''' (c) 2008 Adam Pridgen adam.pridgen@thecoverofnight.com This script is an example script that will parse and pull out interesting plugin results. The results are then written to a details file and then written to a *.doc file using search and replace on key words. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . ''' import codecs from nessconnectDMP import * nb_data = "nb_host_csv.txt" netbios_data = codecs.open(nb_data, encoding='utf-8').readlines() netbios_data = [i.split(',') for i in netbios_data if i.split(',')[0] != ''] nmbscan_data = codecs.open("all_winhosts.txt").readlines() nmbscan_results = parseNmbscanResults("".join(nmbscan_data)) f = [] for i in netbios_data: f.append([i[0],i[1],'']) netbios_data = f # parse the Nessconnect XML data files = ["Report_Full.xml","Report_Full2.xml"] results = parseMultipleFiles(files) host_info = build_host_kb(results) unscanned_hosts = updateResultsNetbios(host_info, netbios_data) host_info = mergeNmbscanHostInfo(host_info, nmbscan_results) http_info = getHTTPInfo(host_info, results) #for i in t: print t[i] k = create_HttpInfo_sumary(http_info) f = open("http_summary_csv.csv",'w') f.write(k) f.close() csv = create_csv(host_info, results, netbios_data) # Out file can be changer to what ever f = codecs.open("scan_summary_csv.csv", 'w', encoding='utf-8') f.write(csv) f.close() today = "August 1, 2008" findings = [] findings.append(getInitOut(findResultbyPluginName("Compaq WBEM Buffer Overflow Vulnerability", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("DameWare", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Open X11", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Cisco IOS HTTP Configuration", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Samba trans2open", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Microsoft's SQL", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Microsoft's SQL", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("MySQL", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Flash Player", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Kiwi", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Backup Exec", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("F-Secure",results), host_info)) findings.append(getInitOut(findResultbyPluginName("Apache", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Nortel Baystack switch password test", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Samba", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Trend Micro", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("War FTP", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Adobe", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Deprecated SSL", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("HP System Management Homepage", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("LDAP", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Outlook Web Access URL Injection", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("TFTP directory traversal", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("SMB OpenEventLog() over \srvsvc", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("SMB blank administrator password", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("pcAnywhere", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("WindowsUpdate disabled", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Windows Terminal Services Enabled", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Cumulative Security Update", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Sun Java", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("IIS 5.0 PROPFIND Vulnerability", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName(".NET", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Web server traversal", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("WinPcap NPF.SYS", results), host_info, today)) findings.append(getInitOut(findResultbyPluginName("Macrovision SECDRV.SYS", results), host_info, today)) print findings for ref in findings: ref['CATEGORY'] = 'Vulnerability' misconf = [] misconf.append(getInitOut(findResultbyPluginName("SMB Registry", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("Weak Supported SSL", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("Detect CIS ports", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("DNS Cache Snooping", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("Default community", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("SSL Certificate", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("Private IP address", results), host_info, today)) misconf.append(getInitOut(findResultbyPluginName("UPNP/Tcp", results), host_info, today)) for ref in misconf: ref['CATEGORY'] = 'Misconfiguration' info = [] info.append(getInitOut(findResultbyPluginName("Web Server", results), host_info, today)) info.append(getInitOut(findResultbyPluginName("Telnet Server", results), host_info, today)) info.append(getInitOut(findResultbyPluginName("FTP Server", results), host_info, today)) info.append(getInitOut(findResultbyPluginName("SMTP server on a strange port", results), host_info, today)) for ref in info: ref['CATEGORY'] = 'Informational' s = DumpHttpServerGroup(GroupbyHttpServer(http_info)) info[0]['HOST_SPECIFICS'] = s.replace('\n','\r') findings += misconf findings += info out = '' for finding in findings: out+= getFindingTxt(finding) f = codecs.open("findings.txt", 'w', encoding='utf-8') f.write(out) f.close() # This will return a string and print out a dump of the accumulated results dumpResultsSearchInfo(findResultbyPluginName("Compaq WBEM Buffer Overflow Vulnerability", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Flash Player", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Kiwi", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Backup Exec", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Apache", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Nortel Baystack switch password test", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Samba", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Trend Micro", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("War FTP", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Default Community", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Adobe", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Trend Micro", results)) dumpResultsSearchInfo(findResultbyPluginName("Telnet Server"results), host_info) dumpResultsSearchInfo(findResultbyPluginName("FTP Server", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("DNS Cache Snooping", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Deprecated SSL", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("HP System Management Homepage", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("LDAP", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Outlook Web Access URL Injection", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("TFTP directory traversal", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Web Server", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("SMTP server on a strange port", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Private IP address", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Detect CIS ports", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("SMB OpenEventLog() over \srvsvc", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("SMB blank administrator password", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("WebDAV enabled", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("pcAnywhere", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("WindowsUpdate disabled", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Windows Terminal Services Enabled", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("Windows Terminal Services Enabled", results), host_info) dumpResultsSearchInfo(findResultbyPluginName("SSL Certificate", results), host_info)