Esempio n. 1
0
        private bool NessusScanIsRunning(string nessusScanID)
        {
            using (NessusManagerSession nessusSession = new NessusManagerSession(this.Configuration["nessusHost"])) {
                bool loggedIn = false;
                nessusSession.Authenticate(this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);

                if (!loggedIn)
                {
                    throw new Exception("Invalid username/password");
                }

                using (NessusObjectManager nessusManager = new NessusObjectManager(nessusSession)) {
                    var report = nessusManager.GetReports()
                                 .Where(r => r.ReadableName == nessusScanID)
                                 .SingleOrDefault();

                    if (report.Status == "completed")
                    {
                        return(false);
                    }

                    return(true);
                }
            }
        }
Esempio n. 2
0
        public override void ProcessRequest(HttpContext context)
        {
            Guid userID   = new Guid(context.Request["UserID"]);
            Guid clientID = new Guid(context.Request["ClientID"]);

            ISession s = this.CurrentSession;

            PersistentUser user = s.CreateCriteria <PersistentUser>()
                                  .Add(Restrictions.Eq("ID", userID))
                                  .Add(Restrictions.Eq("IsActive", true))
                                  .UniqueResult <PersistentUser>();

            if (user == null || !user.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            if (!user.Client.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            using (NessusManagerSession session = new NessusManagerSession("https", "" + ConfigurationManager.AppSettings["nessusHost"] + "", 8834))
            {
                bool loggedIn = false;
                session.Authenticate("nessus", "nessus", 1234, out loggedIn);

                if (!loggedIn)
                {
                    throw new Exception("Not authed to nessus");
                }

                NessusObjectManager manager = new NessusObjectManager(session);

                var policies = manager.GetPolicies();

                string xml = "<nessusPolicies>";

                foreach (NessusPolicy policy in policies)
                {
                    xml = xml + policy.ToBusinessXml();
                }

                xml = xml + "</nessusPolicies>";

                context.Response.Write(xml);
            }
        }
        public override void ProcessRequest(HttpContext context)
        {
            ISession sess = this.CurrentSession;

            PersistentUser   user   = sess.Get <PersistentUser>(new Guid(context.Request["UserID"]));
            PersistentClient client = sess.Get <PersistentClient>(new Guid(context.Request["ClientID"]));

            if (user == null || !user.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            if (client == null || !client.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            string uuid     = context.Request["ReportUUID"];
            string hostname = context.Request["Hostname"];
            int    port     = int.Parse(context.Request["PortNumber"]);
            string protocol = context.Request["Protocol"];

            if (string.IsNullOrEmpty(uuid))
            {
                throw new Exception("no uuid");
            }

            NessusManagerSession nessusSession = new NessusManagerSession(ConfigurationManager.AppSettings["nessusHost"]);

            bool loggedIn = false;

            nessusSession.Authenticate(ConfigurationManager.AppSettings["nessusUser"], ConfigurationManager.AppSettings["nessusPass"], 1234, out loggedIn);

            if (!loggedIn)
            {
                throw new Exception("Invalid username/password");
            }

            NessusObjectManager nessusManager = new NessusObjectManager(nessusSession);

            XmlDocument doc = nessusManager.GetReportDetailsByPortAndHost(uuid, hostname, port, protocol);

            context.Response.Write(doc.OuterXml);
        }
        public override void ProcessRequest(HttpContext context)
        {
            ISession sess = this.CurrentSession;

            PersistentUser   user   = sess.Get <PersistentUser>(new Guid(context.Request["UserID"]));
            PersistentClient client = sess.Get <PersistentClient>(new Guid(context.Request["ClientID"]));

            if (user == null || !user.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            if (client == null || !client.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            string readableName = context.Request["ReportReadableName"];

            if (string.IsNullOrEmpty(readableName))
            {
                throw new Exception("no readable name");
            }

            NessusManagerSession nessusSession = new NessusManagerSession("192.168.56.101");

            bool loggedIn = false;

            nessusSession.Authenticate("nessus", "nessus", 1234, out loggedIn);

            if (!loggedIn)
            {
                throw new Exception("Invalid username/password");
            }

            NessusObjectManager nessusManager = new NessusObjectManager(nessusSession);

            NessusReport report = nessusManager.GetReports()
                                  .Where(r => r.ReadableName == readableName)
                                  .SingleOrDefault();

            context.Response.Write(report.ToBusinessXml());
        }
        public override void ProcessRequest(HttpContext context)
        {
            ISession sess = this.CurrentSession;

            PersistentUser   user   = sess.Get <PersistentUser>(new Guid(context.Request["UserID"]));
            PersistentClient client = sess.Get <PersistentClient>(new Guid(context.Request["ClientID"]));

            if (user == null || !user.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            if (client == null || !client.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            string uuid = context.Request["ReportUUID"];

            if (string.IsNullOrEmpty(uuid))
            {
                throw new Exception("no uuid");
            }

            NessusManagerSession nessusSession = new NessusManagerSession(ConfigurationManager.AppSettings["nessusHost"]);

            bool loggedIn = false;

            nessusSession.Authenticate(ConfigurationManager.AppSettings["nessusUser"], ConfigurationManager.AppSettings["nessusPass"], 1234, out loggedIn);

            if (!loggedIn)
            {
                throw new Exception("Invalid username/password");
            }

            NessusObjectManager nessusManager = new NessusObjectManager(nessusSession);

            var hosts = nessusManager.GetReportHosts(uuid);

            context.Response.Write(hosts.OuterXml);
        }
Esempio n. 6
0
        public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary <NMapHost, IList <IToolResults> > toolResults)
        {
            if (this.Configuration == null)
            {
                throw new Exception("Configuration not set");
            }

            DateTime start = DateTime.Now;

            metasploitScan = null;
            nessusScan     = null;
            nexposeScan    = null;
            openvasScan    = null;

            string openvasTaskID = string.Empty;
            string nessusScanID  = string.Empty;
            string nexposeScanID = string.Empty;

            int uniqueNo = new Random().Next();

            IList <NMapHost> hosts = this.ParentProfile.CurrentResults.Hosts;

            if (hosts.Count() == 0)
            {
                Console.WriteLine("ERROR: no hosts in the profile. Aborting.");
                toolResults = null;
                return;
            }


            csv = string.Empty;

            foreach (NMapHost host in hosts)
            {
                csv = csv + host.IPAddressv4 + ", ";                 //trailing , is OK in this case
            }
            string openvasReportID = string.Empty;

            if (this.ScanOptions.IsOpenVASAssessment)
            {
                Console.WriteLine("Creating OpenVAS Scan...");

                OpenVASTarget target = new OpenVASTarget();
                target.Hosts          = csv;
                target.Name           = this.ParentProfile.Name + uniqueNo.ToString();
                target.SMBCredentials = new OpenVASLSCCredential();
                target.SSHCredentials = new OpenVASLSCCredential();

                using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) {
                    using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) {
                        target = openvasManager.CreateTarget(target);

                        OpenVASConfig config = openvasManager.GetAllConfigs()
                                               .Where(c => c.RemoteConfigID == new Guid(this.Configuration ["openvasConfig"]))
                                               .SingleOrDefault();

                        OpenVASTask task = new OpenVASTask();

                        task.Comment = string.Format("Task for scan {0}", this.Name);
                        task.Target  = target;
                        task.Config  = config;

                        task = openvasManager.CreateTask(task);

                        XmlDocument taskResponse = openvasManager.StartTask(task.RemoteTaskID.ToString());

                        if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith("20"))
                        {
                            throw new Exception("Creating OpenVAS scan failed: " +
                                                taskResponse.FirstChild.Attributes ["status_text"].Value
                                                );
                        }

                        openvasReportID = taskResponse.FirstChild.FirstChild.InnerText;
                        openvasTaskID   = task.RemoteTaskID.ToString();
                    }

                    Console.WriteLine("Done creating and starting OpenVAS scan.");
                }
            }

            if (this.ScanOptions.IsNessusAssessment)
            {
                Console.WriteLine("Creating Nessus scan...");
                using (NessusManagerSession nessusSession = new NessusManagerSession(this.Configuration["nessusHost"])) {
                    bool loggedIn = false;
                    nessusSession.Authenticate(this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);

                    if (!loggedIn)
                    {
                        throw new Exception("Invalid username/password");
                    }

                    using (NessusObjectManager nessusManager = new NessusObjectManager(nessusSession)) {
                        var tmp = nessusManager.CreateAndStartScan(csv, -2, this.Name + uniqueNo.ToString());

                        string scanName = tmp.Name;
                        nessusScanID = scanName;

                        string reportID = string.Empty;
                        foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes)
                        {
                            if (node.Name == "contents")
                            {
                                string tmpReportID = string.Empty;
                                foreach (XmlNode child in node.FirstChild.ChildNodes)
                                {
                                    foreach (XmlNode c in child.ChildNodes)
                                    {
                                        if (c.Name == "name")
                                        {
                                            tmpReportID = c.InnerText;
                                        }
                                        else if (c.Name == "readableName" && c.InnerText == scanName)
                                        {
                                            reportID = tmpReportID;
                                        }
                                    }
                                }
                                tmpReportID = string.Empty;
                            }
                        }
                    }
                    Console.WriteLine("Done creating and starting Nessus scan.");
                }
            }
            if (this.ScanOptions.IsNexposeAssessment)
            {
                Console.WriteLine("Creating NeXpose scan...");
                int siteID = 0;
                if (this.ScanOptions.RemoteNexposeSiteID <= 0)
                {
                    XmlDocument d           = null;
                    string      id          = "-1";
                    string      template    = "full-audit";
                    string      name        = this.Name + uniqueNo.ToString();
                    string      description = "A site for the the profile " + this.ParentProfile.Name;

                    string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">";

                    siteXml = siteXml + "<Hosts>";

                    foreach (string host in csv.Split(','))
                    {
                        siteXml = siteXml + "<host>" + host + "</host>";
                    }

                    siteXml = siteXml + "</Hosts>" +
                              "<Credentials></Credentials>" +
                              "<Alerting></Alerting>" +
                              "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" +
                              "</Site>";

                    XmlDocument doc = new XmlDocument();
                    doc.LoadXml(siteXml);

                    using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                        session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                        using (NexposeManager11 manager = new NexposeManager11(session)) {
                            XmlDocument response = manager.SaveOrUpdateSite(doc.FirstChild);

                            d = response;
                        }
                    }

                    siteID = int.Parse(d.FirstChild.Attributes ["site-id"].Value);

                    this.ScanOptions.RemoteNexposeSiteID = siteID;
                }
                else
                {
                    siteID = this.ScanOptions.RemoteNexposeSiteID;
                }

                using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                    session.Authenticate(this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                    using (NexposeManager11 manager = new NexposeManager11(session)) {
                        XmlDocument response = manager.ScanSite(siteID.ToString());

                        nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value;
                    }
                }

                Console.WriteLine("Done creating and starting NeXpose scan.");
            }

            Dictionary <NMapHost, IList <IToolResults> > results = new Dictionary <NMapHost, IList <IToolResults> > ();

            services = new List <string> ();

            foreach (var host in hosts)
            {
                foreach (Port port in (host as NMapHost).Ports)
                {
                    services.Add(port.Service);
                }

                NMapHost threadHost = host as NMapHost;

                Console.WriteLine("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")");

                results.Add(threadHost, ScanHost(threadHost, this.ScanOptions.SQLMapOptions, this.Configuration));
            }

            toolResults = results;
            bool done = false;

            if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment)
            {
                while (!done)
                {
                    if (!string.IsNullOrEmpty(openvasTaskID) && this.OpenVASScanIsRunning(openvasTaskID))
                    {
                        Console.WriteLine("Waiting on OpenVAS scan " + openvasTaskID);
                        Thread.Sleep(new TimeSpan(0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty(nessusScanID) && this.NessusScanIsRunning(nessusScanID))
                    {
                        Console.WriteLine("Waiting on Nessus scan " + nessusScanID);
                        Thread.Sleep(new TimeSpan(0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty(nexposeScanID) && this.NexposeScanIsRunning(nexposeScanID))
                    {
                        Console.WriteLine("Waiting on NeXpose scan " + nexposeScanID);
                        Thread.Sleep(new TimeSpan(0, 0, 60));
                        continue;
                    }

                    done = true;
                }

                Dictionary <VulnerabilityScanType, string> scans = new Dictionary <VulnerabilityScanType, string> ();

                if (!string.IsNullOrEmpty(openvasReportID))
                {
                    scans.Add(VulnerabilityScanType.OpenVAS, openvasReportID);
                }

                if (!string.IsNullOrEmpty(nexposeScanID))
                {
                    scans.Add(VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString());
                }

                if (!string.IsNullOrEmpty(nessusScanID))
                {
                    scans.Add(VulnerabilityScanType.Nessus, nessusScanID);
                }

                Dictionary <VulnerabilityScanType, XmlNode> reports = this.GetReports(scans);
                foreach (var report in reports)
                {
                    if (report.Key == VulnerabilityScanType.Nessus)
                    {
                        nessusScan = new NessusScan(report.Value);
                    }
                    else if (report.Key == VulnerabilityScanType.Nexpose)
                    {
                        nexposeScan = new NexposeScan(report.Value);
                    }
                    else if (report.Key == VulnerabilityScanType.OpenVAS)
                    {
                        openvasScan = new OpenVASScan(report.Value);
                    }
                    else
                    {
                        throw new Exception("Don't know this scan type");
                    }
                }

                if (this.ScanOptions.IsMetasploitAssessment)
                {
                    string workspace = Guid.NewGuid().ToString();
                    this.CreateNewMetasploitWorkspace(workspace);
                    this.ImportScansIntoMetasploitPro(reports, workspace);

                    string proTaskID = this.BeginMetasploitProAssessment(workspace, csv, false);

                    while (this.MetasploitProAssessmentIsRunning(proTaskID))
                    {
                        Console.WriteLine("Waiting on exploit assessment from metasploit: task " + proTaskID);
                        System.Threading.Thread.Sleep(new TimeSpan(0, 0, 30));
                    }

                    metasploitScan = new MetasploitScan(this.GetMetasploitProReport(workspace));
                }
            }

            TimeSpan duration = DateTime.Now - start;

            this.Duration = duration.TotalSeconds.ToString();

            this.HasRun = true;
        }