search

nickmaccarthy / qualys-86002-result-extractor

Extracts SSL information from Qualys QID 86002 results
1 stars 0 forks source link

TypeError: slice indices must be integers or None or have an __index__ method #1

Open CooperDB opened 8 years ago

CooperDB commented 8 years ago

This was exactly what I was looking for parse Qualys output to find important data about ssl certificates. I'm a newbie with python and scripting. Receiving the following error when running the script

python parser.py --infile=86002.csv --outfile=results-86002.csv

The first attempt received the following: File "parser.py", line 101, in main start_idx = lines.index('"IP","DNS","NetBIOS","Tracking Method","OS","IP Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Threat","Impact","Solution","Exploitability","Associated Malware","Results","PCI Vuln","Ticket State","Instance","Category"\r\n') ValueError: '"IP","DNS","NetBIOS","Tracking Method","OS","IP Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Threat","Impact","Solution","Exploitability","Associated Malware","Results","PCI Vuln","Ticket State","Instance","Category"\r\n' is not in list

I then changed the values of start_idx and fields values to match the header in the csv file.

start_idx = ('"IP","DNS","NetBIOS","Tracking Method","OS","IP","Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Results","PCI Vuln","Ticket State","Instance","OS CPE","Category","Date Last Fixed"\r\n')

fields = [ "IP","DNS","NetBIOS","Tracking Method","OS","IP","Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Results","PCI Vuln","Ticket State","Instance","OS CPE","Category","Date Last Fixed" ]

after that change I receive the following error:

qualys_csv = lines[start_idx:]

TypeError: slice indices must be integers or None or have an index method

using python 2.7.5 on CentOS7 not sure where to go from here to make it work

Respectfully, CooperDB

nickmaccarthy commented 8 years ago

HI @CooperDB , you have start_idx as a tuple(). What the try/catch is doing, is finding which index number the actual CSV starts since Qualys like to put a bunch of stuff above the headers. The the lines[start_idx:] is what is called a index slicing. I think all you need to do is change your start_idx line to 

start_idx = lines.index('"IP","DNS","NetBIOS","Tracking Method","OS","IP","Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Results","PCI Vuln","Ticket State","Instance","OS CPE","Category","Date Last Fixed"\r\n')

Let me know if that works.

CooperDB commented 8 years ago

thank you for the fast response. I was not able to get your fix to work, but I was able to get it to work using qualys_csv = lines[0:] which returned the results.

On Sun, Jun 5, 2016 at 1:47 PM, Nick MacCarthy notifications@github.com wrote:

HI @CooperDB https://github.com/CooperDB , you have start_idx as a tuple(). What the try/catch is doing, is finding which index number the actual CSV starts since Qualys like to put a bunch of stuff above the headers. The the lines[start_idx:] is what is called a index slicing. I think all you need to do is change your start_idx line to ``` start_idx = lines.index('"IP","DNS","NetBIOS","Tracking Method","OS","IP","Status","QID","Title","Vuln Status","Type","Severity","Port","Protocol","FQDN","SSL","First Detected","Last Detected","Times Detected","CVE ID","Vendor Reference","Bugtraq ID","CVSS","CVSS Base","CVSS Temporal","CVSS Environment","Results","PCI Vuln","Ticket State","Instance","OS CPE","Category","Date Last Fixed"\r\n')

Let me know if that works.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/nickmaccarthy/qualys-86002-result-extractor/issues/1#issuecomment-223826771, or mute the thread https://github.com/notifications/unsubscribe/AS2OCLnMJs-z3oN6Fkw4-YxRdXAKDwgfks5qIwvKgaJpZM4IuZBO .

nickmaccarthy commented 8 years ago

@CooperDB , that probably means that Qualys is no longer putting the extra lines/stuff on top of where the report actually starts. I'm not sure if you can sanitize your report, but if you could send it to me I may be able to update this script so it could help others in the future