|
1
|
|
|
# -*- coding: utf-8 -*- |
|
2
|
|
|
# Copyright (C) 2017-2021 Greenbone Networks GmbH |
|
3
|
|
|
# |
|
4
|
|
|
# SPDX-License-Identifier: GPL-3.0-or-later |
|
5
|
|
|
# |
|
6
|
|
|
# This program is free software: you can redistribute it and/or modify |
|
7
|
|
|
# it under the terms of the GNU General Public License as published by |
|
8
|
|
|
# the Free Software Foundation, either version 3 of the License, or |
|
9
|
|
|
# (at your option) any later version. |
|
10
|
|
|
# |
|
11
|
|
|
# This program is distributed in the hope that it will be useful, |
|
12
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14
|
|
|
# GNU General Public License for more details. |
|
15
|
|
|
# |
|
16
|
|
|
# You should have received a copy of the GNU General Public License |
|
17
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
18
|
|
|
|
|
19
|
|
|
import sys |
|
20
|
|
|
from argparse import Namespace |
|
21
|
|
|
from datetime import date, timedelta |
|
22
|
|
|
from lxml import etree as e |
|
23
|
|
|
from gvm.protocols.gmp import Gmp |
|
24
|
|
|
|
|
25
|
|
|
from terminaltables import AsciiTable |
|
26
|
|
|
|
|
27
|
|
|
|
|
28
|
|
|
def check_args(args: Namespace) -> None: |
|
29
|
|
|
len_args = len(args.script) - 1 |
|
30
|
|
|
if len_args < 2: |
|
31
|
|
|
message = """ |
|
32
|
|
|
This script will display all vulnerabilities from the hosts of the |
|
33
|
|
|
reports in a given month! |
|
34
|
|
|
|
|
35
|
|
|
1. <month> -- month of the monthly report |
|
36
|
|
|
2. <year> -- year of the monthly report |
|
37
|
|
|
|
|
38
|
|
|
The third is 'with-tables' parameter to activate a verbose output of |
|
39
|
|
|
hosts. Explicitly made for GOS 3.1. |
|
40
|
|
|
|
|
41
|
|
|
Example: |
|
42
|
|
|
$ gvm-script --gmp-username name --gmp-password pass \ |
|
43
|
|
|
ssh --hostname <gsm> scripts/monthly-report.gmp.py 05 2017 with-tables |
|
44
|
|
|
""" |
|
45
|
|
|
print(message) |
|
46
|
|
|
sys.exit() |
|
47
|
|
|
|
|
48
|
|
|
|
|
49
|
|
|
def get_reports_xml(gmp: Gmp, from_date: date, to_date: date) -> e.Element: |
|
50
|
|
|
""" Getting the Reports in the defined time period """ |
|
51
|
|
|
|
|
52
|
|
|
report_filter = "rows=-1 created>{0} and created<{1}".format( |
|
53
|
|
|
from_date.isoformat(), to_date.isoformat() |
|
54
|
|
|
) |
|
55
|
|
|
|
|
56
|
|
|
return gmp.get_reports(filter=report_filter) |
|
57
|
|
|
|
|
58
|
|
|
|
|
59
|
|
|
def print_result_sums( |
|
60
|
|
|
reports_xml: e.Element, from_date: date, to_date: date |
|
61
|
|
|
) -> None: |
|
62
|
|
|
print('Found {0} reports'.format(len(reports_xml.xpath('report')))) |
|
63
|
|
|
|
|
64
|
|
|
sum_high = reports_xml.xpath( |
|
65
|
|
|
'sum(report/report/result_count/hole/full/text())' |
|
66
|
|
|
) |
|
67
|
|
|
sum_medium = reports_xml.xpath( |
|
68
|
|
|
'sum(report/report/result_count/warning/full/text())' |
|
69
|
|
|
) |
|
70
|
|
|
sum_low = reports_xml.xpath( |
|
71
|
|
|
'sum(report/report/result_count/info/full/text())' |
|
72
|
|
|
) |
|
73
|
|
|
|
|
74
|
|
|
print( |
|
75
|
|
|
'Summary of results from {3} to {4}\nHigh: {0}\nMedium: {1}\nLow: ' |
|
76
|
|
|
'{2}\n\n'.format( |
|
77
|
|
|
int(sum_high), |
|
78
|
|
|
int(sum_medium), |
|
79
|
|
|
int(sum_low), |
|
80
|
|
|
from_date.isoformat(), |
|
81
|
|
|
to_date.isoformat(), |
|
82
|
|
|
) |
|
83
|
|
|
) |
|
84
|
|
|
|
|
85
|
|
|
|
|
86
|
|
|
def print_result_tables(gmp: Gmp, reports_xml: e.Element) -> None: |
|
87
|
|
|
report_list = reports_xml.xpath('report') |
|
88
|
|
|
|
|
89
|
|
|
for report in report_list: |
|
90
|
|
|
report_id = report.xpath('report/@id')[0] |
|
91
|
|
|
name = report.xpath('name/text()')[0] |
|
92
|
|
|
|
|
93
|
|
|
res = gmp.get_report(report_id) |
|
94
|
|
|
|
|
95
|
|
|
print('\nReport: {0}'.format(report_id)) |
|
96
|
|
|
|
|
97
|
|
|
table_data = [['Hostname', 'IP', 'Bericht', 'high', 'medium', 'low']] |
|
98
|
|
|
|
|
99
|
|
|
for host in res.xpath('report/report/host'): |
|
100
|
|
|
hostname = host.xpath( |
|
101
|
|
|
'detail/name[text()="hostname"]/../' 'value/text()' |
|
102
|
|
|
) |
|
103
|
|
|
if len(hostname) > 0: |
|
104
|
|
|
hostname = str(hostname[0]) |
|
105
|
|
|
else: |
|
106
|
|
|
hostname = "" |
|
107
|
|
|
|
|
108
|
|
|
ip = host.xpath('ip/text()')[0] |
|
109
|
|
|
high = host.xpath('result_count/hole/page/text()')[0] |
|
110
|
|
|
medium = host.xpath('result_count/warning/page/text()')[0] |
|
111
|
|
|
low = host.xpath('result_count/info/page/text()')[0] |
|
112
|
|
|
|
|
113
|
|
|
table_data.append([hostname, ip, name, high, medium, low]) |
|
114
|
|
|
|
|
115
|
|
|
table = AsciiTable(table_data) |
|
116
|
|
|
print(table.table + '\n') |
|
117
|
|
|
|
|
118
|
|
|
|
|
119
|
|
|
def main(gmp: Gmp, args: Namespace) -> None: |
|
120
|
|
|
# pylint: disable=undefined-variable |
|
121
|
|
|
|
|
122
|
|
|
check_args(args) |
|
123
|
|
|
|
|
124
|
|
|
month = int(args.script[1]) |
|
125
|
|
|
year = int(args.script[2]) |
|
126
|
|
|
from_date = date(year, month, 1) |
|
127
|
|
|
to_date = from_date + timedelta(days=31) |
|
128
|
|
|
# To have the first day in month |
|
129
|
|
|
to_date = to_date.replace(day=1) |
|
130
|
|
|
|
|
131
|
|
|
reports_xml = get_reports_xml(gmp, from_date, to_date) |
|
132
|
|
|
|
|
133
|
|
|
print_result_sums(reports_xml, from_date, to_date) |
|
134
|
|
|
if "with-tables" in args.script: |
|
135
|
|
|
print_result_tables(gmp, reports_xml) |
|
136
|
|
|
|
|
137
|
|
|
|
|
138
|
|
|
if __name__ == '__gmp__': |
|
139
|
|
|
main(gmp, args) |
|
|
|
|
|
|
140
|
|
|
|
greenbone /
gvm-tools
jstach
Loading history...