# Site

In [None]:
import sys
import json
import datetime
import pandas as pd
import requests, urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

from insightvm_authen import InsightvmAuthentication

In [None]:
HOSTNAME = InsightvmAuthentication().getHostname()
HEADER = InsightvmAuthentication().getRequestHeader()
# HOSTNAME, HEADER

# Create Site Scan

In [None]:
def createSiteScan(siteName="", templateId="", engineId="", includeAssetIP=[], includedAssetGroups=[], excludeAssetIP=[], excludedAssetGroups=[]):
    createSiteScanURL = HOSTNAME + "api/3/sites/"

    print("\nCreate New Site Scan")
    print("Hostname : " + createSiteScanURL)
    
    payloads = {
        "description": "",
        "name": siteName,
        "engineId": str(engineId),
        "scan": {
            "assets" : {
                "includedTargets" : {},
                "excludeAssetIP" : {},
                "includedAssetGroups" : {},
                "excludedAssetGroups" : {}
            }
        },
        "scanTemplateId": str(templateId)
    }
    
    if includeAssetIP!=[]:
        payloads["scan"]["assets"]["includedTargets"]["addresses"] = includeAssetIP
    if excludeAssetIP!=[]:
        payloads["scan"]["assets"]["excludeAssetIP"]["addresses"] = excludeAssetIP
    if includedAssetGroups!=[]:
        payloads["scan"]["assets"]["includedAssetGroups"]["assetGroupIDs"] = includedAssetGroups
    if excludedAssetGroups!=[]:
        payloads["scan"]["assets"]["excludedAssetGroups"]["assetGroupIDs"] = excludeAssetIP

#     print(payloads)
    r = requests.post(createSiteScanURL, data=json.dumps(payloads), headers=HEADER, verify=False)
    if r.status_code == 201:
        r = r.json()
        if "id" in r:
            print("[Successful] Create Site Scan ID : " + str(id))
            return r["id"]
        else:
            print("[Error] Can not start a site scan")
            sys.exit()
    else:
        print(r.status_code)
        print(r.text)

In [None]:
siteName = "Test Jenkins"
templateId = "test-get-os-"
engineId = "1"

In [None]:
includeAssetIP = ["192.168.1.1", "192.168.1.2", "192.168.1.3"]
includedAssetGroups = []
excludeAssetIP = []
excludedAssetGroups = []


In [None]:
siteID = createSiteScan(siteName=siteName, templateId=templateId, engineId=engineId, includeAssetIP=includeAssetIP)
siteID

# Define Site Scan Credential

In [None]:
def addSiteScanCredential(siteId="", credentialName="", credentialAccount={}, assetIP=""):
    addSiteScanCredentialURL = HOSTNAME + "api/3/sites/" + str(siteId) + "/site_credentials/"
    
    payloads = {
        "account": credentialAccount,
        "description": "",
        "enable": "true",
        "hostRestriction": assetIP,
        "name": credentialName
    }


    r = requests.post(addSiteScanCredentialURL, data=json.dumps(payloads), headers=HEADER,  verify=False)
    if r.status_code == 201:
        r = r.json()
        if "id" in r:
            print("[Successful] Create Site Scan ID : " + str(id))
            return r["id"]
        else:
            print("[Error] Can not start a site scan")
            sys.exit()

In [None]:
def generateWindowsCredentialAccount(domain="", username="", password=""):
    credentialAccount = {
        "service": "cifs", 
        "username": username,
        "password": password 
    }
    
    if domain != "":
        credentialAccount["domain"] = domain
    
    return credentialAccount

In [None]:
def generateLinuxCredentialAccount(username="", password="", permissionElevationId=0, permissionElevationUsername=""):
    credentialAccount = {
        "service": "ssh", 
        "username": username,
        "password": password 
    }
    
    permissionElevations = ["none", "sudo", "sudosu", "su", "pbrun", "privileged-exec"]
    
    if permissionElevationId != 0:
        credentialAccount["permissionElevations"] = permissionElevations["permissionElevationId"]
        credentialAccount["permissionElevationUsername"] = permissionElevationUsername
    
    return credentialAccount

In [None]:
def generateOracleDBCredentialAccount(sid="", username="", password=""):
    credentialAccount = {
        "service": "oracle", 
        "username": username,
        "password": password 
    }
    
    if sid != "":
        credentialAccount["sid"] = sid
    
    return credentialAccount

In [None]:
def generateMySQLCredentialAccount(database="", username="", password=""):
    credentialAccount = {
        "service": "mysql", 
        "username": username,
        "password": password 
    }
    
    if database != "":
        credentialAccount["database"] = database
    
    return credentialAccount

In [None]:
def generateMsSQLCredentialAccount(database="", username="", password="", useWindowsAuthentication=False, domain=""):
    credentialAccount = {
        "service": "ms-sql", 
        "username": username,
        "password": password 
    }
    
    if database != "":
        credentialAccount["database"] = database
        
    if useWindowsAuthentication:
        credentialAccount["useWindowsAuthentication"] = "true"
        credentialAccount["domain"] = domain
    
    return credentialAccount

In [None]:
def generateDB2CredentialAccount(database="", username="", password=""):
    credentialAccount = {
        "service": "db2", 
        "username": username,
        "password": password 
    }
    
    if database != "":
        credentialAccount["database"] = database
    
    return credentialAccount

In [None]:
def generatePostgreSQLCredentialAccount(database="", username="", password=""):
    credentialAccount = {
        "service": "postgresql", 
        "username": username,
        "password": password 
    }
    
    if database != "":
        credentialAccount["database"] = database
    
    return credentialAccount

In [None]:
def generateTelnetCredentialAccount(username="", password=""):
    credentialAccount = {
        "service": "telnet ", 
        "username": username,
        "password": password 
    }
    
    return credentialAccount

In [None]:
siteId=""
credentialName=""
assetIP=""

In [None]:
credentialAccount = generateWindowsCredentialAccount(username="", password="")

In [None]:
addSiteScanCredential(siteId=siteId, credentialName=credentialName, credentialAccount=credentialAccount, assetIP=assetIP)

# Get Site Information By Site ID

In [None]:
def getSiteInfoById(siteId=""):
    getSiteInfoByIdURL = HOSTNAME + "api/3/sites/" + str(siteId)

    print("Hostname : " + getSiteInfoByIdURL)
    r = requests.get(getSiteInfoByIdURL, headers=HEADER, verify=False)
    if r.status_code == 200:
        r = r.json()
        return r
    else:
        print(r.status_code)

In [None]:
def extractSiteInfo(data={}):
    return {
        "siteId": data["id"],
        "siteName": data["name"],
        "siteRiskScore": data["riskScore"],
        "scanTemplateId": data["scanTemplate"],
        "scanEngineId": data["scanEngine"],
        "siteLastScanTime": data["lastScanTime"],
        "siteVulnerabilities": data["vulnerabilities"]
    }

In [None]:
siteId = "1234"

In [None]:
siteInfo = getSiteInfoById(siteId=siteId)
# siteInfo =  extractSiteInfo(data=siteInfo)

In [None]:
del siteInfo["links"]
pd.DataFrame([siteInfo])

# Start Site Scans

In [None]:
def startSiteScanID(siteID="", scanName="", templateId="", engineId="", hosts=[], assetGroupIds=[]):
    scanURL = HOSTNAME + "api/3/sites/" + str(siteId) + "/scans"

    print("\nStart New Site Scan")
    print("Hostname : " + scanURL)

    params = {
        "overrideBlackout" : "false"
    }
    
    payloads = {
        "name" : str(scanName),
        "templateId" : str(templateId),
        "engineId" : str(engineId)
    }
    
    if hosts != []:
        payloads["hosts"] = hosts
    if assetGroupIds != []:
        payloads["assetGroupIds"] = assetGroupIds
    
    try:
        r = requests.post(scanURL, data=json.dumps(payloads), headers=HEADER, verify=False, timeout=60)
        if r.status_code == 200:
            r = r.json()
            if "id" in r:
                print("[Successful] ScanId : " + str(id))
                return r["id"]
            else:
                print("[Error] Can not start a site scan")
                sys.exit()
    except requests.exceptions.ReadTimeout: 
        print("[Time Out] Don't wait for response")

In [None]:
siteID = "1234"
scanName = "jenkins-test-001"
templateId = "test-get-os-version"
engineId = "1"
hosts = []
assetGroupIds = []

In [None]:
scanId = startSiteScanID(siteID=siteID, scanName=scanName, templateId=templateId, engineId=engineId, hosts=hosts, assetGroupIds=assetGroupIds)
scanId

# Check Site Scan Status

In [None]:
def getSiteScanStatus(siteId="", activeSite=""):
    getSiteScanStatusURL = HOSTNAME + "api/3/sites/" + str(siteId) + "/scans"
    print("Hostname : " + getSiteScanStatusURL)
    
    params = {
        "active" : str(activeSite),
        "page" : "0",
        "size" : "1",
        "sort" : "ASC" 
    }
    
    r = requests.get(getSiteScanStatusURL, params=params, headers=HEADER, verify=False)
    
    if r.status_code == 200:
        r = r.json()
        if "resources" in r and r["resources"] != []:
            return r["resources"]
        else:
            print("[Error] Not Found Active Scan")
    else:
        print("[Error] Request Connection Error.")
        print(r.status_code)
        print(r.text)

In [None]:
siteId = "1289"

activeSite = "true"
# activeSite="false"

In [None]:
siteScanStatus = getSiteScanStatus(siteId=siteId, activeSite=activeSite)

In [None]:
def convertToTimeFormat(time=None):
    fromTime = datetime.datetime.strptime(time, "%Y-%m-%dT%H:%M:%S.%fZ")
    return str(datetime.datetime.strftime(fromTime, '%Y-%m-%d %H:%M:%S'))

In [None]:
siteScanStatus[0]["id"], siteScanStatus[0]["status"], convertToTimeFormat(time=siteScanStatus[0]["startTime"])

In [None]:
pd.DataFrame(siteScanStatus)