dradis-nipper 4.11.0 → 4.12.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 16ef647ad8f558674efebcbc85627cfc7dacfc7323f98df621e4fbb9bc0a8b6c
4
- data.tar.gz: df6120e64a738ee18768e99504e035b77eebb9fa46705c5465b784a00dc80895
3
+ metadata.gz: 3f8377871f64d9ed5b124dfae754181bd176235c414d29646e8bb08c6b7eb7ea
4
+ data.tar.gz: 215f41bb92b6f369eb9ebefba2ff0af8bb78dda2404558db71babb818aa05860
5
5
  SHA512:
6
- metadata.gz: 4962c11ace5223819caef50802741a255e840334f6cd06650ee9c02839cd9d9dbe61a16e3a122e15014a9d644de2199760e070ae0f862ca8569aeeead6610565
7
- data.tar.gz: 359e4b710488f5c3c59bd3eb40a4370b402e3f9e5229ddce95a9ba5c8cbf286ec4fd3b461b4e2455cb0d9f6d86a426dc8e2ba4d3daadacf88f59d257809b53b0
6
+ metadata.gz: 869085b2efc2c60ea8223434e60c72fa7a7a66f84f2f3aff3775a848c5ffe4a71a6e37deff7ea5050e338c9ba489a58f5e05bcdee25c953cc732f0d46e00d768
7
+ data.tar.gz: 709dc9d2ca85726bb7965e1596274bc692d1bbd554bffa2883c4de78d94407467e010aeb4f5f266f0d9030038c59caa12fb24cccbfe71f0ef164ab51a86c4eb9
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ v4.12.0 (May 2024)
2
+ - Migrate integration to use Mappings Manager
3
+ - Update Dradis links in README
4
+
1
5
  v4.11.0 (January 2024)
2
6
  - No changes
3
7
 
data/README.md CHANGED
@@ -2,8 +2,7 @@
2
2
 
3
3
  This add-on will enable the user to upload Nipper output files in the XML format (.xml) to create a structure of Dradis nodes, issues, and evidences that contain the same information about the hosts and vulnerabilities in the original file.
4
4
 
5
- The add-on requires Dradis 3.0 or higher.
6
-
5
+ The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
7
6
 
8
7
  ## More information
9
8
 
@@ -7,7 +7,7 @@ module Dradis
7
7
 
8
8
  module VERSION
9
9
  MAJOR = 4
10
- MINOR = 11
10
+ MINOR = 12
11
11
  TINY = 0
12
12
  PRE = nil
13
13
 
@@ -48,7 +48,7 @@ module Dradis::Plugins::Nipper
48
48
  def process_evidence(xml_evidence, issue)
49
49
  logger.info { 'Creating evidence...' }
50
50
 
51
- evidence_text = template_service.process_template(template: 'evidence', data: xml_evidence)
51
+ evidence_text = mapping_service.apply_mapping(source: 'evidence', data: xml_evidence)
52
52
  content_service.create_evidence(issue: issue, node: @host_node, content: evidence_text)
53
53
  end
54
54
 
@@ -57,7 +57,7 @@ module Dradis::Plugins::Nipper
57
57
 
58
58
  logger.info { "Creating issue: #{plugin_id}" }
59
59
 
60
- issue_text = template_service.process_template(template: 'issue', data: xml_issue)
60
+ issue_text = mapping_service.apply_mapping(source: 'issue', data: xml_issue)
61
61
  issue = content_service.create_issue(text: issue_text, id: plugin_id)
62
62
 
63
63
  xml_evidence = xml_issue.at_xpath('./issuedetails/devices')
@@ -0,0 +1,50 @@
1
+ module Dradis::Plugins::Nipper
2
+ module Mapping
3
+ DEFAULT_MAPPING = {
4
+ evidence: {
5
+ 'DeviceName' => '{{ nipper[evidence.device_name] }}',
6
+ 'DeviceType' => '{{ nipper[evidence.device_type] }}',
7
+ 'OS' => '{{ nipper[evidence.device_osversion] }}'
8
+ },
9
+ issue: {
10
+ 'Title' => '{{ nipper[issue.title] }}',
11
+ 'CVSSv2.Base' => '{{ nipper[issue.cvss_base] }}',
12
+ 'CVSSv2.Temporal' => '{{ nipper[issue.cvss_temporal] }}',
13
+ 'CVSSv2.Environmental' => '{{ nipper[issue.cvss_environmental] }}',
14
+ 'Finding' => '{{ nipper[issue.finding] }}',
15
+ 'Impact' => '{{ nipper[issue.impact] }}',
16
+ 'Ease' => '{{ nipper[issue.ease] }}',
17
+ 'Nipperv1.Ease' => '{{ nipper[issue.nipperv1_ease] }}',
18
+ 'Nipperv1.Fix' => '{{ nipper[issue.nipperv1_fix] }}',
19
+ 'Nipperv1.Impact' => '{{ nipper[issue.nipperv1_impact] }}',
20
+ 'Nipperv1.Rating' => '{{ nipper[issue.nipperv1_rating] }}',
21
+ 'Recommendation' => '{{ nipper[issue.recommendation] }}'
22
+ }
23
+ }.freeze
24
+
25
+ SOURCE_FIELDS = {
26
+ evidence: [
27
+ 'evidence.device_name',
28
+ 'evidence.device_type',
29
+ 'evidence.device_osversion'
30
+ ],
31
+ issue: [
32
+ 'issue.title',
33
+ 'issue.cvss_base',
34
+ 'issue.cvss_base_vector',
35
+ 'issue.cvss_temporal',
36
+ 'issue.cvss_temporal_vector',
37
+ 'issue.cvss_environmental',
38
+ 'issue.cvss_environmental_vector',
39
+ 'issue.finding',
40
+ 'issue.impact',
41
+ 'issue.ease',
42
+ 'issue.nipperv1_ease',
43
+ 'issue.nipperv1_fix',
44
+ 'issue.nipperv1_impact',
45
+ 'issue.nipperv1_rating',
46
+ 'issue.recommendation'
47
+ ]
48
+ }.freeze
49
+ end
50
+ end
@@ -7,5 +7,6 @@ end
7
7
 
8
8
  require 'dradis/plugins/nipper/engine'
9
9
  require 'dradis/plugins/nipper/field_processor'
10
+ require 'dradis/plugins/nipper/mapping'
10
11
  require 'dradis/plugins/nipper/importer'
11
12
  require 'dradis/plugins/nipper/version'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-nipper
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.11.0
4
+ version: 4.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dradis Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-17 00:00:00.000000000 Z
11
+ date: 2024-05-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins
@@ -102,6 +102,7 @@ files:
102
102
  - lib/dradis/plugins/nipper/field_processor.rb
103
103
  - lib/dradis/plugins/nipper/gem_version.rb
104
104
  - lib/dradis/plugins/nipper/importer.rb
105
+ - lib/dradis/plugins/nipper/mapping.rb
105
106
  - lib/dradis/plugins/nipper/version.rb
106
107
  - lib/nipper/evidence.rb
107
108
  - lib/nipper/issue.rb
@@ -112,12 +113,8 @@ files:
112
113
  - spec/spec_helper.rb
113
114
  - spec/upload_v2.5_spec.rb
114
115
  - spec/upload_v2.8_spec.rb
115
- - templates/evidence.fields
116
116
  - templates/evidence.sample
117
- - templates/evidence.template
118
- - templates/issue.fields
119
117
  - templates/issue.sample
120
- - templates/issue.template
121
118
  homepage: https://dradis.com/integrations/nipper.html
122
119
  licenses:
123
120
  - Commercial - Dradis Pro
@@ -137,7 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
137
134
  - !ruby/object:Gem::Version
138
135
  version: '0'
139
136
  requirements: []
140
- rubygems_version: 3.3.7
137
+ rubygems_version: 3.1.4
141
138
  signing_key:
142
139
  specification_version: 4
143
140
  summary: Nipper upload add-on for Dradis Framework.
@@ -1,3 +0,0 @@
1
- evidence.device_name
2
- evidence.device_type
3
- evidence.device_osversion
@@ -1,8 +0,0 @@
1
- #[DeviceName]#
2
- %evidence.device_name%
3
-
4
- #[DeviceType]#
5
- %evidence.device_type%
6
-
7
- #[OS]#
8
- %evidence.device_osversion%
@@ -1,15 +0,0 @@
1
- issue.title
2
- issue.cvss_base
3
- issue.cvss_base_vector
4
- issue.cvss_temporal
5
- issue.cvss_temporal_vector
6
- issue.cvss_environmental
7
- issue.cvss_environmental_vector
8
- issue.finding
9
- issue.impact
10
- issue.ease
11
- issue.nipperv1_ease
12
- issue.nipperv1_fix
13
- issue.nipperv1_impact
14
- issue.nipperv1_rating
15
- issue.recommendation
@@ -1,35 +0,0 @@
1
- #[Title]#
2
- %issue.title%
3
-
4
- #[CVSSv2.Base]#
5
- %issue.cvss_base%
6
-
7
- #[CVSSv2.Temporal]#
8
- %issue.cvss_temporal%
9
-
10
- #[CVSSv2.Environmental]#
11
- %issue.cvss_environmental%
12
-
13
- #[Finding]#
14
- %issue.finding%
15
-
16
- #[Impact]#
17
- %issue.impact%
18
-
19
- #[Ease]#
20
- %issue.ease%
21
-
22
- #[Nipperv1.Ease]#
23
- %issue.nipperv1_ease%
24
-
25
- #[Nipperv1.Fix]#
26
- %issue.nipperv1_fix%
27
-
28
- #[Nipperv1.Impact]#
29
- %issue.nipperv1_impact%
30
-
31
- #[Nipperv1.Rating]#
32
- %issue.nipperv1_rating%
33
-
34
- #[Recommendation]#
35
- %issue.recommendation%