RubyGems - dradis-nikto - Versions diffs - 4.10.0 → 4.12.0 - Mend

dradis-nikto 4.10.0 → 4.12.0

Files changed (17) hide show

checksums.yaml +4 -4
data/.github/pull_request_template.md +12 -3
data/CHANGELOG.md +7 -0
data/README.md +3 -4
data/lib/dradis/plugins/nikto/gem_version.rb +1 -1
data/lib/dradis/plugins/nikto/importer.rb +4 -4
data/lib/dradis/plugins/nikto/mapping.rb +61 -0
data/lib/dradis/plugins/nikto.rb +1 -0
metadata +7 -14
data/templates/evidence.fields +0 -4
data/templates/evidence.template +0 -6
data/templates/item.fields +0 -9
data/templates/item.template +0 -8
data/templates/scan.fields +0 -11
data/templates/scan.template +0 -14
data/templates/ssl.fields +0 -3
data/templates/ssl.template +0 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 70beb907fab76800751b1b08a1220f9d3348ad9d48b0398f57c0726f681585e8
-  data.tar.gz: a552ff17d859140557f50456ec235979eac2b6eda90ab812781d92b4f928a6cd
+  metadata.gz: 717a9a1c0a9082a70bdfdb2403d91b032c02f3866e139735ac7f23faca939d6a
+  data.tar.gz: 5c1d73b43b8a241b815c05a6c340ba4d60dd5b4caaf80ee6a040ffb0365e77b8
 SHA512:
-  metadata.gz: b1211f020f9e6eaf6face8d66f8cc2603e0b73eb0425eda9a4a4259f9c4197c92bb7eff3b9bfddeced5032381421c056b380d76f07890c2294be8cb5c7b41891
-  data.tar.gz: ed104fa0ce5f771e97c87bff3c112630a43dd52d6e8519557be5bcdd75ba98e8cff4585a65686ef3897198484e53c2c0529429964446a4d26fa9f3b3deb36073
+  metadata.gz: e6ae40c425e8525a7e11e7fec4b4ff3ddaf76a21cfc7a9750337993a2dd95ed7e2bb46e648127ccdee2a5f1aa10de554255ad16d7d41bce14352a62569ae663d
+  data.tar.gz: f984cb609b199262907a46943c2d3c2c6648e79155c14a1ad349ace727bb7412a007bcc788fac9d3e6b96a33b3a41e75acf80aa1b4e69c3d215fd24ae2d3b762

data/.github/pull_request_template.md CHANGED Viewed

@@ -1,3 +1,5 @@
+Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
 ### Summary
 Provide a general description of the code changes in your pull
@@ -6,6 +8,11 @@ these bugs have open GitHub issues, be sure to tag them here as well,
 to keep the conversation linked together.
+### Testing Steps
+Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
 ### Other Information
 If there's anything else that's important and relevant to your pull
@@ -26,11 +33,13 @@ products, we must have the copyright associated with the entire
 codebase. Any code you create which is merged must be owned by us.
 That's not us trying to be a jerks, that's just the way it works.
-Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
-file for the details.
 You can delete this section, but the following sentence needs to
 remain in the PR's description:
 > I assign all rights, including copyright, to any future Dradis
 > work by myself to Security Roots.
+### Check List
+- [ ] Added a CHANGELOG entry
+- [ ] Added specs

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,10 @@
+v4.12.0 (May 2024)
+ - Migrate integration to use Mappings Manager
+ - Update Dradis links in README
+v4.11.0 (January 2024)
+  - No changes
 v4.10.0 (September 2023)
   - Update gemspec links

data/README.md CHANGED Viewed

@@ -4,17 +4,16 @@
 Upload Nikto files into Dradis.
-The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 ## More information
-See the Dradis Framework's [README.md](https://github.com/dradis/dradisframework/blob/master/README.md)
+See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
 ## Contributing
-See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisframework/blob/master/CONTRIBUTING.md)
+See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
 ## License

data/lib/dradis/plugins/nikto/gem_version.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Dradis
       module VERSION
         MAJOR = 4
-        MINOR = 10
+        MINOR = 12
         TINY = 0
         PRE = nil

data/lib/dradis/plugins/nikto/importer.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module Dradis::Plugins::Nikto
         # Scan details
         logger.info{ 'Adding ' + host_label }
         host_node = content_service.create_node(label: host_label, type: :host)
-        scan_text = template_service.process_template(template: 'scan', data: xml_scan)
+        scan_text = mapping_service.apply_mapping(source: 'scan', data: xml_scan)
         content_service.create_note(
           text: scan_text,
           node: host_node)
@@ -55,7 +55,7 @@ module Dradis::Plugins::Nikto
         # Check for SSL cert tag and add that data in as well
         unless xml_scan.at_xpath("ssl").nil?
           xml_ssl = xml_scan.at_xpath("ssl")
-          ssl_text = template_service.process_template(template: 'ssl', data: xml_ssl)
+          ssl_text = mapping_service.apply_mapping(source: 'ssl', data: xml_ssl)
           content_service.create_note(
             text: ssl_text,
             node: host_node)
@@ -64,12 +64,12 @@ module Dradis::Plugins::Nikto
         # Items
         xml_scan.xpath("item").each do |xml_item|
           plugin_id = xml_item.has_attribute?("id") ? xml_item["id"] : "Unknown"
-          item_text = template_service.process_template(template: 'item', data: xml_item)
+          item_text = mapping_service.apply_mapping(source: 'item', data: xml_item)
           logger.info{ 'Creating Issue ID' + plugin_id }
           issue = content_service.create_issue(text: item_text, id: plugin_id)
           logger.info{ "\t\t => Creating new evidence" }
-          evidence_content = template_service.process_template(template: 'evidence', data: xml_item)
+          evidence_content = mapping_service.apply_mapping(source: 'evidence', data: xml_item)
           content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
         end
       end

data/lib/dradis/plugins/nikto/mapping.rb ADDED Viewed

@@ -0,0 +1,61 @@
+module Dradis::Plugins::Nikto
+  module Mapping
+    DEFAULT_MAPPING = {
+      evidence: {
+        'Request' => 'Request Method: {{ nikto[item.request_method] }}',
+        'Links' => "Link: {{ nikto[item.namelink] }}\nIP Based Link: {{ nikto[item.iplink] }}"
+      },
+      item: {
+        'Title' => '{{ nikto[item.description] }}',
+        'Details' => '{{ nikto[item.description] }}',
+        'References' => '{{ nikto[item.references] }}'
+      },
+      scan: {
+        'Title' => 'Nikto upload: {{ nikto[scan.filename] }}',
+        'Details' => "IP: {{ nikto[scan.targetip] }}\nHostname: {{ nikto[scan.targethostname] }}\nPort: {{ nikto[scan.targetport] }}\nBanner: {{ nikto[scan.targetbanner] }}\nStarttime: {{ nikto[scan.starttime] }}\nSite Name: {{ nikto[scan.sitename] }}\nSite IP: {{ nikto[scan.siteip] }}\nHost Header: {{ nikto[scan.hostheader] }}\nErrors: {{ nikto[scan.errors] }}\nTotal Checks: {{ nikto[scan.checks] }}"
+      },
+      ssl: {
+        'Title' => 'SSL Cert Information',
+        'Details' => "Ciphers: {{ nikto[ssl.ciphers] }}\nIssuers: {{ nikto[ssl.issuers] }}\nInfo: {{ nikto[ssl.info] }}"
+      }
+    }.freeze
+    SOURCE_FIELDS = {
+      evidence: [
+        'item.request_method',
+        'item.uri',
+        'item.namelink',
+        'item.iplink'
+      ],
+      item: [
+        'item.description',
+        'item.id',
+        'item.iplink',
+        'item.namelink',
+        'item.osvdbid',
+        'item.osvdblink',
+        'item.references',
+        'item.request_method',
+        'item.uri'
+      ],
+      scan: [
+        'scan.filename',
+        'scan.targetip',
+        'scan.targethostname',
+        'scan.targetport',
+        'scan.targetbanner',
+        'scan.starttime',
+        'scan.sitename',
+        'scan.siteip',
+        'scan.hostheader',
+        'scan.errors',
+        'scan.checks'
+      ],
+      ssl: [
+        'ssl.ciphers',
+        'ssl.issuers',
+        'ssl.info'
+      ]
+    }.freeze
+  end
+end

data/lib/dradis/plugins/nikto.rb CHANGED Viewed

@@ -7,5 +7,6 @@ end
 require 'dradis/plugins/nikto/engine'
 require 'dradis/plugins/nikto/field_processor'
+require 'dradis/plugins/nikto/mapping'
 require 'dradis/plugins/nikto/importer'
 require 'dradis/plugins/nikto/version'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-nikto
 version: !ruby/object:Gem::Version
-  version: 4.10.0
+  version: 4.12.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-07 00:00:00.000000000 Z
+date: 2024-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -96,7 +96,7 @@ dependencies:
         version: 0.5.2
 description: This add-on allows you to upload and parse output produced from Nikto
   web server scanner into Dradis.
-email:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -119,6 +119,7 @@ files:
 - lib/dradis/plugins/nikto/field_processor.rb
 - lib/dradis/plugins/nikto/gem_version.rb
 - lib/dradis/plugins/nikto/importer.rb
+- lib/dradis/plugins/nikto/mapping.rb
 - lib/dradis/plugins/nikto/version.rb
 - lib/nikto/item.rb
 - lib/nikto/scan.rb
@@ -129,23 +130,15 @@ files:
 - spec/spec_helper.rb
 - spec/upload_v2.1.4_spec.rb
 - spec/upload_v2.5.0_spec.rb
-- templates/evidence.fields
 - templates/evidence.sample
-- templates/evidence.template
-- templates/item.fields
 - templates/item.sample
-- templates/item.template
-- templates/scan.fields
 - templates/scan.sample
-- templates/scan.template
-- templates/ssl.fields
 - templates/ssl.sample
-- templates/ssl.template
 homepage: https://dradis.com/integrations/nikto.html
 licenses:
 - GPL-2
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -161,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.4
-signing_key:
+signing_key:
 specification_version: 4
 summary: Nikto add-on for the Dradis Framework.
 test_files:

data/templates/evidence.fields DELETED Viewed

@@ -1,4 +0,0 @@
-item.request_method
-item.uri
-item.namelink
-item.iplink

data/templates/evidence.template DELETED Viewed

@@ -1,6 +0,0 @@
-#[Request]#
-Request Method: %item.request_method%
-#[Links]#
-Link: %item.namelink%
-IP Based Link: %item.iplink%

data/templates/item.fields DELETED Viewed

@@ -1,9 +0,0 @@
-item.description
-item.id
-item.iplink
-item.namelink
-item.osvdbid
-item.osvdblink
-item.references
-item.request_method
-item.uri

data/templates/item.template DELETED Viewed

@@ -1,8 +0,0 @@
-#[Title]#
-%item.description%
-#[Details]#
-%item.description%
-#[References]#
-%item.references%

data/templates/scan.fields DELETED Viewed

@@ -1,11 +0,0 @@
-scan.filename
-scan.targetip
-scan.targethostname
-scan.targetport
-scan.targetbanner
-scan.starttime
-scan.sitename
-scan.siteip
-scan.hostheader
-scan.errors
-scan.checks

data/templates/scan.template DELETED Viewed

@@ -1,14 +0,0 @@
-#[Title]#
-Nikto upload: %scan.filename%
-#[Details]#
-IP: %scan.targetip%
-Hostname: %scan.targethostname%
-Port: %scan.targetport%
-Banner: %scan.targetbanner%
-Starttime: %scan.starttime%
-Site Name: %scan.sitename%
-Site IP: %scan.siteip%
-Host Header: %scan.hostheader%
-Errors: %scan.errors%
-Total Checks: %scan.checks%

data/templates/ssl.fields DELETED Viewed

@@ -1,3 +0,0 @@
-ssl.ciphers
-ssl.issuers
-ssl.info

data/templates/ssl.template DELETED Viewed

@@ -1,7 +0,0 @@
-#[Title]#
-SSL Cert Information
-#[Details]#
-Ciphers: %ssl.ciphers%
-Issuers: %ssl.issuers%
-Info: %ssl.info%