Skip to content

Commit b2a2b16

Browse files
committed
Save point #4
1 parent fda7048 commit b2a2b16

1 file changed

Lines changed: 22 additions & 52 deletions

File tree

  • plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion

plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/trigger.py

Lines changed: 22 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -27,50 +27,6 @@ def run(self, params={}):
2727
risk_score = params.get(Input.RISK_SCORE)
2828
site_id = params.get(Input.SITE_ID, None)
2929

30-
x = []
31-
if cve:
32-
x.append(
33-
{
34-
"field": "cve",
35-
"operator": "is",
36-
"value": cve,
37-
}
38-
)
39-
if hostname:
40-
x.append(
41-
{
42-
"field": "host-name",
43-
"operator": "is",
44-
"value": hostname,
45-
},
46-
)
47-
48-
if ip_address:
49-
x.append(
50-
{
51-
"field": "ip-address",
52-
"operator": "is",
53-
"value": ip_address,
54-
}
55-
)
56-
if risk_score:
57-
x.append(
58-
{
59-
"field": "risk-score",
60-
"operator": "is",
61-
"value": risk_score,
62-
}
63-
)
64-
if site_id:
65-
x.append(
66-
{
67-
"field": "site-id",
68-
"operator": "is",
69-
"value": site_id,
70-
}
71-
)
72-
z = {"filters": x, "match": "any"}
73-
7430
# Build API call
7531
resource_helper = ResourceRequests(self.connection.session, self.logger)
7632
endpoint = Scan.scans(self.connection.console_url)
@@ -84,17 +40,31 @@ def run(self, params={}):
8440

8541
while True:
8642
while True:
87-
endpoint_asset_search = Asset.search(self.connection.console_url)
8843
endpoint = Asset.assets(self.connection.console_url, last_id + 1)
8944

90-
asset_search_response = resource_helper.resource_request(
91-
endpoint=endpoint_asset_search, method="post", payload=z
92-
)
9345
try:
94-
asset_assets_response = resource_helper.resource_request(endpoint=endpoint, method="get")
46+
asset_response = resource_helper.resource_request(endpoint=endpoint, method="get")
9547
except Exception:
9648
break
9749

50+
# Placeholders for now - Basically check for input and
51+
# if it is in response
52+
if ip_address and ip_address in asset_response.get('ip'):
53+
continue
54+
55+
if risk_score and risk_score in asset_response.get('riskScore'):
56+
continue
57+
58+
if hostname and hostname in asset_response.get('hostName'):
59+
continue
60+
61+
if source and source in asset_response.get('hostNames')[0].get('source'):
62+
continue
63+
64+
# Cannot find asset_group, cve or site_id from Get Asset By ID.
65+
66+
# Next, Get Asset by vuln solution
67+
9868
endpoint = Asset.asset_vulnerability_solution(self.connection.console_url, last_id + 1, "???")
9969
try:
10070
vuln_response = resource_helper.resource_request(endpoint=endpoint, method="get")
@@ -106,9 +76,9 @@ def run(self, params={}):
10676

10777
self.send(
10878
{
109-
Output.ASSET_ID: asset_assets_response.get("id"),
110-
Output.HOSTNAME: asset_assets_response.get("hostName"),
111-
Output.IP: asset_assets_response.get("ip"),
79+
Output.ASSET_ID: asset_response.get("id"),
80+
Output.HOSTNAME: asset_response.get("hostName"),
81+
Output.IP: asset_response.get("ip"),
11282
Output.NEXPOSE_ID: "???",
11383
Output.SOFTWARE_UPDATE_ID: vuln_data.get("id"),
11484
Output.SOLUTION_ID: "solution_id",

0 commit comments

Comments
 (0)