risu 1.7.5 → 1.7.6

data/lib/risu/models/hostproperty.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/individualpluginselection.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/item.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -96,20 +96,23 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def critical_risks_unique_sorted
-					select("items.*").select("count(*) as count_all").where(:severity => 4).group(:plugin_id).order("count_all DESC")
+					#Item.select("items.*").select("count(*) as count_all").where(:severity => 4).group(:plugin_id).order("count_all DESC")
+					Item.where(:severity => 4).group(:plugin_id).order('count(*) desc')
 				end
 
 				# Queries for all the unique high findings and sorts them by count
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def high_risks_unique_sorted
-					select("items.*").select("count(*) as count_all").where(:severity => 3).group(:plugin_id).order("count_all DESC")
+					Item.where(:severity => 3).group(:plugin_id).order('count(*) desc')
+					#select("items.*").select("count(*) as count_all").where(:severity => 3).group(:plugin_id).order("count_all DESC")
 				end
 
 				# Queries for all the unique medium risks in the database
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def medium_risks_unique
+
 					where(:severity => 2).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
 				end
 
@@ -117,7 +120,8 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def medium_risks_unique_sorted
-					select("items.*").select("count(*) as count_all").where(:severity => 2).group(:plugin_id).order("count_all DESC")
+					Item.where(:severity => 2).group(:plugin_id).order('count(*) desc')
+					#select("items.*").select("count(*) as count_all").where(:severity => 2).group(:plugin_id).order("count_all DESC")
 				end
 
 				# Queries for all the unique low risks in the database
@@ -151,6 +155,7 @@ module Risu
 
 				# Queries for all the risks grouped by service type, used for the Vulnerabilities by Service graph
 				#
+				# @TODO rewrite
 				# @return [ActiveRecord::Relation] with the query results
 				def risks_by_service(limit=10)
 					select("items.*").select("count(*) as count_all").where("svc_name != 'unknown' and svc_name != 'general'").group(:svc_name).order("count_all DESC").limit(limit)
@@ -158,6 +163,7 @@ module Risu
 
 				# Queries for all the Critical risks by plugin
 				#
+				# @TODO rewrite
 				# @param limit Limits the result to a specific number, default 10
 				#
 				# @return [ActiveRecord::Relation] with the query results
@@ -167,11 +173,14 @@ module Risu
 
 				# Queries for all the Critical risks by host
 				#
+				# @deprecated This function shouldn't be used it has been replaced by critical_risks_by_host
+				#
 				# @param limit Limits the result to a specific number, default 10
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def risks_by_host(limit=10)
-					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
+					#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
+					Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order('count(*) desc').limit(limit)
 				end
 
 				# Queries for all the Critical risks by host
@@ -180,7 +189,8 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def critical_risks_by_host(limit=10)
-					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
+					#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
+					Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order('count(*) desc').limit(limit)
 				end
 
 				# Queries for all the High risks by host
@@ -189,7 +199,9 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def high_risks_by_host(limit=10)
-					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 3).group(:host_id).order("count_all DESC").limit(limit)
+					#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 3).group(:host_id).order("count_all DESC").limit(limit)
+
+					Item.joins(:host).where.not(plugin_id: 1).where(:severity => 3).group(:host_id).order('count(*) desc').limit(limit)
 				end
 
 				# Queries for all the Medium risks by host
@@ -198,7 +210,8 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def medium_risks_by_host(limit=10)
-					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 2).group(:host_id).order("count_all DESC").limit(limit)
+					#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 2).group(:host_id).order("count_all DESC").limit(limit)
+					Item.joins(:host).where.not(plugin_id: 1).where(:severity => 2).group(:host_id).order('count(*) desc').limit(limit)
 				end
 
 				# Queries for all the Low risks by host
@@ -207,7 +220,8 @@ module Risu
 				#
 				# @return [ActiveRecord::Relation] with the query results
 				def low_risks_by_host(limit=10)
-					select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 1).group(:host_id).order("count_all DESC").limit(limit)
+					#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 1).group(:host_id).order("count_all DESC").limit(limit)
+					Item.joins(:host).where.not(plugin_id: 1).where(:severity => 1).group(:host_id).order('count(*) desc').limit(limit)
 				end
 
 				# Queries for all the hosts with the Microsoft patch summary plugin (38153)
@@ -228,6 +242,7 @@ module Risu
 				#
 				# @param limit Limits the result to a specific number, default 10
 				#
+				# @deprecated
 				# @return [StringIO] Object containing the generated PNG image
 				def risks_by_service_graph(limit=10)
 					g = Gruff::Pie.new(GRAPH_WIDTH)
@@ -248,6 +263,7 @@ module Risu
 
 				# Generates text for the Risks by Service graph
 				#
+				# @deprecated
 				# @return [String] Text based on the Risks by Service graph
 				def risks_by_service_graph_text
 					"This graph is a representation of the findings found by service. This graph can help " +
@@ -257,6 +273,7 @@ module Risu
 
 				# Generates a Graph of all the risks by severity
 				#
+				# @deprecated
 				# @return [StringIO] Object containing the generated PNG image
 				def risks_by_severity_graph
 					g = Gruff::Bar.new(GRAPH_WIDTH)
@@ -299,6 +316,7 @@ module Risu
 
 				# Generates a Graph of all the risks by severity
 				#
+				# @deprecated
 				# @return [StringIO] Object containing the generated PNG image
 				def stigs_severity_graph
 					g = Gruff::Bar.new(GRAPH_WIDTH)
@@ -328,6 +346,7 @@ module Risu
 				# Calculates a vulnerable host percent based on Critical and High findings
 				# (unique_vuln_crit_high_count / host_count) * 100
 				#
+				# @deprecated
 				# @return [FixNum] Percentage of vulnerable hosts
 				def calculate_vulnerable_host_percent
 					#patch to fix double counting
@@ -336,7 +355,8 @@ module Risu
 					host_percent = (unique_hosts_with_critical_and_high.to_f / Host.count.to_f) * 100
 				end
 
-				# @todo w t f
+				# @TODO w t f
+				# @deprecated
 				def calculate_vulnerable_host_percent_with_patches_applied
 
 					exclude_list = []
@@ -364,6 +384,7 @@ module Risu
 				#
 				# @param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}
 				#
+				# @deprecated
 				# @return [String] Textual representation of the risk_percent
 				def adjective_for_risk_text risk_percent
 					adjective = case risk_percent
@@ -384,6 +405,7 @@ module Risu
 				#
 				# @param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}
 				#
+				# @deprecated
 				# @return [String] Sentence describing the implied significance of the risk_percent
 				def risk_text risk_percent
 					percent_text = case risk_percent
@@ -404,8 +426,9 @@ module Risu
 					end
 				end
 
-				# @todo change Report.title to a real variable
-				# @todo rewrite this
+				# @TODO change Report.title to a real variable
+				# @TODO rewrite this
+				# @deprecated
 				def risks_by_severity_graph_text
 					host_percent = calculate_vulnerable_host_percent()
 					adjective = adjective_for_risk_text(host_percent)
@@ -439,24 +462,29 @@ module Risu
 					return graph_text
 				end
 
+				# @deprecated
 				def risk_percent_rounded_text
 					"#{calculate_vulnerable_host_percent().round}%"
 				end
 
+				# @deprecated
 				def risk_percent_patched_rounded_text
 					"#{calculate_vulnerable_host_percent_with_patches_applied().round}%"
 				end
 
+				# @deprecated
 				def risk_percent_text
 					"%.2f%" % calculate_vulnerable_host_percent()
 				end
 
+				# @deprecated
 				def risk_percent_patched_text
 					"%.2f%" % calculate_vulnerable_host_percent_with_patches_applied()
 				end
 
 				#
-				# @todo comment
+				# @TODO comment
+				# @FIXME this doesn't work with PostProcess plugins
 				#
 				def notable_order_by_cvss_raw
 
@@ -537,8 +565,8 @@ module Risu
 
 				# Returns a prawn pdf table for the top 10 notable findings
 				#
-				# @todo change this method to return a array/table and let the template render it
-				# @todo rename to notable_table also
+				# @TODO change this method to return a array/table and let the template render it
+				# @TODO rename to notable_table also
 				#
 				# @param output device to write the table to
 				def top_10_table(output)

data/lib/risu/models/patch.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/plugin.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -104,7 +104,7 @@ module Risu
 						plugin_name = Plugin.find_by_id(plugin.plugin_id).plugin_name
 
 						#We need to filter the names a little to make everything look nice on the graph
-						#@todo this concept should be added to the database via a yaml file
+						#@TODO this concept should be added to the database via a yaml file
 						plugin_name = case plugin.plugin_id
 							when 35362 then plugin_name.split(":")[0]
 							when 34477 then plugin_name.split(":")[0]

data/lib/risu/models/pluginspreference.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/policy.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/reference.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -34,6 +34,7 @@ module Risu
 			class << self
 
 				#Generates a full string of all the references
+				# @TODO automate references to parser references to see if all are covered
 				#
 				# @returns [String] of all the references with in-line formatting for
 				# direct output to the report
@@ -219,7 +220,7 @@ module Risu
 				def apple_sa
 					where(:reference_name => "apple-sa").select('DISTINCT value')
 				end
-				
+
 				#
 				#
 				def icsa
@@ -236,7 +237,7 @@ module Risu
 				#
 				def usn
 					where(:reference_name => "usn").select('DISTINCT value')
-				end	
+				end
 			end
 		end
 	end

data/lib/risu/models/report.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -44,7 +44,7 @@ module Risu
 				end
 
 				#
-				# @todo comment this
+				# @TODO comment this
 				#
 				def scanner_nessus_ratings_text
 					text = "The vulnerability scanner used by #{Report.company} rates the findings as follows: Critical, High, Medium, Low and Informational. High findings represents a security hole, initially this is the highest rating a risk can get.  These generally represent vulnerabilities that can lead to full system compromise due to missing security patches. High findings should be re-mediated first as they generally leave the network wide open. Medium findings are considered a security warning; these are not as severe as high but should be evaluated on a risk-by-risk basis. These are typically configuration errors that can lead to information disclosures such as usernames, passwords, and configuration settings. Low findings are identified as security notes; these provide information the scanner discovered during the scanning process. The information includes items such as hostname, domain name, and MAC address. Open Port findings represent the open ports on each system that the scanner found during the scan process. These should be evaluated against firewall settings to test the firewall configurations.\n\n"

data/lib/risu/models/serverpreference.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/servicedescription.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/models/version.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/parsers.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/risu/parsers/nessus/nessus_document.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -30,10 +30,12 @@ module Risu
 
 			# A Object to represents the Nessus XML file in memory
 			class NessusDocument
+				attr_accessor :new_tags
 
 				# Creates a instance of the NessusDocument class
 				def initialize document
 					@document = document
+					@new_tags = Array.new
 				end
 
 				# Checks the validness of a NessusDocument
@@ -70,6 +72,10 @@ module Risu
 					@parser = LibXML::XML::SaxParser.file @document
 					@parser.callbacks = NessusSaxListener.new
 					@parser.parse
+
+					#require 'pry'
+					#binding.pry
+					@new_tags == @parser.callbacks.new_tags
 				end
 
 				# Fixes the ip field if nil and replaces it with the name if its an ip

data/lib/risu/parsers/nessus/nessus_sax_listener.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -36,6 +36,8 @@ module Risu
 			class NessusSaxListener
 				include LibXML::XML::SaxParser::Callbacks
 
+				attr_accessor :new_tags
+
 				# An array of valid reference element names
 				VALID_REFERENCES = Set.new(%w[
 					cpe bid see_also xref cve iava msft
@@ -157,6 +159,7 @@ module Risu
 				# vals tracks state for elements encountered during parsing
 				def initialize
 					@vals = Hash.new
+					@new_tags = Array.new
 				end
 
 				# Callback for when the start of a XML element is reached
@@ -168,7 +171,7 @@ module Risu
 					@vals[@tag] = ""
 
 					if !VALID_ELEMENTS.include?(element)
-						puts "New XML element detected: #{element}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}"
+						@new_tags << "New XML element detected: #{element}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}"
 					end
 
 					if DYNAMIC_START_METHOD_NAMES.key?(element)
@@ -258,7 +261,7 @@ module Risu
 					if attributes["name"] !~ /(netstat-(?:established|listen)-(?:tcp|udp)\d+-\d+)/ \
 							&& attributes["name"] !~ /traceroute-hop-\d+/ \
 							&& @attr.nil?
-						puts "New HostProperties attribute: #{attributes["name"]}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}\n"
+						@new_tags << "New HostProperties attribute: #{attributes["name"]}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}\n"
 					end
 				end
 
@@ -375,7 +378,6 @@ module Risu
 						:cm_compliance_check_name => @vals["cm:compliance-check-name"],
 						:cm_compliance_result => @vals["cm:compliance-result"],
 						:cm_compliance_output => @vals["cm:compliance-output"],
-
 						:cm_compliance_reference => @vals["cm:compliance-reference"],
 						:cm_compliance_see_also => @vals["cm:compliance-see-also" ],
 						:cm_compliance_solution => @vals["cm:compliance-solution"]

data/lib/risu/parsers/nessus/postprocess.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -27,7 +27,7 @@
 module Risu
 	module Nessus
 		module PostProcess
-
+			#@TODO move PostProcessing to Risu:PostProcess
 		end
 	end
 end

data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2015 Arxopia LLC.
+# Copyright (c) 2010-2016 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without