dradis-saint 3.18.0

data/spec/fixtures/files/vulnerability-01.xml

@@ -0,0 +1,17 @@
+<vulnerability>
+<description>Test Description</description>
+<hostname>Test Hostname</hostname>
+<ipaddr>Test Ipaddr</ipaddr>
+<hosttype>Test Hosttype</hosttype>
+<scan_time>Test Scan time</scan_time>
+<status>Test Status</status>
+<severity>Test Severity</severity>
+<cve>Test Cve</cve>
+<cvss_base_score>Test Cvss base score</cvss_base_score>
+<impact>Test Impact</impact>
+<background>Test Background</background>
+<problem>Test Problem</problem>
+<resolution>Test Resolution</resolution>
+<reference>Test Reference</reference>
+<vuln_details></vuln_details>
+</vulnerability>

data/spec/saint/evidence_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+require 'xml_element'
+
+describe Saint::Evidence do
+  let(:xml_file) { File.expand_path('../../fixtures/files/evidence-01.xml', __FILE__) }
+
+  it_behaves_like 'Saint XML element'
+end

data/spec/saint/host_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+require 'xml_element'
+
+describe Saint::Host do
+  let(:xml_file) { File.expand_path('../../fixtures/files/host-01.xml', __FILE__) }
+
+  it_behaves_like 'Saint XML element'
+end

data/spec/saint/vulnerability_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+require 'xml_element'
+
+describe Saint::Vulnerability do
+  let(:xml_file) { File.expand_path('../../fixtures/files/vulnerability-01.xml', __FILE__) }
+
+  it_behaves_like 'Saint XML element'
+end

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'nokogiri'
+
+require 'combustion'
+
+Combustion.initialize!
+
+RSpec.configure do |config|
+end

data/spec/xml_element.rb

@@ -0,0 +1,10 @@
+shared_examples 'Saint XML element' do
+  it 'responds to its supported fields' do
+    doc = Nokogiri::XML(File.read(xml_file))
+    object_name = described_class.to_s.split('::').last.downcase
+    object = described_class.new(doc.xpath("./#{object_name}").first)
+    object.supported_tags.each do |tag|
+      expect(object.send(tag)).to eq("Test #{tag.to_s.humanize}")
+    end
+  end
+end

data/templates/evidence.fields

@@ -0,0 +1,5 @@
+evidence.port
+evidence.severity
+evidence.class
+evidence.cve
+evidence.cvss_base_score

data/templates/evidence.sample

@@ -0,0 +1,8 @@
+<evidence>
+<port>587/tcp</port>
+<severity>potential</severity>
+<description>server is susceptible to BEAST attack</description>
+<class>Other</class>
+<cve>CVE-2011-3389</cve>
+<cvss_base_score>4.3</cvss_base_score>
+</evidence>

data/templates/evidence.template

@@ -0,0 +1,14 @@
+#[Port]#
+%evidence.port%
+
+#[Severity]#
+%evidence.severity%
+
+#[Class]#
+%evidence.class%
+
+#[cve]#
+%evidence.cve%
+
+#[CVSS Base Score]#
+%evidence.cvss_base_score%

data/templates/vulnerability.fields

@@ -0,0 +1,14 @@
+vulnerability.description
+vulnerability.hostname
+vulnerability.ipaddr
+vulnerability.hosttype
+vulnerability.scan_time
+vulnerability.status
+vulnerability.severity
+vulnerability.cve
+vulnerability.cvss_base_score
+vulnerability.impact
+vulnerability.background
+vulnerability.problem
+vulnerability.resolution
+vulnerability.reference

data/templates/vulnerability.sample

@@ -0,0 +1,35 @@
+<vulnerability>
+	<description>SSL/TLS server supports short block sizes (SWEET32 attack)</description>
+	<hostname>192.168.150.163</hostname>
+	<ipaddr>192.168.150.163</ipaddr>
+	<hosttype>Linux 2.6.18 - 2.6.22</hosttype>
+	<scan_time>Mar 22 13:22:35 2017</scan_time>
+	<status>new</status>
+	<severity>Potential Problem</severity>
+	<cve>CVE-2016-2183</cve>
+	<cvss_base_score>5.0</cvss_base_score>
+	<impact>A remote attacker with the ability to sniff network traffic could decrypt long-lived TLS or SSL sessions.</impact>
+	<background>A Block Cipher is an encryption algorithm which operates on a fixed-size block of data. Plaintext messages which are larger than the block size must be split into multiple blocks before being encrypted by the algorithm.
+	</background>
+	<problem>SWEET32 Attack
+08/29/16
+CVE 2016-2183
+Block ciphers with small block sizes are susceptible to a class of attacks known as birthday attacks.
+These attacks take advantage of multiple blocks which return identical ciphertext, known as collisions. The probability of collisions occurring becomes significant after a large number of blocks have been encrypted using the same key.
+The SWEET32 attack is a specific birthday attack which reveals the XOR (exclusive-OR) between a fixed secret and known plaintext, thus allowing the secret to be determined.
+This attack can be launched in a browser session by javascript code which makes repeated requests containing an authentication token and predictable headers.
+Successful exploitation requires about 785 GB of data to be captured, and the attacker must be able to inject javascript into a web session and to sniff data from the network.
+	</problem>
+	<resolution>Disable ciphers which have a 64-bit block size, such as Triple-DES as follows:
+Apache/OpenSSL: Upgrade to OpenSSL 1.1.0, which disables Triple-DES ciphers by default. Alternatively, upgrade to OpenSSL 1.0.1u or 1.0.2i or higher, which classify Triple-DES ciphers as MEDIUM, and insert !MEDIUM in the SSLCipherSuite directive in the appropriate web server configuration file.
+IIS: Disable DES and 3DES ciphers as described in Microsoft Knowledge Base Article
+[http://support.microsoft.com/kb/245030] 245030.
+Note: disabling Triple-DES ciphers may affect compatibility with older clients.
+	</resolution>
+	<reference>For more information on the SWEET32 attack, see
+[https://sweet32.info] sweet32.info and the
+[https://bobcares.com/blog/how-to-fix-sweet32-birthday-attacks-vulnerability-cve-2016-2183/] Bobcares Blog.
+	</reference>
+	<vuln_details>Service: 587:TCP
+Server accepted TLS 1.0 64-bit block size cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA    </vuln_details>
+</vulnerability>

data/templates/vulnerability.template

@@ -0,0 +1,41 @@
+#[Title]#
+%vulnerability.description%
+
+#[Host Name]#
+%vulnerability.hostname%
+
+#[IP Address]#
+%vulnerability.ipaddr%
+
+#[Host Type]#
+%vulnerability.hosttype%
+
+#[Scan Time]#
+%vulnerability.scan_time%
+
+#[Status]#
+%vulnerability.status%
+
+#[Severity]#
+%vulnerability.severity%
+
+#[CVE]#
+%vulnerability.cve%
+
+#[CVSS Base Score]#
+%vulnerability.cvss_base_score%
+
+#[Impact]#
+%vulnerability.impact%
+
+#[Background]#
+%vulnerability.background%
+
+#[Problem]#
+%vulnerability.problem%
+
+#[Resolution]#
+%vulnerability.resolution%
+
+#[Reference]#
+%vulnerability.reference%

metadata

@@ -0,0 +1,166 @@
+--- !ruby/object:Gem::Specification
+name: dradis-saint
+version: !ruby/object:Gem::Version
+  version: 3.18.0
+platform: ruby
+authors:
+- Daniel Martin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-07-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: dradis-plugins
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: combustion
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This add-on allows you to upload and parse reports from Saint.
+email:
+- etd@nomejortu.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/issue_template.md"
+- ".github/pull_request_template.md"
+- ".gitignore"
+- CHANGELOG.md
+- CONTRIBUTING.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- dradis-saint.gemspec
+- lib/dradis-saint.rb
+- lib/dradis/plugins/saint.rb
+- lib/dradis/plugins/saint/engine.rb
+- lib/dradis/plugins/saint/field_processor.rb
+- lib/dradis/plugins/saint/gem_version.rb
+- lib/dradis/plugins/saint/importer.rb
+- lib/dradis/plugins/saint/version.rb
+- lib/saint/base.rb
+- lib/saint/evidence.rb
+- lib/saint/vulnerability.rb
+- lib/tasks/thorfile.rb
+- spec/dradis/plugins/saint/field_processor_spec.rb
+- spec/dradis/plugins/saint/importer_spec.rb
+- spec/fixtures/files/evidence-01.xml
+- spec/fixtures/files/full_report.xml
+- spec/fixtures/files/host-01.xml
+- spec/fixtures/files/saint_metasploitable_sample.xml
+- spec/fixtures/files/vulnerability-01.xml
+- spec/saint/evidence_spec.rb
+- spec/saint/host_spec.rb
+- spec/saint/vulnerability_spec.rb
+- spec/spec_helper.rb
+- spec/xml_element.rb
+- templates/evidence.fields
+- templates/evidence.sample
+- templates/evidence.template
+- templates/vulnerability.fields
+- templates/vulnerability.sample
+- templates/vulnerability.template
+homepage: http://dradisframework.org
+licenses:
+- GPL-2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key: 
+specification_version: 4
+summary: Saint upload add-on for Dradis Framework.
+test_files: []