func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
if len(flag.Args()) < 1 {
log.Fatal("Fatal: Missing required argument")
}
lairPID := flag.Arg(0)
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client: Error %s", err.Error())
}
project, err := c.ExportProject(lairPID)
if err != nil {
log.Fatalf("Fatal: Unable to import project. Error %s", err.Error())
}
data, err := json.Marshal(project)
if err != nil {
log.Fatalf("Fatal: Unable to parse JSON. Error %s", err.Error())
}
fmt.Println(string(data))
}
//Import Project Data into Liar
func Import(project *lair.Project) error {
forcePorts := false
insecureSSL := true
limitHosts := false
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
return errors.New("Fatal: Missing LAIR_API_SERVER environment variable")
}
u, err := url.Parse(lairURL)
if err != nil {
return fmt.Errorf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
return errors.New("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
return errors.New("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: insecureSSL,
})
if err != nil {
return fmt.Errorf("Fatal: Error setting up client. Error %s", err.Error())
}
res, err := c.ImportProject(&client.DOptions{ForcePorts: forcePorts, LimitHosts: limitHosts}, project)
if err != nil {
return fmt.Errorf("Fatal: Unable to import project. Error %s", err.Error())
}
defer res.Body.Close()
droneRes := &client.Response{}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
return fmt.Errorf("Fatal: Error %s", err.Error())
}
if err := json.Unmarshal(body, droneRes); err != nil {
return fmt.Errorf("Fatal: Could not unmarshal JSON. Error %s", err.Error())
}
if droneRes.Status == "Error" {
return fmt.Errorf("Fatal: Import failed. Error %s", droneRes.Message)
}
return nil
}
func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
forcePorts := flag.Bool("force-ports", false, "")
limitHosts := flag.Bool("limit-hosts", false, "")
tags := flag.String("tags", "", "")
info := flag.Bool("info", false, "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
lairPID := os.Getenv("LAIR_ID")
var filename string
switch len(flag.Args()) {
case 2:
lairPID = flag.Arg(0)
filename = flag.Arg(1)
case 1:
filename = flag.Arg(0)
default:
log.Fatal("Fatal: Missing required argument")
}
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client: Error %s", err.Error())
}
buf, err := ioutil.ReadFile(filename)
if err != nil {
log.Fatalf("Fatal: Could not open file. Error %s", err.Error())
}
nessusData, err := nessus.Parse(buf)
if err != nil {
log.Fatalf("Fatal: Error parsing nessus data. Error %s", err.Error())
}
hostTags := []string{}
if *tags != "" {
hostTags = strings.Split(*tags, ",")
}
project, err := buildProject(nessusData, lairPID, hostTags, *info)
if err != nil {
log.Fatalf("Fatal: Error building project. Error %s", err.Error())
}
res, err := c.ImportProject(&client.DOptions{ForcePorts: *forcePorts, LimitHosts: *limitHosts}, project)
if err != nil {
log.Fatalf("Fatal: Unable to import project. Error %s", err)
}
defer res.Body.Close()
droneRes := &client.Response{}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
log.Fatalf("Fatal: Error %s", err.Error())
}
if err := json.Unmarshal(body, droneRes); err != nil {
log.Fatalf("Fatal: Could not unmarshal JSON. Error %s", err.Error())
}
if droneRes.Status == "Error" {
log.Fatalf("Fatal: Import failed. Error %s", droneRes.Message)
}
log.Println("Success: Operation completed successfully")
}
func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
forcePorts := flag.Bool("force-ports", false, "")
tags := flag.String("tags", "", "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
lairPID := os.Getenv("LAIR_ID")
var filename string
switch len(flag.Args()) {
case 2:
lairPID = flag.Arg(0)
filename = flag.Arg(1)
case 1:
filename = flag.Arg(0)
default:
log.Fatal("Fatal: Missing required argument")
}
if lairPID == "" {
log.Fatal("Fatal: Missing LAIR_ID")
}
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client: Error %s", err.Error())
}
hostTags := []string{}
if *tags != "" {
hostTags = strings.Split(*tags, ",")
}
l := lair.Project{
ID: lairPID,
Tool: tool,
Commands: []lair.Command{lair.Command{
Tool: tool,
Command: "",
}},
}
shodanKey := os.Getenv("SHODAN_KEY")
if shodanKey == "" {
log.Fatal("Fatal: Missing SHODAN_KEY environment variable")
}
sclient := shodan.New(shodanKey)
serviceMap, err := sclient.Services()
if err != nil {
log.Fatalf("Fatal: Error getting services from shodan. Error %s", err.Error())
}
ips := []string{}
file, err := os.Open(filename)
if err != nil {
log.Fatalf("Fatal: Could not open file. Error %s", err.Error())
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
line := scanner.Text()
_, _, err := net.ParseCIDR(line)
if err != nil {
ip := net.ParseIP(line)
if ip == nil {
log.Fatalf("Fatal: %s in file is not an ip or cidr netblock", ip)
}
ips = append(ips, line)
} else {
if netIPs, err := shodanIPsFromShodanNetSearch(sclient, line); err != nil {
log.Fatalf("Fatal: Error returned from shodan. Error %s", err.Error())
} else {
ips = append(ips, netIPs...)
}
}
}
lk := sync.Mutex{}
wg := sync.WaitGroup{}
wg.Add(10)
ipChan := make(chan string, 10)
for i := 0; i < 10; i++ {
go func(s shodan.Client) {
for ip := range ipChan {
time.Sleep(10 * time.Second)
host, err := s.Host(ip, url.Values{})
if err != nil {
log.Printf("Error: Error returned from shodan for %s. Error %s", ip, err.Error())
continue
}
h := lair.Host{
Hostnames: host.Hostnames,
IPv4: ip,
LastModifiedBy: tool,
Tags: hostTags,
}
for _, d := range host.Data {
service := lair.Service{
Port: d.Port,
Protocol: "tcp",
Service: serviceMap[strconv.Itoa(d.Port)],
Product: d.Product,
Notes: []lair.Note{lair.Note{
Title: "Shodan Banner",
Content: d.Data,
LastModifiedBy: tool,
}},
}
if fingerprint, ok := d.Os.(string); ok {
h.OS = lair.OS{
Fingerprint: fingerprint,
Weight: osWeight,
Tool: tool,
}
}
h.Hostnames = removeDuplicates(append(h.Hostnames, d.Hostnames...))
h.Services = append(h.Services, service)
}
lk.Lock()
l.Hosts = append(l.Hosts, h)
lk.Unlock()
}
wg.Done()
}(*sclient)
}
for _, ip := range ips {
ipChan <- ip
}
close(ipChan)
wg.Wait()
res, err := c.ImportProject(&client.DOptions{ForcePorts: *forcePorts}, &l)
if err != nil {
log.Fatalf("Fatal: Unable to import project. Error %s", err)
}
defer res.Body.Close()
droneRes := &client.Response{}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
log.Fatalf("Fatal: Error %s", err.Error())
}
if err := json.Unmarshal(body, droneRes); err != nil {
log.Fatalf("Fatal: Could not unmarshal JSON. Error %s", err.Error())
}
if droneRes.Status == "Error" {
log.Fatalf("Fatal: Import failed. Error %s", droneRes.Message)
}
log.Println("Success: Operation completed successfully")
}
func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
lairPID := os.Getenv("LAIR_ID")
var filename string
switch len(flag.Args()) {
case 2:
lairPID = flag.Arg(0)
filename = flag.Arg(1)
case 1:
filename = flag.Arg(0)
default:
log.Fatal("Fatal: Missing required argument")
}
if lairPID == "" {
log.Fatal("Fatal: Missing LAIR_ID")
}
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client. Error %s", err.Error())
}
project, err := c.ExportProject(lairPID)
if err != nil {
log.Fatalf("Fatal: Unable to export project. Error %s", err.Error())
}
writesheet(&project, filename)
log.Println("Success: Operation completed successfully")
}
func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
forcePorts := flag.Bool("force-ports", false, "")
tags := flag.String("tags", "", "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
lairPID := os.Getenv("LAIR_ID")
var filename string
switch len(flag.Args()) {
case 2:
lairPID = flag.Arg(0)
filename = flag.Arg(1)
case 1:
filename = flag.Arg(0)
default:
log.Fatal("Fatal: Missing required argument")
}
if lairPID == "" {
log.Fatal("Fatal: Missing LAIR_ID")
}
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client: Error %s", err.Error())
}
data, err := ioutil.ReadFile(filename)
if err != nil {
log.Fatalf("Fatal: Could not open file. Error %s", err.Error())
}
hostTags := []string{}
if *tags != "" {
hostTags = strings.Split(*tags, ",")
}
l1 := lv1.Project{}
if err := json.Unmarshal(data, &l1); err != nil {
log.Fatalf("Fatal: Could not parse JSON. Error %s", err.Error())
}
l2 := lair.Project{
ID: lairPID,
CreatedAt: l1.CreationDate,
DroneLog: l1.DroneLog,
Tool: tool,
}
for _, h := range l1.Hosts {
l2Host := lair.Host{
Status: h.Status,
LongIPv4Addr: h.LongAddr,
IPv4: h.StringAddr,
MAC: h.MacAddr,
IsFlagged: h.Flag,
Hostnames: h.Hostnames,
Tags: hostTags,
LastModifiedBy: h.LastModifiedBy,
}
for _, o := range h.OS {
if o.Weight > l2Host.OS.Weight {
l2Host.OS.Weight = o.Weight
l2Host.OS.Fingerprint = o.Fingerprint
l2Host.OS.Tool = o.Tool
}
}
for _, n := range h.Notes {
l2Host.Notes = append(l2Host.Notes, lair.Note{
Title: n.Title,
Content: n.Content,
})
}
for _, p := range h.Ports {
l2Service := lair.Service{
IsFlagged: p.Flag,
Status: p.Status,
Port: p.Port,
Service: p.Service,
Protocol: p.Protocol,
LastModifiedBy: p.LastModifiedBy,
}
for _, c := range p.Credentials {
l2Credential := lair.Credential{
Hash: c.Hash,
Password: c.Password,
Username: c.Username,
Host: h.StringAddr,
Service: strconv.Itoa(p.Port),
}
l2.Credentials = append(l2.Credentials, l2Credential)
}
for _, n := range p.Notes {
l2Service.Notes = append(l2Service.Notes, lair.Note{
Title: n.Title,
Content: n.Content,
})
}
l2Host.Services = append(l2Host.Services, l2Service)
}
l2.Hosts = append(l2.Hosts, l2Host)
}
for _, n := range l1.Notes {
l2.Notes = append(l2.Notes, lair.Note{
Title: n.Title,
Content: n.Content,
})
}
for _, c := range l1.Commands {
l2.Commands = append(l2.Commands, lair.Command{
Command: c.Command,
Tool: c.Tool,
})
}
for _, v := range l1.Vulnerabilities {
l2Issue := lair.Issue{
Title: v.Title,
Status: v.Status,
IsConfirmed: v.Confirmed,
CVEs: v.Cves,
CVSS: v.Cvss,
Description: v.Description,
Evidence: v.Evidence,
Solution: v.Solution,
IsFlagged: v.Flag,
LastModifiedBy: v.LastModifiedBy,
}
for _, i := range v.IdentifiedBy {
l2Issue.IdentifiedBy = append(l2Issue.IdentifiedBy, lair.IdentifiedBy{Tool: i.Tool})
}
for _, h := range v.Hosts {
l2Issue.Hosts = append(l2Issue.Hosts, lair.IssueHost{
IPv4: h.StringAddr,
Port: h.Port,
Protocol: h.Protocol,
})
}
for _, n := range v.Notes {
l2Issue.Notes = append(l2Issue.Notes, lair.Note{
Title: n.Title,
Content: n.Content,
})
}
for _, p := range v.PluginIds {
l2Issue.PluginIDs = append(l2Issue.PluginIDs, lair.PluginID{
ID: p.Id,
Tool: p.Tool,
})
}
l2.Issues = append(l2.Issues, l2Issue)
}
res, err := c.ImportProject(&client.DOptions{ForcePorts: *forcePorts}, &l2)
if err != nil {
log.Fatalf("Fatal: Unable to import project. Error %s", err)
}
defer res.Body.Close()
droneRes := &client.Response{}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
log.Fatalf("Fatal: Error %s", err.Error())
}
if err := json.Unmarshal(body, droneRes); err != nil {
log.Fatalf("Fatal: Could not unmarshal JSON. Error %s", err.Error())
}
if droneRes.Status == "Error" {
log.Fatalf("Fatal: Import failed. Error %s", droneRes.Message)
}
log.Println("Success: Operation completed successfully")
}
func main() {
showVersion := flag.Bool("v", false, "")
insecureSSL := flag.Bool("k", false, "")
forcePorts := flag.Bool("force-ports", false, "")
forceHosts := flag.Bool("force-hosts", false, "")
tags := flag.String("tags", "", "")
flag.Usage = func() {
fmt.Println(usage)
}
flag.Parse()
if *showVersion {
log.Println(version)
os.Exit(0)
}
lairURL := os.Getenv("LAIR_API_SERVER")
if lairURL == "" {
log.Fatal("Fatal: Missing LAIR_API_SERVER environment variable")
}
lairPID := os.Getenv("LAIR_ID")
if lairPID == "" {
log.Fatal("Fatal: Missing LAIR_ID")
}
var filename string
switch len(flag.Args()) {
case 2:
lairPID = flag.Arg(0)
filename = flag.Arg(1)
case 1:
filename = flag.Arg(0)
default:
log.Fatal("Fatal: Missing required argument")
}
u, err := url.Parse(lairURL)
if err != nil {
log.Fatalf("Fatal: Error parsing LAIR_API_SERVER URL. Error %s", err.Error())
}
if u.User == nil {
log.Fatal("Fatal: Missing username and/or password")
}
user := u.User.Username()
pass, _ := u.User.Password()
if user == "" || pass == "" {
log.Fatal("Fatal: Missing username and/or password")
}
c, err := client.New(&client.COptions{
User: user,
Password: pass,
Host: u.Host,
Scheme: u.Scheme,
InsecureSkipVerify: *insecureSSL,
})
if err != nil {
log.Fatalf("Fatal: Error setting up client: Error %s", err.Error())
}
data, err := ioutil.ReadFile(filename)
if err != nil {
log.Fatalf("Fatal: Could not open file. Error %s", err.Error())
}
hostTags := []string{}
if *tags != "" {
hostTags = strings.Split(*tags, ",")
}
tagSet := map[string]bool{}
bResults := bsw.Results{}
if err := json.Unmarshal(data, &bResults); err != nil {
log.Fatalf("Fatal: Could not parse JSON. Error %s", err.Error())
}
bNotFound := map[string]bsw.Results{}
exproject, err := c.ExportProject(lairPID)
if err != nil {
log.Fatalf("Fatal: Unable to export project. Error %s", err.Error())
}
project := &lair.Project{
ID: lairPID,
Tool: tool,
Commands: []lair.Command{lair.Command{
Tool: tool,
}},
}
for _, result := range bResults {
found := false
for i := range exproject.Hosts {
h := exproject.Hosts[i]
if result.IP == h.IPv4 {
exproject.Hosts[i].Hostnames = append(exproject.Hosts[i].Hostnames, result.Hostname)
exproject.Hosts[i].LastModifiedBy = tool
found = true
if _, ok := tagSet[h.IPv4]; !ok {
tagSet[h.IPv4] = true
exproject.Hosts[i].Tags = append(exproject.Hosts[i].Tags, hostTags...)
}
}
}
if !found {
bNotFound[result.IP] = append(bNotFound[result.IP], result)
}
}
for _, h := range exproject.Hosts {
project.Hosts = append(project.Hosts, lair.Host{
IPv4: h.IPv4,
LongIPv4Addr: h.LongIPv4Addr,
IsFlagged: h.IsFlagged,
LastModifiedBy: h.LastModifiedBy,
MAC: h.MAC,
OS: h.OS,
Status: h.Status,
StatusMessage: h.StatusMessage,
Tags: hostTags,
Hostnames: h.Hostnames,
})
}
if *forceHosts {
for ip, results := range bNotFound {
hostnames := []string{}
for _, r := range results {
hostnames = append(hostnames, r.Hostname)
}
project.Hosts = append(project.Hosts, lair.Host{
IPv4: ip,
Hostnames: hostnames,
})
}
}
res, err := c.ImportProject(&client.DOptions{ForcePorts: *forcePorts}, project)
if err != nil {
log.Fatalf("Fatal: Unable to import project. Error %s", err)
}
defer res.Body.Close()
droneRes := &client.Response{}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
log.Fatalf("Fatal: Error %s", err.Error())
}
if err := json.Unmarshal(body, droneRes); err != nil {
log.Fatalf("Fatal: Could not unmarshal JSON. Error %s", err.Error())
}
if droneRes.Status == "Error" {
log.Fatalf("Fatal: Import failed. Error %s", droneRes.Message)
}
if len(bNotFound) > 0 {
if *forceHosts {
log.Println("Info: The following hosts had hostnames and were forced to import into lair")
} else {
log.Println("Info: The following hosts had hostnames but could not be imported because they do not exist in lair")
}
}
for k := range bNotFound {
fmt.Println(k)
}
log.Println("Success: Operation completed successfully")
}