Last active
March 9, 2020 10:54
-
-
Save guim1111/f8e74665141213dd65e49a2bc4351e99 to your computer and use it in GitHub Desktop.
This script is for OpenVas to have ips affectef for each vuln, usefull if you need to write a report of large scans and need all ips and ports that have each vuln
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pip3 install pandas | |
| #tested on ubuntu 18.04 python 3.7 | |
| #help from: https://beenje.github.io/blog/posts/parsing-html-tables-in-python-with-pandas/ | |
| #DESCRIPTION: with a file.html extracted from openvas with results, it show each vuln with assets that have, | |
| #usefull for massive scans and need to write a report | |
| #tip: use filter "rows=" at "Scans>Results" menu with a big number to be faster | |
| #url example: https://<IP_OPENVAS>:9392/omp?cmd=get_results&filter=first=301 rows=200 severity>6.9 rows=200 first=101 sort=vulnerability min_qod=70 apply_overrides=1 autofp=0&token=XXXXXXXXXXXXXXXXXXXXXXX | |
| #download (or copy) all content of page (like previous url) and put in a file that pass as argument | |
| #python3 getVulnCoincidence.py ./file.html | |
| import pandas as pd | |
| import sys | |
| __author__ = "guim1111" | |
| def main(): | |
| rawtable="" | |
| results=[] | |
| with open(sys.argv[1]) as infile: | |
| copy = False | |
| nomoreCopy = False | |
| for line in infile: | |
| #specific class for table we want on openvas | |
| if '<table class="gbntable">' in line: | |
| line = '<table class="gbntable">'+line.split('<table class="gbntable">')[1] | |
| copy = True | |
| if '</table>' in line: | |
| line = line.split('</table>')[0]+'</table>\n' | |
| nomoreCopy = True | |
| if copy: | |
| if nomoreCopy: | |
| copy = False | |
| copy2 = False | |
| rawtable=rawtable+line | |
| dfs = pd.read_html(rawtable, header=None) | |
| #only is first dataframe | |
| df=dfs[0] | |
| #to print dataframe | |
| with pd.option_context('display.max_rows', None, 'display.max_columns', None): | |
| print(df) | |
| #at this point, it has a dataframe with all values, from here to back, it can be used to read any table | |
| #recollect and order all data (vulnerability name, ip, port) | |
| #for more personalitzation, here can be described wich index is, default for openvas table | |
| vulnIndex=0 | |
| ipIndex=4 | |
| portIndex=5 | |
| for index, row in df.iterrows(): | |
| #flag = 1 if there is any coincidence in results | |
| flag=0 | |
| count=0 | |
| #check if x vuln is taked, before, if not, add it to results | |
| for vuln in results: | |
| if vuln[0] == row[vulnIndex]: | |
| flag=1 | |
| ipstr=str(row[ipIndex]) | |
| results[count].append(ipstr+" "+row[portIndex]) | |
| count+=1 | |
| break | |
| count+=1 | |
| if flag == 0: | |
| ipstr=str(row[ipIndex]) | |
| newvuln = [row[vulnIndex], (ipstr+" "+str(row[portIndex]))] | |
| results.append(newvuln) | |
| for vuln in results: | |
| print('--------New vuln----------') | |
| for asset in vuln: | |
| print(asset) | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment