diff --git a/lib/msf/core/db_manager/import.rb b/lib/msf/core/db_manager/import.rb index 3f250363f7..8f2acde648 100644 --- a/lib/msf/core/db_manager/import.rb +++ b/lib/msf/core/db_manager/import.rb @@ -32,11 +32,13 @@ require 'rex/parser/wapiti_nokogiri' module Msf::DBManager::Import autoload :Acunetix, 'msf/core/db_manager/import/acunetix' + autoload :Amap, 'msf/core/db_manager/import/amap' autoload :IP360, 'msf/core/db_manager/import/ip360' autoload :MsfXml, 'msf/core/db_manager/import/msf_xml' autoload :Qualys, 'msf/core/db_manager/import/qualys' include Msf::DBManager::Import::Acunetix + include Msf::DBManager::Import::Amap include Msf::DBManager::Import::IP360 include Msf::DBManager::Import::MsfXml include Msf::DBManager::Import::Qualys @@ -67,89 +69,6 @@ module Msf::DBManager::Import self.send "import_#{ftype}".to_sym, args, &block end - def import_amap_log(args={}, &block) - data = args[:data] - wspace = args[:wspace] || workspace - bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] - - data.each_line do |line| - next if line =~ /^#/ - next if line !~ /^Protocol on ([^:]+):([^\x5c\x2f]+)[\x5c\x2f](tcp|udp) matches (.*)$/n - addr = $1 - next if bl.include? addr - port = $2.to_i - proto = $3.downcase - name = $4 - host = find_or_create_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive, :task => args[:task]) - next if not host - yield(:address,addr) if block - info = { - :workspace => wspace, - :task => args[:task], - :host => host, - :proto => proto, - :port => port - } - if name != "unidentified" - info[:name] = name - end - service = find_or_create_service(info) - end - end - - def import_amap_log_file(args={}) - filename = args[:filename] - wspace = args[:wspace] || workspace - data = "" - ::File.open(filename, 'rb') do |f| - data = f.read(f.stat.size) - end - - case import_filetype_detect(data) - when :amap_log - import_amap_log(args.merge(:data => data)) - when :amap_mlog - import_amap_mlog(args.merge(:data => data)) - else - raise DBImportError.new("Could not determine file type") - end - end - - def import_amap_mlog(args={}, &block) - data = args[:data] - wspace = args[:wspace] || workspace - bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] - - data.each_line do |line| - next if line =~ /^#/ - r = line.split(':') - next if r.length < 6 - - addr = r[0] - next if bl.include? addr - port = r[1].to_i - proto = r[2].downcase - status = r[3] - name = r[5] - next if status != "open" - - host = find_or_create_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive, :task => args[:task]) - next if not host - yield(:address,addr) if block - info = { - :workspace => wspace, - :task => args[:task], - :host => host, - :proto => proto, - :port => port - } - if name != "unidentified" - info[:name] = name - end - service = find_or_create_service(info) - end - end - def import_appscan_noko_stream(args={},&block) if block doc = Rex::Parser::AppscanDocument.new(args,framework.db) {|type, data| yield type,data } diff --git a/lib/msf/core/db_manager/import/amap.rb b/lib/msf/core/db_manager/import/amap.rb new file mode 100644 index 0000000000..ed68c591eb --- /dev/null +++ b/lib/msf/core/db_manager/import/amap.rb @@ -0,0 +1,84 @@ +module Msf::DBManager::Import::Amap + def import_amap_log(args={}, &block) + data = args[:data] + wspace = args[:wspace] || workspace + bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] + + data.each_line do |line| + next if line =~ /^#/ + next if line !~ /^Protocol on ([^:]+):([^\x5c\x2f]+)[\x5c\x2f](tcp|udp) matches (.*)$/n + addr = $1 + next if bl.include? addr + port = $2.to_i + proto = $3.downcase + name = $4 + host = find_or_create_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive, :task => args[:task]) + next if not host + yield(:address,addr) if block + info = { + :workspace => wspace, + :task => args[:task], + :host => host, + :proto => proto, + :port => port + } + if name != "unidentified" + info[:name] = name + end + service = find_or_create_service(info) + end + end + + def import_amap_log_file(args={}) + filename = args[:filename] + wspace = args[:wspace] || workspace + data = "" + ::File.open(filename, 'rb') do |f| + data = f.read(f.stat.size) + end + + case import_filetype_detect(data) + when :amap_log + import_amap_log(args.merge(:data => data)) + when :amap_mlog + import_amap_mlog(args.merge(:data => data)) + else + raise DBImportError.new("Could not determine file type") + end + end + + def import_amap_mlog(args={}, &block) + data = args[:data] + wspace = args[:wspace] || workspace + bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] + + data.each_line do |line| + next if line =~ /^#/ + r = line.split(':') + next if r.length < 6 + + addr = r[0] + next if bl.include? addr + port = r[1].to_i + proto = r[2].downcase + status = r[3] + name = r[5] + next if status != "open" + + host = find_or_create_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive, :task => args[:task]) + next if not host + yield(:address,addr) if block + info = { + :workspace => wspace, + :task => args[:task], + :host => host, + :proto => proto, + :port => port + } + if name != "unidentified" + info[:name] = name + end + service = find_or_create_service(info) + end + end +end