RubyGems - dradis-qualys - Versions diffs - 4.8.0 → 4.9.0 - Mend

dradis-qualys 4.8.0 → 4.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -0
data/lib/dradis/plugins/qualys/gem_version.rb +1 -1
data/lib/qualys/was/vulnerability.rb +37 -7
data/templates/was-evidence.fields +5 -0
data/templates/was-evidence.template +13 -8
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8c006e6129455d33b8be355829580d2876278bd1dfea553eb2169da2e0985584
-  data.tar.gz: e5c051e87eb8578756c1756e799e4defe636c756402bc9160c4d12fcf83898a9
+  metadata.gz: 9ef14a4a46502ad8ac98818f7b04d8cbe31f44c15c4773ff522dd7ee902493b5
+  data.tar.gz: 8474cc15162e1a000fd8479ad3e17c4afa68652792815e24eea6fa309c799b49
 SHA512:
-  metadata.gz: f125ccd55201bf61013c62ba38459e0ea033d2848639952315a10b0ece8c9e7e7761eec8ff21e2b34bdbb47b9c77f9fc82ab985f8ca27cac5b522bb6dae56898
-  data.tar.gz: 10dad1507f861b9b9d7d31b1945068e83699de0b0d0f41563525c2103ae1a6a1b5f53fa0864009bcff174ff2136367fd6219e7d7f44524c00b3ceb15971b796d
+  metadata.gz: fb173d9b80fa0f7a3f272d79e54a3d1f250bebca49eaacfd3909144cf470bbcdd50055b6b19346664aacc080d9cf6289c8942361504654af065e1ed4296dd16d
+  data.tar.gz: 0bc1694d295160eacf438c82c541301868b90ebf9c0a70e3f4da5beefb4d7fd09a4cc966fedd60732505e4a0880d8bbe8621c09f41151c430ca3366fe121e5a0

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,6 @@
+v4.9.0 (June 2023)
+  - Adds Request/Response Evidence fields for Web Application Scans (WAS)
 v4.8.0 (April 2023)
   - No changes

data/lib/dradis/plugins/qualys/gem_version.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Dradis
       module VERSION
         MAJOR = 4
-        MINOR = 8
+        MINOR = 9
         TINY = 0
         PRE = nil

data/lib/qualys/was/vulnerability.rb CHANGED Viewed

@@ -18,7 +18,10 @@ module Qualys::WAS
     def supported_tags
       [
         # simple tags
-        :access_paths,  :ajax,  :authentication,  :ignored,  :potential,  :url
+        :access_paths, :ajax, :authentication, :ignored, :potential, :url,
+        # nested tags
+        :response_contents, :response_evidence, :request_headers, :request_method, :request_url
       ]
     end
@@ -45,24 +48,51 @@ module Qualys::WAS
         return
       end
-      method_name = method.to_s
+      # Any fields where a simple .camelcase() won't work we need to translate,
+      # this includes acronyms (e.g. :cwe would become 'Cwe') and simple nested
+      # tags.
+      translations_table = {
+        access_paths:       'ACCESS_PATH/URL',
+        request_headers:    'PAYLOADS/PAYLOAD/REQUEST/HEADERS',
+        request_method:     'PAYLOADS/PAYLOAD/REQUEST/METHOD',
+        request_url:        'PAYLOADS/PAYLOAD/REQUEST/URL',
+        response_contents:  'PAYLOADS/PAYLOAD/RESPONSE/CONTENTS',
+        response_evidence:  'PAYLOADS/PAYLOAD/RESPONSE/EVIDENCE'
+      }
+      method_name = translations_table.fetch(method, method.to_s.upcase)
       # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
-      tag = @xml.at_xpath("./#{method_name.upcase}")
+      tag = @xml.at_xpath("./#{method_name}")
       if tag && !tag.text.blank?
-        if tags_with_html_content.include?(method)
-          return Qualys::cleanup_html(tag.text)
+        if tags_with_base64.include?(method)
+          return decode_base64(tag)
         else
           return tag.text
         end
       else
         'n/a'
       end
     end
     private
-    def tags_with_html_content
-      []
+    def tags_with_base64
+      [:response_contents, :response_evidence]
+    end
+    def decode_base64(tag)
+      return 'n/a' unless tag
+      if tag['base64'] == 'true'
+        # The force_encoding is necessary as there is non-UTF content in the strings like \xE2
+        Base64.decode64(tag.text).force_encoding('UTF-8')
+      else
+        tag.text
+      end
     end
   end
 end

data/templates/was-evidence.fields CHANGED Viewed

@@ -3,4 +3,9 @@ was-evidence.ajax
 was-evidence.authentication
 was-evidence.ignored
 was-evidence.potential
+was-evidence.request_headers
+was-evidence.request_method
+was-evidence.request_url
+was-evidence.response_contents
+was-evidence.response_evidence
 was-evidence.url

data/templates/was-evidence.template CHANGED Viewed

@@ -1,11 +1,16 @@
 #[Location]#
 %was-evidence.url%
-#[AccessPaths]#
-%was-evidence.access_paths%
-#[Flags]#
-Ajax: %was-evidence.ajax%
-Authentication: %was-evidence.authentication%
-Ignored: %was-evidence.ignored%
-Potential: %was-evidence.potential%
+#[Output]#
+*Request*
+Method: %was-evidence.request_method%
+URL: %was-evidence.request_url%
+bc.. %was-evidence.request_headers%
+p. *Response*
+Evidence: %was-evidence.response_evidence%
+bc.. %was-evidence.response_contents%

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-qualys
 version: !ruby/object:Gem::Version
-  version: 4.8.0
+  version: 4.9.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-12 00:00:00.000000000 Z
+date: 2023-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -164,7 +164,7 @@ homepage: http://dradisframework.org
 licenses:
 - GPL-2
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -179,8 +179,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Qualys add-on for the Dradis Framework.
 test_files: