dradis-saint 3.10.0

data/lib/dradis-saint.rb

@@ -0,0 +1,7 @@
+require 'dradis/plugins'
+
+require 'dradis/plugins/saint'
+
+require 'saint/base'
+require 'saint/evidence'
+require 'saint/vulnerability'

data/lib/dradis/plugins/saint.rb

@@ -0,0 +1,11 @@
+module Dradis
+  module Plugins
+    module Saint
+    end
+  end
+end
+
+require 'dradis/plugins/saint/engine'
+require 'dradis/plugins/saint/field_processor'
+require 'dradis/plugins/saint/importer'
+require 'dradis/plugins/saint/version'

data/lib/dradis/plugins/saint/engine.rb

@@ -0,0 +1,13 @@
+module Dradis
+  module Plugins
+    module Saint
+      class Engine < ::Rails::Engine
+        isolate_namespace Dradis::Plugins::Saint
+
+        include ::Dradis::Plugins::Base
+        description 'Processes SAINT XML format'
+        provides :upload
+      end
+    end
+  end
+end

data/lib/dradis/plugins/saint/field_processor.rb

@@ -0,0 +1,31 @@
+module Dradis
+  module Plugins
+    module Saint
+
+      class FieldProcessor < Dradis::Plugins::Upload::FieldProcessor
+        ALLOWED_DATA_NAMES = %w{evidence vulnerability host}
+
+        def post_initialize(args={})
+          raise 'Unhandled data name!' unless ALLOWED_DATA_NAMES.include?(data.name)
+          @saint_object =
+            "::Saint::#{data.name.capitalize}".constantize.new(data)
+        end
+
+        def value(args={})
+          field = args[:field]
+          _, name = field.split('.')
+
+          # We cannot send the message 'class' to the saint_object because it
+          # evaluates to the object's Ruby class. We temporarily rename the
+          # field to 'vuln_class' and switch it back later when needed.
+          if name == 'class'
+            name = 'vuln_class'
+          end
+
+          @saint_object.try(name) || 'n/a'
+        end
+      end
+    end
+  end
+end
+

data/lib/dradis/plugins/saint/gem_version.rb

@@ -0,0 +1,18 @@
+module Dradis
+  module Plugins
+    module Saint
+      def self.gem_version
+        Gem::Version.new VERSION::STRING
+      end
+
+      module VERSION
+        MAJOR = 3
+        MINOR = 10
+        TINY = 0
+        PRE = nil
+
+        STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+      end
+    end
+  end
+end

data/lib/dradis/plugins/saint/importer.rb

@@ -0,0 +1,130 @@
+module Dradis::Plugins::Saint
+  class Importer < Dradis::Plugins::Upload::Importer
+    def import(params={})
+      @issues = {}
+      @hosts = {}
+      file_content = File.read(params[:file])
+
+      logger.info {'Parsing SAINT output file...'}
+      doc = Nokogiri::XML( file_content )
+      logger.info{'Done.'}
+
+      if doc.xpath('/report').empty?
+        error = "No reports were detected in the uploaded file (/report). Ensure you uploaded a SAINT XML report."
+        logger.fatal{ error }
+        content_service.create_note text: error
+        return false
+      end
+
+      doc.xpath('/report').each do |xml_report|
+        logger.info {'Processing report...'}
+
+        # Process <host> tags
+        xml_report.xpath('./overview/hosts/host').each do |host|
+          process_host_item(host)
+        end
+
+        # Process <vulnerability> tags
+        xml_report.xpath('./details/vulnerability').each do |vuln|
+          process_vuln_issue(vuln)
+        end
+
+        # Process <vulnerabilities> tag
+        xml_report.xpath('./overview/vulnerabilities/host_info').each do |xml_host_info|
+          host_name = xml_host_info.xpath('./hostname').first.text
+          xml_host_info.xpath('./vulnerability').each do |evidence|
+            process_evidence(evidence, host_name)
+          end
+        end
+
+        logger.info {'Report processed...'}
+      end
+
+      true
+    end
+
+    private
+
+    def process_evidence(xml_evidence, host_node_name)
+      # Associate the xml tag as evidence
+      xml_evidence.name = 'evidence'
+      evidence_desc = xml_evidence.xpath('./description').first.text
+
+      # Find the host node
+      host_node = @hosts[host_node_name]
+
+      if !host_node
+        logger.error { "[WARNING] Cannot find an associated host for '#{evidence_desc}'." }
+        return
+      end
+
+      # Find the related issue
+      issue_plugin_id = Digest::SHA1.hexdigest(evidence_desc)
+      issue = @issues[issue_plugin_id]
+
+      evidence_text = template_service.process_template(template: 'evidence', data: xml_evidence)
+
+      if issue
+        # Create Dradis evidence
+        logger.info{ "\t\t => Creating new evidence..." }
+        content_service.create_evidence(issue: issue, node: host_node, content: evidence_text)
+      else
+        # Create Note in Host
+        logger.info{ "\t\t => Creating note for host node..." }
+        note_text = "#[Title]#\n#{evidence_desc}\n\n" + evidence_text
+        content_service.create_note(text: note_text, node: host_node)
+      end
+    end
+
+    def process_host_item(xml_host)
+      # Create Dradis node
+      host_name = xml_host.xpath('./hostname').first.text || "Unnamed host"
+      host_node = content_service.create_node(label: host_name, type: :host)
+      logger.info{ "\tHost: #{host_name}" }
+
+      # Save the host for later to be linked to evidences
+      @hosts[host_name] = host_node
+
+      # Add properties to the node
+      if xml_host.xpath('./ipaddr').first
+        host_node.set_property(:ip, xml_host.xpath('./ipaddr').first.text)
+      end
+      if xml_host.xpath('./hosttype').first
+        host_node.set_property(:os, xml_host.xpath('./hosttype').first.text)
+      end
+      host_node.set_property(:hostname, host_name)
+      host_node.save
+    end
+
+    def process_vuln_issue(xml_vuln)
+      element_desc = xml_vuln.xpath('./description').first.text
+
+      # Check if the vulnerability is a real issue or a service
+      if real_issue?(xml_vuln)
+        # Create Dradis Issue
+        logger.info{ "\t\t => Creating new issue..." }
+        plugin_id = Digest::SHA1.hexdigest(element_desc)
+
+        issue_text = template_service.process_template(template: 'vulnerability', data: xml_vuln)
+        issue = content_service.create_issue(text: issue_text, id: plugin_id)
+      else
+        # Create Note in Host
+        logger.info{ "\t\t => Creating note for host node..." }
+
+        note_details = xml_vuln.xpath('./vuln_details').first.text
+        note_text = "#[Title]#\n#{element_desc}\n\n" + note_details
+
+        host_name = xml_vuln.xpath('./hostname').first.text || "Unnamed host"
+        host_node = @hosts[host_name]
+        content_service.create_note(text: note_text, node: host_node)
+      end
+
+      # Save the issue for later to be linked to evidences
+      @issues[plugin_id] = issue
+    end
+
+    def real_issue?(xml_vuln)
+      xml_vuln.xpath('./severity').first.text != 'Service'
+    end
+  end
+end

data/lib/dradis/plugins/saint/version.rb

@@ -0,0 +1,11 @@
+require_relative 'gem_version'
+
+module Dradis
+  module Plugins
+    module Saint
+      def self.version
+        gem_version
+      end
+    end
+  end
+end

data/lib/saint/base.rb

@@ -0,0 +1,29 @@
+module Saint
+  class Base
+    def initialize(xml_node)
+      @xml = xml_node
+    end
+
+    def supported_tags
+      []
+    end
+
+    def respond_to?(method, include_private=false)
+      return true if supported_tags.include?(method.to_sym)
+      super
+    end
+
+    def method_missing(method, *args)
+      unless supported_tags.include?(method)
+        super
+        return
+      end
+
+      return process_field_value(method)
+    end
+
+    def process_field_value(method)
+      raise "Method #process_field_value not overridden!"
+    end
+  end
+end

data/lib/saint/evidence.rb

@@ -0,0 +1,18 @@
+module Saint
+  class Evidence < Base
+    def supported_tags
+      [ :port, :severity, :vuln_class, :cve, :cvss_base_score ]
+    end
+
+    def process_field_value(method)
+      # We cannot send the message 'class' to the saint_object because it
+      # evaluates to the object's Ruby class. We temporarily rename the
+      # field to 'vuln_class' and switch it back later when needed.
+      if method == :vuln_class
+        method = :class
+      end
+
+      @xml.xpath("./#{method.to_s}").first.try(:text)
+    end
+  end
+end

data/lib/saint/vulnerability.rb

@@ -0,0 +1,15 @@
+module Saint
+  class Vulnerability < Base
+    def supported_tags
+      [
+        :description, :hostname, :ipaddr, :hosttype, :scan_time, :status,
+        :severity, :cve, :cvss_base_score, :impact, :background, :problem,
+        :resolution, :reference
+      ]
+    end
+
+    def process_field_value(method)
+      @xml.xpath("./#{method.to_s}").first.try(:text)
+    end
+  end
+end

data/lib/tasks/thorfile.rb

@@ -0,0 +1,19 @@
+class SaintTasks < Thor
+	include Rails.application.config.dradis.thor_helper_module
+
+  namespace "dradis:plugins:saint"
+
+  desc "upload FILE", "upload Saint XML file"
+  def upload(file_path)
+    require 'config/environment'
+
+    unless File.exists?(file_path)
+      $stderr.puts "** the file [#{file_path}] does not exist"
+      exit(-1)
+    end
+
+    detect_and_set_project_scope
+    importer = Dradis::Plugins::Saint::Importer.new(task_options)
+    importer.import(file: file_path)
+  end
+end

data/spec/dradis/plugins/saint/field_processor_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe Dradis::Plugins::Saint::FieldProcessor do
+  let (:xml_file) { File.expand_path('spec/fixtures/files/full_report.xml') }
+
+  before do
+    @doc = Nokogiri::XML(File.read(xml_file))
+    @doc = @doc.xpath('./report/overview').first
+  end
+
+  describe "#value" do
+    context "for hosts and vulnerabilities" do
+      before do
+        @test_xml = @doc.xpath('./hosts/host').first
+      end
+
+      it "returns the value of the item's tag" do
+        processor = described_class.new(data: @test_xml)
+        value = processor.value(field: 'host.hostname')
+
+        expect(value).to eq("Test Hostname")
+      end
+    end
+
+    context "for evidences" do
+      before do
+        @test_xml = @doc.xpath('./vulnerabilities/host_info/vulnerability').first
+        @test_xml.name = 'evidence'
+      end
+
+      it "returns the value for the class attribute" do
+        processor = described_class.new(data: @test_xml)
+        value = processor.value(field: 'evidence.class')
+
+        expect(value).to eq("Test Vuln class")
+      end
+    end
+  end
+end

data/spec/dradis/plugins/saint/importer_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Dradis::Plugins::Saint::Importer do
+  before(:each) do
+    # Stub template service
+    templates_dir = File.expand_path('../../../../../templates', __FILE__)
+    expect_any_instance_of(Dradis::Plugins::TemplateService)
+    .to receive(:default_templates_dir).and_return(templates_dir)
+
+    plugin = Dradis::Plugins::Saint
+
+    @content_service = Dradis::Plugins::ContentService::Base.new(
+      logger: Logger.new(STDOUT),
+      plugin: plugin
+    )
+
+    @importer = described_class.new(
+      content_service: @content_service
+    )
+  end
+
+  it "creates the appropriate Dradis items" do
+    allow(@content_service).to receive(:create_issue) do |args|
+      OpenStruct.new(args)
+    end
+    allow(@content_service).to receive(:create_note) do |args|
+      OpenStruct.new(args)
+    end
+    expect(@content_service).to receive(:create_node).with(hash_including label: '192.168.150.163').once
+
+    @importer.import(file: 'spec/fixtures/files/saint_metasploitable_sample.xml')
+  end
+end

data/spec/fixtures/files/evidence-01.xml

@@ -0,0 +1,8 @@
+<evidence>
+<port>Test Port</port>
+<severity>Test Severity</severity>
+<description>Test Description</description>
+<class>Test Vuln class</class>
+<cve>Test Cve</cve>
+<cvss_base_score>Test Cvss base score</cvss_base_score>
+</evidence>

data/spec/fixtures/files/full_report.xml

@@ -0,0 +1,45 @@
+<report>
+  <summary>
+  </summary>
+  <overview>
+    <hosts>
+      <host>
+        <hostname>Test Hostname</hostname>
+        <ipaddr>Test Ipaddr</ipaddr>
+        <hosttype>Test Hosttype</hosttype>
+      </host>
+    </hosts>
+    <vulnerabilities>
+      <host_info>
+        <hostname>Test Hostname</hostname>
+        <vulnerability>
+          <port>Test Port</port>
+          <severity>Test Severity</severity>
+          <description>Test Description</description>
+          <class>Test Vuln class</class>
+          <cve>Test Cve</cve>
+          <cvss_base_score>Test Cvss base score</cvss_base_score>
+        </vulnerability>
+      </host_info>
+    </vulnerabilities>
+  </overview>
+  <details>
+    <vulnerability>
+      <description>Test Description</description>
+      <hostname>Test Hostname</hostname>
+      <ipaddr>Test Ipaddr</ipaddr>
+      <hosttype>Test Hosttype</hosttype>
+      <scan_time>Test Scan time</scan_time>
+      <status>Test Status</status>
+      <severity>Test Severity</severity>
+      <cve>Test Cve</cve>
+      <cvss_base_score>Test Cvss base score</cvss_base_score>
+      <impact>Test Impact</impact>
+      <background>Test Background</background>
+      <problem>Test Problem</problem>
+      <resolution>Test Resolution</resolution>
+      <reference>Test Reference</reference>
+      <vuln_details></vuln_details>
+    </vulnerability>
+  </details>
+</report>