risu 1.5.3 → 1.6.0

data/lib/risu/base/templater.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -28,7 +28,6 @@ module Risu
 	module Base
 
 		# Templater class for generating a report from a ERB template
-		#
 		class Templater
 			attr_accessor :template, :template_manager, :findings, :output_file
 
@@ -43,16 +42,16 @@ module Risu
 			end
 
 			# Generates a report based on the ERB template
-			#
 			def generate
 				begin
 					template = @template
 					template_manager = @template_manager
 
 					Prawn::Document.generate(@output_file, :margin => [75, 50, 75, 50]) do |output|
-						output.font_size 12
+						output.font_size 10
 						t = template_manager.find_template_by_name(template)
 						t = t.class.new
+						t.output = output
 						t.render(output) unless t == nil
 					end
 				rescue => e

data/lib/risu/cli.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/cli/application.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -28,13 +28,11 @@ module Risu
 	module CLI
 
 		# Application class for Risu
-		#
 		class Application
 			include Risu::Base
 			attr_accessor :database
 
 			# Initializes a CLI Application
-			#
 			def initialize
 				@options = {}
 				@database = {}
@@ -146,7 +144,6 @@ module Risu
 
 			# Establishes an [ActiveRecord::Base] database connection
 			# @todo better comments
-			#
 			def db_connect
 				begin
 					if @database["adapter"] == nil
@@ -200,7 +197,6 @@ module Risu
 			# Starts a console and executes anything in a block sent to it
 			#
 			# @param block Code block to transfer control
-			#
 			def consolize &block
 
 				yield
@@ -222,12 +218,11 @@ module Risu
 				end
 			end
 
-			# Parses all the command line
-			#
+			# Parses all the command line options
 			def parse_options
 				begin
 					opts = OptionParser.new do |opt|
-						opt.banner =	"#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.hammackj.com\n\n"
+						opt.banner =	"#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.arxopia.com\n\n"
 						opt.banner << "Usage: #{APP_NAME} [options] [files_to_parse]"
 						opt.separator('')
 						opt.separator("Reporting Options")
@@ -335,7 +330,6 @@ module Risu
 
 			# Main Application loop, handles all of the command line arguments and
 			#parsing of files on the command line
-			#
 			def run
 				parse_options
 
@@ -419,7 +413,6 @@ module Risu
 			# Handles the parsing of a single file
 			#
 			# @param file The to parse
-			#
 			def parse_file file
 				begin
 						puts "[*] Parsing #{file}..."

data/lib/risu/cli/banner.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/exceptions.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/exceptions/invaliddocument.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/familyselection.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/host.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -42,7 +42,7 @@ module Risu
 				# if blacklist_host_id == nil
 				#		where("id != ?", blacklist_host_id).count
 				# else
-			 #		count
+			 	#	count
 				# end
 				#end
 
@@ -63,6 +63,20 @@ module Risu
 					return hosts
 				end
 
+				# Generates a list of hosts from the database
+				#
+				# @return [String] of hosts \n delimited
+				def ip_list
+					ips = Array.new
+					hosts = Host.where("ip is not NULL").order("ip").all
+
+					hosts.each do |host|
+						ips << host.ip if host.ip != nil
+					end
+
+					ips.join("\n")
+				end
+
 				# Queries for hosts with a Windows based Operating System
 				#
 				# @return [ActiveRecord::Relation] with the query results
@@ -196,10 +210,27 @@ module Risu
 					where("os LIKE '%Windows Server 2008%'")
 				end
 
+				# Negation query for all hosts with a Windows Server 2008 based Operating system
+				#
+				# @return [ActiveRecord::Relation] with the query results
 				def not_os_windows_2k8
 					where("os NOT LIKE '%Windows Server 2008%'")
 				end
 
+				# Queries for hosts with a Windows Server 2012 based Operating System
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def os_windows_2k12
+					where("os LIKE '%Windows Server 2012%'")
+				end
+
+				# Negation query for all hosts with a Windows Server 2012 based Operating system
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def not_os_windows_2k12
+					where("os NOT LIKE '%Windows Server 2012%'")
+				end
+
 				# Queries for hosts with a Windows 7 based Operating System
 				#
 				# @return [ActiveRecord::Relation] with the query results
@@ -214,12 +245,26 @@ module Risu
 					where("os NOT LIKE '%Windows 7%'")
 				end
 
+				# Queries for hosts with a Windows 8 based Operating System
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def os_windows_8
+					where("os LIKE '%Windows 8%'")
+				end
+
+				# Negation query for all hosts with a Windows 8 based Operating system
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def not_os_windows_8
+					where("os NOT LIKE '%Windows 8%'")
+				end				
+
 				# Queries for hosts with a Windows Operating System that are not 2000,
 				# XP, 2003, Vista, 2008 or 7
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def os_windows_other
-					not_os_windows_7.not_os_windows_2k8.not_os_windows_vista.not_os_windows_2k3.not_os_windows_xp.not_os_windows_2k.not_os_windows_nt
+					not_os_windows_2k12.not_os_windows_8.not_os_windows_7.not_os_windows_2k8.not_os_windows_vista.not_os_windows_2k3.not_os_windows_xp.not_os_windows_2k.not_os_windows_nt
 				end
 
 				# Queries for all hosts with a Linux based Operating system
@@ -422,7 +467,9 @@ module Risu
 					w2k3 = Host.os_windows_2k3.all.count
 					vista = Host.os_windows_vista.all.count
 					w2k8 = Host.os_windows_2k8.all.count
+					w2k12 = Host.os_windows_2k12.all.count
 					w7 = Host.os_windows_7.all.count
+					w8 = Host.os_windows_8.all.count
 					other = (Host.os_windows.os_windows_other).all.count
 
 					g.data("NT", nt) if nt >= 1
@@ -431,12 +478,15 @@ module Risu
 					g.data("Server 2003", w2k3) if w2k3 >= 1
 					g.data("Vista", vista) if vista >= 1
 					g.data("Server 2008", w2k8) if w2k8 >= 1
+					g.data("Server 2012", w2k12) if w2k12 >= 1
 					g.data("7", w7) if w7 >= 1
+					g.data("8", w8) if w8 >= 1					
 					g.data("Other Windows", other) if other >= 1
 
 					StringIO.new(g.to_blob)
 				end
 
+				#
 				#@todo comment
 				#
 				def windows_os_graph_text
@@ -446,10 +496,12 @@ module Risu
 					w2k3 = Host.os_windows_2k3.all.count
 					vista = Host.os_windows_vista.all.count
 					w2k8 = Host.os_windows_2k8.all.count
+					w2k12 = Host.os_windows_2k12.all.count
 					w7 = Host.os_windows_7.all.count
+					w8 = Host.os_windows_8.all.count
 					other = (Host.os_windows.os_windows_other).all.count
 
-					windows_os_count = nt + w2k + xp + w2k3 + vista + w7 + w2k8 + other
+					windows_os_count = nt + w2k + xp + w2k3 + vista + w7 + w8 + w2k8 + w2k12 + other
 
 					nt_percent = (nt.to_f / windows_os_count.to_f) * 100
 					w2k_percent = (w2k.to_f / windows_os_count.to_f) * 100
@@ -459,6 +511,8 @@ module Risu
 
 					w2k8_percent = (w2k8.to_f / windows_os_count.to_f) * 100
 					w7_percent = (w7.to_f / windows_os_count.to_f) * 100
+					w8_percent = (w8.to_f / windows_os_count.to_f) * 100
+					w2k12_percent = (w2k12.to_f / windows_os_count.to_f) * 100
 
 					text = "This graph shows the percentage of the different Microsoft Windows based operating systems " +
 					"found on the #{Report.title} network.\n\n"
@@ -470,15 +524,37 @@ module Risu
 					text << "#{vista_percent.round.to_i}% of the network is Windows Vista. " if vista_percent >= 1
 					text << "#{w2k8_percent.round.to_i}% of the network is Windows Server 2008. " if w2k8_percent >= 1
 					text << "#{w7_percent.round.to_i}% of the network is Windows 7. " if w7_percent >= 1
+					text << "#{w8_percent.round.to_i}% of the network is Windows 8. " if w8_percent >= 1
+					text << "#{w2k12_percent.round.to_i}% of the network is Windows Server 20012. " if w2k12_percent >= 1
 
 					text << "\n\n" << unsupported_os_windows if nt > 0 or w2k > 0
 
 					return text
 				end
 
+				# 
+				# @todo comments
+				#
+				def unsupported_os?
+					aix_text = unsupported_os_aix
+					win_text = unsupported_os_windows
+					freebsd_text = unsupported_os_freebsd
+
+					#If all the text is nil just return nil
+					if aix_text == "" && win_text == "" && freebsd_text == ""
+						return false
+					end
+
+					return true
+				end
+
 				# @todo add plural check
 				#
 				def unsupported_os_text
+					if !unsupported_os?
+						return nil
+					end
+
 					aix_text = unsupported_os_aix
 					win_text = unsupported_os_windows
 					freebsd_text = unsupported_os_freebsd
@@ -505,7 +581,8 @@ module Risu
 					win_98 = Host.os_windows_98
 					win_me = Host.os_windows_me
 					win_nt = Host.os_windows_nt
-					win_2000 = Host.os_windows_2k
+					#win_2000 = Host.os_windows_2k
+					win_2000 = Plugin.where(:plugin_name => "Microsoft Windows 2000 Unsupported Installation Detection")
 
 					#Host.os_windows.not_os_windows_7.not_os_windows_2008.not_os_windows_vista.not_os_windows_2003.not_os_windows_xp
 
@@ -575,10 +652,10 @@ module Risu
 
 					#todo add other os's here
 
-					text << "#{linux_percent.to_i}% of the network is running an Linux based operating system. " if linux_percent >= 1
-					text << "#{aix_percent.to_i}% of the network is running an AIX based operating system. " if aix_percent >= 1
-					text << "#{freebsd_percent.to_i}% of the network is running an FreeBSD based operating system. " if freebsd_percent >= 1
-					text << "#{vmware_percent.to_i}% of the network is running an VMware based operating system. " if vmware_percent >= 1
+					text << "#{linux_percent.to_i}% of the non-windows network is running an Linux based operating system. " if linux_percent >= 1
+					text << "#{aix_percent.to_i}% of the non-windows network is running an AIX based operating system. " if aix_percent >= 1
+					text << "#{freebsd_percent.to_i}% of the non-windows network is running an FreeBSD based operating system. " if freebsd_percent >= 1
+					text << "#{vmware_percent.to_i}% of the non-windows network is running an VMware based operating system. " if vmware_percent >= 1
 
 					text << "\n\n"<< unsupported_os_aix if aix > 0
 					text << "\n\n" << unsupported_os_freebsd if freebsd > 0
@@ -586,7 +663,9 @@ module Risu
 					return text
 				end
 
+				#
 				# @todo comments
+				#
 				def top_n_vulnerable(n)
 					hosts = Item.risks_by_host(Host.all.count).count
 					hosts = hosts.sort_by {|k, v| v}
@@ -601,14 +680,18 @@ module Risu
 					hosts[0...n]
 				end
 
+				#
 				# @todo comments
+				#
 				def unique_hosts_with_critical
 					hosts = Item.critical_risks_by_host(Host.all.count).count
 					hosts = hosts.sort_by {|k, v| v}
 					hosts.reverse!
 				end
 
+				#
 				# @todo comments
+				#
 				def unique_hosts_with_high
 					hosts = Item.high_risks_by_host(Host.all.count).count
 					hosts = hosts.sort_by {|k, v| v}

data/lib/risu/models/individualpluginselection.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/item.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2012 Arxopia LLC.
+# Copyright (c) 2010-2013 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -190,6 +190,24 @@ module Risu
 					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 3).group(:host_id).order("count_all DESC").limit(limit)
 				end
 
+				# Queries for all the Medium risks by host
+				#
+				# @param limit Limits the result to a specific number, default 10
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def medium_risks_by_host(limit=10)
+					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 2).group(:host_id).order("count_all DESC").limit(limit)
+				end
+
+				# Queries for all the Low risks by host
+				#
+				# @param limit Limits the result to a specific number, default 10
+				#
+				# @return [ActiveRecord::Relation] with the query results
+				def low_risks_by_host(limit=10)
+					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 1).group(:host_id).order("count_all DESC").limit(limit)
+				end
+
 				# Queries for all the hosts with the Microsoft patch summary plugin (38153)
 				#
 				# @return [ActiveRecord::Relation] with the query results
@@ -306,6 +324,7 @@ module Risu
 					StringIO.new(g.to_blob)
 				end
 
+				#
 				# @todo comment
 				#
 				def calculate_vulnerable_host_percent
@@ -323,6 +342,7 @@ module Risu
 					host_percent = (hosts_with_critical.count.to_f / Host.all.count.to_f) * 100
 				end
 
+				#
 				# @todo comments
 				#
 				def ajective_for_risk_text risk_percent
@@ -340,6 +360,7 @@ module Risu
 					end
 				end
 
+				#
 				# @todo comments
 				#
 				def risk_text risk_percent
@@ -396,17 +417,25 @@ module Risu
 					return graph_text
 				end
 
+				#
+				# @todo comment
+				#
+				def notable_order_by_cvss_raw
+					return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").count(:all, :group => :plugin_id)
+				end
+
+				#
+				# @todo comment
+				#
+				def scrub_plugin_name (name)
+					return name.gsub("(remote check)", "").gsub("(uncredentialed check)", "").gsub(/(\(\d.*\))/, "")
+				end
+
+				#
 				# @todo comment
+				#
 				def top_10_sorted_raw
-					raw = nil
-
-					if ActiveRecord::Base.connection.instance_values["config"][:adapter] =~ /sqlite/
-						raw = Item.joins(:plugin).where(:severity => 4).order("CAST(plugins.cvss_base_score AS REAL)").count(:all, :group => :plugin_id)
-					elsif ActiveRecord::Base.connection.instance_values["config"][:adapter] =~ /mysql/
-						raw = Item.joins(:plugin).where(:severity => 4).order("CAST(plugins.cvss_base_score AS DECIMAL(2,2))").count(:all, :group => :plugin_id)
-					else
-						raw = Item.joins(:plugin).where(:severity => 4).order(:plugins.cvss_base_score).count(:all, :group => :plugin_id)
-					end
+					raw = notable_order_by_cvss_raw
 
 					data = Array.new
 
@@ -427,9 +456,11 @@ module Risu
 					return data
 				end
 
+				#
+				# @todo comment
+				#
 				def top_10_sorted
-					#raw = Item.where(:severity => 3).count(:all, :group => :plugin_id)
-					raw = Item.joins(:plugin).where(:severity => 4).order(:cvss_base_score).count(:all, :group => :plugin_id)
+					raw = notable_order_by_cvss_raw
 					data = Array.new
 
 					raw.each do |vuln|
@@ -437,7 +468,7 @@ module Risu
 						plugin_id = vuln[0]
 						count = vuln[1]
 
-						name = Plugin.find_by_id(plugin_id).plugin_name
+						name = scrub_plugin_name(Plugin.find_by_id(plugin_id).plugin_name)
 
 						row.push(name)
 						row.push(count)
@@ -476,6 +507,9 @@ module Risu
 				    select("items.*").select("count(*) as count_all").group(:plugin_id).order("count_all DESC")
 				end
 
+				def plugin
+					Plugin.where(:id => Item.first.attributes["plugin_id"])
+				end
 			end
 		end
 	end