dradis-openvas 4.2.0 → 4.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 37ab1d55e8bf4aecd660030ddf6d57e3b19c7878a9df6559dd2c7a541b399336
-  data.tar.gz: aec3f05770b7368da1bce24041a702dddbd8e8063ee1aa690591570de353f7aa
+  metadata.gz: d2995faaab7464c1ddb7b6a92bbc43d498d0bf946a7cda83851252f7f2b9f691
+  data.tar.gz: 458b917d6a93e96aecb93cb455478f612f6f4e5b52beb382cd1290235d1e3fa3
 SHA512:
-  metadata.gz: 542ae8b03b7871217c5a1d4ba2b7867abf36d1a8ce351a52a6ef7dc735c3451780f2a3c1724a1819805db0c5becf07a33889d8cf065fcf7c7bf3f786977a2f01
-  data.tar.gz: 1f7fc4df207fd5cf9e620043f64405d60bc58d6b2016686330155a7630bec4d0ba0231ce841baf352aca586af7ab2b9f7945fd28f40050f9a6f25c8cc3240b26
+  metadata.gz: 1644859b459667c7c9fd8198ab832b8b25eb8be9b42f2ac7278df6e0e0ceaaf61111720191012d694f5a6581aa9a0d453d1809a7b7c61408996c1e87bdcc9edb
+  data.tar.gz: e03b9d3be3992dd68b18eb2b8c9dc5e8ec84c27192ad0e82999b419d5bce2039687636896c406b297a9015572fc172c608d6199273e7655adefb4b4bfa7282a6

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+v4.5.0 (August 2022)
+  - No changes
+
+v4.4.0 (June 2022)
+  - Registers template mappings locally
+
+v4.3.0 (April 2022)
+  - Update Node label parsing. Include :hostname and :asset_id properties.
+
 v4.2.0 (February 2022)
   - No changes
 

data/lib/dradis/plugins/openvas/engine.rb

@@ -12,4 +12,4 @@ module Dradis::Plugins::OpenVAS
       end
     end
   end
-end
+end

data/lib/dradis/plugins/openvas/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 2
+        MINOR = 5
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/openvas/importer.rb

@@ -1,5 +1,8 @@
 module Dradis::Plugins::OpenVAS
   class Importer < Dradis::Plugins::Upload::Importer
+    def self.templates
+      { evidence: 'evidence', issue: 'result' }
+    end
 
     # The framework will call this function if the user selects this plugin from
     # the dropdown list and uploads a file.
@@ -35,8 +38,7 @@ module Dradis::Plugins::OpenVAS
 
     def process_result(xml_result)
       # Extract host
-      host_label = xml_result.at_xpath('./host').text()
-      self.host_node = content_service.create_node(label: host_label, type: :host)
+      set_host(xml_result.at_xpath('./host'))
 
       # Uniquely identify this issue
       nvt_oid = xml_result.at_xpath('./nvt')[:oid]
@@ -93,5 +95,18 @@ module Dradis::Plugins::OpenVAS
       content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
     end
 
+    def set_host(xml_host)
+      host_label = xml_host.at_xpath('text()').text
+      self.host_node = content_service.create_node(label: host_label, type: :host)
+
+      xml_hostname = xml_host.at_xpath('./hostname')
+      host_node.set_property(:hostname, xml_hostname.text) if xml_hostname
+
+      xml_asset = xml_host.at_xpath('./asset')
+      host_node.set_property(:asset_id, xml_asset[:asset_id]) if xml_asset
+
+      host_node.save!
+    end
+
   end
 end

data/spec/fixtures/files/report_v24.xml

@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<report id="9917b2e8-7db6-475b-b591-bd3ba828625c">
+   <report>
+      <results>
+         <result id="32249f6c-89f1-4a93-888f-29404b01374f">
+            <subnet>188.111.11.85</subnet>
+            <host>188.111.11.85<hostname>www.google.com</hostname></host>
+            <port>http (80/tcp)</port>
+            <nvt oid="1.3.6.1.4.1.25623.1.0.103122">
+               <name>Apache Web Server ETag Header Information Disclosure Weakness</name>
+               <family>Web application abuses</family>
+               <cvss_base>4.3</cvss_base>
+               <risk_factor>Medium</risk_factor>
+               <cve>CVE-2003-1418</cve>
+               <bid>6939</bid>
+               <tags>cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=A weakness has been discovered in Apache web servers that are
+configured to use the FileETag directive. Due to the way in which
+Apache generates ETag response headers, it may be possible for an
+attacker to obtain sensitive information regarding server files.
+Specifically, ETag header fields returned to a client contain the
+file's inode number.
+
+Exploitation of this issue may provide an attacker with information
+that may be used to launch further attacks against a target network.
+
+OpenBSD has released a patch that addresses this issue. Inode numbers
+returned from the server are now encoded using a private hash to avoid
+the release of sensitive information.|solution=OpenBSD has released a patch to address this issue.
+
+Novell has released TID10090670 to advise users to apply the available
+workaround of disabling the directive in the configuration file for
+Apache releases on NetWare. Please see the attached Technical
+Information Document for further details.</tags>
+               <cert>
+                  <warning>database not available</warning>
+               </cert>
+               <xref>URL:https://www.securityfocus.com/bid/6939, URL:http://httpd.apache.org/docs/mod/core.html#fileetag, URL:http://www.openbsd.org/errata32.html, URL:http://support.novell.com/docs/Tids/Solutions/10090670.html</xref>
+            </nvt>
+            <threat>Medium</threat>
+            <description>Summary:
+ A weakness has been discovered in Apache web servers that are
+configured to use the FileETag directive. Due to the way in which
+Apache generates ETag response headers, it may be possible for an
+attacker to obtain sensitive information regarding server files.
+Specifically, ETag header fields returned to a client contain the
+file's inode number.
+
+Exploitation of this issue may provide an attacker with information
+that may be used to launch further attacks against a target network.
+
+OpenBSD has released a patch that addresses this issue. Inode numbers
+returned from the server are now encoded using a private hash to avoid
+the release of sensitive information.
+ Solution:
+ OpenBSD has released a patch to address this issue.
+
+Novell has released TID10090670 to advise users to apply the available
+workaround of disabling the directive in the configuration file for
+Apache releases on NetWare. Please see the attached Technical
+Information Document for further details.
+
+Information that was gathered:
+Inode: 1050855
+Size: 177</description>
+            <original_threat>Medium</original_threat>
+            <notes />
+            <overrides />
+         </result>
+      </results>
+   </report>
+</report>

data/spec/openvas/upload_v24_spec.rb

@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+describe 'Openvas upload plugin' do
+  describe 'importer' do
+    before(:each) do
+      # Stub template service
+      templates_dir = File.expand_path('../../../templates', __FILE__)
+      expect_any_instance_of(Dradis::Plugins::TemplateService)
+      .to receive(:default_templates_dir).and_return(templates_dir)
+
+      plugin = Dradis::Plugins::OpenVAS
+
+      @content_service = Dradis::Plugins::ContentService::Base.new(plugin: plugin)
+
+      allow(@content_service).to receive(:create_note) do |args|
+        OpenStruct.new(args)
+      end
+      allow(@content_service).to receive(:create_node) do |args|
+        OpenStruct.new(args)
+      end
+      allow(@content_service).to receive(:create_issue) do |args|
+        OpenStruct.new(args)
+      end
+      allow(@content_service).to receive(:create_evidence) do |args|
+        OpenStruct.new(args)
+      end
+
+      @importer = plugin::Importer.new(
+        content_service: @content_service
+      )
+    end
+
+    context 'Openvas v24 output' do
+      it 'parses node label without hostname' do
+        expect(@content_service).to receive(:create_node) do |args|
+          expect(args[:label]).to eq('188.111.11.85')
+          expect(args[:type]).to eq(:host)
+        end
+
+        @importer.import(file: File.expand_path('../fixtures/files/report_v24.xml', __dir__))
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-openvas
 version: !ruby/object:Gem::Version
-  version: 4.2.0
+  version: 4.5.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-14 00:00:00.000000000 Z
+date: 2022-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -112,10 +112,12 @@ files:
 - lib/openvas/v6/result.rb
 - lib/openvas/v7/result.rb
 - lib/tasks/thorfile.rb
+- spec/fixtures/files/report_v24.xml
 - spec/fixtures/files/result.xml
 - spec/fixtures/files/result2.xml
 - spec/fixtures/files/v7/report_v7.xml
 - spec/openvas/result_spec.rb
+- spec/openvas/upload_v24_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixture_loader.rb
 - templates/evidence.fields
@@ -143,14 +145,16 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.28
 signing_key: 
 specification_version: 4
 summary: OpenVAS add-on for the Dradis Framework.
 test_files:
+- spec/fixtures/files/report_v24.xml
 - spec/fixtures/files/result.xml
 - spec/fixtures/files/result2.xml
 - spec/fixtures/files/v7/report_v7.xml
 - spec/openvas/result_spec.rb
+- spec/openvas/upload_v24_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixture_loader.rb