Completion of OpenVAS module

vulnwhisp/frameworks/openvas.py

@@ -4,11 +4,12 @@ __author__ = 'Austin Taylor'
 
 import datetime as dt
 import io
-import json
+
 import pandas as pd
 import requests
 from bs4 import BeautifulSoup
 from requests.packages.urllib3.exceptions import InsecureRequestWarning
+from ..utils.cli import bcolors
 
 requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
 
@@ -49,6 +50,7 @@ class OpenVAS_API(object):
         self.login()
 
         self.openvas_reports = self.get_reports()
+        self.report_formats = self.get_report_formats()
 
     def vprint(self, msg):
         if self.verbose:
@@ -112,10 +114,35 @@ class OpenVAS_API(object):
         ]
         token = requests.post(self.base + self.OMP, data=data, verify=False)
         return token
+    def get_report_formats(self):
+        params = (
+            ('cmd', 'get_report_formats'),
+            ('token', self.token)
+        )
+        self.vprint('{info} Retrieving available report foramts'.format(info=bcolors.INFO))
+        data = self.request(url=self.OMP, method='GET', params=params)
+
+        bs = BeautifulSoup(data.content, "lxml")
+        table_body = bs.find('tbody')
+        rows = table_body.find_all('tr')
+        format_mapping = {}
+        for row in rows:
+            cols = row.find_all('td')
+            for x in cols:
+                for y in x.find_all('a'):
+                    if y.get_text() != '':
+                        format_mapping[y.get_text()] = \
+                        [h.split('=')[1] for h in y['href'].split('&') if 'report_format_id' in h][0]
+        return format_mapping
 
     def get_reports(self, complete=True):
-        print('[INFO] Retreiving OpenVAS report data...')
+        print('{info} Retreiving OpenVAS report data...'.format(info=bcolors.INFO))
-        params = (('cmd', 'get_reports'), ('token', self.token))
+        params = (('cmd', 'get_reports'),
+                  ('token', self.token),
+                  ('max_results', 1),
+                  ('ignore_pagination', 1),
+                  ('filter', 'apply_overrides=1 min_qod=70 autofp=0 first=1 rows=0 levels=hml sort-reverse=severity'),
+                 )
         reports = self.request(self.OMP, params=params, method='GET')
         soup = BeautifulSoup(reports.text, 'lxml')
         data = []
@@ -155,9 +182,9 @@ class OpenVAS_API(object):
             ('token', self.token),
             ('cmd', 'get_report'),
             ('report_id', report_id),
-            ('filter', 'apply_overrides=0 min_qod=70 autofp=0 levels=hml first=1 rows=50 sort-reverse=severity'),
+            ('filter', 'apply_overrides=0 min_qod=70 autofp=0 levels=hml first=1 rows=0 sort-reverse=severity'),
             ('ignore_pagination', '1'),
-            ('report_format_id', '{report_format_id}'.format(report_format_id=self.report_format_id)),
+            ('report_format_id', '{report_format_id}'.format(report_format_id=self.report_formats['CSV Results'])),
             ('submit', 'Download'),
         )
         print('Retrieving %s' % report_id)

vulnwhisp/frameworks/qualys.py

@@ -824,12 +824,18 @@ class qualysScanReport:
         return vuln_ready
 
 
-maxInt = sys.maxsize
+maxInt = int(4000000)
+maxSize = sys.maxsize
+
+if maxSize > maxInt and type(maxSize) == int:
+    maxInt = maxSize
+
 decrement = True
 
 while decrement:
     decrement = False
     try:
+        print type(maxInt), maxInt
         csv.field_size_limit(maxInt)
     except OverflowError:
         maxInt = int(maxInt/10)

vulnwhisp/vulnwhisp.py

@@ -653,13 +653,11 @@ class vulnWhispererOpenVAS(vulnWhispererBase):
         super(vulnWhispererOpenVAS, self).__init__(config=config)
 
         self.port = int(self.config.get(self.CONFIG_SECTION, 'port'))
-        self.report_format_id = self.config.get(self.CONFIG_SECTION, 'report_format_id')
         self.develop = True
         self.purge = purge
         self.scans_to_process = None
         self.openvas_api = OpenVAS_API(hostname=self.hostname,
                                        port=self.port,
-                                       report_format_id=self.report_format_id,
                                        username=self.username,
                                        password=self.password)
 
@@ -668,11 +666,8 @@ class vulnWhispererOpenVAS(vulnWhispererBase):
         if report_id:
             print('Processing report ID: %s' % report_id)
 
-            vuln_ready = self.openvas_api.process_report(report_id=report_id)
+
             scan_name = report_id.replace('-', '')
-            vuln_ready['scan_name'] = scan_name
-            vuln_ready['scan_reference'] = report_id
-            vuln_ready.rename(columns=self.COLUMN_MAPPING, inplace=True)
             report_name = 'openvas_scan_{scan_name}_{last_updated}.{extension}'.format(scan_name=scan_name,
                                                                                        last_updated=launched_date,
                                                                                        extension=output_format)
@@ -704,12 +699,17 @@ class vulnWhispererOpenVAS(vulnWhispererBase):
                     launched_date,
                     report_name,
                     time.time(),
-                    vuln_ready.shape[0],
+                    file_length,
                     self.CONFIG_SECTION,
                     report_id,
                     1,
                 )
 
+            else:
+                vuln_ready = self.openvas_api.process_report(report_id=report_id)
+                vuln_ready['scan_name'] = scan_name
+                vuln_ready['scan_reference'] = report_id
+                vuln_ready.rename(columns=self.COLUMN_MAPPING, inplace=True)
                 vuln_ready.port = vuln_ready.port.fillna(0).astype(int)
                 if output_format == 'json':
                     with open(relative_path_name, 'w') as f: