PR
#76
Hello there :)
Issue:
I have ran into situation where nmap scanner return results where inside <script>
tag was more than 1 <table> tag. So while parsing raised Exception loke this:
Traceback (most recent call last):
File "/output_report.py", line 81, in <module>
main(*sys.argv[1:4], report_type=report_format)
File "/output_report.py", line 71, in main
parser.parse(data)
File "/contrib/parsers/flan_xml_parser.py", line 55, in parse
self.parse_host(hosts)
File "/contrib/parsers/flan_xml_parser.py", line 123, in parse_host
self.parse_port(ip_addr, p)
File "/contrib/parsers/flan_xml_parser.py", line 104, in parse_port
self.parse_script(ip_addr, port_num, app_name, scripts)
File "/contrib/parsers/flan_xml_parser.py", line 77, in parse_script
script_table = script['table']['table']
TypeError: list indices must be integers or slices, not str
On some port were 2 cpes:
ISC BIND 9.9.4 (cpe:/a:isc:bind:9.9.4) (cpe:/o:redhat:enterprise_linux:7)
XML fil after nmap scanning looks like this:
<port>
<script>
<table>
...
</table>
<table>
...
</table>
</script>
</port>I've decided to bring few fixes and handle this problem.
JsonReportBuilder class:
builder._buffer changes
Example of actual parsing results:
_buffer = {
"ips": [],
"vulnerable": {
"OpenSSH (cpe:\a:openbsd..)": {
"vulnerabilities": {
"cpe:\a:openbsd..": [],
},
"locations": {addr: [ports]},
}
"ISC BIND 9.9.4 (cpe:/a:isc:bind:9.9.4) (cpe:/o:redhat:enterprise_linux:7)": {
"vulnerabilities": {
"(cpe:/a:isc:bind:9.9.4)": [],
"(cpe:/o:redhat:enterprise_linux:7)": [],
}
"locations": {"addr": [ports]},
}
},
"not_vulnerable": [],
}ScanResult class:
flan_types.py changes:
class ScanResult:
self.vulns = defaultdict(list) # type: Dict[str, List[Vuln]]FlanXmlParser class:
parser.results:
{
'OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4) ': ScanResult,
...
}Core change
Core change is in the dict structure. Now parser.results dict items consists of ScanResult objects, which attribute vulns is dict (defaultdict(list)). So if there are two or more cpes in the same port, it won't break anymore.
PR
#76
Hello there :)
Issue:
I have ran into situation where nmap scanner return results where inside
<script>tag was more than 1
<table>tag. So while parsing raised Exception loke this:On some port were 2 cpes:
ISC BIND 9.9.4 (cpe:/a:isc:bind:9.9.4) (cpe:/o:redhat:enterprise_linux:7)XML fil after
nmapscanning looks like this:I've decided to bring few fixes and handle this problem.
JsonReportBuilder class:
builder._bufferchangesExample of actual parsing results:
ScanResult class:
flan_types.pychanges:FlanXmlParser class:
Core change
Core change is in the dict structure. Now
parser.resultsdict items consists of ScanResult objects, which attributevulnsis dict (defaultdict(list)). So if there are two or more cpes in the same port, it won't break anymore.