From e1ca9fadcd0e193d1c8abab4fdad79901373b8a1 Mon Sep 17 00:00:00 2001 From: Quim Date: Fri, 21 Feb 2020 15:50:14 +0100 Subject: [PATCH] fixed issue where when actioning all actions, if one failed it exited the program --- bin/vuln_whisperer | 19 ++++++----- vulnwhisp/vulnwhisp.py | 71 +++++++++++++++++++++++++++--------------- 2 files changed, 57 insertions(+), 33 deletions(-) diff --git a/bin/vuln_whisperer b/bin/vuln_whisperer index 09ed142..b934063 100644 --- a/bin/vuln_whisperer +++ b/bin/vuln_whisperer @@ -83,14 +83,17 @@ def main(): enabled_sections = config.get_sections_with_attribute('enabled') for section in enabled_sections: - vw = vulnWhisperer(config=args.config, - profile=section, - verbose=args.verbose, - username=args.username, - password=args.password, - source=args.source, - scanname=args.scanname) - exit_code += vw.whisper_vulnerabilities() + try: + vw = vulnWhisperer(config=args.config, + profile=section, + verbose=args.verbose, + username=args.username, + password=args.password, + source=args.source, + scanname=args.scanname) + exit_code += vw.whisper_vulnerabilities() + except Exception as e: + logger.error("VulnWhisperer was unable to perform the processing on '{}'".format(args.source)) else: logger.info('Running vulnwhisperer for section {}'.format(args.section)) vw = vulnWhisperer(config=args.config, diff --git a/vulnwhisp/vulnwhisp.py b/vulnwhisp/vulnwhisp.py index af791d1..97158e4 100755 --- a/vulnwhisp/vulnwhisp.py +++ b/vulnwhisp/vulnwhisp.py @@ -319,7 +319,8 @@ def __init__( e=e)) except Exception as e: self.logger.error('Could not properly load your config!\nReason: {e}'.format(e=e)) - sys.exit(1) + return False + #sys.exit(1) @@ -575,8 +576,11 @@ def __init__( self.logger = logging.getLogger('vulnWhispererQualys') if debug: self.logger.setLevel(logging.DEBUG) - - self.qualys_scan = qualysScanReport(config=config) + try: + self.qualys_scan = qualysScanReport(config=config) + except Exception as e: + self.logger.error("Unable to establish connection with Qualys scanner. Reason: {}".format(e)) + return False self.latest_scans = self.qualys_scan.qw.get_all_scans() self.directory_check() self.scans_to_process = None @@ -747,10 +751,14 @@ def __init__( self.develop = True self.purge = purge self.scans_to_process = None - self.openvas_api = OpenVAS_API(hostname=self.hostname, - port=self.port, - username=self.username, - password=self.password) + try: + self.openvas_api = OpenVAS_API(hostname=self.hostname, + port=self.port, + username=self.username, + password=self.password) + except Exception as e: + self.logger.error("Unable to establish connection with OpenVAS scanner. Reason: {}".format(e)) + return False def whisper_reports(self, output_format='json', launched_date=None, report_id=None, cleanup=True): report = None @@ -861,8 +869,11 @@ def __init__( self.logger = logging.getLogger('vulnWhispererQualysVuln') if debug: self.logger.setLevel(logging.DEBUG) - - self.qualys_scan = qualysVulnScan(config=config) + try: + self.qualys_scan = qualysVulnScan(config=config) + except Exception as e: + self.logger.error("Unable to create connection with Qualys. Reason: {}".format(e)) + return False self.directory_check() self.scans_to_process = None @@ -1009,7 +1020,8 @@ def __init__( raise Exception( 'Could not connect to nessus -- Please verify your settings in {config} are correct and try again.\nReason: {e}'.format( config=self.config.config_in, e=e)) - sys.exit(1) + return False + #sys.exit(1) profiles = [] profiles = self.get_scan_profiles() @@ -1261,7 +1273,10 @@ def sync_all(self): if autoreport_sections: for scan in autoreport_sections: - self.jira_sync(self.config.get(scan, 'source'), self.config.get(scan, 'scan_name')) + try: + self.jira_sync(self.config.get(scan, 'source'), self.config.get(scan, 'scan_name')) + except Exception as e: + self.logger.error("VulnWhisperer wasn't able to report the vulnerabilities from the '{}'s source".format(self.config.get(scan, 'source'))) return True return False @@ -1294,36 +1309,42 @@ def whisper_vulnerabilities(self): if self.profile == 'nessus': vw = vulnWhispererNessus(config=self.config, profile=self.profile) - self.exit_code += vw.whisper_nessus() + if vw: + self.exit_code += vw.whisper_nessus() elif self.profile == 'qualys_web': vw = vulnWhispererQualys(config=self.config) - self.exit_code += vw.process_web_assets() + if vw: + self.exit_code += vw.process_web_assets() elif self.profile == 'openvas': vw_openvas = vulnWhispererOpenVAS(config=self.config) - self.exit_code += vw_openvas.process_openvas_scans() + if vw: + self.exit_code += vw_openvas.process_openvas_scans() elif self.profile == 'tenable': vw = vulnWhispererNessus(config=self.config, profile=self.profile) - self.exit_code += vw.whisper_nessus() + if vw: + self.exit_code += vw.whisper_nessus() elif self.profile == 'qualys_vuln': vw = vulnWhispererQualysVuln(config=self.config) - self.exit_code += vw.process_vuln_scans() + if vw: + self.exit_code += vw.process_vuln_scans() elif self.profile == 'jira': #first we check config fields are created, otherwise we create them vw = vulnWhispererJIRA(config=self.config) - if not (self.source and self.scanname): - self.logger.info('No source/scan_name selected, all enabled scans will be synced') - success = vw.sync_all() - if not success: - self.logger.error('All scans sync failed!') - self.logger.error('Source scanner and scan name needed!') - return 0 - else: - vw.jira_sync(self.source, self.scanname) + if vw: + if not (self.source and self.scanname): + self.logger.info('No source/scan_name selected, all enabled scans will be synced') + success = vw.sync_all() + if not success: + self.logger.error('All scans sync failed!') + self.logger.error('Source scanner and scan name needed!') + return 0 + else: + vw.jira_sync(self.source, self.scanname) return self.exit_code