RubyGems - dradis-openvas - Versions diffs - 4.11.0 → 4.12.0 - Mend

dradis-openvas 4.11.0 → 4.12.0

Files changed (12) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/README.md +1 -1
data/lib/dradis/plugins/openvas/gem_version.rb +1 -1
data/lib/dradis/plugins/openvas/importer.rb +3 -3
data/lib/dradis/plugins/openvas/mapping.rb +49 -0
data/lib/dradis/plugins/openvas.rb +1 -0
metadata +4 -7
data/templates/evidence.fields +0 -2
data/templates/evidence.template +0 -6
data/templates/result.fields +0 -21
data/templates/result.template +0 -27

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e6ba9c0b434fc631c7f31f64bf581d3f1848eba26246018ed5107d369387a07
-  data.tar.gz: 67a14dd80414111363511307006c8525713bd91625357069cebb0d6a13b316cb
+  metadata.gz: 4fa4fbffa0f998d065c001f81f7ab5186e7f491892898b5be7a2ac2de056d97a
+  data.tar.gz: 0facc466254d5984274a65e75f7c3d099bb8615cd5e9f18fdc05e56843440d07
 SHA512:
-  metadata.gz: 0b89ff03623592e9fbfae324c2d10168d157766f307b7438c1c6faf5a1d2e6dd9907a06dea5557b59f1ee4e89e8dfa3a3cb3693bf7375bfa609f305dbbbe15c7
-  data.tar.gz: 51ebd021ae0f2e72b30e192d5a7a4fc8acaeb1c5b99130b23120a244aeeb5f133902ae2548819a024c8c512ee6a681b2fe9d9e4ae2b2c0e477527ca1d416a878
+  metadata.gz: 3a43b28e4daf9a3d8d68d3dc9e70e91cbe7eedd4e71f9cd64528545dabf7f29482c9ac73733d3d01f6c5cc6729891748ad2176983284845631b90a77c4b2fefb
+  data.tar.gz: 1acc1ab81acc196fa9b00651e6c06c870b65a76c82c6784f209ec16aaf02f76f2a8fe3e04c73482f7b0774197e39d6a44f1098d7a619bcb39e6d66960d74bc1f

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+v4.12.0 (May 2024)
+ - Migrate integration to use Mappings Manager
+ - Update Dradis links in README
 v4.11.0 (January 2024)
   - No changes

data/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 The OpenVAS add-on enables users to upload OpenVAS XML files to create a structure of nodes/notes that contain the same information about the hosts/ports/services as the original file.
-The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 The add-on supports OpenVAS v6 and v7 output.

data/lib/dradis/plugins/openvas/gem_version.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Dradis
       module VERSION
         MAJOR = 4
-        MINOR = 11
+        MINOR = 12
         TINY = 0
         PRE = nil

data/lib/dradis/plugins/openvas/importer.rb CHANGED Viewed

@@ -45,7 +45,7 @@ module Dradis::Plugins::OpenVAS
       logger.info{ "\t\t => Creating new issue (#{nvt_oid})" }
-      issue_text = template_service.process_template(template: 'result', data: xml_result)
+      issue_text = mapping_service.apply_mapping(source: 'result', data: xml_result)
       issue = content_service.create_issue(text: issue_text, id: nvt_oid)
@@ -90,8 +90,8 @@ module Dradis::Plugins::OpenVAS
       # doesn't provide any per-instance information.
       #
       # Best thing to do is to include the full <description> field and let the user deal with it.
-      evidence_content = template_service.process_template(template: 'evidence', data: xml_result)
+      evidence_content = mapping_service.apply_mapping(source: 'evidence', data: xml_result)
       content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
     end

data/lib/dradis/plugins/openvas/mapping.rb ADDED Viewed

@@ -0,0 +1,49 @@
+module Dradis::Plugins::OpenVAS
+  module Mapping
+    DEFAULT_MAPPING = {
+      evidence: {
+        'Port' => '{{ openvas[evidence.port] }}',
+        'Description' => '{{ openvas[evidence.description] }}'
+      },
+      result: {
+        'Title' => '{{ openvas[result.name] }}',
+        'CVSSv2' => '{{ openvas[result.cvss_base] }}',
+        'AffectedSoftware' => '{{ openvas[result.affected_software] }}',
+        'Description' => '{{ openvas[result.summary] }}',
+        'Recommendation' => '{{ openvas[result.solution] }}',
+        'References' => "CVE: {{ openvas[result.cve] }}\nCVSS Vector: {{ cvss_base_vector }}\nBID: {{ openvas[result.bid] }}\nOther: {{ openvas[result.xref] }}",
+        'RawDescription' => "(note that some of the information below can change from instance to instance of this problem)\n {{ openvas[result.description] }}"
+      }
+    }.freeze
+    SOURCE_FIELDS = {
+      evidence: [
+        'evidence.port',
+        'evidence.description'
+      ],
+      result: [
+        'result.threat',
+        'result.description',
+        'result.original_threat',
+        'result.notes',
+        'result.overrides',
+        'result.name',
+        'result.cvss_base',
+        'result.cvss_base_vector',
+        'result.risk_factor',
+        'result.cve',
+        'result.bid',
+        'result.xref',
+        'result.summary',
+        'result.insight',
+        'result.info_gathered',
+        'result.impact',
+        'result.impact_level',
+        'result.affected_software',
+        'result.solution',
+        'result.solution_type',
+        'result.vuldetect'
+      ]
+    }.freeze
+  end
+end

data/lib/dradis/plugins/openvas.rb CHANGED Viewed

@@ -7,5 +7,6 @@ end
 require 'dradis/plugins/openvas/engine'
 require 'dradis/plugins/openvas/field_processor'
+require 'dradis/plugins/openvas/mapping'
 require 'dradis/plugins/openvas/importer'
 require 'dradis/plugins/openvas/version'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-openvas
 version: !ruby/object:Gem::Version
-  version: 4.11.0
+  version: 4.12.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-17 00:00:00.000000000 Z
+date: 2024-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -106,6 +106,7 @@ files:
 - lib/dradis/plugins/openvas/field_processor.rb
 - lib/dradis/plugins/openvas/gem_version.rb
 - lib/dradis/plugins/openvas/importer.rb
+- lib/dradis/plugins/openvas/mapping.rb
 - lib/dradis/plugins/openvas/version.rb
 - lib/openvas/result.rb
 - lib/openvas/v6/result.rb
@@ -119,12 +120,8 @@ files:
 - spec/openvas/upload_v24_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixture_loader.rb
-- templates/evidence.fields
 - templates/evidence.sample
-- templates/evidence.template
-- templates/result.fields
 - templates/result.sample
-- templates/result.template
 homepage: https://dradis.com/integrations/openvas.html
 licenses:
 - GPL-2
@@ -144,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: OpenVAS add-on for the Dradis Framework.

data/templates/evidence.fields DELETED Viewed

	@@ -1,2 +0,0 @@
1	- evidence.port
2	- evidence.description

data/templates/evidence.template DELETED Viewed

@@ -1,6 +0,0 @@
-#[Port]#
-%evidence.port%
-#[Description]#
-%evidence.description%

data/templates/result.fields DELETED Viewed

@@ -1,21 +0,0 @@
-result.threat
-result.description
-result.original_threat
-result.notes
-result.overrides
-result.name
-result.cvss_base
-result.cvss_base_vector
-result.risk_factor
-result.cve
-result.bid
-result.xref
-result.summary
-result.insight
-result.info_gathered
-result.impact
-result.impact_level
-result.affected_software
-result.solution
-result.solution_type
-result.vuldetect

data/templates/result.template DELETED Viewed

@@ -1,27 +0,0 @@
-#[Title]#
-%result.name%
-#[CVSSv2]#
-%result.cvss_base%
-#[AffectedSoftware]#
-%result.affected_software%
-#[Description]#
-%result.summary%
-#[Recommendation]#
-%result.solution%
-#[References]#
-CVE: %result.cve%
-CVSS Vector: %cvss_base_vector%
-BID: %result.bid%
-Other: %result.xref%
-#[RawDescription]#
-(note that some of the information below can change from instance to instance of this problem)
-%result.description%