risu 1.4.4 → 1.4.5

data/lib/risu/templates/technical_findings.rb

@@ -1,116 +1,142 @@
-text Report.classification, :align => :center
-text "\n"
-
-font_size(22) { text Report.title, :align => :center }
-font_size(18) {
-	text "High and Medium Findings", :align => :center
-	text "\n"
-	text "This report was prepared by\n#{Report.author}", :align => :center
-}
-
-text "\n\n\n"
-
-#@todo Revamping blacklisting in 1.3
-#blacklist_ip = "-"
-#blacklist_host_id = Host.where(:ip => blacklist_ip)
-#.where("host_id != (?)", blacklist_host_id)
-
-unique_risks = Array.new
-unique_risks << Hash[:title => "High Findings", :color => "FF0000", :values => Item.high_risks_unique]
-unique_risks << Hash[:title => "Medium Findings", :color => "FF8040", :values => Item.medium_risks_unique]
-
-unique_risks.each do |h|
-	if h[:values].length > 1
-		font_size(20) {
-			fill_color h[:color]
-			text h[:title], :style => :bold
-			fill_color "000000"
-			}
-
-		text "\n"
-
-		h[:values].each do |f|
-
-			hosts = Item.where(:plugin_id => f.plugin_id)
-			plugin = Plugin.find_by_id(f.plugin_id)
-
-			#Check if vuln is just on the blacklisted
-			#if hosts.count == 1
-			# if hosts.first.host_id == blacklist_host_id.first.id
-			#		next
-			# end
-			#end
-
-
-			references = Reference.where(:plugin_id => plugin.id).group(:value).order(:reference_name)
-
-			font_size(16) { text "#{plugin.plugin_name}\n" }
-
-			if hosts.length > 1
-				text "Hosts", :style => :bold
-			else
-				text "Host", :style => :bold
-			end
-
-			hostlist = Array.new
-			hosts.each do |host|
-				h = Host.find_by_id(host.host_id)
-				#if h.id != blacklist_host_id.first.id
-					hostlist << h.name
-				#end
-			end
-
-			text hostlist.join(', ')
-
-			if f.plugin_output != nil
-				text "\nPlugin output", :style => :bold
-				text f.plugin_output
-			end
-
-			if plugin.description != nil
-				text "\nDescription", :style => :bold
-				text plugin.description
-			end
-
-			if plugin.synopsis != nil
-				text "\nSynopsis", :style => :bold
-				text plugin.synopsis
-			end
-
-			if plugin.cvss_base_score != nil
-				text "\nCVSS Base Score", :style => :bold
-				text plugin.cvss_base_score
+module Risu
+	module Modules
+		class TechnicalFindings < Risu::Base::TemplateBase
+
+			#
+			#
+			def initialize ()
+				@template_info =
+				{
+					:name => "technical_findings",
+					:author => "hammackj",
+					:version => "0.0.1",
+					:description => "Generates a Technical Findings Report"
+				}
 			end
 
-			if plugin.exploit_available != nil
-				text "\nExploit Available", :style => :bold
+			#
+			#
+			def render(output)
+				output.text Report.classification, :align => :center
+				output.text "\n"
+
+				output.font_size(22) { output.text Report.title, :align => :center }
+				output.font_size(18) {
+					output.text "High and Medium Findings", :align => :center
+					output.text "\n"
+					output.text "This report was prepared by\n#{Report.author}", :align => :center
+				}
 
-				if plugin.exploit_available == "true"
-					text "Yes"
-				else
-					text "No"
+				output.text "\n\n\n"
+
+				#@todo Revamping blacklisting in 1.3
+				#blacklist_ip = "-"
+				#blacklist_host_id = Host.where(:ip => blacklist_ip)
+				#.where("host_id != (?)", blacklist_host_id)
+
+				unique_risks = Array.new
+				unique_risks << Hash[:title => "High Findings", :color => "FF0000", :values => Item.high_risks_unique]
+				unique_risks << Hash[:title => "Medium Findings", :color => "FF8040", :values => Item.medium_risks_unique]
+
+				unique_risks.each do |h|
+					if h[:values].length > 1
+						output.font_size(20) do
+							output.fill_color h[:color]
+							output.text h[:title], :style => :bold
+							output.fill_color "000000"
+						end
+
+						output.text "\n"
+
+						h[:values].each do |f|
+
+							hosts = Item.where(:plugin_id => f.plugin_id)
+							plugin = Plugin.find_by_id(f.plugin_id)
+
+							#Check if vuln is just on the blacklisted
+							#if hosts.count == 1
+							# if hosts.first.host_id == blacklist_host_id.first.id
+							#		next
+							# end
+							#end
+
+
+							references = Reference.where(:plugin_id => plugin.id).group(:value).order(:reference_name)
+
+							output.font_size(16) do
+								output.text "#{plugin.plugin_name}\n"
+							end
+
+							if hosts.length > 1
+								output.text "Hosts", :style => :bold
+							else
+								output.text "Host", :style => :bold
+							end
+
+							hostlist = Array.new
+							hosts.each do |host|
+								h = Host.find_by_id(host.host_id)
+								#if h.id != blacklist_host_id.first.id
+									hostlist << h.name
+								#end
+							end
+
+							output.text hostlist.join(', ')
+
+							if f.plugin_output != nil
+								output.text "\nPlugin output", :style => :bold
+								output.text f.plugin_output
+							end
+
+							if plugin.description != nil
+								output.text "\nDescription", :style => :bold
+								output.text plugin.description
+							end
+
+							if plugin.synopsis != nil
+								output.text "\nSynopsis", :style => :bold
+								output.text plugin.synopsis
+							end
+
+							if plugin.cvss_base_score != nil
+								output.text "\nCVSS Base Score", :style => :bold
+								output.text plugin.cvss_base_score
+							end
+
+							if plugin.exploit_available != nil
+								output.text "\nExploit Available", :style => :bold
+
+								if plugin.exploit_available == "true"
+									output.text "Yes"
+								else
+									output.text "No"
+								end
+							end
+
+							if plugin.solution != nil
+								output.text "\nSolution", :style => :bold
+								output.text plugin.solution
+							end
+
+							if references.size != 0
+								output.text "\nReferences", :style => :bold
+								references.each do |ref|
+									ref_text = sprintf "%s: %s\n", ref.reference_name, ref.value
+									output.text ref_text
+								end
+								output.text "\nNessus Plugin", :style => :bold
+								output.text "http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{f.plugin_id}"
+							end
+								output.text "\n"
+						end
+					end
+
+					output.start_new_page unless h[:values] == nil
 				end
-			end
 
-			if plugin.solution != nil
-				text "\nSolution", :style => :bold
-				text plugin.solution
-			end
+				output.number_pages "<page> of <total>", :at => [output.bounds.right - 75, 0], :width => 150, :page_filter => :all
 
-			if references.size != 0
-				text "\nReferences", :style => :bold
-				references.each { |ref|
-					ref_text = sprintf "%s: %s\n", ref.reference_name, ref.value
-					text ref_text
-				}
-				text "\nNessus Plugin", :style => :bold
-				text "http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{f.plugin_id}"
 			end
-				text "\n"
 		end
 	end
-
-	start_new_page unless h[:values] == nil
 end
-
-number_pages "<page> of <total>", :at => [bounds.right - 75, 0], :width => 150, :page_filter => :all

data/lib/risu/templates/template.rb

@@ -0,0 +1,24 @@
+module Risu
+	module Modules
+		class Template < Risu::Base::TemplateBase
+			
+			#
+			#
+			def initialize ()
+				@template_info = 
+				{ 
+					:name => "template", 
+					:author => "hammackj", 
+					:version => "0.0.1", 
+					:description => "template"
+				}
+			end
+			
+			#
+			#
+			def render(output)
+			end
+		end
+	end
+end
+

metadata

@@ -2,7 +2,7 @@
 name: risu
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 1.4.4
+  version: 1.4.5
 platform: ruby
 authors: 
 - Jacob Hammack
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-05-27 00:00:00 -05:00
+date: 2011-07-04 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -175,12 +175,17 @@ files:
 - Rakefile
 - README.markdown
 - TODO.markdown
+- lib/risu/base/prawn_templater.rb
+- lib/risu/base/schema.rb
+- lib/risu/base/template_base.rb
+- lib/risu/base/template_manager.rb
+- lib/risu/base/templater.rb
+- lib/risu/base.rb
 - lib/risu/cli/application.rb
 - lib/risu/cli/banner.rb
 - lib/risu/cli.rb
 - lib/risu/exceptions/invaliddocument.rb
 - lib/risu/exceptions.rb
-- lib/risu/listener.rb
 - lib/risu/models/familyselection.rb
 - lib/risu/models/host.rb
 - lib/risu/models/individualpluginselection.rb
@@ -191,12 +196,12 @@ files:
 - lib/risu/models/reference.rb
 - lib/risu/models/report.rb
 - lib/risu/models/serverpreference.rb
+- lib/risu/models/servicedescription.rb
 - lib/risu/models/version.rb
 - lib/risu/models.rb
-- lib/risu/nessusdocument.rb
+- lib/risu/parsers/nessus/nessus_document.rb
+- lib/risu/parsers/nessus/nessus_sax_listener.rb
 - lib/risu/parsers.rb
-- lib/risu/prawn_templater.rb
-- lib/risu/schema.rb
 - lib/risu/templates/assets.rb
 - lib/risu/templates/cover_sheet.rb
 - lib/risu/templates/data/nessuslogo.jpg
@@ -212,6 +217,7 @@ files:
 - lib/risu/templates/ms_update_summary.rb
 - lib/risu/templates/pci_compliance.rb
 - lib/risu/templates/technical_findings.rb
+- lib/risu/templates/template.rb
 - lib/risu.rb
 - risu.gemspec
 - bin/risu

data/lib/risu/listener.rb

@@ -1,274 +0,0 @@
-# encoding: utf-8
-
-require 'risu'
-
-module Risu
-
-	# NessusSaxListener
-	#
-	#
-	# @author Jacob Hammack <jacob.hammack@hammackj.com>
-	class NessusSaxListener
-		include LibXML::XML::SaxParser::Callbacks
-
-		# Sets up a array of all valid xml fields
-		#
-		#
-		def initialize
-			@vals = Hash.new
-
-			@valid_elements = Array["see_also", "cve", "ReportItem", "xref", "bid", "plugin_version", "risk_factor",
-				"description", "cvss_base_score", "solution", "item", "plugin_output", "tag", "synopsis", "plugin_modification_date",
-				"FamilyName", "FamilyItem", "Status", "vuln_publication_date", "ReportHost", "HostProperties", "preferenceName",
-				"preferenceValues", "preferenceType", "fullName", "pluginId", "pluginName", "selectedValue", "selectedValue",
-				"name", "value", "preference", "plugin_publication_date", "cvss_vector", "patch_publication_date",
-				"NessusClientData_v2", "Policy", "PluginName", "ServerPreferences", "policyComments", "policyName", "PluginItem",
-				"Report", "Family", "Preferences", "PluginsPreferences", "FamilySelection", "IndividualPluginSelection", "PluginId",
-				"pci-dss-compliance", "exploitability_ease", "cvss_temporal_vector", "exploit_framework_core", "cvss_temporal_score",
-				"exploit_available", "metasploit_name", "exploit_framework_canvas", "canvas_package", "exploit_framework_metasploit",
-				"plugin_type", "cpe"]
-
-				# This makes adding new host properties really easy.
-				@valid_host_properties = {
-					"HOST_END" => :end ,
-					"mac-address" => :mac ,
-					"HOST_START" => :start ,
-					"operating-system" => :os,
-					"host-ip" => :ip ,
-					"host-fqdn" => :fqdn ,
-					"netbios-name" => :netbios ,
-					"local-checks-proto" => :local_checks_proto ,
-					"smb-login-used" => :smb_login_used ,
-					"ssh-auth-meth" => :ssh_auth_meth ,
-					"ssh-login-used" => :ssh_login_used ,
-					"pci-dss-compliance" => :pci_dss_compliance ,
-					"pci-dss-compliance:" => :pci_dss_compliance_ ,
-					"pcidss:compliance:failed" => :pcidss_compliance_failed,
-					"pcidss:compliance:passed" => :pcidss_compliance_passed,
-					"pcidss:deprecated_ssl" => :pcidss_deprecated_ssl,
-					"pcidss:expired_ssl_certificate" => :pcidss_expired_ssl_certificate,
-					"pcidss:high_risk_flaw" => :pcidss_high_risk_flaw,
-					"pcidss:medium_risk_flaw" => :pcidss_medium_risk_flaw,
-					"pcidss:reachable_db" => :pcidss_reachable_db,
-					"pcidss:www:xss" => :pcidss_www_xss
-				}
-				
-				@valid_ms_patches = {
-					"MS11-030" => :ms11_030,
-					"MS11-026" => :ms11_026, 
-					"MS11-034" => :ms11_034, 
-					"MS11-021" => :ms11_021, 
-					"MS11-029" => :ms11_029, 
-					"MS11-023" => :ms11_023, 
-					"MS11-022" => :ms11_022, 
-					"MS09-027" => :ms09_027,
-					"MS11-033" => :ms11_033, 
-					"MS11-019" => :ms11_019, 
-					"MS11-024" => :ms11_024, 
-					"MS11-031" => :ms11_031, 
-					"MS11-020" => :ms11_020, 
-					"MS11-018" => :ms11_018, 
-					"MS11-028" => :ms11_028, 
-					"MS11-032" => :ms11_032
-				}
-		end
-
-		# Callback for when the start of a xml element is reached
-		#
-		# @param element
-		# @param attributes
-		def on_start_element(element, attributes)
-			@tag = element
-			@vals[@tag] = ""
-
-			if !@valid_elements.include?(element)
-				puts "New XML element detected: #{element}. Please report this to #{Risu::EMAIL}"
-			end
-
-			case element
-				when "Policy"
-					@policy = Risu::Models::Policy.create
-					@policy.save
-				when "preference"
-					@sp = @policy.server_preferences.create
-					@sp.save
-				when "item"
-					@item = @policy.plugins_preferences.create
-					@item.save
-				when "FamilyItem"
-					@family = @policy.family_selections.create
-					@family.save
-				when "PluginItem"
-					@plugin_selection = @policy.individual_plugin_selections.create
-					@plugin_selection.save
-				when "Report"
-					@report = @policy.reports.create
-					@report.name = attributes["name"]
-					@report.save
-				when "ReportHost"
-					@rh = @report.hosts.create
-					@rh.name = attributes["name"]
-					@rh.save
-				when "tag"
-					unless attributes["name"] =~ /(MS\d\d-\d\d\d)/
-					    @attr = if @valid_host_properties.keys.include?(attributes["name"])
-					            attributes["name"]
-					        else
-					            nil
-					        end
-					    puts "New HostProperties attribute: #{attributes["name"]}. Please report this to jacob.hammack@hammackj.com\n" if @attr.nil?    
-					end
-				when "ReportItem"
-					@vals = Hash.new # have to clear this out or everything has the same references
-					@ri = @rh.items.create
-					if attributes["pluginID"] == "0"
-						@plugin = Risu::Models::Plugin.find_or_create_by_id(1)
-					else
-						@plugin = Risu::Models::Plugin.find_or_create_by_id(attributes["pluginID"])
-					end
-
-					@ri.port	= attributes["port"]
-					@ri.svc_name = attributes["svc_name"]
-					@ri.protocol = attributes["protocol"]
-					@ri.severity = attributes["severity"]
-
-					@ri.plugin_id = @plugin.id
-					@plugin.plugin_name = attributes["pluginName"]
-					@plugin.family_name = attributes["pluginFamily"]
-					@plugin.save
-					@ri.save
-			end
-		end
-
-		# Called when the inner text of a element is reached
-		#
-		# @param text
-		def on_characters(text)
-			if @vals[@tag] == nil then
-				@vals[@tag] = text
-			else
-				@vals[@tag] << text
-			end
-		end
-
-		# Called when the end of the xml element is reached
-		#
-		# @param element
-		def on_end_element(element)
-			@tag = nil
-			case element
-				when "policyName"
-					@policy.attributes = {
-						:name => @vals["policyName"]
-					}
-
-					@policy.save
-				when "policyComments"
-					@policy.attributes = {
-						:comments => @vals["policyComments"]
-					}
-
-					@policy.save
-				when "preference"
-					@sp.attributes = {
-						:name => @vals["name"],
-						:value => @vals["value"]
-					}
-					@sp.save
-
-					#This takes a really long time, there is about 34,000 pluginIDs in this
-					#field and it takes about 36 minutes to parse just this info =\
-					#lets prepopulate the plugins table with the known pluginid's
-					#if @vals["name"] == "plugin_set"
-					#	 @all_plugins = @vals["value"].split(";")
-					#
-					#	 @all_plugins.each { |p|
-					#			@plug = Plugin.find_or_create_by_id(p)
-					#			@plug.save
-					#	 }
-					#end
-				when "item"
-					@item.attributes = {
-						:plugin_name => @vals["pluginName"],
-						:plugin_id => @vals["pluginId"],
-						:fullname => @vals["fullName"],
-						:preference_name => @vals["preferenceName"],
-						:preference_type => @vals["preferenceType"],
-						:preference_values => @vals["preferenceValues"],
-						:selected_values => @vals["selectedValue"]
-					}
-
-					@item.save
-				when "FamilyItem"
-					@family.attributes = {
-						:family_name => @vals["FamilyName"],
-						:status => @vals["Status"]
-					}
-
-					@family.save
-				when "PluginItem"
-					@plugin_selection.attributes = {
-						:plugin_id => @vals["PluginId"],
-						:plugin_name => @vals["PluginName"],
-						:family => @vals["Family"],
-						:status => @vals["Status"]
-					}
-
-					@plugin_selection.save
-				when "tag"
-					@rh.attributes = {@valid_host_properties[@attr] => @vals["tag"].gsub("\n", ",") } if @valid_host_properties.keys.include?(@attr) 
-					@rh.save
-				#We cannot handle the references in the same block as the rest of the ReportItem tag because
-				#there tends to be more than of the different types of reference per ReportItem, this causes issue for a sax
-				#parser. To solve this we do the references before the final plugin data
-				when "cve"
-					@cve = @plugin.references.create
-					@cve.reference_name = "cve"
-					@cve.value = @vals["cve"]
-					@cve.save
-				when "bid"
-					@bid = @plugin.references.create
-					@bid.reference_name = "bid"
-					@bid.value = @vals["bid"]
-					@bid.save
-				when "see_also"
-					@see_also = @plugin.references.create
-					@see_also.reference_name = "see_also"
-					@see_also.value = @vals["see_also"]
-					@see_also.save
-				when "xref"
-					@xref = @plugin.references.create
-					@xref.reference_name = "xref"
-					@xref.value = @vals["xref"]
-					@xref.save
-				when "ReportItem"
-					@ri.plugin_output = @vals["plugin_output"]
-					@ri.save
-
-					@plugin.attributes = {
-						:solution => @vals["solution"],
-						:risk_factor => @vals["risk_factor"],
-						:description => @vals["description"],
-						:plugin_publication_date => @vals["plugin_publication_date"],
-						:synopsis => @vals["synopsis"],
-						:plugin_type => @vals["plugin_type"],
-						:cvss_vector => @vals["cvss_vector"],
-						:cvss_base_score => @vals["cvss_base_score"],
-						:vuln_publication_date => @vals["vuln_publication_date"],
-						:plugin_version => @vals["plugin_version"],
-						:cvss_temporal_score => @vals["cvss_temporal_score"],
-						:cvss_temporal_vector => @vals["cvss_temporal_vector"],
-						:exploitability_ease => @vals["exploitability_ease"],
-						:exploit_framework_core => @vals["exploit_framework_core"],
-						:exploit_available => @vals["exploit_available"],
-						:exploit_framework_metasploit => @vals["exploit_framework_metasploit"],
-						:metasploit_name => @vals["metasploit_name"],
-						:exploit_framework_canvas => @vals["exploit_framework_canvas"],
-						:canvas_package => @vals["canvas_package"],
-						:cpe => @vals["cpe"]
-					}
-					@plugin.save
-			end
-		end
-	end
-end