exploit-finder/workWithModuleNmap.py at master · securipy/exploit-finder · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#!/usr/bin/python
#-*-coding:utf-8-*-
#- exploit-finder Class

#- Copyright (C) 2015 GoldraK & Roger Serentill
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>


"""Exploit finder. Connection with module nmap-scan"""

__author__ 		= "GoldraK & Roger Serentill & Carlos A. Molina"
__credits__ 	= "GoldraK & Roger Serentill & Carlos A. Molina"
__version__ 	= "0.1.1"
__maintainer__ 	= "GoldraK & Roger Serentill & Carlos A. Molina"
__email__ 		= "goldrak@gmail.com, hello@rogerserentill.com, carlosantmolina@gmail.com"
__status__ 		= "Development"

import sys
sys.path.append('modules/nmap-scan/model')
from teco import color, style
from database import Database
from scan_DB import ScanDB
from utility_ask import Ask
from utility_changeHostName import ChangeHostName
from utility_selectAuditAndRevision import SelectAuditRev
from utility2 import ChangeFormat

class WorkWithModuleNmap():

    def __init__(self):
        self.db = Database()
        self.scanDB = ScanDB()
        self.ask = Ask()
        self.cHN = ChangeHostName()
        self.sAR = SelectAuditRev()
        self.cf = ChangeFormat()

    def selectAuditRev(self):
        print color('bcyan', 'Select audit')
        auditsDBallInfo = self.db.retrieve_auditsAllInfo()
        auditNumber, auditName = self.sAR.selectExistingAudit(auditsDBallInfo)
        print color('bcyan', 'Select revision')
        revisions4AuditDBAllInfo = self.db.retrieve_revisonAllInfoByAuditID(auditNumber)
        revisionNumber, revisionName = self.sAR.selectExistingRevision(revisions4AuditDBAllInfo)
        return auditNumber, revisionNumber

    def showListPortsIDandPortsNames(self, lastHostID):
        portsNumber4hostID = self.scanDB.getPortsNumber(lastHostID)  # list of one or more integers. Example [80, 21, 22, 23]
        portsOpenID = self.scanDB.getPortsOpenID(lastHostID, portsNumber4hostID) # list of tuples. Example [(1,), (2,), (3,), (4,)]
        if portsOpenID == -1:
            print color('rojo', 'Not scanned ports for this host')
        else:
            portsOpenID = self.cf.eliminateTuplesAtList(portsOpenID) # list or a int
            portsOpenID = self.cf.createList(portsOpenID) # list
            portsOpenNumber = self.db.retrieve_portNumber_byPortsID(self.cf.createTuple(portsOpenID)) # list of tuples. Example [(80,), (21,), (22,), (23,)]
            portsOpenNumber = self.cf.eliminateTuplesAtList(portsOpenNumber)  # list or int
            portsOpenNumber = self.cf.createList(portsOpenNumber) # list
            portsIDandNumber = self.cf.createListOfTuplesFrom2Lists(portsOpenID, portsOpenNumber)
            print color('verde', 'Available ports for this host')
            print color('verde','id   number')
            print color('verde','-----------')
            for portIDandNumber in portsIDandNumber:
                print color('verde', str(portIDandNumber[0])+'.   ' + str(portIDandNumber[1]))
            print '' # blank line
        return portsOpenID # list

    def returnPortInfo(self):
        auditNumber, revisionNumber = self.selectAuditRev()
        if auditNumber != None and revisionNumber != None:
            revision_with_values = self.db.check_tableHostsValues4ThisRevision(auditNumber, revisionNumber)
            if revision_with_values != -1:
                lastHostID = self.cHN.selectHostID(auditNumber, revisionNumber)
                if lastHostID != -1:
                    portsIDavailableList = self.showListPortsIDandPortsNames(lastHostID)
                    if portsIDavailableList != -1:
                        portID = self.ask.ask4ListOptionNumber(portsIDavailableList)
                        self.scanDB.showPortInfo(portID)
                        portVersionDictionary = self.scanDB.getPortVersionAsDictionary(portID)
                        if portVersionDictionary['product'] != 'None':
                            portInfo = portVersionDictionary['product']
                            portInfo = str(portInfo.encode('utf-8'))  # avoid error UnicodeEncodeError: 'ascii' codec can't encode character ... in position ...: ordinal not in range(128)
                            return portInfo
                        else:
                            return -1
                    else:
                        return -1
                else:
                    return -1
            else:
                print color('rojo', 'No hosts discovered for this revision')
                return -1
        else:
            return -1