dradis-coreimpact 4.10.0 → 4.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/pull_request_template.md +12 -3
- data/CHANGELOG.md +7 -0
- data/README.md +3 -4
- data/lib/dradis/plugins/coreimpact/gem_version.rb +1 -1
- data/lib/dradis/plugins/coreimpact/importer.rb +4 -4
- data/lib/dradis/plugins/coreimpact/mapping.rb +37 -0
- data/lib/dradis/plugins/coreimpact.rb +1 -0
- metadata +3 -6
- data/templates/evidence.fields +0 -4
- data/templates/evidence.template +0 -11
- data/templates/issue.fields +0 -6
- data/templates/issue.template +0 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 383860c5e3bf9433426b6a0e87325211d5b4aa298ca37abf1b0fc5386c3e28a3
|
|
4
|
+
data.tar.gz: a8854fc5cb6a7ff08b704a1b48856ec976307dc4bfc9c2fb61ad7052a5186078
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 722fa23de92d106a7228ad8d81a737ff1e1f28e6977d7a29293d80b63d2baca12c4360ccd425be4581fcd3ea3db95fea4339d65cad05e85f1a77b6dc947a1c10
|
|
7
|
+
data.tar.gz: 873d0c0d8903aaa319411aa93ba0e3cbabda8f462737c45fa8c089ef89a4021ffddcb6c0aff207ef1aaf6935481ff952ba0064de534a52a5bca96d2fd20ed842
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
|
|
2
|
+
|
|
1
3
|
### Summary
|
|
2
4
|
|
|
3
5
|
Provide a general description of the code changes in your pull
|
|
@@ -6,6 +8,11 @@ these bugs have open GitHub issues, be sure to tag them here as well,
|
|
|
6
8
|
to keep the conversation linked together.
|
|
7
9
|
|
|
8
10
|
|
|
11
|
+
### Testing Steps
|
|
12
|
+
|
|
13
|
+
Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
|
|
14
|
+
|
|
15
|
+
|
|
9
16
|
### Other Information
|
|
10
17
|
|
|
11
18
|
If there's anything else that's important and relevant to your pull
|
|
@@ -26,11 +33,13 @@ products, we must have the copyright associated with the entire
|
|
|
26
33
|
codebase. Any code you create which is merged must be owned by us.
|
|
27
34
|
That's not us trying to be a jerks, that's just the way it works.
|
|
28
35
|
|
|
29
|
-
Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
|
|
30
|
-
file for the details.
|
|
31
|
-
|
|
32
36
|
You can delete this section, but the following sentence needs to
|
|
33
37
|
remain in the PR's description:
|
|
34
38
|
|
|
35
39
|
> I assign all rights, including copyright, to any future Dradis
|
|
36
40
|
> work by myself to Security Roots.
|
|
41
|
+
|
|
42
|
+
### Check List
|
|
43
|
+
|
|
44
|
+
- [ ] Added a CHANGELOG entry
|
|
45
|
+
- [ ] Added specs
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -4,17 +4,16 @@
|
|
|
4
4
|
|
|
5
5
|
Upload [CORE Impact](https://www.coresecurity.com/core-impact/) XML output into Dradis.
|
|
6
6
|
|
|
7
|
-
The add-on requires [Dradis CE](https://
|
|
8
|
-
|
|
7
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
|
9
8
|
|
|
10
9
|
## More information
|
|
11
10
|
|
|
12
|
-
See the Dradis Framework's [README.md](https://github.com/dradis/
|
|
11
|
+
See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
|
|
13
12
|
|
|
14
13
|
|
|
15
14
|
## Contributing
|
|
16
15
|
|
|
17
|
-
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/
|
|
16
|
+
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
|
|
18
17
|
|
|
19
18
|
|
|
20
19
|
## License
|
|
@@ -94,13 +94,13 @@ module Dradis::Plugins::Coreimpact
|
|
|
94
94
|
def add_vulnerability(xml_container, node)
|
|
95
95
|
plugin_id = xml_container.at_xpath('./property[@type="container"]')['key']
|
|
96
96
|
|
|
97
|
-
issue_text =
|
|
97
|
+
issue_text = mapping_service.apply_mapping(source: 'issue', data: xml_container)
|
|
98
98
|
issue = content_service.create_issue(id: plugin_id, text: issue_text)
|
|
99
99
|
logger.info{ "\tCreating new issue (plugin_id: #{plugin_id})"}
|
|
100
100
|
|
|
101
|
-
evidence_content =
|
|
102
|
-
|
|
103
|
-
|
|
101
|
+
evidence_content = mapping_service.apply_mapping(
|
|
102
|
+
source: 'evidence',
|
|
103
|
+
data: xml_container.at_xpath('./property[@type="container"]/property[@key="Modules"]')
|
|
104
104
|
)
|
|
105
105
|
content_service.create_evidence(content: evidence_content, issue: issue, node: node)
|
|
106
106
|
logger.info{ "\t\tAdding reference to this host"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
module Dradis::Plugins::Coreimpact
|
|
2
|
+
module Mapping
|
|
3
|
+
DEFAULT_MAPPING = {
|
|
4
|
+
evidence: {
|
|
5
|
+
'AgentDeployed' => '{{ coreimpact[evidence.agent_deployed] }}',
|
|
6
|
+
'Description' => '{{ coreimpact[evidence.description] }}',
|
|
7
|
+
'Port' => '{{ coreimpact[evidence.port] }}',
|
|
8
|
+
'TriedToInstallAgent' => '{{ coreimpact[evidence.tried_to_install_agent] }}'
|
|
9
|
+
},
|
|
10
|
+
issue: {
|
|
11
|
+
'Title' => '{{ coreimpact[issue.title] }}',
|
|
12
|
+
'AgentDeployed' => '{{ coreimpact[issue.agent_deployed] }}',
|
|
13
|
+
'CVE' => '{{ coreimpact[issue.cve] }}',
|
|
14
|
+
'Description' => '{{ coreimpact[issue.description] }}',
|
|
15
|
+
'Port' => '{{ coreimpact[issue.port] }}',
|
|
16
|
+
'TriedToInstallAgent' => '{{ coreimpact[issue.tried_to_install_agent] }}'
|
|
17
|
+
}
|
|
18
|
+
}.freeze
|
|
19
|
+
|
|
20
|
+
SOURCE_FIELDS = {
|
|
21
|
+
evidence: [
|
|
22
|
+
'evidence.agent_deployed',
|
|
23
|
+
'evidence.description',
|
|
24
|
+
'evidence.tried_to_install_agent',
|
|
25
|
+
'evidence.port'
|
|
26
|
+
],
|
|
27
|
+
issue: [
|
|
28
|
+
'issue.title',
|
|
29
|
+
'issue.agent_deployed',
|
|
30
|
+
'issue.cve',
|
|
31
|
+
'issue.description',
|
|
32
|
+
'issue.port',
|
|
33
|
+
'issue.tried_to_install_agent'
|
|
34
|
+
]
|
|
35
|
+
}.freeze
|
|
36
|
+
end
|
|
37
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-coreimpact
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-05-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -107,18 +107,15 @@ files:
|
|
|
107
107
|
- lib/dradis/plugins/coreimpact/field_processor.rb
|
|
108
108
|
- lib/dradis/plugins/coreimpact/gem_version.rb
|
|
109
109
|
- lib/dradis/plugins/coreimpact/importer.rb
|
|
110
|
+
- lib/dradis/plugins/coreimpact/mapping.rb
|
|
110
111
|
- lib/dradis/plugins/coreimpact/version.rb
|
|
111
112
|
- lib/tasks/thorfile.rb
|
|
112
113
|
- spec/coreimpact/importer_spec.rb
|
|
113
114
|
- spec/coreimpact_upload_spec.rb
|
|
114
115
|
- spec/fixtures/files/example.xml
|
|
115
116
|
- spec/spec_helper.rb
|
|
116
|
-
- templates/evidence.fields
|
|
117
117
|
- templates/evidence.sample
|
|
118
|
-
- templates/evidence.template
|
|
119
|
-
- templates/issue.fields
|
|
120
118
|
- templates/issue.sample
|
|
121
|
-
- templates/issue.template
|
|
122
119
|
homepage: https://dradis.com/integrations/coreimpact.html
|
|
123
120
|
licenses:
|
|
124
121
|
- GPL-2
|
data/templates/evidence.fields
DELETED
data/templates/evidence.template
DELETED
data/templates/issue.fields
DELETED
data/templates/issue.template
DELETED