Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed issue where when actioning all actions, if one failed it exited the program

Browse Source
This commit is contained in:
Quim
2020-02-21 15:50:14 +01:00
parent adb7700300
commit e1ca9fadcd
2 changed files with 57 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
bin/vuln_whisperer
View File

@ -83,14 +83,17 @@ def main():
enabled_sections = config.get_sections_with_attribute('enabled') enabled_sections = config.get_sections_with_attribute('enabled')
for section in enabled_sections: for section in enabled_sections:
vw = vulnWhisperer(config=args.config, try:
profile=section, vw = vulnWhisperer(config=args.config,
verbose=args.verbose, profile=section,
username=args.username, verbose=args.verbose,
password=args.password, username=args.username,
source=args.source, password=args.password,
scanname=args.scanname) source=args.source,
exit_code += vw.whisper_vulnerabilities() scanname=args.scanname)
exit_code += vw.whisper_vulnerabilities()
except Exception as e:
logger.error("VulnWhisperer was unable to perform the processing on '{}'".format(args.source))
else: else:
logger.info('Running vulnwhisperer for section {}'.format(args.section)) logger.info('Running vulnwhisperer for section {}'.format(args.section))
vw = vulnWhisperer(config=args.config, vw = vulnWhisperer(config=args.config,

71
vulnwhisp/vulnwhisp.py
View File

@ -319,7 +319,8 @@ class vulnWhispererNessus(vulnWhispererBase):
e=e)) e=e))
except Exception as e: except Exception as e:
self.logger.error('Could not properly load your config!\nReason: {e}'.format(e=e)) self.logger.error('Could not properly load your config!\nReason: {e}'.format(e=e))
sys.exit(1) return False
#sys.exit(1)
@ -575,8 +576,11 @@ class vulnWhispererQualys(vulnWhispererBase):
self.logger = logging.getLogger('vulnWhispererQualys') self.logger = logging.getLogger('vulnWhispererQualys')
if debug: if debug:
self.logger.setLevel(logging.DEBUG) self.logger.setLevel(logging.DEBUG)
try:
self.qualys_scan = qualysScanReport(config=config) self.qualys_scan = qualysScanReport(config=config)
except Exception as e:
self.logger.error("Unable to establish connection with Qualys scanner. Reason: {}".format(e))
return False
self.latest_scans = self.qualys_scan.qw.get_all_scans() self.latest_scans = self.qualys_scan.qw.get_all_scans()
self.directory_check() self.directory_check()
self.scans_to_process = None self.scans_to_process = None
@ -747,10 +751,14 @@ class vulnWhispererOpenVAS(vulnWhispererBase):
self.develop = True self.develop = True
self.purge = purge self.purge = purge
self.scans_to_process = None self.scans_to_process = None
self.openvas_api = OpenVAS_API(hostname=self.hostname, try:
port=self.port, self.openvas_api = OpenVAS_API(hostname=self.hostname,
username=self.username, port=self.port,
password=self.password) username=self.username,
password=self.password)
except Exception as e:
self.logger.error("Unable to establish connection with OpenVAS scanner. Reason: {}".format(e))
return False
def whisper_reports(self, output_format='json', launched_date=None, report_id=None, cleanup=True): def whisper_reports(self, output_format='json', launched_date=None, report_id=None, cleanup=True):
report = None report = None
@ -861,8 +869,11 @@ class vulnWhispererQualysVuln(vulnWhispererBase):
self.logger = logging.getLogger('vulnWhispererQualysVuln') self.logger = logging.getLogger('vulnWhispererQualysVuln')
if debug: if debug:
self.logger.setLevel(logging.DEBUG) self.logger.setLevel(logging.DEBUG)
try:
self.qualys_scan = qualysVulnScan(config=config) self.qualys_scan = qualysVulnScan(config=config)
except Exception as e:
self.logger.error("Unable to create connection with Qualys. Reason: {}".format(e))
return False
self.directory_check() self.directory_check()
self.scans_to_process = None self.scans_to_process = None
@ -1009,7 +1020,8 @@ class vulnWhispererJIRA(vulnWhispererBase):
raise Exception( raise Exception(
'Could not connect to nessus -- Please verify your settings in {config} are correct and try again.\nReason: {e}'.format( 'Could not connect to nessus -- Please verify your settings in {config} are correct and try again.\nReason: {e}'.format(
config=self.config.config_in, e=e)) config=self.config.config_in, e=e))
sys.exit(1) return False
#sys.exit(1)
profiles = [] profiles = []
profiles = self.get_scan_profiles() profiles = self.get_scan_profiles()
@ -1261,7 +1273,10 @@ class vulnWhispererJIRA(vulnWhispererBase):
if autoreport_sections: if autoreport_sections:
for scan in autoreport_sections: for scan in autoreport_sections:
self.jira_sync(self.config.get(scan, 'source'), self.config.get(scan, 'scan_name')) try:
self.jira_sync(self.config.get(scan, 'source'), self.config.get(scan, 'scan_name'))
except Exception as e:
self.logger.error("VulnWhisperer wasn't able to report the vulnerabilities from the '{}'s source".format(self.config.get(scan, 'source')))
return True return True
return False return False
@ -1294,36 +1309,42 @@ class vulnWhisperer(object):
if self.profile == 'nessus': if self.profile == 'nessus':
vw = vulnWhispererNessus(config=self.config, vw = vulnWhispererNessus(config=self.config,
profile=self.profile) profile=self.profile)
self.exit_code += vw.whisper_nessus() if vw:
self.exit_code += vw.whisper_nessus()
elif self.profile == 'qualys_web': elif self.profile == 'qualys_web':
vw = vulnWhispererQualys(config=self.config) vw = vulnWhispererQualys(config=self.config)
self.exit_code += vw.process_web_assets() if vw:
self.exit_code += vw.process_web_assets()
elif self.profile == 'openvas': elif self.profile == 'openvas':
vw_openvas = vulnWhispererOpenVAS(config=self.config) vw_openvas = vulnWhispererOpenVAS(config=self.config)
self.exit_code += vw_openvas.process_openvas_scans() if vw:
self.exit_code += vw_openvas.process_openvas_scans()
elif self.profile == 'tenable': elif self.profile == 'tenable':
vw = vulnWhispererNessus(config=self.config, vw = vulnWhispererNessus(config=self.config,
profile=self.profile) profile=self.profile)
self.exit_code += vw.whisper_nessus() if vw:
self.exit_code += vw.whisper_nessus()
elif self.profile == 'qualys_vuln': elif self.profile == 'qualys_vuln':
vw = vulnWhispererQualysVuln(config=self.config) vw = vulnWhispererQualysVuln(config=self.config)
self.exit_code += vw.process_vuln_scans() if vw:
self.exit_code += vw.process_vuln_scans()
elif self.profile == 'jira': elif self.profile == 'jira':
#first we check config fields are created, otherwise we create them #first we check config fields are created, otherwise we create them
vw = vulnWhispererJIRA(config=self.config) vw = vulnWhispererJIRA(config=self.config)
if not (self.source and self.scanname): if vw:
self.logger.info('No source/scan_name selected, all enabled scans will be synced') if not (self.source and self.scanname):
success = vw.sync_all() self.logger.info('No source/scan_name selected, all enabled scans will be synced')
if not success: success = vw.sync_all()
self.logger.error('All scans sync failed!') if not success:
self.logger.error('Source scanner and scan name needed!') self.logger.error('All scans sync failed!')
return 0 self.logger.error('Source scanner and scan name needed!')
else: return 0
vw.jira_sync(self.source, self.scanname) else:
vw.jira_sync(self.source, self.scanname)
return self.exit_code return self.exit_code