
{
nessusScan = new NessusScan(report.Value);
}
else if (report.Key == VulnerabilityScanType.Nexpose)
{
nexposeScan = new NexposeScan(report.Value);
}
else if (report.Key == VulnerabilityScanType.OpenVAS)
{
openvasScan = new OpenVASScan(report.Value);
}
else
{
throw new Exception("Don't know this scan type");
}
}
if (this.ScanOptions.IsMetasploitAssessment)
{
string workspace = Guid.NewGuid().ToString();
this.CreateNewMetasploitWorkspace(workspace);
this.ImportScansIntoMetasploitPro(reports, workspace);
string proTaskID = this.BeginMetasploitProAssessment(workspace, csv, false);
while (this.MetasploitProAssessmentIsRunning(proTaskID))
{
Console.WriteLine("Waiting on exploit assessment from metasploit: task " + proTaskID);
System.Threading.Thread.Sleep(new TimeSpan(0, 0, 30));
}
metasploitScan = new MetasploitScan(this.GetMetasploitProReport(workspace));
}
}
TimeSpan duration = DateTime.Now - start;
this.Duration = duration.TotalSeconds.ToString();
this.HasRun = true;
}
public static void Main()
{
string conn = "Server=" + ConfigurationManager.AppSettings ["PostgreSQL"] + ";";
conn += "Port=" + ConfigurationManager.AppSettings ["PostgreSQLPort"] + ";";
conn += "Database=rising_sun;";
conn += "User Id=" + ConfigurationManager.AppSettings ["PostgreSQLUser"] + ";";
conn += "Password="******"PostgreSQLPass"] + ";";
conn += "SSL=true;";
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82
.ConnectionString(conn);
ISessionFactory factory = Fluently.Configure()
.Database(config)
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentProfile> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentOpenVASNVT> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNessusScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNexposeScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentMetasploitScan> ())
.BuildSessionFactory();
Dictionary <string, string> conf = null;
IList <PersistentProfile> profilesToRun;
using (ISession session = factory.OpenSession())
using (ITransaction trans = session.BeginTransaction()) {
profilesToRun = session.CreateCriteria <PersistentProfile> ()
.Add(Restrictions.Eq("HasRun", false))
.Add(Restrictions.Eq("IsActive", true))
.List <PersistentProfile> ();
foreach (PersistentProfile profile in profilesToRun)
{
if (profile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in profile.VirtualMachines)
{
manager.StartVirtualMachine(vm);
}
}
Console.WriteLine("Letting vm's settle...waiting a bit");
for (int i = 0; i < 10; i++)
{
Console.Write(i);
System.Threading.Thread.Sleep(new TimeSpan(0, 0, 60));
}
}
List <List <IToolResults> > toolResults = null;
conf = new Dictionary <string, string> ();
conf.Add("sqlmapPath", ConfigurationManager.AppSettings ["sqlmapPath"]);
conf.Add("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
conf.Add("nmapPath", ConfigurationManager.AppSettings ["nmapPath"]);
conf.Add("niktoPath", ConfigurationManager.AppSettings ["niktoPath"]);
conf.Add("onesixtyonePath", ConfigurationManager.AppSettings ["onesixtyonePath"]);
conf.Add("sslscanPath", ConfigurationManager.AppSettings ["sslscanPath"]);
conf.Add("smbclientPath", ConfigurationManager.AppSettings ["smbclientPath"]);
conf.Add("traceroutePath", ConfigurationManager.AppSettings ["traceroutePath"]);
conf.Add("whoisPath", ConfigurationManager.AppSettings ["whoisPath"]);
conf.Add("profileID", profile.ID.ToString());
conf.Add("API", ConfigurationManager.AppSettings["API"]);
conf.Add("UserID", ConfigurationManager.AppSettings["userID"]);
profile.Configuration = conf;
string newRange = string.Empty;
foreach (var host in profile.ProfileHosts)
{
newRange += host.IPv4Address + " ";
}
profile.Range = newRange;
profile.Run(out toolResults);
profile.CurrentResults.SetCreationInfo(profile.WebUserID);
foreach (PersistentNMapHost host in profile.CurrentResults.PersistentHosts)
{
host.CleanHost();
host.ProfileHost = profile.ProfileHosts.Where(ph => ph.IPv4Address == host.IPAddressv4).Single();
foreach (PersistentPort port in host.PersistentPorts)
{
port.CleanPort();
port.ParentProfile = profile;
port.SetCreationInfo(profile.WebUserID);
}
foreach (List <IToolResults> list in toolResults)
{
foreach (IToolResults results in list.Where(k => k.HostIPAddressV4 == host.IPAddressv4))
{
//this isn't very refactor friendly
//You can't switch on the Type supplied by GetType() since types can be ambiguous
switch (results.GetType().Name)
{
case "SSLScanToolResults":
PersistentSSLScanResults ssl = new PersistentSSLScanResults(results as SSLScanToolResults);
ssl.HostPortID = host.PersistentPorts.Where(pp => pp.PortNumber == ssl.HostPort).FirstOrDefault().ID;
ssl.SetCreationInfo(Guid.Empty);
session.Save(ssl);
break;
case "NiktoToolResults":
PersistentNiktoResults nikto = new PersistentNiktoResults(results as NiktoToolResults);
nikto.Items = new List <PersistentNiktoItem>();
string[] items = nikto.ParseOutput().ToArray();
foreach (string item in items)
{
PersistentNiktoItem i = new PersistentNiktoItem();
DateTime now = DateTime.Now;
i.ID = Guid.NewGuid();
i.CreatedBy = Guid.Empty;
i.CreatedOn = now;
i.Data = item;
i.LastModifiedBy = Guid.Empty;
i.LastModifiedOn = now;
i.IsActive = true;
session.Save(i);
nikto.Items.Add(i);
}
nikto.HostPortID = host.PersistentPorts.Where(pp => pp.PortNumber == nikto.HostPort).FirstOrDefault().ID;
nikto.SetCreationInfo(Guid.Empty);
session.Save(nikto);
break;
case "OneSixtyOneToolResults":
PersistentOneSixtyOneResults onesixtyone = new PersistentOneSixtyOneResults(results as OneSixtyOneToolResults);
onesixtyone.ParentPort = host.PersistentPorts.Where(pp => pp.PortNumber == onesixtyone.HostPort).FirstOrDefault();
onesixtyone.HostPortID = onesixtyone.ParentPort.ID;
onesixtyone.SetCreationInfo(Guid.Empty);
session.Save(onesixtyone);
break;
case "SMBClientToolResults":
PersistentSMBClientResults smb = new PersistentSMBClientResults(results as SMBClientToolResults);
smb.ParentPort = host.PersistentPorts.Where(pp => pp.PortNumber == smb.HostPort).FirstOrDefault();
smb.SetCreationInfo(Guid.Empty);
//session.Save (smb);
break;
case "WhoisToolResults":
PersistentWhoisResults whois = new PersistentWhoisResults(results as WhoisToolResults);
whois.ParentNMapHost = host;
whois.SetCreationInfo(Guid.Empty);
session.Save(whois);
break;
case "TracerouteToolResults":
PersistentTracerouteResults tracert = new PersistentTracerouteResults(results as TracerouteToolResults);
tracert.ParentNMapHost = host;
tracert.SetCreationInfo(Guid.Empty);
session.Save(tracert);
break;
default:
throw new Exception("Don't know type: " + results.GetType().Name);
}
}
}
host.SetCreationInfo(profile.WebUserID);
}
profile.RunAfter = DateTime.Now.AddDays(profile.RunEvery.Days);
profile.HasRun = true;
session.SaveOrUpdate(profile);
}
try {
trans.Commit();
} catch (Exception ex) {
trans.Rollback();
throw ex;
}
}
IList <PersistentScan> scansToRun;
using (ISession session = factory.OpenSession()) {
scansToRun = session.CreateCriteria <PersistentScan> ()
.Add(Restrictions.Eq("HasRun", false))
.Add(Restrictions.Eq("IsActive", true))
.List <PersistentScan> ();
foreach (var scan in scansToRun)
{
scan.ParentProfile.CurrentResults.PopulateNonPersistentHosts();
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
{
manager.StartVirtualMachine(vm);
}
}
}
NessusScan nessusScan = null;
NexposeScan nexposeScan = null;
OpenVASScan openvasScan = null;
MetasploitScan metasploitScan = null;
Dictionary <NMapHost, IList <IToolResults> > toolResults = new Dictionary <NMapHost, IList <IToolResults> > ();
conf = new Dictionary <string, string> ();
if (scan.ScanOptions.IsSQLMap)
{
conf.Add("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
conf.Add("sqlmapPath", ConfigurationManager.AppSettings ["sqlmapPath"]);
conf.Add("isSQLMap", "true");
}
else
{
conf.Add("isSQLMap", "false");
}
if (scan.ScanOptions.IsDSXS)
{
if (!conf.ContainsKey("wapitiPath"))
{
conf.Add("wapitiPath", ConfigurationManager.AppSettings ["wapitiPath"]);
}
conf.Add("dsxsPath", ConfigurationManager.AppSettings ["dsxsPath"]);
}
if (scan.ScanOptions.IsNessusAssessment)
{
conf.Add("nessusHost", ConfigurationManager.AppSettings ["nessusHost"]);
conf.Add("nessusUser", ConfigurationManager.AppSettings ["nessusUser"]);
conf.Add("nessusPass", ConfigurationManager.AppSettings ["nessusPass"]);
}
if (scan.ScanOptions.IsNexposeAssessment)
{
conf.Add("nexposeHost", ConfigurationManager.AppSettings ["nexposeHost"]);
conf.Add("nexposeUser", ConfigurationManager.AppSettings ["nexposeUser"]);
conf.Add("nexposePass", ConfigurationManager.AppSettings ["nexposePass"]);
}
if (scan.ScanOptions.IsOpenVASAssessment)
{
conf.Add("openvasHost", ConfigurationManager.AppSettings ["openvasHost"]);
conf.Add("openvasUser", ConfigurationManager.AppSettings ["openvasUser"]);
conf.Add("openvasPass", ConfigurationManager.AppSettings ["openvasPass"]);
string url = ConfigurationManager.AppSettings ["API"] + "/GetOpenVASConfigs.ashx";
HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
string xml = string.Empty;
using (StreamReader reader = new StreamReader(request.GetResponse().GetResponseStream()))
xml = reader.ReadToEnd();
XmlDocument doc = new XmlDocument();
doc.LoadXml(xml);
List <OpenVASConfig> configs = new List <OpenVASConfig> ();
foreach (XmlNode c in doc.FirstChild.ChildNodes)
{
configs.Add(new OpenVASConfig(c));
}
conf.Add("openvasConfig", configs.Where(c => c.Name == "Full and fast").Single().RemoteConfigID.ToString());
}
if (scan.ScanOptions.IsMetasploitAssessment)
{
conf.Add("tmpSshfsDir", ConfigurationManager.AppSettings ["tmpSshfsDir"]);
conf.Add("metasploitHost", ConfigurationManager.AppSettings ["metasploitHost"]);
conf.Add("metasploitUser", ConfigurationManager.AppSettings ["metasploitUser"]);
conf.Add("metasploitPass", ConfigurationManager.AppSettings ["metasploitPass"]);
}
scan.Configuration = conf;
scan.Run(out nessusScan, out nexposeScan, out openvasScan, out metasploitScan, out toolResults);
if (toolResults == null)
{
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
{
manager.StopVirtualMachine(vm);
}
}
}
continue;
}
///this is really super dirty
///coded myself into a corner, gotta unwind
foreach (KeyValuePair <NMapHost, IList <IToolResults> > pair in toolResults)
{
foreach (IToolResults results in pair.Value)
{
if (results is WapitiToolResults)
{
PersistentWapitiResults wapiti = new PersistentWapitiResults(results as WapitiToolResults);
foreach (var host in scan.ParentProfile.CurrentResults.PersistentHosts)
{
foreach (PersistentPort pport in host.PersistentPorts)
{
if (pport.PortNumber == (results as WapitiToolResults).HostPort &&
pport.ParentHost.IPAddressv4 == (results as WapitiToolResults).HostIPAddressV4)
{
wapiti.HostPortID = pport.ID;
wapiti.SetCreationInfo(Guid.Empty);
session.Save(wapiti);
}
}
}
}
else if (results is SQLMapResults)
{
PersistentSQLMapResults pr = new PersistentSQLMapResults(results as SQLMapResults);
foreach (var host in scan.ParentProfile.CurrentResults.PersistentHosts)
{
foreach (PersistentPort pport in host.PersistentPorts)
{
if (pport.PortNumber == (results as SQLMapResults).ParentHostPort.PortNumber &&
pport.ParentHost.IPAddressv4 == (results as SQLMapResults).ParentHostPort.ParentIPAddress)
{
pr.ParentHostPort = pport;
pr.SetCreationInfo(Guid.Empty);
session.Save(pr);
}
}
}
}
}
}
if (scan.ScanOptions.IsNessusAssessment)
{
PersistentNessusScan s = new PersistentNessusScan(nessusScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save(s);
}
if (scan.ScanOptions.IsOpenVASAssessment)
{
PersistentOpenVASScan s = new PersistentOpenVASScan(openvasScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save(s);
}
if (scan.ScanOptions.IsNexposeAssessment)
{
PersistentNexposeScan s = new PersistentNexposeScan(nexposeScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save(s);
}
if (scan.ScanOptions.IsMetasploitAssessment)
{
PersistentMetasploitScan s = new PersistentMetasploitScan(metasploitScan);
s.SetCreationInfo(Guid.Empty, true);
s.ParentScanID = scan.ID;
session.Save(s);
}
scan.HasRun = true;
Console.WriteLine("Saving!");
using (ITransaction trans = session.BeginTransaction()) {
session.SaveOrUpdate(scan);
try {
trans.Commit();
} catch (Exception ex) {
trans.Rollback();
Console.WriteLine("Save failed!");
throw ex;
}
}
if (scan.ParentProfile.VirtualMachines.Count > 0)
{
using (VirtualboxManager manager = new VirtualboxManager("vboxmanage"))
{
foreach (var vm in scan.ParentProfile.VirtualMachines)
{
manager.StopVirtualMachine(vm);
}
}
}
}
}
// while (true) {
// DateTime start = new DateTime ();
// IPAddress ipAd = IPAddress.Parse ("127.0.0.1");
//
// TcpListener list = new TcpListener (ipAd, 8082);
//
// list.Start ();
//
// TcpClient c = list.AcceptTcpClient ();
//
// ASCIIEncoding enc = new ASCIIEncoding ();
// byte[] b = new byte[1024];
// string xml = string.Empty;
//
// using (NetworkStream stream = c.GetStream ()) {
// do {
// stream.Read (b, 0, b.Length);
// xml += xml + enc.GetString (b);
//
// } while (stream.DataAvailable);
//
// start = DateTime.Now;
//
// XmlDocument doc = new XmlDocument ();
// doc.LoadXml (xml);
//
// foreach (XmlNode node in doc.ChildNodes) {
//
// if (node.Name == "create") {
// if (node.Name == "scan") {
//
// Scan scan = new Scan ();
//
// if (node.HasChildNodes) {
// foreach (XmlNode child in node.ChildNodes) {
//
// if (child.Name == "host")
// scan.Host = child.InnerText; else if (child.Name == "range")
//
// scan.Range = child.InnerText; else if (child.Name == "type") {
// if (child.InnerText == "profile")
//
// scan.ScanType = ScanType.Profile; else if (child.InnerText == "full")
// scan.ScanType = ScanType.Full;
// }
// }
// }
//
//
//
// scan.Run ();
// } else if (node.Name == "get") {
//
// } else if (node.Name == "destroy") {
//
// }
//
// }
//
// }
//
// TimeSpan tt = DateTime.Now.Subtract (start);
//
// string complete = String.Format ("The scan has been run... Took {0} minutes, {1} seconds.\n", tt.Minutes, tt.Seconds);
//
// stream.Write (enc.GetBytes (complete), 0, complete.Length);
// }
//
// list.Stop ();
// }
}
public PersistentMetasploitScan(MetasploitScan scan)
{
this.PersistentHosts = new List <PersistentMetasploitHost>();
this.PersistentCredentials = new List <PersistentMetasploitCredential>();
this.PersistentEvents = new List <PersistentMetasploitEvent>();
this.PersistentModuleDetails = new List <PersistentMetasploitModuleDetails>();
this.PersistentSessions = new List <PersistentMetasploitExploitSession>();
this.PersistentWebForms = new List <PersistentMetasploitWebForm>();
this.PersistentWebPages = new List <PersistentMetasploitWebPage>();
this.PersistentWebsites = new List <PersistentMetasploitWebsite>();
this.PersistentWebVulnerabilities = new List <PersistentMetasploitWebVulnerability>();
if (scan.Hosts != null)
{
foreach (var host in scan.Hosts)
{
this.PersistentHosts.Add(new PersistentMetasploitHost(host));
}
}
if (scan.Events != null)
{
foreach (var evnt in scan.Events)
{
this.PersistentEvents.Add(new PersistentMetasploitEvent(evnt));
}
}
if (scan.ModuleDetails != null)
{
foreach (var deets in scan.ModuleDetails)
{
this.PersistentModuleDetails.Add(new PersistentMetasploitModuleDetails(deets));
}
}
if (scan.Sessions != null)
{
foreach (var session in scan.Sessions)
{
this.PersistentSessions.Add(new PersistentMetasploitExploitSession(session));
}
}
if (scan.WebForms != null)
{
foreach (var form in scan.WebForms)
{
this.PersistentWebForms.Add(new PersistentMetasploitWebForm(form));
}
}
if (scan.WebPages != null)
{
foreach (var page in scan.WebPages)
{
this.PersistentWebPages.Add(new PersistentMetasploitWebPage(page));
}
}
if (scan.Websites != null)
{
foreach (var site in scan.Websites)
{
this.PersistentWebsites.Add(new PersistentMetasploitWebsite(site));
}
}
if (scan.WebVulnerabilities != null)
{
foreach (var vuln in scan.WebVulnerabilities)
{
this.PersistentWebVulnerabilities.Add(new PersistentMetasploitWebVulnerability(vuln));
}
}
if (scan.Credentials != null)
{
foreach (var cred in scan.Credentials)
{
this.PersistentCredentials.Add(new PersistentMetasploitCredential(cred));
}
}
}
