RubyGems - heimdall_tools - Versions diffs - 1.3.29 → 1.3.30 - Mend

heimdall_tools 1.3.29 → 1.3.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -6
data/lib/data/U_CCI_List.xml +38403 -0
data/lib/heimdall_tools/cli.rb +2 -1
data/lib/heimdall_tools/nessus_mapper.rb +41 -11
metadata +3 -3
data/lib/data/gitkeep +0 -0

data/lib/heimdall_tools/cli.rb CHANGED

@@ -53,9 +53,10 @@ module HeimdallTools
     def nessus_mapper
       hdfs = HeimdallTools::NessusMapper.new(File.read(options[:xml])).to_hdf
+      puts "\nHDF Generated:"
       hdfs.keys.each do | host |
         File.write("#{options[:output_prefix]}-#{host}.json", hdfs[host])
-        puts "HDF Generated: #{options[:output_prefix]}-#{host}.json"
+        puts "#{options[:output_prefix]}-#{host}.json"
       end
     end

data/lib/heimdall_tools/nessus_mapper.rb CHANGED

@@ -2,10 +2,13 @@ require 'json'
 require 'csv'
 require 'heimdall_tools/hdf'
 require 'utilities/xml_to_hash'
+require 'nokogiri'
+require 'pp'
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 NESSUS_PLUGINS_NIST_MAPPING_FILE =   File.join(RESOURCE_DIR, 'nessus-plugins-nist-mapping.csv')
+U_CCI_LIST =   File.join(RESOURCE_DIR, 'U_CCI_List.xml')
 IMPACT_MAPPING = {
   Info: 0.0,
@@ -25,12 +28,22 @@ NA_PLUGIN_OUTPUT = "This Nessus Plugin does not provide output message.".freeze
 # rubocop:disable Metrics/AbcSize
+# Loading spinner sign
+$spinner = Enumerator.new do |e|
+  loop do
+    e.yield '|'
+    e.yield '/'
+    e.yield '-'
+    e.yield '\\'
+  end
+end
 module HeimdallTools
   class NessusMapper
     def initialize(nessus_xml, verbose = false)
       @nessus_xml = nessus_xml
       @verbose = verbose
+      read_cci_xml
       begin
         @cwe_nist_mapping = parse_mapper
         @data = xml_to_hash(nessus_xml)
@@ -53,6 +66,7 @@ module HeimdallTools
         raise "Invalid Nessus XML file provided Exception: #{e}"
       end
     end
     def parse_refs(refs, key)
       refs.split(',').map { |x| x.split('|')[1] if x.include?(key) }.compact
     end
@@ -107,7 +121,29 @@ module HeimdallTools
       [finding]
     end
-    def nist_tag(pluginfamily, pluginid)
+    def read_cci_xml
+      cci_list_path = File.join(File.dirname(__FILE__), '../data/U_CCI_List.xml')
+      @cci_xml = Nokogiri::XML(File.open(cci_list_path))
+      @cci_xml.remove_namespaces!
+    rescue StandardError => e
+      puts "Exception: #{e.message}"
+    end
+    def cci_nist_tag(cci_refs)
+      nist_tags = []
+      cci_refs.each do | cci_ref |
+        item_node = @cci_xml.xpath("//cci_list/cci_items/cci_item[@id='#{cci_ref}']")[0] unless @cci_xml.nil?
+        unless item_node.nil?
+          nist_ref = item_node.xpath('./references/reference[not(@version <= preceding-sibling::reference/@version) and not(@version <=following-sibling::reference/@version)]/@index').text
+          nist_ver = item_node.xpath('./references/reference[not(@version <= preceding-sibling::reference/@version) and not(@version <=following-sibling::reference/@version)]/@version').text
+        end
+        nist_tags << nist_ref
+        nist_tags << "Rev_#{nist_ver}"
+      end
+      nist_tags
+    end
+    def plugin_nist_tag(pluginfamily, pluginid)
       entries = @cwe_nist_mapping.select { |x| (x[:pluginfamily].eql?(pluginfamily) && (x[:pluginid].eql?('*') || x[:pluginid].eql?(pluginid.to_i)) ) }
       tags = entries.map { |x| [x[:nistid].split('|'), "Rev_#{x[:rev]}"] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
@@ -163,6 +199,7 @@ module HeimdallTools
       @reports.each do | report|
         controls = []
         report['ReportItem'].each do | item |
+          printf("\rProcessing: %s", $spinner.next)
           @item = {}
           @item['tags']               = {}
           @item['descriptions']       = []
@@ -194,16 +231,9 @@ module HeimdallTools
             @item['impact']            = impact(item['severity'])
           end
           if item['compliance-reference']
-            # TODO: Cover cases where 800-53 refs are not provided in nessus `compliance-reference` field
-            @item['tags']['nist']     = parse_refs(item['compliance-reference'],'800-53') << DEFAULT_NIST_REV
-          else
-            @item['tags']['nist']     = nist_tag(item['pluginFamily'],item['pluginID'])
-          end
-          if item['compliance-solution']
-            # TODO: Cover cases where 800-53 refs are not provided in nessus `compliance-reference` field
-            @item['tags']['nist']     = parse_refs(item['compliance-reference'],'800-53') << DEFAULT_NIST_REV
+            @item['tags']['nist']     = cci_nist_tag(parse_refs(item['compliance-reference'],'CCI'))
           else
-            @item['tags']['nist']     = nist_tag(item['pluginFamily'],item['pluginID'])
+            @item['tags']['nist']     = plugin_nist_tag(item['pluginFamily'],item['pluginID'])
           end
           if item['compliance-solution']
             @item['descriptions']       <<  desc_tags(item['compliance-solution'], 'check')

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: heimdall_tools
 version: !ruby/object:Gem::Version
-  version: 1.3.29
+  version: 1.3.30
 platform: ruby
 authors:
 - Robert Thew
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-05-28 00:00:00.000000000 Z
+date: 2020-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -209,8 +209,8 @@ files:
 - README.md
 - Rakefile
 - exe/heimdall_tools
+- lib/data/U_CCI_List.xml
 - lib/data/cwe-nist-mapping.csv
-- lib/data/gitkeep
 - lib/data/nessus-plugins-nist-mapping.csv
 - lib/data/owasp-nist-mapping.csv
 - lib/heimdall_tools.rb

data/lib/data/gitkeep DELETED

File without changes