risu 1.5.3 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile.ci +1 -0
- data/LICENSE +1 -1
- data/NEWS.markdown +80 -3
- data/README.markdown +9 -8
- data/Rakefile +7 -7
- data/bin/risu +1 -1
- data/lib/risu.rb +6 -3
- data/lib/risu/base.rb +2 -1
- data/lib/risu/base/schema.rb +8 -4
- data/lib/risu/base/template_base.rb +3 -1
- data/lib/risu/base/template_helper.rb +115 -0
- data/lib/risu/base/template_manager.rb +1 -1
- data/lib/risu/base/templater.rb +3 -4
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +3 -10
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +92 -9
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +47 -13
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +9 -1
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +69 -9
- data/lib/risu/models/report.rb +1 -1
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +69 -50
- data/lib/risu/parsers/nexpose/nexpose_document.rb +2 -5
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/templates/assets.rb +17 -29
- data/lib/risu/templates/cover_sheet.rb +40 -44
- data/lib/risu/templates/exec_summary.rb +11 -20
- data/lib/risu/templates/{executive_summary.rb → executive_summary_detailed.rb} +2 -11
- data/lib/risu/templates/finding_statistics.rb +1 -1
- data/lib/risu/templates/findings_host.rb +1 -1
- data/lib/risu/templates/findings_summary.rb +25 -86
- data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
- data/lib/risu/templates/graphs.rb +1 -1
- data/lib/risu/templates/host_summary.rb +18 -14
- data/lib/risu/templates/ms_patch_summary.rb +17 -24
- data/lib/risu/templates/ms_update_summary.rb +1 -1
- data/lib/risu/templates/ms_wsus_findings.rb +1 -1
- data/lib/risu/templates/notable.rb +10 -14
- data/lib/risu/templates/notable_detailed.rb +43 -54
- data/lib/risu/templates/pci_compliance.rb +28 -34
- data/lib/risu/templates/stig_findings_summary.rb +25 -38
- data/lib/risu/templates/technical_findings.rb +46 -55
- data/lib/risu/templates/template.rb +4 -3
- data/risu.gemspec +12 -11
- metadata +79 -61
data/lib/risu/models/patch.rb
CHANGED
data/lib/risu/models/plugin.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2013 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -35,6 +35,14 @@ module Risu
|
|
35
35
|
has_many :references
|
36
36
|
has_many :individual_plugin_selections
|
37
37
|
|
38
|
+
def cvss_base_score=(cvss_base_score)
|
39
|
+
write_attribute(:cvss_base_score, cvss_base_score.to_f)
|
40
|
+
end
|
41
|
+
|
42
|
+
def cvss_base_score
|
43
|
+
read_attribute(:cvss_base_score).to_s
|
44
|
+
end
|
45
|
+
|
38
46
|
class << self
|
39
47
|
|
40
48
|
# Queries for all risks based on Plugin.risk_factor
|
data/lib/risu/models/policy.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2013 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -28,12 +28,48 @@ module Risu
|
|
28
28
|
module Models
|
29
29
|
|
30
30
|
# Reference Model
|
31
|
-
#
|
32
31
|
class Reference < ActiveRecord::Base
|
33
32
|
has_many :plugins
|
34
33
|
|
35
34
|
class << self
|
36
35
|
|
36
|
+
#Generates a full string of all the references
|
37
|
+
#
|
38
|
+
# @returns [String] of all the references with in-line formatting for
|
39
|
+
# direct output to the report
|
40
|
+
def reference_string
|
41
|
+
reference_names = ["cve", "cpe", "bid", "see_also", "iava", "msft",
|
42
|
+
"osvdb", "cert", "edbid", "rhsa", "secunia", "suse", "dsa",
|
43
|
+
"owasp", "cwe", "iavb", "iavt", "cisco_sa", "ics_alert",
|
44
|
+
"cisco_bug_id", "cisco_sr", "cert_vu", "vmsa", "cert_cc",
|
45
|
+
"msvr", "apple_sa", "icsa"
|
46
|
+
]
|
47
|
+
|
48
|
+
ref_string = ""
|
49
|
+
|
50
|
+
reference_names.each do |type|
|
51
|
+
ref = reference_string_by self.send(type)
|
52
|
+
|
53
|
+
ref_string << "<b>#{type}</b>: #{ref}\n" if ref.length != 0
|
54
|
+
end
|
55
|
+
|
56
|
+
ref_string
|
57
|
+
end
|
58
|
+
|
59
|
+
# Generates a string of all the references of the specified type
|
60
|
+
#
|
61
|
+
# @param type Result of a [Reference] model reference accessors
|
62
|
+
#
|
63
|
+
# @return [String] containing all references of type comma separated
|
64
|
+
def reference_string_by type
|
65
|
+
rstring = []
|
66
|
+
type.each do |ref|
|
67
|
+
rstring << ref.value
|
68
|
+
end
|
69
|
+
|
70
|
+
rstring.join(", ")
|
71
|
+
end
|
72
|
+
|
37
73
|
# Queries all unique CVEs
|
38
74
|
#
|
39
75
|
def cve
|
@@ -82,43 +118,43 @@ module Risu
|
|
82
118
|
where(:reference_name => "cert").select('DISTINCT value')
|
83
119
|
end
|
84
120
|
|
85
|
-
#
|
121
|
+
# Queries all unique edbid refs
|
86
122
|
#
|
87
123
|
def edbid
|
88
124
|
where(:reference_name => "edb-id").select('DISTINCT value')
|
89
125
|
end
|
90
126
|
|
91
|
-
#
|
127
|
+
# Queries all unique rhsa refs
|
92
128
|
#
|
93
129
|
def rhsa
|
94
130
|
where(:reference_name => "rhsa").select('DISTINCT value')
|
95
131
|
end
|
96
132
|
|
97
|
-
#
|
133
|
+
# Queries all unique secunia refs
|
98
134
|
#
|
99
135
|
def secunia
|
100
136
|
where(:reference_name => "secunia").select('DISTINCT value')
|
101
137
|
end
|
102
138
|
|
103
|
-
#
|
139
|
+
# Queries all unique suse refs
|
104
140
|
#
|
105
141
|
def suse
|
106
142
|
where(:reference_name => "suse").select('DISTINCT value')
|
107
143
|
end
|
108
144
|
|
109
|
-
#
|
145
|
+
# Queries all unique dsa refs
|
110
146
|
#
|
111
147
|
def dsa
|
112
148
|
where(:reference_name => "dsa").select('DISTINCT value')
|
113
149
|
end
|
114
150
|
|
115
|
-
#
|
151
|
+
# Queries all unique owasp refs
|
116
152
|
#
|
117
153
|
def owasp
|
118
154
|
where(:reference_name => "owasp").select('DISTINCT value')
|
119
155
|
end
|
120
156
|
|
121
|
-
#
|
157
|
+
# Queries all unique cwe refs
|
122
158
|
#
|
123
159
|
def cwe
|
124
160
|
where(:reference_name => "cwe").select('DISTINCT value')
|
@@ -171,6 +207,30 @@ module Risu
|
|
171
207
|
def vmsa
|
172
208
|
where(:reference_name => "vmsa").select('DISTINCT value')
|
173
209
|
end
|
210
|
+
|
211
|
+
#
|
212
|
+
#
|
213
|
+
def cert_cc
|
214
|
+
where(:reference_name => "cert-cc").select('DISTINCT value')
|
215
|
+
end
|
216
|
+
|
217
|
+
#
|
218
|
+
#
|
219
|
+
def apple_sa
|
220
|
+
where(:reference_name => "apple-sa").select('DISTINCT value')
|
221
|
+
end
|
222
|
+
|
223
|
+
#
|
224
|
+
#
|
225
|
+
def icsa
|
226
|
+
where(:reference_name => "icsa").select('DISTINCT value')
|
227
|
+
end
|
228
|
+
|
229
|
+
#
|
230
|
+
#
|
231
|
+
def msvr
|
232
|
+
where(:reference_name => "msvr").select('DISTINCT value')
|
233
|
+
end
|
174
234
|
end
|
175
235
|
end
|
176
236
|
end
|
data/lib/risu/models/report.rb
CHANGED
data/lib/risu/models/version.rb
CHANGED
data/lib/risu/parsers.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2013 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -42,7 +42,8 @@ module Risu
|
|
42
42
|
"cpe", "bid", "see_also", "xref", "cve", "iava", "msft",
|
43
43
|
"osvdb", "cert", "edb-id", "rhsa", "secunia", "suse", "dsa",
|
44
44
|
"owasp", "cwe", "iavb", "iavt", "cisco-sa", "ics-alert",
|
45
|
-
"cisco-bug-id", "cisco-sr", "cert-vu", "vmsa"
|
45
|
+
"cisco-bug-id", "cisco-sr", "cert-vu", "vmsa", "apple-sa",
|
46
|
+
"icsa", "cert-cc", "msvr"
|
46
47
|
]
|
47
48
|
|
48
49
|
@valid_elements = Array["ReportItem", "plugin_version", "risk_factor",
|
@@ -56,46 +57,52 @@ module Risu
|
|
56
57
|
"exploit_available", "metasploit_name", "exploit_framework_canvas", "canvas_package", "exploit_framework_metasploit",
|
57
58
|
"plugin_type", "exploithub_sku", "exploit_framework_exploithub", "stig_severity", "plugin_name", "fname", "always_run",
|
58
59
|
"cm:compliance-info", "cm:compliance-actual-value", "cm:compliance-check-id", "cm:compliance-policy-value",
|
59
|
-
"cm:compliance-audit-file", "cm:compliance-check-name", "cm:compliance-result", "cm:compliance-output"
|
60
|
+
"cm:compliance-audit-file", "cm:compliance-check-name", "cm:compliance-result", "cm:compliance-output", "policyOwner",
|
61
|
+
"visibility"
|
60
62
|
]
|
61
63
|
|
62
|
-
|
64
|
+
@valid_elements = @valid_elements + @valid_references
|
63
65
|
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
66
|
+
# This makes adding new host properties really easy, except for the
|
67
|
+
#MS patch numbers, this are handled differently.
|
68
|
+
# @todo this needs to become a sql hash table with accessors for the common ones
|
69
|
+
@valid_host_properties = {
|
70
|
+
"HOST_END" => :end,
|
71
|
+
"mac-address" => :mac,
|
72
|
+
"HOST_START" => :start,
|
73
|
+
"operating-system" => :os,
|
74
|
+
"host-ip" => :ip,
|
75
|
+
"host-fqdn" => :fqdn,
|
76
|
+
"netbios-name" => :netbios,
|
77
|
+
"local-checks-proto" => :local_checks_proto,
|
78
|
+
"smb-login-used" => :smb_login_used,
|
79
|
+
"ssh-auth-meth" => :ssh_auth_meth,
|
80
|
+
"ssh-login-used" => :ssh_login_used,
|
81
|
+
"pci-dss-compliance" => :pci_dss_compliance,
|
82
|
+
"pci-dss-compliance:" => :pci_dss_compliance_ , #I think this is a Tenable bug~
|
83
|
+
"system-type" => :system_type,
|
84
|
+
"bios-uuid" => :bios_uuid,
|
85
|
+
"pcidss:compliance:failed" => :pcidss_compliance_failed,
|
86
|
+
"pcidss:compliance:passed" => :pcidss_compliance_passed,
|
87
|
+
"pcidss:deprecated_ssl" => :pcidss_deprecated_ssl,
|
88
|
+
"pcidss:expired_ssl_certificate" => :pcidss_expired_ssl_certificate,
|
89
|
+
"pcidss:high_risk_flaw" => :pcidss_high_risk_flaw,
|
90
|
+
"pcidss:medium_risk_flaw" => :pcidss_medium_risk_flaw,
|
91
|
+
"pcidss:reachable_db" => :pcidss_reachable_db,
|
92
|
+
"pcidss:www:xss" => :pcidss_www_xss,
|
93
|
+
"pcidss:directory_browsing" => :pcidss_directory_browsing,
|
94
|
+
"pcidss:known_credentials" => :pcidss_known_credentials,
|
95
|
+
"pcidss:compromised_host:worm" => :pcidss_compromised_host_worm,
|
96
|
+
"pcidss:obsolete_operating_system" => :pcidss_obsolete_operating_system,
|
97
|
+
"pcidss:dns_zone_transfer" => :pcidss_dns_zone_transfer,
|
98
|
+
"pcidss:unprotected_mssql_db" => :pcidss_unprotected_mssql_db,
|
99
|
+
"pcidss:obsolete_software" => :pcidss_obsolete_software,
|
100
|
+
"pcidss:www:sql_injection" => :pcidss_www_sql_injection,
|
101
|
+
"pcidss:backup_files" => :pcidss_backup_files,
|
102
|
+
"traceroute-hop-0" => :traceroute_hop_0,
|
103
|
+
"traceroute-hop-1" => :traceroute_hop_1,
|
104
|
+
"traceroute-hop-2" => :traceroute_hop_2
|
105
|
+
}
|
99
106
|
end
|
100
107
|
|
101
108
|
# Callback for when the start of a XML element is reached
|
@@ -139,19 +146,19 @@ module Risu
|
|
139
146
|
|
140
147
|
if attributes["name"] =~ /[M|m][S|s]\d{2,}-\d{2,}/
|
141
148
|
@attr = if attributes["name"] =~ /[M|m][S|s]\d{2,}-\d{2,}/
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
149
|
+
attributes["name"]
|
150
|
+
else
|
151
|
+
nil
|
152
|
+
end
|
146
153
|
else
|
147
154
|
@attr = if @valid_host_properties.keys.include?(attributes["name"])
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
155
|
+
attributes["name"]
|
156
|
+
else
|
157
|
+
nil
|
158
|
+
end
|
152
159
|
end
|
153
160
|
|
154
|
-
puts "New HostProperties attribute: #{attributes["name"]}. Please report this to
|
161
|
+
puts "New HostProperties attribute: #{attributes["name"]}. Please report this to #{Risu::EMAIL}\n" if @attr.nil?
|
155
162
|
when "ReportItem"
|
156
163
|
@vals = Hash.new # have to clear this out or everything has the same references
|
157
164
|
@ri = @rh.items.create
|
@@ -195,14 +202,26 @@ module Risu
|
|
195
202
|
@policy.attributes = {
|
196
203
|
:name => @vals["policyName"]
|
197
204
|
}
|
198
|
-
|
199
205
|
@policy.save
|
206
|
+
|
200
207
|
when "policyComments"
|
201
208
|
@policy.attributes = {
|
202
209
|
:comments => @vals["policyComments"]
|
203
210
|
}
|
211
|
+
@policy.save
|
212
|
+
|
213
|
+
when "policyOwner"
|
214
|
+
@policy.attributes = {
|
215
|
+
:owner => @vals["policyOwner"]
|
216
|
+
}
|
217
|
+
@policy.save
|
204
218
|
|
219
|
+
when "visibility"
|
220
|
+
@policy.attributes = {
|
221
|
+
:visibility => @vals["visibility"]
|
222
|
+
}
|
205
223
|
@policy.save
|
224
|
+
|
206
225
|
when "preference"
|
207
226
|
@sp.attributes = {
|
208
227
|
:name => @vals["name"],
|
@@ -292,7 +311,7 @@ module Risu
|
|
292
311
|
:synopsis => @vals["synopsis"],
|
293
312
|
:plugin_type => @vals["plugin_type"],
|
294
313
|
:cvss_vector => @vals["cvss_vector"],
|
295
|
-
:cvss_base_score => @vals["cvss_base_score"],
|
314
|
+
:cvss_base_score => @vals["cvss_base_score"].to_f,
|
296
315
|
:vuln_publication_date => @vals["vuln_publication_date"],
|
297
316
|
:plugin_version => @vals["plugin_version"],
|
298
317
|
:cvss_temporal_score => @vals["cvss_temporal_score"],
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2013 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -27,9 +27,8 @@
|
|
27
27
|
module Risu
|
28
28
|
module Parsers
|
29
29
|
module Nexpose
|
30
|
+
|
30
31
|
# A Object to represent the Nexpose xml file in memory
|
31
|
-
#
|
32
|
-
# @author Jacob Hammack <jacob.hammack@hammackj.com>
|
33
32
|
class NexposeDocument
|
34
33
|
|
35
34
|
# Creates a instance of the NexposeDocument class
|
@@ -61,7 +60,6 @@ module Risu
|
|
61
60
|
end
|
62
61
|
|
63
62
|
# Invokes the SAX parser on the XML document
|
64
|
-
#
|
65
63
|
def parse
|
66
64
|
@parser = LibXML::XML::SaxParser.file @document
|
67
65
|
@parser.callbacks = SimpleNexpose.new
|
@@ -69,7 +67,6 @@ module Risu
|
|
69
67
|
end
|
70
68
|
|
71
69
|
# Fixes the ip field if nil and replaces it with the name if its an ip
|
72
|
-
#
|
73
70
|
def fix_ips
|
74
71
|
@hosts = Host.all
|
75
72
|
|
data/lib/risu/renderers.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2013 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -26,51 +26,39 @@
|
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
29
|
-
class
|
29
|
+
class AssetsTemplate < Risu::Base::TemplateBase
|
30
|
+
include TemplateHelper
|
30
31
|
|
31
|
-
#
|
32
|
-
#
|
33
32
|
def initialize ()
|
34
33
|
@template_info =
|
35
34
|
{
|
36
35
|
:name => "assets",
|
37
36
|
:author => "hammackj",
|
38
|
-
:version => "0.0.
|
37
|
+
:version => "0.0.2",
|
39
38
|
:description => "Generates a Assets Summary Report"
|
40
39
|
}
|
41
40
|
end
|
42
41
|
|
43
|
-
# @todo comment
|
44
|
-
#
|
45
42
|
def render(output)
|
46
|
-
|
43
|
+
text Report.classification.upcase, :align => :center
|
44
|
+
text "\n"
|
47
45
|
|
48
|
-
|
49
|
-
|
46
|
+
report_title Report.title
|
47
|
+
report_subtitle "Networked Assets"
|
48
|
+
report_author "This report was prepared by\n#{Report.author}"
|
50
49
|
|
51
|
-
|
52
|
-
output.text Report.title, :align => :center
|
53
|
-
end
|
54
|
-
|
55
|
-
output.font_size(18) do
|
56
|
-
output.text "Networked Assets", :align => :center
|
57
|
-
output.text "\n"
|
58
|
-
output.text "This report was prepared by\n#{Report.author}", :align => :center
|
59
|
-
end
|
60
|
-
|
61
|
-
output.text "\n\n"
|
50
|
+
text "\n\n\n"
|
62
51
|
|
63
52
|
Host.sorted.each do |host|
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
53
|
+
text "Name: #{host.name}\n"
|
54
|
+
text "FQDN: #{host.fqdn}\n" unless host.fqdn == nil
|
55
|
+
text "IP Address: #{host.ip}\n" unless host.ip == nil
|
56
|
+
text "NetBios: #{host.netbios}\n" unless host.netbios == nil
|
57
|
+
text sprintf "Mac Address: %s\n", host.mac.chomp.gsub("\n", ", ") unless host.mac == nil
|
58
|
+
text sprintf "Operation System: %s\n", host.os.chomp.gsub("\n", "/") unless host.os == nil
|
59
|
+
text "\n"
|
71
60
|
end
|
72
61
|
end
|
73
62
|
end
|
74
63
|
end
|
75
64
|
end
|
76
|
-
|