vendredi 1 mai 2015

Python Logic Issue

I am using elementtree to parse an XML file and placing the data into an sqlite database. I have come across a problem that I believe could be solved by some better logic, that I am most likely missing. I am getting a local variable 'netbios_name' referenced before assignment error, this is the case for the operating_system variable as well. I understand why I am getting it but I am not certain on how to resolve the issue.

Any help would be appreciated.

Example XML Data

<ReportHost name="192.168.26.11"><HostProperties>
<tag name="HOST_END">Sat Apr 25 11:36:08 2015</tag>
<tag name="LastUnauthenticatedResults">1223744168</tag>
<tag name="Credentialed_Scan">false</tag>
<tag name="policy-used">Advanced Scan</tag>
<tag name="patch-summary-total-cves">5</tag>
<tag name="cpe-0">cpe:/o:microsoft:windows_2003_server::sp2 -&gt; Microsoft Windows 2003 Server Service Pack 2</tag>
<tag name="system-type">general-purpose</tag>
<tag name="operating-system">Microsoft Windows Server 2003 Service Pack 2</tag>
<tag name="mac-address">00:1f:19:f5:14:34</tag>
<tag name="traceroute-hop-2">192.168.26.11</tag>
<tag name="traceroute-hop-1">10.100.1.249</tag>
<tag name="traceroute-hop-0">10.100.1.254</tag>
<tag name="host-ip">192.168.26.11</tag>
<tag name="netbios-name">PLUTOAPP01</tag>
<tag name="HOST_START">Sat Apr 25 10:20:43 2015</tag>
</HostProperties>

Example Problem Code

def get_details(nessus_file):
    db = sqlite3.connect('database.sqlite')
    cursor = db.cursor()
    try:
        tree = ET.parse(nessus_file)
        for reporthost in tree.findall('/Report/ReportHost'):
            host = reporthost.get('name')
            for tag in reporthost.findall('.//HostProperties/tag'):
                if tag.get('name') == 'netbios-name':
                    netbios_name = tag.text
                elif tag.get('name') == 'operating-system':
                    operating_system = tag.text
                else:
                    pass
                #The if statements above^ are causing my issues along with the execute statement below
                cursor.execute('INSERT INTO hosts(host, netbios_name, operating_system) VALUES(?,?,?)', (host, netbios_name, operating_system,))

            for item in reporthost.findall('ReportItem'):
                sev = item.get('severity')
                name = item.get('pluginName')
                description = item.findtext('description')
                pluginid = item.get('pluginID')

                cursor.execute('INSERT INTO vulns(pluginName, severity, description, pluginID) VALUES(?,?,?,?)', (name,sev,description,pluginid,))
                for cve in item.getiterator('cve'):
                    cursor.execute('INSERT INTO cves(cve) VALUES(?)', (cve.text,))
        db.commit()
        db.close()
    except Exception as e:
        print e
        exit()

create_db()
get_details('file.nessus')
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)