Commit a048c467 authored by Lorenzo Faletra's avatar Lorenzo Faletra

Import Upstream version 3.5.0

parent 421f9469
December 6th, 2018
* In GTK, check active_workspace its not null
* Add fbruteforce services fplugin
* Attachments can be added to a vulnerability through the API.
* Catch gaierror error on lynis plugin
* Add OR and NOT with parenthesis support on status report search
* Info API now is public
* Web UI now detects Appscan plugin
* Improve performance on the workspace using cusotm query
* Workspaces can be set as active/disable in welcome page.
* Change Nmap plugin, response field in VulnWeb now goes to Data field.
* Update code to support latest SQLAlchemy version
* Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns
* Attachments on a vulnerability can be deleted through the API.
* Improvement in the coverage of the tests.
* Redesgin of new/edit vulnerability forms
* Add new custom fields feature to vulnerabilities
* Add ./manage.py migrate to perform alembic migrations
* Faraday will use webargs==4.4.1 because webargs==5.0.0 fails with Python2
* New system for online plugins using Threads, a few fixes for metasploit plugin online also.
* Fix Command "python manage.py process-reports" now stops once all reports have been processed
* Fix bug in query when it checks if a vulnerability or a workspace exists
* Fix Once a workspace is created through the web UI, a folder with its name is created inside ~/.faraday/report/
* The manage.py now has a new support funtionality that creates a .zip file with all the information faraday's support team will need to throubleshoot your issue
* Status-check checks PostgreSQL encoding
* Fix a bug when fail importation of reports, command duration say "In Progress" forever.
* Fix confirmed bug in vulns API
* Update websockets code to use latest lib version
* bootstrap updated to v3.4.0
* Manage.py support now throws a message once it finishes the process.
* Update Lynis to its version 2.7.1
* Updated arp-scan plugin, added support in the Host class for mac address which was deprecated before v3.0
* OpenVAS Plugin now supports OpenVAS v-9.0.3
......@@ -2,38 +2,50 @@ IMPORTANT
===========
Please be kind to remove all your pyc files before running faraday if you are updating this piece of software.
Make sure you run ```./faraday.py --update``` the first time after an update!
Make sure you run ```./manage.py migrate``` the first time after an update!
New features in the latest update
=====================================
3.4:
3.5 [Jan 16th, 2019]:
---
* Redesgin of new/edit vulnerability forms
* Add new custom fields feature to vulnerabilities
* Add ./manage.py migrate to perform alembic migrations
* Faraday will use webargs==4.4.1 because webargs==5.0.0 fails with Python2
* New system for online plugins using Threads, a few fixes for metasploit plugin online also.
* Fix Command "python manage.py process-reports" now stops once all reports have been processed
* Fix bug in query when it checks if a vulnerability or a workspace exists
* Fix Once a workspace is created through the web UI, a folder with its name is created inside ~/.faraday/report/
* The manage.py now has a new support funtionality that creates a .zip file with all the information faraday's support team will need to throubleshoot your issue
* Status-check checks PostgreSQL encoding
* Fix a bug when fail importation of reports, command duration say "In Progress" forever.
* Fix confirmed bug in vulns API
* Update websockets code to use latest lib version
* bootstrap updated to v3.4.0
* Manage.py support now throws a message once it finishes the process.
* Update Lynis to its version 2.7.1
* Updated arp-scan plugin, added support in the Host class for mac address which was deprecated before v3.0
* OpenVAS Plugin now supports OpenVAS v-9.0.3
3.4 [December 6th, 2018]:
---
* In GTK, check active_workspace its not null
* Add fbruteforce services fplugin
* Attachments can be added to a vulnerability through the API.
* Catch gaierror error on lynis plugin
* Add OR and NOT with parenthesis support on status report search
* Info API now is public
* Web UI now detects Appscan plugin
* Improve performance on the workspace using cusotm query
* Workspaces can be set as active/disable in welcome page.
* Change Nmap plugin, response field in VulnWeb now goes to Data field.
* Update code to support latest SQLAlchemy version
* Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns
* Attachments on a vulnerability can be deleted through the API.
* Improvement in the coverage of the tests.
3.3 [Novemeber 14th, 2018]:
---
......
......@@ -2,7 +2,7 @@ IMPORTANT
===========
Please be kind to remove all your pyc files before running faraday if you are updating this piece of software.
Make sure you run ```./faraday.py --update``` the first time after an update!
Make sure you run ```./manage.py migrate``` the first time after an update!
New features in the latest update
......
......@@ -19,7 +19,7 @@ node (label: "master"){
stage ("Install Application Dependencies") {
sh """
source ${ENV_PATH}/bin/activate
pip install virtualenv responses
pip install virtualenv responses pytest-xdist
pip install -U -r $WORKSPACE/requirements.txt
pip install -U -r $WORKSPACE/requirements_server.txt
pip install -U -r $WORKSPACE/requirements_extras.txt
......@@ -70,7 +70,7 @@ node (label: "master"){
withCredentials([string(credentialsId: 'postgresql_connection_string', variable: 'CONN_STRING')]) {
sh """
source ${ENV_PATH}/bin/activate
cd $WORKSPACE && pytest -v --junitxml=$WORKSPACE/xunit-postgres.xml --connection-string "$CONN_STRING" || :
cd $WORKSPACE && pytest -v --junitxml=$WORKSPACE/xunit-postgres.xml --connection-string "$CONN_STRING" -n 15 || :
deactivate
"""
step([$class: 'CoberturaPublisher', autoUpdateHealth: false, autoUpdateStability: false, coberturaReportFile: '**/coverage.xml', failNoReports: false, failUnhealthy: false, failUnstable: false, maxNumberOfBuilds: 0, onlyStable: false, sourceEncoding: 'ASCII', zoomCoverageChart: false])
......
......@@ -97,51 +97,66 @@ Faraday supports CSV Exporting from its WEB UI.
## Presentations
* Ekoparty Security Conference - 2017:
* http://blog.infobytesec.com/2017/10/ekoparty-2017-review_23.html
* Ekoparty ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/argentina.png):
[2010](http://vimeo.com/16516987) -
[2014](https://www.youtube.com/watch?v=_j0T2S6Ppfo) -
[2017](http://blog.infobytesec.com/2017/10/ekoparty-2017-review_23.html) -
[2018](http://blog.infobytesec.com/2018/10/ekoparty-2018-review_18.html)
* Black Hat Arsenal Asia - 2017:
* https://www.blackhat.com/asia-17/arsenal.html#faraday
* Black Hat:
* USA ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/usa.png):
[2011](http://www.infobytesec.com/down/Faraday_BH2011_Arsenal.pdf) -
[2015](https://www.blackhat.com/us-15/arsenal.html#faraday) -
[2016](https://www.blackhat.com/us-16/arsenal.html#faraday) -
[2017](https://www.blackhat.com/us-17/event-sponsors.html#faraday) -
[2018](https://www.blackhat.com/us-18/event-sponsors.html#faraday)
* Zero Nights - 2016
* https://www.slideshare.net/AlexanderLeonov2/enterprise-vulnerability-management-zeronights16
* Asia ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/singapore.png):
[2016](https://www.blackhat.com/asia-16/arsenal.html#faraday) -
[2017](https://www.blackhat.com/asia-17/arsenal.html#faraday) -
[2018](https://www.blackhat.com/asia-18/arsenal.html#faraday-v3-collaborative-penetration-test-and-vulnerability-management-platform)
* AV Tokio - 2016:
* http://en.avtokyo.org/avtokyo2016/event
* Europe ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/europe.png):
[2015](https://www.blackhat.com/eu-15/arsenal.html#faraday) -
[2016](https://www.blackhat.com/eu-16/arsenal.html#faraday)
* Black Hat Arsenal USA - 2016:
* RSA USA ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/usa.png):
[2015](https://www.rsaconference.com/events/us15/expo-sponsors/exhibitor-list/1782/infobyte-llc)
* https://www.blackhat.com/us-16/arsenal.html#faraday
* HITBSecConf Dubai ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/uae.png):
[2018](https://conference.hitb.org/hitbsecconf2018dxb/hitb-armory/)
* Black Hat Arsenal Europe - 2016
* https://www.blackhat.com/eu-16/arsenal.html#faraday
* SecurityWeekly ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/usa.png):
[2016](http://securityweekly.com/2016/08/02/security-weekly-475-federico-kirschbaum/)
* SecurityWeekly - 2016:
* http://securityweekly.com/2016/08/02/security-weekly-475-federico-kirschbaum/
* Zero Nights ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/russia.png):
[2016](https://www.slideshare.net/AlexanderLeonov2/enterprise-vulnerability-management-zeronights16)
* Bsides Latam - 2016:
* http://www.infobytesec.com/down/Faraday_BsideLatam_2016.pdf
* AVTokyo ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/japan.png):
[2016](http://en.avtokyo.org/avtokyo2016/event) -
[2018](http://en.avtokyo.org/avtokyo2018/event)
* Black Hat Arsenal Asia - 2016:
* https://www.blackhat.com/asia-16/arsenal.html#faraday
* Tel Aviv-Yafo ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/israel.png):
[2018](https://www.meetup.com/infobyte/events/254031671/)
* Black Hat Arsenal Europe - 2015:
* https://www.blackhat.com/eu-15/arsenal.html#faraday
* SECCON ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/japan.png):
[2018](https://2018.seccon.jp/seccon/yorozu2018.html)
* Black Hat Arsenal USA - 2015:
* https://www.blackhat.com/us-15/arsenal.html#faraday
* http://blog.infobytesec.com/2015/08/blackhat-2015_24.html
* RSA - 2015:
* http://www.rsaconference.com/events/us15/expo-sponsors/exhibitor-list/1782/infobyte-llc
* http://blog.infobytesec.com/2015/05/infobyte-en-la-rsa-2015.html
* PyConAr ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/argentina.png):
[2018](https://eventos.python.org.ar/events/pyconar2018/activity/75/)
* Ekoparty Security Conference - 2014:
* https://www.youtube.com/watch?v=_j0T2S6Ppfo
* 8.8 Chile ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/chile.png):
[2018](http://blog.infobytesec.com/2018/11/chronicles-of-trip-to-santiago-88-review.html)
* Black Hat Arsenal - 2011
* http://www.infobytesec.com/down/Faraday_BH2011_Arsenal.pdf
* CharruaCon ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/uruguay.png):
[2018](https://charrua.org/presentaciones2018/Love_is_in_the_air__Reverse_Engineering_a_hitty_drone.pdf)
* Ekoparty Security Conference - 2010:
* http://prezi.com/fw46zt6_zgi8/faraday/
* http://vimeo.com/16516987
* NotPinkCon ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/argentina.png):
[2018](https://twitter.com/NotPinkCon)
* plusCODE ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/argentina.png):
[2018](http://pluscode.cc/portfolio_page/introduccion-practica-al-hardware-hacking/)
* BSides LATAM ![](https://raw.github.com/wiki/infobyte/faraday/images/flags/brazil.png):
[2016](http://www.infobytesec.com/down/Faraday_BsideLatam_2016.pdf)
......@@ -2,38 +2,50 @@ IMPORTANT
===========
Please be kind to remove all your pyc files before running faraday if you are updating this piece of software.
Make sure you run ```./faraday.py --update``` the first time after an update!
Make sure you run ```./manage.py migrate``` the first time after an update!
New features in the latest update
=====================================
3.4:
3.5 [Jan 16th, 2019]:
---
* Redesgin of new/edit vulnerability forms
* Add new custom fields feature to vulnerabilities
* Add ./manage.py migrate to perform alembic migrations
* Faraday will use webargs==4.4.1 because webargs==5.0.0 fails with Python2
* New system for online plugins using Threads, a few fixes for metasploit plugin online also.
* Fix Command "python manage.py process-reports" now stops once all reports have been processed
* Fix bug in query when it checks if a vulnerability or a workspace exists
* Fix Once a workspace is created through the web UI, a folder with its name is created inside ~/.faraday/report/
* The manage.py now has a new support funtionality that creates a .zip file with all the information faraday's support team will need to throubleshoot your issue
* Status-check checks PostgreSQL encoding
* Fix a bug when fail importation of reports, command duration say "In Progress" forever.
* Fix confirmed bug in vulns API
* Update websockets code to use latest lib version
* bootstrap updated to v3.4.0
* Manage.py support now throws a message once it finishes the process.
* Update Lynis to its version 2.7.1
* Updated arp-scan plugin, added support in the Host class for mac address which was deprecated before v3.0
* OpenVAS Plugin now supports OpenVAS v-9.0.3
3.4 [December 6th, 2018]:
---
* In GTK, check active_workspace its not null
* Add fbruteforce services fplugin
* Attachments can be added to a vulnerability through the API.
* Catch gaierror error on lynis plugin
* Add OR and NOT with parenthesis support on status report search
* Info API now is public
* Web UI now detects Appscan plugin
* Improve performance on the workspace using cusotm query
* Workspaces can be set as active/disable in welcome page.
* Change Nmap plugin, response field in VulnWeb now goes to Data field.
* Update code to support latest SQLAlchemy version
* Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns
* Attachments on a vulnerability can be deleted through the API.
* Improvement in the coverage of the tests.
3.3 [Novemeber 14th, 2018]:
---
......
......@@ -52,13 +52,11 @@ def startAPIs(plugin_controller, model_controller, hostname, port):
ioloop_instance = IOLoop.current()
_http_server = HTTPServer(WSGIContainer(app))
hostnames = [hostname]
#Fixed hostname bug
if hostname == "localhost":
hostnames.append("127.0.0.1")
print hostname
listening = False
for hostname in hostnames:
try:
......
......@@ -54,7 +54,7 @@ def main(workspace='', args=None, parser=None):
models.create_credential(workspace, obj)
old = models.get_credential(workspace, **params)
else:
print "A credential with ID %s already exists!" % old.getID()
print("A credential with ID %s already exists!" % old.getID())
return 2, None
return 0, old.getID()
......@@ -50,7 +50,7 @@ def main(workspace='', args=None, parser=None):
else:
return 0, None
else:
print "A host with ID %s already exists!" % old_host.getID()
print("A host with ID %s already exists!" % old_host.getID())
return 2, None
return 0, old_host.getID()
......@@ -54,7 +54,7 @@ def main(workspace='', args=None, parser=None):
models.create_service(workspace, obj)
old = models.get_service(workspace, **params)
else:
print "A service with ID %s already exists!" % old.getID()
print("A service with ID %s already exists!" % old.getID())
res_ids.append(old.getID())
......
......@@ -62,16 +62,16 @@ def main(workspace='', args=None, parser=None):
try:
old_id = ex.answer.json()['object']['_id']
except KeyError:
print "Vulnerability already exists. Couldn't fetch ID"
print("Vulnerability already exists. Couldn't fetch ID")
return 2, None
else:
print "A vulnerability with ID %s already exists!" % old_id
print("A vulnerability with ID %s already exists!" % old_id)
return 2, None
else:
print "Unknown error while creating the vulnerability"
print("Unknown error while creating the vulnerability")
return 2, None
except CantCommunicateWithServerError as ex:
print "Error while creating vulnerability:", ex.response.text
print("Error while creating vulnerability:", ex.response.text)
return 2, None
new = models.get_vulns(
......
......@@ -82,7 +82,7 @@ def main(workspace='', args=None, parser=None):
models.create_vuln_web(workspace, obj)
old = models.get_web_vuln(workspace, **params)
else:
print "A web vulnerability with ID %s already exists!" % old.getID()
print("A web vulnerability with ID %s already exists!" % old.getID())
return 2, None
return 0, old.getID()
......@@ -141,14 +141,14 @@ def show_options(workspace):
# Muestro los servicios en el workspace soportados por hydra, en formato tabla
table_services, services = show_table_services(workspace)
print table_services
print(table_services)
service = int(input_index("What service do you want to bruteforce?", len(services)))
# Verifico si el usuario quiere armar un diccionario con las credenciales
# guardadas en faraday o si quiere utilizar uno propio
print "\n[0] Choose a dictionary"
print "[1] Create dictionary from Faraday (based in credentials stored in Faraday)\n"
print("\n[0] Choose a dictionary")
print("[1] Create dictionary from Faraday (based in credentials stored in Faraday)\n")
dictionary = int(input_index("Options ", 2))
......@@ -160,19 +160,19 @@ def show_options(workspace):
else:
print "\n[*] Obtaining credentials from the workspace %s" % workspace
print("\n[*] Obtaining credentials from the workspace %s" % workspace)
user_faraday = save_targets(get_credentials(workspace, "username"))
passwd_faraday = save_targets(get_credentials(workspace, "password"))
print "[*] Credentials found: %s" % total_credentials(workspace)
print "\nUsername\t\tPassword"
print "--------\t\t--------"
print("[*] Credentials found: %s" % total_credentials(workspace))
print("\nUsername\t\tPassword")
print("--------\t\t--------")
for user, passw in zip(
open(user_faraday, "r"), open(passwd_faraday, "r")):
print "%s\t\t%s" % (user.strip(), passw.strip())
print("%s\t\t%s" % (user.strip(), passw.strip()))
return service, services, user_define_dictionary, user_faraday, passwd_faraday, usernames_dic_path, passwords_dic_path
......@@ -191,7 +191,7 @@ def save_targets(output):
def main(workspace='', args=None, parser=None):
print "\nThis script needs to be run inside from Faraday GTK.\n"
print("\nThis script needs to be run inside from Faraday GTK.\n")
if check_hydra():
service, services, user_define_dictionary, user_faraday, passwd_faraday, usernames_dic_path, passwords_dic_path = show_options(workspace)
......@@ -202,7 +202,7 @@ def main(workspace='', args=None, parser=None):
hydra_output = "/tmp/hydra_output-%s.txt" % time.time()
print "Running Hydra, please wait to finish the bruteforce...\n"
print("Running Hydra, please wait to finish the bruteforce...\n")
if user_define_dictionary:
......@@ -227,7 +227,7 @@ def main(workspace='', args=None, parser=None):
add_output(hydra_command2)
call(shlex.split(hydra_command2))
print "Processing information found in Faraday...\n"
print("Processing information found in Faraday...\n")
send_output(hydra_output)
return None, None
......
......@@ -67,11 +67,11 @@ def main(workspace='', args=None, parser=None):
Fore.RESET)
if not port_list and not parsed_args.no_filter:
print "Empty filter set."
print("Empty filter set.")
return 1, None
if parsed_args.additional_info and not parsed_args.no_filter:
print 'Filtering services for ports: ' + ', '.join(map(str, sorted(port_list)))
print('Filtering services for ports: ' + ', '.join(map(str, sorted(port_list))))
columns = filter(None, parsed_args.columns.split(','))
......@@ -97,21 +97,21 @@ def main(workspace='', args=None, parser=None):
lines += [column_data]
if not lines:
print "No services running on that port found."
print("No services running on that port found.")
return 0, None
col_width = max(len(word) for row in lines for word in row) + 2
if parsed_args.additional_info:
print ''.join(col.ljust(col_width) for col in columns)
print '-' * (col_width * len(columns))
print(''.join(col.ljust(col_width) for col in columns))
print('-' * (col_width * len(columns)))
if parsed_args.sorted:
# Compare lines using the first column (IP)
for row in sorted(lines, cmp=lambda l1, l2: cmp(l1[0], l2[0])):
print "".join(word.ljust(col_width) for word in row)
print("".join(word.ljust(col_width) for word in row))
else:
for row in lines:
print "".join(word.ljust(col_width) for word in row)
print("".join(word.ljust(col_width) for word in row))
return 0, None
......@@ -121,7 +121,7 @@ def dispatch(args, unknown, user_help, username, password):
ret, obj_id = call_main(workspace=args.workspace, args=unknown, parser=new_parser)
if obj_id is not None:
print obj_id
print(obj_id)
else:
# Use old API to call plugin
sys.stderr.write(Fore.YELLOW +
......@@ -133,7 +133,7 @@ def dispatch(args, unknown, user_help, username, password):
ret = 0
if args.interactive:
# print 'code = %d' % ret
# print ('code = %d' % ret)
return obj_id
else:
sys.exit(ret)
......@@ -192,7 +192,7 @@ if __name__ == '__main__':
dispatch(args, unknown, parser.format_help(), args.username, args.password)
else:
# print "Loading command history..."
# print ("Loading command history...")
histfile = os.path.join(CONF.getDataPath(), ".faraday_hist")
readline.parse_and_bind('tab: complete')
atexit.register(readline.write_history_file, histfile)
......@@ -204,8 +204,8 @@ if __name__ == '__main__':
except IOError:
pass
print "Welcome to interactive Faraday!"
print "Press CTRL-D or run 'exit' to quit interactive mode."
print("Welcome to interactive Faraday!")
print("Press CTRL-D or run 'exit' to quit interactive mode.")
last_id = None
while True:
......
......@@ -51,13 +51,13 @@ def getCweData(couch_url):
if dict == {}:
return None
else:
print 'Get CWE data: OK\n'
print('Get CWE data: OK\n')
return dict
elif response_code == 401:
print 'Autorization required, make sure to add user:pwd to Couch URI'
print('Autorization required, make sure to add user:pwd to Couch URI')
else:
print 'Error couchDB: ' + str(response_code) + str(r.text)
print('Error couchDB: ' + str(response_code) + str(r.text))
def checkSeverity(vuln, cwe_dict, severity_choose, workspace, couch_url):
......@@ -73,7 +73,7 @@ def checkSeverity(vuln, cwe_dict, severity_choose, workspace, couch_url):
if vuln._name in cwe_dict and severity_dict[vuln.severity] <= severity_dict[severity_choose]:
print 'Change: ' + vuln._name + ' to ' + cwe_dict[vuln._name]
print('Change: ' + vuln._name + ' to ' + cwe_dict[vuln._name])
# Get object Vuln
response = requests.get(
......@@ -93,10 +93,10 @@ def checkSeverity(vuln, cwe_dict, severity_choose, workspace, couch_url):
)
if update.status_code == 200 or update.status_code == 201:
print 'Change OK\n'
print('Change OK\n')
else:
print 'Error in update Vulnerability, status code: ' + str(update.status_code)
print update.text
print('Error in update Vulnerability, status code: ' + str(update.status_code))
print(update.text)
def main(workspace='', args=None, parser=None):
......@@ -108,7 +108,7 @@ def main(workspace='', args=None, parser=None):
cwe = getCweData(parsed_args.couchdb)
if cwe is None:
print 'CWE DB not downloaded....EXIT'
print('CWE DB not downloaded....EXIT')
return 2, None
for host in models.get_hosts(workspace):
......
......@@ -133,7 +133,7 @@ def parse_host(register):
datetime_object = datetime.strptime(date, "%m/%d/%Y")
host._metadata.create_time = mktime(datetime_object.timetuple())
except Exception:
print "Invalid date", host.name
print("Invalid date", host.name)
return host
......@@ -184,7 +184,7 @@ def parse_vulnerability(register):
datetime_object = datetime.strptime(date, "%m/%d/%Y")
vulnerability._metadata.create_time = mktime(datetime_object.timetuple())
except Exception:
print "Invalid date", vulnerability.name
print("Invalid date", vulnerability.name)
return vulnerability
......@@ -222,7 +222,7 @@ def parse_vulnerability_web(register):
datetime_object = datetime.strptime(date, "%m/%d/%Y")
vulnerability_web._metadata.create_time = mktime(datetime_object.timetuple())
except Exception:
print "Invalid date", vulnerability_web.name
print("Invalid date", vulnerability_web.name)
return vulnerability_web
......@@ -235,13 +235,13 @@ def main(workspace="", args=None, parser=None):
parsed_args = parser.parse_args(args)
if not parsed_args.csv:
print "Error: Give a CSV file to import with --csv"
print("Error: Give a CSV file to import with --csv")
return 2, None
try:
file_csv = open(parsed_args.csv, "r")
except:
print "Error: Unreadeable CSV file, check the path"
print("Error: Unreadeable CSV file, check the path")
raise
counter = 0
......@@ -257,7 +257,7 @@ def main(workspace="", args=None, parser=None):
counter += 1
print "New host: " + host.getName()
print("New host: " + host.getName())
try:
models.create_host(WORKSPACE, host)
except Exception as ex:
......@@ -276,7 +276,7 @@ def main(workspace="", args=None, parser=None):
if not old_service:
counter += 1
print "New service: " + service.getName()
print("New service: " + service.getName())
models.create_service(WORKSPACE, service)
service = models.get_service(WORKSPACE, **service_params)
......@@ -301,7 +301,7 @@ def main(workspace="", args=None, parser=None):
if not models.get_vuln(WORKSPACE, **vuln_params):
counter += 1
print "New vulnerability: " + vulnerability.getName()
print("New vulnerability: " + vulnerability.getName())
models.create_vuln(WORKSPACE, vulnerability)
elif vulnerability_web is not None:
......@@ -320,13 +320,13 @@ def main(workspace="", args=None, parser=None):
if not models.get_web_vuln(WORKSPACE, **vuln_web_params):
counter += 1
print "New web vulnerability: " + vulnerability_web.getName()
print("New web vulnerability: " + vulnerability_web.getName())
models.create_vuln_web(WORKSPACE, vulnerability_web)
except ConflictInDatabase:
print('Conflict in Database, skiping csv row')
except CantCommunicateWithServerError as ex:
print(register)
print('Error', ex)
print "[*]", counter, "new Faraday objects created."
print("[*]", counter, "new Faraday objects created.")
file_csv.close()
return 0, None
......@@ -32,12 +32,12 @@ def main(workspace='', args=None, parser=None):
from pcapfile import savefile
import pcapfile
except ImportError:
print 'capfile not found, please install it to use this plugin.' \
' You can do it executing pip2 install pcapfile in a shell.'
print('capfile not found, please install it to use this plugin.' \
' You can do it executing pip2 install pcapfile in a shell.')
return 1, None
if not os.path.isfile(parsed_args.pcap):
print "pcap file not found: " % parsed_args.pcap
print("pcap file not found: " % parsed_args.pcap)
return 2, None
testcap = open(parsed_args.pcap, 'rb')
......@@ -45,10 +45,10 @@ def main(workspace='', args=None, parser=None):
try:
capfile = savefile.load_savefile(testcap, layers=2, verbose=parsed_args.verbose)
except pcapfile.Error:
print "Invalid pcap file"