Coder Social home page Coder Social logo

thegroundzero / openvasreporting_server Goto Github PK

View Code? Open in Web Editor NEW
3.0 3.0 1.0 18 KB

OpenVAS Reporting Server: Automatically receive and parse OpenVAS XML reports using OpenVAS Reporting

License: GNU General Public License v3.0

Python 100.00%

openvasreporting_server's People

Contributors

thegroundzero avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar

Forkers

jtho162

openvasreporting_server's Issues

Python socket closes stream before client finishes sending data

The stream closes as soon as the buffer is full so only the first 1024 bytes of a report are received.

def setup_socket(host, port, report_format):
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.bind((host, int(port)))
        print('Server started on {}:{}'.format(host, str(port)))
        print('Will create reports in {} format'.format(report_format))

        s.listen(5)

        while True:
            conn, addr = s.accept()

            file = create_temp_file()
            print('Temp file creates at: {}'.format(file))

            with conn:
                print('Connected by: {}'.format(addr))
                while True:
                    data = conn.recv(1024)
                    if not data:
                        break

                    print('Received data, writing to temp file at: {}'.format(file))
                    write_to_file(file, data)

                    report = '{}/openvas_report_{}'.format(os.getcwd(), file)
                    print('Writing report to: {}.{}'.format(report, report_format))
                    config = openvasreporting.create_config([file], report, filetype=report_format)
                    openvasreporting.convert(config)

            print('Connection closed')
            os.remove(file)

This is because the final report starts being written/converted from the tmp report at the same time which kills the loop and shuts down the socket.

Move lines 62 & 63 to the previous/first loop:

def setup_socket(host, port, report_format):
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.bind((host, int(port)))
        print('Server started on {}:{}'.format(host, str(port)))
        print('Will create reports in {} format'.format(report_format))

        s.listen(5)

        while True:
            conn, addr = s.accept()

            file = create_temp_file()
            print('Temp file creates at: {}'.format(file))

            with conn:
                print('Connected by: {}'.format(addr))
                buffer = 8192
                while True:
                    data = conn.recv(buffer)
                    if not data:
                        break
                    print('Received data, writing to temp file at: {}'.format(file))
                    write_to_file(file, data)

                    report = '{}/openvas_report_{}'.format(os.getcwd(), file)
                    print('Writing report to: {}.{}'.format(report, report_format))

            config = openvasreporting.create_config([file], report, filetype=report_format)
            openvasreporting.convert(config)

            print('Connection closed')
            os.remove(file)

This works and writes the full report before beginning the conversion. Forgive me if I got some terminology wrong, I'm new to python.

Hostnames are not populated - xlsx and docx

Tried to go through some of the python code and figure out how the "Hostname" field was being populated.. but alas I am no expert

When exporting to xlsx, there is a Host name field on the vulnerability tabs.
This is just marked as "-"

Ask questions, and I will try and explain more if needed

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.