[vscweb-commit] SF.net SVN: vscweb: [462] trunk/pyvscd
Brought to you by:
cirrusrex
Menu
▾
▴
[vscweb-commit] SF.net SVN: vscweb: [462] trunk/pyvscd
|
From: <cir...@us...> - 2006-08-07 13:35:39
|
Revision: 462 Author: cirrusrex Date: 2006-08-07 06:35:24 -0700 (Mon, 07 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=462&view=rev Log Message: ----------- Merged VSC 2.0 changes back into the trunk Trunk now has downloadable reports, several bug fixes pyvscd in trunk also now has syslog support, and cachdns services have been added as well Modified Paths: -------------- trunk/Main/Domain/include/libnet.inc.php trunk/Main/Domain/ui/public.inc trunk/Main/Host/Scan/include/libscan.inc trunk/Main/Host/Scan/scan_viewer.php trunk/Main/Host/Scan/view_plugins.php trunk/Main/People/Session/I2A2/login_proc.php trunk/Main/People/Session/include/libsession.inc trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl trunk/Main/tpl/Reports/single_scan_controls.tpl trunk/Main/tpl/Reports/single_scan_csv.tpl trunk/pyvscd/libvscmt/__init__.py trunk/pyvscd/libvscmt/host.py trunk/pyvscd/pyssus/handlers.py trunk/pyvscd/pyssus/test/pyssus-test.py trunk/pyvscd/pyvscd.conf.example trunk/pyvscd/pyvscd.py trunk/pyvscd/util/loadplugins.py Added Paths: ----------- trunk/pyvscd/util/cachedns.py Modified: trunk/Main/Domain/include/libnet.inc.php =================================================================== --- trunk/Main/Domain/include/libnet.inc.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Domain/include/libnet.inc.php 2006-08-07 13:35:24 UTC (rev 462) @@ -121,6 +121,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "single"; + $net['start_addr'] = $ipv4->ip; $net['end_addr'] = $ipv4->ip; return $net; @@ -142,6 +145,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -160,6 +166,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -177,6 +186,9 @@ $_error = $match[2]." is less than ".$match[1]; return false; } + //Set type + $net['type'] = "ip_range"; + $net['start_addr'] = $match[1]; $net['end_addr'] = $match[2]; //print "(F) start: ".$net['start_addr']; @@ -377,12 +389,27 @@ var $network; var $broadcast; var $offset; + var $type; function Net_Range($ipv4) { $this->network = Net_IPv4::ip2double($ipv4['start_addr']); $this->broadcast = Net_IPv4::ip2double($ipv4['end_addr']); - $this->offset = 1; + $this->type = $ipv4['type']; + $this->offset = 1 ; + if ($ipv4['type'] == "subnet") + { + $this->offset = 1; + } + else if ($ipv4['type'] == "single") + { + $this->offset = 1; + } + else + { + $this->offset =0; + } + if ($this->network == $this->broadcast) { /* we have a /32 */ $this->network--; @@ -391,9 +418,15 @@ } function get_next() { - if (($this->network + $this->offset) >= $this->broadcast) { + + if ($this->type == "ip_range" && ($this->network + $this->offset) > $this->broadcast) + { return NULL; } + else if (($this->type == "subnet" || $this->type == "single") && ($this->network + $this->offset) >= $this->broadcast) + { + return NULL; + } $ret_addr = $this->network + $this->offset; $this->offset++; return long2ip($ret_addr); Modified: trunk/Main/Domain/ui/public.inc =================================================================== --- trunk/Main/Domain/ui/public.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Domain/ui/public.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -103,7 +103,7 @@ echo "; border-color: black; border-style: solid;'>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; echo "<select name='newdomain' onChange='this.form.submit()'>"; - foreach ($priv_d as $cd) { + foreach (array_merge($_USER['domain'], $priv_d) as $cd) { echo "<option value='$cd' "; if ($cd == $_USER['domain']) echo "SELECTED=SELECTED"; echo ">$cd</option>"; @@ -116,7 +116,9 @@ #end echo "<td style='border-width: 1px 1px 1px 1px; border-style: solid; border-color: black;'>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; - echo "<select name='newdomain' onChange='this.form.submit()'>"; + echo "<select name='newdomain' onChange='this.form.submit()'"; + if (sizeof($cd) == 0) echo "disabled=disabled"; + echo ">"; foreach ($chld_d as $cd) { echo "<option value='$cd'>$cd</option>"; } Modified: trunk/Main/Host/Scan/include/libscan.inc =================================================================== --- trunk/Main/Host/Scan/include/libscan.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/include/libscan.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -39,6 +39,7 @@ $SCAN_format_opts = array('text', 'html','csv'); +$SCAN_format_exts = array('text'=>'txt', 'html'=>'html', 'fhtml'=>'html', 'csv'=>'csv'); $SCAN_scope_opts = array('any','info','hole'); $SCAN_mode_opts = array('diff', 'single'); $SCAN_OPTS_FORMAT = array('text'=>"Text", 'html'=>'HTML', 'fhtml'=>'Fancy HTML', 'csv'=>'CSV'); Modified: trunk/Main/Host/Scan/scan_viewer.php =================================================================== --- trunk/Main/Host/Scan/scan_viewer.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/scan_viewer.php 2006-08-07 13:35:24 UTC (rev 462) @@ -22,6 +22,7 @@ $input[] = "format"; $input[] = "print_view"; $input[] = "scope"; +$input[] = "action"; $i =& new CORE_FormInput($input); SESSION_PDATA_Register("scan_id", $i->scan_id); @@ -210,27 +211,40 @@ } -UI_Header(); +if (in_array($i->action, array("View Report", "Update"))) { + /* display report */ + UI_Header(); -UI_Form(); + UI_Form(); -$smarty->assign('scan_id', $i->scan_id); -$smarty->assign('report_host', $i->report_host); -$smarty->assign('format', $i->format); -$smarty->assign('print_view', $i->print_view); -$smarty->assign('format_opts', $SCAN_OPTS_FORMAT); -$smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); -$smarty->assign('scope', $i->scope); -$smarty->assign('mode', $i->mode); -$smarty->assign('diff_id', $i->diff_id); -$smarty->display('single_scan_controls.tpl'); -echo "<hr>"; + $smarty->assign('scan_id', $i->scan_id); + $smarty->assign('report_host', $i->report_host); + $smarty->assign('format', $i->format); + $smarty->assign('print_view', $i->print_view); + $smarty->assign('format_opts', $SCAN_OPTS_FORMAT); + $smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); + $smarty->assign('scope', $i->scope); + $smarty->assign('mode', $i->mode); + $smarty->assign('diff_id', $i->diff_id); + $smarty->display('single_scan_controls.tpl'); + echo "<hr>"; -$report_data['print_view'] = false; -$smarty->assign('result_data', $report_data); -if ($i->format == 'text') echo "<pre>"; -$smarty->display("{$i->mode}_scan_{$i->format}.tpl"); -if ($i->format == 'text') echo "</pre>"; -UI_Footer(); + $report_data['print_view'] = false; + $smarty->assign('result_data', $report_data); + if (in_array($i->format, array('text', 'csv'))) echo "<pre>"; + $smarty->display("{$i->mode}_scan_{$i->format}.tpl"); + if (in_array($i->format, array('text', 'csv'))) echo "</pre>"; + UI_Footer(); +} else { + /* download report */ + $smarty->assign('result_data', $report_data); + $output = $smarty->fetch("{$i->mode}_scan_{$i->format}.tpl"); + $output_len = strlen($output); + header("Content-length: $output_len"); + header("Content-type: application/octet-stream"); + header("Content-Disposition: attachment; filename=".$i->scan_id."-report.".$SCAN_format_exts[$i->format]); + print $output; +} + ?> Modified: trunk/Main/Host/Scan/view_plugins.php =================================================================== --- trunk/Main/Host/Scan/view_plugins.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/view_plugins.php 2006-08-07 13:35:24 UTC (rev 462) @@ -72,12 +72,12 @@ UI_EchoLeft("Plugin: "); echo "<td>"; UI_Style($pl['name'], - STY_BOLD|STY_SIZE, array("SIZE"=>STY_FONT_SHUGE)); + STY_BOLD|STY_SIZE, array("SIZE"=>STY_FONT_LARGE)); echo "</td></tr>"; UI_EchoLeft("Family: "); echo "<td>"; UI_Style($pl['family'], - STY_SIZE, array("SIZE"=>STY_FONT_HUGE)); + STY_SIZE, array("SIZE"=>STY_FONT_LARGE)); echo "</td></tr>"; UI_EchoLeft("Short Description: "); UI_EchoRight($pl['short_desc']); @@ -92,7 +92,7 @@ UI_EchoLeft("Status: "); UI_EchoRight(($pl['disabled'] == 1)?"<span style='color: red;'>Disabled</span>":"<span style='color: green;'>Enabled</span>"); UI_EchoLeft("Description: "); - UI_EchoRight("<pre>".$pl['description']."</pre>"); + UI_EchoRight("<pre>".str_replace(";", "\n", $pl['description'])."</pre>"); echo "</table>"; UI_Footer(); Modified: trunk/Main/People/Session/I2A2/login_proc.php =================================================================== --- trunk/Main/People/Session/I2A2/login_proc.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/People/Session/I2A2/login_proc.php 2006-08-07 13:35:24 UTC (rev 462) @@ -85,7 +85,7 @@ error_reporting(E_ALL); } else { if (isset($_REQUEST['target'])) { - login_box("Invalid session or session timed out!"); + login_box("Your session timed out! Please login to proceed."); } else { login_box("Error authenticating: bad login name or password."); } @@ -116,7 +116,7 @@ function login_box($message) { global $INC_PATH, $IMAGE_PATH,$_CONFIG; - UI_Header("Login Error"); + UI_Header("VSC Login"); echo "<h2>$message</h2>"; echo "<div style='font-style: italic;'>".$_CONFIG['login_banner']."</div>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; Modified: trunk/Main/People/Session/include/libsession.inc =================================================================== --- trunk/Main/People/Session/include/libsession.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/People/Session/include/libsession.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -67,6 +67,7 @@ if (isset($_SERVER['PHP_SELF'])) { list($void, $path) = explode($_SERVER['HTTP_HOST'], $IMAGE_PATH); $r_path = str_replace($path, "", $_SERVER['PHP_SELF']); + $r_path = $r_path . "?".$_SERVER['QUERY_STRING']; $return = base64_encode($r_path); $auth_url = str_replace("AUTH_", "",$_CONFIG['use_auth']); if ($auth_url == "STD") $auth_url = 'SUPA'; Modified: trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl =================================================================== --- trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -51,7 +51,7 @@ <!--div style="height:125px; width: 100%; overflow:auto; border:2px inset; padding: 0px; text-align:left;"--> <!--spanstyle='font-size: 10px; font-weight: bold;'>Host Information</span><br /--> {foreach item=host from=$hosts} - <option value='{$host.host_id}' style='font-size:10px;' class='{cycle name='fin' values='FIN-odd,FIN-even'}'> + <option value='{$host.hostid}' style='font-size:10px;' class='{cycle name='fin' values='FIN-odd,FIN-even'}'> <!--class='{if $host.status eq "FIN"}{cycle name="fin" values="FIN-odd,FIN-even"}{elseif $host.status eq "REQ"}{cycle name="req" values="REQ-odd,REQ-even"}{elseif $host.status eq "PROC"}{cycle name="proc" values="PROC-odd,PROC-even"}{elseif $host.status eq "ERR"}{cycle name="err" values="ERR-odd,ERR-even"}{/if}'--> {$host.address|string_format:"%-15s"|replace:" ":" "} - {$host.dns_name|string_format:"%-40s"}<br /> </option> Modified: trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl =================================================================== --- trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -107,18 +107,21 @@ </select> </td> </tr> - <tr> + <!--tr> <td style='font-size: 10px;'> Print View </td> <td style='font-size: 10px;'> <input type='checkbox' name='print_view' value='yes'> </td> - </tr> + </tr--> <tr> - <td colspan='2' style='font-size: 10px;'> - <input type='submit' value='View Report'> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='View Report'> </td> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='Download Report'> + </td> </tr> </table> {/if} Modified: trunk/Main/tpl/Reports/single_scan_controls.tpl =================================================================== --- trunk/Main/tpl/Reports/single_scan_controls.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Reports/single_scan_controls.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -32,9 +32,12 @@ </td> <td align='right'>Print View On</td> <td><input type='checkbox' name='print_view' value='yes' {if $print_view == "yes"}checked="checked"{/if}></td> - <td align=left' colspan='2'> - <input type='submit' value='Update'> + <td align=left'> + <input type='submit' name='action' value='Update'> </td> + <td align=left'> + <input type='submit' name='action' value='Download'> + </td> </tr> </table> </form> Modified: trunk/Main/tpl/Reports/single_scan_csv.tpl =================================================================== --- trunk/Main/tpl/Reports/single_scan_csv.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Reports/single_scan_csv.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -1,6 +1,6 @@ -"IP Address", "Hostname", "Plugin ID", "Port Info", "Family", "Risk Factor", "Description"<br> +"IP Address", "Hostname", "Plugin ID", "Port Info", "Family", "Risk Factor", "Description" {foreach name=hostid item=hostd from=$result_data.hosts} - {foreach item=vuln from=$hostd.results} - {$hostd.address},{$host.dns_name},{$vuln.plugin_id},{$vuln.prot}/{$vuln.port} {$vuln.service},{$vuln.family},"{$vuln.body|replace:"\"":"'"}"<br> - {/foreach} +{foreach item=vuln from=$hostd.results} +{$hostd.address},{$host.dns_name},{$vuln.plugin_id},{$vuln.prot}/{$vuln.port} {$vuln.service},{$vuln.family},{$vuln.severity},"{$vuln.body|replace:"\"":"'"|replace:"\n":" "}" {/foreach} +{/foreach} Modified: trunk/pyvscd/libvscmt/__init__.py =================================================================== --- trunk/pyvscd/libvscmt/__init__.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/libvscmt/__init__.py 2006-08-07 13:35:24 UTC (rev 462) @@ -2,4 +2,4 @@ Multi-thread aware libvsc for pyvscd """ -__all__ = ["plugins","scan", "nessusmt", "plugins"] +__all__ = ["plugins","scan", "nessusmt", "plugins", "host"] Modified: trunk/pyvscd/libvscmt/host.py =================================================================== --- trunk/pyvscd/libvscmt/host.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/libvscmt/host.py 2006-08-07 13:35:24 UTC (rev 462) @@ -27,17 +27,6 @@ c.close() return rdict -def updateNetBios(db, scan_id, host_addr_map): - """updates the netbios and mac address information of - the hosts in the host_addr_map (e.g.,returned from the above - function) - - Keyword Arguments: - db - MySQLdb.connections.Connection - scan_id - integer - host_addr_map - dict, of ip:hostid pairs - """ - pass def saveNessusResult(db,scan_id,host_id,result): """Saves a result from the Nessus server @@ -110,3 +99,97 @@ else: return False +def updateNetBios(db, scan_id, host_addr_map): + """updates the netbios and mac address information of + the hosts in the host_addr_map (e.g.,returned from the above + function) + + Keyword Arguments: + db - MySQLdb.connections.Connection + scan_id - integer + host_addr_map - dict, of ip:hostid pairs + """ + pass + +def getNewHosts(db, limit=None): + """retrieves all new hosts in the database, that is hosts who have been recently + added and do not have a dns address cached. + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name = address " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + + c.close() + return hosts + +def getRevisitableHosts(db, limit=None): + """retrieves all hosts in the database that did not have DNS records when initially dug + these hosts exist in the database with the dns_name "address*" where address is the host's + ip + + Keyword Arguments: + db - MySQLdb.connections.Connection + limit - integer (optional) + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name regexp '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\\\\*' " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + c.close() + return hosts + +def getAllHosts(db): + """retrieves all hosts in the database + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + + c = db.cursor() + __sql__ = "select hostid, address, dns_name from Host" + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address, dns_name) = row + hosts[hostid] = (address, dns_name) + row = c.fetchone() + c.close() + return hosts + +def setHostName(db, hostid, dns_name): + """sets the given host's dns_name + + Keyword Arguments: + db - MySQLdb.connections.Connection + host_id - integer + dns_name - string + """ + c = db.cursor() + __sql__ = "update Host set dns_name=%s where hostid=%s" + c.execute(__sql__, (dns_name, hostid)) + c.close() + db.commit() + Modified: trunk/pyvscd/pyssus/handlers.py =================================================================== --- trunk/pyvscd/pyssus/handlers.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyssus/handlers.py 2006-08-07 13:35:24 UTC (rev 462) @@ -395,7 +395,7 @@ raise NessusHandlerError, "Plugin[%s] data should contain %s, received %s --> %s" % (count, (self.basePluginLength+self.plugin_opts.__len__()), plugin.__len__(), "|||".join(plugin)) def _getSeverity(self, description): - m = re.compile("(Risk Factor|Risk)\s*:\s*([a-z|A-Z\/]+)", re.IGNORECASE|re.MULTILINE).search(description) + m = re.compile("(Risk Factor|Risk)[;\s]*:[;\s]*([a-z|A-Z\/]+)\s*.*", re.IGNORECASE|re.MULTILINE).search(description) if m == None: return "Unknown" (rb,sev) = m.group(1,2) Modified: trunk/pyvscd/pyssus/test/pyssus-test.py =================================================================== --- trunk/pyvscd/pyssus/test/pyssus-test.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyssus/test/pyssus-test.py 2006-08-07 13:35:24 UTC (rev 462) @@ -65,8 +65,10 @@ msg.unpack() pluginData = handlers.NessusPluginsHandler(msg, opt_list) print "Processed %s plugins" % (pluginData.plugins.__len__()) - #print "Output: " + pluginData.__str__() + print "Output: " + "\n".join(pluginData.plugins.itervalues()) + cx.close() + sys.exit(0) #handle preferences msg = cx.readMessage() while msg == None: Modified: trunk/pyvscd/pyvscd.conf.example =================================================================== --- trunk/pyvscd/pyvscd.conf.example 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyvscd.conf.example 2006-08-07 13:35:24 UTC (rev 462) @@ -13,6 +13,13 @@ logfile_level: 30 logfile: pyvscd.log +#syslog logging configuration +syslog_enable: no +syslog_server: localhost +syslog_port: 514 +syslog_facility: local0 +syslog_loglevel: 20 + #console logging must be enabled, but you can #set the severity logcons_level: 40 Modified: trunk/pyvscd/pyvscd.py =================================================================== --- trunk/pyvscd/pyvscd.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyvscd.py 2006-08-07 13:35:24 UTC (rev 462) @@ -22,9 +22,11 @@ from Queue import Queue from threading import Thread import logging +import logging.handlers import MySQLdb import os import signal +import socket import sys import time @@ -78,7 +80,27 @@ formatter = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s','%m-%d %H:%M') filelog.setFormatter(formatter) logging.getLogger().addHandler(filelog) - + + if conf.has_option('general', 'syslog_enable') and conf.getboolean('general', 'syslog_enable'): + print "Enabling Syslog..." + syslog_server = 'localhost' + syslog_port = 514 + syslog_facility = 'local1' + syslog_level = logging.INFO + if conf.has_option('general', 'syslog_server'): + syslog_server = conf.get('general', 'syslog_server') + #syslog_server = socket.inet_aton(socket.gethostbyname(conf.get('general', 'syslog_server'))) + if conf.has_option('general', 'syslog_port'): + syslog_port = conf.getint('general', 'syslog_port') + if conf.has_option('general', 'syslog_facility'): + syslog_facility = conf.get('general', 'syslog_facility') + if conf.has_option('general', 'syslog_loglevel'): + syslog_level = conf.getint('general', 'syslog_loglevel') + + syslogger = logging.handlers.SysLogHandler( (syslog_server, syslog_port), syslog_facility ) + syslogger.setLevel(syslog_level) + logging.getLogger().addHandler(syslogger) + log = logging.getLogger('pyvscd') #get mysql configuration information Copied: trunk/pyvscd/util/cachedns.py (from rev 461, branches/vsc-2.0/pyvscd/util/cachedns.py) =================================================================== --- trunk/pyvscd/util/cachedns.py (rev 0) +++ trunk/pyvscd/util/cachedns.py 2006-08-07 13:35:24 UTC (rev 462) @@ -0,0 +1,133 @@ +#!/usr/bin/env python2.4 + +""" +Python script for importing plugins from the Nessus server. +""" + +import sys +sys.path.append('../') +from ConfigParser import ConfigParser +from optparse import OptionParser +from socket import error as socket_error, gethostbyaddr +import socket +import time +import logging +import MySQLdb +from libvscmt import host + +def __main__(): + usage = "usage: %prog [options] [hosts]" + parser = OptionParser(usage=usage) + parser.add_option('-d', '--debug', action='store_true', dest='debug',help='enable debugging') + parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') + parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') + parser.add_option('-m', '--mode', dest='mode', help='DNS Cache mode: n|new - update new hosts; r|revisit - attempt to reload dns information for all unknown hosts; a|all - reload all DNS information') + parser.add_option('-l', '--limit', dest='limit', help='Limit for records to check on new and revist operations') + + (options, args) = parser.parse_args() + if not options.conf and not options.mode: + parser.print_help() + sys.exit(-1) + + logging.basicConfig() + if options.verbose: + logging.getLogger('').setLevel(logging.INFO) + + if options.debug: + #set root logger to DEBUG + logging.getLogger('').setLevel(logging.DEBUG) + #our logger should inherit the root logging level + log = logging.getLogger('cachedns') + + if options.debug: + log.debug('Debugging enabled') + elif options.verbose: + log.debug('Verbose enabled') + limit = 255 #a class C subnet seems reasonable + if options.limit: + limit = options.limit + log.debug("Record limit set to %s" % (limit)) + else: + log.debug("Record limit set to default %s" % (limit)) + + #read our config file + config = ConfigParser() + config.read(options.conf) + if not config.has_section('mysql') or not config.has_section('general'): + log.error("The config file must contain a [mysql] and [general] section!") + sys.exit(-1) + + dbhost = config.get('mysql','host') + dbuser = config.get('mysql','username') + dbpasswd = config.get('mysql','password') + dbname = config.get('mysql','database') + root_domain = config.get('general', 'root_domain') + + #open MySQL Connection + db = MySQLdb.connect(host=dbhost, user=dbuser, passwd=dbpasswd, db=dbname) + + if options.mode == 'n' or options.mode == 'new': + log.debug("Updating DNS for new hosts...") + new_hosts = host.getNewHosts(db, limit=limit) + if len(new_hosts) == 0: + log.debug("No new hosts to cache...") + sys.exit(0) + + for (hostid, address) in new_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + #code to do that + host.setHostName(db, hostid, hostname) + else: + log.debug("Marking host %s as nameless" % (hostid)) + #code to do that + host.setHostName(db, hostid, "%s*" % (address)) + elif options.mode == 'r' or options.mode == 'revisit': + log.debug("Updating DNS for revisited hosts") + rev_hosts = host.getRevisitableHosts(db, limit=limit) + if len(rev_hosts) == 0: + log.debug("No old hosts to revisit") + + for (hostid, address) in rev_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host still has no name, passing...") + elif options.mode == 'a' or options.mode == 'all': + log.debug("Updating DNS for all hosts") + all_hosts = host.getAllHosts(db) + for (hostid, data) in all_hosts.iteritems(): + (address, dns_name) = data + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None and hostname != dns_name: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host has no new name, passing...") + else: + log.error("No such option %s" % (options.mode)) + sys.exit(1) + +def get_hostname(address): + log = logging.getLogger('cachedns.get_hostname') + try: + (hostname, aliaslist, ipaddr_list) = gethostbyaddr(address) + log.debug("DNS name is %s" % (hostname)) + log.debug("Alias list is : " + ", ".join(aliaslist)) + return hostname + except socket.herror: + log.debug("No address found for host.") + return None + + + +if __name__ == '__main__': + __main__() + Modified: trunk/pyvscd/util/loadplugins.py =================================================================== --- trunk/pyvscd/util/loadplugins.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/util/loadplugins.py 2006-08-07 13:35:24 UTC (rev 462) @@ -23,6 +23,7 @@ parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') parser.add_option('-S', '--ssl',action='store_true', dest='ssl',help='enable ssl for nessus connection') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') (options, args) = parser.parse_args() if not options.nessus and not options.conf: @@ -89,7 +90,7 @@ #we need to replace this with our plugins handler pluginData = VSCPluginsHandler(msg, opt_list) logging.info("Received %s plugins", str(pluginData.plugins.__len__())) - pluginData.handle(args=(db,root_domain)) + pluginData.handle(args=(db,root_domain,options.nocommit)) log.debug("disconnecting from server.") cx.close() #end main @@ -98,11 +99,11 @@ def handle(self, args): log = logging.getLogger('plugins handler') - (db,root_domain) = args - libvscmt.plugins.flushTempPlugins(db) + (db,root_domain,nocommit) = args + if not nocommit: libvscmt.plugins.flushTempPlugins(db) for p in self.plugins: - libvscmt.plugins.addPlugin(db, p) - log.debug("added %s: %s", p['plugin'], p['name']) + if not nocommit: libvscmt.plugins.addPlugin(db, p) + log.debug("added %s: %s - %s", p['plugin'], p['name'], p['severity']) families = libvscmt.plugins.getFamilies(db) if "Full Scan" not in families: @@ -114,7 +115,8 @@ polid = libvscmt.plugins.policyExists(db, family, libvscmt.plugins.POLICY_USER, root_domain) if polid is None: log.debug("policy |%s| not found!", family) - libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", + if not nocommit: + libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", 1, root_domain, libvscmt.plugins.POLICY_USER ) ) @@ -133,7 +135,7 @@ log.debug("mapping plugins to policy %s[%s]", family,polid) for pl in plugin_list: #log.debug("mapping plugin [#%s] to policy [%s]" % (pl, polid)) - if not libvscmt.plugins.isMapped(db,polid, pl): + if not libvscmt.plugins.isMapped(db,polid, pl) and not nocommit: libvscmt.plugins.mapPlugin(db,polid, pl) log.info("finished mapping plugins for this policy.") This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
