dradis-openvas 4.11.0 → 4.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +1 -1
- data/lib/dradis/plugins/openvas/gem_version.rb +1 -1
- data/lib/dradis/plugins/openvas/importer.rb +3 -3
- data/lib/dradis/plugins/openvas/mapping.rb +49 -0
- data/lib/dradis/plugins/openvas.rb +1 -0
- metadata +4 -7
- data/templates/evidence.fields +0 -2
- data/templates/evidence.template +0 -6
- data/templates/result.fields +0 -21
- data/templates/result.template +0 -27
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4fa4fbffa0f998d065c001f81f7ab5186e7f491892898b5be7a2ac2de056d97a
|
4
|
+
data.tar.gz: 0facc466254d5984274a65e75f7c3d099bb8615cd5e9f18fdc05e56843440d07
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3a43b28e4daf9a3d8d68d3dc9e70e91cbe7eedd4e71f9cd64528545dabf7f29482c9ac73733d3d01f6c5cc6729891748ad2176983284845631b90a77c4b2fefb
|
7
|
+
data.tar.gz: 1acc1ab81acc196fa9b00651e6c06c870b65a76c82c6784f209ec16aaf02f76f2a8fe3e04c73482f7b0774197e39d6a44f1098d7a619bcb39e6d66960d74bc1f
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -4,7 +4,7 @@
|
|
4
4
|
|
5
5
|
The OpenVAS add-on enables users to upload OpenVAS XML files to create a structure of nodes/notes that contain the same information about the hosts/ports/services as the original file.
|
6
6
|
|
7
|
-
The add-on requires [Dradis CE](https://
|
7
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
8
8
|
|
9
9
|
The add-on supports OpenVAS v6 and v7 output.
|
10
10
|
|
@@ -45,7 +45,7 @@ module Dradis::Plugins::OpenVAS
|
|
45
45
|
|
46
46
|
logger.info{ "\t\t => Creating new issue (#{nvt_oid})" }
|
47
47
|
|
48
|
-
issue_text =
|
48
|
+
issue_text = mapping_service.apply_mapping(source: 'result', data: xml_result)
|
49
49
|
issue = content_service.create_issue(text: issue_text, id: nvt_oid)
|
50
50
|
|
51
51
|
|
@@ -90,8 +90,8 @@ module Dradis::Plugins::OpenVAS
|
|
90
90
|
# doesn't provide any per-instance information.
|
91
91
|
#
|
92
92
|
# Best thing to do is to include the full <description> field and let the user deal with it.
|
93
|
-
|
94
|
-
evidence_content =
|
93
|
+
|
94
|
+
evidence_content = mapping_service.apply_mapping(source: 'evidence', data: xml_result)
|
95
95
|
content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
|
96
96
|
end
|
97
97
|
|
@@ -0,0 +1,49 @@
|
|
1
|
+
module Dradis::Plugins::OpenVAS
|
2
|
+
module Mapping
|
3
|
+
DEFAULT_MAPPING = {
|
4
|
+
evidence: {
|
5
|
+
'Port' => '{{ openvas[evidence.port] }}',
|
6
|
+
'Description' => '{{ openvas[evidence.description] }}'
|
7
|
+
},
|
8
|
+
result: {
|
9
|
+
'Title' => '{{ openvas[result.name] }}',
|
10
|
+
'CVSSv2' => '{{ openvas[result.cvss_base] }}',
|
11
|
+
'AffectedSoftware' => '{{ openvas[result.affected_software] }}',
|
12
|
+
'Description' => '{{ openvas[result.summary] }}',
|
13
|
+
'Recommendation' => '{{ openvas[result.solution] }}',
|
14
|
+
'References' => "CVE: {{ openvas[result.cve] }}\nCVSS Vector: {{ cvss_base_vector }}\nBID: {{ openvas[result.bid] }}\nOther: {{ openvas[result.xref] }}",
|
15
|
+
'RawDescription' => "(note that some of the information below can change from instance to instance of this problem)\n {{ openvas[result.description] }}"
|
16
|
+
}
|
17
|
+
}.freeze
|
18
|
+
|
19
|
+
SOURCE_FIELDS = {
|
20
|
+
evidence: [
|
21
|
+
'evidence.port',
|
22
|
+
'evidence.description'
|
23
|
+
],
|
24
|
+
result: [
|
25
|
+
'result.threat',
|
26
|
+
'result.description',
|
27
|
+
'result.original_threat',
|
28
|
+
'result.notes',
|
29
|
+
'result.overrides',
|
30
|
+
'result.name',
|
31
|
+
'result.cvss_base',
|
32
|
+
'result.cvss_base_vector',
|
33
|
+
'result.risk_factor',
|
34
|
+
'result.cve',
|
35
|
+
'result.bid',
|
36
|
+
'result.xref',
|
37
|
+
'result.summary',
|
38
|
+
'result.insight',
|
39
|
+
'result.info_gathered',
|
40
|
+
'result.impact',
|
41
|
+
'result.impact_level',
|
42
|
+
'result.affected_software',
|
43
|
+
'result.solution',
|
44
|
+
'result.solution_type',
|
45
|
+
'result.vuldetect'
|
46
|
+
]
|
47
|
+
}.freeze
|
48
|
+
end
|
49
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dradis-openvas
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.12.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Martin
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-05-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dradis-plugins
|
@@ -106,6 +106,7 @@ files:
|
|
106
106
|
- lib/dradis/plugins/openvas/field_processor.rb
|
107
107
|
- lib/dradis/plugins/openvas/gem_version.rb
|
108
108
|
- lib/dradis/plugins/openvas/importer.rb
|
109
|
+
- lib/dradis/plugins/openvas/mapping.rb
|
109
110
|
- lib/dradis/plugins/openvas/version.rb
|
110
111
|
- lib/openvas/result.rb
|
111
112
|
- lib/openvas/v6/result.rb
|
@@ -119,12 +120,8 @@ files:
|
|
119
120
|
- spec/openvas/upload_v24_spec.rb
|
120
121
|
- spec/spec_helper.rb
|
121
122
|
- spec/support/fixture_loader.rb
|
122
|
-
- templates/evidence.fields
|
123
123
|
- templates/evidence.sample
|
124
|
-
- templates/evidence.template
|
125
|
-
- templates/result.fields
|
126
124
|
- templates/result.sample
|
127
|
-
- templates/result.template
|
128
125
|
homepage: https://dradis.com/integrations/openvas.html
|
129
126
|
licenses:
|
130
127
|
- GPL-2
|
@@ -144,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
144
141
|
- !ruby/object:Gem::Version
|
145
142
|
version: '0'
|
146
143
|
requirements: []
|
147
|
-
rubygems_version: 3.
|
144
|
+
rubygems_version: 3.1.4
|
148
145
|
signing_key:
|
149
146
|
specification_version: 4
|
150
147
|
summary: OpenVAS add-on for the Dradis Framework.
|
data/templates/evidence.fields
DELETED
data/templates/evidence.template
DELETED
data/templates/result.fields
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
result.threat
|
2
|
-
result.description
|
3
|
-
result.original_threat
|
4
|
-
result.notes
|
5
|
-
result.overrides
|
6
|
-
result.name
|
7
|
-
result.cvss_base
|
8
|
-
result.cvss_base_vector
|
9
|
-
result.risk_factor
|
10
|
-
result.cve
|
11
|
-
result.bid
|
12
|
-
result.xref
|
13
|
-
result.summary
|
14
|
-
result.insight
|
15
|
-
result.info_gathered
|
16
|
-
result.impact
|
17
|
-
result.impact_level
|
18
|
-
result.affected_software
|
19
|
-
result.solution
|
20
|
-
result.solution_type
|
21
|
-
result.vuldetect
|
data/templates/result.template
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
#[Title]#
|
2
|
-
%result.name%
|
3
|
-
|
4
|
-
|
5
|
-
#[CVSSv2]#
|
6
|
-
%result.cvss_base%
|
7
|
-
|
8
|
-
#[AffectedSoftware]#
|
9
|
-
%result.affected_software%
|
10
|
-
|
11
|
-
#[Description]#
|
12
|
-
%result.summary%
|
13
|
-
|
14
|
-
#[Recommendation]#
|
15
|
-
%result.solution%
|
16
|
-
|
17
|
-
|
18
|
-
#[References]#
|
19
|
-
CVE: %result.cve%
|
20
|
-
CVSS Vector: %cvss_base_vector%
|
21
|
-
BID: %result.bid%
|
22
|
-
Other: %result.xref%
|
23
|
-
|
24
|
-
|
25
|
-
#[RawDescription]#
|
26
|
-
(note that some of the information below can change from instance to instance of this problem)
|
27
|
-
%result.description%
|