nexpose_csv_generator 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. data/lib/raw_xml_data_builder.rb +97 -95
  2. metadata +4 -4
data/lib/raw_xml_data_builder.rb CHANGED
@@ -3,115 +3,117 @@ require 'rex/parser/nexpose_xml'
3
3
 
4
4
  class RawXMLDataBuilder
5
5
 
6
- def initialize client_api, parse_vuln_states_only
7
- @client_api = client_api
8
- @adhoc_report_generator = Nexpose::ReportAdHoc.new client_api
9
-
10
- @vuln_map = {}
11
- @host_data = []
12
- @vuln_data = []
13
-
14
- @parser = Rex::Parser::NexposeXMLStreamParser.new
15
- @parser.parse_vulnerable_states_only parse_vuln_states_only
16
- @parser.callback = proc { |type, value|
17
- case type
18
- when :host
19
- @host_data << value
20
- when :vuln
21
- @vuln_data << value
22
- end
23
- }
24
- end
6
+ def initialize client_api, parse_vuln_states_only
7
+ @client_api = client_api
8
+ @vuln_map = {}
9
+
10
+ @parser = Rex::Parser::NexposeXMLStreamParser.new
11
+ @parser.parse_vulnerable_states_only parse_vuln_states_only
12
+ @parser.callback = proc { |type, value|
13
+ case type
14
+ when :host
15
+ @host_data << value
16
+ when :vuln
17
+ @vuln_data << value
18
+ end
19
+ }
20
+ end
25
21
 
26
- def get_node_data site_id
27
- @adhoc_report_generator.addFilter 'site', site_id
28
- data = @adhoc_report_generator.generate
22
+ def get_node_data site_id
23
+ # Reset for each call
24
+ @host_data = []
25
+ @vuln_data = []
29
26
 
30
- # The only way to get the corresponding device-id is though mappings
31
- site_device_listing = @client_api.site_device_listing site_id
27
+ # For multiple calls the filter isn't reset so we have to recreate the instance
28
+ adhoc_report_generator = Nexpose::ReportAdHoc.new @client_api
29
+ adhoc_report_generator.addFilter 'site', site_id
30
+ data = adhoc_report_generator.generate
32
31
 
33
- REXML::Document.parse_stream(data.to_s, @parser)
32
+ # The only way to get the corresponding device-id is though mappings
33
+ site_device_listing = @client_api.site_device_listing site_id
34
34
 
35
- populate_vuln_map
36
- build_node_data site_device_listing
37
- end
35
+ REXML::Document.parse_stream(data.to_s, @parser)
38
36
 
39
- def get_vuln_data
40
- @vuln_map
41
- end
37
+ populate_vuln_map
38
+ build_node_data site_device_listing
39
+ end
40
+
41
+ def get_vuln_data
42
+ @vuln_map
43
+ end
42
44
 
43
- #------------------------------------------------------------------------------------------------------
45
+ #------------------------------------------------------------------------------------------------------
44
46
  #
45
47
  #------------------------------------------------------------------------------------------------------
46
48
  def build_node_data site_device_listing
47
- res = []
48
- @host_data.each do |host_data|
49
- ip = host_data["addr"]
50
- device_id = get_device_id ip, site_device_listing
51
-
52
- # Just take the first name
53
- names = host_data["names"]
54
- name = ''
55
- unless names.nil? or names.empty?
56
- name = names[0]
57
- end
58
-
59
- fingerprint = ''
60
- fingerprint << host_data["os_vendor"]
61
- fingerprint << ' '
62
- fingerprint << host_data["os_family"]
63
-
64
- host_data["vulns"].each { |vuln_id, vuln_info|
65
-
66
- vkey = vuln_info["key"] || ''
67
- vuln_endpoint_data = vuln_info["endpoint_data"]
68
-
69
- port = ''
70
- protocol = ''
71
- if vuln_endpoint_data
72
- port = vuln_endpoint_data["port"] || ''
73
- protocol = vuln_endpoint_data["protocol"] || ''
74
- end
75
-
76
- res << {
77
- :ip => ip,
78
- :device_id => device_id,
79
- :name => name,
80
- :fingerprint => fingerprint,
81
- :vuln_id => vuln_id,
82
- :vuln_status => vuln_info["status"],
83
- :port => port,
84
- :protocol => protocol,
85
- :vkey => vkey,
86
- :proof => vuln_info["proof"]
87
- }
88
- }
89
- end
90
-
91
- res
49
+ res = []
50
+ @host_data.each do |host_data|
51
+ ip = host_data["addr"]
52
+ device_id = get_device_id ip, site_device_listing
53
+
54
+ # Just take the first name
55
+ names = host_data["names"]
56
+ name = ''
57
+ unless names.nil? or names.empty?
58
+ name = names[0]
59
+ end
60
+
61
+ fingerprint = ''
62
+ fingerprint << (host_data["os_vendor"] || '')
63
+ fingerprint << ' '
64
+ fingerprint << (host_data["os_family"] || '')
65
+
66
+ host_data["vulns"].each { |vuln_id, vuln_info|
67
+
68
+ vkey = vuln_info["key"] || ''
69
+ vuln_endpoint_data = vuln_info["endpoint_data"]
70
+
71
+ port = ''
72
+ protocol = ''
73
+ if vuln_endpoint_data
74
+ port = vuln_endpoint_data["port"] || ''
75
+ protocol = vuln_endpoint_data["protocol"] || ''
76
+ end
77
+
78
+ res << {
79
+ :ip => ip,
80
+ :device_id => device_id,
81
+ :name => name,
82
+ :fingerprint => fingerprint,
83
+ :vuln_id => vuln_id,
84
+ :vuln_status => vuln_info["status"],
85
+ :port => port,
86
+ :protocol => protocol,
87
+ :vkey => vkey,
88
+ :proof => vuln_info["proof"]
89
+ }
90
+ }
91
+ end
92
+
93
+ res
92
94
  end
93
95
 
94
96
  def populate_vuln_map
95
- @vuln_data.each do |vuln_data|
96
- id = vuln_data["id"].to_s.downcase.chomp
97
- unless @vuln_map.has_key? id
98
- @vuln_map[id] = {
99
- :severity => vuln_data["severity"],
100
- :title => vuln_data["title"],
101
- :description => vuln_data["description"],
102
- :solution => vuln_data["solution"],
103
- :cvss => vuln_data["cvssScore"]
104
- }
105
- end
106
- end
97
+ @vuln_data.each do |vuln_data|
98
+ id = vuln_data["id"].to_s.downcase.chomp
99
+ unless @vuln_map.has_key? id
100
+ @vuln_map[id] = {
101
+ :severity => vuln_data["severity"],
102
+ :title => vuln_data["title"],
103
+ :description => vuln_data["description"],
104
+ :solution => vuln_data["solution"],
105
+ :cvss => vuln_data["cvssScore"]
106
+ }
107
+ end
107
108
  end
109
+ end
108
110
 
109
- def get_device_id ip, site_device_listing
110
- site_device_listing.each do |device_info|
111
- if device_info[:address] =~ /#{ip}/
112
- return device_info[:device_id]
113
- end
114
- end
111
+ def get_device_id ip, site_device_listing
112
+ site_device_listing.each do |device_info|
113
+ if device_info[:address] =~ /#{ip}/
114
+ return device_info[:device_id]
115
+ end
115
116
  end
117
+ end
116
118
 
117
119
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose_csv_generator
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,12 +9,12 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-06-20 00:00:00.000000000 -07:00
12
+ date: 2011-06-27 00:00:00.000000000 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: nexpose
17
- requirement: &26547192 !ruby/object:Gem::Requirement
17
+ requirement: &24426288 !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ! '>='
@@ -22,7 +22,7 @@ dependencies:
22
22
  version: 0.0.3
23
23
  type: :runtime
24
24
  prerelease: false
25
- version_requirements: *26547192
25
+ version_requirements: *24426288
26
26
  description: ! " This is a tool that connects to an NSC instance to generate a user
27
27
  specified delimited report with the following fields:\n\tVulnerable Status || Port
28
28
  Details || IP || Hostname || Vulnerability Description || Vulnerability Remediation