public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "Assembly location = " + a.Location);
// ============================================
// Parse the XML Document and populate the database
// ============================================
XmlDocument doc = new XmlDocument();
doc.LoadXml(m_data);
XORCISMEntities model;
model = new XORCISMEntities();
string query = "/NessusClientData_v2/Report";
XmlNode report;
report = doc.SelectSingleNode(query);
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("Found {0} hosts to parse", report.ChildNodes.Count));
foreach (XmlNode reportHost in report.ChildNodes)
{
string ipAddress;
ipAddress = reportHost.Attributes["name"].InnerText;
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("Handling host with IP {0}", ipAddress));
// =============================================
// If necessary, create an asset in the database
// =============================================
//TODO ipaddressIPv4
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == ipAddress //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = ipAddress;
asset.AssetDescription = ipAddress;
//TODO ipaddressIPv4
asset.ipaddressIPv4 = ipAddress;
asset.Enabled = true;
//asset.JobID = m_JobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "This IP already corresponds to an existing asset");
}
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = model.JOB.Single(x => x.JobID == m_JobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_JobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
// =============================
// Handles every ReportItem tag
// =============================
foreach (XmlNode n in reportHost.ChildNodes)
{
//Hardcoded
if (n.Name.ToUpper() == "ReportItem".ToUpper() && n.ChildNodes != null && n.ChildNodes.Count > 0)
{
string protocol = n.Attributes["protocol"].InnerText.ToUpper();
int port = Convert.ToInt32(n.Attributes["port"].InnerText);
//svc_name
//pluginID
//pluginName
//pluginFamily
//risk_factor
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = ipAddress;
vulnerabilityEndPoint.Protocol = protocol;
vulnerabilityEndPoint.Port = port;
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
vulnerabilityFound.ListItem = Helper_GetCVE(n);
vulnerabilityFound.ListReference = Helper_GetREFERENCE(n); //TODO: Helper_GetCVE and Helper_GetREFERENCE could be mixed for only 1 parsing
vulnerabilityFound.InnerXml = n.OuterXml;
vulnerabilityFound.Description = HelperGetChildInnerText(n, "description");
vulnerabilityFound.Solution = HelperGetChildInnerText(n, "solution");
vulnerabilityFound.Title = HelperGetChildInnerText(n, "synopsis");
vulnerabilityFound.rawresponse = HelperGetChildInnerText(n, "plugin_output");
vulnerabilityFound.Result = HelperGetChildInnerText(n, "plugin_output");
vulnerabilityFound.Severity = n.Attributes["severity"].InnerText; //1
//vulnerabilityFound.Severity = HelperGetChildInnerText(n, "risk_factor"); //None Low
if (HelperGetChildInnerText(n, "exploit_available") == "true")
{
vulnerabilityFound.Exploitable = true;
}
//exploitability_ease Exploits are available
//exploit_framework_canvas
//exploit_framework_metasploit
//exploit_framework_core
//metasploit_name
//canvas_package
//cvss_vector
//cvss_temporal_score
try
{
vulnerabilityFound.CVSSBaseScore = float.Parse(HelperGetChildInnerText(n, "cvss_base_score"), System.Globalization.CultureInfo.InvariantCulture);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("Error parsing CVSS_BASE : Exception = {0}", ex.Message));
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("CVSS_BASE =", HelperGetChildInnerText(n, "cvss_base_score")));
}
bool PatchUpgrade = false;
string MSPatch = "";
string title;
string Solution;
//patch_publication_date
if (HelperGetChildInnerText(n, "patch_publication_date") != "")
{
PatchUpgrade = true;
}
title = n.Attributes["pluginName"].InnerText;
Regex objNaturalPattern = new Regex("MS[0-9][0-9]-[0-9][0-9][0-9]");
MSPatch = objNaturalPattern.Match(title).ToString();
if (MSPatch != "")
{
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", "MSPatch=" + MSPatch);
PatchUpgrade = true;
}
//Hardcoded
Solution = HelperGetChildInnerText(n, "solution");
if (Solution.Contains(" upgrade to "))
{
PatchUpgrade = true;
}
if (Solution.Contains("Upgrade "))
{
PatchUpgrade = true;
}
if (Solution.Contains("has released a set of patches"))
{
PatchUpgrade = true;
}
if (Solution.Contains("Apply the appropriate patch"))
{
PatchUpgrade = true;
}
//<patch_publication_date>
vulnerabilityFound.PatchUpgrade = PatchUpgrade;
vulnerabilityFound.MSPatch = MSPatch;
// ===========
// Persistance
// ===========
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("Persistance [{0}] [{1}] [{2}]", protocol, port, Helper_ListCVEToString(vulnerabilityFound.ListItem)));
int etat = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_JobId, "nessus", model);
if (etat == -1)
{
Utils.Helper_Trace("XORCISM PROVIDER NESSUS", string.Format("CANNOT IMPORT THIS ASSET !!!! "));
}
}
}
}
// TODO
// VulnerabilityPersistor.UpdateVulnerabilityJob(list_vulnerabilyFound,m_JobId,m_model);
}
private void FuncThread()
{
XORCISMEntities context;
context = new XORCISMEntities();
// Explicitly open the connection.
//context.Connection.Open();
// =================
// Main polling loop
// =================
try
{
while (true) //Infinite loop
{
// =============================================================================
// PHASE 0 : Look in table SESSION and let's see if there is something to cancel
// =============================================================================
#region Phase0
//Utils.Helper_Trace("MANAGER ENGINE", "Looking for new session to cancel (those with status = 'ToCancel')");
string status;
status = XCommon.STATUS.TOCANCEL.ToString();
XORCISMModel.SESSION cancelSession;
cancelSession = context.SESSION.FirstOrDefault(s => s.Status == status);
if (cancelSession != null)
{
// ===============================
// Abort the Launch Session thread
// ===============================
if (m_ListRunningSessionThread.ContainsKey(cancelSession.SessionID) == true)
{
LaunchSessionThreadInfo info;
info = m_ListRunningSessionThread[cancelSession.SessionID];
Thread musCanceledThread;
musCanceledThread = info.Thread;
musCanceledThread.Abort(cancelSession.SessionID.ToString());
// ==============================
// Launch a Cancel Session thread
// ==============================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Launching cancel session thread (sessionID={0})", cancelSession.SessionID));
cancelSession.Status = XCommon.STATUS.CANCELLING.ToString();
context.SaveChanges();
ParameterizedThreadStart ts;
ts = new ParameterizedThreadStart(FuncThreadCancelSession);
Thread thread;
thread = new Thread(ts);
thread.Start(info);
}
else
{
//Canceling after Manager crash/reboot
//Session is not in m_ListRunningSessionThread
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Session {0} must be canceled", cancelSession.SessionID));
//int accountID;
//accountID = (int)model.USERACCOUNT.FirstOrDefault(o => o.UserID == session.UserID).AccountID;
// =============================
// Cancel the jobs on the agents
// =============================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Cancelling jobs on agents", cancelSession.SessionID));
var jobs = from jc in context.JOB
where jc.SessionID == cancelSession.SessionID
select jc;
foreach (JOB J in jobs.ToList())
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Handling job {1}", cancelSession.SessionID, J.JobID));
// ====================================
// Contact the agent and cancel the job
// ====================================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Trying to contact the agent", cancelSession.SessionID));
try
{
ServiceReferenceAgent.Service1Client service;
service = new ServiceReferenceAgent.Service1Client();
// TODO :
// service.Endpoint.Address = bestAgent.IPAddress;
service.CancelJob(J.JobID);
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : The agent has been successfully contacted", cancelSession.SessionID));
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Error contacting the agent. Exception = {1} {2}", cancelSession.SessionID, ex.Message, ex.InnerException));
XCommon.Utils.Helper_SendEmail("*****@*****.**", "MANAGER ENGINE ERROR", "CANCELSESSION : Error contacting the agent. Exception =" + ex.Message + " " + ex.InnerException);
//return;
}
}
// =============================
// Update table SESSION (Status)
// =============================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Updating status in table SESSION to CANCELED", cancelSession.SessionID));
try
{
cancelSession.Status = XCommon.STATUS.CANCELED.ToString();
cancelSession.DateEnd = DateTimeOffset.Now;
context.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Error CANCELED. Exception = {1}", cancelSession.SessionID, ex.Message));
//return;
}
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SESSION {0} : CANCELSESSION : Finished", cancelSession.SessionID));
}
}
#endregion Phase0
// =============================================================================
// PHASE 1 : Look in table SESSION and let's see if there is something to launch
// =============================================================================
Utils.Helper_Trace("MANAGER ENGINE", "Looking for new session to start (status IDLE)"); //DO NOT COMMENT THIS LINE
string Statut = XCommon.STATUS.IDLE.ToString();
var session = context.SESSION.FirstOrDefault(s => s.Status == Statut);
if (session != null)
{
int sessionID;
sessionID = session.SessionID;
//Check if the Account and User are still valid
USERACCOUNT user = null;
user = context.USERACCOUNT.SingleOrDefault(o => o.UserID == session.UserID);
if (user.ACCOUNT.ValidUntilDate != null && user.ACCOUNT.ValidUntilDate < DateTimeOffset.Now)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Account not valid for session {0}", sessionID));
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Changing session (sessionID={0}) to CANCELED", sessionID));
session.Status = XCommon.STATUS.CANCELED.ToString();
context.SaveChanges();
}
else
{
if (m_ListRunningSessionThread.ContainsKey(sessionID) == true)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Session {0} is supposed to be launched but a thread is already running for this session !", sessionID));
}
else
{
// =======================
// Launch a session thread
// =======================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Launching session (sessionID={0})", sessionID));
session.Status = XCommon.STATUS.RUNNING.ToString();
context.SaveChanges();
ParameterizedThreadStart managerThreadStart;
managerThreadStart = new ParameterizedThreadStart(FuncThreadLaunchSession);
Thread thread;
thread = new Thread(managerThreadStart);
LaunchSessionThreadInfo info;
info = new LaunchSessionThreadInfo(sessionID, thread);
thread.Start(info);
// ========================
// Put it in the dictionary
// ========================
m_ListRunningSessionThread.Add(sessionID, info);
}
}
}
// ===================================================================================
// PHASE 2 : Look in table SESSIONCRON and let's see if we have to create new sessions
// ===================================================================================
Statut = XCommon.STATUS.IDLE.ToString();
var q = context.SESSIONCRON.Where(o => o.Status == Statut);
foreach (SESSIONCRON sessionCron in q.ToList())
{
if (sessionCron.DateEnd == null || sessionCron.DateEnd > DateTime.Now)
{
//Check if the Account and User are still valid
USERACCOUNT user = null;
user = context.USERACCOUNT.SingleOrDefault(o => o.UserID == sessionCron.UserID);
if (user.ACCOUNT.ValidUntilDate != null && user.ACCOUNT.ValidUntilDate < DateTimeOffset.Now)
{
//Utils.Helper_Trace("MANAGER ENGINE", string.Format("Account not valid for entry {0} in table SESSIONCRON", sessionCron.SessionCronID));
}
else
{
CrontabSchedule schedule;
schedule = CrontabSchedule.Parse(sessionCron.CronExpression);
DateTimeOffset start = DateTimeOffset.Now;
DateTimeOffset end = start + TimeSpan.FromDays(2 * 360);
var occurrence = schedule.GetNextOccurrences(start, end).GetEnumerator();
occurrence.MoveNext();
// Utils.Helper_Trace("MANAGER ENGINE", "SessionCron "+sessionCron.SessionCronID+" Next occurrence=" + occurrence.Current.DayOfWeek.ToString() + " " + occurrence.Current.Day.ToString() + "/" + occurrence.Current.Month.ToString() + "/" + occurrence.Current.Year.ToString() + " " + occurrence.Current.Hour.ToString() + "H" + occurrence.Current.Minute.ToString() + ":" + occurrence.Current.Second.ToString());
TimeSpan ts;
ts = occurrence.Current - start;
if (ts.TotalSeconds <= 5.0)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Cron expression for entry {0} in table SESSIONCRON has triggered an execution", sessionCron.SessionCronID));
// ================================
// Extract and parse the parameters
// ================================
Dictionary <string, object> dicoParameters;
try
{
MemoryStream ms;
ms = new MemoryStream(sessionCron.Parameters);
BinaryFormatter bf;
bf = new BinaryFormatter();
dicoParameters = (Dictionary <string, object>)bf.Deserialize(ms);
}
catch (Exception e)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Exception while deserializing parameters : {0}", e.Message));
return;
}
int[] tabAssetID = null;
if (dicoParameters["ASSETS"] != null)
{
tabAssetID = (int[])dicoParameters["ASSETS"];
}
// ================================
// Add a new entry in table SESSION
// ================================
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Adding an entry in table SESSION"));
SESSION tmpSession = new SESSION();
//xxx
try
{
tmpSession.UserID = sessionCron.UserID;
tmpSession.Status = XCommon.STATUS.IDLE.ToString();
tmpSession.ServiceCategoryID = sessionCron.ServiceCategoryID;
tmpSession.DateStart = DateTimeOffset.Now;
tmpSession.DateEnd = null;
tmpSession.Parameters = sessionCron.Parameters;
tmpSession.SessionCronID = sessionCron.SessionCronID;
context.SESSION.Add(tmpSession);
context.SaveChanges();
//xxx
}
catch (Exception ex)
{
//xxx
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Error adding entry in table SESSION : Exception = {0} - {1}", ex.Message, ex.InnerException.Message));
throw ex;
}
Utils.Helper_Trace("MANAGER ENGINE", string.Format("SessionID = {0}", tmpSession.SessionID));
// ============================================
// Add several entries in table ASSETSESSION
// ============================================
if (tabAssetID != null)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Adding {0} entries in table ASSETSESSION", tabAssetID.Count()));
try
{
foreach (int assetID in tabAssetID)
{
ASSETSESSION tmpAinS = new ASSETSESSION();
tmpAinS.SESSION = tmpSession;
tmpAinS.AssetID = assetID;
context.ASSETSESSION.Add(tmpAinS);
}
context.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Error adding entries in table ASSETSESSION : Exception = {0}", ex.Message));
throw ex;
}
}
}
}
}
}
// =====
// Sleep
// =====
Thread.Sleep(5000); //Hardcoded
}
}
catch (ThreadAbortException exThreadAbort)
{
//int SessionId;
//SessionId=Convert.ToInt32((string)exThreadAbort.ExceptionState);
//XORCISMModel.SESSION musBeCanceledSession;
//musBeCanceledSession=context.SESSION.SingleOrDefault(s => s.SessionID == SessionId);
//if (musBeCanceledSession != null)
//{
// musBeCanceledSession.Status = XCommon.STATUS.TOCANCEL.ToString();
// context.SaveChanges();
//}
Utils.Helper_Trace("MANAGER ENGINE", string.Format("ThreadError in main polling loop : Exception = {0}", exThreadAbort.Message));
//HARDCODED
XCommon.Utils.Helper_SendEmail("*****@*****.**", "ThreadError in XManager", "MyException = " + exThreadAbort.Message + " " + exThreadAbort.InnerException);
return;
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER ENGINE", string.Format("Error in main polling loop : Exception = {0} {1}", ex.Message, ex.InnerException));
//HARDCODED
XCommon.Utils.Helper_SendEmail("*****@*****.**", "Error in XManager", "MyException = " + ex.Message + " " + ex.InnerException);
return;
}
}
public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "Assembly location = " + a.Location);
// ===================================================
// Parses the XML Document and populates the database
// ===================================================
// Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "data = " + m_data);
XmlDocument doc = new XmlDocument();
//TODO: Input Validation (XML)
doc.LoadXml(m_data);
XORCISMEntities model;
model = new XORCISMEntities();
string query = "/netsparker/target"; //Hardcoded
XmlNode report;
report = doc.SelectSingleNode(query);
string ipAddress = string.Empty;
ipAddress = HelperGetChildInnerText(report, "url"); //Hardcoded
if (ipAddress.Substring(ipAddress.Length - 1, 1) == "/")
{
ipAddress = ipAddress.Substring(0, ipAddress.Length - 1);
}
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", string.Format("Handling host with IP {0}", ipAddress));
// ===============================================
// If necessary, creates an asset in the database
// ===============================================
//TODO ipaddressIPv4
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == ipAddress //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = ipAddress;
asset.AssetDescription = ipAddress;
//TODO ipaddressIPv4
asset.ipaddressIPv4 = ipAddress;
asset.Enabled = true;
//asset.JobID = m_JobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "This IP already corresponds to an existing asset");
}
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = model.JOB.Single(x => x.JobID == m_JobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_JobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "VULNERABILITIES FOUND");
query = "/netsparker"; //Hardcoded
report = doc.SelectSingleNode(query);
foreach (XmlNode n in report.ChildNodes)
{
//Hardcoded
if (n.Name.ToUpper() == "vulnerability".ToUpper() && n.ChildNodes != null && n.ChildNodes.Count > 0)
{
if (n.Attributes["confirmed"].InnerText == "True")
{
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = ipAddress;
vulnerabilityEndPoint.Protocol = "TCP"; // "http"; //https ... A VOIR
vulnerabilityEndPoint.Port = 80; //443 ... A VOIR
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
//vulnerabilityFound.ListItem = Helper_GetCVE(n);
vulnerabilityFound.InnerXml = n.OuterXml;
string url = HelperGetChildInnerText(n, "url");
vulnerabilityFound.Url = url;
if (url.ToLower().Contains("https://"))
{
vulnerabilityEndPoint.Port = 443;
}
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", string.Format("Url: {0}", url));
//vulnerabilityFound.Type = HelperGetChildInnerText(n, "type");
vulnerabilityFound.Title = HelperGetChildInnerText(n, "type");
vulnerabilityFound.Description = HelperGetChildInnerText(n, "type");
vulnerabilityFound.Severity = HelperGetChildInnerText(n, "severity");
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", string.Format("Severity: {0}", HelperGetChildInnerText(n, "severity")));
vulnerabilityFound.VulnerableParameterType = HelperGetChildInnerText(n, "vulnerableparametertype");
vulnerabilityFound.VulnerableParameter = HelperGetChildInnerText(n, "vulnerableparameter");
vulnerabilityFound.VulnerableParameterValue = HelperGetChildInnerText(n, "vulnerableparametervalue");
//rawrequest
//rawresponse
//extrainformation
// <info name="Found E-mails">[email protected]</info>
// <info name="Identified Internal Path(s)">/var/www/webscantest/vulnsite/picshare/upload.pl</info>
vulnerabilityFound.Consequence = HelperGetChildInnerText(n, "extrainformation");
bool PatchUpgrade = false;
string MSPatch = "";
/*
* <classification>
* <OWASP>A1</OWASP>
* <WASC>19</WASC>
* <CWE>89</CWE>
* <CAPEC>66</CAPEC>
* </classification>
*/
foreach (XmlNode classif in n.ChildNodes)
{
//Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "classif n.ChildNodes: " + classif.Name);
if (classif.Name.ToUpper() == "classification".ToUpper() && classif.ChildNodes != null && classif.ChildNodes.Count > 0)
{
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "OWASP: " + HelperGetChildInnerText(classif, "OWASP"));
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "WASC: " + HelperGetChildInnerText(classif, "WASC"));
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "CWE: " + HelperGetChildInnerText(classif, "CWE"));
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", "CAPEC: " + HelperGetChildInnerText(classif, "CAPEC"));
}
}
int etat = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_JobId, "netsparker", model);
if (etat == -1)
{
Utils.Helper_Trace("XORCISM PROVIDER NETSPARKER", string.Format("CANNOT IMPORT THIS ASSET !!!! "));
}
}
}
}
}
public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", "Assembly location = " + a.Location);
// ============================================
// Parse the Document and populate the database
// ============================================
XORCISMEntities model;
model = new XORCISMEntities();
string ipAddress;
ipAddress = "";
string protocol = "WWW"; //Hardcoded
int port = 80;
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", string.Format("Handling host with IP {0}", ipAddress));
// =============================================
// If necessary, create an asset in the database
// =============================================
//TODO
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == ipAddress //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = ipAddress;
asset.AssetDescription = ipAddress;
asset.ipaddressIPv4 = ipAddress;
asset.Enabled = true;
//asset.JobID = m_JobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", "This IP already corresponds to an existing asset");
}
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = model.JOB.Single(x => x.JobID == m_JobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_JobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
//**************************
StreamReader monStreamReader = new StreamReader("samples.js"); //Hardcoded
string curline = monStreamReader.ReadLine();
bool issue_samples = false;
int currentseverity = 0;
string curvulntype = "";
while (curline != null)
{
if (issue_samples)
{
if (curline.Contains("'url':"))
{
Console.WriteLine(curvulntype);
Console.WriteLine(vulntypeSkipfish(curvulntype));
curline = curline.Trim();
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
string vulnurl = words1[0].Replace("{ 'url': '", "");
vulnurl = vulnurl.Substring(0, vulnurl.Length - 1);
Console.WriteLine(vulnurl);
string vulnparam = words1[1].Replace("'extra': '", "");
vulnparam = vulnparam.Substring(0, vulnparam.Length - 1).Trim();
Console.WriteLine(vulnparam);
string vulninfodir = words1[2].Replace("'dir': '", "");
vulninfodir = vulninfodir.Replace("' } ]", "");
vulninfodir = vulninfodir.Replace("' }", "").Trim();
Console.WriteLine(vulninfodir);
if (currentseverity > 0)
{
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = ipAddress;
vulnerabilityEndPoint.Protocol = protocol;
vulnerabilityEndPoint.Port = port;
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
//vulnerabilityFound.PatchUpgrade = PatchUpgrade;
//vulnerabilityFound.MSPatch = MSPatch;
vulnerabilityFound.Title = vulntypeSkipfish(curvulntype);
vulnerabilityFound.Severity = currentseverity.ToString();
vulnerabilityFound.Url = vulnurl;
//vulnerabilityFound.rawrequest= vulninfodir+"/request.dat";
//vulnerabilityFound.rawresponse= vulninfodir+"/response.dat";
vulnerabilityFound.Result = vulnparam;
// ===========
// Persistance
// ===========
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", string.Format("Persistance [{0}] [{1}] [{2}]", protocol, port, Helper_ListCVEToString(vulnerabilityFound.ListItem)));
int etat = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_JobId, "skipfish", model);
if (etat == -1)
{
Utils.Helper_Trace("XORCISM PROVIDER SkipfishImport", string.Format("CANNOT IMPORT THIS ASSET !!!! "));
}
}
else
{
//TODO
/*
* //severity=0
* INFORMATION myinfo = new INFORMATION();
* myinfo.Title = vulntypeSkipfish(curvulntype);
* myinfo.Severity = currentseverity.ToString();
* myinfo.Url = vulnurl;
* //myinfo.rawrequest= vulninfodir+"/request.dat";
* //myinfo.rawresponse= vulninfodir+"/response.dat";
* myinfo.Result = vulnparam;
* myinfo.JobID = m_JobId;
*
* model.AddToINFORMATION(myinfo);
* model.SaveChanges();
*/
}
}
}
if (curline.Contains("'severity': 4"))
{
currentseverity = 4;
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
curvulntype = words1[1].Replace(" 'type': ", "");
}
if (curline.Contains("'severity': 3"))
{
currentseverity = 3;
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
curvulntype = words1[1].Replace(" 'type': ", "");
}
if (curline.Contains("'severity': 2"))
{
currentseverity = 2;
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
curvulntype = words1[1].Replace(" 'type': ", "");
}
if (curline.Contains("'severity': 1"))
{
currentseverity = 1;
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
curvulntype = words1[1].Replace(" 'type': ", "");
}
if (curline.Contains("'severity': 0"))
{
currentseverity = 0;
char[] splitter1 = { ',' };
string[] words1 = curline.Split(splitter1);
curvulntype = words1[1].Replace(" 'type': ", "");
}
//Where am I?
if (curline.Contains("var issue_samples"))
{
issue_samples = true;
/*
* ligne = ligne.Trim();
* char[] splitter1 = { ' ' };
* string[] words1 = ligne.Split(splitter1);
*
* cmd1 = "./msfcli " + words1[0].Trim() + " T";
*/
}
curline = monStreamReader.ReadLine();
}
monStreamReader.Close();
// A VOIR
// VulnerabilityPersistor.UpdateVulnerabilityJob(list_vulnerabilyFound,m_JobId,m_model);
}
//public CompositeType GetDataUsingDataContract(CompositeType composite)
//{
// if (composite == null)
// {
// throw new ArgumentNullException("composite");
// }
// if (composite.BoolValue)
// {
// composite.StringValue += "Suffix";
// }
// return composite;
//}
public int CreateSession(int serviceCategoryID, Guid userID, byte[] parameters, Decimal PeasCount, Decimal PeasValue)
{
//Where Magic happens
Utils.Helper_Trace("MANAGER SERVICE", "Entering CreateSession()");
Utils.Helper_Trace("MANAGER SERVICE", string.Format("ServiceCategoryID = {0}", serviceCategoryID));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("UserID = {0}", userID.ToString()));
Dictionary<string, object> dicoParameters;
try
{
MemoryStream ms;
ms = new MemoryStream(parameters);
BinaryFormatter bf;
bf = new BinaryFormatter();
dicoParameters = (Dictionary<string, object>)bf.Deserialize(ms);
}
catch (Exception e)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Exception while deserializing parameters : {0}", e.Message));
return -1;
}
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Size of parameters = {0} bytes", parameters.Length));
int[] tabAssetID = null;
int MaxPages;
string FileName = string.Empty;
string nmapAddress = string.Empty;
string cronExpression = string.Empty;
string sip = string.Empty;
string extrange = string.Empty;
string policy = string.Empty;
string strategie = string.Empty;
switch (serviceCategoryID) //TODO Hardcoded
{
case 1: // Vulnerability Assessment
tabAssetID = (int[])dicoParameters["ASSETS"];
cronExpression = (string)dicoParameters["CRONEXPRESSION"];
policy = (string)dicoParameters["POLICY"];
strategie = (string)dicoParameters["STRATEGY"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Cron Expression = {0}", cronExpression));
break;
case 2: //WAS (Web Application Scanning)
tabAssetID = (int[])dicoParameters["ASSETS"];
cronExpression = (string)dicoParameters["CRONEXPRESSION"];
policy = (string)dicoParameters["POLICY"];
strategie = (string)dicoParameters["STRATEGY"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Cron Expression = {0}", cronExpression));
break;
case 3:
Utils.Helper_Trace("MANAGER SERVICE", "NO parameters defined in XManagerService Service1.cs for service category 3");
break;
case 4: //PCI DSS
tabAssetID = (int[])dicoParameters["ASSETS"];
cronExpression = (string)dicoParameters["CRONEXPRESSION"];
policy = "PCI DSS";
strategie = "Compliance PCI DSS"; //(string)dicoParameters["STRATEGY"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Cron Expression = {0}", cronExpression));
break;
case 5:
Utils.Helper_Trace("MANAGER SERVICE", "NO parameters defined in XManagerService Service1.cs for service category 5");
break;
case 6: // VOIP Scanner
tabAssetID = (int[])dicoParameters["ASSETS"];
sip = (string)dicoParameters["SIP"];
extrange = (string)dicoParameters["EXTRANGE"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
break;
case 7: // Web Anti-malware Monitoring
tabAssetID = (int[])dicoParameters["ASSETS"];
cronExpression = (string)dicoParameters["CRONEXPRESSION"];
MaxPages = (int)dicoParameters["MaxPages"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Service Malware Monitoring:Number of assets = {0}", tabAssetID.Length));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Cron Expression = {0}", cronExpression));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Service Malware Monitoring:MaxPages = {0}", MaxPages));
break;
case 8: // Web Site Monitoring
tabAssetID = (int[])dicoParameters["ASSETS"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
break;
case 9:
Utils.Helper_Trace("MANAGER SERVICE", "NO parameters defined in XManagerService Service1.cs for service category 9");
break;
case 10: // Discovery
nmapAddress = (string)dicoParameters["TARGET"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Target = {0}", nmapAddress));
break;
case 11:
case 12:
case 13: // Import
case 14:
case 15:
FileName = (string)dicoParameters["FILENAME"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Import File : Filename = {0}", FileName));
break;
case 16: //Information Gathering (OSINT)
tabAssetID = (int[])dicoParameters["ASSETS"];
cronExpression = (string)dicoParameters["CRONEXPRESSION"];
policy = (string)dicoParameters["POLICY"];
strategie = (string)dicoParameters["STRATEGY"];
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Number of assets = {0}", tabAssetID.Length));
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Cron Expression = {0}", cronExpression));
break;
}
XORCISMEntities context = new XORCISMEntities();
// ===============================================
// Add a new entry in table SESSION or SESSIONCRON
// ===============================================
int id;
if (cronExpression == "")
{
// ================================
// Add a new entry in table SESSION
// ================================
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Adding an entry in table SESSION"));
SESSION tmpSession = new SESSION();
//Price
try
{
tmpSession.UserID = userID;
tmpSession.Status = XCommon.STATUS.IDLE.ToString();
tmpSession.ServiceCategoryID = serviceCategoryID;
tmpSession.DateEnd = null;
tmpSession.DateStart = DateTimeOffset.Now;
tmpSession.Parameters = parameters;
//Price
context.SESSION.Add(tmpSession);
context.SaveChanges();
//Price
}
catch (Exception ex)
{
/*
USER user;
user = context.USERS.SingleOrDefault(u => u.UserId == userID);
ACCOUNT userAccount;
userAccount = context.USERACCOUNT.SingleOrDefault(o => o.UserID == user.UserId).ACCOUNT;
//Price
*/
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Error adding entry in table SESSION : Exception = {0} - {1}", ex.Message, ex.InnerException.Message));
throw ex;
}
Utils.Helper_Trace("MANAGER SERVICE", string.Format("SessionID = {0}", tmpSession.SessionID));
//Random random = new Random();
try
{
// tmpSession.SessionID = tmpSession.SessionID + random.Next(20, 200);
// context.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Error random SESSION : Exception = {0} - {1}", ex.Message, ex.InnerException.Message));
}
Utils.Helper_Trace("MANAGER SERVICE", string.Format("NewRandomSessionID = {0}", tmpSession.SessionID));
id = tmpSession.SessionID;
// ============================================
// Add several entries in table ASSETSESSION
// ============================================
if (tabAssetID != null)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Adding {0} entries in table ASSETSESSION", tabAssetID.Count()));
try
{
foreach (int assetID in tabAssetID)
{
ASSETSESSION tmpAinS = new ASSETSESSION();
tmpAinS.SESSION = tmpSession;
tmpAinS.AssetID = assetID;
context.ASSETSESSION.Add(tmpAinS);
}
context.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Error adding entries in table ASSETSESSION : Exception = {0}", ex.Message));
throw ex;
}
}
}
else
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Adding an entry in table SESSIONCRON"));
SESSIONCRON tmpSessionCron = new SESSIONCRON();
//Price
try
{
tmpSessionCron.UserID = userID;
tmpSessionCron.CronExpression = cronExpression;
tmpSessionCron.Parameters = parameters;
tmpSessionCron.Status = XCommon.STATUS.IDLE.ToString();
tmpSessionCron.ServiceCategoryID = serviceCategoryID;
tmpSessionCron.DateStart = DateTimeOffset.Now; //TODO Non il faut que ce soit les dates de start/end du cron A VOIR TODO
tmpSessionCron.DateEnd = null;
//Price
context.SESSIONCRON.Add(tmpSessionCron);
context.SaveChanges();
}
catch (Exception ex)
{
Utils.Helper_Trace("MANAGER SERVICE", string.Format("Error adding entry in table SESSIONCRON : Exception = {0} - {1}", ex.Message, ex.InnerException.Message));
throw ex;
}
Utils.Helper_Trace("MANAGER SERVICE", string.Format("SessionCronID = {0}", tmpSessionCron.SessionCronID));
id = tmpSessionCron.SessionCronID;
}
Utils.Helper_Trace("MANAGER SERVICE", "Leaving CreateSession()");
// Finished
return id;
}
public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "Assembly location = " + a.Location);
// ============================================
// Parse the XML Document and populate the database
// ============================================
// Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "data = " + m_data);
XmlDocument doc = new XmlDocument();
doc.LoadXml(m_data);
XORCISMEntities model;
model = new XORCISMEntities();
string query = "/ScanGroup/Scan"; //Hardcoded
XmlNode report;
report = doc.SelectSingleNode(query);
string ipAddress = string.Empty;
ipAddress = HelperGetChildInnerText(report, "StartURL"); //Hardcoded
if (ipAddress.Substring(ipAddress.Length - 1, 1) == "/")
{
ipAddress = ipAddress.Substring(0, ipAddress.Length - 1);
}
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("Handling host with IP {0}", ipAddress));
// ===============================================
// If necessary, creates an asset in the database
// ===============================================
//TODO
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == ipAddress //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = ipAddress;
asset.AssetDescription = ipAddress;
asset.ipaddressIPv4 = ipAddress;
asset.Enabled = true;
//asset.JobID = m_JobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "This IP already corresponds to an existing asset");
}
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = model.JOB.Single(x => x.JobID == m_JobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_JobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", "VULNERABILITIES FOUND");
query = "/ScanGroup/Scan/ReportItems";
report = doc.SelectSingleNode(query);
foreach (XmlNode n in report.ChildNodes)
{
if (n.Name.ToUpper() == "ReportItem".ToUpper() && n.ChildNodes != null && n.ChildNodes.Count > 0)
{
//TODOs HARDCODED
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = ipAddress;
vulnerabilityEndPoint.Protocol = "TCP"; // "http"; //https ... A VOIR
vulnerabilityEndPoint.Port = 80; //443 ... A VOIR
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
//vulnerabilityFound.ListItem = Helper_GetCVE(n);
vulnerabilityFound.InnerXml = n.OuterXml;
//To eliminate VULNERABILITY (Value) duplicates:
/*
* string pattern = @"ReportItem id=""\d\d?\d?""";
* string s = Regex.Replace(n.OuterXml, pattern, "ReportItem id=\"0\"");
* vulnerabilityFound.InnerXml = s;
*/
string url = HelperGetChildInnerText(n, "Affects"); //Server
vulnerabilityFound.Url = url;
if (url.ToLower().Contains("https://"))
{
vulnerabilityEndPoint.Port = 443;
}
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("Url: {0}", url));
vulnerabilityFound.Type = HelperGetChildInnerText(n, "Type");
if (HelperGetChildInnerText(n, "IsFalsePositive") == "False")
{
vulnerabilityFound.IsFalsePositive = false;
}
else
{
vulnerabilityFound.IsFalsePositive = true;
}
vulnerabilityFound.Title = HelperGetChildInnerText(n, "Name");
//ModuleName
//Affects
vulnerabilityFound.Description = HelperGetChildInnerText(n, "Description");
//Extract the CVEs
List <VulnerabilityFound.Item> ListCVEs = new List <VulnerabilityFound.Item>();
//MatchCollection matches = Regex.Matches(HelperGetChildInnerText(n, "Description"), "CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]");
MatchCollection matches = Regex.Matches(HelperGetChildInnerText(n, "Description"), @"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})"); //myRegexCVE
//https://cve.mitre.org/cve/identifiers/tech-guidance.html
foreach (Match match in matches)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("CVE: {0}", match.Groups[1].Value));
VulnerabilityFound.Item item;
item = new VulnerabilityFound.Item();
item.ID = "cve";
item.Value = match.Groups[1].Value;
ListCVEs.Add(item);
}
string mySeverity = HelperGetChildInnerText(n, "Severity");
switch (mySeverity)
{
//HARDCODED
case "high":
mySeverity = "High";
break;
case "medium":
mySeverity = "Medium";
break;
case "low":
mySeverity = "Low";
break;
//case "info"
}
vulnerabilityFound.Severity = mySeverity;
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("Severity: {0}", mySeverity));
string DetailsAnalysis = HelperGetChildInnerText(n, "Details");
if (DetailsAnalysis.Contains("URL encoded GET"))
{
vulnerabilityFound.VulnerableParameterType = "GET"; //should be Querystring for Netsparker
var regex = new Regex(@"URL encoded GET input <b><font color=""dark"">(.*?)</font></b>");
var match = regex.Match(DetailsAnalysis);
if (match.Success)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("VulnerableParameter: {0}", match.Groups[1].Value));
vulnerabilityFound.VulnerableParameter = match.Groups[1].Value;
regex = new Regex(@"was set to <b><font color=""dark"">(.*?)</font></b>");
match = regex.Match(DetailsAnalysis);
if (match.Success)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("VulnerableParameterValue: {0}", match.Groups[1].Value));
vulnerabilityFound.VulnerableParameterValue = match.Groups[1].Value;
}
}
}
if (DetailsAnalysis.Contains("URL encoded POST"))
{
vulnerabilityFound.VulnerableParameterType = "POST"; //should be Post for Netsparker
var regex = new Regex(@"URL encoded POST input <b><font color=""dark"">(.*?)</font></b>");
var match = regex.Match(DetailsAnalysis);
if (match.Success)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("VulnerableParameter: {0}", match.Groups[1].Value));
vulnerabilityFound.VulnerableParameter = match.Groups[1].Value;
regex = new Regex(@"was set to <b><font color=""dark"">(.*?)</font></b>");
match = regex.Match(DetailsAnalysis);
if (match.Success)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("VulnerableParameterValue: {0}", match.Groups[1].Value));
vulnerabilityFound.VulnerableParameterValue = match.Groups[1].Value;
}
}
}
//vulnerabilityFound.VulnerableParameterType = HelperGetChildInnerText(n, "vulnerableparametertype");
//vulnerabilityFound.VulnerableParameter = HelperGetChildInnerText(n, "vulnerableparameter");
//in <Details>:
//URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">4-2+2*3-6</font></b>
//URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">1'</font></b><br/>Error message found: <pre wrap="virtual"><font color="blue">supplied argument is not a valid MySQL result</font></pre>
//URL encoded POST input <b><font color="dark">name</font></b> was set to <b><font color="dark">'"()&%1<ScRiPt >prompt(983150)</ScRiPt></font></b>
//vulnerabilityFound.VulnerableParameterValue = HelperGetChildInnerText(n, "vulnerableparametervalue");
List <VulnerabilityFound.Reference> ListReferences = new List <VulnerabilityFound.Reference>();
foreach (XmlNode nchild in n.ChildNodes)
{
if (nchild.Name.ToUpper() == "TechnicalDetails".ToUpper() && nchild.ChildNodes != null && nchild.ChildNodes.Count > 0)
{
//rawrequest
vulnerabilityFound.rawrequest = HelperGetChildInnerText(nchild, "Request");
//rawresponse
vulnerabilityFound.rawresponse = HelperGetChildInnerText(nchild, "Response");
}
if (nchild.Name.ToUpper() == "References".ToUpper() && nchild.ChildNodes != null && nchild.ChildNodes.Count > 0)
{
foreach (XmlNode reference in nchild)
{
/*
* REFERENCE myReference = new REFERENCE();
* myReference.Source = HelperGetChildInnerText(reference, "Database");
* myReference.Url = HelperGetChildInnerText(reference, "URL");
*
* model.AddToREFERENCE(myReference);
*/
VulnerabilityFound.Reference refvuln = new VulnerabilityFound.Reference();
refvuln.Title = HelperGetChildInnerText(reference, "Database");
string refurl = HelperGetChildInnerText(reference, "URL").ToLower();
refvuln.Url = refurl;
refvuln.Source = HelperGetChildInnerText(reference, "Database");
//Try to harmonise the Source with the other imports (ie: exploits)
//HARDCODED
//TODO: Use a Common Function
if (refurl.Contains("/bugtraq/"))
{
refvuln.Source = "BUGTRAQ";
}
if (refurl.Contains("marc.theaimsgroup.com/?l=bugtraq"))
{
refvuln.Source = "BUGTRAQ";
}
if (refurl.Contains("securityfocus.com/bid"))
{
refvuln.Source = "BID";
}
if (refurl.Contains("osvdb.org/"))
{
refvuln.Source = "OSVDB";
}
if (refurl.Contains("xforce.iss.net/"))
{
refvuln.Source = "XF";
}
if (refurl.Contains("www.iss.net/"))
{
refvuln.Source = "XF";
}
if (refurl.Contains("www.ciac.org/"))
{
refvuln.Source = "CIAC";
}
if (refurl.Contains("ciac.llnl.gov/"))
{
refvuln.Source = "CIAC";
}
if (refurl.Contains("www.cert.org/"))
{
refvuln.Source = "CERT";
}
if (refurl.Contains("sunsolve.sun.org/"))
{
refvuln.Source = "SUN";
}
if (refurl.Contains("sunsolve.sun.com/"))
{
refvuln.Source = "SUN";
}
if (refurl.Contains("patches.sgi.com/"))
{
refvuln.Source = "SGI";
}
if (refurl.Contains("microsoft.com/default.aspx?scid=kb"))
{
refvuln.Source = "MSKB";
}
if (refurl.Contains("ftp.sco.com/"))
{
refvuln.Source = "SCO";
}
if (refurl.Contains("www.trustix.org/"))
{
refvuln.Source = "TRUSTIX";
}
if (refurl.Contains("ftp.freebsd.org/"))
{
refvuln.Source = "FREEBSD";
}
if (refurl.Contains("www.secunia.com/"))
{
refvuln.Source = "SECUNIA";
}
if (refurl.Contains("www.vupen.com/"))
{
refvuln.Source = "VUPEN";
}
if (refurl.Contains("www.securitytracker.com/"))
{
refvuln.Source = "SECTRACK";
}
if (refurl.Contains("www.redhat.com/"))
{
refvuln.Source = "REDHAT";
}
if (refurl.Contains("www.exploit-db.com/"))
{
refvuln.Source = "EXPLOIT-DB";
}
if (refurl.Contains("www.milw0rm.com/"))
{
refvuln.Source = "MILW0RM";
}
if (refurl.Contains("www.microsoft.com/"))
{
refvuln.Source = "MS";
}
if (refurl.Contains("seclists.org/fulldisclosure"))
{
refvuln.Source = "FULLDISC";
}
ListReferences.Add(refvuln);
}
}
}
vulnerabilityFound.ListReference = ListReferences;
vulnerabilityFound.ListItem = ListCVEs;
vulnerabilityFound.Result = HelperGetChildInnerText(n, "Details");
vulnerabilityFound.Consequence = HelperGetChildInnerText(n, "Impact");
vulnerabilityFound.Solution = HelperGetChildInnerText(n, "Recommendation");
//DetailedInformation
vulnerabilityFound.DetailedInformation = HelperGetChildInnerText(n, "DetailedInformation");
//TODO
bool PatchUpgrade = false;
string MSPatch = "";
int etat = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_JobId, "acunetix", model);
if (etat == -1)
{
Utils.Helper_Trace("XORCISM PROVIDER ACUNETIX", string.Format("CANNOT IMPORT THIS ASSET !!!! "));
}
}
}
}
public void parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Assembly location = " + a.Location);
XmlDocument doc = new XmlDocument();
#region HackCenzic
/*
string filename;
filename = @"C:\Cenzic_webscan.xml"; //Hardcoded
doc.Load(filename);
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("HackFile should be located at : " + filename));
*/
#endregion
// ============================================
// Parse the XML Document and populate the database
// ============================================
string protocol = string.Empty;
//int port = -1;
string service = string.Empty;
//bool PatchUpgrade = false;
//string title;
//string MSPatch = "";
//string Solution;
m_data = m_data.Replace("Configurable format #", "Configurable"); //Hardcoded
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("m_data = {0}", m_data));
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Loading the XML document");
doc.LoadXml(m_data);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Exception = {0} / {1}", ex.Message, ex.InnerException == null ? "" : ex.InnerException.Message));
}
XORCISMEntities model;
model = new XORCISMEntities();
string query = "/AssessmentRunData/SmartAttacks/SmartAttacksData"; //Hardcoded
XmlNodeList report;
report = null;
try
{
report = doc.SelectNodes(query);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error SelectNodes({0}) : Exception = {1}", query, ex.Message));
return;
}
//We should retrieve the target for an import
string m_target = string.Empty;
string patterntoken = "<Url>(.*?)</Url>";
MatchCollection matchesurl = Regex.Matches(m_data, patterntoken);
foreach (Match match in matchesurl)
{
m_target = match.Value.Replace("<Url>", "").Replace("</Url>", "");
//Console.WriteLine(mytoken);
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "target: " + m_target);
}
int myPort = 80;
if (m_target.Contains("https://"))
{
myPort = 443;
}
//Check if we have a custom port, ex: http://10.20.30.40:8080/test
string strTargetTest = m_target;
strTargetTest = strTargetTest.Replace("http://", "");
strTargetTest = strTargetTest.Replace("https://", "");
try
{
if (strTargetTest.Contains(":"))
{
char[] splitter = { ':' };
string[] strSplit = strTargetTest.Split(splitter);
strTargetTest = strSplit[1];
if (strTargetTest.Contains("/"))
{
strSplit = strTargetTest.Split(new Char[] { '/' });
strTargetTest = strSplit[0];
}
try
{
myPort = Convert.ToInt32(strTargetTest);
}
catch (FormatException e)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", strTargetTest + " is not a sequence of digits.");
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Custom Port:{0}", strTargetTest));
}
else
{
if (strTargetTest.Contains("/"))
{
string[] strSplit = strTargetTest.Split(new Char[] { '/' });
strTargetTest = strSplit[0];
if (m_target.Contains("https://"))
{
m_target = "https://" + strTargetTest;
}
if (m_target.Contains("http://"))
{
m_target = "http://" + strTargetTest;
}
}
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in strTargetTest : Exception = {0}", ex.Message));
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "the m_target=" + m_target);
// ===============================================
// If necessary, creates an asset in the database
// ===============================================
//TODO
var myass = from ass in model.ASSET
where ass.ipaddressIPv4 == m_target //&& ass.AccountID == m_AccountID
select ass;
ASSET asset = myass.FirstOrDefault();
if (asset == null)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creates a new entry in table ASSET for this IP");
asset = new ASSET();
//asset.AccountID = m_AccountID;
asset.AssetName = m_target;
asset.AssetDescription = m_target;
asset.ipaddressIPv4 = m_target;
asset.Enabled = true;
//asset.JobID = m_jobId;
model.ASSET.Add(asset);
model.SaveChanges();
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "This IP already corresponds to an existing asset");
}
int m_assetId = asset.AssetID;
int m_sessionId = (int)model.JOB.Single(x => x.JobID == m_jobId).SessionID;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Creating ASSETINSESSION reference");
ASSETSESSION assinsess = new ASSETSESSION();
assinsess.AssetID = asset.AssetID;
assinsess.SessionID = m_sessionId; // model.JOB.Single(x => x.JobID == m_jobId).SessionID;
model.ASSETSESSION.Add(assinsess);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Update JOB with ASSETINSESSIONID");
JOB daJob = model.JOB.Single(x => x.JobID == m_jobId);
daJob.AssetSessionID = assinsess.AssetSessionID;
model.SaveChanges();
VulnerabilityEndPoint vulnerabilityEndPoint = new VulnerabilityEndPoint();
vulnerabilityEndPoint.IpAdress = m_target;
vulnerabilityEndPoint.Protocol = "TCP"; // "http";
vulnerabilityEndPoint.Port = myPort;
vulnerabilityEndPoint.Service = "WWW";
int myEndpointID = 0;
var testEndpoint = from e in model.ENDPOINT
where e.AssetID == m_assetId && e.SessionID == m_sessionId
select e;
if (testEndpoint.Count() == 0)
{
ENDPOINT newEndpoint = new ENDPOINT();
newEndpoint.AssetID = m_assetId;
newEndpoint.SessionID = m_sessionId;
newEndpoint.ProtocolName = "TCP"; // "http";
newEndpoint.PortNumber = myPort;
newEndpoint.Service = "WWW";
model.ENDPOINT.Add(newEndpoint);
model.SaveChanges();
myEndpointID = newEndpoint.EndPointID;
}
else
{
myEndpointID = testEndpoint.FirstOrDefault().EndPointID;
}
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myEndpointID:{0}", myEndpointID));
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found {0} SmartAttacks to parse", report.Count));
foreach (XmlNode reportHost in report)
{
// ==================================
// Handle every SmartAttacksData tag
// ==================================
string myInnerXml = string.Empty;
string myTitle = string.Empty;
string myDescription = string.Empty;
string myConsequence = string.Empty;
string myResult = string.Empty;
string mySolution = string.Empty;
string myCVE = string.Empty;
MatchCollection myCVEs;
string myPCI = string.Empty;
string myMessage = string.Empty;
foreach (XmlNode n in reportHost.ChildNodes)
{
//SmartAttackInfo
//ReportItems
XmlNodeList Childs = n.ChildNodes;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 1"));
try
{
if (n.Name == "SmartAttackInfo")
{
myInnerXml = n.OuterXml;
myTitle = HelperGetChildInnerText(n, "SmartAttackName");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Found SmartAttackName:{0}", myTitle));
Regex myRegex = new Regex("PCI [0-9].[0-9].[0-9]");
myPCI = myRegex.Match(myTitle).ToString();
if (myPCI != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "PCI=" + myPCI);
}
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("myInnerXml:{0}", myInnerXml));
//Hardcoded
myDescription = HelperGetChildInnerText(n, "Description");
myConsequence = HelperGetChildInnerText(n, "HowItWorks");
myResult = HelperGetChildInnerText(n, "Impact");
mySolution = HelperGetChildInnerText(n, "Remediation");
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in SmartAttackInfo : Exception = {0}", ex.Message));
}
if (n.Name == "ReportItems")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Coucou 2"));
foreach (XmlNode x in n.ChildNodes)
{
//HARDCODED
//ReportItem
foreach (XmlNode ReportItem in x.ChildNodes)
{
myMessage = "";
if (ReportItem.Name == "ReportItemType")
{
//Pass
if (ReportItem.InnerText == "Information")
{
try
{
//TODO
/*
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Information"));
INFORMATION newInformation = new INFORMATION();
//newInformation.InnerXml
newInformation.Title = myTitle;
newInformation.Description = myDescription;
newInformation.Consequence = myConsequence;
newInformation.Result = myResult;
newInformation.Solution = mySolution;
newInformation.Severity = HelperGetChildInnerText(x, "Severity");
newInformation.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
myMessage = HelperGetChildInnerText(x, "Message");
newInformation.Message = myMessage;
//TODO A FAIRE
//Matching avec les références
//http://www.securityfocus.com/bid/43140/info
//http://www.securityfocus.com/bid/43140/solution
newInformation.Url = HelperGetChildInnerText(x, "Url");
newInformation.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
newInformation.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
if (myPCI != "")
{
newInformation.PCI_FLAG = true;
}
newInformation.JobID = m_jobId;
newInformation.EndPointID = myEndpointID;
model.AddToINFORMATION(newInformation);
model.SaveChanges();
*/
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Information : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
if (ReportItem.InnerText == "Warning")
{
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Warning"));
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
vulnerabilityFound.InnerXml = myInnerXml;
vulnerabilityFound.Title = myTitle;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle));
vulnerabilityFound.Description = myDescription;
vulnerabilityFound.Consequence = myConsequence;
vulnerabilityFound.Result = myResult;
vulnerabilityFound.Solution = mySolution;
if (myPCI != "")
{
vulnerabilityFound.PCI_FLAG = true;
}
//ReportItemCreateDate
vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity");
//Low, Medium, High
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("WARNING Severity:{0}", HelperGetChildInnerText(x, "Severity")));
vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
//Count
myMessage=HelperGetChildInnerText(x, "Message");
//vulnerabilityFound.Message = myMessage; //not exact because same VULNERABILITY will have various Messages
vulnerabilityFound.rawresponse = myMessage;
//Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]");
Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})"); //TODO: Update this?
//https://cve.mitre.org/cve/identifiers/tech-guidance.html
/*
myCVE = objNaturalPattern.Match(myMessage).ToString();
if (myCVE != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE);
}
*/
List<VulnerabilityFound.Item> l;
l = new List<VulnerabilityFound.Item>();
myCVEs = myRegexCVE.Matches(myMessage);
foreach (Match match in myCVEs)
{
foreach (Capture capture in match.Captures)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value));
VulnerabilityFound.Item item;
item = new VulnerabilityFound.Item();
item.Value = capture.Value;
item.ID = "cve";
l.Add(item);
}
}
vulnerabilityFound.ListItem = l;
vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url")));
vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
//vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
//StructuredData
//*** Compliances? voir en bas
//http://www.cenzic.com/downloads/Cenzic_CWE.pdf
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("JobID:" + m_jobId + " Error in Warning : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
if (ReportItem.InnerText == "Vulnerable")
{
try
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerable"));
VulnerabilityFound vulnerabilityFound = new VulnerabilityFound();
vulnerabilityFound.InnerXml = myInnerXml;
vulnerabilityFound.Title = myTitle;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Adding SmartAttackName:{0}", myTitle));
vulnerabilityFound.Description = myDescription;
vulnerabilityFound.Consequence = myConsequence;
vulnerabilityFound.Result = myResult;
vulnerabilityFound.Solution = mySolution;
//ReportItemCreateDate
vulnerabilityFound.Severity = HelperGetChildInnerText(x, "Severity");
//Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("VULNERABLE Severity:{0}", HelperGetChildInnerText(x, "Severity")));
vulnerabilityFound.HarmScore = int.Parse(HelperGetChildInnerText(x, "HarmScore"));
//Count
myMessage = HelperGetChildInnerText(x, "Message");
//vulnerabilityFound.Message = myMessage;
vulnerabilityFound.rawresponse = myMessage;
//Regex objNaturalPattern = new Regex("CVE-[0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9]");
Regex myRegexCVE = new Regex(@"CVE-(19|20)\d\d-(0\d{3}|[1-9]\d{3,})");
//https://cve.mitre.org/cve/identifiers/tech-guidance.html
/*
myCVE = objNaturalPattern.Match(myMessage).ToString();
if (myCVE != "")
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "CVE=" + myCVE);
}
*/
List<VulnerabilityFound.Item> l;
l = new List<VulnerabilityFound.Item>();
myCVEs = myRegexCVE.Matches(myMessage);
foreach (Match match in myCVEs)
{
foreach (Capture capture in match.Captures)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Index={0}, CVE={1}", capture.Index, capture.Value));
VulnerabilityFound.Item item;
item = new VulnerabilityFound.Item();
item.Value = capture.Value;
item.ID = "cve";
l.Add(item);
}
}
vulnerabilityFound.ListItem = l;
vulnerabilityFound.Url = HelperGetChildInnerText(x, "Url");
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Url={0}", HelperGetChildInnerText(x, "Url")));
vulnerabilityFound.rawrequest = HelperGetChildInnerText(x, "HttpRequest");
//vulnerabilityFound.rawresponse = HelperGetChildInnerText(x, "HttpResponse");
//StructuredData
if (myPCI != "")
{
//TODO
/*
vulnerabilityFound.PCI_FLAG = true;
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
List<int> myIds = new List<int>();
var id = from o in model.COMPLIANCECATEG
where o.Title == myTitle &&
o.COMPLIANCE.Title == "PCIDSS"
select o.ComplianceCategID;
int Id = id.FirstOrDefault();
myIds.Add(Id);
List<int> Compliances = new List<int>();
Compliances = myIds;
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Vulnerability persisted , VulnID = {0} & Compliance count = {1}", VulnID, Compliances.Count));
var V = from tmpVuln in model.VULNERABILITYFOUND
where tmpVuln.VulnerabilityFoundID == VulnID
select tmpVuln;
VULNERABILITYFOUND VF = V.FirstOrDefault();
foreach (int i in Compliances)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Categorie Compliance => ", i));
var C = from Comp in model.COMPLIANCECATEG
where Comp.ComplianceCategID == i
select Comp;
COMPLIANCECATEG myCompliance = new COMPLIANCECATEG();
myCompliance = C.FirstOrDefault();
VF.COMPLIANCECATEG.Add(myCompliance);
model.SaveChanges();
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", "Mapping Compliance-Vulnerability Added");
}
*/
}
else
{
int VulnID = VulnerabilityPersistor.Persist(vulnerabilityFound, vulnerabilityEndPoint, m_jobId, "cenzic", model);
}
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER Cenzic Import", string.Format("Error in Vulnerable : Exception = {0}. {1}", ex.Message, ex.InnerException));
}
}
}
}
}
}
}
}
}
