risu 1.7.6 → 1.7.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +0 -16
- data/README.markdown +1 -1
- data/Rakefile +10 -3
- data/{NEWS.markdown → docs/NEWS.markdown} +10 -0
- data/lib/risu/base.rb +1 -0
- data/lib/risu/base/graph_template_helper.rb +1 -1
- data/lib/risu/base/host_template_helper.rb +1 -1
- data/lib/risu/base/malware_template_helper.rb +62 -4
- data/lib/risu/base/post_process_manager.rb +1 -1
- data/lib/risu/base/scan_helper.rb +77 -0
- data/lib/risu/base/schema.rb +1 -3
- data/lib/risu/base/shares_template_helper.rb +47 -21
- data/lib/risu/base/template_helper.rb +3 -2
- data/lib/risu/base/template_manager.rb +3 -5
- data/lib/risu/cli/application.rb +2 -2
- data/lib/risu/cli/banner.rb +18 -0
- data/lib/risu/models/host.rb +58 -64
- data/lib/risu/models/item.rb +1 -0
- data/lib/risu/models/plugin.rb +7 -1
- data/lib/risu/models/report.rb +2 -2
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +4 -2
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +4 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +10 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +6 -1
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +4 -0
- data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +58 -0
- data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +63 -0
- data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +62 -0
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +1 -0
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +11 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +16 -1
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +58 -0
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +3 -0
- data/lib/risu/parsers/nessus/postprocess/irfanview.rb +51 -0
- data/lib/risu/parsers/nessus/postprocess/java.rb +7 -0
- data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/openoffice.rb +56 -0
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +10 -0
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +2 -0
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +9 -3
- data/lib/risu/parsers/nessus/postprocess/php.rb +8 -0
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +7 -1
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +3 -0
- data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +15 -0
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +8 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +11 -0
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +2 -0
- data/lib/risu/parsers/nessus/postprocess/windows.rb +140 -3
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +11 -0
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +0 -3
- data/lib/risu/renderers/csvrenderer.rb +2 -1
- data/lib/risu/templates/authentication_summary.rb +95 -0
- data/lib/risu/templates/findings_summary.rb +7 -3
- data/lib/risu/templates/findings_summary_with_pluginid.rb +12 -6
- data/lib/risu/templates/host_findings_csv.rb +14 -5
- data/lib/risu/templates/malicious_process_detection.rb +1 -5
- data/lib/risu/templates/notable_detailed.rb +4 -9
- data/lib/risu/templates/technical_findings.rb +3 -3
- data/lib/risu/templates/top_25.rb +5 -4
- data/lib/risu/version.rb +2 -2
- data/risu.gemspec +11 -11
- metadata +41 -33
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2012-
|
1
|
+
# Copyright (c) 2012-2016 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -31,6 +31,7 @@ module Risu
|
|
31
31
|
include MalwareTemplateHelper
|
32
32
|
include GraphTemplateHelper
|
33
33
|
include SharesTemplateHelper
|
34
|
+
include ScanHelper
|
34
35
|
|
35
36
|
#
|
36
37
|
def report_classification classification=Report.classification.upcase, newline=true
|
@@ -139,7 +140,7 @@ module Risu
|
|
139
140
|
def item_count_by_plugin_name (plugin_name)
|
140
141
|
begin
|
141
142
|
return Item.where(:plugin_id => Plugin.where(:plugin_name => plugin_name).first.id).count
|
142
|
-
rescue => e
|
143
|
+
rescue # => e
|
143
144
|
return 0
|
144
145
|
end
|
145
146
|
end
|
@@ -43,7 +43,7 @@ module Risu
|
|
43
43
|
|
44
44
|
load_templates(base_dir + path)
|
45
45
|
load_templates(Dir.pwd, false)
|
46
|
-
load_templates(File.expand_path(USER_TEMPLATES_DIR)) if File.
|
46
|
+
load_templates(File.expand_path(USER_TEMPLATES_DIR)) if File.exist?(File.expand_path(USER_TEMPLATES_DIR)) && File.directory?(File.expand_path(USER_TEMPLATES_DIR))
|
47
47
|
end
|
48
48
|
|
49
49
|
# Loads templates from a specific path
|
@@ -57,7 +57,7 @@ module Risu
|
|
57
57
|
Dir[search_path].each do |x|
|
58
58
|
begin
|
59
59
|
require x
|
60
|
-
rescue
|
60
|
+
rescue
|
61
61
|
next
|
62
62
|
end
|
63
63
|
end
|
@@ -67,10 +67,8 @@ module Risu
|
|
67
67
|
@registered_templates << p if @registered_templates.include?(p) == false
|
68
68
|
end
|
69
69
|
end
|
70
|
-
rescue
|
70
|
+
rescue
|
71
71
|
puts "[!] Invalid template path"
|
72
|
-
#puts e.inspect
|
73
|
-
#puts e.backtrace
|
74
72
|
end
|
75
73
|
end
|
76
74
|
|
data/lib/risu/cli/application.rb
CHANGED
@@ -75,7 +75,7 @@ module Risu
|
|
75
75
|
# @param file Path to configuration file
|
76
76
|
# @param in_memory_config [Boolean] If the configuration is in memory
|
77
77
|
def load_config(file=CONFIG_FILE, in_memory_config=false)
|
78
|
-
if File.
|
78
|
+
if File.exist?(file) == true or in_memory_config == true
|
79
79
|
begin
|
80
80
|
if in_memory_config
|
81
81
|
yaml = YAML::load(file)
|
@@ -452,7 +452,7 @@ module Risu
|
|
452
452
|
puts "[*] Parsing #{file}..."
|
453
453
|
tstart = Time.new
|
454
454
|
|
455
|
-
if File.
|
455
|
+
if File.exist?(file) == false
|
456
456
|
raise Risu::Exceptions::InvalidDocument, "[!] Document does not exist - #{file}"
|
457
457
|
end
|
458
458
|
|
data/lib/risu/cli/banner.rb
CHANGED
@@ -58,6 +58,24 @@ module Risu
|
|
58
58
|
_/ _/ _/_/_/ _/_/_/
|
59
59
|
|
60
60
|
|
61
|
+
',
|
62
|
+
'
|
63
|
+
/| |\
|
64
|
+
|| ( * ) ||
|
65
|
+
\| |/
|
66
|
+
\\\\\\\|////
|
67
|
+
|||||
|
68
|
+
|||||
|
69
|
+
||||| The Eye of Sauron
|
70
|
+
||||| is on your network..
|
71
|
+
|||||
|
72
|
+
|||||
|
73
|
+
||||| You cannot hide...
|
74
|
+
||||| I see you....
|
75
|
+
|||||
|
76
|
+
|||||
|
77
|
+
_|||||_
|
78
|
+
///|||\\\\\
|
61
79
|
',
|
62
80
|
'
|
63
81
|
o
|
data/lib/risu/models/host.rb
CHANGED
@@ -36,17 +36,6 @@ module Risu
|
|
36
36
|
|
37
37
|
class << self
|
38
38
|
|
39
|
-
#
|
40
|
-
#
|
41
|
-
#
|
42
|
-
#def hosts_with_blacklist blacklist_hosts_id
|
43
|
-
# if blacklist_host_id == nil
|
44
|
-
# where("id != ?", blacklist_host_id).count
|
45
|
-
# else
|
46
|
-
# count
|
47
|
-
# end
|
48
|
-
#end
|
49
|
-
|
50
39
|
# Sorts all of the hosts where the ip address is not null
|
51
40
|
#
|
52
41
|
# @return [Array] With all the Ip's in sorted order
|
@@ -437,7 +426,7 @@ module Risu
|
|
437
426
|
|
438
427
|
Item.risks_by_host(limit).to_a.each do |item|
|
439
428
|
ip = Host.find_by_id(item.host_id).name
|
440
|
-
count = Item.where(:host_id => item.host_id).where(:severity => 4).
|
429
|
+
count = Item.where(:host_id => item.host_id).where(:severity => 4).size
|
441
430
|
|
442
431
|
if count > 0
|
443
432
|
g.data(ip, count)
|
@@ -513,15 +502,15 @@ module Risu
|
|
513
502
|
:background_colors => %w(white white)
|
514
503
|
}
|
515
504
|
|
516
|
-
linux = Host.os_linux.to_a.
|
517
|
-
osx = Host.os_osx.to_a.
|
518
|
-
freebsd = Host.os_freebsd.to_a.
|
519
|
-
netbsd = Host.os_netbsd.to_a.
|
520
|
-
cisco = Host.os_cisco.to_a.
|
521
|
-
vxworks = Host.os_vxworks.to_a.
|
522
|
-
esx = Host.os_vmware_esx.to_a.
|
523
|
-
aix = Host.os_aix.to_a.
|
524
|
-
other = Host.os_other.to_a.
|
505
|
+
linux = Host.os_linux.to_a.size
|
506
|
+
osx = Host.os_osx.to_a.size
|
507
|
+
freebsd = Host.os_freebsd.to_a.size
|
508
|
+
netbsd = Host.os_netbsd.to_a.size
|
509
|
+
cisco = Host.os_cisco.to_a.size
|
510
|
+
vxworks = Host.os_vxworks.to_a.size
|
511
|
+
esx = Host.os_vmware_esx.to_a.size
|
512
|
+
aix = Host.os_aix.to_a.size
|
513
|
+
other = Host.os_other.to_a.size
|
525
514
|
|
526
515
|
g.data("Linux", linux) unless linux == 0
|
527
516
|
g.data("OSX", osx) unless osx == 0
|
@@ -535,7 +524,7 @@ module Risu
|
|
535
524
|
|
536
525
|
#Creates very odd graphs
|
537
526
|
#Host.os_other.each do |host|
|
538
|
-
# g.data(host.os, Host.where(:os => host.os).
|
527
|
+
# g.data(host.os, Host.where(:os => host.os).size) unless host.os == nil
|
539
528
|
#end
|
540
529
|
|
541
530
|
StringIO.new(g.to_blob)
|
@@ -555,16 +544,17 @@ module Risu
|
|
555
544
|
:background_colors => %w(white white)
|
556
545
|
}
|
557
546
|
|
558
|
-
nt = Host.os_windows_nt.to_a.
|
559
|
-
w2k = Host.os_windows_2k.to_a.
|
560
|
-
xp = Host.os_windows_xp.to_a.
|
561
|
-
w2k3 = Host.os_windows_2k3.to_a.
|
562
|
-
vista = Host.os_windows_vista.to_a.
|
563
|
-
w2k8 = Host.os_windows_2k8.to_a.
|
564
|
-
w2k12 = Host.os_windows_2k12.to_a.
|
565
|
-
w7 = Host.os_windows_7.to_a.
|
566
|
-
w8 = Host.os_windows_8.to_a.
|
567
|
-
|
547
|
+
nt = Host.os_windows_nt.to_a.size
|
548
|
+
w2k = Host.os_windows_2k.to_a.size
|
549
|
+
xp = Host.os_windows_xp.to_a.size
|
550
|
+
w2k3 = Host.os_windows_2k3.to_a.size
|
551
|
+
vista = Host.os_windows_vista.to_a.size
|
552
|
+
w2k8 = Host.os_windows_2k8.to_a.size
|
553
|
+
w2k12 = Host.os_windows_2k12.to_a.size
|
554
|
+
w7 = Host.os_windows_7.to_a.size
|
555
|
+
w8 = Host.os_windows_8.to_a.size
|
556
|
+
w10 = Host.os_windows_10.to_a.size
|
557
|
+
other = (Host.os_windows.os_windows_other).to_a.size
|
568
558
|
|
569
559
|
g.data("NT", nt) if nt >= 1
|
570
560
|
g.data("2000", w2k) if w2k >= 1
|
@@ -575,6 +565,7 @@ module Risu
|
|
575
565
|
g.data("Server 2012", w2k12) if w2k12 >= 1
|
576
566
|
g.data("7", w7) if w7 >= 1
|
577
567
|
g.data("8", w8) if w8 >= 1
|
568
|
+
g.data("10", w10) if w10 >= 1
|
578
569
|
g.data("Other Windows", other) if other >= 1
|
579
570
|
|
580
571
|
StringIO.new(g.to_blob)
|
@@ -584,16 +575,17 @@ module Risu
|
|
584
575
|
#@TODO comment
|
585
576
|
#
|
586
577
|
def windows_os_graph_text
|
587
|
-
nt = Host.os_windows_nt.to_a.
|
588
|
-
w2k = Host.os_windows_2k.to_a.
|
589
|
-
xp = Host.os_windows_xp.to_a.
|
590
|
-
w2k3 = Host.os_windows_2k3.to_a.
|
591
|
-
vista = Host.os_windows_vista.to_a.
|
592
|
-
w2k8 = Host.os_windows_2k8.to_a.
|
593
|
-
w2k12 = Host.os_windows_2k12.to_a.
|
594
|
-
w7 = Host.os_windows_7.to_a.
|
595
|
-
w8 = Host.os_windows_8.to_a.
|
596
|
-
|
578
|
+
nt = Host.os_windows_nt.to_a.size
|
579
|
+
w2k = Host.os_windows_2k.to_a.size
|
580
|
+
xp = Host.os_windows_xp.to_a.size
|
581
|
+
w2k3 = Host.os_windows_2k3.to_a.size
|
582
|
+
vista = Host.os_windows_vista.to_a.size
|
583
|
+
w2k8 = Host.os_windows_2k8.to_a.size
|
584
|
+
w2k12 = Host.os_windows_2k12.to_a.size
|
585
|
+
w7 = Host.os_windows_7.to_a.size
|
586
|
+
w8 = Host.os_windows_8.to_a.size
|
587
|
+
w10 = Host.os_windows_10.to_a.size
|
588
|
+
other = (Host.os_windows.os_windows_other).to_a.size
|
597
589
|
|
598
590
|
windows_os_count = nt + w2k + xp + w2k3 + vista + w7 + w8 + w2k8 + w2k12 + other
|
599
591
|
|
@@ -606,6 +598,7 @@ module Risu
|
|
606
598
|
w2k8_percent = (w2k8.to_f / windows_os_count.to_f) * 100
|
607
599
|
w7_percent = (w7.to_f / windows_os_count.to_f) * 100
|
608
600
|
w8_percent = (w8.to_f / windows_os_count.to_f) * 100
|
601
|
+
w10_percent = (w10.to_f / windows_os_count.to_f) * 100
|
609
602
|
w2k12_percent = (w2k12.to_f / windows_os_count.to_f) * 100
|
610
603
|
|
611
604
|
text = "This graph shows the percentage of the different Microsoft Windows based operating systems " +
|
@@ -620,6 +613,7 @@ module Risu
|
|
620
613
|
text << "#{w2k8_percent.round.to_i}% of the network is Windows Server 2008. " if w2k8_percent >= 1
|
621
614
|
text << "#{w7_percent.round.to_i}% of the network is Windows 7. " if w7_percent >= 1
|
622
615
|
text << "#{w8_percent.round.to_i}% of the network is Windows 8. " if w8_percent >= 1
|
616
|
+
text << "#{w10_percent.round.to_i}% of the network is Windows 10. " if w10_percent >= 1
|
623
617
|
text << "#{w2k12_percent.round.to_i}% of the network is Windows Server 20012. " if w2k12_percent >= 1
|
624
618
|
|
625
619
|
text << "\n\n" << unsupported_os_windows if nt > 0 or w2k > 0
|
@@ -688,25 +682,25 @@ module Risu
|
|
688
682
|
#Host.os_windows.not_os_windows_7.not_os_windows_2008.not_os_windows_vista.not_os_windows_2003.not_os_windows_xp
|
689
683
|
|
690
684
|
win_95_text = "Windows 95 is an unsupported operating system; Microsoft has stopped support as of December 2001. " +
|
691
|
-
"Please see http://en.wikipedia.org/wiki/Windows_95 for more information.\n\n" if win_95.
|
685
|
+
"Please see http://en.wikipedia.org/wiki/Windows_95 for more information.\n\n" if win_95.size >= 1
|
692
686
|
|
693
687
|
win_98_text = "Windows 98 is an unsupported operating system; Microsoft has stopped support as of July 2006. " +
|
694
|
-
"Please see http://support.microsoft.com/gp/lifean18 for more information.\n\n" if win_98.
|
688
|
+
"Please see http://support.microsoft.com/gp/lifean18 for more information.\n\n" if win_98.size >= 1
|
695
689
|
|
696
690
|
win_me_text = "Windows Millennium is an unsupported operating system; Microsoft has stopped support as of July 2006. " +
|
697
|
-
"Please see http://support.microsoft.com/gp/lifean18 for more information.\n\n" if win_me.
|
691
|
+
"Please see http://support.microsoft.com/gp/lifean18 for more information.\n\n" if win_me.size >= 1
|
698
692
|
|
699
693
|
win_nt_text = "Windows NT is an unsupported operating system; Microsoft has stopped support as of December 2004. " +
|
700
|
-
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_nt.
|
694
|
+
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_nt.size >= 1
|
701
695
|
|
702
696
|
win_2000_text = "Windows 2000 is an unsupported operating system; Microsoft has stopped support as of July 2010. " +
|
703
|
-
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_2000.
|
697
|
+
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_2000.size >= 1
|
704
698
|
|
705
699
|
win_xp_text = "Windows XP is an unsupported operating system; Microsoft has stopped support as of April 2014. " +
|
706
|
-
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_xp.
|
700
|
+
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_xp.size >= 1
|
707
701
|
|
708
702
|
win_2003_text = "Windows 2003 is an unsupported operating system; Microsoft has stopped support as of July 2015. " +
|
709
|
-
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_2003.
|
703
|
+
"Please see http://windows.microsoft.com/en-us/windows/products/lifecycle for more information.\n\n" if win_2003.size >= 1
|
710
704
|
|
711
705
|
return "#{win_95_text}#{win_98_text}#{win_me_text}#{win_nt_text}#{win_2000_text}#{win_xp_text}#{win_2003_text}"
|
712
706
|
end
|
@@ -719,7 +713,7 @@ module Risu
|
|
719
713
|
|
720
714
|
text = "AIX 5.x is an unsupported operating system since IBM has stopped support as of April 2011. " +
|
721
715
|
"Please see http://www-03.ibm.com/systems/power/software/aix/ for more information " +
|
722
|
-
"about obtaining a newer supported version.\n\n" if aix.
|
716
|
+
"about obtaining a newer supported version.\n\n" if aix.size >= 1
|
723
717
|
|
724
718
|
return text
|
725
719
|
end
|
@@ -731,7 +725,7 @@ module Risu
|
|
731
725
|
freebsd = Host.os_freebsd.where("OS LIKE 'FreeBSD 5.%'")
|
732
726
|
|
733
727
|
text = "FreeBSD 5 support ended on 2008-05-31. Upgrade to FreeBSD 8.2 or 7.4. For more information, " +
|
734
|
-
"see : http://www.freebsd.org/security/\n\n" if freebsd.
|
728
|
+
"see : http://www.freebsd.org/security/\n\n" if freebsd.size >= 1
|
735
729
|
|
736
730
|
return text
|
737
731
|
end
|
@@ -743,15 +737,15 @@ module Risu
|
|
743
737
|
text = "This graph shows the percentage of the different Non-Windows based operating systems " +
|
744
738
|
"found on the #{Report.title} network.\n\n"
|
745
739
|
|
746
|
-
linux = Host.os_linux.to_a.
|
747
|
-
osx = Host.os_osx.to_a.
|
748
|
-
freebsd = Host.os_freebsd.to_a.
|
749
|
-
netbsd = Host.os_netbsd.to_a.
|
750
|
-
cisco = Host.os_cisco.to_a.
|
751
|
-
vxworks = Host.os_vxworks.to_a.
|
752
|
-
esx = Host.os_vmware_esx.to_a.
|
753
|
-
aix = Host.os_aix.to_a.
|
754
|
-
other = Host.os_other.to_a.
|
740
|
+
linux = Host.os_linux.to_a.size
|
741
|
+
osx = Host.os_osx.to_a.size
|
742
|
+
freebsd = Host.os_freebsd.to_a.size
|
743
|
+
netbsd = Host.os_netbsd.to_a.size
|
744
|
+
cisco = Host.os_cisco.to_a.size
|
745
|
+
vxworks = Host.os_vxworks.to_a.size
|
746
|
+
esx = Host.os_vmware_esx.to_a.size
|
747
|
+
aix = Host.os_aix.to_a.size
|
748
|
+
other = Host.os_other.to_a.size
|
755
749
|
|
756
750
|
other_os_count = linux + osx + freebsd + netbsd + cisco + vxworks + esx + aix + other
|
757
751
|
|
@@ -777,7 +771,7 @@ module Risu
|
|
777
771
|
# @TODO comments
|
778
772
|
#
|
779
773
|
def top_n_vulnerable(n)
|
780
|
-
hosts = Item.risks_by_host(Host.count).
|
774
|
+
hosts = Item.risks_by_host(Host.count).size
|
781
775
|
hosts = hosts.sort_by {|k, v| v}
|
782
776
|
hosts.reverse!
|
783
777
|
|
@@ -811,19 +805,19 @@ module Risu
|
|
811
805
|
# @TODO
|
812
806
|
def unique_hosts_with_critical_and_high_count
|
813
807
|
hosts = Array.new
|
814
|
-
crit = Item.critical_risks_by_host(Host.all.
|
808
|
+
crit = Item.critical_risks_by_host(Host.all.size)
|
815
809
|
|
816
810
|
crit.each do |item|
|
817
811
|
hosts.push(item.host_id)
|
818
812
|
end
|
819
813
|
|
820
|
-
high = Item.high_risks_by_host(Host.all.
|
814
|
+
high = Item.high_risks_by_host(Host.all.size)
|
821
815
|
|
822
816
|
high.each do |item|
|
823
817
|
hosts.push(item.host_id)
|
824
818
|
end
|
825
819
|
|
826
|
-
hosts.uniq.
|
820
|
+
hosts.uniq.size
|
827
821
|
end
|
828
822
|
end
|
829
823
|
end
|
data/lib/risu/models/item.rb
CHANGED
@@ -494,6 +494,7 @@ module Risu
|
|
494
494
|
#return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
495
495
|
|
496
496
|
critical = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
497
|
+
#critical = Item.joins(:plugin).where(:severity => 4).group(:plugin_id).distinct.count
|
497
498
|
|
498
499
|
if critical.size < 10
|
499
500
|
high = Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
data/lib/risu/models/plugin.rb
CHANGED
@@ -87,6 +87,12 @@ module Risu
|
|
87
87
|
where(:risk_factor => "None")
|
88
88
|
end
|
89
89
|
|
90
|
+
# TODO doc
|
91
|
+
#
|
92
|
+
def in_the_news
|
93
|
+
where(:in_the_news => true)
|
94
|
+
end
|
95
|
+
|
90
96
|
# Creates a graph based on the top plugins sorted by count
|
91
97
|
#
|
92
98
|
# @return Filename of the created graph
|
@@ -140,7 +146,7 @@ module Risu
|
|
140
146
|
g.data('Vendor Support', Plugin.where(:root_cause => 'Vendor Support').count)
|
141
147
|
g.data('Configuration', Plugin.where(:root_cause => 'Configuration').count)
|
142
148
|
|
143
|
-
StringIO.new(g.to_blob)
|
149
|
+
StringIO.new(g.to_blob)
|
144
150
|
end
|
145
151
|
|
146
152
|
def root_cause_graph_text
|
data/lib/risu/models/report.rb
CHANGED
@@ -44,10 +44,10 @@ module Risu
|
|
44
44
|
end
|
45
45
|
|
46
46
|
#
|
47
|
-
# @TODO comment this
|
47
|
+
# @TODO comment this / rewrite this
|
48
48
|
#
|
49
49
|
def scanner_nessus_ratings_text
|
50
|
-
text = "The vulnerability scanner used by #{Report.company} rates the findings as follows: Critical, High, Medium, Low and Informational.
|
50
|
+
text = "The vulnerability scanner used by #{Report.company} rates the findings as follows: Critical, High, Medium, Low and Informational. Critical findings represent a security hole, this is the highest rating a risk can get. These generally represent vulnerabilities that can lead to full system compromise due to missing security patches. Critical findings should be re-mediated first as they generally leave the network wide open. High findings are slightly less severe than Critical findings but the severity depends on the calculated CVSS base score. Medium findings are considered a security warning; these are not as severe as high but should be evaluated on a risk-by-risk basis. These are typically configuration errors that can lead to information disclosures such as usernames, passwords, and configuration settings. Low findings are identified as security notes; these provide information the scanner discovered during the scanning process. The information includes items such as hostname, domain name, and MAC address. Open Port findings represent the open ports on each system that the scanner found during the scan process. These should be evaluated against firewall settings to test the firewall configurations.\n\n"
|
51
51
|
text << "After the scanner is complete, the scanner evaluates each finding and bases it on the Common Vulnerability Scoring System (CVSS) score assigned to each finding. Any findings with a CVSS base score of 10 are upgraded to a Critical finding. These represent vulnerabilities that are trivial to gain administrator access to the system, with little to no effort. For more information on the CVSS scoring system please visit: http://nvd.nist.gov/cvss.cfm.\n\n"
|
52
52
|
|
53
53
|
return text
|
@@ -398,7 +398,7 @@ module Risu
|
|
398
398
|
:cvss_temporal_vector => @vals["cvss_temporal_vector"],
|
399
399
|
:exploitability_ease => @vals["exploitability_ease"],
|
400
400
|
:exploit_framework_core => @vals["exploit_framework_core"],
|
401
|
-
:exploit_available => @vals["exploit_available"],
|
401
|
+
:exploit_available => @vals["exploit_available"] == "true",
|
402
402
|
:exploit_framework_metasploit => @vals["exploit_framework_metasploit"],
|
403
403
|
:metasploit_name => @vals["metasploit_name"],
|
404
404
|
:exploit_framework_canvas => @vals["exploit_framework_canvas"],
|
@@ -411,7 +411,9 @@ module Risu
|
|
411
411
|
:script_version => @vals["script_version"],
|
412
412
|
:exploited_by_malware => @vals["exploited_by_malware"],
|
413
413
|
:compliance => @vals["compliance"],
|
414
|
-
:agent => @vals["agent"]
|
414
|
+
:agent => @vals["agent"],
|
415
|
+
:in_the_news => @vals["in_the_news"]
|
416
|
+
|
415
417
|
)
|
416
418
|
end
|
417
419
|
|