risu 1.6.3 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +12 -0
- data/Gemfile.ci +9 -9
- data/Gemfile.lock +118 -0
- data/LICENSE +1 -1
- data/NEWS.markdown +98 -0
- data/README.markdown +10 -3
- data/Rakefile +2 -2
- data/bin/risu +3 -3
- data/lib/risu.rb +6 -2
- data/lib/risu/base.rb +10 -3
- data/lib/risu/base/graph_template_helper.rb +71 -0
- data/lib/risu/base/host_template_helper.rb +75 -0
- data/lib/risu/base/malware_template_helper.rb +96 -0
- data/lib/risu/base/post_process_base.rb +210 -0
- data/lib/risu/base/post_process_manager.rb +120 -0
- data/lib/risu/base/schema.rb +10 -7
- data/lib/risu/base/shares_template_helper.rb +158 -0
- data/lib/risu/base/template_base.rb +12 -10
- data/lib/risu/base/template_helper.rb +105 -3
- data/lib/risu/base/template_manager.rb +16 -12
- data/lib/risu/base/templater.rb +23 -9
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +23 -17
- data/lib/risu/cli/banner.rb +3 -3
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +3 -3
- data/lib/risu/models/familyselection.rb +3 -3
- data/lib/risu/models/host.rb +74 -9
- data/lib/risu/models/hostproperty.rb +3 -3
- data/lib/risu/models/individualpluginselection.rb +3 -3
- data/lib/risu/models/item.rb +92 -29
- data/lib/risu/models/patch.rb +3 -3
- data/lib/risu/models/plugin.rb +30 -2
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +3 -3
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +3 -3
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +23 -16
- data/lib/risu/parsers/nessus/postprocess.rb +3 -6
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +82 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +86 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +67 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +104 -0
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +60 -0
- data/lib/risu/parsers/nessus/postprocess/java.rb +49 -198
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +65 -0
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +54 -0
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +84 -0
- data/lib/risu/parsers/nessus/postprocess/php.rb +62 -0
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +178 -0
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +10 -5
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +375 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/windows.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +72 -0
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +3 -1
- data/lib/risu/renderers/csvrenderer.rb +53 -0
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +57 -0
- data/lib/risu/templates/assets.rb +5 -4
- data/lib/risu/templates/cover_sheet.rb +4 -3
- data/lib/risu/templates/exec_summary.rb +4 -3
- data/lib/risu/templates/executive_summary_detailed.rb +9 -8
- data/lib/risu/templates/exploitablity_summary.rb +82 -0
- data/lib/risu/templates/failed_audits.rb +98 -0
- data/lib/risu/templates/finding_statistics.rb +2 -1
- data/lib/risu/templates/findings_host.rb +20 -22
- data/lib/risu/templates/findings_summary.rb +11 -9
- data/lib/risu/templates/findings_summary_with_pluginid.rb +31 -85
- data/lib/risu/templates/graphs.rb +9 -10
- data/lib/risu/templates/host_findings_csv.rb +67 -0
- data/lib/risu/templates/host_summary.rb +2 -1
- data/lib/risu/templates/malicious_process_detection.rb +2 -1
- data/lib/risu/templates/missing_root_causes.rb +162 -0
- data/lib/risu/templates/ms_patch_summary.rb +3 -2
- data/lib/risu/templates/ms_update_summary.rb +5 -4
- data/lib/risu/templates/ms_wsus_findings.rb +5 -4
- data/lib/risu/templates/notable.rb +7 -11
- data/lib/risu/templates/notable_detailed.rb +7 -4
- data/lib/risu/templates/pci_compliance.rb +5 -4
- data/lib/risu/templates/stig_findings_summary.rb +5 -4
- data/lib/risu/templates/talking_points.rb +164 -0
- data/lib/risu/templates/technical_findings.rb +8 -4
- data/lib/risu/templates/template.rb +3 -2
- data/lib/risu/templates/top_25.rb +115 -0
- data/risu.gemspec +16 -15
- metadata +142 -77
data/lib/risu/base/templater.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Base
|
@@ -47,13 +47,27 @@ module Risu
|
|
47
47
|
template = @template
|
48
48
|
template_manager = @template_manager
|
49
49
|
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
50
|
+
t = template_manager.find_template_by_name(template)
|
51
|
+
t = t.class.new
|
52
|
+
|
53
|
+
if t.template_info[:renderer] == "CSV"
|
54
|
+
Risu::Renderers::CSVRenderer.generate(@output_file) do |output|
|
55
|
+
t = template_manager.find_template_by_name(template)
|
56
|
+
t = t.class.new
|
57
|
+
t.output = output
|
58
|
+
t.render(output) unless t == nil
|
59
|
+
end
|
60
|
+
elsif t.template_info[:renderer] == "PDF"
|
61
|
+
Prawn::Document.generate(@output_file, :margin => [75, 50, 75, 50]) do |output|
|
62
|
+
output.font_size 10
|
63
|
+
t = template_manager.find_template_by_name(template)
|
64
|
+
t = t.class.new
|
65
|
+
t.output = output
|
66
|
+
t.render(output) unless t == nil
|
67
|
+
end
|
56
68
|
end
|
69
|
+
|
70
|
+
|
57
71
|
rescue => e
|
58
72
|
raise unless Rails.env.production?
|
59
73
|
puts "Templater Error: #{e.message} \n #{e.backtrace.join("\n\t")}\n"
|
data/lib/risu/cli.rb
CHANGED
data/lib/risu/cli/application.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module CLI
|
@@ -41,9 +41,10 @@ module Risu
|
|
41
41
|
|
42
42
|
@options[:debug] = false
|
43
43
|
@options[:list_templates] = false
|
44
|
-
@options[:
|
44
|
+
@options[:post_process] = false
|
45
45
|
|
46
46
|
@template_manager = Risu::Base::TemplateManager.new "risu/templates"
|
47
|
+
@postprocess_manager = Risu::Base::PostProcessManager.new "risu/parsers/nessus/postprocess"
|
47
48
|
end
|
48
49
|
|
49
50
|
# Creates a blank configuration file
|
@@ -243,10 +244,14 @@ module Risu
|
|
243
244
|
@options[:output_file] = option
|
244
245
|
end
|
245
246
|
|
246
|
-
opt.on('
|
247
|
+
opt.on('--list-templates', "Lists all of the templates available to #{APP_NAME}") do |option|
|
247
248
|
@options[:list_templates] = option
|
248
249
|
end
|
249
250
|
|
251
|
+
opt.on('--list-post-process', "Lists all of the post processors available to #{APP_NAME}") do |option|
|
252
|
+
@options[:list_postprocesses] = option
|
253
|
+
end
|
254
|
+
|
250
255
|
# @todo THIS NO WORK
|
251
256
|
#opt.on('--create-template NAME', "Creates a template file in the ~/.risu/templates directory") do |option|
|
252
257
|
# if File.exists?(option) == true
|
@@ -346,6 +351,11 @@ module Risu
|
|
346
351
|
exit
|
347
352
|
end
|
348
353
|
|
354
|
+
if @options[:list_postprocesses]
|
355
|
+
@postprocess_manager.display_postprocesses
|
356
|
+
exit
|
357
|
+
end
|
358
|
+
|
349
359
|
if @options[:debug] == true
|
350
360
|
puts "[*] Enabling Debug Mode"
|
351
361
|
end
|
@@ -417,24 +427,22 @@ module Risu
|
|
417
427
|
next
|
418
428
|
end
|
419
429
|
end
|
430
|
+
|
431
|
+
process_post_processing
|
420
432
|
end
|
421
433
|
|
422
434
|
# Preforms PostProcessing on the dataset
|
423
435
|
#
|
424
436
|
def process_post_processing
|
425
|
-
if @options[:post_process]
|
437
|
+
if @options[:post_process] == true
|
426
438
|
|
427
439
|
puts "[*] Preforming Post Processing"
|
428
440
|
|
429
|
-
|
430
|
-
|
431
|
-
|
432
|
-
|
433
|
-
|
434
|
-
#Clean up java patches
|
435
|
-
#puts "\t[*] Rolling up Oracle Java vulnerabilities"
|
436
|
-
#java = Risu::Parsers::Nessus::PostProcess::Java.new
|
437
|
-
#java.run()
|
441
|
+
@postprocess_manager.registered_postprocesses.each do |p|
|
442
|
+
#p = post.new
|
443
|
+
puts "\t[*] Running #{p.info[:description]}"
|
444
|
+
p.run()
|
445
|
+
end
|
438
446
|
end
|
439
447
|
end
|
440
448
|
|
@@ -467,8 +475,6 @@ module Risu
|
|
467
475
|
raise Risu::Exceptions::InvalidDocument, "[!] Invalid Document - #{file}"
|
468
476
|
end
|
469
477
|
|
470
|
-
process_post_processing()
|
471
|
-
|
472
478
|
printf "[*] Finished parsing %s. Parse took %.02f seconds\n", file, Time.now - tstart
|
473
479
|
rescue Interrupt => i
|
474
480
|
puts "[!] Parse canceled!"
|
data/lib/risu/cli/banner.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
#Cool random banner stuff for the CLI, based on the Metasploit random banner concept
|
28
28
|
|
data/lib/risu/exceptions.rb
CHANGED
data/lib/risu/models.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
data/lib/risu/models/host.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
@@ -392,7 +392,7 @@ module Risu
|
|
392
392
|
g.sort = false
|
393
393
|
g.marker_count = 1
|
394
394
|
g.theme = {
|
395
|
-
:colors =>
|
395
|
+
:colors => Risu::GRAPH_COLORS,
|
396
396
|
:background_colors => %w(white white)
|
397
397
|
}
|
398
398
|
|
@@ -408,6 +408,49 @@ module Risu
|
|
408
408
|
StringIO.new(g.to_blob)
|
409
409
|
end
|
410
410
|
|
411
|
+
#
|
412
|
+
# @todo comments
|
413
|
+
#
|
414
|
+
def windows_os_graph_has_data?
|
415
|
+
nt = Host.os_windows_nt.to_a.count
|
416
|
+
w2k = Host.os_windows_2k.to_a.count
|
417
|
+
xp = Host.os_windows_xp.to_a.count
|
418
|
+
w2k3 = Host.os_windows_2k3.to_a.count
|
419
|
+
vista = Host.os_windows_vista.to_a.count
|
420
|
+
w2k8 = Host.os_windows_2k8.to_a.count
|
421
|
+
w2k12 = Host.os_windows_2k12.to_a.count
|
422
|
+
w7 = Host.os_windows_7.to_a.count
|
423
|
+
w8 = Host.os_windows_8.to_a.count
|
424
|
+
other = (Host.os_windows.os_windows_other).to_a.count
|
425
|
+
|
426
|
+
if nt == 0 && w2k == 0 && xp == 0 && w2k3 == 0 && vista == 0 && w2k8 == 0 && w2k12 == 0 && w7 == 0 && w8 == 0 && other == 0
|
427
|
+
return false
|
428
|
+
else
|
429
|
+
return true
|
430
|
+
end
|
431
|
+
end
|
432
|
+
|
433
|
+
#
|
434
|
+
# @todo comments
|
435
|
+
#
|
436
|
+
def other_os_graph_has_data?
|
437
|
+
linux = Host.os_linux.to_a.count
|
438
|
+
osx = Host.os_osx.to_a.count
|
439
|
+
freebsd = Host.os_freebsd.to_a.count
|
440
|
+
netbsd = Host.os_netbsd.to_a.count
|
441
|
+
cisco = Host.os_cisco.to_a.count
|
442
|
+
vxworks = Host.os_vxworks.to_a.count
|
443
|
+
esx = Host.os_vmware_esx.to_a.count
|
444
|
+
aix = Host.os_aix.to_a.count
|
445
|
+
other = Host.os_other.to_a.count
|
446
|
+
|
447
|
+
if linux == 0 && osx == 0 && freebsd == 0 && cisco == 0 && vxworks == 0 && esx == 0 && aix == 0 && other == 0
|
448
|
+
return false
|
449
|
+
else
|
450
|
+
return true
|
451
|
+
end
|
452
|
+
end
|
453
|
+
|
411
454
|
# Graphs the percentage of other "non Windows" Operating Systems
|
412
455
|
#
|
413
456
|
# @return [StringIO] Binary image object of the results
|
@@ -417,7 +460,7 @@ module Risu
|
|
417
460
|
g.sort = false
|
418
461
|
g.marker_count = 1
|
419
462
|
g.theme = {
|
420
|
-
:colors =>
|
463
|
+
:colors => Risu::GRAPH_COLORS,
|
421
464
|
:background_colors => %w(white white)
|
422
465
|
}
|
423
466
|
|
@@ -458,7 +501,7 @@ module Risu
|
|
458
501
|
g.sort = false
|
459
502
|
g.marker_count = 1
|
460
503
|
g.theme = {
|
461
|
-
:colors =>
|
504
|
+
:colors => Risu::GRAPH_COLORS,
|
462
505
|
:background_colors => %w(white white)
|
463
506
|
}
|
464
507
|
|
@@ -578,12 +621,13 @@ module Risu
|
|
578
621
|
win_me_text = ""
|
579
622
|
win_nt_text = ""
|
580
623
|
win_2000_text = ""
|
624
|
+
win_xp_text = ""
|
581
625
|
win_95 = Host.os_windows_95
|
582
626
|
win_98 = Host.os_windows_98
|
583
627
|
win_me = Host.os_windows_me
|
584
|
-
win_nt =
|
585
|
-
#win_2000 = Host.os_windows_2k
|
628
|
+
win_nt = Plugin.where(:plugin_name => "Microsoft Windows NT 4.0 Unsupported Installation Detection")
|
586
629
|
win_2000 = Plugin.where(:plugin_name => "Microsoft Windows 2000 Unsupported Installation Detection")
|
630
|
+
win_xp = Plugin.where(:plugin_name => "Microsoft Windows XP Unsupported Installation Detection")
|
587
631
|
|
588
632
|
#Host.os_windows.not_os_windows_7.not_os_windows_2008.not_os_windows_vista.not_os_windows_2003.not_os_windows_xp
|
589
633
|
|
@@ -602,7 +646,10 @@ module Risu
|
|
602
646
|
win_2000_text = "Windows 2000 is an unsupported operating system; Microsoft has stopped support as of July 2010. " +
|
603
647
|
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_2000.count >= 1
|
604
648
|
|
605
|
-
|
649
|
+
win_xp_text = "Windows XP is an unsupported operating system; Microsoft has stopped support as of April 2014. " +
|
650
|
+
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_xp.count >= 1
|
651
|
+
|
652
|
+
return "#{win_95_text}#{win_98_text}#{win_me_text}#{win_nt_text}#{win_2000_text}#{win_xp_text}"
|
606
653
|
end
|
607
654
|
|
608
655
|
# @todo comments
|
@@ -698,6 +745,24 @@ module Risu
|
|
698
745
|
hosts = hosts.sort_by {|k, v| v}
|
699
746
|
hosts.reverse!
|
700
747
|
end
|
748
|
+
|
749
|
+
# @todo
|
750
|
+
def unique_hosts_with_critical_and_high_count
|
751
|
+
hosts = Array.new
|
752
|
+
crit = Item.critical_risks_by_host(Host.all.count)
|
753
|
+
|
754
|
+
crit.each do |item|
|
755
|
+
hosts.push(item.host_id)
|
756
|
+
end
|
757
|
+
|
758
|
+
high = Item.high_risks_by_host(Host.all.count)
|
759
|
+
|
760
|
+
high.each do |item|
|
761
|
+
hosts.push(item.host_id)
|
762
|
+
end
|
763
|
+
|
764
|
+
hosts.uniq.count
|
765
|
+
end
|
701
766
|
end
|
702
767
|
end
|
703
768
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
data/lib/risu/models/item.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
@@ -235,7 +235,7 @@ module Risu
|
|
235
235
|
g.sort = false
|
236
236
|
g.marker_count = 1
|
237
237
|
g.theme = {
|
238
|
-
:colors =>
|
238
|
+
:colors => Risu::GRAPH_COLORS,
|
239
239
|
:background_colors => %w(white white)
|
240
240
|
}
|
241
241
|
|
@@ -264,7 +264,7 @@ module Risu
|
|
264
264
|
g.sort = false
|
265
265
|
g.marker_count = 1
|
266
266
|
g.theme = {
|
267
|
-
:colors =>
|
267
|
+
:colors => Risu::GRAPH_COLORS,
|
268
268
|
:background_colors => %w(white white)
|
269
269
|
}
|
270
270
|
|
@@ -280,11 +280,10 @@ module Risu
|
|
280
280
|
if low == nil then low = 0 end
|
281
281
|
#if info == nil then info = 0 end
|
282
282
|
|
283
|
-
g.data("Critical", crit
|
284
|
-
g.data("High", high
|
285
|
-
g.data("Medium", medium
|
286
|
-
g.data("Low", low
|
287
|
-
#g.data("Informational", info, "blue")
|
283
|
+
g.data("Critical", crit)
|
284
|
+
g.data("High", high)
|
285
|
+
g.data("Medium", medium)
|
286
|
+
g.data("Low", low)
|
288
287
|
|
289
288
|
StringIO.new(g.to_blob)
|
290
289
|
end
|
@@ -307,7 +306,7 @@ module Risu
|
|
307
306
|
g.sort = false
|
308
307
|
g.marker_count = 1
|
309
308
|
g.theme = {
|
310
|
-
:colors =>
|
309
|
+
:colors => Risu::GRAPH_COLORS,
|
311
310
|
:background_colors => %w(white white)
|
312
311
|
}
|
313
312
|
|
@@ -319,9 +318,9 @@ module Risu
|
|
319
318
|
if ii == nil then ii = 0 end
|
320
319
|
if iii == nil then iii = 0 end
|
321
320
|
|
322
|
-
g.data("Cat I", i
|
323
|
-
g.data("Cat II", ii
|
324
|
-
g.data("Cat III", iii
|
321
|
+
g.data("Cat I", i)
|
322
|
+
g.data("Cat II", ii)
|
323
|
+
g.data("Cat III", iii)
|
325
324
|
|
326
325
|
StringIO.new(g.to_blob)
|
327
326
|
end
|
@@ -331,14 +330,42 @@ module Risu
|
|
331
330
|
#
|
332
331
|
# @return [FixNum] Percentage of vulnerable hosts
|
333
332
|
def calculate_vulnerable_host_percent
|
334
|
-
|
333
|
+
#patch to fix double counting
|
334
|
+
#unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical.count + Host.unique_hosts_with_high.count
|
335
|
+
unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical_and_high_count
|
335
336
|
host_percent = (unique_hosts_with_critical_and_high.to_f / Host.count.to_f) * 100
|
336
337
|
end
|
337
338
|
|
338
339
|
#
|
339
|
-
|
340
|
+
def calculate_vulnerable_host_percent_with_patches_applied
|
341
|
+
|
342
|
+
exclude_list = []
|
343
|
+
hosts = []
|
344
|
+
|
345
|
+
Item.notable_order_by_cvss_raw.each do |h, k|
|
346
|
+
exclude_list << h
|
347
|
+
end
|
348
|
+
|
349
|
+
criticals = Item.critical_risks.where.not(:plugin_id => exclude_list)
|
350
|
+
|
351
|
+
criticals.each do |item|
|
352
|
+
hosts << item.host_id
|
353
|
+
end
|
354
|
+
|
355
|
+
Item.high_risks.each do |item|
|
356
|
+
hosts << item.host_id
|
357
|
+
end
|
358
|
+
|
359
|
+
hosts.uniq!
|
360
|
+
(hosts.count.to_f / Host.count.to_f) * 100
|
361
|
+
end
|
362
|
+
|
363
|
+
# Based on the risk_percent returns a adjective representative
|
340
364
|
#
|
341
|
-
|
365
|
+
# @param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}
|
366
|
+
#
|
367
|
+
# @return [String] Textual representation of the risk_percent
|
368
|
+
def adjective_for_risk_text risk_percent
|
342
369
|
adjective = case risk_percent
|
343
370
|
when 0..5
|
344
371
|
"excellent"
|
@@ -353,9 +380,11 @@ module Risu
|
|
353
380
|
end
|
354
381
|
end
|
355
382
|
|
383
|
+
# Builds a sentence based on the risk_percent to describe the risk
|
356
384
|
#
|
357
|
-
# @
|
358
|
-
#
|
385
|
+
# @param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}
|
386
|
+
#
|
387
|
+
# @return [String] Sentence describing the implied significance of the risk_percent
|
359
388
|
def risk_text risk_percent
|
360
389
|
percent_text = case risk_percent
|
361
390
|
when 0..5.99
|
@@ -379,7 +408,7 @@ module Risu
|
|
379
408
|
# @todo rewrite this
|
380
409
|
def risks_by_severity_graph_text
|
381
410
|
host_percent = calculate_vulnerable_host_percent()
|
382
|
-
adjective =
|
411
|
+
adjective = adjective_for_risk_text(host_percent)
|
383
412
|
risk_text = risk_text(host_percent)
|
384
413
|
|
385
414
|
graph_text = "This bar graph is a representation of the findings by severity; the " +
|
@@ -414,6 +443,10 @@ module Risu
|
|
414
443
|
"#{calculate_vulnerable_host_percent().round}%"
|
415
444
|
end
|
416
445
|
|
446
|
+
def risk_percent_patched_rounded_text
|
447
|
+
"#{calculate_vulnerable_host_percent_with_patches_applied().round}%"
|
448
|
+
end
|
449
|
+
|
417
450
|
#
|
418
451
|
# @todo comment
|
419
452
|
#
|
@@ -425,16 +458,17 @@ module Risu
|
|
425
458
|
return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
426
459
|
end
|
427
460
|
|
428
|
-
#
|
429
|
-
#
|
430
|
-
#
|
461
|
+
# Scrubs a plugin_name to remove all pointless data
|
462
|
+
#
|
463
|
+
# @return [String] Scrubbed plugin name
|
431
464
|
def scrub_plugin_name (name)
|
432
465
|
return name.gsub("(remote check)", "").gsub("(uncredentialed check)", "").gsub(/(\(\d.*\))/, "")
|
433
466
|
end
|
434
467
|
|
435
|
-
#
|
436
|
-
#
|
437
|
-
#
|
468
|
+
# Returns an array of plugin_id and plugin_name for the top 10
|
469
|
+
# findings unsorted
|
470
|
+
#
|
471
|
+
# @return [Array] Unsorted top 10 findings
|
438
472
|
def top_10_sorted_raw
|
439
473
|
raw = notable_order_by_cvss_raw
|
440
474
|
|
@@ -457,9 +491,10 @@ module Risu
|
|
457
491
|
return data
|
458
492
|
end
|
459
493
|
|
460
|
-
#
|
461
|
-
#
|
462
|
-
#
|
494
|
+
# Returns an array of plugin_id and plugin_name for the top 10
|
495
|
+
# findings sorted by CVSS score
|
496
|
+
#
|
497
|
+
# @return [Array] Sorted top 10 findings
|
463
498
|
def top_10_sorted
|
464
499
|
raw = notable_order_by_cvss_raw
|
465
500
|
data = Array.new
|
@@ -508,9 +543,37 @@ module Risu
|
|
508
543
|
select("items.*").select("count(*) as count_all").group(:plugin_id).order("count_all DESC")
|
509
544
|
end
|
510
545
|
|
546
|
+
# Returns the plugin that this [Item] belongs to
|
547
|
+
#
|
548
|
+
# @return [Plugin] the that this [Item] references
|
511
549
|
def plugin
|
512
550
|
Plugin.where(:id => Item.first.attributes["plugin_id"])
|
513
551
|
end
|
552
|
+
|
553
|
+
# Builds a array of findings with their exploitablity values
|
554
|
+
#
|
555
|
+
# @param [ActiveRecord::Relation] findings to build matrix on
|
556
|
+
#
|
557
|
+
# @return [Array] with the rows of name, total, core, metasploit, canvas, exploithub, d2elliot
|
558
|
+
def exploitablity_matrix findings
|
559
|
+
results = Array.new
|
560
|
+
|
561
|
+
findings.each do |item|
|
562
|
+
plugin = Plugin.where(:id => item.plugin_id).first
|
563
|
+
|
564
|
+
name = scrub_plugin_name(plugin.plugin_name)
|
565
|
+
total = Item.where(:plugin_id => item.plugin_id).count
|
566
|
+
core = if plugin.exploit_framework_core == "true" then "Yes" else nil end
|
567
|
+
metasploit = if plugin.exploit_framework_metasploit == "true" then "Yes" else nil end
|
568
|
+
canvas = if plugin.exploit_framework_canvas == "true" then "Yes" else nil end
|
569
|
+
exploithub = if plugin.exploit_framework_exploithub == "true" then "Yes" else nil end
|
570
|
+
d2elliot = if plugin.exploit_framework_d2_elliot == "true" then "Yes" else nil end
|
571
|
+
|
572
|
+
results.push [name, total, core, metasploit, canvas, exploithub, d2elliot]
|
573
|
+
end
|
574
|
+
|
575
|
+
return results
|
576
|
+
end
|
514
577
|
end
|
515
578
|
end
|
516
579
|
end
|