Пример #1
0
        public void DeleteReport(OpenVASScan report)
        {
            if (report.RemoteReportID == Guid.Empty)
            {
                throw new Exception("Can't delete report that hasn't been created.");
            }

            XmlDocument response = this.DeleteReport(report.RemoteReportID.ToString());

            foreach (XmlAttribute attr in response.Attributes)
            {
                if (attr.Name == "status" && attr.Value != "200")
                {
                    throw new Exception("Deleting report failed.");
                }
            }
        }
Пример #2
0
        public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary<NMapHost, IList<IToolResults>> toolResults)
        {
            if (this.Configuration == null)
                throw new Exception ("Configuration not set");

            DateTime start = DateTime.Now;
            metasploitScan = null;
            nessusScan = null;
            nexposeScan = null;
            openvasScan = null;

            string openvasTaskID = string.Empty;
            string nessusScanID = string.Empty;
            string nexposeScanID = string.Empty;

            int uniqueNo = new Random ().Next ();

            IList<NMapHost > hosts = this.ParentProfile.CurrentResults.Hosts;

            if (hosts.Count() == 0)
            {
                Console.WriteLine("ERROR: no hosts in the profile. Aborting.");
                toolResults = null;
                return;
            }

            csv = string.Empty;

            foreach (NMapHost host in hosts)
                csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case

            string openvasReportID = string.Empty;
            if (this.ScanOptions.IsOpenVASAssessment) {
                Console.WriteLine ("Creating OpenVAS Scan...");

                OpenVASTarget target = new OpenVASTarget ();
                target.Hosts = csv;
                target.Name = this.ParentProfile.Name + uniqueNo.ToString ();
                target.SMBCredentials = new OpenVASLSCCredential ();
                target.SSHCredentials = new OpenVASLSCCredential ();

                using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) {

                    using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) {

                        target = openvasManager.CreateTarget (target);

                        OpenVASConfig config = openvasManager.GetAllConfigs ()
                            .Where (c => c.RemoteConfigID == new Guid (this.Configuration["openvasConfig"]))
                            .SingleOrDefault ();

                        OpenVASTask task = new OpenVASTask ();

                        task.Comment = string.Format ("Task for scan {0}", this.Name);
                        task.Target = target;
                        task.Config = config;

                        task = openvasManager.CreateTask (task);

                        XmlDocument taskResponse = openvasManager.StartTask (task.RemoteTaskID.ToString ());

                        if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith ("20"))
                            throw new Exception ("Creating OpenVAS scan failed: " +
                                taskResponse.FirstChild.Attributes ["status_text"].Value);

                        openvasReportID = taskResponse.FirstChild.FirstChild.InnerText;
                        openvasTaskID = task.RemoteTaskID.ToString ();
                    }

                    Console.WriteLine ("Done creating and starting OpenVAS scan.");
                }
            }

            if (this.ScanOptions.IsNessusAssessment) {
                Console.WriteLine ("Creating Nessus scan...");
                using (NessusManagerSession nessusSession = new NessusManagerSession (this.Configuration["nessusHost"])) {

                    bool loggedIn = false;
                    nessusSession.Authenticate (this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);

                    if (!loggedIn)
                        throw new Exception ("Invalid username/password");

                    using (NessusObjectManager nessusManager = new NessusObjectManager (nessusSession)) {

                    var tmp = nessusManager.CreateAndStartScan (csv, -2, this.Name + uniqueNo.ToString ());

                        string scanName = tmp.Name;
                        nessusScanID = scanName;

                        string reportID = string.Empty;
                        foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes) {
                            if (node.Name == "contents") {
                                string tmpReportID = string.Empty;
                                foreach (XmlNode child in node.FirstChild.ChildNodes) {
                                    foreach (XmlNode c in child.ChildNodes) {
                                        if (c.Name == "name")
                                            tmpReportID = c.InnerText;
                                        else if (c.Name == "readableName" && c.InnerText == scanName)
                                            reportID = tmpReportID;

                                    }
                                }
                                tmpReportID = string.Empty;
                            }
                        }

                    }
                    Console.WriteLine ("Done creating and starting Nessus scan.");
                }
            }
            if (this.ScanOptions.IsNexposeAssessment) {
                Console.WriteLine ("Creating NeXpose scan...");
                int siteID = 0;
                if (this.ScanOptions.RemoteNexposeSiteID <= 0) {
                    XmlDocument d = null;
                    string id = "-1";
                    string template = "full-audit";
                    string name = this.Name + uniqueNo.ToString ();
                    string description = "A site for the the profile " + this.ParentProfile.Name;

                    string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">";

                    siteXml = siteXml + "<Hosts>";

                    foreach (string host in csv.Split(','))
                        siteXml = siteXml + "<host>" + host + "</host>";

                    siteXml = siteXml + "</Hosts>" +
                                        "<Credentials></Credentials>" +
                                        "<Alerting></Alerting>" +
                                        "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" +
                                        "</Site>";

                    XmlDocument doc = new XmlDocument ();
                    doc.LoadXml (siteXml);

                    using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                        session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                        using (NexposeManager11 manager = new NexposeManager11(session)) {
                            XmlDocument response = manager.SaveOrUpdateSite (doc.FirstChild);

                            d = response;
                        }
                    }

                    siteID = int.Parse (d.FirstChild.Attributes ["site-id"].Value);

                    this.ScanOptions.RemoteNexposeSiteID = siteID;
                } else {
                    siteID = this.ScanOptions.RemoteNexposeSiteID;
                }

                using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                    session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                    using (NexposeManager11 manager = new NexposeManager11(session)) {
                        XmlDocument response = manager.ScanSite (siteID.ToString ());

                        nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value;
                    }
                }

                Console.WriteLine ("Done creating and starting NeXpose scan.");
            }

            Dictionary<NMapHost, IList<IToolResults >> results = new Dictionary<NMapHost, IList<IToolResults>> ();
            services = new List<string> ();

            foreach (var host in hosts) {

                foreach (Port port in (host as NMapHost).Ports)
                    services.Add (port.Service);

                NMapHost threadHost = host as NMapHost;

                Console.WriteLine ("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")");

                results.Add (threadHost, ScanHost (threadHost, this.ScanOptions.SQLMapOptions, this.Configuration));

            }

            toolResults = results;
            bool done = false;

            if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment) {
                while (!done) {
                    if (!string.IsNullOrEmpty (openvasTaskID) && this.OpenVASScanIsRunning (openvasTaskID)) {
                        Console.WriteLine ("Waiting on OpenVAS scan " + openvasTaskID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty (nessusScanID) && this.NessusScanIsRunning (nessusScanID)) {
                        Console.WriteLine ("Waiting on Nessus scan " + nessusScanID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty (nexposeScanID) && this.NexposeScanIsRunning (nexposeScanID)) {
                        Console.WriteLine ("Waiting on NeXpose scan " + nexposeScanID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    done = true;
                }

                Dictionary<VulnerabilityScanType, string> scans = new Dictionary<VulnerabilityScanType, string> ();

                if (!string.IsNullOrEmpty (openvasReportID))
                    scans.Add (VulnerabilityScanType.OpenVAS, openvasReportID);

                if (!string.IsNullOrEmpty (nexposeScanID))
                    scans.Add (VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString ());

                if (!string.IsNullOrEmpty (nessusScanID))
                    scans.Add (VulnerabilityScanType.Nessus, nessusScanID);

                Dictionary<VulnerabilityScanType, XmlNode> reports = this.GetReports (scans);
                foreach (var report in reports) {
                    if (report.Key == VulnerabilityScanType.Nessus)
                        nessusScan = new NessusScan(report.Value);
                    else if (report.Key == VulnerabilityScanType.Nexpose)
                        nexposeScan = new NexposeScan(report.Value);
                    else if (report.Key == VulnerabilityScanType.OpenVAS)
                        openvasScan = new OpenVASScan(report.Value);
                    else
                        throw new Exception ("Don't know this scan type");
                }

                if (this.ScanOptions.IsMetasploitAssessment) {
                    string workspace = Guid.NewGuid ().ToString ();
                    this.CreateNewMetasploitWorkspace (workspace);
                    this.ImportScansIntoMetasploitPro (reports, workspace);

                    string proTaskID = this.BeginMetasploitProAssessment (workspace, csv, false);

                    while (this.MetasploitProAssessmentIsRunning(proTaskID)) {
                        Console.WriteLine ("Waiting on exploit assessment from metasploit: task " + proTaskID);
                        System.Threading.Thread.Sleep (new TimeSpan (0, 0, 30));
                    }

                    metasploitScan = new MetasploitScan(this.GetMetasploitProReport (workspace));
                }
            }

            TimeSpan duration = DateTime.Now - start;

            this.Duration = duration.TotalSeconds.ToString ();

            this.HasRun = true;
        }
        public void DeleteReport(OpenVASScan report)
        {
            if (report.RemoteReportID == Guid.Empty)
                throw new Exception("Can't delete report that hasn't been created.");

            XmlDocument response = this.DeleteReport(report.RemoteReportID.ToString());

            foreach (XmlAttribute attr in response.Attributes)
            {
                if (attr.Name == "status" && attr.Value != "200")
                    throw new Exception("Deleting report failed.");
            }
        }
Пример #4
0
        public static void Main(string[] args)
        {
            string conn = "Server=192.168.1.5;";
            conn += "Port=5433;";
            conn += "Database=rising_sun;";
            conn += "User Id=postgres;";
            conn += "Password=password;";
            conn += "SSL=true;";

            IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82
                .ConnectionString (conn);

            ISessionFactory factory = Fluently.Configure ()
                .Database (config)
                .Mappings (m =>
                        m.FluentMappings.AddFromAssemblyOf<PersistentMetasploitScan> ())
                .Mappings (m =>
                        m.FluentMappings.AddFromAssemblyOf<PersistentOpenVASNVT> ())
                .Mappings (m =>
                        m.FluentMappings.AddFromAssemblyOf<PersistentNessusScan> ())
                .Mappings (m =>
                        m.FluentMappings.AddFromAssemblyOf<PersistentNexposeScan> ())
                .BuildSessionFactory ();

            string msf = "/home/bperry/tmp/metasploit.xml";
            string ovas = "/home/bperry/tmp/openvas.xml";
            string nx = "/home/bperry/tmp/nexpose.xml";
            string nss = "/home/bperry/tmp/nessus.xml";

            XmlDocument doc = new XmlDocument();
            doc.LoadXml(System.IO.File.ReadAllText(ovas));

            OpenVASScan ovasScan = new OpenVASScan(doc.FirstChild);

            doc = new XmlDocument();
            doc.LoadXml(System.IO.File.ReadAllText(nx));

            NexposeScan nxScan = new NexposeScan(doc.FirstChild);

            doc = new XmlDocument();
            doc.LoadXml(System.IO.File.ReadAllText(nss));

            NessusScan nssScan = new NessusScan(doc.LastChild);

            doc = new XmlDocument();
            doc.LoadXml(System.IO.File.ReadAllText(msf));

            MetasploitScan msfScan = new MetasploitScan(doc.LastChild);

            PersistentMetasploitScan pmsfScan = new PersistentMetasploitScan(msfScan);
            pmsfScan.SetCreationInfo(Guid.Empty, true);

            PersistentNessusScan pnssScan = new PersistentNessusScan(nssScan);
            pnssScan.SetCreationInfo(Guid.Empty, true);

            PersistentOpenVASScan povasScan = new PersistentOpenVASScan(ovasScan);
            povasScan.SetCreationInfo(Guid.Empty, true);

            PersistentNexposeScan pnxScan = new PersistentNexposeScan(nxScan);
            pnxScan.SetCreationInfo(Guid.Empty, true);

            using(ISession session = factory.OpenSession())
            {
                using (ITransaction x = session.BeginTransaction())
                {
                    try
                    {
                        pmsfScan.ParentScanID = Guid.NewGuid();
                        Console.WriteLine("Saving metasploit");
                        session.Save(pmsfScan);
                        x.Commit();
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine("I broke, rolling back...");
                        x.Rollback();
                        throw ex;
                    }
                }
                using (ITransaction x = session.BeginTransaction())
                {
                    try
                    {
                        pnssScan.ParentScanID = Guid.NewGuid();
                        Console.WriteLine("Saving nessus");
                        session.Save(pnssScan);
                        x.Commit();
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine("I broke, rolling back...");
                        x.Rollback();
                        throw ex;
                    }
                }
                using (ITransaction x = session.BeginTransaction())
                {
                    try
                    {
                        povasScan.ParentScanID = Guid.NewGuid();
                        Console.WriteLine("Saving openvas");
                        session.Save(povasScan);
                        x.Commit();
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine("I broke, rolling back...");
                        x.Rollback();
                        throw ex;
                    }
                }
                using (ITransaction x = session.BeginTransaction())
                {
                    try
                    {
                        pnxScan.ParentScanID = Guid.NewGuid();
                        Console.WriteLine("Saving nexpose");
                        session.Save(pnxScan);
                        x.Commit();
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine("I broke, rolling back...");
                        x.Rollback();
                        throw ex;
                    }
                }
            }

            Console.WriteLine("yay?");
        }
Пример #5
0
        public OpenVASScan(XmlNode response)
        {
            OpenVASScan report = this;

            XmlNode nd = (response.FirstChild.FirstChild.ChildNodes.Count == 0) ? response.FirstChild : response.FirstChild.FirstChild;

            foreach (XmlNode node in nd.ChildNodes)
            {
                Console.WriteLine(node.Name);

                if (node.Name == "filters")
                {
                    foreach (XmlNode child in node.ChildNodes)
                    {
                        //ignore filters for now
                    }
                }
                else if (node.Name == "ports")
                {
                    report.Ports = new List <ReportPort>();
                    foreach (XmlNode child in node.ChildNodes)
                    {
                        ReportPort port = new ReportPort();
                        foreach (XmlNode c in child.ChildNodes)
                        {
                            if (c.Name == "host")
                            {
                                port.Host = c.InnerText;
                            }
                            else if (c.Name == "threat")
                            {
                                port.Threat = c.InnerText;
                            }
                            else
                            {
                                port.Description = c.InnerText;
                            }
                        }

                        report.Ports.Add(port);
                    }
                }
                else if (node.Name == "results")
                {
                    report.Results = new List <ReportResult>();
                    foreach (XmlNode child in node.ChildNodes)
                    {
                        ReportResult result = new ReportResult();
                        foreach (XmlNode c in child.ChildNodes)
                        {
                            if (c.Name == "subnet")
                            {
                                result.Subnet = c.InnerText;
                            }
                            else if (c.Name == "host")
                            {
                                result.Host = c.InnerText;
                            }
                            else if (c.Name == "port")
                            {
                                result.Port = c.InnerText;
                            }
                            else if (c.Name == "nvt")
                            {
                                result.NVT = new ReportNVT();

                                result.NVT.OID = c.Attributes["oid"].Value;
                                foreach (XmlNode n in c.ChildNodes)
                                {
                                    if (n.Name == "name")
                                    {
                                        result.NVT.Name = n.InnerText;
                                    }
                                    else if (n.Name == "cvss_base")
                                    {
                                        result.NVT.CVSSBaseValue = n.InnerText;
                                    }
                                    else if (n.Name == "risk_factor")
                                    {
                                        result.NVT.RiskFactor = n.InnerText;
                                    }
                                }
                            }
                            else if (c.Name == "threat")
                            {
                                result.Threat = c.InnerText;
                            }
                            else if (c.Name == "description")
                            {
                                result.Description = c.InnerText;
                            }
                        }

                        report.Results.Add(result);
                    }
                }
            }
        }