dradis-qualys 4.10.0 → 4.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/pull_request_template.md +12 -3
- data/CHANGELOG.md +3 -0
- data/README.md +2 -2
- data/lib/dradis/plugins/qualys/gem_version.rb +1 -1
- data/lib/dradis/plugins/qualys/was/importer.rb +18 -12
- data/spec/fixtures/files/simple_was_updated.xml +138 -0
- data/spec/qualys/was/importer_spec.rb +13 -2
- metadata +9 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 07eda0c6a5954e3c931b298b39398d410a58f3799b9ef93da484d92152507cac
|
|
4
|
+
data.tar.gz: bf52cbbff50c82a8c8c0841a80236923c0fbdf0f02114c0a815c1e176802c17f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4992bfc707a72857b9d94443bf5661139fe61f5abc168dff49ccdee04ff98e40abebfef3bdd2daebe5ff8006139639807fa27bee722ac869bc0a5ef5f213799d
|
|
7
|
+
data.tar.gz: 473ca19f10c043537b693d3c9b44afccb141ee6e66acfdd68f885ac66fd61022cc1abbeab4f8b4dc24731a3825f0f3266e3b58b2ac734604b454d410bf075737
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
|
|
2
|
+
|
|
1
3
|
### Summary
|
|
2
4
|
|
|
3
5
|
Provide a general description of the code changes in your pull
|
|
@@ -6,6 +8,11 @@ these bugs have open GitHub issues, be sure to tag them here as well,
|
|
|
6
8
|
to keep the conversation linked together.
|
|
7
9
|
|
|
8
10
|
|
|
11
|
+
### Testing Steps
|
|
12
|
+
|
|
13
|
+
Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
|
|
14
|
+
|
|
15
|
+
|
|
9
16
|
### Other Information
|
|
10
17
|
|
|
11
18
|
If there's anything else that's important and relevant to your pull
|
|
@@ -26,11 +33,13 @@ products, we must have the copyright associated with the entire
|
|
|
26
33
|
codebase. Any code you create which is merged must be owned by us.
|
|
27
34
|
That's not us trying to be a jerks, that's just the way it works.
|
|
28
35
|
|
|
29
|
-
Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
|
|
30
|
-
file for the details.
|
|
31
|
-
|
|
32
36
|
You can delete this section, but the following sentence needs to
|
|
33
37
|
remain in the PR's description:
|
|
34
38
|
|
|
35
39
|
> I assign all rights, including copyright, to any future Dradis
|
|
36
40
|
> work by myself to Security Roots.
|
|
41
|
+
|
|
42
|
+
### Check List
|
|
43
|
+
|
|
44
|
+
- [ ] Added a CHANGELOG entry
|
|
45
|
+
- [ ] Added specs
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -10,12 +10,12 @@ The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis
|
|
|
10
10
|
|
|
11
11
|
## More information
|
|
12
12
|
|
|
13
|
-
See the Dradis Framework's [README.md](https://github.com/dradis/
|
|
13
|
+
See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
|
|
14
14
|
|
|
15
15
|
|
|
16
16
|
## Contributing
|
|
17
17
|
|
|
18
|
-
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/
|
|
18
|
+
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
|
|
19
19
|
|
|
20
20
|
|
|
21
21
|
## License
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
module Dradis::Plugins::Qualys
|
|
2
|
-
|
|
3
2
|
# This module knows how to parse Qualys Web Application Scanner format.
|
|
4
3
|
module WAS
|
|
5
4
|
def self.meta
|
|
@@ -17,17 +16,17 @@ module Dradis::Plugins::Qualys
|
|
|
17
16
|
{ evidence: 'was-evidence', issue: 'was-issue' }
|
|
18
17
|
end
|
|
19
18
|
|
|
20
|
-
def initialize(args={})
|
|
19
|
+
def initialize(args = {})
|
|
21
20
|
args[:plugin] = Dradis::Plugins::Qualys
|
|
22
21
|
super(args)
|
|
23
22
|
|
|
24
23
|
@issue_lookup = {}
|
|
25
24
|
end
|
|
26
25
|
|
|
27
|
-
def import(params={})
|
|
26
|
+
def import(params = {})
|
|
28
27
|
file_content = File.read(params[:file])
|
|
29
28
|
|
|
30
|
-
logger.info { 'Parsing Qualys WAS XML output file...'}
|
|
29
|
+
logger.info { 'Parsing Qualys WAS XML output file...' }
|
|
31
30
|
doc = Nokogiri::XML(file_content)
|
|
32
31
|
logger.info { 'Done.' }
|
|
33
32
|
|
|
@@ -38,20 +37,27 @@ module Dradis::Plugins::Qualys
|
|
|
38
37
|
return false
|
|
39
38
|
end
|
|
40
39
|
|
|
41
|
-
logger.info { 'Global Summary information'}
|
|
40
|
+
logger.info { 'Global Summary information' }
|
|
42
41
|
|
|
43
42
|
xml_global_summary = doc.at_xpath('WAS_SCAN_REPORT/SUMMARY/GLOBAL_SUMMARY')
|
|
44
43
|
logger.info { 'Security Risk: ' + xml_global_summary.at_xpath('./SECURITY_RISK').text }
|
|
45
44
|
logger.info { 'Vulnerabilities found: ' + xml_global_summary.at_xpath('./VULNERABILITY').text }
|
|
46
45
|
|
|
47
|
-
xml_webapp =
|
|
46
|
+
xml_webapp =
|
|
47
|
+
doc.at_xpath('WAS_SCAN_REPORT/APPENDIX/WEBAPP | WAS_SCAN_REPORT/APPENDIX/WEB_APPLICATION')
|
|
48
48
|
process_webapp(xml_webapp)
|
|
49
49
|
|
|
50
50
|
doc.xpath('WAS_SCAN_REPORT/GLOSSARY/QID_LIST/QID').each do |xml_qid|
|
|
51
51
|
process_issue(xml_qid)
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
-
|
|
54
|
+
vulnerability_list =
|
|
55
|
+
doc.xpath(
|
|
56
|
+
'WAS_SCAN_REPORT/RESULTS/VULNERABILITY_LIST/VULNERABILITY | ' +
|
|
57
|
+
'WAS_SCAN_REPORT/RESULTS/WEB_APPLICATION/VULNERABILITY_LIST/VULNERABILITY'
|
|
58
|
+
)
|
|
59
|
+
|
|
60
|
+
vulnerability_list.each do |xml_vulnerability|
|
|
55
61
|
process_evidence(xml_vulnerability)
|
|
56
62
|
end
|
|
57
63
|
|
|
@@ -68,11 +74,11 @@ module Dradis::Plugins::Qualys
|
|
|
68
74
|
if issue
|
|
69
75
|
issue_id = issue.respond_to?(:id) ? issue.id : issue.to_issue.id
|
|
70
76
|
|
|
71
|
-
logger.info{ "\t => Creating new evidence (plugin_id: #{id})" }
|
|
72
|
-
logger.info{ "\t\t => Issue: #{issue.title} (plugin_id: #{issue_id})" }
|
|
73
|
-
logger.info{ "\t\t => Node: #{webapp_node.label} (#{webapp_node.id})" }
|
|
77
|
+
logger.info { "\t => Creating new evidence (plugin_id: #{id})" }
|
|
78
|
+
logger.info { "\t\t => Issue: #{issue.title} (plugin_id: #{issue_id})" }
|
|
79
|
+
logger.info { "\t\t => Node: #{webapp_node.label} (#{webapp_node.id})" }
|
|
74
80
|
else
|
|
75
|
-
logger.info{ "\t => Couldn't find QID for evidence with ID=#{id}" }
|
|
81
|
+
logger.info { "\t => Couldn't find QID for evidence with ID=#{id}" }
|
|
76
82
|
return
|
|
77
83
|
end
|
|
78
84
|
|
|
@@ -82,7 +88,7 @@ module Dradis::Plugins::Qualys
|
|
|
82
88
|
|
|
83
89
|
def process_issue(xml_qid)
|
|
84
90
|
qid = xml_qid.at_xpath('QID').text
|
|
85
|
-
logger.info{ "\t => Creating new issue (plugin_id: #{ qid })" }
|
|
91
|
+
logger.info { "\t => Creating new issue (plugin_id: #{ qid })" }
|
|
86
92
|
issue_text = template_service.process_template(template: 'was-issue', data: xml_qid)
|
|
87
93
|
issue = content_service.create_issue(text: issue_text, id: qid)
|
|
88
94
|
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
|
+
<WAS_SCAN_REPORT>
|
|
3
|
+
<HEADER>
|
|
4
|
+
<NAME>Scan Report</NAME>
|
|
5
|
+
<DESCRIPTION>Vulnerabilities of all selected scans are consolidated into one report so that you can view their evolution.</DESCRIPTION>
|
|
6
|
+
<GENERATION_DATETIME>10 Nov 2021 10:00AM GMT-0500</GENERATION_DATETIME>
|
|
7
|
+
<COMPANY_INFO>
|
|
8
|
+
<NAME>Sample Company</NAME>
|
|
9
|
+
<ADDRESS>Sample Address</ADDRESS>
|
|
10
|
+
<CITY>Sample City</CITY>
|
|
11
|
+
<STATE>Sample State</STATE>
|
|
12
|
+
<COUNTRY>Sample Country</COUNTRY>
|
|
13
|
+
<ZIP_CODE>00000</ZIP_CODE>
|
|
14
|
+
</COMPANY_INFO>
|
|
15
|
+
<USER_INFO>
|
|
16
|
+
<NAME>Test User</NAME>
|
|
17
|
+
<USERNAME>test_user</USERNAME>
|
|
18
|
+
<ROLE>PC User,VM User</ROLE>
|
|
19
|
+
</USER_INFO>
|
|
20
|
+
</HEADER>
|
|
21
|
+
<FILTERS>
|
|
22
|
+
<FILTER>
|
|
23
|
+
<NAME>REMEDIATION</NAME>
|
|
24
|
+
<VALUE>Include patched findings</VALUE>
|
|
25
|
+
</FILTER>
|
|
26
|
+
<FILTER>
|
|
27
|
+
<NAME>REMEDIATION</NAME>
|
|
28
|
+
<VALUE>Show ignored findings </VALUE>
|
|
29
|
+
</FILTER>
|
|
30
|
+
</FILTERS>
|
|
31
|
+
<TARGET>
|
|
32
|
+
<SCAN>Test Scan</SCAN>
|
|
33
|
+
</TARGET>
|
|
34
|
+
<SUMMARY>
|
|
35
|
+
<GLOBAL_SUMMARY>
|
|
36
|
+
<SECURITY_RISK>High</SECURITY_RISK>
|
|
37
|
+
<VULNERABILITY>31</VULNERABILITY>
|
|
38
|
+
<SENSITIVE_CONTENT>0</SENSITIVE_CONTENT>
|
|
39
|
+
<INFORMATION_GATHERED>30</INFORMATION_GATHERED>
|
|
40
|
+
</GLOBAL_SUMMARY>
|
|
41
|
+
<SUMMARY_STATS>
|
|
42
|
+
<SUMMARY_STAT>
|
|
43
|
+
<SCAN>test Scan</SCAN>
|
|
44
|
+
<DATE>12 Oct 2021</DATE>
|
|
45
|
+
<LEVEL5>5</LEVEL5>
|
|
46
|
+
<LEVEL4>2</LEVEL4>
|
|
47
|
+
<LEVEL3>9</LEVEL3>
|
|
48
|
+
<LEVEL2>2</LEVEL2>
|
|
49
|
+
<LEVEL1>13</LEVEL1>
|
|
50
|
+
<SENSITIVE_CONTENT>0</SENSITIVE_CONTENT>
|
|
51
|
+
<INFORMATION_GATHERED>30</INFORMATION_GATHERED>
|
|
52
|
+
</SUMMARY_STAT>
|
|
53
|
+
</SUMMARY_STATS>
|
|
54
|
+
</SUMMARY>
|
|
55
|
+
<RESULTS>
|
|
56
|
+
<WEB_APPLICATION>
|
|
57
|
+
<ID>12345</ID>
|
|
58
|
+
<NAME>Example Company</NAME>
|
|
59
|
+
<VULNERABILITY_LIST>
|
|
60
|
+
<VULNERABILITY>
|
|
61
|
+
<UNIQUE_ID>test-id</UNIQUE_ID>
|
|
62
|
+
<ID>1</ID>
|
|
63
|
+
<DETECTION_ID>1</DETECTION_ID>
|
|
64
|
+
<QID>6</QID>
|
|
65
|
+
<URL>http://example.com</URL>
|
|
66
|
+
<ACCESS_PATH>
|
|
67
|
+
<URL>http://example.com</URL>
|
|
68
|
+
</ACCESS_PATH>
|
|
69
|
+
<AJAX>false</AJAX>
|
|
70
|
+
<AUTHENTICATION>Not Required</AUTHENTICATION>
|
|
71
|
+
<DETECTION_DATE>21 Aug 2021 10:00PM GMT-0500</DETECTION_DATE>
|
|
72
|
+
<POTENTIAL>false</POTENTIAL>
|
|
73
|
+
<PAYLOADS>
|
|
74
|
+
<PAYLOAD>
|
|
75
|
+
<NUM>1</NUM>
|
|
76
|
+
<PAYLOAD>N/A</PAYLOAD>
|
|
77
|
+
<REQUEST>
|
|
78
|
+
<METHOD>GET</METHOD>
|
|
79
|
+
<URL>http://example.com</URL>
|
|
80
|
+
<HEADERS>
|
|
81
|
+
<HEADER>
|
|
82
|
+
<key>Host</key>
|
|
83
|
+
<value><![CDATA[ example.com ]]></value>
|
|
84
|
+
</HEADER>
|
|
85
|
+
<HEADER>
|
|
86
|
+
<key>User-Agent</key>
|
|
87
|
+
<value>user-agent</value>
|
|
88
|
+
</HEADER>
|
|
89
|
+
<HEADER>
|
|
90
|
+
<key>Accept</key>
|
|
91
|
+
<value><![CDATA[ */*
|
|
92
|
+
</HEADER>
|
|
93
|
+
</HEADERS>
|
|
94
|
+
<BODY></BODY>
|
|
95
|
+
</REQUEST>
|
|
96
|
+
<RESPONSE>
|
|
97
|
+
<CONTENTS base64="true"></CONTENTS>
|
|
98
|
+
</RESPONSE>
|
|
99
|
+
</PAYLOAD>
|
|
100
|
+
</PAYLOADS>
|
|
101
|
+
<IGNORED>false</IGNORED>
|
|
102
|
+
</VULNERABILITY>
|
|
103
|
+
</VULNERABILITY_LIST>
|
|
104
|
+
</WEB_APPLICATION>
|
|
105
|
+
</RESULTS>
|
|
106
|
+
<GLOSSARY>
|
|
107
|
+
<QID_LIST>
|
|
108
|
+
<QID>
|
|
109
|
+
<QID>6</QID>
|
|
110
|
+
<CATEGORY>Information Gathered</CATEGORY>
|
|
111
|
+
<SEVERITY>1</SEVERITY>
|
|
112
|
+
<TITLE>DNS Host Name</TITLE>
|
|
113
|
+
<GROUP>DIAG</GROUP>
|
|
114
|
+
<DESCRIPTION>The fully qualified domain name of this host, if it was obtained from a DNS server, is displayed in the RESULT section.</DESCRIPTION>
|
|
115
|
+
<IMPACT>N/A</IMPACT>
|
|
116
|
+
<SOLUTION>N/A</SOLUTION>
|
|
117
|
+
<CVSS_BASE>4.3</CVSS_BASE>
|
|
118
|
+
<CVSS_TEMPORAL>3.9</CVSS_TEMPORAL>
|
|
119
|
+
<CVSS_V3>
|
|
120
|
+
<BASE>6.1</BASE>
|
|
121
|
+
<TEMPORAL>5.8</TEMPORAL>
|
|
122
|
+
<ATTACK_VECTOR>Network</ATTACK_VECTOR>
|
|
123
|
+
</CVSS_V3>
|
|
124
|
+
</QID>
|
|
125
|
+
</QID_LIST>
|
|
126
|
+
</GLOSSARY>
|
|
127
|
+
<APPENDIX>
|
|
128
|
+
<WEB_APPLICATION>
|
|
129
|
+
<ID>1</ID>
|
|
130
|
+
<NAME>Test</NAME>
|
|
131
|
+
<URL>http://example.com</URL>
|
|
132
|
+
<OWNER>Test User</OWNER>
|
|
133
|
+
<SCOPE>Limit to URL hostname</SCOPE>
|
|
134
|
+
<CUSTOM_ATTRIBUTES/>
|
|
135
|
+
<TAGS/>
|
|
136
|
+
</WEBAPP>
|
|
137
|
+
</APPENDIX>
|
|
138
|
+
</WAS_SCAN_REPORT>
|
|
@@ -2,7 +2,7 @@ require 'spec_helper'
|
|
|
2
2
|
require 'ostruct'
|
|
3
3
|
|
|
4
4
|
module Dradis::Plugins
|
|
5
|
-
|
|
5
|
+
shared_examples 'Qualys upload plugin' do
|
|
6
6
|
before(:each) do
|
|
7
7
|
# Stub template service
|
|
8
8
|
templates_dir = File.expand_path('../../../../templates', __FILE__)
|
|
@@ -16,7 +16,6 @@ module Dradis::Plugins
|
|
|
16
16
|
)
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
let(:example_xml) { 'spec/fixtures/files/simple_was.xml' }
|
|
20
19
|
let(:run_import!) { @importer.import(file: example_xml) }
|
|
21
20
|
|
|
22
21
|
it 'creates nodes as needed' do
|
|
@@ -38,4 +37,16 @@ module Dradis::Plugins
|
|
|
38
37
|
run_import!
|
|
39
38
|
end
|
|
40
39
|
end
|
|
40
|
+
|
|
41
|
+
context 'Simple WAS template' do
|
|
42
|
+
let(:example_xml) { 'spec/fixtures/files/simple_was.xml' }
|
|
43
|
+
|
|
44
|
+
include_examples 'Qualys upload plugin'
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
context 'WAS template with WEB_APPLICATION' do
|
|
48
|
+
let(:example_xml) { 'spec/fixtures/files/simple_was_updated.xml' }
|
|
49
|
+
|
|
50
|
+
include_examples 'Qualys upload plugin'
|
|
51
|
+
end
|
|
41
52
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-qualys
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.11.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -96,7 +96,7 @@ dependencies:
|
|
|
96
96
|
version: 0.5.2
|
|
97
97
|
description: This add-on allows you to upload and parse output produced from Qualys
|
|
98
98
|
Vulnerability Scanner into Dradis.
|
|
99
|
-
email:
|
|
99
|
+
email:
|
|
100
100
|
executables: []
|
|
101
101
|
extensions: []
|
|
102
102
|
extra_rdoc_files: []
|
|
@@ -133,6 +133,7 @@ files:
|
|
|
133
133
|
- spec/fixtures/files/simple.xml
|
|
134
134
|
- spec/fixtures/files/simple_asset.xml
|
|
135
135
|
- spec/fixtures/files/simple_was.xml
|
|
136
|
+
- spec/fixtures/files/simple_was_updated.xml
|
|
136
137
|
- spec/fixtures/files/two_hosts_common_issue.xml
|
|
137
138
|
- spec/fixtures/files/with_ciphers.xml
|
|
138
139
|
- spec/qualys/asset/importer_spec.rb
|
|
@@ -163,7 +164,7 @@ homepage: https://dradis.com/integrations/qualys.html
|
|
|
163
164
|
licenses:
|
|
164
165
|
- GPL-2
|
|
165
166
|
metadata: {}
|
|
166
|
-
post_install_message:
|
|
167
|
+
post_install_message:
|
|
167
168
|
rdoc_options: []
|
|
168
169
|
require_paths:
|
|
169
170
|
- lib
|
|
@@ -178,8 +179,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
178
179
|
- !ruby/object:Gem::Version
|
|
179
180
|
version: '0'
|
|
180
181
|
requirements: []
|
|
181
|
-
rubygems_version: 3.
|
|
182
|
-
signing_key:
|
|
182
|
+
rubygems_version: 3.3.7
|
|
183
|
+
signing_key:
|
|
183
184
|
specification_version: 4
|
|
184
185
|
summary: Qualys add-on for the Dradis Framework.
|
|
185
186
|
test_files:
|
|
@@ -188,6 +189,7 @@ test_files:
|
|
|
188
189
|
- spec/fixtures/files/simple.xml
|
|
189
190
|
- spec/fixtures/files/simple_asset.xml
|
|
190
191
|
- spec/fixtures/files/simple_was.xml
|
|
192
|
+
- spec/fixtures/files/simple_was_updated.xml
|
|
191
193
|
- spec/fixtures/files/two_hosts_common_issue.xml
|
|
192
194
|
- spec/fixtures/files/with_ciphers.xml
|
|
193
195
|
- spec/qualys/asset/importer_spec.rb
|