-
Notifications
You must be signed in to change notification settings - Fork 90
/
Copy pathmonthly-report-gos24.10.gmp.py
118 lines (88 loc) · 3.2 KB
/
monthly-report-gos24.10.gmp.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# SPDX-FileCopyrightText: 2017-2024 Greenbone AG
#
# SPDX-License-Identifier: GPL-3.0-or-later
import sys
from argparse import Namespace
from datetime import date, timedelta
from gvm.protocols.gmp import Gmp
from terminaltables import AsciiTable
def check_args(args: Namespace) -> None:
len_args = len(args.script) - 1
if len_args < 2:
message = """
This script will display all vulnerabilities from the hosts of the
reports in a given month!
It needs two parameters after the script name.
First one is the month and second one is the year.
Both parameters are plain numbers, so no text.
Explicitly made for GOS 24.10.
1. <month> -- month of the monthly report
2. <year> -- year of the monthly report
Example:
$ gvm-script --gmp-username name --gmp-password pass \
ssh --hostname <gsm> scripts/monthly-report2.gmp.py 05 2019
"""
print(message)
sys.exit()
def print_reports(gmp: Gmp, from_date: date, to_date: date) -> None:
host_filter = (
f"rows=-1 and modified>{from_date.isoformat()} "
f"and modified<{to_date.isoformat()}"
)
hosts_xml = gmp.get_hosts(filter_string=host_filter)
sum_critical = 0
sum_high = 0
sum_medium = 0
sum_low = 0
table_data = [
["Hostname", "IP", "Bericht", "critical", "high", "medium", "low"]
]
for host in hosts_xml.xpath("asset"):
ip = host.xpath("name/text()")[0]
hostnames = host.xpath(
'identifiers/identifier/name[text()="hostname"]/../value/text()'
)
if len(hostnames) == 0:
continue
hostname = hostnames[0]
results = gmp.get_results(
details=False, filter=f"host={ip} and severity>0.0"
)
low = int(results.xpath('count(//result/threat[text()="Low"])'))
sum_low += low
medium = int(results.xpath('count(//result/threat[text()="Medium"])'))
sum_medium += medium
high = int(results.xpath('count(//result/threat[text()="High"])'))
sum_high += high
critical = int(
results.xpath('count(//result/threat[text()="Critical"])')
)
sum_critical += critical
best_os_cpe_report_id = host.xpath(
'host/detail/name[text()="best_os_cpe"]/../source/@id'
)[0]
table_data.append(
[hostname, ip, best_os_cpe_report_id, critical, high, medium, low]
)
table = AsciiTable(table_data)
print(f"{table.table}\n")
print(
f"Summary of results from {from_date.isoformat()} "
f"to {to_date.isoformat()}"
)
print(f"Critical: {int(sum_critical)}")
print(f"High: {int(sum_high)}")
print(f"Medium: {int(sum_medium)}")
print(f"Low: {int(sum_low)}\n\n")
def main(gmp: Gmp, args: Namespace) -> None:
# pylint: disable=undefined-variable
check_args(args)
month = int(args.script[1])
year = int(args.script[2])
from_date = date(year, month, 1)
to_date = from_date + timedelta(days=31)
# To have the first day in month
to_date = to_date.replace(day=1)
print_reports(gmp, from_date, to_date)
if __name__ == "__gmp__":
main(gmp, args)