dradis-qualys 4.11.0 → 4.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 07eda0c6a5954e3c931b298b39398d410a58f3799b9ef93da484d92152507cac
-  data.tar.gz: bf52cbbff50c82a8c8c0841a80236923c0fbdf0f02114c0a815c1e176802c17f
+  metadata.gz: 713b00a5f7d23b32165f761846270268623c4fc3185a8ce10d1f15e4dde9bf9c
+  data.tar.gz: 1ce4e1c00ab931cf7d2eb88c56163ca95f5dd28552637481301de1b035cfb8d0
 SHA512:
-  metadata.gz: 4992bfc707a72857b9d94443bf5661139fe61f5abc168dff49ccdee04ff98e40abebfef3bdd2daebe5ff8006139639807fa27bee722ac869bc0a5ef5f213799d
-  data.tar.gz: 473ca19f10c043537b693d3c9b44afccb141ee6e66acfdd68f885ac66fd61022cc1abbeab4f8b4dc24731a3825f0f3266e3b58b2ac734604b454d410bf075737
+  metadata.gz: 702b434a597b1e43c113e1a7928cc4cd23be114215e58acf94e3f70b1bd11b9b83ebf4ff88fedb075357339585854c4cf38a80a5fa9d5e773df3be3dd1eb5b2d
+  data.tar.gz: 2d35abd53b2c28e9ad04942593d27384d1f431e288218c21c8a96e541e3f9d84e8063c7253889b2432788110626ee941534b57cccd4e59d479c8fa7666930a6a

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+v4.12.0 (May 2024)
+  - Update Dradis links in README  
+  - Migrate integration to use Mappings Manager
+  - Update template names to include uploader
+
 v4.11.0 (January 2023)
   - Add support for the output for Qualys WAS API 3.13 and later
 

data/README.md

@@ -4,8 +4,7 @@
 
 Upload Qualys files into Dradis.
 
-The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
-
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 
 
 ## More information

data/lib/dradis/plugins/qualys/asset/importer.rb

@@ -13,7 +13,7 @@ module Dradis::Plugins::Qualys
 
     class Importer < Dradis::Plugins::Upload::Importer
       def self.templates
-        { evidence: 'asset-evidence', issue: 'asset-issue' }
+        { evidence: 'asset_evidence', issue: 'asset_issue' }
       end
 
       def initialize(args={})
@@ -86,7 +86,7 @@ module Dradis::Plugins::Qualys
       def process_issue(xml_vuln)
         qid = xml_vuln.at_xpath('QID').text
         logger.info { "\t => Creating new issue (plugin_id: #{ qid })" }
-        issue_text = template_service.process_template(template: 'asset-issue', data: xml_vuln)
+        issue_text = mapping_service.apply_mapping(source: 'asset_issue', data: xml_vuln)
         issue = content_service.create_issue(text: issue_text, id: qid)
 
         issue_lookup[qid.to_i] = issue
@@ -107,7 +107,7 @@ module Dradis::Plugins::Qualys
           return
         end
 
-        evidence_content = template_service.process_template(template: 'asset-evidence', data: xml_evidence)
+        evidence_content = mapping_service.apply_mapping(source: 'asset_evidence', data: xml_evidence)
         content_service.create_evidence(issue: issue, node: node, content: evidence_content)
       end
     end

data/lib/dradis/plugins/qualys/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 11
+        MINOR = 12
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/qualys/mapping.rb

@@ -0,0 +1,137 @@
+module Dradis::Plugins::Qualys
+  module Mapping
+    DEFAULT_MAPPING = {
+      asset_evidence: {
+        'Result' => '{{ qualys[asset-evidence.result] }}',
+        'Status' => '{{ qualys[asset-evidence.vuln_status] }}',
+        'SSL' => '{{ qualys[asset-evidence.ssl] }}',
+        'CVSSv3.Final' => '{{ qualys[asset-evidence.cvss_final] }}'
+      },
+      asset_issue: {
+        'Title' => '{{ qualys[asset-issue.title] }}',
+        'Severity' => '{{ qualys[asset-issue.severity] }}',
+        'Categories' => 'Category: {{ qualys[asset-issue.category] }}',
+        'CVSSv3.BaseScore' => '{{ qualys[asset-issue.cvss3_base] }}',
+        'CVSSv3.TemporalScore' => '{{ qualys[asset-issue.cvss3_temporal] }}',
+        'Threat' => '{{ qualys[asset-issue.threat] }}',
+        'Impact' => '{{ qualys[asset-issue.impact] }}',
+        'Solution' => '{{ qualys[asset-issue.solution] }}'
+      },
+      vuln_element: {
+        'Title' => '{{ qualys[element.title] }}',
+        'CVSSv3.BaseScore' => '{{ qualys[element.cvss_base] }}',
+        'CVSSv3.Vector' => 'Temporal score: {{ qualys[element.cvss_temporal] }}',
+        'Type' => 'External',
+        'Description' => "{{ qualys[element.diagnosis] }}\n{{ qualys[element.consequence] }}",
+        'Solution' => '{{ qualys[element.solution] }}',
+        'References' => '{{ qualys[element.vendor_reference_list] }}',
+      },
+      vuln_evidence: {
+        'Location' => "{{ qualys[evidence.cat_protocol] }}/{{ qualys[evidence.cat_port] }}",
+        'Output' => '{{ qualys[evidence.result] }}'
+      },
+      was_evidence: {
+        'Location' => '{{ qualys[was-evidence.url] }}',
+        'Output' => "*Request*\n\nMethod: {{ qualys[was-evidence.request_method] }}\nURL: {{ qualys[was-evidence.request_url] }}\n\nbc.. {{ qualys[was-evidence.request_headers] }}\n\np. *Response*\n\nEvidence: {{ qualys[was-evidence.response_evidence] }}\n\nbc.. {{ qualys[was-evidence.response_contents] }}"
+      },
+      was_issue: {
+        'Title' => '{{ qualys[was-issue.title] }}',
+        'Severity' => '{{ qualys[was-issue.severity] }}',
+        'Categories' => "Category: {{ qualys[was-issue.category] }}\nGroup: {{ qualys[was-issue.group] }}\nOWASP: {{ qualys[was-issue.owasp] }}\nCWE: {{ qualys[was-issue.cwe] }}",
+        'CVSSv3.Vector' => '{{ qualys[was-issue.cvss3_vector] }}',
+        'CVSSv3.BaseScore' => '{{ qualys[was-issue.cvss3_base] }}',
+        'CVSSv3.TemporalScore' => '{{ qualys[was-issue.cvss3_temporal] }}',
+        'Description' => "{{ qualys[was-issue.description] }}\n\n{{ qualys[was-issue.impact] }}",
+        'Solution' => '{{ qualys[was-issue.solution] }}'
+      }
+    }.freeze
+
+    SOURCE_FIELDS = {
+      asset_evidence: [
+        'asset-evidence.cvss3_final',
+        'asset-evidence.cvss_final',
+        'asset-evidence.first_found',
+        'asset-evidence.last_found',
+        'asset-evidence.result',
+        'asset-evidence.ssl',
+        'asset-evidence.times_found',
+        'asset-evidence.type',
+        'asset-evidence.vuln_status'
+      ],
+      asset_issue: [
+        'asset-issue.category',
+        'asset-issue.cvss3_base',
+        'asset-issue.cvss3_temporal',
+        'asset-issue.cvss_base',
+        'asset-issue.cvss_temporal',
+        'asset-issue.impact',
+        'asset-issue.last_update',
+        'asset-issue.pci_flag',
+        'asset-issue.qid',
+        'asset-issue.result',
+        'asset-issue.severity',
+        'asset-issue.solution',
+        'asset-issue.threat',
+        'asset-issue.title'
+      ],
+      vuln_element: [
+        'element.number',
+        'element.severity',
+        'element.cveid',
+        'element.title',
+        'element.last_update',
+        'element.cvss_base',
+        'element.cvss_temporal',
+        'element.pci_flag',
+        'element.vendor_reference_list',
+        'element.cve_id_list',
+        'element.bugtraq_id_list',
+        'element.diagnosis',
+        'element.consequence',
+        'element.solution',
+        'element.compliance',
+        'element.result',
+        'element.qualys_collection'
+      ],
+      vuln_evidence: [
+        'evidence.cat_fqdn',
+        'evidence.cat_misc',
+        'evidence.cat_port',
+        'evidence.cat_protocol',
+        'evidence.cat_value',
+        'evidence.result'
+      ],
+      was_evidence: [
+        'was-evidence.access_paths',
+        'was-evidence.ajax',
+        'was-evidence.authentication',
+        'was-evidence.ignored',
+        'was-evidence.potential',
+        'was-evidence.request_headers',
+        'was-evidence.request_method',
+        'was-evidence.request_url',
+        'was-evidence.response_contents',
+        'was-evidence.response_evidence',
+        'was-evidence.url'
+      ],
+      was_issue: [
+        'was-issue.category',
+        'was-issue.cvss_base',
+        'was-issue.cvss_temporal',
+        'was-issue.cvss3_base',
+        'was-issue.cvss3_temporal',
+        'was-issue.cvss3_vector',
+        'was-issue.cwe',
+        'was-issue.description',
+        'was-issue.group',
+        'was-issue.impact',
+        'was-issue.owasp',
+        'was-issue.qid',
+        'was-issue.severity',
+        'was-issue.solution',
+        'was-issue.title',
+        'was-issue.wasc'
+      ]
+    }.freeze
+  end
+end

data/lib/dradis/plugins/qualys/vuln/importer.rb

@@ -14,7 +14,7 @@ module Dradis::Plugins::Qualys
       attr_accessor :host_node
 
       def self.templates
-        { evidence: 'evidence', issue: 'element' }
+        { evidence: 'vuln_evidence', issue: 'vuln_element' }
       end
 
       def initialize(args={})
@@ -95,11 +95,11 @@ module Dradis::Plugins::Qualys
       # Issue and Evidence template out of it.
       def process_vuln(vuln_number, xml_cat)
         logger.info{ "\t\t => Creating new issue (plugin_id: #{ vuln_number })" }
-        issue_text = template_service.process_template(template: 'element', data: xml_cat)
+        issue_text = mapping_service.apply_mapping(source: 'vuln_element', data: xml_cat)
         issue = content_service.create_issue(text: issue_text, id: vuln_number)
 
         logger.info{ "\t\t => Creating new evidence" }
-        evidence_content = template_service.process_template(template: 'evidence', data: xml_cat)
+        evidence_content = mapping_service.apply_mapping(source: 'vuln_evidence', data: xml_cat)
         content_service.create_evidence(issue: issue, node: self.host_node, content: evidence_content)
       end
     end

data/lib/dradis/plugins/qualys/was/importer.rb

@@ -13,7 +13,7 @@ module Dradis::Plugins::Qualys
 
     class Importer < Dradis::Plugins::Upload::Importer
       def self.templates
-        { evidence: 'was-evidence', issue: 'was-issue' }
+        { evidence: 'was_evidence', issue: 'was_issue' }
       end
 
       def initialize(args = {})
@@ -82,14 +82,14 @@ module Dradis::Plugins::Qualys
           return
         end
 
-        evidence_content = template_service.process_template(template: 'was-evidence', data: xml_vulnerability)
+        evidence_content = mapping_service.apply_mapping(source: 'was_evidence', data: xml_vulnerability)
         content_service.create_evidence(issue: issue, node: webapp_node, content: evidence_content)
       end
 
       def process_issue(xml_qid)
         qid = xml_qid.at_xpath('QID').text
         logger.info { "\t => Creating new issue (plugin_id: #{ qid })" }
-        issue_text = template_service.process_template(template: 'was-issue', data: xml_qid)
+        issue_text = mapping_service.apply_mapping(source: 'was_issue', data: xml_qid)
         issue = content_service.create_issue(text: issue_text, id: qid)
 
         issue_lookup[qid.to_i] = issue

data/lib/dradis/plugins/qualys.rb

@@ -7,6 +7,7 @@ end
 
 require 'dradis/plugins/qualys/engine'
 require 'dradis/plugins/qualys/field_processor'
+require 'dradis/plugins/qualys/mapping'
 require 'dradis/plugins/qualys/version'
 
 require 'dradis/plugins/qualys/asset/importer'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-qualys
 version: !ruby/object:Gem::Version
-  version: 4.11.0
+  version: 4.12.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-17 00:00:00.000000000 Z
+date: 2024-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -119,6 +119,7 @@ files:
 - lib/dradis/plugins/qualys/engine.rb
 - lib/dradis/plugins/qualys/field_processor.rb
 - lib/dradis/plugins/qualys/gem_version.rb
+- lib/dradis/plugins/qualys/mapping.rb
 - lib/dradis/plugins/qualys/version.rb
 - lib/dradis/plugins/qualys/vuln/importer.rb
 - lib/dradis/plugins/qualys/was/importer.rb
@@ -142,24 +143,12 @@ files:
 - spec/qualys/was/importer_spec.rb
 - spec/spec_helper.rb
 - spec/support/spec_macros.rb
-- templates/asset-evidence.fields
-- templates/asset-evidence.sample
-- templates/asset-evidence.template
-- templates/asset-issue.fields
-- templates/asset-issue.sample
-- templates/asset-issue.template
-- templates/element.fields
-- templates/element.sample
-- templates/element.template
-- templates/evidence.fields
-- templates/evidence.sample
-- templates/evidence.template
-- templates/was-evidence.fields
-- templates/was-evidence.sample
-- templates/was-evidence.template
-- templates/was-issue.fields
-- templates/was-issue.sample
-- templates/was-issue.template
+- templates/asset_evidence.sample
+- templates/asset_issue.sample
+- templates/vuln_element.sample
+- templates/vuln_evidence.sample
+- templates/was_evidence.sample
+- templates/was_issue.sample
 homepage: https://dradis.com/integrations/qualys.html
 licenses:
 - GPL-2
@@ -179,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: Qualys add-on for the Dradis Framework.

data/templates/asset-evidence.fields

@@ -1,9 +0,0 @@
-asset-evidence.cvss3_final
-asset-evidence.cvss_final
-asset-evidence.first_found
-asset-evidence.last_found
-asset-evidence.result
-asset-evidence.ssl
-asset-evidence.times_found
-asset-evidence.type
-asset-evidence.vuln_status

data/templates/asset-evidence.template

@@ -1,11 +0,0 @@
-#[Result]#
-%asset-evidence.result%
-
-#[Status]#
-%asset-evidence.vuln_status%
-
-#[SSL]#
-%asset-evidence.ssl%
-
-#[CVSSv3.Final]#
-%asset-evidence.cvss_final%

data/templates/asset-issue.fields

@@ -1,14 +0,0 @@
-asset-issue.category
-asset-issue.cvss3_base
-asset-issue.cvss3_temporal
-asset-issue.cvss_base
-asset-issue.cvss_temporal
-asset-issue.impact
-asset-issue.last_update
-asset-issue.pci_flag
-asset-issue.qid
-asset-issue.result
-asset-issue.severity
-asset-issue.solution
-asset-issue.threat
-asset-issue.title

data/templates/asset-issue.template

@@ -1,22 +0,0 @@
-#[Title]#
-%asset-issue.title%
-
-#[Severity]#
-%asset-issue.severity%
-
-#[Categories]#
-Category: %asset-issue.category%
-
-#[CVSSv3.BaseScore]#
-%asset-issue.cvss3_base%
-
-#[CVSSv3.TemporalScore]#
-%asset-issue.cvss3_temporal%
-
-#[Threat]#
-%asset-issue.threat%
-
-%asset-issue.impact%
-
-#[Solution]#
-%asset-issue.solution%

data/templates/element.fields

@@ -1,17 +0,0 @@
-element.number
-element.severity
-element.cveid
-element.title
-element.last_update
-element.cvss_base
-element.cvss_temporal
-element.pci_flag
-element.vendor_reference_list
-element.cve_id_list
-element.bugtraq_id_list
-element.diagnosis
-element.consequence
-element.solution
-element.compliance
-element.result
-element.qualys_collection

data/templates/element.template

@@ -1,39 +0,0 @@
-#[Title]#
-%element.title%
-
-
-#[Severity]#
-%element.severity%
-
-
-#[CVE]#
-%element.cveid%
-
-
-#[CVSS]#
-Base: %element.cvss_base%
-Temporal: %element.cvss_temporal%
-
-
-#[Diagnosis]#
-%element.diagnosis%
-
-
-#[Consequence]#
-%element.consequence%
-
-
-#[Solution]#
-%element.solution%
-
-
-#[Result]#
-%element.result%
-
-
-#[CVEList]#
-%element.cve_id_list%
-
-
-#[QualysCollection]#
-%element.qualys_collection%

data/templates/evidence.fields

@@ -1,6 +0,0 @@
-evidence.cat_fqdn
-evidence.cat_misc
-evidence.cat_port
-evidence.cat_protocol
-evidence.cat_value
-evidence.result

data/templates/evidence.template

@@ -1,11 +0,0 @@
-#[Category]#
-%evidence.cat_value%
-
-#[Protocol]#
-%evidence.cat_protocol%
-
-#[Port]#
-%evidence.cat_port%
-
-#[Output]#
-%evidence.result%

data/templates/was-evidence.fields

@@ -1,11 +0,0 @@
-was-evidence.access_paths
-was-evidence.ajax
-was-evidence.authentication
-was-evidence.ignored
-was-evidence.potential
-was-evidence.request_headers
-was-evidence.request_method
-was-evidence.request_url
-was-evidence.response_contents
-was-evidence.response_evidence
-was-evidence.url

data/templates/was-evidence.template

@@ -1,16 +0,0 @@
-#[Location]#
-%was-evidence.url%
-
-#[Output]#
-*Request*
-
-Method: %was-evidence.request_method%
-URL: %was-evidence.request_url%
-
-bc.. %was-evidence.request_headers%
-
-p. *Response*
-
-Evidence: %was-evidence.response_evidence%
-
-bc.. %was-evidence.response_contents%

data/templates/was-issue.fields

@@ -1,16 +0,0 @@
-was-issue.category
-was-issue.cvss_base
-was-issue.cvss_temporal
-was-issue.cvss3_base
-was-issue.cvss3_temporal
-was-issue.cvss3_vector
-was-issue.cwe
-was-issue.description
-was-issue.group
-was-issue.impact
-was-issue.owasp
-was-issue.qid
-was-issue.severity
-was-issue.solution
-was-issue.title
-was-issue.wasc

data/templates/was-issue.template

@@ -1,28 +0,0 @@
-#[Title]#
-%was-issue.title%
-
-#[Severity]#
-%was-issue.severity%
-
-#[Categories]#
-Category: %was-issue.category%
-Group: %was-issue.group%
-OWASP: %was-issue.owasp%
-CWE: %was-issue.cwe%
-
-#[CVSSv3.Vector]#
-%was-issue.cvss3_vector%
-
-#[CVSSv3.BaseScore]#
-%was-issue.cvss3_base%
-
-#[CVSSv3.TemporalScore]#
-%was-issue.cvss3_temporal%
-
-#[Description]#
-%was-issue.description%
-
-%was-issue.impact%
-
-#[Solution]#
-%was-issue.solution%