odle 0.0.7 → 0.0.8

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 303f5b0e063099a999a59f7c28a77bcc70f7ff52
4
- data.tar.gz: 5a0db321f57ac8ac697a980f4df7195d5160f7b3
2
+ SHA256:
3
+ metadata.gz: 8ec265231c7271f7b1e1685f616ff8d84df67462d2f96df94d4be050a165d7fa
4
+ data.tar.gz: ff613eee0c2faf95d36ef25cf6a7dea86c14d81648764196fd804968147c883c
5
5
  SHA512:
6
- metadata.gz: 7f378dcf8b3e7a6cf7f61042621a5df8ecb1bd3ba20077d5ecc4654afd1220fb98fd8640c6ab9ad18b54149663097e286c220dfcd06a40de8f0d4503e356de01
7
- data.tar.gz: 0cd5f2573e85ada175556629aded5886ea37fb7b12f3057687219b1bc6c2e99e27e40a7a7f2d7169c7bd79e0a2a5e714f1edfc3d94fdabc6693ebc5e6e5974a8
6
+ metadata.gz: 80aa6244b1305f95aa43b4fd1c267b25912419a07c2c5c3907fe4d1e508a82e3e253590b396da7859bcb02da4a52a94f19889a11190a34a046b338ded7819aa9
7
+ data.tar.gz: 0eef156c23ef812135e788fd1c62c997968344a2d0d3ad3d4d3ba568fee57b5baf288be3df6843400865ffa5abe3e99a38fb8d263b2eb458b355a4a83b55d5bb
data/bin/odle CHANGED
@@ -1,12 +1,15 @@
1
1
  #!/usr/bin/env ruby
2
-
3
2
  require 'odle'
4
3
 
4
+ def list_types()
5
+ return ["","--burp","--burp2","--nessus","--msf","--nmap"].join("\n")
6
+ end
7
+
5
8
  # data flags are required
6
9
  flags = ARGV.shift
7
10
 
8
11
  unless flags
9
- puts "[!] A data type is required e.g.\n odle --burp \n\n Available types:"#+list_types()
12
+ puts "[!] A data type is required e.g.\n cat MYDATA_FILE | odle --burp \n\n Available types:"+list_types()
10
13
  exit(0)
11
14
  end
12
15
 
@@ -22,6 +25,8 @@ end
22
25
 
23
26
  if type.downcase == "burp"
24
27
  puts Burp.new().parse(ARGF.read,"0")
28
+ elsif type.downcase == "burp2"
29
+ puts Burp2.new().parse(ARGF.read,"0")
25
30
  elsif type.downcase == "nessus"
26
31
  puts Nessus.new().parse(ARGF.read,"0")
27
32
  elsif type.downcase == "msf"
@@ -29,5 +34,5 @@ elsif type.downcase == "msf"
29
34
  elsif type.downcase == "nmap"
30
35
  puts Nmap.new().parse(ARGF.read,"0")
31
36
  else
32
- puts "[!] Unknown data type \n\n Available types:"#+list_types()
37
+ puts "[!] Unknown data type \n\n Available types:"+list_types()
33
38
  end
@@ -0,0 +1,55 @@
1
+ require 'json'
2
+
3
+ class Burp2
4
+
5
+ def parse(xml,threshold)
6
+ vulns = Hash.new
7
+ findings = Array.new
8
+ vulns["findings"] = []
9
+
10
+ doc = Nokogiri::XML(xml)
11
+ doc.css('//issues/issue').each do |issue|
12
+ if issue.css('severity').text
13
+ # create a temporary finding object
14
+ finding = Finding.new()
15
+ finding.title = issue.css('name').text.to_s()
16
+ finding.overview = issue.css('issueBackground').text.to_s()+issue.css('issueDetail').text.to_s()
17
+ finding.remediation = issue.css('remediationBackground').text.to_s()
18
+
19
+ if issue.css('severity').text == 'Low'
20
+ finding.risk = 1
21
+ elsif issue.css('severity').text == 'Medium'
22
+ finding.risk = 2
23
+ elsif issue.css('severity').text =='High'
24
+ finding.risk = 3
25
+ else
26
+ finding.risk = 1
27
+ end
28
+
29
+
30
+ finding.type = "Web Application"
31
+
32
+ findings << finding
33
+
34
+ host = issue.css('host').text
35
+ ip = issue.css('host').attr('ip')
36
+ id = issue.css('type').text
37
+ hostname = "#{host}"
38
+
39
+ finding.affected_hosts = "#{host} (#{ip})"
40
+
41
+ finding.id = id
42
+ if vulns[hostname]
43
+ vulns[hostname] << finding.to_hash
44
+ else
45
+ vulns[hostname] = []
46
+ vulns[hostname] << finding.to_hash
47
+ end
48
+ end
49
+ end
50
+
51
+ #vulns["findings"] = uniq_findings(findings)
52
+ return vulns.to_json
53
+ end
54
+
55
+ end
@@ -46,8 +46,9 @@ class Nmap
46
46
  finding = Finding.new()
47
47
  finding.affected_hosts = affected_hosts
48
48
 
49
+ # if a script was run, grab the results
49
50
  if port.css("/script").size > 0
50
- finding.title = "Script Result:"+port.css("/script").attr("id").value+" [#{state} #{portid} (#{service})]"
51
+ finding.title = "Script Scan:"+port.css("/script").attr("id").value+" [#{state} #{portid} (#{service})]"
51
52
  finding.overview = port.css("/script").attr("output").value
52
53
  vulns[host] << finding.to_hash
53
54
  else
@@ -58,39 +59,8 @@ class Nmap
58
59
  end
59
60
 
60
61
  end
61
-
62
-
63
-
64
-
65
- # check if findings done, otherwise one finding per 'host'
66
-
67
- =begin
68
- if (itemnode["port"].to_s != "0" && itemnode["severity"] >= threshold)
69
-
70
- # create a temporary finding object
71
- finding = Finding.new()
72
- finding.title = itemnode['pluginName'].to_s()
73
- finding.overview = itemnode.css("description").to_s()
74
- finding.remediation = itemnode.css("solution").to_s()
75
-
76
- # can this be inherited from an import properly?
77
- finding.type = "Imported"
78
- finding.risk = itemnode["severity"]
79
- finding.affected_hosts = hostnode["name"]
80
- if itemnode.css("plugin_output")
81
- finding.notes = hostnode["name"]+" ("+itemnode["protocol"]+ " port " + itemnode["port"]+"):"+itemnode.css("plugin_output").to_s()
82
- end
83
-
84
- finding.references = itemnode.css("see_also").to_s
85
- finding.id = itemnode['pluginID'].to_s()
86
-
87
- vulns[host] << finding.to_hash
88
- items << itemnode['pluginID'].to_s()
89
- end
90
- =end
91
62
  end
92
63
 
93
- # vulns[host] = findings
94
64
  items = []
95
65
  end
96
66
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: odle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.7
4
+ version: 0.0.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Will Vandevanter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-13 00:00:00.000000000 Z
11
+ date: 2018-10-23 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: An easy to use security data parsing tool. Takes in data from different
14
14
  tools and outputs standardized JSON.
@@ -22,6 +22,7 @@ files:
22
22
  - lib/model/data.rb
23
23
  - lib/odle.rb
24
24
  - lib/parsers/burp.rb
25
+ - lib/parsers/burp2.rb
25
26
  - lib/parsers/msfv5.rb
26
27
  - lib/parsers/nessus.rb
27
28
  - lib/parsers/nmap.rb
@@ -47,7 +48,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
47
48
  version: '0'
48
49
  requirements: []
49
50
  rubyforge_project:
50
- rubygems_version: 2.6.12
51
+ rubygems_version: 2.7.7
51
52
  signing_key:
52
53
  specification_version: 4
53
54
  summary: odle