public void DeleteReport(OpenVASScan report) { if (report.RemoteReportID == Guid.Empty) { throw new Exception("Can't delete report that hasn't been created."); } XmlDocument response = this.DeleteReport(report.RemoteReportID.ToString()); foreach (XmlAttribute attr in response.Attributes) { if (attr.Name == "status" && attr.Value != "200") { throw new Exception("Deleting report failed."); } } }
public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary<NMapHost, IList<IToolResults>> toolResults) { if (this.Configuration == null) throw new Exception ("Configuration not set"); DateTime start = DateTime.Now; metasploitScan = null; nessusScan = null; nexposeScan = null; openvasScan = null; string openvasTaskID = string.Empty; string nessusScanID = string.Empty; string nexposeScanID = string.Empty; int uniqueNo = new Random ().Next (); IList<NMapHost > hosts = this.ParentProfile.CurrentResults.Hosts; if (hosts.Count() == 0) { Console.WriteLine("ERROR: no hosts in the profile. Aborting."); toolResults = null; return; } csv = string.Empty; foreach (NMapHost host in hosts) csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case string openvasReportID = string.Empty; if (this.ScanOptions.IsOpenVASAssessment) { Console.WriteLine ("Creating OpenVAS Scan..."); OpenVASTarget target = new OpenVASTarget (); target.Hosts = csv; target.Name = this.ParentProfile.Name + uniqueNo.ToString (); target.SMBCredentials = new OpenVASLSCCredential (); target.SSHCredentials = new OpenVASLSCCredential (); using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) { using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) { target = openvasManager.CreateTarget (target); OpenVASConfig config = openvasManager.GetAllConfigs () .Where (c => c.RemoteConfigID == new Guid (this.Configuration["openvasConfig"])) .SingleOrDefault (); OpenVASTask task = new OpenVASTask (); task.Comment = string.Format ("Task for scan {0}", this.Name); task.Target = target; task.Config = config; task = openvasManager.CreateTask (task); XmlDocument taskResponse = openvasManager.StartTask (task.RemoteTaskID.ToString ()); if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith ("20")) throw new Exception ("Creating OpenVAS scan failed: " + taskResponse.FirstChild.Attributes ["status_text"].Value); openvasReportID = taskResponse.FirstChild.FirstChild.InnerText; openvasTaskID = task.RemoteTaskID.ToString (); } Console.WriteLine ("Done creating and starting OpenVAS scan."); } } if (this.ScanOptions.IsNessusAssessment) { Console.WriteLine ("Creating Nessus scan..."); using (NessusManagerSession nessusSession = new NessusManagerSession (this.Configuration["nessusHost"])) { bool loggedIn = false; nessusSession.Authenticate (this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn); if (!loggedIn) throw new Exception ("Invalid username/password"); using (NessusObjectManager nessusManager = new NessusObjectManager (nessusSession)) { var tmp = nessusManager.CreateAndStartScan (csv, -2, this.Name + uniqueNo.ToString ()); string scanName = tmp.Name; nessusScanID = scanName; string reportID = string.Empty; foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes) { if (node.Name == "contents") { string tmpReportID = string.Empty; foreach (XmlNode child in node.FirstChild.ChildNodes) { foreach (XmlNode c in child.ChildNodes) { if (c.Name == "name") tmpReportID = c.InnerText; else if (c.Name == "readableName" && c.InnerText == scanName) reportID = tmpReportID; } } tmpReportID = string.Empty; } } } Console.WriteLine ("Done creating and starting Nessus scan."); } } if (this.ScanOptions.IsNexposeAssessment) { Console.WriteLine ("Creating NeXpose scan..."); int siteID = 0; if (this.ScanOptions.RemoteNexposeSiteID <= 0) { XmlDocument d = null; string id = "-1"; string template = "full-audit"; string name = this.Name + uniqueNo.ToString (); string description = "A site for the the profile " + this.ParentProfile.Name; string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">"; siteXml = siteXml + "<Hosts>"; foreach (string host in csv.Split(',')) siteXml = siteXml + "<host>" + host + "</host>"; siteXml = siteXml + "</Hosts>" + "<Credentials></Credentials>" + "<Alerting></Alerting>" + "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" + "</Site>"; XmlDocument doc = new XmlDocument (); doc.LoadXml (siteXml); using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.SaveOrUpdateSite (doc.FirstChild); d = response; } } siteID = int.Parse (d.FirstChild.Attributes ["site-id"].Value); this.ScanOptions.RemoteNexposeSiteID = siteID; } else { siteID = this.ScanOptions.RemoteNexposeSiteID; } using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) { session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]); using (NexposeManager11 manager = new NexposeManager11(session)) { XmlDocument response = manager.ScanSite (siteID.ToString ()); nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value; } } Console.WriteLine ("Done creating and starting NeXpose scan."); } Dictionary<NMapHost, IList<IToolResults >> results = new Dictionary<NMapHost, IList<IToolResults>> (); services = new List<string> (); foreach (var host in hosts) { foreach (Port port in (host as NMapHost).Ports) services.Add (port.Service); NMapHost threadHost = host as NMapHost; Console.WriteLine ("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")"); results.Add (threadHost, ScanHost (threadHost, this.ScanOptions.SQLMapOptions, this.Configuration)); } toolResults = results; bool done = false; if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment) { while (!done) { if (!string.IsNullOrEmpty (openvasTaskID) && this.OpenVASScanIsRunning (openvasTaskID)) { Console.WriteLine ("Waiting on OpenVAS scan " + openvasTaskID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } if (!string.IsNullOrEmpty (nessusScanID) && this.NessusScanIsRunning (nessusScanID)) { Console.WriteLine ("Waiting on Nessus scan " + nessusScanID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } if (!string.IsNullOrEmpty (nexposeScanID) && this.NexposeScanIsRunning (nexposeScanID)) { Console.WriteLine ("Waiting on NeXpose scan " + nexposeScanID); Thread.Sleep (new TimeSpan (0, 0, 60)); continue; } done = true; } Dictionary<VulnerabilityScanType, string> scans = new Dictionary<VulnerabilityScanType, string> (); if (!string.IsNullOrEmpty (openvasReportID)) scans.Add (VulnerabilityScanType.OpenVAS, openvasReportID); if (!string.IsNullOrEmpty (nexposeScanID)) scans.Add (VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString ()); if (!string.IsNullOrEmpty (nessusScanID)) scans.Add (VulnerabilityScanType.Nessus, nessusScanID); Dictionary<VulnerabilityScanType, XmlNode> reports = this.GetReports (scans); foreach (var report in reports) { if (report.Key == VulnerabilityScanType.Nessus) nessusScan = new NessusScan(report.Value); else if (report.Key == VulnerabilityScanType.Nexpose) nexposeScan = new NexposeScan(report.Value); else if (report.Key == VulnerabilityScanType.OpenVAS) openvasScan = new OpenVASScan(report.Value); else throw new Exception ("Don't know this scan type"); } if (this.ScanOptions.IsMetasploitAssessment) { string workspace = Guid.NewGuid ().ToString (); this.CreateNewMetasploitWorkspace (workspace); this.ImportScansIntoMetasploitPro (reports, workspace); string proTaskID = this.BeginMetasploitProAssessment (workspace, csv, false); while (this.MetasploitProAssessmentIsRunning(proTaskID)) { Console.WriteLine ("Waiting on exploit assessment from metasploit: task " + proTaskID); System.Threading.Thread.Sleep (new TimeSpan (0, 0, 30)); } metasploitScan = new MetasploitScan(this.GetMetasploitProReport (workspace)); } } TimeSpan duration = DateTime.Now - start; this.Duration = duration.TotalSeconds.ToString (); this.HasRun = true; }
public void DeleteReport(OpenVASScan report) { if (report.RemoteReportID == Guid.Empty) throw new Exception("Can't delete report that hasn't been created."); XmlDocument response = this.DeleteReport(report.RemoteReportID.ToString()); foreach (XmlAttribute attr in response.Attributes) { if (attr.Name == "status" && attr.Value != "200") throw new Exception("Deleting report failed."); } }
public static void Main(string[] args) { string conn = "Server=192.168.1.5;"; conn += "Port=5433;"; conn += "Database=rising_sun;"; conn += "User Id=postgres;"; conn += "Password=password;"; conn += "SSL=true;"; IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82 .ConnectionString (conn); ISessionFactory factory = Fluently.Configure () .Database (config) .Mappings (m => m.FluentMappings.AddFromAssemblyOf<PersistentMetasploitScan> ()) .Mappings (m => m.FluentMappings.AddFromAssemblyOf<PersistentOpenVASNVT> ()) .Mappings (m => m.FluentMappings.AddFromAssemblyOf<PersistentNessusScan> ()) .Mappings (m => m.FluentMappings.AddFromAssemblyOf<PersistentNexposeScan> ()) .BuildSessionFactory (); string msf = "/home/bperry/tmp/metasploit.xml"; string ovas = "/home/bperry/tmp/openvas.xml"; string nx = "/home/bperry/tmp/nexpose.xml"; string nss = "/home/bperry/tmp/nessus.xml"; XmlDocument doc = new XmlDocument(); doc.LoadXml(System.IO.File.ReadAllText(ovas)); OpenVASScan ovasScan = new OpenVASScan(doc.FirstChild); doc = new XmlDocument(); doc.LoadXml(System.IO.File.ReadAllText(nx)); NexposeScan nxScan = new NexposeScan(doc.FirstChild); doc = new XmlDocument(); doc.LoadXml(System.IO.File.ReadAllText(nss)); NessusScan nssScan = new NessusScan(doc.LastChild); doc = new XmlDocument(); doc.LoadXml(System.IO.File.ReadAllText(msf)); MetasploitScan msfScan = new MetasploitScan(doc.LastChild); PersistentMetasploitScan pmsfScan = new PersistentMetasploitScan(msfScan); pmsfScan.SetCreationInfo(Guid.Empty, true); PersistentNessusScan pnssScan = new PersistentNessusScan(nssScan); pnssScan.SetCreationInfo(Guid.Empty, true); PersistentOpenVASScan povasScan = new PersistentOpenVASScan(ovasScan); povasScan.SetCreationInfo(Guid.Empty, true); PersistentNexposeScan pnxScan = new PersistentNexposeScan(nxScan); pnxScan.SetCreationInfo(Guid.Empty, true); using(ISession session = factory.OpenSession()) { using (ITransaction x = session.BeginTransaction()) { try { pmsfScan.ParentScanID = Guid.NewGuid(); Console.WriteLine("Saving metasploit"); session.Save(pmsfScan); x.Commit(); } catch (Exception ex) { Console.WriteLine("I broke, rolling back..."); x.Rollback(); throw ex; } } using (ITransaction x = session.BeginTransaction()) { try { pnssScan.ParentScanID = Guid.NewGuid(); Console.WriteLine("Saving nessus"); session.Save(pnssScan); x.Commit(); } catch (Exception ex) { Console.WriteLine("I broke, rolling back..."); x.Rollback(); throw ex; } } using (ITransaction x = session.BeginTransaction()) { try { povasScan.ParentScanID = Guid.NewGuid(); Console.WriteLine("Saving openvas"); session.Save(povasScan); x.Commit(); } catch (Exception ex) { Console.WriteLine("I broke, rolling back..."); x.Rollback(); throw ex; } } using (ITransaction x = session.BeginTransaction()) { try { pnxScan.ParentScanID = Guid.NewGuid(); Console.WriteLine("Saving nexpose"); session.Save(pnxScan); x.Commit(); } catch (Exception ex) { Console.WriteLine("I broke, rolling back..."); x.Rollback(); throw ex; } } } Console.WriteLine("yay?"); }
public OpenVASScan(XmlNode response) { OpenVASScan report = this; XmlNode nd = (response.FirstChild.FirstChild.ChildNodes.Count == 0) ? response.FirstChild : response.FirstChild.FirstChild; foreach (XmlNode node in nd.ChildNodes) { Console.WriteLine(node.Name); if (node.Name == "filters") { foreach (XmlNode child in node.ChildNodes) { //ignore filters for now } } else if (node.Name == "ports") { report.Ports = new List <ReportPort>(); foreach (XmlNode child in node.ChildNodes) { ReportPort port = new ReportPort(); foreach (XmlNode c in child.ChildNodes) { if (c.Name == "host") { port.Host = c.InnerText; } else if (c.Name == "threat") { port.Threat = c.InnerText; } else { port.Description = c.InnerText; } } report.Ports.Add(port); } } else if (node.Name == "results") { report.Results = new List <ReportResult>(); foreach (XmlNode child in node.ChildNodes) { ReportResult result = new ReportResult(); foreach (XmlNode c in child.ChildNodes) { if (c.Name == "subnet") { result.Subnet = c.InnerText; } else if (c.Name == "host") { result.Host = c.InnerText; } else if (c.Name == "port") { result.Port = c.InnerText; } else if (c.Name == "nvt") { result.NVT = new ReportNVT(); result.NVT.OID = c.Attributes["oid"].Value; foreach (XmlNode n in c.ChildNodes) { if (n.Name == "name") { result.NVT.Name = n.InnerText; } else if (n.Name == "cvss_base") { result.NVT.CVSSBaseValue = n.InnerText; } else if (n.Name == "risk_factor") { result.NVT.RiskFactor = n.InnerText; } } } else if (c.Name == "threat") { result.Threat = c.InnerText; } else if (c.Name == "description") { result.Description = c.InnerText; } } report.Results.Add(result); } } } }