public void DeleteTarget(OpenVASTarget target) { if (target.RemoteTargetID == Guid.Empty) { throw new Exception("Can't delete target that hasn't been created."); } XmlDocument response = this.DeleteTarget(target.RemoteTargetID.ToString()); foreach (XmlAttribute attr in response.Attributes) { if (attr.Name == "status" && attr.Value != "200") { throw new Exception("Deleting target failed."); } } }
public OpenVASTarget CreateTarget(OpenVASTarget target) { if (target.RemoteTargetID != Guid.Empty) { throw new Exception("This target has already been created."); } XmlDocument response = this.CreateTarget(target.Name, target.Comment, target.Hosts, target.SMBCredentials.RemoteCredentialsID.ToString(), target.SSHCredentials.RemoteCredentialsID.ToString(), target.PortRange); foreach (XmlAttribute attr in response.FirstChild.Attributes) { if (attr.Name == "id") { target.RemoteTargetID = new Guid(attr.Value); } } return(target); }
public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary<NMapHost, IList<IToolResults>> toolResults) { if (this.Configuration == null) throw new Exception ("Configuration not set"); DateTime start = DateTime.Now; metasploitScan = null; nessusScan = null; nexposeScan = null; openvasScan = null; string openvasTaskID = string.Empty; string nessusScanID = string.Empty; string nexposeScanID = string.Empty; int uniqueNo = new Random ().Next (); IList<NMapHost > hosts = this.ParentProfile.CurrentResults.Hosts; if (hosts.Count() == 0) { Console.WriteLine("ERROR: no hosts in the profile. Aborting."); toolResults = null; return; } csv = string.Empty; foreach (NMapHost host in hosts) csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case string openvasReportID = string.Empty; if (this.ScanOptions.IsOpenVASAssessment) { Console.WriteLine ("Creating OpenVAS Scan..."); OpenVASTarget target = new OpenVASTarget (); target.Hosts = csv; target.Name = this.ParentProfile.Name + uniqueNo.ToString (); target.SMBCredentials = new OpenVASLSCCredential (); target.SSHCredentials = new OpenVASLSCCredential (); using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) { using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) { target = openvasManager.CreateTarget (target); OpenVASConfig config = openvasManager.GetAllConfigs () .Where (c => c.RemoteConfigID == new Guid (this.Configuration["openvasConfig"])) .SingleOrDefault (); OpenVASTask task = new OpenVASTask (); task.Comment = string.Format ("Task for scan {0}", this.Name); task.Target = target; task.Config = config; task = openvasManager.CreateTask (task); XmlDocument taskResponse = openvasManager.StartTask (task.RemoteTaskID.ToString ()); if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith ("20")) throw new Exception ("Creating OpenVAS scan failed: " + taskResponse.FirstChild.Attributes ["status_text"].Value); openvasReportID = taskResponse.FirstChild.FirstChild.InnerText; openvasTaskID = task.RemoteTaskID.ToString (); } Console.WriteLine ("Done creating and starting OpenVAS scan."); } } if (this.ScanOptions.IsNessusAssessment) { Console.WriteLine ("Creating Nessus scan..."); using (NessusManagerSession nessusSession = new NessusManagerSession (this.Configuration["nessusHost"])) { bool loggedIn = false; nessusSession.Authenticate (this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn); if (!loggedIn) throw new Exception ("Invalid username/password"); using (NessusObjectManager nessusManager = new NessusObjectManager (nessusSession)) { var tmp = nessusManager.CreateAndStartScan (csv, -2, this.Name + uniqueNo.ToString ()); string scanName = tmp.Name; nessusScanID = scanName; string reportID = string.Empty; foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes) { if (node.Name == "contents") { string tmpReportID = string.Empty; foreach (XmlNode child in node.FirstChild.ChildNodes) { foreach (XmlNode c in child.ChildNodes) { if (c.Name == "name") tmpReportID = c.InnerText; else if (c.Name == "readableName" && c.InnerText == scanName) reportID = tmpReportID; } } tmpReportID = string.Empty; } } } Console.WriteLine ("Done creating and starting Nessus scan."); } } if (this.ScanOptions.IsNexposeAssessment) { Console.WriteLine ("Creating NeXpose scan..."); int siteID = 0; if (this.ScanOptions.RemoteNexposeSiteID <= 0) { XmlDocument d = null; string id = "-1"; string template = "full-audit"; string name = this.Name + uniqueNo.ToString (); string description = "A site for the the profile " + this.ParentProfile.Name; string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">"; siteXml = siteXml + "<Hosts>"; foreach (string host in csv.Split(',')) siteXml = siteXml + "<host>" + host + "</host>"; siteXml = siteXml + "</Hosts>" + "<Credentials></Credentials>" + "<Alerting></Alerting>" + "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" + "</Site>"; XmlDocument doc = new XmlDocument (); doc.LoadXml (siteXml); using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.SaveOrUpdateSite (doc.FirstChild); d = response; } } siteID = int.Parse (d.FirstChild.Attributes ["site-id"].Value); this.ScanOptions.RemoteNexposeSiteID = siteID; } else { siteID = this.ScanOptions.RemoteNexposeSiteID; } using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.ScanSite (siteID.ToString ()); nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value; } } Console.WriteLine ("Done creating and starting NeXpose scan."); } Dictionary<NMapHost, IList<IToolResults >> results = new Dictionary<NMapHost, IList<IToolResults>> (); services = new List<string> (); foreach (var host in hosts) { foreach (Port port in (host as NMapHost).Ports) services.Add (port.Service); NMapHost threadHost = host as NMapHost; Console.WriteLine ("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")"); results.Add (threadHost, ScanHost (threadHost, this.ScanOptions.SQLMapOptions, this.Configuration)); } toolResults = results; bool done = false; if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment) { while (!done) { if (!string.IsNullOrEmpty (openvasTaskID) && this.OpenVASScanIsRunning (openvasTaskID)) { Console.WriteLine ("Waiting on OpenVAS scan " + openvasTaskID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } if (!string.IsNullOrEmpty (nessusScanID) && this.NessusScanIsRunning (nessusScanID)) { Console.WriteLine ("Waiting on Nessus scan " + nessusScanID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } if (!string.IsNullOrEmpty (nexposeScanID) && this.NexposeScanIsRunning (nexposeScanID)) { Console.WriteLine ("Waiting on NeXpose scan " + nexposeScanID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } done = true; } Dictionary<VulnerabilityScanType, string> scans = new Dictionary<VulnerabilityScanType, string> (); if (!string.IsNullOrEmpty (openvasReportID)) scans.Add (VulnerabilityScanType.OpenVAS, openvasReportID); if (!string.IsNullOrEmpty (nexposeScanID)) scans.Add (VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString ()); if (!string.IsNullOrEmpty (nessusScanID)) scans.Add (VulnerabilityScanType.Nessus, nessusScanID); Dictionary<VulnerabilityScanType, XmlNode> reports = this.GetReports (scans); foreach (var report in reports) { if (report.Key == VulnerabilityScanType.Nessus) nessusScan = new NessusScan(report.Value); else if (report.Key == VulnerabilityScanType.Nexpose) nexposeScan = new NexposeScan(report.Value); else if (report.Key == VulnerabilityScanType.OpenVAS) openvasScan = new OpenVASScan(report.Value); else throw new Exception ("Don't know this scan type"); } if (this.ScanOptions.IsMetasploitAssessment) { string workspace = Guid.NewGuid ().ToString (); this.CreateNewMetasploitWorkspace (workspace); this.ImportScansIntoMetasploitPro (reports, workspace); string proTaskID = this.BeginMetasploitProAssessment (workspace, csv, false); while (this.MetasploitProAssessmentIsRunning(proTaskID)) { Console.WriteLine ("Waiting on exploit assessment from metasploit: task " + proTaskID); System.Threading.Thread.Sleep (new TimeSpan (0, 0, 30)); } metasploitScan = new MetasploitScan(this.GetMetasploitProReport (workspace)); } } TimeSpan duration = DateTime.Now - start; this.Duration = duration.TotalSeconds.ToString (); this.HasRun = true; }
public void DeleteTarget(OpenVASTarget target) { if (target.RemoteTargetID == Guid.Empty) throw new Exception("Can't delete target that hasn't been created."); XmlDocument response = this.DeleteTarget(target.RemoteTargetID.ToString()); foreach (XmlAttribute attr in response.Attributes) { if (attr.Name == "status" && attr.Value != "200") throw new Exception("Deleting target failed."); } }
public OpenVASTarget CreateTarget(OpenVASTarget target) { if (target.RemoteTargetID != Guid.Empty) throw new Exception("This target has already been created."); XmlDocument response = this.CreateTarget(target.Name, target.Comment, target.Hosts, target.SMBCredentials.RemoteCredentialsID.ToString(), target.SSHCredentials.RemoteCredentialsID.ToString(), target.PortRange); foreach (XmlAttribute attr in response.FirstChild.Attributes) { if (attr.Name == "id") target.RemoteTargetID = new Guid(attr.Value); } return target; }