dradis-nexpose 4.14.0 → 4.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fed2206ffe5931c65cc3b1ae1c9007091b99b3f9134a9b81b4ae8b4d5496fc5f
-  data.tar.gz: bf34162969ecdd0d105d551149b51f7c20795a2bfa9b1f97c741b36e5711cfe5
+  metadata.gz: 0dd759ff5965a397c6dc53aa7fe958a472377df1e4b88598c084ef710bbf7325
+  data.tar.gz: cc1caab7f91bf7a934b940bda4773ea0af137218320c26fe4b33e89bfe212499
 SHA512:
-  metadata.gz: 9fa49ed385686a5910de33e05f09caafbb624e5227af713c5defd4d0485b38b0d446194bd652b03b77d43861440e1d08a2eb597ea7b13b2f8ccae9a8f1440510
-  data.tar.gz: d84b92cc9d54926f788d78dda9b87e7f1a4262ad7682278f72af62dc4917ca4877ea9e0a8754a3d4a117bee44633dbd4ce2e539e197069b523a5c7615b2d1acf
+  metadata.gz: 11ab68a5ada00fd69fc77b7f41b3e08441dc7e0ac9fdbad90ff006b62a307fd6a4a44d05d534e954c88391ce63ec5fc28b4682e4e6e4f4c488f7a489192c0e6f
+  data.tar.gz: f610891a766cdb60ac5f1eccb90bfc497b2ee087f3c5ef3bd52037a11e342118c4ea62938ce3e7170409682c7a78302ecbbf06fe6d2450dde8a12584a6544ceb

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+v4.16.0 (May 2025)
+  - Format UnorderedList/OrderedList to textile
+
+v4.15.0 (December 2024)
+  - No changes
+
 v4.14.0 (October 2024)
 - Separate general importer into Full & Simple importers
 
@@ -7,6 +13,7 @@ v4.13.0 (July 2024)
 v4.12.0 (May 2024)
  - Migrate integration to use Mappings Manager
  - Update Dradis links in README
+ - Use 'n/a' as OS node property if there is no product value
 
 v4.11.0 (January 2024)
   - Add port/protocol to evidences

data/lib/dradis/plugins/nexpose/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 14
+        MINOR = 16
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/nexpose/xml_formatter.rb

@@ -0,0 +1,81 @@
+module Dradis::Plugins::Nexpose
+  class XmlFormatter
+    def format_html_content(source)
+      result = format_list(source)
+
+      cleanup_html(result)
+    end
+
+    def cleanup_html(source)
+      result = source.to_s
+      result.gsub!(/<ContainerBlockElement>(.*?)<\/ContainerBlockElement>/m) { |m| "#{ $1 }" }
+      result.gsub!(/<Paragraph preformat=\"true\">(\s*)<Paragraph preformat=\"true\">(.*?)<\/Paragraph>(\s*)<\/Paragraph>/mi) do
+        text = $2
+        text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
+      end
+      result.gsub!(/<Paragraph preformat=\"true\">(.*?)<\/Paragraph>/mi) do
+        text = $1
+        text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
+      end
+      result.gsub!(/<Paragraph>(.*?)<\/Paragraph>/m) { |m| "#{ $1 }\n" }
+      result.gsub!(/<Paragraph>|<\/Paragraph>/, '')
+      result.gsub!(/          /, '')
+      result.gsub!(/   /, '')
+      result.gsub!(/\t\t/, '')
+      result.gsub!(/<URLLink(.*)LinkURL=\"(.*?)\"(.*?)>(.*?)<\/URLLink>/im) { "\"#{$4.strip}\":#{$2.strip} " }
+      result.gsub!(/<URLLink LinkTitle=\"(.*?)\"(.*?)LinkURL=\"(.*?)\"\/>/i) { "\"#{$1.strip}\":#{$3.strip} " }
+      result.gsub!(/<URLLink LinkURL=\"(.*?)\"(.*?)LinkTitle=\"(.*?)\"\/>/i) { "\"#{$3.strip}\":#{$1.strip} " }
+      result.gsub!(/&gt;/, '>')
+      result.gsub!(/&lt;/, '<')
+      result
+    end
+
+    def cleanup_nested(source)
+      result = source.to_s
+      result.gsub!(/<references>/, '')
+      result.gsub!(/<\/references>/, '')
+      result.gsub!(/<reference source=\"(.*?)\">(.*?)<\/reference>/i) { "#{$1.strip}: #{$2.strip}\n" }
+      result.gsub!(/<tags>/, '')
+      result.gsub!(/<\/tags>/, '')
+      result.gsub!(/<tag>(.*?)<\/tag>/) { "#{$1}\n" }
+      result.gsub!(/        /, '')
+      result
+    end
+
+   private
+
+    def format_list(source)
+      if source.xpath('./UnorderedList | ./OrderedList').any?
+        format_nexpose_list(source)
+      else
+        source
+      end
+    end
+
+    def format_nexpose_list(xml, depth = 1)
+      xml.xpath('./UnorderedList | ./OrderedList').map do |list|
+        list_item_element = list.name == 'UnorderedList' ? '*' : '#'
+
+        list.xpath('./ListItem').map do |list_item|
+          paragraphs = list_item.xpath('./Paragraph')
+
+          list_item_text =
+            if paragraphs.any?
+              paragraphs.map do |paragraph|
+                # <Paragraph> nodes can either have more lists or just text
+                if paragraph.xpath('./UnorderedList | ./OrderedList').any?
+                  format_nexpose_list(paragraph, depth + 1)
+                else
+                  cleanup_html(paragraph.to_s).chomp
+                end
+              end.join("\n")
+            else
+              list_item.text
+            end
+
+          ''.ljust(depth, list_item_element) + ' ' + list_item_text
+        end.join("\n")
+      end.join("\n")
+    end
+  end
+end

data/lib/dradis/plugins/nexpose.rb

@@ -11,3 +11,4 @@ require 'dradis/plugins/nexpose/full/importer'
 require 'dradis/plugins/nexpose/mapping'
 require 'dradis/plugins/nexpose/simple/importer'
 require 'dradis/plugins/nexpose/version'
+require 'dradis/plugins/nexpose/xml_formatter'

data/lib/nexpose/node.rb

@@ -83,22 +83,24 @@ module Nexpose
       # Finally the enumerations: names
       if method_name == 'names'
         @xml.xpath('./names/name').collect(&:text)
-
       elsif ['fingerprints', 'software'].include?(method_name)
-
-        xpath_selector = {
-          'fingerprints' => './fingerprints/os',
-          'software' => './software/fingerprint'
-        }[method_name]
-
-        xml_os = @xml.at_xpath(xpath_selector)
-        return '' if xml_os.nil?
-
-        xml_os.attributes['product'].value
+        get_fingerprint_product(method_name)
       else
         # nothing found, the tag is valid but not present in this ReportItem
         return nil
       end
     end
+
+    private
+
+    # returns the first 'product' value from the <fingerprints> or <software> element
+    def get_fingerprint_product(method_name)
+      xpath_selector = {
+        'fingerprints' => './fingerprints/os',
+        'software' => './software/fingerprint'
+      }[method_name]
+
+      @xml.at_xpath(xpath_selector + '/@product')&.value || 'n/a'
+    end
   end
 end

data/lib/nexpose/vulnerability.rb

@@ -20,7 +20,7 @@ module Nexpose
     def supported_tags
       [
         # attributes
-        :added, :cvss_score, :cvss_vector, :modified, :nexpose_id, :pci_severity, 
+        :added, :cvss_score, :cvss_vector, :modified, :nexpose_id, :pci_severity,
         :published, :risk_score, :severity, :title,
 
         # simple tags
@@ -34,10 +34,9 @@ module Nexpose
       ]
     end
 
-
     # This allows external callers (and specs) to check for implemented
     # properties
-    def respond_to?(method, include_private=false)
+    def respond_to?(method, include_private = false)
       return true if supported_tags.include?(method.to_sym)
       super
     end
@@ -49,7 +48,6 @@ module Nexpose
     # attribute, simple descendent or collection that it maps to in the XML
     # tree.
     def method_missing(method, *args)
-
       # We could remove this check and return nil for any non-recognized tag.
       # The problem would be that it would make tricky to debug problems with
       # typos. For instance: <>.potr would return nil instead of raising an
@@ -62,11 +60,11 @@ module Nexpose
       # First we try the attributes. In Ruby we use snake_case, but in XML
       # CamelCase is used for some attributes
       translations_table = {
-        :nexpose_id => 'id',
-        :pci_severity => 'pciSeverity',
-        :risk_score => 'riskScore',
-        :cvss_score => 'cvssScore',
-        :cvss_vector =>'cvssVector'
+        nexpose_id: 'id',
+        pci_severity: 'pciSeverity',
+        risk_score: 'riskScore',
+        cvss_score: 'cvssScore',
+        cvss_vector: 'cvssVector'
       }
 
       method_name = translations_table.fetch(method, method.to_s)
@@ -78,13 +76,14 @@ module Nexpose
       nest = @xml.xpath("./#{method_name}").first
 
       # We need to clean up tags that have HTML content in them
+      formatter = Dradis::Plugins::Nexpose::XmlFormatter.new
       if tags_with_html_content.include?(method)
-        result = cleanup_html(tag)
+        result = formatter.format_html_content(tag)
         result = add_bc_to_ssl_cipher_list(result) if SSL_CIPHER_VULN_IDS.include?(@xml.attributes['id'].value)
         return result
       # And we need to clean up the tags with nested content in them
       elsif tags_with_nested_content.include?(method)
-        return cleanup_nested(nest)
+        return formatter.cleanup_nested(nest)
       else
         return tag
       end
@@ -96,7 +95,7 @@ module Nexpose
         return @xml.xpath("//test[@id='#{vuln_id}']/Paragraph").
           text.split("\n").
           collect(&:strip).
-          reject{|line| line.empty?}.join("\n")
+          reject { |line| line.empty? }.join("\n")
       end
 
       nil
@@ -106,46 +105,7 @@ module Nexpose
 
     def add_bc_to_ssl_cipher_list(source)
       result = source.to_s
-      result.gsub!(/\n(.*?)!(.*?)/){"\nbc. #{ $1 }!#{ $2 }\n"}
-      result
-    end
-
-    def cleanup_html(source)
-      result = source.to_s
-      result.gsub!(/<ContainerBlockElement>(.*?)<\/ContainerBlockElement>/m){|m| "#{ $1 }"}
-      result.gsub!(/<Paragraph preformat=\"true\">(\s*)<Paragraph preformat=\"true\">(.*?)<\/Paragraph>(\s*)<\/Paragraph>/mi) do
-        text = $2
-        text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
-      end
-      result.gsub!(/<Paragraph preformat=\"true\">(.*?)<\/Paragraph>/mi) do
-        text = $1
-        text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
-      end
-      result.gsub!(/<Paragraph>(.*?)<\/Paragraph>/m){|m| "#{ $1 }\n"}
-      result.gsub!(/<Paragraph>|<\/Paragraph>/, '')
-      result.gsub!(/<UnorderedList(.*?)>(.*?)<\/UnorderedList>/m){|m| "#{ $2 }"}
-      result.gsub!(/<OrderedList(.*?)>(.*?)<\/OrderedList>/m){|m| "#{ $2 }"}
-      result.gsub!(/<ListItem>|<\/ListItem>/, '')
-      result.gsub!(/          /, '')
-      result.gsub!(/   /, '')
-      result.gsub!(/\t\t/, '')
-      result.gsub!(/<URLLink(.*)LinkURL=\"(.*?)\"(.*?)>(.*?)<\/URLLink>/im) { "\"#{$4.strip}\":#{$2.strip} " }
-      result.gsub!(/<URLLink LinkTitle=\"(.*?)\"(.*?)LinkURL=\"(.*?)\"\/>/i) { "\"#{$1.strip}\":#{$3.strip} " }
-      result.gsub!(/<URLLink LinkURL=\"(.*?)\"(.*?)LinkTitle=\"(.*?)\"\/>/i) { "\"#{$3.strip}\":#{$1.strip} " }
-      result.gsub!(/&gt;/, '>')
-      result.gsub!(/&lt;/, '<')
-      result
-    end
-
-    def cleanup_nested(source)
-      result = source.to_s
-      result.gsub!(/<references>/, '')
-      result.gsub!(/<\/references>/, '')
-      result.gsub!(/<reference source=\"(.*?)\">(.*?)<\/reference>/i) {"#{$1.strip}: #{$2.strip}\n"}
-      result.gsub!(/<tags>/, '')
-      result.gsub!(/<\/tags>/, '')
-      result.gsub!(/<tag>(.*?)<\/tag>/) {"#{$1}\n"}
-      result.gsub!(/        /, '')
+      result.gsub!(/\n(.*?)!(.*?)/) { "\nbc. #{ $1 }!#{ $2 }\n" }
       result
     end
 
@@ -156,6 +116,5 @@ module Nexpose
     def tags_with_nested_content
       [:references, :tags]
     end
-
   end
 end

data/spec/fixtures/files/full.xml

@@ -11,6 +11,15 @@
       <fingerprints>
         <os certainty="0.80" family="IOS" product="IOS" vendor="Cisco" arch="x86_64"/>
       </fingerprints>
+      <software>
+        <fingerprint
+          certainty="1.00"
+          software-class="General"
+          vendor="Sun"
+          family="Java"
+          product="JRE"
+          version="1.6.0.22"/>
+      </software>
       <tests/>
       <endpoints>
         <endpoint port="123" protocol="udp" status="open">
@@ -118,11 +127,27 @@
         <ContainerBlockElement>
           <UnorderedList>
             <ListItem>
+              <Paragraph>Microsoft Windows</Paragraph>
               <Paragraph>
-                <Paragraph>You can remove inode information from the ETag header by adding the following directive to your Apache config:</Paragraph>
-                <Paragraph preformat="true">FileETag MTime Size</Paragraph>
+                <OrderedList>
+                  <ListItem>Open the Windows Control Panel.</ListItem>
+                  <ListItem>Select &quot;Administrative Tools&quot;.</ListItem>
+                  </OrderedList>
               </Paragraph>
             </ListItem>
+            <ListItem>
+              <Paragraph>Microsoft Windows</Paragraph>
+              <Paragraph>
+                <OrderedList>
+                  <ListItem>Open the &quot;Performance and Maintenance&quot; control panel.</ListItem>
+                  <ListItem>Select &quot;Administrative Tools&quot;.</ListItem>
+                  <ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
+            <ListItem>
+              <Paragraph>Microsoft Windows</Paragraph>
+              <Paragraph>
+                <OrderedList>
+                  <ListItem>Open the &quot;Administrative Tools&quot; control panel.</ListItem>
+                  <ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
             <ListItem>
               <Paragraph>OpenBSD</Paragraph>
               <Paragraph>Download and apply the patch from:

data/spec/fixtures/files/full_with_duplicate_node.xml

@@ -9,8 +9,11 @@
         <name>localhost:5000</name>
       </names>
       <fingerprints>
-        <os certainty="0.80" family="IOS" product="IOS" vendor="Cisco" arch="x86_64"/>
+        <os certainty="0.80" family="IOS" vendor="Cisco" arch="x86_64"/>
       </fingerprints>
+      <software>
+        <fingerprint certainty="1.00" vendor="Sun" family="Java"/>
+      </software>
       <tests/>
       <endpoints>
         <endpoint port="123" protocol="udp" status="open">

data/spec/fixtures/files/lists.xml

@@ -0,0 +1,26 @@
+<ContainerBlockElement>
+  <UnorderedList>
+    <ListItem>
+      <Paragraph>Microsoft Windows</Paragraph>
+      <Paragraph>
+        <OrderedList>
+          <ListItem>Open the Windows Control Panel.</ListItem>
+          <ListItem>Select &quot;Administrative Tools&quot;.</ListItem>
+          </OrderedList>
+      </Paragraph>
+    </ListItem>
+    <ListItem>
+      <Paragraph>Microsoft Windows</Paragraph>
+      <Paragraph>
+        <OrderedList>
+          <ListItem>Open the &quot;Performance and Maintenance&quot; control panel.</ListItem>
+          <ListItem>Select &quot;Administrative Tools&quot;.</ListItem>
+          <ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
+    <ListItem>
+      <Paragraph>Microsoft Windows</Paragraph>
+      <Paragraph>
+        <OrderedList>
+          <ListItem>Open the &quot;Administrative Tools&quot; control panel.</ListItem>
+          <ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
+  </UnorderedList>
+</ContainerBlockElement>

data/spec/nexpose_upload_spec.rb

@@ -0,0 +1,210 @@
+require 'rails_helper'
+require 'ostruct'
+
+describe 'Nexpose upload plugin' do
+  before do
+    @fixtures_dir = File.expand_path('../fixtures/files/', __FILE__)
+  end
+
+  describe 'Importer: Full with fingerprints elements' do
+    def apply_mapping(doc, field)
+      ms = Dradis::Plugins::MappingService.new(
+        integration: Dradis::Plugins::Nexpose
+      )
+      mapping_fields = [OpenStruct.new(
+        destination_field: 'Fingerprints',
+        content: "{{ nexpose[#{field}] }}"
+      )]
+
+      @result = ms.apply_mapping(
+        data: doc.at_xpath('//nodes/node'),
+        mapping_fields: mapping_fields,
+        source: 'full_node'
+      )
+    end
+
+    describe 'with fingerprints > OS elements' do
+      it 'uses the os product value' do
+        doc = Nokogiri::XML(File.read(@fixtures_dir + '/full.xml'))
+        apply_mapping(doc, 'node.fingerprints')
+
+        expect(@result).to include('IOS')
+      end
+
+      it 'defaults to n/a if there is no os product value' do
+        doc = Nokogiri::XML(File.read(@fixtures_dir + '/full_with_duplicate_node.xml'))
+        apply_mapping(doc, 'node.fingerprints')
+
+        expect(@result).to include('n/a')
+      end
+    end
+
+    describe 'with software > fingerprint elements' do
+      it 'uses the product value given software/fingerprints' do
+        doc = Nokogiri::XML(File.read(@fixtures_dir + '/full.xml'))
+        apply_mapping(doc, 'node.software')
+
+        expect(@result).to include('JRE')
+      end
+
+      it 'defaults to n/a if there is no os product value' do
+        doc = Nokogiri::XML(File.read(@fixtures_dir + '/full_with_duplicate_node.xml'))
+        apply_mapping(doc, 'node.software')
+
+        expect(@result).to include('n/a')
+      end
+    end
+
+    describe 'Importer: Full' do
+      it 'creates nodes, issues, notes and an evidences as needed' do
+        expect(@content_service).to receive(:create_node).with(hash_including label: 'Nexpose Scan Summary').once
+        expect(@content_service).to receive(:create_note) do |args|
+          expect(args[:text]).to include("#[Title]#\nUSDA_Internal (4)")
+          expect(args[:node].label).to eq('Nexpose Scan Summary')
+        end.once
+
+        expect(@content_service).to receive(:create_node) do |args|
+          expect(args[:label]).to eq('1.1.1.1')
+          expect(args[:type]).to eq(:host)
+          create(:node, args.except(:type))
+        end
+
+        expect(@content_service).to receive(:create_note) do |args|
+          expect(args[:text]).to include("#[Title]#\n1.1.1.1")
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.once
+
+        expect(@content_service).to receive(:create_note) do |args|
+          expect(args[:text]).to include("#[Title]#\nService name: NTP")
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.once
+
+        expect(@content_service).to receive(:create_note) do |args|
+          expect(args[:text]).to include("#[Title]#\nService name: SNMP")
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.once
+
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Title]#\nApache HTTPD: error responses can expose cookies (CVE-2012-0053)")
+          expect(args[:id]).to eq('ntp-clock-variables-disclosure')
+          OpenStruct.new(args)
+        end.once
+
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Title]#\nApache HTTPD: ETag Inode Information Leakage (CVE-2003-1418)")
+          expect(args[:id]).to eq('test-02')
+          OpenStruct.new(args)
+        end.once
+
+        expect(@content_service).to receive(:create_evidence) do |args|
+          expect(args[:content]).to include("#[ID]#\nntp-clock-variables-disclosure\n\n")
+          expect(args[:issue].id).to eq('ntp-clock-variables-disclosure')
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.once
+
+        expect(@content_service).to receive(:create_evidence) do |args|
+          expect(args[:content]).to include("#[ID]#\ntest-02\n\n")
+          expect(args[:issue].id).to eq('test-02')
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.once
+
+        @importer.import(file: @fixtures_dir + '/full.xml')
+
+        expect(Node.find_by(label: '1.1.1.1').properties[:os]).to eq('IOS')
+      end
+
+      it 'wraps ciphers inside ssl issues in code blocks' do
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include('bc. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256')
+          OpenStruct.new(args)
+        end.once
+
+        @importer.import(file: @fixtures_dir + '/ssl.xml')
+      end
+
+      # Regression test for github.com/dradis/dradis-nexpose/issues/1
+      it 'populates solutions regardless of if they are wrapped in paragraphs or lists' do
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Solution]#\n\nApache HTTPD >= 2.0 and < 2.0.65")
+          OpenStruct.new(args)
+        end.once
+
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Solution]#\n")
+          expect(args[:text]).to include('You can remove inode information from the ETag header')
+          OpenStruct.new(args)
+        end.once
+
+        @importer.import(file: @fixtures_dir + '/full.xml')
+      end
+
+      it 'populates tests regardless of if they contain paragraphs or containerblockelements' do
+        expect(@content_service).to receive(:create_evidence) do |args|
+          expect(args[:content]).to include("#[Content]#\nThe following NTP variables")
+          OpenStruct.new(args)
+        end.once
+
+        expect(@content_service).to receive(:create_evidence) do |args|
+          expect(args[:content]).to include("#[Content]#\nVulnerable URL:")
+          OpenStruct.new(args)
+        end.once
+
+        @importer.import(file: @fixtures_dir + '/full.xml')
+      end
+
+      it 'transforms html entities (&lt; and &gt;)' do
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Solution]#\n\nApache HTTPD >= 2.0 and < 2.0.65")
+          OpenStruct.new(args)
+        end
+
+        @importer.import(file: @fixtures_dir + '/full.xml')
+      end
+
+      it 'formats the list to textile lists' do
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include("#[Title]#\nApache HTTPD: error responses can expose cookies (CVE-2012-0053)")
+          OpenStruct.new(args)
+        end.once
+
+        expect(@content_service).to receive(:create_issue) do |args|
+          expect(args[:text]).to include('* Microsoft Windows')
+          expect(args[:text]).to include('## Open the Windows Control Panel.')
+          expect(args[:text]).to include('## Select "Administrative Tools".')
+          OpenStruct.new(args)
+        end.once
+
+        @importer.import(file: @fixtures_dir + '/full.xml')
+      end
+    end
+
+    describe 'Importer: Full with duplicate nodes' do
+      it 'creates evidence for each instance of the node' do
+        expect(@content_service).to receive(:create_node).with(hash_including label: 'Nexpose Scan Summary').once
+        expect(@content_service).to receive(:create_node) do |args|
+          expect(args[:label]).to eq('1.1.1.1')
+          expect(args[:type]).to eq(:host)
+          create(:node, args.except(:type))
+        end
+
+        expect(@content_service).to receive(:create_evidence) do |args|
+          expect(args[:content]).to include("#[ID]#\nntp-clock-variables-disclosure\n\n")
+          expect(args[:issue].id).to eq('ntp-clock-variables-disclosure')
+          expect(args[:node].label).to eq('1.1.1.1')
+        end.twice
+
+        @importer.import(file: @fixtures_dir + '/full_with_duplicate_node.xml')
+      end
+    end
+  end
+
+  it 'parses the fingerprints field' do
+    doc = Nokogiri::XML(File.read(@fixtures_dir + '/full.xml'))
+
+    ts = Dradis::Plugins::TemplateService.new(plugin: Dradis::Plugins::Nexpose)
+    ts.set_template(template: 'full_node', content: "#[Fingerprints]#\n%node.fingerprints%\n")
+    result = ts.process_template(data: doc.at_xpath('//nodes/node'), template: 'full_node')
+
+    expect(result).to include('IOS')
+  end
+end

data/spec/xml_formatter_spec.rb

@@ -0,0 +1,23 @@
+# Run the spec by running the command: rspec spec/xml_formatter_spec.rb"
+
+require 'spec_helper'
+
+describe Dradis::Plugins::Nexpose::XmlFormatter do
+  let(:source) { File.read(File.expand_path('../fixtures/files/lists.xml', __FILE__)) }
+
+  it 'parses the <UnorderedList> and <OrderedList> elements' do
+    xml = Nokogiri::XML(source).at_xpath('./ContainerBlockElement')
+    expect(Dradis::Plugins::Nexpose::XmlFormatter.new.format_html_content(xml)).to eq(
+      "* Microsoft Windows\n"\
+      "## Open the Windows Control Panel.\n"\
+      "## Select \"Administrative Tools\".\n"\
+      "* Microsoft Windows\n"\
+      "## Open the \"Performance and Maintenance\" control panel.\n"\
+      "## Select \"Administrative Tools\".\n"\
+      "## Restart the system for the changes to take effect.\n"\
+      "* Microsoft Windows\n"\
+      "## Open the \"Administrative Tools\" control panel.\n"\
+      '## Restart the system for the changes to take effect.'
+    )
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-nexpose
 version: !ruby/object:Gem::Version
-  version: 4.14.0
+  version: 4.16.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-21 00:00:00.000000000 Z
+date: 2025-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -122,6 +122,7 @@ files:
 - lib/dradis/plugins/nexpose/mapping.rb
 - lib/dradis/plugins/nexpose/simple/importer.rb
 - lib/dradis/plugins/nexpose/version.rb
+- lib/dradis/plugins/nexpose/xml_formatter.rb
 - lib/nexpose/endpoint.rb
 - lib/nexpose/node.rb
 - lib/nexpose/scan.rb
@@ -131,11 +132,14 @@ files:
 - lib/tasks/thorfile.rb
 - spec/fixtures/files/full.xml
 - spec/fixtures/files/full_with_duplicate_node.xml
+- spec/fixtures/files/lists.xml
 - spec/fixtures/files/simple.xml
 - spec/fixtures/files/ssl.xml
 - spec/nexpose/full/importer_spec.rb
 - spec/nexpose/simple/importer_spec.rb
+- spec/nexpose_upload_spec.rb
 - spec/spec_helper.rb
+- spec/xml_formatter_spec.rb
 - templates/full_evidence.sample
 - templates/full_node.sample
 - templates/full_scan.sample
@@ -168,8 +172,11 @@ summary: Nexpose add-on for the Dradis Framework.
 test_files:
 - spec/fixtures/files/full.xml
 - spec/fixtures/files/full_with_duplicate_node.xml
+- spec/fixtures/files/lists.xml
 - spec/fixtures/files/simple.xml
 - spec/fixtures/files/ssl.xml
 - spec/nexpose/full/importer_spec.rb
 - spec/nexpose/simple/importer_spec.rb
+- spec/nexpose_upload_spec.rb
 - spec/spec_helper.rb
+- spec/xml_formatter_spec.rb