dradis-nipper 4.11.0 → 4.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +1 -2
- data/lib/dradis/plugins/nipper/gem_version.rb +1 -1
- data/lib/dradis/plugins/nipper/importer.rb +2 -2
- data/lib/dradis/plugins/nipper/mapping.rb +50 -0
- data/lib/dradis/plugins/nipper.rb +1 -0
- metadata +4 -7
- data/templates/evidence.fields +0 -3
- data/templates/evidence.template +0 -8
- data/templates/issue.fields +0 -15
- data/templates/issue.template +0 -35
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3f8377871f64d9ed5b124dfae754181bd176235c414d29646e8bb08c6b7eb7ea
|
|
4
|
+
data.tar.gz: 215f41bb92b6f369eb9ebefba2ff0af8bb78dda2404558db71babb818aa05860
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 869085b2efc2c60ea8223434e60c72fa7a7a66f84f2f3aff3775a848c5ffe4a71a6e37deff7ea5050e338c9ba489a58f5e05bcdee25c953cc732f0d46e00d768
|
|
7
|
+
data.tar.gz: 709dc9d2ca85726bb7965e1596274bc692d1bbd554bffa2883c4de78d94407467e010aeb4f5f266f0d9030038c59caa12fb24cccbfe71f0ef164ab51a86c4eb9
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
This add-on will enable the user to upload Nipper output files in the XML format (.xml) to create a structure of Dradis nodes, issues, and evidences that contain the same information about the hosts and vulnerabilities in the original file.
|
|
4
4
|
|
|
5
|
-
The add-on requires Dradis 3.0 or
|
|
6
|
-
|
|
5
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
|
7
6
|
|
|
8
7
|
## More information
|
|
9
8
|
|
|
@@ -48,7 +48,7 @@ module Dradis::Plugins::Nipper
|
|
|
48
48
|
def process_evidence(xml_evidence, issue)
|
|
49
49
|
logger.info { 'Creating evidence...' }
|
|
50
50
|
|
|
51
|
-
evidence_text =
|
|
51
|
+
evidence_text = mapping_service.apply_mapping(source: 'evidence', data: xml_evidence)
|
|
52
52
|
content_service.create_evidence(issue: issue, node: @host_node, content: evidence_text)
|
|
53
53
|
end
|
|
54
54
|
|
|
@@ -57,7 +57,7 @@ module Dradis::Plugins::Nipper
|
|
|
57
57
|
|
|
58
58
|
logger.info { "Creating issue: #{plugin_id}" }
|
|
59
59
|
|
|
60
|
-
issue_text =
|
|
60
|
+
issue_text = mapping_service.apply_mapping(source: 'issue', data: xml_issue)
|
|
61
61
|
issue = content_service.create_issue(text: issue_text, id: plugin_id)
|
|
62
62
|
|
|
63
63
|
xml_evidence = xml_issue.at_xpath('./issuedetails/devices')
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
module Dradis::Plugins::Nipper
|
|
2
|
+
module Mapping
|
|
3
|
+
DEFAULT_MAPPING = {
|
|
4
|
+
evidence: {
|
|
5
|
+
'DeviceName' => '{{ nipper[evidence.device_name] }}',
|
|
6
|
+
'DeviceType' => '{{ nipper[evidence.device_type] }}',
|
|
7
|
+
'OS' => '{{ nipper[evidence.device_osversion] }}'
|
|
8
|
+
},
|
|
9
|
+
issue: {
|
|
10
|
+
'Title' => '{{ nipper[issue.title] }}',
|
|
11
|
+
'CVSSv2.Base' => '{{ nipper[issue.cvss_base] }}',
|
|
12
|
+
'CVSSv2.Temporal' => '{{ nipper[issue.cvss_temporal] }}',
|
|
13
|
+
'CVSSv2.Environmental' => '{{ nipper[issue.cvss_environmental] }}',
|
|
14
|
+
'Finding' => '{{ nipper[issue.finding] }}',
|
|
15
|
+
'Impact' => '{{ nipper[issue.impact] }}',
|
|
16
|
+
'Ease' => '{{ nipper[issue.ease] }}',
|
|
17
|
+
'Nipperv1.Ease' => '{{ nipper[issue.nipperv1_ease] }}',
|
|
18
|
+
'Nipperv1.Fix' => '{{ nipper[issue.nipperv1_fix] }}',
|
|
19
|
+
'Nipperv1.Impact' => '{{ nipper[issue.nipperv1_impact] }}',
|
|
20
|
+
'Nipperv1.Rating' => '{{ nipper[issue.nipperv1_rating] }}',
|
|
21
|
+
'Recommendation' => '{{ nipper[issue.recommendation] }}'
|
|
22
|
+
}
|
|
23
|
+
}.freeze
|
|
24
|
+
|
|
25
|
+
SOURCE_FIELDS = {
|
|
26
|
+
evidence: [
|
|
27
|
+
'evidence.device_name',
|
|
28
|
+
'evidence.device_type',
|
|
29
|
+
'evidence.device_osversion'
|
|
30
|
+
],
|
|
31
|
+
issue: [
|
|
32
|
+
'issue.title',
|
|
33
|
+
'issue.cvss_base',
|
|
34
|
+
'issue.cvss_base_vector',
|
|
35
|
+
'issue.cvss_temporal',
|
|
36
|
+
'issue.cvss_temporal_vector',
|
|
37
|
+
'issue.cvss_environmental',
|
|
38
|
+
'issue.cvss_environmental_vector',
|
|
39
|
+
'issue.finding',
|
|
40
|
+
'issue.impact',
|
|
41
|
+
'issue.ease',
|
|
42
|
+
'issue.nipperv1_ease',
|
|
43
|
+
'issue.nipperv1_fix',
|
|
44
|
+
'issue.nipperv1_impact',
|
|
45
|
+
'issue.nipperv1_rating',
|
|
46
|
+
'issue.recommendation'
|
|
47
|
+
]
|
|
48
|
+
}.freeze
|
|
49
|
+
end
|
|
50
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-nipper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dradis Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-05-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -102,6 +102,7 @@ files:
|
|
|
102
102
|
- lib/dradis/plugins/nipper/field_processor.rb
|
|
103
103
|
- lib/dradis/plugins/nipper/gem_version.rb
|
|
104
104
|
- lib/dradis/plugins/nipper/importer.rb
|
|
105
|
+
- lib/dradis/plugins/nipper/mapping.rb
|
|
105
106
|
- lib/dradis/plugins/nipper/version.rb
|
|
106
107
|
- lib/nipper/evidence.rb
|
|
107
108
|
- lib/nipper/issue.rb
|
|
@@ -112,12 +113,8 @@ files:
|
|
|
112
113
|
- spec/spec_helper.rb
|
|
113
114
|
- spec/upload_v2.5_spec.rb
|
|
114
115
|
- spec/upload_v2.8_spec.rb
|
|
115
|
-
- templates/evidence.fields
|
|
116
116
|
- templates/evidence.sample
|
|
117
|
-
- templates/evidence.template
|
|
118
|
-
- templates/issue.fields
|
|
119
117
|
- templates/issue.sample
|
|
120
|
-
- templates/issue.template
|
|
121
118
|
homepage: https://dradis.com/integrations/nipper.html
|
|
122
119
|
licenses:
|
|
123
120
|
- Commercial - Dradis Pro
|
|
@@ -137,7 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
137
134
|
- !ruby/object:Gem::Version
|
|
138
135
|
version: '0'
|
|
139
136
|
requirements: []
|
|
140
|
-
rubygems_version: 3.
|
|
137
|
+
rubygems_version: 3.1.4
|
|
141
138
|
signing_key:
|
|
142
139
|
specification_version: 4
|
|
143
140
|
summary: Nipper upload add-on for Dradis Framework.
|
data/templates/evidence.fields
DELETED
data/templates/evidence.template
DELETED
data/templates/issue.fields
DELETED
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
issue.title
|
|
2
|
-
issue.cvss_base
|
|
3
|
-
issue.cvss_base_vector
|
|
4
|
-
issue.cvss_temporal
|
|
5
|
-
issue.cvss_temporal_vector
|
|
6
|
-
issue.cvss_environmental
|
|
7
|
-
issue.cvss_environmental_vector
|
|
8
|
-
issue.finding
|
|
9
|
-
issue.impact
|
|
10
|
-
issue.ease
|
|
11
|
-
issue.nipperv1_ease
|
|
12
|
-
issue.nipperv1_fix
|
|
13
|
-
issue.nipperv1_impact
|
|
14
|
-
issue.nipperv1_rating
|
|
15
|
-
issue.recommendation
|
data/templates/issue.template
DELETED
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
#[Title]#
|
|
2
|
-
%issue.title%
|
|
3
|
-
|
|
4
|
-
#[CVSSv2.Base]#
|
|
5
|
-
%issue.cvss_base%
|
|
6
|
-
|
|
7
|
-
#[CVSSv2.Temporal]#
|
|
8
|
-
%issue.cvss_temporal%
|
|
9
|
-
|
|
10
|
-
#[CVSSv2.Environmental]#
|
|
11
|
-
%issue.cvss_environmental%
|
|
12
|
-
|
|
13
|
-
#[Finding]#
|
|
14
|
-
%issue.finding%
|
|
15
|
-
|
|
16
|
-
#[Impact]#
|
|
17
|
-
%issue.impact%
|
|
18
|
-
|
|
19
|
-
#[Ease]#
|
|
20
|
-
%issue.ease%
|
|
21
|
-
|
|
22
|
-
#[Nipperv1.Ease]#
|
|
23
|
-
%issue.nipperv1_ease%
|
|
24
|
-
|
|
25
|
-
#[Nipperv1.Fix]#
|
|
26
|
-
%issue.nipperv1_fix%
|
|
27
|
-
|
|
28
|
-
#[Nipperv1.Impact]#
|
|
29
|
-
%issue.nipperv1_impact%
|
|
30
|
-
|
|
31
|
-
#[Nipperv1.Rating]#
|
|
32
|
-
%issue.nipperv1_rating%
|
|
33
|
-
|
|
34
|
-
#[Recommendation]#
|
|
35
|
-
%issue.recommendation%
|