prenus 0.0.1 → 0.0.2

data/README.rdoc

@@ -92,7 +92,7 @@ Well, getting GD and all the other Circos dependencies was a bit of a pain in th
 
 You might also need to fiddle with the circos.conf file, but eventually I had it working pretty solidly. I had circos installed in ~/circos/circos-0.62-1/ and the circos tools in ~/circos/circos-tools-0.16/
 
-s will only work if you're in the Circos Tools tableviewer folder (in my instance, ~/circos/circos-tools-0.16/tools/tableviewer/)
+This will only work if you're in the Circos Tools tableviewer folder (in my instance, ~/circos/circos-tools-0.16/tools/tableviewer/)
 
    prenus -t circos -s 4 /folder/where/nessus/files/are/*.nessus | bin/parse-table -conf samples/parse-table-01.conf | bin/make-conf -dir data
    ../../../circos-0.62-1/bin/circos -conf etc/circos.conf -outputfile prenus.png
@@ -100,4 +100,5 @@ s will only work if you're in the Circos Tools tableviewer folder (in my instanc
 This will dump the png into the img/ folder.
 
 == Changes
+* Version 0.0.2 - Updated input - handles duplicate hosts a bit nicer (but not much nicer)
 * Version 0.0.1 - initial release .. buggy to the max

data/bin/prenus

@@ -18,7 +18,7 @@ require 'lib/output'
 require 'lib/input'
 
 #Versioning and .. those things
-$verstring = "Version 0.0.1 - 27th of July, 2012 - Created by Christian \"xntrik\" Frichot.\n\n"
+$verstring = "Version 0.0.2 - 20th of August, 2012 - Created by Christian \"xntrik\" Frichot.\n\n"
 $verstring += "Copyright 2012 Christian Frichot\n\n"
 $verstring += "Licensed under the Apache License, Version 2.0 (the \"License\");\n"
 $verstring += "you may not use this file except in compliance with the License.\n"

data/lib/input/nessusin.rb

@@ -67,25 +67,46 @@ class Nessusin
 					high = host.high_severity_count || 0 #grab the number of high findings
 					crit = host.critical_severity_count || 0 #grab the number of critical findings
 
-					# add the host into the hosts hash
-					# I'm not yet doing any 'unique' validation, although I probably should .. oh so slack
-					hosts[hostid] = {:ip => ip, :hostname => hostname, :os => os, :info => info, :low => low, :med => med, :high => high, :crit => crit, :total => info+low+med+high+crit, :total_excl_info => low+med+high+crit}
+					targethostid = hostid #For the moment
+
+					# Check to see if we already have the host (based on IP, Hostname and OS)
+					if hosts.select {|key,f| f[:os].to_s == os and f[:ip].to_s == ip and f[:hostname].to_s == hostname}.count == 0
+						# Okay, we don't have this host yet
+
+						# add the host into the hosts hash
+						hosts[hostid] = {:ip => ip, :hostname => hostname, :os => os, :info => info, :low => low, :med => med, :high => high, :crit => crit, :total => info+low+med+high+crit, :total_excl_info => low+med+high+crit}
+						hostid += 1 # We only increase because we've added a new host
+					else
+						# We do have this host, lets grab the host id
+						hosts.select {|key,f| f[:os].to_s == os and f[:ip].to_s == ip and f[:hostname] == hostname}.each {|k,v| targethostid = k}
+
+						# Lets now check who has the greatest number of findings, and then we'll use that one going forward
+						if hosts[targethostid][:total].to_i < (info + low + med + high) #therefore the older, previously detected host had more - update the counters
+							hosts[targethostid][:info] = info
+							hosts[targethostid][:low] = low
+							hosts[targethostid][:med] = med
+							hosts[targethostid][:high] = high
+							hosts[targethostid][:crit] = crit
+							hosts[targethostid][:total] = info + low + med + high + crit
+							hosts[targethostid][:total_excl_info] = low + med + high + crit
+						end
+					end
 
 					# Now lets iterate through each of the findings in this particular host
 					host.each_event do |event|
 
-						# If the events hash already has this event, lets just add this hostid to it's hosts array within the ports hash
+						# If the events hash already has this event, lets just add this targethostid to it's hosts array within the ports hash
 						if events.has_key?(event.id)
 
 							#Lets check the ports hash
 							if events[event.id][:ports].has_key?(event.port.to_s)
 
 								# We'll only add the hostid if the host's not already in the array
-								events[event.id][:ports][event.port.to_s][:hosts][hostid] = event.output unless events[event.id][:ports][event.port.to_s][:hosts].include?(hostid)
+								events[event.id][:ports][event.port.to_s][:hosts][targethostid] = event.output unless events[event.id][:ports][event.port.to_s][:hosts].include?(targethostid)
 
 							#Lets add this new port to this hash	
 							else
-								events[event.id][:ports][event.port.to_s] = {:hosts => { hostid => event.output}}
+								events[event.id][:ports][event.port.to_s] = {:hosts => { targethostid => event.output}}
 							end
 
 						# okay, this event doesn't exist, lets add it to the events hash
@@ -105,12 +126,9 @@ class Nessusin
 								#:port => event.port.to_s || ""						#port
 								:ports => {}
 							}
-							events[event.id][:ports][event.port.to_s] = {:hosts => {hostid => event.output}}
+							events[event.id][:ports][event.port.to_s] = {:hosts => {targethostid => event.output}}
 						end
 					end
-
-					#increase the unique host id
-					hostid += 1
 				end
 			end
 		end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: prenus
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-07-31 00:00:00.000000000Z
+date: 2012-08-20 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-nessus
-  requirement: &70165631471960 !ruby/object:Gem::Requirement
+  requirement: &70160182782920 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,7 +21,7 @@ dependencies:
         version: 1.0.3
   type: :runtime
   prerelease: false
-  version_requirements: *70165631471960
+  version_requirements: *70160182782920
 description: Pretty Nessus = Prenus
 email: xntrik@gmail.com
 executables: