Implement advanced vulnerability classification

105bf8b9 · Gioacchino Vino · 47272ba7 · 105bf8b9 · 105bf8b9
Commit 105bf8b9 authored 9 months ago by Gioacchino Vino
--- a/files/gvm_library.py
+++ b/files/gvm_library.py
@@ -462,18 +462,17 @@ class Task:
        with open(filename, "wb") as fh:
            fh.write(base64.b64decode(code))

-    def get_report(self) -> pd.DataFrame:
+    def get_report(self) -> Dict[str,Tuple]:
        res = self.client.get_report(self.report_id,
                                     report_format_id=ReportFormats.anonymous_xml,
                                     ignore_pagination=True,
                                     details="1")
-        oids: list[str] = res.xpath('report/report/results/result/nvt/@oid')
-        sev: list[str] = res.xpath('report/report/results/result/nvt/severities/@score')
-        treats: list[str] = res.xpath('report/report/results/result/threat/text()')
-        ports: list[str] = res.xpath('report/report/results/result/port/text()')
-        df = pd.DataFrame({"oids": oids, "sev": sev, "threats": treats, "ports": ports})    
-        df['sev'] = df['sev'].astype(float)
-        return df
+        oids: tuple[str] = tuple(res.xpath('report/report/results/result/nvt/@oid'))
+        sev: tuple[str] = tuple(res.xpath('report/report/results/result/nvt/severities/@score'))
+        threat: tuple[str] = tuple(res.xpath('report/report/results/result/threat/text()'))
+        ports: tuple[str] = tuple(res.xpath('report/report/results/result/port/text()'))
+        sev = tuple(map(float,sev))
+        return {"oids":oids, "severity":sev, "threat":threat, "ports":ports}
    
 class GVMClient():
    """
@@ -652,16 +651,16 @@ class ReportManager():
                with open(filename, 'r') as file:
                    known_oids += self.extract_oids(file.readlines())

-            self.accepted_oids = accepted_oids
-            self.known_oids = known_oids
+            self.accepted_oids = tuple(sorted(accepted_oids))
+            self.known_oids = tuple(sorted(known_oids))
            logging.debug("accepted oids")
            logging.debug(pretty_json(self.accepted_oids))
            logging.debug("known oids")
            logging.debug(pretty_json(self.known_oids))

-    def import_report(self, host: str, report: pd.DataFrame) -> None:
+    def import_report(self, host: str, report: Dict[str,Tuple]) -> None:
        self.imported_oids[host] = report
-
+        
    def init_glob_vars(self):
        self.report = dict()
        self.report[self.REPORT_DEPLOYMENT] = {self.REPORT_SEVERITY: self.DEFAULT_SEVERITY,

--- a/files/scan.py
+++ b/files/scan.py
@@ -164,9 +164,7 @@ for host,ports in endpoints.items():
                         filename = f"{report_filename}.txt")
        report_manager.import_report(host,task.get_report())
    else:
-        task_report = {"severity": ReportManager.MAX_SEVERITY, 
-                       "threat": f"Scan Error. task.id: {task.id}"}
-        report_manager.import_report(host,task_report)
+        logging.warning(f"Scan Error. task.id: {task.id}")

    #task.delete()
    #target.delete()