dradis-qualys 4.7.0 → 4.9.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/lib/dradis/plugins/qualys/gem_version.rb +1 -1
  4. data/lib/qualys/was/vulnerability.rb +37 -7
  5. data/templates/was-evidence.fields +5 -0
  6. data/templates/was-evidence.template +13 -8
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bf628f2a523aec7a933cd7054b4cf74f763f96f51e67620d06d8ea8d965f069f
4
- data.tar.gz: 459abec5d7e898fed9ecf820fbb6a0519539e69aae8ac90576a77498b8675563
3
+ metadata.gz: 9ef14a4a46502ad8ac98818f7b04d8cbe31f44c15c4773ff522dd7ee902493b5
4
+ data.tar.gz: 8474cc15162e1a000fd8479ad3e17c4afa68652792815e24eea6fa309c799b49
5
5
  SHA512:
6
- metadata.gz: 9956b70e05fcd56547e0fcc2302962b360cade0ffffaae38b7a477cece99169464a420180bb6fd57fee556b69b7c2dbdc02417967cb5f5fcdf1b02861f26dae4
7
- data.tar.gz: '05929e66ce50981b2e87138d50484c8b1e692c35087b7dfe68567c4f2a060f54329c836f165dda261aec97e5ab51547964533e4f46d1dc942762cfdcef7f101b'
6
+ metadata.gz: fb173d9b80fa0f7a3f272d79e54a3d1f250bebca49eaacfd3909144cf470bbcdd50055b6b19346664aacc080d9cf6289c8942361504654af065e1ed4296dd16d
7
+ data.tar.gz: 0bc1694d295160eacf438c82c541301868b90ebf9c0a70e3f4da5beefb4d7fd09a4cc966fedd60732505e4a0880d8bbe8621c09f41151c430ca3366fe121e5a0
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ v4.9.0 (June 2023)
2
+ - Adds Request/Response Evidence fields for Web Application Scans (WAS)
3
+
4
+ v4.8.0 (April 2023)
5
+ - No changes
6
+
1
7
  v4.7.0 (February 2023)
2
8
  - No changes
3
9
 
data/lib/dradis/plugins/qualys/gem_version.rb CHANGED
@@ -8,7 +8,7 @@ module Dradis
8
8
 
9
9
  module VERSION
10
10
  MAJOR = 4
11
- MINOR = 7
11
+ MINOR = 9
12
12
  TINY = 0
13
13
  PRE = nil
14
14
 
data/lib/qualys/was/vulnerability.rb CHANGED
@@ -18,7 +18,10 @@ module Qualys::WAS
18
18
  def supported_tags
19
19
  [
20
20
  # simple tags
21
- :access_paths, :ajax, :authentication, :ignored, :potential, :url
21
+ :access_paths, :ajax, :authentication, :ignored, :potential, :url,
22
+
23
+ # nested tags
24
+ :response_contents, :response_evidence, :request_headers, :request_method, :request_url
22
25
  ]
23
26
  end
24
27
 
@@ -45,24 +48,51 @@ module Qualys::WAS
45
48
  return
46
49
  end
47
50
 
48
- method_name = method.to_s
51
+ # Any fields where a simple .camelcase() won't work we need to translate,
52
+ # this includes acronyms (e.g. :cwe would become 'Cwe') and simple nested
53
+ # tags.
54
+ translations_table = {
55
+ access_paths: 'ACCESS_PATH/URL',
56
+ request_headers: 'PAYLOADS/PAYLOAD/REQUEST/HEADERS',
57
+ request_method: 'PAYLOADS/PAYLOAD/REQUEST/METHOD',
58
+ request_url: 'PAYLOADS/PAYLOAD/REQUEST/URL',
59
+ response_contents: 'PAYLOADS/PAYLOAD/RESPONSE/CONTENTS',
60
+ response_evidence: 'PAYLOADS/PAYLOAD/RESPONSE/EVIDENCE'
61
+ }
62
+
63
+ method_name = translations_table.fetch(method, method.to_s.upcase)
49
64
 
50
65
  # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
51
- tag = @xml.at_xpath("./#{method_name.upcase}")
66
+ tag = @xml.at_xpath("./#{method_name}")
52
67
  if tag && !tag.text.blank?
53
- if tags_with_html_content.include?(method)
54
- return Qualys::cleanup_html(tag.text)
68
+ if tags_with_base64.include?(method)
69
+ return decode_base64(tag)
55
70
  else
56
71
  return tag.text
57
72
  end
58
73
  else
59
74
  'n/a'
60
75
  end
76
+
61
77
  end
62
78
 
63
79
  private
64
- def tags_with_html_content
65
- []
80
+
81
+ def tags_with_base64
82
+ [:response_contents, :response_evidence]
83
+ end
84
+
85
+ def decode_base64(tag)
86
+ return 'n/a' unless tag
87
+
88
+ if tag['base64'] == 'true'
89
+ # The force_encoding is necessary as there is non-UTF content in the strings like \xE2
90
+ Base64.decode64(tag.text).force_encoding('UTF-8')
91
+ else
92
+ tag.text
93
+ end
66
94
  end
95
+
96
+
67
97
  end
68
98
  end
data/templates/was-evidence.fields CHANGED
@@ -3,4 +3,9 @@ was-evidence.ajax
3
3
  was-evidence.authentication
4
4
  was-evidence.ignored
5
5
  was-evidence.potential
6
+ was-evidence.request_headers
7
+ was-evidence.request_method
8
+ was-evidence.request_url
9
+ was-evidence.response_contents
10
+ was-evidence.response_evidence
6
11
  was-evidence.url
data/templates/was-evidence.template CHANGED
@@ -1,11 +1,16 @@
1
1
  #[Location]#
2
2
  %was-evidence.url%
3
3
 
4
- #[AccessPaths]#
5
- %was-evidence.access_paths%
6
-
7
- #[Flags]#
8
- Ajax: %was-evidence.ajax%
9
- Authentication: %was-evidence.authentication%
10
- Ignored: %was-evidence.ignored%
11
- Potential: %was-evidence.potential%
4
+ #[Output]#
5
+ *Request*
6
+
7
+ Method: %was-evidence.request_method%
8
+ URL: %was-evidence.request_url%
9
+
10
+ bc.. %was-evidence.request_headers%
11
+
12
+ p. *Response*
13
+
14
+ Evidence: %was-evidence.response_evidence%
15
+
16
+ bc.. %was-evidence.response_contents%
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-qualys
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.7.0
4
+ version: 4.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-02-20 00:00:00.000000000 Z
11
+ date: 2023-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins