dradis-qualys 3.6.0 → 3.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d787a2a51c4bf3bf7dd7e42a6e43ab553278a6ba
-  data.tar.gz: 1b5a948f1a33dfec75cda3f858558657b5bc1f47
+  metadata.gz: c7659b662887c3f8025907a28e0ae265d268467d
+  data.tar.gz: ac58eaabf7fcf346b50c33339ebe4ed67c00e6a0
 SHA512:
-  metadata.gz: 496d341454d8561953b4b8991880098ae5b8d3682f1ceaf5e883f6d2284e19086f5ffe7d51ecfe56ffb2d665d002ebbda514f9636531596103162ad2c89f90ef
-  data.tar.gz: b647279d0291308ebd1113a3368e941f7d7f820cbd12a3d564899762a0892cf7e4a3d5cc770ab58bd18d4d9ff9b68557373bed0f2d4d62a5e35c92fe59567627
+  metadata.gz: 68814114fe05a9175cabd11442ee7b263ef1337968c40a053a2f4d41f0349deab49be9902cb2827ef2f4ee8471ea859c24c06ad923ef520f43258a90f1d3f9dd
+  data.tar.gz: bc0d183262a9a2f5002dbbe2f21bf14df76f62cca8ac6f4c04b7a4d282b16dcfb7c326c56aa3f987761102a4cb03c483c2acf17dc0948f6672fb8faf4b0ed6ee

data/CHANGELOG.md

@@ -1,3 +1,8 @@
-## Dradis Framework 3.6 (March XX, 2017) ##
+## Dradis Framework 3.7 (July, 2017) ##
+
+*   Better HTML entity translation (thanks @leesoh).
+*   Import INFOS, SERVICES, etc as Issues #7 (thanks @rachkor).
+
+## Dradis Framework 3.6 (March, 2017) ##
 
 *   No changes.

data/lib/dradis/plugins/qualys/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 3
-        MINOR = 6
+        MINOR = 7
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/qualys/importer.rb

@@ -41,89 +41,42 @@ module Dradis::Plugins::Qualys
       end
       content_service.create_note text: host_text, node: self.host_node
 
-      # We'll deal with 'VULNS' separately
-      ['INFOS', 'SERVICES', 'PRACTICES'].each do |collection|
+      # We treat INFOS, SERVICES, PRACTICES, and VULNS the same way
+      # All of these are imported into Dradis as Issues
+      ['INFOS', 'SERVICES', 'PRACTICES', 'VULNS'].each do |collection|
         xml_host.xpath(collection).each do |xml_collection|
           process_collection(collection, xml_collection)
         end
       end
-
-      # Now we focus on 'VULNS' which we convert into Issue/Evidence
-      #
-      # For each <VULN> we need a reference to the parent <CAT> object for
-      # information such as port or protocol.
-      #
-      # Before we hand this to the template_service we need to make sure that
-      # a single VULN is hanging from the parent. To avoid messing the
-      # original document structure we just dup it.
-      logger.info{ "Extracting VULNS" }
-
-      xml_host.xpath('VULNS/CAT').each do |xml_cat|
-
-        empty_dup_xml_cat = xml_cat.dup
-        empty_dup_xml_cat.children.remove
-
-        xml_cat.xpath('VULN').each do |xml_vuln|
-          vuln_number = xml_vuln[:number]
-
-          # We need to clear any siblings before or after this VULN
-          dup_xml_cat = empty_dup_xml_cat.dup
-          dup_xml_cat.add_child(xml_vuln.dup)
-
-          process_vuln(vuln_number, dup_xml_cat)
-        end
-      end
     end
 
     def process_collection(collection, xml_collection)
-      collection_node = nil
       xml_cats = xml_collection.xpath('CAT')
 
       xml_cats.each do |xml_cat|
         logger.info{ "\t#{ collection } - #{ xml_cat['value'] }" }
 
-        if xml_cats.count == 1
-          category_node = content_service.create_node(
-            label: "#{ collection.downcase } - #{ xml_cats.first['value'] }",
-            type: :default,
-            parent: self.host_node)
-        else
-          collection_node ||= content_service.create_node(
-            label: collection.downcase,
-            type: :default,
-            parent: self.host_node)
-          category_node = content_service.create_node(
-            label: xml_cat['value'],
-            type: :default,
-            parent: collection_node)
-        end
-
         empty_dup_xml_cat = xml_cat.dup
         empty_dup_xml_cat.children.remove
 
-        # For each INFOS/CAT/INFO, SERVICES/CAT/SERVICE, etc.
+        # For each INFOS/CAT/INFO, SERVICES/CAT/SERVICE, VULNS/CAT/VULN, etc.
         xml_cat.xpath(collection.chop).each do |xml_element|
           dup_xml_cat = empty_dup_xml_cat.dup
           dup_xml_cat.add_child(xml_element.dup)
+          cat_number = xml_element[:number]
 
-          note_content = template_service.process_template(template: 'element', data: dup_xml_cat)
-
-          # retrieve hosts affected by this issue
-          note_content << "\n#[host]#\n"
-          note_content << self.host_node.label
-          note_content << "\n\n"
+          process_vuln(collection, cat_number, dup_xml_cat)
 
-          content_service.create_note text: note_content, node: category_node
         end
       end
     end
 
     # Takes a <CAT> element containing a single <VULN> element and processes an
     # Issue and Evidence template out of it.
-    def process_vuln(vuln_number, xml_cat)
+    def process_vuln(collection, vuln_number, xml_cat)
       logger.info{ "\t\t => Creating new issue (plugin_id: #{ vuln_number })" }
       issue_text = template_service.process_template(template: 'element', data: xml_cat)
-      issue_text << "\n\n#[Number]#\n#{ vuln_number }\n\n"
+      issue_text << "\n\n#[qualys_collection]#\n#{ collection }"
       issue = content_service.create_issue(text: issue_text, id: vuln_number)
 
       logger.info{ "\t\t => Creating new evidence" }

data/lib/qualys/element.rb

@@ -92,6 +92,10 @@ module Qualys
 
     def cleanup_html(source)
       result = source.dup
+      result.gsub!(/"/, '"')
+      result.gsub!(/&lt;/, '<')
+      result.gsub!(/&gt;/, '>')
+      
       result.gsub!(/<p>/i, "\n\n")
       result.gsub!(/<br>/i, "\n")
       result.gsub!(/          /, "")

data/lib/tasks/thorfile.rb

@@ -7,9 +7,6 @@ class QualysTasks < Thor
   def upload(file_path)
     require 'config/environment'
 
-    logger = Logger.new(STDOUT)
-    logger.level = Logger::DEBUG
-
     unless File.exists?(file_path)
       $stderr.puts "** the file [#{file_path}] does not exist"
       exit -1
@@ -17,10 +14,8 @@ class QualysTasks < Thor
 
     detect_and_set_project_scope
 
-    importer = Dradis::Plugins::Qualys::Importer.new(logger: logger)
+    importer = Dradis::Plugins::Qualys::Importer.new(task_options)
     importer.import(file: file_path)
-
-    logger.close
   end
 
 end

data/spec/qualys/importer_spec.rb

@@ -4,7 +4,7 @@ require "ostruct"
 describe Dradis::Plugins::Qualys::Importer do
   let(:plugin) { Dradis::Plugins::Qualys }
 
-  let(:content_service)  { Dradis::Plugins::ContentService.new(plugin: plugin) }
+  let(:content_service)  { Dradis::Plugins::ContentService::Base.new(plugin: plugin) }
   let(:template_service) { Dradis::Plugins::TemplateService.new(plugin: plugin) }
 
   let(:importer) {
@@ -33,8 +33,6 @@ describe Dradis::Plugins::Qualys::Importer do
 
   let(:example_xml) { 'spec/fixtures/files/simple.xml' }
 
-  pending "collapses INFOS|SERVICES|VULNS|PRACTICES node if only a single element is found"
-
   def run_import!
     importer.import(file: example_xml)
   end
@@ -43,14 +41,6 @@ describe Dradis::Plugins::Qualys::Importer do
     # Host node
     expect_to_create_node_with(label: '10.0.155.160')
 
-    # Information gathering node
-    expect_to_create_node_with(label: 'infos - Information gathering')
-
-    # Services node with its child nodes
-    expect_to_create_node_with(label: 'services')
-    expect_to_create_node_with(label: 'TCP/IP')
-    expect_to_create_node_with(label: 'Web server')
-
     run_import!
   end
 
@@ -59,68 +49,88 @@ describe Dradis::Plugins::Qualys::Importer do
     # Host node notes
     expect_to_create_note_with(text: "Basic host info")
 
-    # Information gathering node and notes
-    expect_to_create_note_with(
-      text: "DNS Host Name",
-      node_label: "infos - Information gathering"
-    )
-    expect_to_create_note_with(
-      text: "Host Scan Time",
-      node_label: "infos - Information gathering"
-    )
-
-    # Child notes of Services node
-    expect_to_create_note_with(
-      text: "Open TCP Services List",
-      node_label: "TCP/IP"
-    )
-
-    expect_to_create_note_with(
-      text: "Web Server Version",
-      node_label: "Web server"
-    )
-
     run_import!
   end
 
   # Issues and evidences from vulns
-  # There are 3 vulns in total:
+  # There are 7 vulns/infos/services in total:
+  #   - DNS Host Name
+  #   - Host Scan Time
+  #   - Open TCP Services List
+  #   - Web Server Version
   #   - TCP/IP: Sequence number in both hosts
   #   - Web server: Apache 1.3
   #   - Web server: ETag
-  # Each one should create 1 issue and 1 evidence
 
   it "creates issues from vulns" do
     expect_to_create_issue_with(
-      text: "Sequence Number Approximation Based Denial of Service"
+      text: "DNS Host Name"
     )
 
     expect_to_create_issue_with(
-      text: "Apache 1.3 HTTP Server Expect Header Cross-Site Scripting"
+      text: "Host Scan Time"
     )
 
     expect_to_create_issue_with(
-      text: "Apache Web Server ETag Header Information Disclosure Weakness"
+      text: "Open TCP Services List"
+    )
+
+    expect_to_create_issue_with(
+      text: "Web Server Version"
+    )
+
+    expect_to_create_issue_with(
+      text: "TCP Sequence Number Approximation Based Denial of Service"
     )
 
+    expect_to_create_issue_with(
+      text: "Apache 1.3 HTTP Server Expect Header Cross-Site Scripting"
+    )
+    
+    expect_to_create_issue_with(
+      text: "Apache Web Server ETag Header Information Disclosure Weakness"
+    )
+    
     run_import!
   end
 
   it "creates evidence from vulns" do
     expect_to_create_evidence_with(
-      content: "Tested on port 80 with an injected SYN/RST offset by 16 bytes.",
-      issue: "Sequence Number Approximation Based Denial of Service",
+      content: "IP address\tHost name\n10.0.155.160\tNo registered hostname\n",
+      issue: "DNS Host Name",
       node_label: "10.0.155.160"
     )
 
     expect_to_create_evidence_with(
-      content: "The expectation given in the Expect request-header",
-      issue: "Apache 1.3 HTTP Server Expect Header Cross-Site Scripting",
+      content: "Scan duration: 5445 seconds\n\nStart time: Fri, Dec 20 2011, 17:38:59 GMT\n\nEnd time: Fri, Dec 20 2011, 19:09:44 GMT",
+      issue: "Host Scan Time",
       node_label: "10.0.155.160"
     )
 
     expect_to_create_evidence_with(
-      content: "bee-4f12-00794aef",
+      content: "\tDescription\tService Detected\tOS On Redirected Port\n80\twww\tWorld Wide Web HTTP\thttp",
+      issue: "Open TCP Services List",
+      node_label: "10.0.155.160"
+    )
+
+    expect_to_create_evidence_with(
+      content: "Server Version\tServer Banner\nApache 1.3\tApache",
+      issue: "Web Server Version",
+      node_label: "10.0.155.160"
+    )
+
+    expect_to_create_evidence_with(
+      content: "Tested on port 80 with an injected SYN/RST offset by 16 bytes.",
+      issue: "TCP Sequence Number Approximation Based Denial of Service",
+      node_label: "10.0.155.160"
+    )
+    expect_to_create_evidence_with(
+      content: "HTTP/1.1 417 Expectation Failed\nDate: Fri, 20 Dec 2011 19:05:57 GMT",
+      issue: "Apache 1.3 HTTP Server Expect Header Cross-Site Scripting",
+      node_label: "10.0.155.160"
+    )
+    expect_to_create_evidence_with(
+      content: "3bee-4f12-00794aef",
       issue: "Apache Web Server ETag Header Information Disclosure Weakness",
       node_label: "10.0.155.160"
     )

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-qualys
 version: !ruby/object:Gem::Version
-  version: 3.6.0
+  version: 3.7.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-06 00:00:00.000000000 Z
+date: 2017-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -153,7 +153,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.6.8
 signing_key: 
 specification_version: 4
 summary: Qualys add-on for the Dradis Framework.