public void DeleteTarget(OpenVASTarget target)
        {
            if (target.RemoteTargetID == Guid.Empty)
            {
                throw new Exception("Can't delete target that hasn't been created.");
            }

            XmlDocument response = this.DeleteTarget(target.RemoteTargetID.ToString());

            foreach (XmlAttribute attr in response.Attributes)
            {
                if (attr.Name == "status" && attr.Value != "200")
                {
                    throw new Exception("Deleting target failed.");
                }
            }
        }
        public OpenVASTarget CreateTarget(OpenVASTarget target)
        {
            if (target.RemoteTargetID != Guid.Empty)
            {
                throw new Exception("This target has already been created.");
            }

            XmlDocument response = this.CreateTarget(target.Name, target.Comment, target.Hosts, target.SMBCredentials.RemoteCredentialsID.ToString(), target.SSHCredentials.RemoteCredentialsID.ToString(), target.PortRange);

            foreach (XmlAttribute attr in response.FirstChild.Attributes)
            {
                if (attr.Name == "id")
                {
                    target.RemoteTargetID = new Guid(attr.Value);
                }
            }

            return(target);
        }
示例#3
0
文件: Scan.cs 项目: karuna/rising_sun
        public virtual void Run(out NessusScan nessusScan, out NexposeScan nexposeScan, out OpenVASScan openvasScan, out MetasploitScan metasploitScan, out Dictionary<NMapHost, IList<IToolResults>> toolResults)
        {
            if (this.Configuration == null)
                throw new Exception ("Configuration not set");

            DateTime start = DateTime.Now;
            metasploitScan = null;
            nessusScan = null;
            nexposeScan = null;
            openvasScan = null;

            string openvasTaskID = string.Empty;
            string nessusScanID = string.Empty;
            string nexposeScanID = string.Empty;

            int uniqueNo = new Random ().Next ();

            IList<NMapHost > hosts = this.ParentProfile.CurrentResults.Hosts;

            if (hosts.Count() == 0)
            {
                Console.WriteLine("ERROR: no hosts in the profile. Aborting.");
                toolResults = null;
                return;
            }

            csv = string.Empty;

            foreach (NMapHost host in hosts)
                csv = csv + host.IPAddressv4 + ", "; //trailing , is OK in this case

            string openvasReportID = string.Empty;
            if (this.ScanOptions.IsOpenVASAssessment) {
                Console.WriteLine ("Creating OpenVAS Scan...");

                OpenVASTarget target = new OpenVASTarget ();
                target.Hosts = csv;
                target.Name = this.ParentProfile.Name + uniqueNo.ToString ();
                target.SMBCredentials = new OpenVASLSCCredential ();
                target.SSHCredentials = new OpenVASLSCCredential ();

                using (OpenVASManagerSession ovasSession = new OpenVASManagerSession(this.Configuration ["openvasUser"], this.Configuration ["openvasPass"], this.Configuration ["openvasHost"])) {

                    using (OpenVASObjectManager openvasManager = new OpenVASObjectManager(ovasSession)) {

                        target = openvasManager.CreateTarget (target);

                        OpenVASConfig config = openvasManager.GetAllConfigs ()
                            .Where (c => c.RemoteConfigID == new Guid (this.Configuration["openvasConfig"]))
                            .SingleOrDefault ();

                        OpenVASTask task = new OpenVASTask ();

                        task.Comment = string.Format ("Task for scan {0}", this.Name);
                        task.Target = target;
                        task.Config = config;

                        task = openvasManager.CreateTask (task);

                        XmlDocument taskResponse = openvasManager.StartTask (task.RemoteTaskID.ToString ());

                        if (!taskResponse.FirstChild.Attributes ["status"].Value.StartsWith ("20"))
                            throw new Exception ("Creating OpenVAS scan failed: " +
                                taskResponse.FirstChild.Attributes ["status_text"].Value);

                        openvasReportID = taskResponse.FirstChild.FirstChild.InnerText;
                        openvasTaskID = task.RemoteTaskID.ToString ();
                    }

                    Console.WriteLine ("Done creating and starting OpenVAS scan.");
                }
            }

            if (this.ScanOptions.IsNessusAssessment) {
                Console.WriteLine ("Creating Nessus scan...");
                using (NessusManagerSession nessusSession = new NessusManagerSession (this.Configuration["nessusHost"])) {

                    bool loggedIn = false;
                    nessusSession.Authenticate (this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);

                    if (!loggedIn)
                        throw new Exception ("Invalid username/password");

                    using (NessusObjectManager nessusManager = new NessusObjectManager (nessusSession)) {

                    var tmp = nessusManager.CreateAndStartScan (csv, -2, this.Name + uniqueNo.ToString ());

                        string scanName = tmp.Name;
                        nessusScanID = scanName;

                        string reportID = string.Empty;
                        foreach (XmlNode node in nessusManager.ListReports().LastChild.ChildNodes) {
                            if (node.Name == "contents") {
                                string tmpReportID = string.Empty;
                                foreach (XmlNode child in node.FirstChild.ChildNodes) {
                                    foreach (XmlNode c in child.ChildNodes) {
                                        if (c.Name == "name")
                                            tmpReportID = c.InnerText;
                                        else if (c.Name == "readableName" && c.InnerText == scanName)
                                            reportID = tmpReportID;

                                    }
                                }
                                tmpReportID = string.Empty;
                            }
                        }

                    }
                    Console.WriteLine ("Done creating and starting Nessus scan.");
                }
            }
            if (this.ScanOptions.IsNexposeAssessment) {
                Console.WriteLine ("Creating NeXpose scan...");
                int siteID = 0;
                if (this.ScanOptions.RemoteNexposeSiteID <= 0) {
                    XmlDocument d = null;
                    string id = "-1";
                    string template = "full-audit";
                    string name = this.Name + uniqueNo.ToString ();
                    string description = "A site for the the profile " + this.ParentProfile.Name;

                    string siteXml = "<Site id=\"" + id + "\" name=\"" + name + "\" description=\"" + description + "\">";

                    siteXml = siteXml + "<Hosts>";

                    foreach (string host in csv.Split(','))
                        siteXml = siteXml + "<host>" + host + "</host>";

                    siteXml = siteXml + "</Hosts>" +
                                        "<Credentials></Credentials>" +
                                        "<Alerting></Alerting>" +
                                        "<ScanConfig configID=\"" + id + "\" name=\"" + name + "\" templateID=\"" + template + "\"></ScanConfig>" +
                                        "</Site>";

                    XmlDocument doc = new XmlDocument ();
                    doc.LoadXml (siteXml);

                    using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                        session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                        using (NexposeManager11 manager = new NexposeManager11(session)) {
                            XmlDocument response = manager.SaveOrUpdateSite (doc.FirstChild);

                            d = response;
                        }
                    }

                    siteID = int.Parse (d.FirstChild.Attributes ["site-id"].Value);

                    this.ScanOptions.RemoteNexposeSiteID = siteID;
                } else {
                    siteID = this.ScanOptions.RemoteNexposeSiteID;
                }

                using (NexposeSession session = new NexposeSession(this.Configuration["nexposeHost"])) {
                    session.Authenticate (this.Configuration ["nexposeUser"], this.Configuration ["nexposePass"]);

                    using (NexposeManager11 manager = new NexposeManager11(session)) {
                        XmlDocument response = manager.ScanSite (siteID.ToString ());

                        nexposeScanID = response.FirstChild.FirstChild.Attributes ["scan-id"].Value;
                    }
                }

                Console.WriteLine ("Done creating and starting NeXpose scan.");
            }

            Dictionary<NMapHost, IList<IToolResults >> results = new Dictionary<NMapHost, IList<IToolResults>> ();
            services = new List<string> ();

            foreach (var host in hosts) {

                foreach (Port port in (host as NMapHost).Ports)
                    services.Add (port.Service);

                NMapHost threadHost = host as NMapHost;

                Console.WriteLine ("Starting scan for host: " + threadHost.Hostname + "(" + threadHost.IPAddressv4 + ")");

                results.Add (threadHost, ScanHost (threadHost, this.ScanOptions.SQLMapOptions, this.Configuration));

            }

            toolResults = results;
            bool done = false;

            if (this.ScanOptions.IsNessusAssessment || this.ScanOptions.IsNexposeAssessment || this.ScanOptions.IsOpenVASAssessment) {
                while (!done) {
                    if (!string.IsNullOrEmpty (openvasTaskID) && this.OpenVASScanIsRunning (openvasTaskID)) {
                        Console.WriteLine ("Waiting on OpenVAS scan " + openvasTaskID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty (nessusScanID) && this.NessusScanIsRunning (nessusScanID)) {
                        Console.WriteLine ("Waiting on Nessus scan " + nessusScanID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    if (!string.IsNullOrEmpty (nexposeScanID) && this.NexposeScanIsRunning (nexposeScanID)) {
                        Console.WriteLine ("Waiting on NeXpose scan " + nexposeScanID);
                        Thread.Sleep (new TimeSpan (0, 0, 60));
                        continue;
                    }

                    done = true;
                }

                Dictionary<VulnerabilityScanType, string> scans = new Dictionary<VulnerabilityScanType, string> ();

                if (!string.IsNullOrEmpty (openvasReportID))
                    scans.Add (VulnerabilityScanType.OpenVAS, openvasReportID);

                if (!string.IsNullOrEmpty (nexposeScanID))
                    scans.Add (VulnerabilityScanType.Nexpose, this.ScanOptions.RemoteNexposeSiteID.ToString ());

                if (!string.IsNullOrEmpty (nessusScanID))
                    scans.Add (VulnerabilityScanType.Nessus, nessusScanID);

                Dictionary<VulnerabilityScanType, XmlNode> reports = this.GetReports (scans);
                foreach (var report in reports) {
                    if (report.Key == VulnerabilityScanType.Nessus)
                        nessusScan = new NessusScan(report.Value);
                    else if (report.Key == VulnerabilityScanType.Nexpose)
                        nexposeScan = new NexposeScan(report.Value);
                    else if (report.Key == VulnerabilityScanType.OpenVAS)
                        openvasScan = new OpenVASScan(report.Value);
                    else
                        throw new Exception ("Don't know this scan type");
                }

                if (this.ScanOptions.IsMetasploitAssessment) {
                    string workspace = Guid.NewGuid ().ToString ();
                    this.CreateNewMetasploitWorkspace (workspace);
                    this.ImportScansIntoMetasploitPro (reports, workspace);

                    string proTaskID = this.BeginMetasploitProAssessment (workspace, csv, false);

                    while (this.MetasploitProAssessmentIsRunning(proTaskID)) {
                        Console.WriteLine ("Waiting on exploit assessment from metasploit: task " + proTaskID);
                        System.Threading.Thread.Sleep (new TimeSpan (0, 0, 30));
                    }

                    metasploitScan = new MetasploitScan(this.GetMetasploitProReport (workspace));
                }
            }

            TimeSpan duration = DateTime.Now - start;

            this.Duration = duration.TotalSeconds.ToString ();

            this.HasRun = true;
        }
        public void DeleteTarget(OpenVASTarget target)
        {
            if (target.RemoteTargetID == Guid.Empty)
                throw new Exception("Can't delete target that hasn't been created.");

            XmlDocument response = this.DeleteTarget(target.RemoteTargetID.ToString());

            foreach (XmlAttribute attr in response.Attributes)
            {
                if (attr.Name == "status" && attr.Value != "200")
                    throw new Exception("Deleting target failed.");
            }
        }
        public OpenVASTarget CreateTarget(OpenVASTarget target)
        {
            if (target.RemoteTargetID != Guid.Empty)
                throw new Exception("This target has already been created.");

            XmlDocument response = this.CreateTarget(target.Name, target.Comment, target.Hosts, target.SMBCredentials.RemoteCredentialsID.ToString(), target.SSHCredentials.RemoteCredentialsID.ToString(), target.PortRange);

            foreach (XmlAttribute attr in response.FirstChild.Attributes)
            {
                if (attr.Name == "id")
                    target.RemoteTargetID = new Guid(attr.Value);
            }

            return target;
        }