Merge branch 'tkt_white_3702_cscan_pull_request' into white/integracion

infobyte · Feb 21, 2017 · ed43dc8 · ed43dc8
2 parents 1d50d8e + 1c12562
commit ed43dc8
Show file tree

Hide file tree

Showing 31 changed files with 823 additions and 91 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -10,3 +10,4 @@ flask
 colorama
 #extra
 psycopg2
+w3af_api_client
diff --git a/scripts/cscan/config.py b/scripts/cscan/config.py
@@ -6,8 +6,12 @@
 ###
 
 config = {
+            #Default setup
+            'CS_CATEGORIES': 'network,web',
+            'CS_SCRIPTS': 'nmap.sh,openvas.sh,nikto.sh,nessus.sh,w3af.sh',
             #NMAP
             'CS_NMAP' : "nmap",
+            'CS_NMAP_ARGS' : "-O",
             #OPENVAS
             'CS_OPENVAS_USER' : 'admin',
             'CS_OPENVAS_PASSWORD' : 'openvas',
@@ -18,6 +22,7 @@
             'CS_BURP' : '/root/tools/burpsuite_pro_v1.6.26.jar',
             #NIKTO
             'CS_NIKTO' : "nikto",
+            'CS_NIKTO_ARGS' : "",
             #W3AF
             'CS_W3AF' : "/root/tools/w3af/w3af_api",
             'CS_W3AF_PROFILE' : "/root/tools/w3af/profiles/fast_scan.pw3af",
@@ -28,5 +33,7 @@
             'CS_NESSUS_USER' : "nessus",
             'CS_NESSUS_PASS' : "nessus",
             'CS_NESSUS_PROFILE' : "Basic Network Scan",
+            # MSFRPC
+            'CS_MSF_TMP_WS' : 'enabled',
+            'CS_MSF_EXPORT' : 'enabled',
         }
-
diff --git a/scripts/cscan/cscan.py b/scripts/cscan/cscan.py
@@ -13,16 +13,26 @@
 from config import config
 
 def lockFile(lockfile):
-
     if os.path.isfile(lockfile):
         return False
     else:
         f = open(lockfile, 'w')
         f.close()
         return True
 
-def main():
+def target_list(script, categories):
+    dictionary = {
+        "network": "ips.txt",
+        "web": "websites.txt",
+        "extra": "ips.txt"
+    }
 
+    category = 'network'
+    for c in categories:
+        if os.path.exists(os.path.join('scripts', c, script)):
+            return dictionary[c]
+
+def main():
     lockf = ".lock.pod"
     if not lockFile(lockf):
         print "You can run only one instance of cscan (%s)" % lockf
@@ -31,31 +41,51 @@ def main():
     my_env = os.environ
     env = config.copy()
     env.update(my_env)
-    #Parser argument in command line
+
     parser = argparse.ArgumentParser(description='continues scanning on Faraday')
-    parser.add_argument('-p','--plugin', help='Scan only the following plugin ej: ./cscan.py -p nmap.sh', required=False)
+    parser.add_argument('-s','--script', help='Scan only the following script ej: ./cscan.py -p nmap.sh', required=False)
+    parser.add_argument('-S','--scripts', help='Scan the following scripts list ej: ./cscan.py -p nmap.sh,nikto.sh', required=False)
+    parser.add_argument('-c','--category', help='Scan only for given category ej: ./cscan.py -c network', required=False)
+    parser.add_argument('-t','--targets', help='Choose a custom target list ej: ./cscan.py -t custom-list.txt', required=False)
+    parser.add_argument('-o','--output', help='Choose a custom output directory', required=False)
+    parser.add_argument('-l','--log', help='Choose a custom log directory', required=False)
     args = parser.parse_args()
 
-    for dirpath, dnames, fnames in os.walk("./scripts/web/"):
-        for f in  fnames:
-            if args.plugin and args.plugin != f:
-                continue
-            script = os.path.join(dirpath, f)
-            cmd = "%s websites.txt output/" % (script)
-            print "Running: %s" % cmd
-            proc = subprocess.call(cmd, shell=True, stdin=None, stderr=subprocess.PIPE,  env=dict(env))
-
-    for dirpath, dnames, fnames in os.walk("./scripts/network/"):
-        for f in  fnames:
-            if args.plugin and args.plugin != f:
-                continue
-            script = os.path.join(dirpath, f)
-            cmd = "%s ips.txt output/" % (script)
-            print "Running: %s" % cmd
-            proc = subprocess.call(cmd, shell=True, stdin=None, stderr=subprocess.PIPE, env=dict(env))
-
-    #Remove lockfile           
+    output = 'output/'
+    if args.output:
+        output = args.output
+
+    logdir = 'log/'
+    if args.log:
+        logdir = args.log
+
+    for d in [logdir, output]:
+        if not os.path.isdir(d):
+            os.makedirs(d)
+
+    if args.script:
+        scripts = [args.script]
+    elif args.scripts:
+        scripts = args.scripts.split(",")
+    else:
+        scripts = env["CS_SCRIPTS"].split(",")
+
+    categories = env["CS_CATEGORIES"].split(",")
+    for category in categories:
+        env["PATH"] += ":%s" % os.path.abspath("./scripts/" + category)
+
+    for script in scripts:
+        if args.targets:
+            targets = args.targets
+        else:
+            targets = target_list(script, categories)
+
+        cmd = "%s %s %s %s" % (script, targets, output, logdir)
+        print "\n\nRunning: %s" % cmd
+        proc = subprocess.call(cmd, shell=True, stdin=None, env=dict(env))
+
+    #Remove lockfile
     os.remove(lockf)
 
 if __name__ == "__main__":
-    main()
+    main()
diff --git a/scripts/cscan/output/nmap_1442987141.xml b/scripts/cscan/output/nmap_1442987141.xml