risu 1.5.0 → 1.5.1
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile.ci +2 -5
- data/KNOWNISSUES.markdown +12 -11
- data/LICENSE +11 -11
- data/NEWS.markdown +43 -8
- data/README.markdown +36 -32
- data/Rakefile +29 -9
- data/TODO.markdown +150 -77
- data/bin/risu +26 -0
- data/lib/risu.rb +27 -1
- data/lib/risu/base.rb +26 -0
- data/lib/risu/base/prawn_templater.rb +36 -8
- data/lib/risu/base/schema.rb +199 -163
- data/lib/risu/base/template_base.rb +34 -7
- data/lib/risu/base/template_manager.rb +37 -37
- data/lib/risu/base/templater.rb +36 -9
- data/lib/risu/cli.rb +26 -0
- data/lib/risu/cli/application.rb +72 -39
- data/lib/risu/cli/banner.rb +47 -21
- data/lib/risu/exceptions.rb +26 -0
- data/lib/risu/exceptions/invaliddocument.rb +30 -1
- data/lib/risu/models.rb +26 -0
- data/lib/risu/models/familyselection.rb +28 -2
- data/lib/risu/models/host.rb +59 -2
- data/lib/risu/models/individualpluginselection.rb +26 -1
- data/lib/risu/models/item.rb +132 -79
- data/lib/risu/models/patch.rb +26 -1
- data/lib/risu/models/plugin.rb +28 -2
- data/lib/risu/models/pluginspreference.rb +26 -2
- data/lib/risu/models/policy.rb +27 -2
- data/lib/risu/models/reference.rb +81 -20
- data/lib/risu/models/report.rb +33 -8
- data/lib/risu/models/serverpreference.rb +26 -1
- data/lib/risu/models/servicedescription.rb +26 -1
- data/lib/risu/models/version.rb +26 -1
- data/lib/risu/parsers.rb +29 -0
- data/lib/risu/parsers/nessus/nessus_document.rb +47 -14
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +45 -16
- data/lib/risu/parsers/nexpose/nexpose_document.rb +91 -0
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +108 -0
- data/lib/risu/renderers.rb +26 -0
- data/lib/risu/renderers/nilrenderer.rb +30 -4
- data/lib/risu/templates/assets.rb +36 -10
- data/lib/risu/templates/cover_sheet.rb +34 -8
- data/lib/risu/templates/exec_summary.rb +45 -19
- data/lib/risu/templates/executive_summary.rb +37 -11
- data/lib/risu/templates/finding_statistics.rb +33 -7
- data/lib/risu/templates/findings_host.rb +44 -18
- data/lib/risu/templates/findings_summary.rb +43 -17
- data/lib/risu/templates/findings_summary_with_pluginid.rb +60 -18
- data/lib/risu/templates/graphs.rb +30 -0
- data/lib/risu/templates/host_summary.rb +34 -8
- data/lib/risu/templates/ms_patch_summary.rb +35 -9
- data/lib/risu/templates/ms_update_summary.rb +34 -8
- data/lib/risu/templates/ms_wsus_findings.rb +99 -0
- data/lib/risu/templates/notable.rb +39 -13
- data/lib/risu/templates/notable_detailed.rb +42 -16
- data/lib/risu/templates/pci_compliance.rb +40 -14
- data/lib/risu/templates/stig_findings_summary.rb +62 -36
- data/lib/risu/templates/technical_findings.rb +29 -3
- data/lib/risu/templates/template.rb +35 -9
- data/risu.gemspec +28 -7
- metadata +94 -101
@@ -1,9 +1,34 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
1
27
|
module Risu
|
2
28
|
module Models
|
3
29
|
|
4
30
|
# Service Description Model; Use for creating generic text for service descriptions
|
5
31
|
#
|
6
|
-
# @author Jacob Hammack
|
7
32
|
class ServiceDescription < ActiveRecord::Base
|
8
33
|
end
|
9
34
|
end
|
data/lib/risu/models/version.rb
CHANGED
@@ -1,9 +1,34 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
1
27
|
module Risu
|
2
28
|
module Models
|
3
29
|
|
4
30
|
# Version Model for the DB
|
5
31
|
#
|
6
|
-
# @author Jacob Hammack
|
7
32
|
class Version < ActiveRecord::Base
|
8
33
|
end
|
9
34
|
end
|
data/lib/risu/parsers.rb
CHANGED
@@ -1,3 +1,29 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
1
27
|
module Risu
|
2
28
|
module Parsers
|
3
29
|
end
|
@@ -5,3 +31,6 @@ end
|
|
5
31
|
|
6
32
|
require 'risu/parsers/nessus/nessus_document'
|
7
33
|
require 'risu/parsers/nessus/nessus_sax_listener'
|
34
|
+
|
35
|
+
require 'risu/parsers/nexpose/nexpose_document'
|
36
|
+
require 'risu/parsers/nexpose/simple_nexpose'
|
@@ -1,4 +1,28 @@
|
|
1
|
-
#
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
2
26
|
|
3
27
|
module Risu
|
4
28
|
module Parsers
|
@@ -18,21 +42,30 @@ module Risu
|
|
18
42
|
#
|
19
43
|
# @return [Boolean] True if valid, False if invalid
|
20
44
|
def valid?
|
45
|
+
parser = nil
|
46
|
+
|
21
47
|
if File.exist?(@document)
|
22
|
-
|
23
|
-
|
48
|
+
parser = LibXML::XML::Parser.file @document
|
49
|
+
elsif @document.class == "String"
|
50
|
+
parser = LibXML::XML::Parser.string @document
|
51
|
+
else
|
52
|
+
return false
|
53
|
+
end
|
24
54
|
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
55
|
+
if parser == nil
|
56
|
+
return false
|
57
|
+
end
|
58
|
+
|
59
|
+
doc = parser.parse
|
60
|
+
|
61
|
+
if doc.root.name == nil
|
62
|
+
return false
|
63
|
+
end
|
64
|
+
|
65
|
+
if doc.root.name == "NessusClientData_v2"
|
66
|
+
return true
|
67
|
+
elsif doc.root.name == "NessusClientData"
|
68
|
+
return false
|
36
69
|
else
|
37
70
|
return false
|
38
71
|
end
|
@@ -1,3 +1,29 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
1
27
|
require 'risu'
|
2
28
|
|
3
29
|
ActiveRecord::Migration.verbose = false
|
@@ -5,7 +31,7 @@ ActiveRecord::Migration.verbose = false
|
|
5
31
|
module Risu
|
6
32
|
module Parsers
|
7
33
|
module Nessus
|
8
|
-
|
34
|
+
|
9
35
|
# NessusSaxListener
|
10
36
|
#
|
11
37
|
# @author Jacob Hammack <jacob.hammack@hammackj.com>
|
@@ -16,11 +42,13 @@ module Risu
|
|
16
42
|
#
|
17
43
|
def initialize
|
18
44
|
@vals = Hash.new
|
19
|
-
|
45
|
+
|
20
46
|
@valid_references = Array[
|
21
|
-
"cpe", "bid", "see_also", "xref", "cve", "iava", "msft",
|
22
|
-
"osvdb", "cert", "edb-id", "rhsa", "secunia", "suse", "dsa",
|
23
|
-
"owasp", "cwe"
|
47
|
+
"cpe", "bid", "see_also", "xref", "cve", "iava", "msft",
|
48
|
+
"osvdb", "cert", "edb-id", "rhsa", "secunia", "suse", "dsa",
|
49
|
+
"owasp", "cwe", "iadb", "iavt", "cisco-sa", "ics-alert",
|
50
|
+
"cisco-bug-id", "cisco-sr"
|
51
|
+
]
|
24
52
|
|
25
53
|
@valid_elements = Array["ReportItem", "plugin_version", "risk_factor",
|
26
54
|
"description", "cvss_base_score", "solution", "item", "plugin_output", "tag", "synopsis", "plugin_modification_date",
|
@@ -31,12 +59,12 @@ module Risu
|
|
31
59
|
"Report", "Family", "Preferences", "PluginsPreferences", "FamilySelection", "IndividualPluginSelection", "PluginId",
|
32
60
|
"pci-dss-compliance", "exploitability_ease", "cvss_temporal_vector", "exploit_framework_core", "cvss_temporal_score",
|
33
61
|
"exploit_available", "metasploit_name", "exploit_framework_canvas", "canvas_package", "exploit_framework_metasploit",
|
34
|
-
"plugin_type", "exploithub_sku", "exploit_framework_exploithub", "stig_severity", "plugin_name", "fname",
|
35
|
-
|
36
|
-
|
62
|
+
"plugin_type", "exploithub_sku", "exploit_framework_exploithub", "stig_severity", "plugin_name", "fname", "always_run"
|
63
|
+
]
|
64
|
+
|
37
65
|
@valid_elements = @valid_elements + @valid_references
|
38
|
-
|
39
|
-
# This makes adding new host properties really easy, except for the
|
66
|
+
|
67
|
+
# This makes adding new host properties really easy, except for the
|
40
68
|
#MS patch numbers, this are handled differently.
|
41
69
|
@valid_host_properties = {
|
42
70
|
"HOST_END" => :end,
|
@@ -69,7 +97,7 @@ module Risu
|
|
69
97
|
"pcidss:unprotected_mssql_db" => :pcidss_unprotected_mssql_db,
|
70
98
|
"pcidss:obsolete_software" => :pcidss_obsolete_software,
|
71
99
|
"pcidss:www:sql_injection" => :pcidss_www_sql_injection,
|
72
|
-
"
|
100
|
+
"pcidss:backup_files" => :pcidss_backup_files
|
73
101
|
}
|
74
102
|
end
|
75
103
|
|
@@ -112,8 +140,8 @@ module Risu
|
|
112
140
|
when "tag"
|
113
141
|
@attr = nil
|
114
142
|
|
115
|
-
if attributes["name"] =~ /[M|m][S|s]\d{2}-\d{2,}/
|
116
|
-
@attr = if attributes["name"] =~ /[M|m][S|s]\d{2}-\d{2,}/
|
143
|
+
if attributes["name"] =~ /[M|m][S|s]\d{2,}-\d{2,}/
|
144
|
+
@attr = if attributes["name"] =~ /[M|m][S|s]\d{2,}-\d{2,}/
|
117
145
|
attributes["name"]
|
118
146
|
else
|
119
147
|
nil
|
@@ -236,7 +264,7 @@ module Risu
|
|
236
264
|
end if @attr != nil
|
237
265
|
#We cannot handle the references in the same block as the rest of the ReportItem tag because
|
238
266
|
#there tends to be more than of the different types of reference per ReportItem, this causes issue for a sax
|
239
|
-
#parser. To solve this we do the references before the final plugin data, Valid references must be added
|
267
|
+
#parser. To solve this we do the references before the final plugin data, Valid references must be added
|
240
268
|
#the @valid_reference array at the top to be parsed.
|
241
269
|
# *@valid_reference, does a 'when' on each element of the @valid_references array, pure magic
|
242
270
|
when *@valid_references
|
@@ -254,7 +282,7 @@ module Risu
|
|
254
282
|
:risk_factor => @vals["risk_factor"],
|
255
283
|
:description => @vals["description"],
|
256
284
|
:plugin_publication_date => @vals["plugin_publication_date"],
|
257
|
-
:plugin_modification_date => @vals["plugin_modification_date"],
|
285
|
+
:plugin_modification_date => @vals["plugin_modification_date"],
|
258
286
|
:synopsis => @vals["synopsis"],
|
259
287
|
:plugin_type => @vals["plugin_type"],
|
260
288
|
:cvss_vector => @vals["cvss_vector"],
|
@@ -273,7 +301,8 @@ module Risu
|
|
273
301
|
:exploit_framework_exploithub => @vals["exploit_framework_exploithub"],
|
274
302
|
:exploithub_sku => @vals["exploithub_sku"],
|
275
303
|
:stig_severity => @vals["stig_severity"],
|
276
|
-
:fname => @vals["fname"]
|
304
|
+
:fname => @vals["fname"],
|
305
|
+
:always_run => @vals["always_run"]
|
277
306
|
}
|
278
307
|
@plugin.save
|
279
308
|
end
|
@@ -0,0 +1,91 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Parsers
|
29
|
+
module Nexpose
|
30
|
+
# A Object to represent the Nexpose xml file in memory
|
31
|
+
#
|
32
|
+
# @author Jacob Hammack <jacob.hammack@hammackj.com>
|
33
|
+
class NexposeDocument
|
34
|
+
|
35
|
+
# Creates a instance of the NexposeDocument class
|
36
|
+
#
|
37
|
+
def initialize document
|
38
|
+
@document = document
|
39
|
+
end
|
40
|
+
|
41
|
+
# Checks the validness of a Nexpose
|
42
|
+
#
|
43
|
+
# @return [Boolean] True if valid, False if invalid
|
44
|
+
def valid?
|
45
|
+
if File.exist?(@document)
|
46
|
+
@parser = LibXML::XML::Parser.file @document
|
47
|
+
doc = @parser.parse
|
48
|
+
|
49
|
+
if doc.root.name == nil
|
50
|
+
return false
|
51
|
+
end
|
52
|
+
|
53
|
+
if doc.root.name == "NeXposeSimpleXML"
|
54
|
+
return true
|
55
|
+
else
|
56
|
+
return false
|
57
|
+
end
|
58
|
+
else
|
59
|
+
return false
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
# Invokes the SAX parser on the XML document
|
64
|
+
#
|
65
|
+
def parse
|
66
|
+
@parser = LibXML::XML::SaxParser.file @document
|
67
|
+
@parser.callbacks = SimpleNexpose.new
|
68
|
+
@parser.parse
|
69
|
+
end
|
70
|
+
|
71
|
+
# Fixes the ip field if nil and replaces it with the name if its an ip
|
72
|
+
#
|
73
|
+
def fix_ips
|
74
|
+
@hosts = Host.all
|
75
|
+
|
76
|
+
@hosts.each do |host|
|
77
|
+
if host.ip == nil
|
78
|
+
begin
|
79
|
+
ip = IPAddr.new host.name
|
80
|
+
host.ip = ip.to_string
|
81
|
+
host.save
|
82
|
+
rescue ArgumentError => ae
|
83
|
+
next
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -0,0 +1,108 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
require 'risu'
|
28
|
+
|
29
|
+
ActiveRecord::Migration.verbose = false
|
30
|
+
|
31
|
+
module Risu
|
32
|
+
module Parsers
|
33
|
+
module Nexpose
|
34
|
+
class SimpleNexpose
|
35
|
+
include LibXML::XML::SaxParser::Callbacks
|
36
|
+
|
37
|
+
#
|
38
|
+
#
|
39
|
+
def initialize
|
40
|
+
@vals = Hash.new
|
41
|
+
|
42
|
+
@valid_fingerprints = {
|
43
|
+
"description" => :os,
|
44
|
+
"vendor" => nil,
|
45
|
+
"family" => nil,
|
46
|
+
"product" => nil,
|
47
|
+
"version" => nil,
|
48
|
+
"device-class" => :system_type,
|
49
|
+
"architecture" => nil
|
50
|
+
}
|
51
|
+
|
52
|
+
@report = Report.create
|
53
|
+
end
|
54
|
+
|
55
|
+
#
|
56
|
+
#
|
57
|
+
def on_start_element(element, attributes)
|
58
|
+
@tag = element
|
59
|
+
@vals[@tag] = ""
|
60
|
+
puts element
|
61
|
+
|
62
|
+
case element
|
63
|
+
when "device"
|
64
|
+
@in_device = true
|
65
|
+
@rh = @report.hosts.create
|
66
|
+
@rh.name = attributes["address"]
|
67
|
+
@rh.ip = attributes["address"]
|
68
|
+
@rh.save
|
69
|
+
when "fingerprint"
|
70
|
+
@in_fingerprint = true
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
74
|
+
|
75
|
+
# Called when the inner text of a element is reached
|
76
|
+
#
|
77
|
+
# @param text
|
78
|
+
def on_characters(text)
|
79
|
+
if @vals[@tag] == nil then
|
80
|
+
@vals[@tag] = text
|
81
|
+
else
|
82
|
+
@vals[@tag] << text
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
# Called when the end of the xml element is reached
|
87
|
+
#
|
88
|
+
# @param element
|
89
|
+
def on_end_element(element)
|
90
|
+
@tag = nil
|
91
|
+
case element
|
92
|
+
when "device"
|
93
|
+
@in_device = false
|
94
|
+
when "description"
|
95
|
+
if @in_device && @in_fingerprint
|
96
|
+
@rh.attributes = { @valid_fingerprints[element] => @vals[element].gsub("\n", ",") } if @valid_fingerprints.keys.include?(element)
|
97
|
+
@rh.save
|
98
|
+
end
|
99
|
+
when "fingerprint"
|
100
|
+
@in_fingerprint = false
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|