dradis-openvas 3.18.0

data/spec/openvas/result_spec.rb

@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe Openvas::Result do
+  include FixtureLoader
+
+  it "splits the <description> tag in its component fields" do
+    xml_doc = load_fixture_file('result.xml')
+    result = Openvas::Result.new( xml_doc.at_xpath('/result') )
+    result.description.should eq(xml_doc.at_xpath('/result/description').text)
+
+    expect(result.summary).to eq("This host is installed with Oracle Java SE JRE and is prone to\nmultiple vulnerabilities.\n\n")
+    expect(result.insight).to eq("Multiple flaws are caused by unspecified errors in the following\ncomponents:\n- 2D\n- AWT\n- Sound\n- I18n\n- CORBA\n- Serialization\n\n")
+  end
+
+  it "respects paragraphs within the component fields of the <description> value" do
+    xml_doc = load_fixture_file('result2.xml')
+    result = Openvas::Result.new( xml_doc.at_xpath('/result') )
+    result.summary.should eq("A weakness has been discovered in Apache web servers that are\nconfigured to use the FileETag directive. Due to the way in which\nApache generates ETag response headers, it may be possible for an\nattacker to obtain sensitive information regarding server files.\nSpecifically, ETag header fields returned to a client contain the\nfile's inode number.\n\nExploitation of this issue may provide an attacker with information\nthat may be used to launch further attacks against a target network.\n\nOpenBSD has released a patch that addresses this issue. Inode numbers\nreturned from the server are now encoded using a private hash to avoid\nthe release of sensitive information.\n")
+  end
+
+  it "correctly parses the fringe 'Impact Level' case" do
+    xml_doc = load_fixture_file('result.xml')
+    result = Openvas::Result.new( xml_doc.at_xpath('/result') )
+
+    result.impact_level.should eq('System/Application')
+  end
+
+
+  it "correctly parses the last component field in the <description>" do
+    xml_doc = load_fixture_file('result2.xml')
+    result = Openvas::Result.new( xml_doc.at_xpath('/result') )
+
+    result.info_gathered.should eq("Inode: 1050855\nSize: 177\n\n")
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,35 @@
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../../../../../config/environment", __FILE__)
+require 'rspec/rails'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+require 'support/fixture_loader'
+
+RSpec.configure do |config|
+  # CLI niceties
+  config.order = :random
+
+  # Filter which specs to run
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.filter_run :focus => true
+  config.run_all_when_everything_filtered = true
+
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
+  config.use_transactional_fixtures = false
+
+  config.before(:suite) do
+    DatabaseCleaner.strategy = :transaction
+    DatabaseCleaner.clean_with(:truncation)
+  end
+
+  config.before(:each) do
+    DatabaseCleaner.start
+  end
+
+  config.after(:each) do
+    DatabaseCleaner.clean
+  end
+end

data/spec/support/fixture_loader.rb

@@ -0,0 +1,5 @@
+module FixtureLoader
+  def load_fixture_file(file_name)
+    Nokogiri::XML( File.read("spec/fixtures/files/#{file_name}") )
+  end
+end

data/templates/evidence.fields

@@ -0,0 +1,2 @@
+evidence.port
+evidence.description

data/templates/evidence.sample

@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<result id="e2ccf551-ea4e-4186-9b24-76287d6244f3">
+  <subnet>172.31.253.9</subnet>
+  <host>172.31.253.9</host>
+  <port>general/tcp</port>
+  <nvt oid="1.3.6.1.4.1.25623.1.0.802610">
+    <name>Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 01)</name>
+    <cvss_base>10.0</cvss_base>
+    <risk_factor>Critical</risk_factor>
+    <cve>CVE-2011-3563, CVE-2012-0499, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506</cve>
+    <bid>52011, 52012, 52014, 52016, 52017, 52018</bid>
+    <xref>URL:http://secunia.com/advisories/48009, URL:http://www.pre-cert.de/advisories/PRE-SA-2012-01.txt, URL:http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html, URL:http://www.oracle.com/technetwork/java/javase/documentation/overview-142120.html, URL:http://www.oracle.com/technetwork/java/javase/documentation/overview-137139.html</xref>
+  </nvt>
+  <threat>High</threat>
+  <description>
+  Summary:
+  This host is installed with Oracle Java SE JRE and is prone to
+  multiple vulnerabilities.
+
+  Vulnerability Insight:
+  Multiple flaws are caused by unspecified errors in the following
+  components:
+  - 2D
+  - AWT
+  - Sound
+  - I18n
+  - CORBA
+  - Serialization
+
+  Impact:
+  Successful exploitation allows remote attackers to affect confidentiality,
+  integrity, and availability via unknown vectors.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Oracle Java SE JRE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33
+  and earlier, and 1.4.2_35 and earlier
+
+  Solution:
+  Upgrade to Oracle Java SE JRE versions 7 Update 3, 6 Update 31, 5.0 Update
+  34, 1.4.2_36 or later. For updates refer to
+  http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
+</description>
+  <original_threat>High</original_threat>
+  <notes/>
+  <overrides/>
+</result>

data/templates/evidence.template

@@ -0,0 +1,6 @@
+#[Port]#
+%evidence.port%
+
+
+#[Description]#
+%evidence.description%

data/templates/result.fields

@@ -0,0 +1,19 @@
+result.threat
+result.description
+result.original_threat
+result.notes
+result.overrides
+result.name
+result.cvss_base
+result.cvss_base_vector
+result.risk_factor
+result.cve
+result.bid
+result.xref
+result.summary
+result.insight
+result.info_gathered
+result.impact
+result.impact_level
+result.affected_software
+result.solution

data/templates/result.sample

@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<result id="e2ccf551-ea4e-4186-9b24-76287d6244f3">
+  <subnet>172.31.253.9</subnet>
+  <host>172.31.253.9</host>
+  <port>general/tcp</port>
+  <nvt oid="1.3.6.1.4.1.25623.1.0.802610">
+    <name>Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 01)</name>
+    <cvss_base>10.0</cvss_base>
+    <risk_factor>Critical</risk_factor>
+    <cve>CVE-2011-3563, CVE-2012-0499, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506</cve>
+    <bid>52011, 52012, 52014, 52016, 52017, 52018</bid>
+    <xref>URL:http://secunia.com/advisories/48009, URL:http://www.pre-cert.de/advisories/PRE-SA-2012-01.txt, URL:http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html, URL:http://www.oracle.com/technetwork/java/javase/documentation/overview-142120.html, URL:http://www.oracle.com/technetwork/java/javase/documentation/overview-137139.html</xref>
+  </nvt>
+  <threat>High</threat>
+  <description>
+  Summary:
+  This host is installed with Oracle Java SE JRE and is prone to
+  multiple vulnerabilities.
+
+  Vulnerability Insight:
+  Multiple flaws are caused by unspecified errors in the following
+  components:
+  - 2D
+  - AWT
+  - Sound
+  - I18n
+  - CORBA
+  - Serialization
+
+  Impact:
+  Successful exploitation allows remote attackers to affect confidentiality,
+  integrity, and availability via unknown vectors.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Oracle Java SE JRE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33
+  and earlier, and 1.4.2_35 and earlier
+
+  Solution:
+  Upgrade to Oracle Java SE JRE versions 7 Update 3, 6 Update 31, 5.0 Update
+  34, 1.4.2_36 or later. For updates refer to
+  http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
+</description>
+  <original_threat>High</original_threat>
+  <notes/>
+  <overrides/>
+</result>

data/templates/result.template

@@ -0,0 +1,27 @@
+#[Title]#
+%result.name%
+
+
+#[CVSSv2]#
+%result.cvss_base%
+
+#[AffectedSoftware]#
+%result.affected_software%
+
+#[Description]#
+%result.summary%
+
+#[Recommendation]#
+%result.solution%
+
+
+#[References]#
+CVE: %result.cve%
+CVSS Vector: %cvss_base_vector%
+BID: %result.bid%
+Other: %result.xref%
+
+
+#[RawDescription]#
+(note that some of the information below can change from instance to instance of this problem)
+%result.description%

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: dradis-openvas
+version: !ruby/object:Gem::Version
+  version: 3.18.0
+platform: ruby
+authors:
+- Daniel Martin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-07-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: dradis-plugins
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: This add-on allows you to upload and parse output produced from OpenVAS
+  Scanner (v6 and v7) into Dradis.
+email:
+- etd@nomejortu.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/issue_template.md"
+- ".github/pull_request_template.md"
+- ".gitignore"
+- ".rspec"
+- CHANGELOG.md
+- CONTRIBUTING.md
+- Gemfile
+- Guardfile
+- LICENSE
+- README.md
+- Rakefile
+- dradis-openvas.gemspec
+- lib/dradis-openvas.rb
+- lib/dradis/plugins/openvas.rb
+- lib/dradis/plugins/openvas/engine.rb
+- lib/dradis/plugins/openvas/field_processor.rb
+- lib/dradis/plugins/openvas/gem_version.rb
+- lib/dradis/plugins/openvas/importer.rb
+- lib/dradis/plugins/openvas/version.rb
+- lib/openvas/result.rb
+- lib/openvas/v6/result.rb
+- lib/openvas/v7/result.rb
+- lib/tasks/thorfile.rb
+- spec/fixtures/files/result.xml
+- spec/fixtures/files/result2.xml
+- spec/fixtures/files/v7/report_v7.xml
+- spec/openvas/result_spec.rb
+- spec/spec_helper.rb
+- spec/support/fixture_loader.rb
+- templates/evidence.fields
+- templates/evidence.sample
+- templates/evidence.template
+- templates/result.fields
+- templates/result.sample
+- templates/result.template
+homepage: http://dradisframework.org
+licenses:
+- GPL-2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key: 
+specification_version: 4
+summary: OpenVAS add-on for the Dradis Framework.
+test_files:
+- spec/fixtures/files/result.xml
+- spec/fixtures/files/result2.xml
+- spec/fixtures/files/v7/report_v7.xml
+- spec/openvas/result_spec.rb
+- spec/spec_helper.rb
+- spec/support/fixture_loader.rb