risu 1.4.4 → 1.4.5
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.markdown +14 -1
- data/README.markdown +23 -41
- data/TODO.markdown +48 -39
- data/lib/risu.rb +4 -9
- data/lib/risu/base.rb +15 -0
- data/lib/risu/base/prawn_templater.rb +37 -0
- data/lib/risu/{schema.rb → base/schema.rb} +34 -15
- data/lib/risu/base/template_base.rb +23 -0
- data/lib/risu/base/template_manager.rb +106 -0
- data/lib/risu/base/templater.rb +37 -0
- data/lib/risu/cli/application.rb +28 -8
- data/lib/risu/models.rb +1 -2
- data/lib/risu/models/host.rb +147 -23
- data/lib/risu/models/item.rb +131 -43
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/report.rb +11 -1
- data/lib/risu/models/serverpreference.rb +0 -2
- data/lib/risu/models/servicedescription.rb +10 -0
- data/lib/risu/parsers.rb +2 -3
- data/lib/risu/parsers/nessus/nessus_document.rb +69 -0
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +278 -0
- data/lib/risu/templates/assets.rb +45 -18
- data/lib/risu/templates/cover_sheet.rb +70 -42
- data/lib/risu/templates/exec_summary.rb +64 -45
- data/lib/risu/templates/executive_summary.rb +185 -161
- data/lib/risu/templates/finding_statistics.rb +44 -17
- data/lib/risu/templates/findings_host.rb +70 -46
- data/lib/risu/templates/findings_summary.rb +78 -54
- data/lib/risu/templates/findings_summary_with_pluginid.rb +80 -54
- data/lib/risu/templates/graphs.rb +46 -19
- data/lib/risu/templates/host_summary.rb +62 -39
- data/lib/risu/templates/ms_patch_summary.rb +59 -35
- data/lib/risu/templates/ms_update_summary.rb +59 -35
- data/lib/risu/templates/pci_compliance.rb +88 -64
- data/lib/risu/templates/technical_findings.rb +132 -106
- data/lib/risu/templates/template.rb +24 -0
- metadata +12 -6
- data/lib/risu/listener.rb +0 -274
- data/lib/risu/nessusdocument.rb +0 -66
- data/lib/risu/prawn_templater.rb +0 -38
@@ -1,116 +1,142 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
#blacklist_host_id = Host.where(:ip => blacklist_ip)
|
16
|
-
#.where("host_id != (?)", blacklist_host_id)
|
17
|
-
|
18
|
-
unique_risks = Array.new
|
19
|
-
unique_risks << Hash[:title => "High Findings", :color => "FF0000", :values => Item.high_risks_unique]
|
20
|
-
unique_risks << Hash[:title => "Medium Findings", :color => "FF8040", :values => Item.medium_risks_unique]
|
21
|
-
|
22
|
-
unique_risks.each do |h|
|
23
|
-
if h[:values].length > 1
|
24
|
-
font_size(20) {
|
25
|
-
fill_color h[:color]
|
26
|
-
text h[:title], :style => :bold
|
27
|
-
fill_color "000000"
|
28
|
-
}
|
29
|
-
|
30
|
-
text "\n"
|
31
|
-
|
32
|
-
h[:values].each do |f|
|
33
|
-
|
34
|
-
hosts = Item.where(:plugin_id => f.plugin_id)
|
35
|
-
plugin = Plugin.find_by_id(f.plugin_id)
|
36
|
-
|
37
|
-
#Check if vuln is just on the blacklisted
|
38
|
-
#if hosts.count == 1
|
39
|
-
# if hosts.first.host_id == blacklist_host_id.first.id
|
40
|
-
# next
|
41
|
-
# end
|
42
|
-
#end
|
43
|
-
|
44
|
-
|
45
|
-
references = Reference.where(:plugin_id => plugin.id).group(:value).order(:reference_name)
|
46
|
-
|
47
|
-
font_size(16) { text "#{plugin.plugin_name}\n" }
|
48
|
-
|
49
|
-
if hosts.length > 1
|
50
|
-
text "Hosts", :style => :bold
|
51
|
-
else
|
52
|
-
text "Host", :style => :bold
|
53
|
-
end
|
54
|
-
|
55
|
-
hostlist = Array.new
|
56
|
-
hosts.each do |host|
|
57
|
-
h = Host.find_by_id(host.host_id)
|
58
|
-
#if h.id != blacklist_host_id.first.id
|
59
|
-
hostlist << h.name
|
60
|
-
#end
|
61
|
-
end
|
62
|
-
|
63
|
-
text hostlist.join(', ')
|
64
|
-
|
65
|
-
if f.plugin_output != nil
|
66
|
-
text "\nPlugin output", :style => :bold
|
67
|
-
text f.plugin_output
|
68
|
-
end
|
69
|
-
|
70
|
-
if plugin.description != nil
|
71
|
-
text "\nDescription", :style => :bold
|
72
|
-
text plugin.description
|
73
|
-
end
|
74
|
-
|
75
|
-
if plugin.synopsis != nil
|
76
|
-
text "\nSynopsis", :style => :bold
|
77
|
-
text plugin.synopsis
|
78
|
-
end
|
79
|
-
|
80
|
-
if plugin.cvss_base_score != nil
|
81
|
-
text "\nCVSS Base Score", :style => :bold
|
82
|
-
text plugin.cvss_base_score
|
1
|
+
module Risu
|
2
|
+
module Modules
|
3
|
+
class TechnicalFindings < Risu::Base::TemplateBase
|
4
|
+
|
5
|
+
#
|
6
|
+
#
|
7
|
+
def initialize ()
|
8
|
+
@template_info =
|
9
|
+
{
|
10
|
+
:name => "technical_findings",
|
11
|
+
:author => "hammackj",
|
12
|
+
:version => "0.0.1",
|
13
|
+
:description => "Generates a Technical Findings Report"
|
14
|
+
}
|
83
15
|
end
|
84
16
|
|
85
|
-
|
86
|
-
|
17
|
+
#
|
18
|
+
#
|
19
|
+
def render(output)
|
20
|
+
output.text Report.classification, :align => :center
|
21
|
+
output.text "\n"
|
22
|
+
|
23
|
+
output.font_size(22) { output.text Report.title, :align => :center }
|
24
|
+
output.font_size(18) {
|
25
|
+
output.text "High and Medium Findings", :align => :center
|
26
|
+
output.text "\n"
|
27
|
+
output.text "This report was prepared by\n#{Report.author}", :align => :center
|
28
|
+
}
|
87
29
|
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
30
|
+
output.text "\n\n\n"
|
31
|
+
|
32
|
+
#@todo Revamping blacklisting in 1.3
|
33
|
+
#blacklist_ip = "-"
|
34
|
+
#blacklist_host_id = Host.where(:ip => blacklist_ip)
|
35
|
+
#.where("host_id != (?)", blacklist_host_id)
|
36
|
+
|
37
|
+
unique_risks = Array.new
|
38
|
+
unique_risks << Hash[:title => "High Findings", :color => "FF0000", :values => Item.high_risks_unique]
|
39
|
+
unique_risks << Hash[:title => "Medium Findings", :color => "FF8040", :values => Item.medium_risks_unique]
|
40
|
+
|
41
|
+
unique_risks.each do |h|
|
42
|
+
if h[:values].length > 1
|
43
|
+
output.font_size(20) do
|
44
|
+
output.fill_color h[:color]
|
45
|
+
output.text h[:title], :style => :bold
|
46
|
+
output.fill_color "000000"
|
47
|
+
end
|
48
|
+
|
49
|
+
output.text "\n"
|
50
|
+
|
51
|
+
h[:values].each do |f|
|
52
|
+
|
53
|
+
hosts = Item.where(:plugin_id => f.plugin_id)
|
54
|
+
plugin = Plugin.find_by_id(f.plugin_id)
|
55
|
+
|
56
|
+
#Check if vuln is just on the blacklisted
|
57
|
+
#if hosts.count == 1
|
58
|
+
# if hosts.first.host_id == blacklist_host_id.first.id
|
59
|
+
# next
|
60
|
+
# end
|
61
|
+
#end
|
62
|
+
|
63
|
+
|
64
|
+
references = Reference.where(:plugin_id => plugin.id).group(:value).order(:reference_name)
|
65
|
+
|
66
|
+
output.font_size(16) do
|
67
|
+
output.text "#{plugin.plugin_name}\n"
|
68
|
+
end
|
69
|
+
|
70
|
+
if hosts.length > 1
|
71
|
+
output.text "Hosts", :style => :bold
|
72
|
+
else
|
73
|
+
output.text "Host", :style => :bold
|
74
|
+
end
|
75
|
+
|
76
|
+
hostlist = Array.new
|
77
|
+
hosts.each do |host|
|
78
|
+
h = Host.find_by_id(host.host_id)
|
79
|
+
#if h.id != blacklist_host_id.first.id
|
80
|
+
hostlist << h.name
|
81
|
+
#end
|
82
|
+
end
|
83
|
+
|
84
|
+
output.text hostlist.join(', ')
|
85
|
+
|
86
|
+
if f.plugin_output != nil
|
87
|
+
output.text "\nPlugin output", :style => :bold
|
88
|
+
output.text f.plugin_output
|
89
|
+
end
|
90
|
+
|
91
|
+
if plugin.description != nil
|
92
|
+
output.text "\nDescription", :style => :bold
|
93
|
+
output.text plugin.description
|
94
|
+
end
|
95
|
+
|
96
|
+
if plugin.synopsis != nil
|
97
|
+
output.text "\nSynopsis", :style => :bold
|
98
|
+
output.text plugin.synopsis
|
99
|
+
end
|
100
|
+
|
101
|
+
if plugin.cvss_base_score != nil
|
102
|
+
output.text "\nCVSS Base Score", :style => :bold
|
103
|
+
output.text plugin.cvss_base_score
|
104
|
+
end
|
105
|
+
|
106
|
+
if plugin.exploit_available != nil
|
107
|
+
output.text "\nExploit Available", :style => :bold
|
108
|
+
|
109
|
+
if plugin.exploit_available == "true"
|
110
|
+
output.text "Yes"
|
111
|
+
else
|
112
|
+
output.text "No"
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
if plugin.solution != nil
|
117
|
+
output.text "\nSolution", :style => :bold
|
118
|
+
output.text plugin.solution
|
119
|
+
end
|
120
|
+
|
121
|
+
if references.size != 0
|
122
|
+
output.text "\nReferences", :style => :bold
|
123
|
+
references.each do |ref|
|
124
|
+
ref_text = sprintf "%s: %s\n", ref.reference_name, ref.value
|
125
|
+
output.text ref_text
|
126
|
+
end
|
127
|
+
output.text "\nNessus Plugin", :style => :bold
|
128
|
+
output.text "http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{f.plugin_id}"
|
129
|
+
end
|
130
|
+
output.text "\n"
|
131
|
+
end
|
132
|
+
end
|
133
|
+
|
134
|
+
output.start_new_page unless h[:values] == nil
|
92
135
|
end
|
93
|
-
end
|
94
136
|
|
95
|
-
|
96
|
-
text "\nSolution", :style => :bold
|
97
|
-
text plugin.solution
|
98
|
-
end
|
137
|
+
output.number_pages "<page> of <total>", :at => [output.bounds.right - 75, 0], :width => 150, :page_filter => :all
|
99
138
|
|
100
|
-
if references.size != 0
|
101
|
-
text "\nReferences", :style => :bold
|
102
|
-
references.each { |ref|
|
103
|
-
ref_text = sprintf "%s: %s\n", ref.reference_name, ref.value
|
104
|
-
text ref_text
|
105
|
-
}
|
106
|
-
text "\nNessus Plugin", :style => :bold
|
107
|
-
text "http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{f.plugin_id}"
|
108
139
|
end
|
109
|
-
text "\n"
|
110
140
|
end
|
111
141
|
end
|
112
|
-
|
113
|
-
start_new_page unless h[:values] == nil
|
114
142
|
end
|
115
|
-
|
116
|
-
number_pages "<page> of <total>", :at => [bounds.right - 75, 0], :width => 150, :page_filter => :all
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module Risu
|
2
|
+
module Modules
|
3
|
+
class Template < Risu::Base::TemplateBase
|
4
|
+
|
5
|
+
#
|
6
|
+
#
|
7
|
+
def initialize ()
|
8
|
+
@template_info =
|
9
|
+
{
|
10
|
+
:name => "template",
|
11
|
+
:author => "hammackj",
|
12
|
+
:version => "0.0.1",
|
13
|
+
:description => "template"
|
14
|
+
}
|
15
|
+
end
|
16
|
+
|
17
|
+
#
|
18
|
+
#
|
19
|
+
def render(output)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: risu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 1.4.
|
5
|
+
version: 1.4.5
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Jacob Hammack
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2011-
|
13
|
+
date: 2011-07-04 00:00:00 -05:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -175,12 +175,17 @@ files:
|
|
175
175
|
- Rakefile
|
176
176
|
- README.markdown
|
177
177
|
- TODO.markdown
|
178
|
+
- lib/risu/base/prawn_templater.rb
|
179
|
+
- lib/risu/base/schema.rb
|
180
|
+
- lib/risu/base/template_base.rb
|
181
|
+
- lib/risu/base/template_manager.rb
|
182
|
+
- lib/risu/base/templater.rb
|
183
|
+
- lib/risu/base.rb
|
178
184
|
- lib/risu/cli/application.rb
|
179
185
|
- lib/risu/cli/banner.rb
|
180
186
|
- lib/risu/cli.rb
|
181
187
|
- lib/risu/exceptions/invaliddocument.rb
|
182
188
|
- lib/risu/exceptions.rb
|
183
|
-
- lib/risu/listener.rb
|
184
189
|
- lib/risu/models/familyselection.rb
|
185
190
|
- lib/risu/models/host.rb
|
186
191
|
- lib/risu/models/individualpluginselection.rb
|
@@ -191,12 +196,12 @@ files:
|
|
191
196
|
- lib/risu/models/reference.rb
|
192
197
|
- lib/risu/models/report.rb
|
193
198
|
- lib/risu/models/serverpreference.rb
|
199
|
+
- lib/risu/models/servicedescription.rb
|
194
200
|
- lib/risu/models/version.rb
|
195
201
|
- lib/risu/models.rb
|
196
|
-
- lib/risu/
|
202
|
+
- lib/risu/parsers/nessus/nessus_document.rb
|
203
|
+
- lib/risu/parsers/nessus/nessus_sax_listener.rb
|
197
204
|
- lib/risu/parsers.rb
|
198
|
-
- lib/risu/prawn_templater.rb
|
199
|
-
- lib/risu/schema.rb
|
200
205
|
- lib/risu/templates/assets.rb
|
201
206
|
- lib/risu/templates/cover_sheet.rb
|
202
207
|
- lib/risu/templates/data/nessuslogo.jpg
|
@@ -212,6 +217,7 @@ files:
|
|
212
217
|
- lib/risu/templates/ms_update_summary.rb
|
213
218
|
- lib/risu/templates/pci_compliance.rb
|
214
219
|
- lib/risu/templates/technical_findings.rb
|
220
|
+
- lib/risu/templates/template.rb
|
215
221
|
- lib/risu.rb
|
216
222
|
- risu.gemspec
|
217
223
|
- bin/risu
|
data/lib/risu/listener.rb
DELETED
@@ -1,274 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
|
-
require 'risu'
|
4
|
-
|
5
|
-
module Risu
|
6
|
-
|
7
|
-
# NessusSaxListener
|
8
|
-
#
|
9
|
-
#
|
10
|
-
# @author Jacob Hammack <jacob.hammack@hammackj.com>
|
11
|
-
class NessusSaxListener
|
12
|
-
include LibXML::XML::SaxParser::Callbacks
|
13
|
-
|
14
|
-
# Sets up a array of all valid xml fields
|
15
|
-
#
|
16
|
-
#
|
17
|
-
def initialize
|
18
|
-
@vals = Hash.new
|
19
|
-
|
20
|
-
@valid_elements = Array["see_also", "cve", "ReportItem", "xref", "bid", "plugin_version", "risk_factor",
|
21
|
-
"description", "cvss_base_score", "solution", "item", "plugin_output", "tag", "synopsis", "plugin_modification_date",
|
22
|
-
"FamilyName", "FamilyItem", "Status", "vuln_publication_date", "ReportHost", "HostProperties", "preferenceName",
|
23
|
-
"preferenceValues", "preferenceType", "fullName", "pluginId", "pluginName", "selectedValue", "selectedValue",
|
24
|
-
"name", "value", "preference", "plugin_publication_date", "cvss_vector", "patch_publication_date",
|
25
|
-
"NessusClientData_v2", "Policy", "PluginName", "ServerPreferences", "policyComments", "policyName", "PluginItem",
|
26
|
-
"Report", "Family", "Preferences", "PluginsPreferences", "FamilySelection", "IndividualPluginSelection", "PluginId",
|
27
|
-
"pci-dss-compliance", "exploitability_ease", "cvss_temporal_vector", "exploit_framework_core", "cvss_temporal_score",
|
28
|
-
"exploit_available", "metasploit_name", "exploit_framework_canvas", "canvas_package", "exploit_framework_metasploit",
|
29
|
-
"plugin_type", "cpe"]
|
30
|
-
|
31
|
-
# This makes adding new host properties really easy.
|
32
|
-
@valid_host_properties = {
|
33
|
-
"HOST_END" => :end ,
|
34
|
-
"mac-address" => :mac ,
|
35
|
-
"HOST_START" => :start ,
|
36
|
-
"operating-system" => :os,
|
37
|
-
"host-ip" => :ip ,
|
38
|
-
"host-fqdn" => :fqdn ,
|
39
|
-
"netbios-name" => :netbios ,
|
40
|
-
"local-checks-proto" => :local_checks_proto ,
|
41
|
-
"smb-login-used" => :smb_login_used ,
|
42
|
-
"ssh-auth-meth" => :ssh_auth_meth ,
|
43
|
-
"ssh-login-used" => :ssh_login_used ,
|
44
|
-
"pci-dss-compliance" => :pci_dss_compliance ,
|
45
|
-
"pci-dss-compliance:" => :pci_dss_compliance_ ,
|
46
|
-
"pcidss:compliance:failed" => :pcidss_compliance_failed,
|
47
|
-
"pcidss:compliance:passed" => :pcidss_compliance_passed,
|
48
|
-
"pcidss:deprecated_ssl" => :pcidss_deprecated_ssl,
|
49
|
-
"pcidss:expired_ssl_certificate" => :pcidss_expired_ssl_certificate,
|
50
|
-
"pcidss:high_risk_flaw" => :pcidss_high_risk_flaw,
|
51
|
-
"pcidss:medium_risk_flaw" => :pcidss_medium_risk_flaw,
|
52
|
-
"pcidss:reachable_db" => :pcidss_reachable_db,
|
53
|
-
"pcidss:www:xss" => :pcidss_www_xss
|
54
|
-
}
|
55
|
-
|
56
|
-
@valid_ms_patches = {
|
57
|
-
"MS11-030" => :ms11_030,
|
58
|
-
"MS11-026" => :ms11_026,
|
59
|
-
"MS11-034" => :ms11_034,
|
60
|
-
"MS11-021" => :ms11_021,
|
61
|
-
"MS11-029" => :ms11_029,
|
62
|
-
"MS11-023" => :ms11_023,
|
63
|
-
"MS11-022" => :ms11_022,
|
64
|
-
"MS09-027" => :ms09_027,
|
65
|
-
"MS11-033" => :ms11_033,
|
66
|
-
"MS11-019" => :ms11_019,
|
67
|
-
"MS11-024" => :ms11_024,
|
68
|
-
"MS11-031" => :ms11_031,
|
69
|
-
"MS11-020" => :ms11_020,
|
70
|
-
"MS11-018" => :ms11_018,
|
71
|
-
"MS11-028" => :ms11_028,
|
72
|
-
"MS11-032" => :ms11_032
|
73
|
-
}
|
74
|
-
end
|
75
|
-
|
76
|
-
# Callback for when the start of a xml element is reached
|
77
|
-
#
|
78
|
-
# @param element
|
79
|
-
# @param attributes
|
80
|
-
def on_start_element(element, attributes)
|
81
|
-
@tag = element
|
82
|
-
@vals[@tag] = ""
|
83
|
-
|
84
|
-
if !@valid_elements.include?(element)
|
85
|
-
puts "New XML element detected: #{element}. Please report this to #{Risu::EMAIL}"
|
86
|
-
end
|
87
|
-
|
88
|
-
case element
|
89
|
-
when "Policy"
|
90
|
-
@policy = Risu::Models::Policy.create
|
91
|
-
@policy.save
|
92
|
-
when "preference"
|
93
|
-
@sp = @policy.server_preferences.create
|
94
|
-
@sp.save
|
95
|
-
when "item"
|
96
|
-
@item = @policy.plugins_preferences.create
|
97
|
-
@item.save
|
98
|
-
when "FamilyItem"
|
99
|
-
@family = @policy.family_selections.create
|
100
|
-
@family.save
|
101
|
-
when "PluginItem"
|
102
|
-
@plugin_selection = @policy.individual_plugin_selections.create
|
103
|
-
@plugin_selection.save
|
104
|
-
when "Report"
|
105
|
-
@report = @policy.reports.create
|
106
|
-
@report.name = attributes["name"]
|
107
|
-
@report.save
|
108
|
-
when "ReportHost"
|
109
|
-
@rh = @report.hosts.create
|
110
|
-
@rh.name = attributes["name"]
|
111
|
-
@rh.save
|
112
|
-
when "tag"
|
113
|
-
unless attributes["name"] =~ /(MS\d\d-\d\d\d)/
|
114
|
-
@attr = if @valid_host_properties.keys.include?(attributes["name"])
|
115
|
-
attributes["name"]
|
116
|
-
else
|
117
|
-
nil
|
118
|
-
end
|
119
|
-
puts "New HostProperties attribute: #{attributes["name"]}. Please report this to jacob.hammack@hammackj.com\n" if @attr.nil?
|
120
|
-
end
|
121
|
-
when "ReportItem"
|
122
|
-
@vals = Hash.new # have to clear this out or everything has the same references
|
123
|
-
@ri = @rh.items.create
|
124
|
-
if attributes["pluginID"] == "0"
|
125
|
-
@plugin = Risu::Models::Plugin.find_or_create_by_id(1)
|
126
|
-
else
|
127
|
-
@plugin = Risu::Models::Plugin.find_or_create_by_id(attributes["pluginID"])
|
128
|
-
end
|
129
|
-
|
130
|
-
@ri.port = attributes["port"]
|
131
|
-
@ri.svc_name = attributes["svc_name"]
|
132
|
-
@ri.protocol = attributes["protocol"]
|
133
|
-
@ri.severity = attributes["severity"]
|
134
|
-
|
135
|
-
@ri.plugin_id = @plugin.id
|
136
|
-
@plugin.plugin_name = attributes["pluginName"]
|
137
|
-
@plugin.family_name = attributes["pluginFamily"]
|
138
|
-
@plugin.save
|
139
|
-
@ri.save
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
# Called when the inner text of a element is reached
|
144
|
-
#
|
145
|
-
# @param text
|
146
|
-
def on_characters(text)
|
147
|
-
if @vals[@tag] == nil then
|
148
|
-
@vals[@tag] = text
|
149
|
-
else
|
150
|
-
@vals[@tag] << text
|
151
|
-
end
|
152
|
-
end
|
153
|
-
|
154
|
-
# Called when the end of the xml element is reached
|
155
|
-
#
|
156
|
-
# @param element
|
157
|
-
def on_end_element(element)
|
158
|
-
@tag = nil
|
159
|
-
case element
|
160
|
-
when "policyName"
|
161
|
-
@policy.attributes = {
|
162
|
-
:name => @vals["policyName"]
|
163
|
-
}
|
164
|
-
|
165
|
-
@policy.save
|
166
|
-
when "policyComments"
|
167
|
-
@policy.attributes = {
|
168
|
-
:comments => @vals["policyComments"]
|
169
|
-
}
|
170
|
-
|
171
|
-
@policy.save
|
172
|
-
when "preference"
|
173
|
-
@sp.attributes = {
|
174
|
-
:name => @vals["name"],
|
175
|
-
:value => @vals["value"]
|
176
|
-
}
|
177
|
-
@sp.save
|
178
|
-
|
179
|
-
#This takes a really long time, there is about 34,000 pluginIDs in this
|
180
|
-
#field and it takes about 36 minutes to parse just this info =\
|
181
|
-
#lets prepopulate the plugins table with the known pluginid's
|
182
|
-
#if @vals["name"] == "plugin_set"
|
183
|
-
# @all_plugins = @vals["value"].split(";")
|
184
|
-
#
|
185
|
-
# @all_plugins.each { |p|
|
186
|
-
# @plug = Plugin.find_or_create_by_id(p)
|
187
|
-
# @plug.save
|
188
|
-
# }
|
189
|
-
#end
|
190
|
-
when "item"
|
191
|
-
@item.attributes = {
|
192
|
-
:plugin_name => @vals["pluginName"],
|
193
|
-
:plugin_id => @vals["pluginId"],
|
194
|
-
:fullname => @vals["fullName"],
|
195
|
-
:preference_name => @vals["preferenceName"],
|
196
|
-
:preference_type => @vals["preferenceType"],
|
197
|
-
:preference_values => @vals["preferenceValues"],
|
198
|
-
:selected_values => @vals["selectedValue"]
|
199
|
-
}
|
200
|
-
|
201
|
-
@item.save
|
202
|
-
when "FamilyItem"
|
203
|
-
@family.attributes = {
|
204
|
-
:family_name => @vals["FamilyName"],
|
205
|
-
:status => @vals["Status"]
|
206
|
-
}
|
207
|
-
|
208
|
-
@family.save
|
209
|
-
when "PluginItem"
|
210
|
-
@plugin_selection.attributes = {
|
211
|
-
:plugin_id => @vals["PluginId"],
|
212
|
-
:plugin_name => @vals["PluginName"],
|
213
|
-
:family => @vals["Family"],
|
214
|
-
:status => @vals["Status"]
|
215
|
-
}
|
216
|
-
|
217
|
-
@plugin_selection.save
|
218
|
-
when "tag"
|
219
|
-
@rh.attributes = {@valid_host_properties[@attr] => @vals["tag"].gsub("\n", ",") } if @valid_host_properties.keys.include?(@attr)
|
220
|
-
@rh.save
|
221
|
-
#We cannot handle the references in the same block as the rest of the ReportItem tag because
|
222
|
-
#there tends to be more than of the different types of reference per ReportItem, this causes issue for a sax
|
223
|
-
#parser. To solve this we do the references before the final plugin data
|
224
|
-
when "cve"
|
225
|
-
@cve = @plugin.references.create
|
226
|
-
@cve.reference_name = "cve"
|
227
|
-
@cve.value = @vals["cve"]
|
228
|
-
@cve.save
|
229
|
-
when "bid"
|
230
|
-
@bid = @plugin.references.create
|
231
|
-
@bid.reference_name = "bid"
|
232
|
-
@bid.value = @vals["bid"]
|
233
|
-
@bid.save
|
234
|
-
when "see_also"
|
235
|
-
@see_also = @plugin.references.create
|
236
|
-
@see_also.reference_name = "see_also"
|
237
|
-
@see_also.value = @vals["see_also"]
|
238
|
-
@see_also.save
|
239
|
-
when "xref"
|
240
|
-
@xref = @plugin.references.create
|
241
|
-
@xref.reference_name = "xref"
|
242
|
-
@xref.value = @vals["xref"]
|
243
|
-
@xref.save
|
244
|
-
when "ReportItem"
|
245
|
-
@ri.plugin_output = @vals["plugin_output"]
|
246
|
-
@ri.save
|
247
|
-
|
248
|
-
@plugin.attributes = {
|
249
|
-
:solution => @vals["solution"],
|
250
|
-
:risk_factor => @vals["risk_factor"],
|
251
|
-
:description => @vals["description"],
|
252
|
-
:plugin_publication_date => @vals["plugin_publication_date"],
|
253
|
-
:synopsis => @vals["synopsis"],
|
254
|
-
:plugin_type => @vals["plugin_type"],
|
255
|
-
:cvss_vector => @vals["cvss_vector"],
|
256
|
-
:cvss_base_score => @vals["cvss_base_score"],
|
257
|
-
:vuln_publication_date => @vals["vuln_publication_date"],
|
258
|
-
:plugin_version => @vals["plugin_version"],
|
259
|
-
:cvss_temporal_score => @vals["cvss_temporal_score"],
|
260
|
-
:cvss_temporal_vector => @vals["cvss_temporal_vector"],
|
261
|
-
:exploitability_ease => @vals["exploitability_ease"],
|
262
|
-
:exploit_framework_core => @vals["exploit_framework_core"],
|
263
|
-
:exploit_available => @vals["exploit_available"],
|
264
|
-
:exploit_framework_metasploit => @vals["exploit_framework_metasploit"],
|
265
|
-
:metasploit_name => @vals["metasploit_name"],
|
266
|
-
:exploit_framework_canvas => @vals["exploit_framework_canvas"],
|
267
|
-
:canvas_package => @vals["canvas_package"],
|
268
|
-
:cpe => @vals["cpe"]
|
269
|
-
}
|
270
|
-
@plugin.save
|
271
|
-
end
|
272
|
-
end
|
273
|
-
end
|
274
|
-
end
|