■ ■ ■ ■ ■ ■
contrib/parsers/flan_xml_parser.py
| skipped 42 lines |
43 | 43 | | Parse xmltodict output and fill internal collections |
44 | 44 | | :param data: xmltodict output |
45 | 45 | | """ |
| 46 | + | if 'host' not in data['nmaprun']: |
| 47 | + | return |
| 48 | + | |
46 | 49 | | hosts = data['nmaprun']['host'] |
47 | 50 | | |
48 | 51 | | if isinstance(hosts, list): |
| skipped 16 lines |
65 | 68 | | |
66 | 69 | | self.results[app_name].vulns.append(Vuln(vuln_name, vuln_type, severity)) |
67 | 70 | | |
68 | | - | def parse_script(self, app_name: str, script: Dict[str, Any]): |
| 71 | + | def parse_script(self, ip_addr: str, port: str, app_name: str, script: Dict[str, Any]): |
| 72 | + | if 'table' not in script: |
| 73 | + | print('ERROR in script: ' + script['@output'] + " at location: " + ip_addr + " port: " + port + " app: " + |
| 74 | + | app_name) |
| 75 | + | return |
69 | 76 | | self.vulnerable_services.append(app_name) |
70 | 77 | | script_table = script['table']['table'] |
71 | 78 | | if isinstance(script_table, list): |
| skipped 16 lines |
88 | 95 | | if isinstance(scripts, list): |
89 | 96 | | for s in scripts: |
90 | 97 | | if s['@id'] == 'vulners': |
91 | | - | self.parse_script(app_name, s) |
| 98 | + | self.parse_script(ip_addr, port_num, app_name, s) |
92 | 99 | | else: |
93 | 100 | | if scripts['@id'] == 'vulners': |
94 | | - | self.parse_script(app_name, scripts) |
| 101 | + | self.parse_script(ip_addr, port_num, app_name, scripts) |
95 | 102 | | |
96 | 103 | | def parse_host(self, host: Dict[str, Any]): |
97 | | - | ip_addr = host['address']['@addr'] |
| 104 | + | addresses = host['address'] |
| 105 | + | ip_addr = '' |
| 106 | + | if isinstance(addresses, list): |
| 107 | + | for addr in addresses: |
| 108 | + | if "ip" in addr['@addrtype']: |
| 109 | + | ip_addr = addr['@addr'] |
| 110 | + | else: |
| 111 | + | ip_addr = addresses['@addr'] |
| 112 | + | |
| 113 | + | if not ip_addr: |
| 114 | + | return |
| 115 | + | |
98 | 116 | | if host['status']['@state'] == 'up' and 'port' in host['ports']: |
99 | 117 | | ports = host['ports']['port'] |
100 | 118 | | if isinstance(ports, list): |
| skipped 38 lines |