nexpose_csv_generator 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/raw_xml_data_builder.rb +97 -95
- metadata +4 -4
data/lib/raw_xml_data_builder.rb
CHANGED
@@ -3,115 +3,117 @@ require 'rex/parser/nexpose_xml'
|
|
3
3
|
|
4
4
|
class RawXMLDataBuilder
|
5
5
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
@vuln_data << value
|
22
|
-
end
|
23
|
-
}
|
24
|
-
end
|
6
|
+
def initialize client_api, parse_vuln_states_only
|
7
|
+
@client_api = client_api
|
8
|
+
@vuln_map = {}
|
9
|
+
|
10
|
+
@parser = Rex::Parser::NexposeXMLStreamParser.new
|
11
|
+
@parser.parse_vulnerable_states_only parse_vuln_states_only
|
12
|
+
@parser.callback = proc { |type, value|
|
13
|
+
case type
|
14
|
+
when :host
|
15
|
+
@host_data << value
|
16
|
+
when :vuln
|
17
|
+
@vuln_data << value
|
18
|
+
end
|
19
|
+
}
|
20
|
+
end
|
25
21
|
|
26
|
-
|
27
|
-
|
28
|
-
|
22
|
+
def get_node_data site_id
|
23
|
+
# Reset for each call
|
24
|
+
@host_data = []
|
25
|
+
@vuln_data = []
|
29
26
|
|
30
|
-
|
31
|
-
|
27
|
+
# For multiple calls the filter isn't reset so we have to recreate the instance
|
28
|
+
adhoc_report_generator = Nexpose::ReportAdHoc.new @client_api
|
29
|
+
adhoc_report_generator.addFilter 'site', site_id
|
30
|
+
data = adhoc_report_generator.generate
|
32
31
|
|
33
|
-
|
32
|
+
# The only way to get the corresponding device-id is though mappings
|
33
|
+
site_device_listing = @client_api.site_device_listing site_id
|
34
34
|
|
35
|
-
|
36
|
-
build_node_data site_device_listing
|
37
|
-
end
|
35
|
+
REXML::Document.parse_stream(data.to_s, @parser)
|
38
36
|
|
39
|
-
|
40
|
-
|
41
|
-
|
37
|
+
populate_vuln_map
|
38
|
+
build_node_data site_device_listing
|
39
|
+
end
|
40
|
+
|
41
|
+
def get_vuln_data
|
42
|
+
@vuln_map
|
43
|
+
end
|
42
44
|
|
43
|
-
|
45
|
+
#------------------------------------------------------------------------------------------------------
|
44
46
|
#
|
45
47
|
#------------------------------------------------------------------------------------------------------
|
46
48
|
def build_node_data site_device_listing
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
49
|
+
res = []
|
50
|
+
@host_data.each do |host_data|
|
51
|
+
ip = host_data["addr"]
|
52
|
+
device_id = get_device_id ip, site_device_listing
|
53
|
+
|
54
|
+
# Just take the first name
|
55
|
+
names = host_data["names"]
|
56
|
+
name = ''
|
57
|
+
unless names.nil? or names.empty?
|
58
|
+
name = names[0]
|
59
|
+
end
|
60
|
+
|
61
|
+
fingerprint = ''
|
62
|
+
fingerprint << (host_data["os_vendor"] || '')
|
63
|
+
fingerprint << ' '
|
64
|
+
fingerprint << (host_data["os_family"] || '')
|
65
|
+
|
66
|
+
host_data["vulns"].each { |vuln_id, vuln_info|
|
67
|
+
|
68
|
+
vkey = vuln_info["key"] || ''
|
69
|
+
vuln_endpoint_data = vuln_info["endpoint_data"]
|
70
|
+
|
71
|
+
port = ''
|
72
|
+
protocol = ''
|
73
|
+
if vuln_endpoint_data
|
74
|
+
port = vuln_endpoint_data["port"] || ''
|
75
|
+
protocol = vuln_endpoint_data["protocol"] || ''
|
76
|
+
end
|
77
|
+
|
78
|
+
res << {
|
79
|
+
:ip => ip,
|
80
|
+
:device_id => device_id,
|
81
|
+
:name => name,
|
82
|
+
:fingerprint => fingerprint,
|
83
|
+
:vuln_id => vuln_id,
|
84
|
+
:vuln_status => vuln_info["status"],
|
85
|
+
:port => port,
|
86
|
+
:protocol => protocol,
|
87
|
+
:vkey => vkey,
|
88
|
+
:proof => vuln_info["proof"]
|
89
|
+
}
|
90
|
+
}
|
91
|
+
end
|
92
|
+
|
93
|
+
res
|
92
94
|
end
|
93
95
|
|
94
96
|
def populate_vuln_map
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
end
|
97
|
+
@vuln_data.each do |vuln_data|
|
98
|
+
id = vuln_data["id"].to_s.downcase.chomp
|
99
|
+
unless @vuln_map.has_key? id
|
100
|
+
@vuln_map[id] = {
|
101
|
+
:severity => vuln_data["severity"],
|
102
|
+
:title => vuln_data["title"],
|
103
|
+
:description => vuln_data["description"],
|
104
|
+
:solution => vuln_data["solution"],
|
105
|
+
:cvss => vuln_data["cvssScore"]
|
106
|
+
}
|
107
|
+
end
|
107
108
|
end
|
109
|
+
end
|
108
110
|
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
end
|
111
|
+
def get_device_id ip, site_device_listing
|
112
|
+
site_device_listing.each do |device_info|
|
113
|
+
if device_info[:address] =~ /#{ip}/
|
114
|
+
return device_info[:device_id]
|
115
|
+
end
|
115
116
|
end
|
117
|
+
end
|
116
118
|
|
117
119
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nexpose_csv_generator
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,12 +9,12 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2011-06-
|
12
|
+
date: 2011-06-27 00:00:00.000000000 -07:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: nexpose
|
17
|
-
requirement: &
|
17
|
+
requirement: &24426288 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ! '>='
|
@@ -22,7 +22,7 @@ dependencies:
|
|
22
22
|
version: 0.0.3
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *24426288
|
26
26
|
description: ! " This is a tool that connects to an NSC instance to generate a user
|
27
27
|
specified delimited report with the following fields:\n\tVulnerable Status || Port
|
28
28
|
Details || IP || Hostname || Vulnerability Description || Vulnerability Remediation
|