On Friday August 14th. from 9 p.m. to 9:30 p.m., we will upgrade GitLab software and its cloud platform release. Service may not be available during this maintenance window. Please schedule your work accordingly.

Commit df94ea39 authored by Marcello Golfieri's avatar Marcello Golfieri

implemented ignore and restore action on ignore_vuln.php endpoint calls

parent 909536f1
......@@ -131,7 +131,7 @@ class Qapi:
else:
oxml = objectify.fromstring(response.text.encode("utf-8"))
return oxml
# I couldn't get the qualysapi python lib to work with remediation tickets, going manual
def get_scanner_appliances_list(self):
oxml = self._get_xml("/api/2.0/fo/appliance/", {"action": "list"})
......@@ -157,10 +157,14 @@ class Qapi:
raw_output=True,
)
def ignore_qid(self, hostname, qid):
params = {"action": "ignore"}
params.update({"ips": resolve_to_ip(hostname)})
oxml = self._get_xml("/msp/ignore_vuln.php", params)
def ignore_vuln(self, host, qids, comments="DEFAULT comment from qqualys for ignoring", action="ignore", days_to_reopen=None):
params = {"action": action,
"ips": resolve_to_ip(host),
"comments": comments,
"qids": qids}
if days_to_reopen and 1<days_to_reopen<730:
params.update({"reopen_ignored_days": days_to_reopen})
return self._get_xml("/msp/ignore_vuln.php", params)
def get_agents_by_tag_xml(self, tag):
params = """<ServiceRequest>
......@@ -389,13 +393,11 @@ if __name__ == "__main__":
required=True,
)
parser.add_argument(
"-i", "--interactive", action="store_true", help="don't return, go into Ipython"
)
parser.add_argument(
"-V",
"--version",
action="store_true",
help="Show rest API version supported by server",
"-H",
"--host",
action="store",
dest="host",
help="host target (can be FQDN, Stanford PQDN or IP address)",
)
parser.add_argument(
"-l",
......@@ -413,20 +415,9 @@ if __name__ == "__main__":
dest="appliance_lookup",
help="Get appliances associated to given FW zone tag (e.g. FOA, FOA2, etc",
)
parser.add_argument(
"-H",
"--host",
action="store",
dest="host",
help="host to query for known found vulnerabilities",
)
parser.add_argument(
"--lookup", action="store", dest="lookup", help="Resolve to host Asset id"
)
# parser.add_argument('-Q', '--query-host-asset', action='store', dest='query', help='Get host asset XML v2')
# ToDo verify the following:
parser.add_argument(
"-s", "--scan", action="store_true", help="Scan the server specified with -H"
)
......@@ -448,7 +439,6 @@ if __name__ == "__main__":
help="EXPERIMENTAL List all available agents and their info",
)
parser.add_argument(
"-I",
"--show_software_info",
action="store_true",
help="Show software info for QCA host asset",
......@@ -464,10 +454,45 @@ if __name__ == "__main__":
)
parser.add_argument(
"-q",
"--qid",
"--qids",
action="store",
dest="qid",
help="QID info to show (can be also range e.g. 90023-90040)",
dest="qids",
help="QID info to show (can be comma separated no spaces or range e.g. 90023-90040)",
)
parser.add_argument(
"-I",
"--ignore_vuln",
action="store_true",
help="Ignore vulnerability, needs -q -H and -C",
)
parser.add_argument(
"-C",
"--comment",
action="store",
dest="comment",
help="Comment field for commands needing one, e.g. -I",
)
parser.add_argument(
"-D",
"--days_to_reopen",
action="store",
dest="days_to_reopen",
help="(optional) Days to reopen ignored vulnerability (1-730)",
)
parser.add_argument(
"--action",
action="store",
dest="action",
help="Action to use when ignoring with -I (ignore, restore)",
)
parser.add_argument(
"-i", "--interactive", action="store_true", help="don't return, go into Ipython"
)
parser.add_argument(
"-V",
"--version",
action="store_true",
help="Show rest API version supported by server",
)
args = parser.parse_args()
......@@ -497,18 +522,22 @@ if __name__ == "__main__":
print(q.get_sw_inventory(args.host))
elif args.list_scans:
print(q.get_scans_list(args.username))
elif args.scan and args.host:
print("Starting new scan")
print(q.start_new_scan(args.host))
elif args.host and args.tickets:
sorted_list = q.get_remediation_tickets_list(args.host)
elif args.report and args.host:
sorted_list = q.get_host_vulnerabilities(args.host)
pprint([dict((key, x.__dict__.get(key)) for key in q.vm_fields) for x in sorted_list])
elif args.host:
print(q.get_asset_details_xml(args.host))
elif args.qid:
sorted_list = q.get_qid_info(args.qid)
if args.scan:
print("Starting new scan")
print(q.start_new_scan(args.host))
elif args.tickets:
sorted_list = q.get_remediation_tickets_list(args.host)
elif args.report:
sorted_list = q.get_host_vulnerabilities(args.host)
pprint([dict((key, x.__dict__.get(key)) for key in q.vm_fields) for x in sorted_list])
elif args.ignore_vuln:
oxml = q.ignore_vuln(args.host, args.qids, args.comment, args.action, args.days_to_reopen)
pprint(oxml.xpath('//*/text()'))
else: # Just args.host
print(q.get_asset_details_xml(args.host))
elif args.qids:
sorted_list = q.get_qid_info(args.qids)
pprint(sorted_list.xpath('//RESPONSE/VULN_LIST/VULN//*[text()]'))
else:
pass
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment