dradis-ntospider 4.10.0 → 4.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4da50f659cc3e8e767aaa6b03efabed8c0b9cd11e2d860572d0cdd4c9340ecb0
-  data.tar.gz: 644a22ecce0cd7f6d02bcac8cca9a2d8c8d8c0bd2dc4bd3f75a3ca2d9228d3d4
+  metadata.gz: 536212efb160b5b7d725b7f28825b94ead72f20c401e1e5faa9510b62992713e
+  data.tar.gz: 9df9040a07b8682caa17f4759f289a9c427966e431c5e15097d4bb920f52ccc4
 SHA512:
-  metadata.gz: e46331fbf13aa2e3d300a1b64bdb4c77612c6cfda371b3543d56994b7cd859f98c28d2278500c46a8afe3970b6a1a01baf5f43a6af6817900b3bcc8f4f8b6daa
-  data.tar.gz: 9ec384d9ea384a440dd2d0a17a8e10ce5cf774aae9061b9bb4add9aa7a5b14e61a9381640102d859a071024ba3f3e423f2ce6019239812fc0fb9c194bd544b4a
+  metadata.gz: 213ad2266551f6d0fec96632b29214b982bb0817f5828eb28b75ba82f7c76ce87619d624a72ede75bdee43256397848a0fca34fe819122eac1bd4a42daff3aaf
+  data.tar.gz: 6c4f5f0aa463a061da6f12b0674355f67553d310a7de4129053b683c161d29d46d185418cee4ab21f0edaed1f13e64dfadf3e441e10fe2d4a4ad6e1067fc9478

data/.github/pull_request_template.md

@@ -1,3 +1,5 @@
+Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
+
 ### Summary
 
 Provide a general description of the code changes in your pull
@@ -6,6 +8,11 @@ these bugs have open GitHub issues, be sure to tag them here as well,
 to keep the conversation linked together.
 
 
+### Testing Steps
+
+Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
+
+
 ### Other Information
 
 If there's anything else that's important and relevant to your pull
@@ -26,11 +33,13 @@ products, we must have the copyright associated with the entire
 codebase. Any code you create which is merged must be owned by us.
 That's not us trying to be a jerks, that's just the way it works.
 
-Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
-file for the details.
-
 You can delete this section, but the following sentence needs to
 remain in the PR's description:
 
 > I assign all rights, including copyright, to any future Dradis
 > work by myself to Security Roots.
+
+### Check List
+
+- [ ] Added a CHANGELOG entry
+- [ ] Added specs

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+v4.12.0 (May 2024)
+ - Migrate integration to use Mappings Manager
+ - Update Dradis links in README
+
+v4.11.0 (January 2024)
+  - No changes
+
 v4.10.0 (September 2023)
   - Update gemspec links
 

data/README.md

@@ -4,17 +4,16 @@
 
 The NTO Spider add-on enables users to upload NTO Spider XML files to create a structure of nodes/notes that contain the same information about the hosts/ports/services as the original file.
 
-The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
-
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 
 ## More information
 
-See the Dradis Framework's [README.md](https://github.com/dradis/dradisframework/blob/master/README.md)
+See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
 
 
 ## Contributing
 
-See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisframework/blob/master/CONTRIBUTING.md)
+See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
 
 
 ## Contributors

data/lib/dradis/plugins/ntospider/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 10
+        MINOR = 12
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/ntospider/importer.rb

@@ -52,16 +52,16 @@ module Dradis::Plugins::NTOSpider
 
         plugin_id = vuln.vuln_type
         logger.info{ "\t\t => Creating new issue (plugin_id: #{plugin_id})" }
-        issue_text = template_service.process_template(
-          template: 'vuln', data: vuln.xml
+        issue_text = mapping_service.apply_mapping(
+          source: 'vuln', data: vuln.xml
         )
         issue = content_service.create_issue text: issue_text, id: plugin_id
 
         # App Spider can provide multiple pieces of evidence for an issue.
         xml_vuln.xpath('./AttackList/Attack').each do |attack_xml|
           logger.info{ "\t\t => Creating new evidence" }
-          evidence_content = template_service.process_template(
-            template: 'evidence', data: attack_xml
+          evidence_content = mapping_service.apply_mapping(
+            source: 'evidence', data: attack_xml
           )
           content_service.create_evidence(
             issue: issue, node: host_node, content: evidence_content

data/lib/dradis/plugins/ntospider/mapping.rb

@@ -0,0 +1,82 @@
+module Dradis::Plugins::NTOSpider
+  module Mapping
+    DEFAULT_MAPPING = {
+      evidence: {
+        'URL' => '{{ ntospider[evidence.attack_vuln_url] }}',
+        'Param' => '{{ ntospider[evidence.attack_post_params] }}',
+        'String' => '{{ ntospider[evidence.attack_matched_string] }}',
+        'Request' => '{{ ntospider[evidence.attack_request] }}',
+        'Response' => '{{ ntospider[evidence.attack_response] }}'
+      },
+      vuln: {
+        'Title' => '{{ ntospider[vuln.vuln_type] }}',
+        'Attack Class' => '{{ ntospider[vuln.attack_class] }}',
+        'Attack Type' => '{{ ntospider[vuln.attack_type] }}',
+        'Attack Score' => '{{ ntospider[vuln.attack_score] }}',
+        'Attack Value' => '{{ ntospider[vuln.attack_value] }}',
+        'Method' => '{{ ntospider[vuln.vuln_method] }}',
+        'Description' => '{{ ntospider[vuln.description] }}',
+        'Recommendation' => '{{ ntospider[vuln.recommendation] }}',
+        'CweId' => '{{ ntospider[vuln.cwe_id] }}',
+        'CAPEC' => '{{ ntospider[vuln.capec] }}',
+        'DISSA_ASC' => '{{ ntospider[vuln.dissa_asc] }}',
+        'OWASP2010' => '{{ ntospider[vuln.owasp2010] }}',
+        'OWASP2013' => '{{ ntospider[vuln.owasp2013] }}',
+        'OWASP2017' => '{{ ntospider[vuln.owasp2017] }}',
+        'OVAL' => '{{ ntospider[vuln.oval] }}'
+      }
+    }.freeze
+
+    SOURCE_FIELDS = {
+      evidence: [
+        'evidence.attack_config_description',
+        'evidence.attack_description',
+        'evidence.attack_id',
+        'evidence.attack_matched_string',
+        'evidence.attack_post_params',
+        'evidence.attack_request',
+        'evidence.attack_response',
+        'evidence.attack_user_notes',
+        'evidence.attack_value',
+        'evidence.attack_vuln_url',
+        'evidence.benign',
+        'evidence.original_value',
+        'evidence.original_response_code'
+      ],
+      vuln: [
+        'vuln.attack_class',
+        'vuln.attack_score',
+        'vuln.attack_type',
+        'vuln.attack_value',
+        'vuln.capec',
+        'vuln.confidence',
+        'vuln.cwe_id',
+        'vuln.description',
+        'vuln.dissa_asc',
+        'vuln.html_entity_attacked',
+        'vuln.imperva_bl',
+        'vuln.imperva_wl',
+        'vuln.mod_security_bl',
+        'vuln.mod_security_wl',
+        'vuln.normalized_url',
+        'vuln.oval',
+        'vuln.owasp2007',
+        'vuln.owasp2010',
+        'vuln.owasp2013',
+        'vuln.owasp2017',
+        'vuln.pcre_regex_bl',
+        'vuln.pcre_regex_wl',
+        'vuln.recommendation',
+        'vuln.scan_date',
+        'vuln.snort_bl',
+        'vuln.snort_wl',
+        'vuln.statistically_prevalent_original_response_code',
+        'vuln.vuln_method',
+        'vuln.vuln_param',
+        'vuln.vuln_type',
+        'vuln.vuln_url',
+        'vuln.wasc'
+      ]
+    }.freeze
+  end
+end

data/lib/dradis/plugins/ntospider.rb

@@ -7,5 +7,6 @@ end
 
 require 'dradis/plugins/ntospider/engine'
 require 'dradis/plugins/ntospider/field_processor'
+require 'dradis/plugins/ntospider/mapping'
 require 'dradis/plugins/ntospider/importer'
 require 'dradis/plugins/ntospider/version'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-ntospider
 version: !ruby/object:Gem::Version
-  version: 4.10.0
+  version: 4.12.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-07 00:00:00.000000000 Z
+date: 2024-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -96,7 +96,7 @@ dependencies:
         version: '0'
 description: This add-on allows you to upload and parse output produced from NTOSpider
   Web Vulnerability Scanner into Dradis.
-email: 
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -119,6 +119,7 @@ files:
 - lib/dradis/plugins/ntospider/field_processor.rb
 - lib/dradis/plugins/ntospider/gem_version.rb
 - lib/dradis/plugins/ntospider/importer.rb
+- lib/dradis/plugins/ntospider/mapping.rb
 - lib/dradis/plugins/ntospider/version.rb
 - lib/ntospider/attack.rb
 - lib/ntospider/vuln.rb
@@ -126,17 +127,13 @@ files:
 - spec/fixtures/files/VulnerabilitiesSummary.xml
 - spec/ntospider_import_spec.rb
 - spec/spec_helper.rb
-- templates/evidence.fields
 - templates/evidence.sample
-- templates/evidence.template
-- templates/vuln.fields
 - templates/vuln.sample
-- templates/vuln.template
 homepage: https://dradis.com/integrations/appspider.html
 licenses:
 - GPL-2
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -152,7 +149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.4
-signing_key: 
+signing_key:
 specification_version: 4
 summary: NTOSpider add-on for the Dradis Framework.
 test_files:

data/templates/evidence.fields

@@ -1,13 +0,0 @@
-evidence.attack_config_description
-evidence.attack_description
-evidence.attack_id
-evidence.attack_matched_string
-evidence.attack_post_params
-evidence.attack_request
-evidence.attack_response
-evidence.attack_user_notes
-evidence.attack_value
-evidence.attack_vuln_url
-evidence.benign
-evidence.original_value
-evidence.original_response_code

data/templates/evidence.template

@@ -1,14 +0,0 @@
-#[URL]#
-%evidence.attack_vuln_url%
-
-#[Param]#
-%evidence.attack_post_params%
-
-#[String]#
-%evidence.attack_matched_string%
-
-#[Request]#
-%evidence.attack_request%
-
-#[Response]#
-%evidence.attack_response%

data/templates/vuln.fields

@@ -1,32 +0,0 @@
-vuln.attack_class
-vuln.attack_score
-vuln.attack_type
-vuln.attack_value
-vuln.capec
-vuln.confidence
-vuln.cwe_id
-vuln.description
-vuln.dissa_asc
-vuln.html_entity_attacked
-vuln.imperva_bl
-vuln.imperva_wl
-vuln.mod_security_bl
-vuln.mod_security_wl
-vuln.normalized_url
-vuln.oval
-vuln.owasp2007
-vuln.owasp2010
-vuln.owasp2013
-vuln.owasp2017
-vuln.pcre_regex_bl
-vuln.pcre_regex_wl
-vuln.recommendation
-vuln.scan_date
-vuln.snort_bl
-vuln.snort_wl
-vuln.statistically_prevalent_original_response_code
-vuln.vuln_method
-vuln.vuln_param
-vuln.vuln_type
-vuln.vuln_url
-vuln.wasc

data/templates/vuln.template

@@ -1,44 +0,0 @@
-#[Title]#
-%vuln.vuln_type%
-
-#[Attack Class]#
-%vuln.attack_class%
-
-#[Attack Type]#
-%vuln.attack_type%
-
-#[Attack Score]#
-%vuln.attack_score%
-
-#[Attack Value]#
-%vuln.attack_value%
-
-#[Method]#
-%vuln.vuln_method%
-
-#[Description]#
-%vuln.description%
-
-#[Recommendation]#
-%vuln.recommendation%
-
-#[CweId]#
-%vuln.cwe_id%
-
-#[CAPEC]#
-%vuln.capec%
-
-#[DISSA_ASC]#
-%vuln.dissa_asc%
-
-#[OWASP2010]#
-%vuln.owasp2010%
-
-#[OWASP2013]#
-%vuln.owasp2013%
-
-#[OWASP2017]#
-%vuln.owasp2017%
-
-#[OVAL]#
-%vuln.oval%