guim1111/getVulnConcurrence.py

## getVulnConcurrence.py
#pip3 install pandas
#tested on ubuntu 18.04 python 3.7
#help from: https://beenje.github.io/blog/posts/parsing-html-tables-in-python-with-pandas/
#DESCRIPTION: with a file.html extracted from openvas with results, it show each vuln with assets that have,
#usefull for massive scans and need to write a report
#tip: use filter "rows=" at "Scans>Results" menu with a big number to be faster
#url example: https://<IP_OPENVAS>:9392/omp?cmd=get_results&filter=first=301 rows=200 severity>6.9 rows=200 first=101 sort=vulnerability min_qod=70 apply_overrides=1 autofp=0&token=XXXXXXXXXXXXXXXXXXXXXXX
#download (or copy) all content of page (like previous url) and put in a file that pass as argument

#python3 getVulnCoincidence.py ./file.html

import pandas as pd
import sys

__author__ = "guim1111"

def main():
    rawtable=""
    results=[]

    with open(sys.argv[1]) as infile:
        copy = False
        nomoreCopy = False
        for line in infile:
            #specific class for table we want on openvas
            if '<table class="gbntable">' in line:
                line = '<table class="gbntable">'+line.split('<table class="gbntable">')[1]
                copy = True
            if '</table>' in line:
                line = line.split('</table>')[0]+'</table>\n'
                nomoreCopy = True
            if copy:
                if nomoreCopy:
                    copy = False
                    copy2 = False
                rawtable=rawtable+line

    dfs = pd.read_html(rawtable, header=None)

    #only is first dataframe
    df=dfs[0]

    #to print dataframe
    with pd.option_context('display.max_rows', None, 'display.max_columns', None):
        print(df)


    #at this point, it has a dataframe with all values, from here to back, it can be used to read any table

    #recollect and order all data (vulnerability name, ip, port)
    #for more personalitzation, here can be described wich index is, default for openvas table
    vulnIndex=0
    ipIndex=4
    portIndex=5

    for index, row in df.iterrows():

        #flag = 1 if there is any coincidence in results
        flag=0
        count=0
        #check if x vuln is taked, before, if not, add it to results
        for vuln in results:
            if vuln[0] == row[vulnIndex]:
                flag=1
                ipstr=str(row[ipIndex])
                results[count].append(ipstr+" "+row[portIndex])
                count+=1
                break
            count+=1
        if flag == 0:
            ipstr=str(row[ipIndex])
            newvuln = [row[vulnIndex], (ipstr+" "+str(row[portIndex]))]
            results.append(newvuln)

    for vuln in results:
        print('--------New vuln----------')
        for asset in vuln:
            print(asset)


if __name__ == "__main__":
    main()
	#pip3 install pandas
	#tested on ubuntu 18.04 python 3.7
	#help from: https://beenje.github.io/blog/posts/parsing-html-tables-in-python-with-pandas/
	#DESCRIPTION: with a file.html extracted from openvas with results, it show each vuln with assets that have,
	#usefull for massive scans and need to write a report
	#tip: use filter "rows=" at "Scans>Results" menu with a big number to be faster
	#url example: https://<IP_OPENVAS>:9392/omp?cmd=get_results&filter=first=301 rows=200 severity>6.9 rows=200 first=101 sort=vulnerability min_qod=70 apply_overrides=1 autofp=0&token=XXXXXXXXXXXXXXXXXXXXXXX
	#download (or copy) all content of page (like previous url) and put in a file that pass as argument

	#python3 getVulnCoincidence.py ./file.html

	import pandas as pd
	import sys

	__author__ = "guim1111"

	def main():
	rawtable=""
	results=[]

	with open(sys.argv[1]) as infile:
	copy = False
	nomoreCopy = False
	for line in infile:
	#specific class for table we want on openvas
	if '<table class="gbntable">' in line:
	line = '<table class="gbntable">'+line.split('<table class="gbntable">')[1]
	copy = True
	if '</table>' in line:
	line = line.split('</table>')[0]+'</table>\n'
	nomoreCopy = True
	if copy:
	if nomoreCopy:
	copy = False
	copy2 = False
	rawtable=rawtable+line

	dfs = pd.read_html(rawtable, header=None)

	#only is first dataframe
	df=dfs[0]

	#to print dataframe
	with pd.option_context('display.max_rows', None, 'display.max_columns', None):
	print(df)


	#at this point, it has a dataframe with all values, from here to back, it can be used to read any table

	#recollect and order all data (vulnerability name, ip, port)
	#for more personalitzation, here can be described wich index is, default for openvas table
	vulnIndex=0
	ipIndex=4
	portIndex=5

	for index, row in df.iterrows():

	#flag = 1 if there is any coincidence in results
	flag=0
	count=0
	#check if x vuln is taked, before, if not, add it to results
	for vuln in results:
	if vuln[0] == row[vulnIndex]:
	flag=1
	ipstr=str(row[ipIndex])
	results[count].append(ipstr+" "+row[portIndex])
	count+=1
	break
	count+=1
	if flag == 0:
	ipstr=str(row[ipIndex])
	newvuln = [row[vulnIndex], (ipstr+" "+str(row[portIndex]))]
	results.append(newvuln)

	for vuln in results:
	print('--------New vuln----------')
	for asset in vuln:
	print(asset)


	if __name__ == "__main__":
	main()