dradis-qualys 4.9.0 → 4.11.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9ef14a4a46502ad8ac98818f7b04d8cbe31f44c15c4773ff522dd7ee902493b5
4
- data.tar.gz: 8474cc15162e1a000fd8479ad3e17c4afa68652792815e24eea6fa309c799b49
3
+ metadata.gz: 07eda0c6a5954e3c931b298b39398d410a58f3799b9ef93da484d92152507cac
4
+ data.tar.gz: bf52cbbff50c82a8c8c0841a80236923c0fbdf0f02114c0a815c1e176802c17f
5
5
  SHA512:
6
- metadata.gz: fb173d9b80fa0f7a3f272d79e54a3d1f250bebca49eaacfd3909144cf470bbcdd50055b6b19346664aacc080d9cf6289c8942361504654af065e1ed4296dd16d
7
- data.tar.gz: 0bc1694d295160eacf438c82c541301868b90ebf9c0a70e3f4da5beefb4d7fd09a4cc966fedd60732505e4a0880d8bbe8621c09f41151c430ca3366fe121e5a0
6
+ metadata.gz: 4992bfc707a72857b9d94443bf5661139fe61f5abc168dff49ccdee04ff98e40abebfef3bdd2daebe5ff8006139639807fa27bee722ac869bc0a5ef5f213799d
7
+ data.tar.gz: 473ca19f10c043537b693d3c9b44afccb141ee6e66acfdd68f885ac66fd61022cc1abbeab4f8b4dc24731a3825f0f3266e3b58b2ac734604b454d410bf075737
@@ -1,3 +1,5 @@
1
+ Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
2
+
1
3
  ### Summary
2
4
 
3
5
  Provide a general description of the code changes in your pull
@@ -6,6 +8,11 @@ these bugs have open GitHub issues, be sure to tag them here as well,
6
8
  to keep the conversation linked together.
7
9
 
8
10
 
11
+ ### Testing Steps
12
+
13
+ Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
14
+
15
+
9
16
  ### Other Information
10
17
 
11
18
  If there's anything else that's important and relevant to your pull
@@ -26,11 +33,13 @@ products, we must have the copyright associated with the entire
26
33
  codebase. Any code you create which is merged must be owned by us.
27
34
  That's not us trying to be a jerks, that's just the way it works.
28
35
 
29
- Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
30
- file for the details.
31
-
32
36
  You can delete this section, but the following sentence needs to
33
37
  remain in the PR's description:
34
38
 
35
39
  > I assign all rights, including copyright, to any future Dradis
36
40
  > work by myself to Security Roots.
41
+
42
+ ### Check List
43
+
44
+ - [ ] Added a CHANGELOG entry
45
+ - [ ] Added specs
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ v4.11.0 (January 2023)
2
+ - Add support for the output for Qualys WAS API 3.13 and later
3
+
4
+ v4.10.0 (September 2023)
5
+ - Update gemspec links
6
+
1
7
  v4.9.0 (June 2023)
2
8
  - Adds Request/Response Evidence fields for Web Application Scans (WAS)
3
9
 
data/README.md CHANGED
@@ -10,12 +10,12 @@ The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis
10
10
 
11
11
  ## More information
12
12
 
13
- See the Dradis Framework's [README.md](https://github.com/dradis/dradisframework/blob/master/README.md)
13
+ See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
14
14
 
15
15
 
16
16
  ## Contributing
17
17
 
18
- See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisframework/blob/master/CONTRIBUTING.md)
18
+ See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
19
19
 
20
20
 
21
21
  ## License
@@ -13,8 +13,7 @@ Gem::Specification.new do |spec|
13
13
  spec.license = 'GPL-2'
14
14
 
15
15
  spec.authors = ['Daniel Martin']
16
- spec.email = ['etd@nomejortu.com']
17
- spec.homepage = 'http://dradisframework.org'
16
+ spec.homepage = 'https://dradis.com/integrations/qualys.html'
18
17
 
19
18
  spec.files = `git ls-files`.split($\)
20
19
  spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
@@ -8,7 +8,7 @@ module Dradis
8
8
 
9
9
  module VERSION
10
10
  MAJOR = 4
11
- MINOR = 9
11
+ MINOR = 11
12
12
  TINY = 0
13
13
  PRE = nil
14
14
 
@@ -1,5 +1,4 @@
1
1
  module Dradis::Plugins::Qualys
2
-
3
2
  # This module knows how to parse Qualys Web Application Scanner format.
4
3
  module WAS
5
4
  def self.meta
@@ -17,17 +16,17 @@ module Dradis::Plugins::Qualys
17
16
  { evidence: 'was-evidence', issue: 'was-issue' }
18
17
  end
19
18
 
20
- def initialize(args={})
19
+ def initialize(args = {})
21
20
  args[:plugin] = Dradis::Plugins::Qualys
22
21
  super(args)
23
22
 
24
23
  @issue_lookup = {}
25
24
  end
26
25
 
27
- def import(params={})
26
+ def import(params = {})
28
27
  file_content = File.read(params[:file])
29
28
 
30
- logger.info { 'Parsing Qualys WAS XML output file...'}
29
+ logger.info { 'Parsing Qualys WAS XML output file...' }
31
30
  doc = Nokogiri::XML(file_content)
32
31
  logger.info { 'Done.' }
33
32
 
@@ -38,20 +37,27 @@ module Dradis::Plugins::Qualys
38
37
  return false
39
38
  end
40
39
 
41
- logger.info { 'Global Summary information'}
40
+ logger.info { 'Global Summary information' }
42
41
 
43
42
  xml_global_summary = doc.at_xpath('WAS_SCAN_REPORT/SUMMARY/GLOBAL_SUMMARY')
44
43
  logger.info { 'Security Risk: ' + xml_global_summary.at_xpath('./SECURITY_RISK').text }
45
44
  logger.info { 'Vulnerabilities found: ' + xml_global_summary.at_xpath('./VULNERABILITY').text }
46
45
 
47
- xml_webapp = doc.at_xpath('WAS_SCAN_REPORT/APPENDIX/WEBAPP')
46
+ xml_webapp =
47
+ doc.at_xpath('WAS_SCAN_REPORT/APPENDIX/WEBAPP | WAS_SCAN_REPORT/APPENDIX/WEB_APPLICATION')
48
48
  process_webapp(xml_webapp)
49
49
 
50
50
  doc.xpath('WAS_SCAN_REPORT/GLOSSARY/QID_LIST/QID').each do |xml_qid|
51
51
  process_issue(xml_qid)
52
52
  end
53
53
 
54
- doc.xpath('WAS_SCAN_REPORT/RESULTS/VULNERABILITY_LIST/VULNERABILITY').each do |xml_vulnerability|
54
+ vulnerability_list =
55
+ doc.xpath(
56
+ 'WAS_SCAN_REPORT/RESULTS/VULNERABILITY_LIST/VULNERABILITY | ' +
57
+ 'WAS_SCAN_REPORT/RESULTS/WEB_APPLICATION/VULNERABILITY_LIST/VULNERABILITY'
58
+ )
59
+
60
+ vulnerability_list.each do |xml_vulnerability|
55
61
  process_evidence(xml_vulnerability)
56
62
  end
57
63
 
@@ -68,11 +74,11 @@ module Dradis::Plugins::Qualys
68
74
  if issue
69
75
  issue_id = issue.respond_to?(:id) ? issue.id : issue.to_issue.id
70
76
 
71
- logger.info{ "\t => Creating new evidence (plugin_id: #{id})" }
72
- logger.info{ "\t\t => Issue: #{issue.title} (plugin_id: #{issue_id})" }
73
- logger.info{ "\t\t => Node: #{webapp_node.label} (#{webapp_node.id})" }
77
+ logger.info { "\t => Creating new evidence (plugin_id: #{id})" }
78
+ logger.info { "\t\t => Issue: #{issue.title} (plugin_id: #{issue_id})" }
79
+ logger.info { "\t\t => Node: #{webapp_node.label} (#{webapp_node.id})" }
74
80
  else
75
- logger.info{ "\t => Couldn't find QID for evidence with ID=#{id}" }
81
+ logger.info { "\t => Couldn't find QID for evidence with ID=#{id}" }
76
82
  return
77
83
  end
78
84
 
@@ -82,7 +88,7 @@ module Dradis::Plugins::Qualys
82
88
 
83
89
  def process_issue(xml_qid)
84
90
  qid = xml_qid.at_xpath('QID').text
85
- logger.info{ "\t => Creating new issue (plugin_id: #{ qid })" }
91
+ logger.info { "\t => Creating new issue (plugin_id: #{ qid })" }
86
92
  issue_text = template_service.process_template(template: 'was-issue', data: xml_qid)
87
93
  issue = content_service.create_issue(text: issue_text, id: qid)
88
94
 
@@ -0,0 +1,138 @@
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
+ <WAS_SCAN_REPORT>
3
+ <HEADER>
4
+ <NAME>Scan Report</NAME>
5
+ <DESCRIPTION>Vulnerabilities of all selected scans are consolidated into one report so that you can view their evolution.</DESCRIPTION>
6
+ <GENERATION_DATETIME>10 Nov 2021 10:00AM GMT-0500</GENERATION_DATETIME>
7
+ <COMPANY_INFO>
8
+ <NAME>Sample Company</NAME>
9
+ <ADDRESS>Sample Address</ADDRESS>
10
+ <CITY>Sample City</CITY>
11
+ <STATE>Sample State</STATE>
12
+ <COUNTRY>Sample Country</COUNTRY>
13
+ <ZIP_CODE>00000</ZIP_CODE>
14
+ </COMPANY_INFO>
15
+ <USER_INFO>
16
+ <NAME>Test User</NAME>
17
+ <USERNAME>test_user</USERNAME>
18
+ <ROLE>PC User,VM User</ROLE>
19
+ </USER_INFO>
20
+ </HEADER>
21
+ <FILTERS>
22
+ <FILTER>
23
+ <NAME>REMEDIATION</NAME>
24
+ <VALUE>Include patched findings</VALUE>
25
+ </FILTER>
26
+ <FILTER>
27
+ <NAME>REMEDIATION</NAME>
28
+ <VALUE>Show ignored findings </VALUE>
29
+ </FILTER>
30
+ </FILTERS>
31
+ <TARGET>
32
+ <SCAN>Test Scan</SCAN>
33
+ </TARGET>
34
+ <SUMMARY>
35
+ <GLOBAL_SUMMARY>
36
+ <SECURITY_RISK>High</SECURITY_RISK>
37
+ <VULNERABILITY>31</VULNERABILITY>
38
+ <SENSITIVE_CONTENT>0</SENSITIVE_CONTENT>
39
+ <INFORMATION_GATHERED>30</INFORMATION_GATHERED>
40
+ </GLOBAL_SUMMARY>
41
+ <SUMMARY_STATS>
42
+ <SUMMARY_STAT>
43
+ <SCAN>test Scan</SCAN>
44
+ <DATE>12 Oct 2021</DATE>
45
+ <LEVEL5>5</LEVEL5>
46
+ <LEVEL4>2</LEVEL4>
47
+ <LEVEL3>9</LEVEL3>
48
+ <LEVEL2>2</LEVEL2>
49
+ <LEVEL1>13</LEVEL1>
50
+ <SENSITIVE_CONTENT>0</SENSITIVE_CONTENT>
51
+ <INFORMATION_GATHERED>30</INFORMATION_GATHERED>
52
+ </SUMMARY_STAT>
53
+ </SUMMARY_STATS>
54
+ </SUMMARY>
55
+ <RESULTS>
56
+ <WEB_APPLICATION>
57
+ <ID>12345</ID>
58
+ <NAME>Example Company</NAME>
59
+ <VULNERABILITY_LIST>
60
+ <VULNERABILITY>
61
+ <UNIQUE_ID>test-id</UNIQUE_ID>
62
+ <ID>1</ID>
63
+ <DETECTION_ID>1</DETECTION_ID>
64
+ <QID>6</QID>
65
+ <URL>http://example.com</URL>
66
+ <ACCESS_PATH>
67
+ <URL>http://example.com</URL>
68
+ </ACCESS_PATH>
69
+ <AJAX>false</AJAX>
70
+ <AUTHENTICATION>Not Required</AUTHENTICATION>
71
+ <DETECTION_DATE>21 Aug 2021 10:00PM GMT-0500</DETECTION_DATE>
72
+ <POTENTIAL>false</POTENTIAL>
73
+ <PAYLOADS>
74
+ <PAYLOAD>
75
+ <NUM>1</NUM>
76
+ <PAYLOAD>N/A</PAYLOAD>
77
+ <REQUEST>
78
+ <METHOD>GET</METHOD>
79
+ <URL>http://example.com</URL>
80
+ <HEADERS>
81
+ <HEADER>
82
+ <key>Host</key>
83
+ <value><![CDATA[ example.com ]]></value>
84
+ </HEADER>
85
+ <HEADER>
86
+ <key>User-Agent</key>
87
+ <value>user-agent</value>
88
+ </HEADER>
89
+ <HEADER>
90
+ <key>Accept</key>
91
+ <value><![CDATA[ */*
92
+ </HEADER>
93
+ </HEADERS>
94
+ <BODY></BODY>
95
+ </REQUEST>
96
+ <RESPONSE>
97
+ <CONTENTS base64="true"></CONTENTS>
98
+ </RESPONSE>
99
+ </PAYLOAD>
100
+ </PAYLOADS>
101
+ <IGNORED>false</IGNORED>
102
+ </VULNERABILITY>
103
+ </VULNERABILITY_LIST>
104
+ </WEB_APPLICATION>
105
+ </RESULTS>
106
+ <GLOSSARY>
107
+ <QID_LIST>
108
+ <QID>
109
+ <QID>6</QID>
110
+ <CATEGORY>Information Gathered</CATEGORY>
111
+ <SEVERITY>1</SEVERITY>
112
+ <TITLE>DNS Host Name</TITLE>
113
+ <GROUP>DIAG</GROUP>
114
+ <DESCRIPTION>The fully qualified domain name of this host, if it was obtained from a DNS server, is displayed in the RESULT section.</DESCRIPTION>
115
+ <IMPACT>N/A</IMPACT>
116
+ <SOLUTION>N/A</SOLUTION>
117
+ <CVSS_BASE>4.3</CVSS_BASE>
118
+ <CVSS_TEMPORAL>3.9</CVSS_TEMPORAL>
119
+ <CVSS_V3>
120
+ <BASE>6.1</BASE>
121
+ <TEMPORAL>5.8</TEMPORAL>
122
+ <ATTACK_VECTOR>Network</ATTACK_VECTOR>
123
+ </CVSS_V3>
124
+ </QID>
125
+ </QID_LIST>
126
+ </GLOSSARY>
127
+ <APPENDIX>
128
+ <WEB_APPLICATION>
129
+ <ID>1</ID>
130
+ <NAME>Test</NAME>
131
+ <URL>http://example.com</URL>
132
+ <OWNER>Test User</OWNER>
133
+ <SCOPE>Limit to URL hostname</SCOPE>
134
+ <CUSTOM_ATTRIBUTES/>
135
+ <TAGS/>
136
+ </WEBAPP>
137
+ </APPENDIX>
138
+ </WAS_SCAN_REPORT>
@@ -2,7 +2,7 @@ require 'spec_helper'
2
2
  require 'ostruct'
3
3
 
4
4
  module Dradis::Plugins
5
- describe 'Qualys upload plugin' do
5
+ shared_examples 'Qualys upload plugin' do
6
6
  before(:each) do
7
7
  # Stub template service
8
8
  templates_dir = File.expand_path('../../../../templates', __FILE__)
@@ -16,7 +16,6 @@ module Dradis::Plugins
16
16
  )
17
17
  end
18
18
 
19
- let(:example_xml) { 'spec/fixtures/files/simple_was.xml' }
20
19
  let(:run_import!) { @importer.import(file: example_xml) }
21
20
 
22
21
  it 'creates nodes as needed' do
@@ -38,4 +37,16 @@ module Dradis::Plugins
38
37
  run_import!
39
38
  end
40
39
  end
40
+
41
+ context 'Simple WAS template' do
42
+ let(:example_xml) { 'spec/fixtures/files/simple_was.xml' }
43
+
44
+ include_examples 'Qualys upload plugin'
45
+ end
46
+
47
+ context 'WAS template with WEB_APPLICATION' do
48
+ let(:example_xml) { 'spec/fixtures/files/simple_was_updated.xml' }
49
+
50
+ include_examples 'Qualys upload plugin'
51
+ end
41
52
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-qualys
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.9.0
4
+ version: 4.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-31 00:00:00.000000000 Z
11
+ date: 2024-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins
@@ -97,7 +97,6 @@ dependencies:
97
97
  description: This add-on allows you to upload and parse output produced from Qualys
98
98
  Vulnerability Scanner into Dradis.
99
99
  email:
100
- - etd@nomejortu.com
101
100
  executables: []
102
101
  extensions: []
103
102
  extra_rdoc_files: []
@@ -134,6 +133,7 @@ files:
134
133
  - spec/fixtures/files/simple.xml
135
134
  - spec/fixtures/files/simple_asset.xml
136
135
  - spec/fixtures/files/simple_was.xml
136
+ - spec/fixtures/files/simple_was_updated.xml
137
137
  - spec/fixtures/files/two_hosts_common_issue.xml
138
138
  - spec/fixtures/files/with_ciphers.xml
139
139
  - spec/qualys/asset/importer_spec.rb
@@ -160,11 +160,11 @@ files:
160
160
  - templates/was-issue.fields
161
161
  - templates/was-issue.sample
162
162
  - templates/was-issue.template
163
- homepage: http://dradisframework.org
163
+ homepage: https://dradis.com/integrations/qualys.html
164
164
  licenses:
165
165
  - GPL-2
166
166
  metadata: {}
167
- post_install_message:
167
+ post_install_message:
168
168
  rdoc_options: []
169
169
  require_paths:
170
170
  - lib
@@ -179,8 +179,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
179
179
  - !ruby/object:Gem::Version
180
180
  version: '0'
181
181
  requirements: []
182
- rubygems_version: 3.1.4
183
- signing_key:
182
+ rubygems_version: 3.3.7
183
+ signing_key:
184
184
  specification_version: 4
185
185
  summary: Qualys add-on for the Dradis Framework.
186
186
  test_files:
@@ -189,6 +189,7 @@ test_files:
189
189
  - spec/fixtures/files/simple.xml
190
190
  - spec/fixtures/files/simple_asset.xml
191
191
  - spec/fixtures/files/simple_was.xml
192
+ - spec/fixtures/files/simple_was_updated.xml
192
193
  - spec/fixtures/files/two_hosts_common_issue.xml
193
194
  - spec/fixtures/files/with_ciphers.xml
194
195
  - spec/qualys/asset/importer_spec.rb