risu 1.7.8 → 1.7.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +72 -65
- data/README.markdown +2 -5
- data/docs/NEWS.markdown +7 -2
- data/lib/risu/base/schema.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +11 -0
- data/lib/risu/templates/findings_host.rb +2 -3
- data/lib/risu/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4323f4148eb935a7f7fbe855eac75da1e721f5c4
|
4
|
+
data.tar.gz: a2e2f82eb2a95c8459a785ba92bcd260a758935c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c7b1dd24e54f291b8fc317e6f05945dd16b2cc7190d28b4aa8ce602fceceb6e81151ba74459c5b7377722928cdac1ced1f49cf0384273d89a0dc2cebb683ce73
|
7
|
+
data.tar.gz: 8a580555cf942fe6b7f3964ec11024911e83d7958e056d7f559bc4b35d3762debf997c1b61ec475b105386709bb242b27b32f73474680403ab04091a73eb2d69
|
data/Gemfile.lock
CHANGED
@@ -1,49 +1,50 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
risu (1.7.
|
5
|
-
gruff (~> 0.
|
6
|
-
libxml-ruby (~> 2.
|
7
|
-
mysql2 (~> 0.4, >= 0.4.
|
8
|
-
nokogiri (~> 1.6, >= 1.6.
|
9
|
-
prawn (~> 2.0, >= 2.0
|
4
|
+
risu (1.7.8)
|
5
|
+
gruff (~> 0.7, >= 0.7.0)
|
6
|
+
libxml-ruby (~> 2.9, >= 2.9.0)
|
7
|
+
mysql2 (~> 0.4, >= 0.4.4)
|
8
|
+
nokogiri (~> 1.6, >= 1.6.8)
|
9
|
+
prawn (~> 2.0, >= 2.1.0)
|
10
10
|
prawn-table (~> 0.2, >= 0.2.2)
|
11
|
-
rails (~> 4.2, >= 4.2.
|
11
|
+
rails (~> 4.2, >= 4.2.6)
|
12
12
|
rmagick (~> 2.15, >= 2.15.4)
|
13
13
|
sqlite3 (~> 1.3, >= 1.3.11)
|
14
14
|
|
15
15
|
GEM
|
16
|
+
remote: https://rubygems.org/
|
16
17
|
specs:
|
17
|
-
actionmailer (4.2.
|
18
|
-
actionpack (= 4.2.
|
19
|
-
actionview (= 4.2.
|
20
|
-
activejob (= 4.2.
|
18
|
+
actionmailer (4.2.6)
|
19
|
+
actionpack (= 4.2.6)
|
20
|
+
actionview (= 4.2.6)
|
21
|
+
activejob (= 4.2.6)
|
21
22
|
mail (~> 2.5, >= 2.5.4)
|
22
23
|
rails-dom-testing (~> 1.0, >= 1.0.5)
|
23
|
-
actionpack (4.2.
|
24
|
-
actionview (= 4.2.
|
25
|
-
activesupport (= 4.2.
|
24
|
+
actionpack (4.2.6)
|
25
|
+
actionview (= 4.2.6)
|
26
|
+
activesupport (= 4.2.6)
|
26
27
|
rack (~> 1.6)
|
27
28
|
rack-test (~> 0.6.2)
|
28
29
|
rails-dom-testing (~> 1.0, >= 1.0.5)
|
29
30
|
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
30
|
-
actionview (4.2.
|
31
|
-
activesupport (= 4.2.
|
31
|
+
actionview (4.2.6)
|
32
|
+
activesupport (= 4.2.6)
|
32
33
|
builder (~> 3.1)
|
33
34
|
erubis (~> 2.7.0)
|
34
35
|
rails-dom-testing (~> 1.0, >= 1.0.5)
|
35
36
|
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
36
|
-
activejob (4.2.
|
37
|
-
activesupport (= 4.2.
|
37
|
+
activejob (4.2.6)
|
38
|
+
activesupport (= 4.2.6)
|
38
39
|
globalid (>= 0.3.0)
|
39
|
-
activemodel (4.2.
|
40
|
-
activesupport (= 4.2.
|
40
|
+
activemodel (4.2.6)
|
41
|
+
activesupport (= 4.2.6)
|
41
42
|
builder (~> 3.1)
|
42
|
-
activerecord (4.2.
|
43
|
-
activemodel (= 4.2.
|
44
|
-
activesupport (= 4.2.
|
43
|
+
activerecord (4.2.6)
|
44
|
+
activemodel (= 4.2.6)
|
45
|
+
activesupport (= 4.2.6)
|
45
46
|
arel (~> 6.0)
|
46
|
-
activesupport (4.2.
|
47
|
+
activesupport (4.2.6)
|
47
48
|
i18n (~> 0.7)
|
48
49
|
json (~> 1.7, >= 1.7.7)
|
49
50
|
minitest (~> 5.1)
|
@@ -51,45 +52,50 @@ GEM
|
|
51
52
|
tzinfo (~> 1.1)
|
52
53
|
arel (6.0.3)
|
53
54
|
builder (3.2.2)
|
55
|
+
concurrent-ruby (1.0.2)
|
54
56
|
docile (1.1.5)
|
55
57
|
erubis (2.7.0)
|
56
58
|
globalid (0.3.6)
|
57
59
|
activesupport (>= 4.1.0)
|
58
|
-
gruff (0.
|
59
|
-
rmagick (>= 2.13.4)
|
60
|
+
gruff (0.7.0)
|
61
|
+
rmagick (~> 2.13, >= 2.13.4)
|
60
62
|
i18n (0.7.0)
|
61
63
|
json (1.8.3)
|
62
|
-
libxml-ruby (2.
|
64
|
+
libxml-ruby (2.9.0)
|
63
65
|
loofah (2.0.3)
|
64
66
|
nokogiri (>= 1.5.9)
|
65
|
-
mail (2.6.
|
66
|
-
mime-types (>= 1.16, <
|
67
|
-
mime-types (
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
67
|
+
mail (2.6.4)
|
68
|
+
mime-types (>= 1.16, < 4)
|
69
|
+
mime-types (3.1)
|
70
|
+
mime-types-data (~> 3.2015)
|
71
|
+
mime-types-data (3.2016.0521)
|
72
|
+
mini_portile2 (2.1.0)
|
73
|
+
minitest (5.9.0)
|
74
|
+
mysql2 (0.4.4)
|
75
|
+
nokogiri (1.6.8)
|
76
|
+
mini_portile2 (~> 2.1.0)
|
77
|
+
pkg-config (~> 1.1.7)
|
78
|
+
pdf-core (0.6.1)
|
79
|
+
pkg-config (1.1.7)
|
80
|
+
power_assert (0.3.0)
|
81
|
+
prawn (2.1.0)
|
82
|
+
pdf-core (~> 0.6.1)
|
77
83
|
ttfunk (~> 1.4.0)
|
78
84
|
prawn-table (0.2.2)
|
79
85
|
prawn (>= 1.3.0, < 3.0.0)
|
80
86
|
rack (1.6.4)
|
81
87
|
rack-test (0.6.3)
|
82
88
|
rack (>= 1.0)
|
83
|
-
rails (4.2.
|
84
|
-
actionmailer (= 4.2.
|
85
|
-
actionpack (= 4.2.
|
86
|
-
actionview (= 4.2.
|
87
|
-
activejob (= 4.2.
|
88
|
-
activemodel (= 4.2.
|
89
|
-
activerecord (= 4.2.
|
90
|
-
activesupport (= 4.2.
|
89
|
+
rails (4.2.6)
|
90
|
+
actionmailer (= 4.2.6)
|
91
|
+
actionpack (= 4.2.6)
|
92
|
+
actionview (= 4.2.6)
|
93
|
+
activejob (= 4.2.6)
|
94
|
+
activemodel (= 4.2.6)
|
95
|
+
activerecord (= 4.2.6)
|
96
|
+
activesupport (= 4.2.6)
|
91
97
|
bundler (>= 1.3.0, < 2.0)
|
92
|
-
railties (= 4.2.
|
98
|
+
railties (= 4.2.6)
|
93
99
|
sprockets-rails
|
94
100
|
rails-deprecated_sanitizer (1.0.3)
|
95
101
|
activesupport (>= 4.2.0.alpha)
|
@@ -97,28 +103,29 @@ GEM
|
|
97
103
|
activesupport (>= 4.2.0.beta, < 5.0)
|
98
104
|
nokogiri (~> 1.6.0)
|
99
105
|
rails-deprecated_sanitizer (>= 1.0.1)
|
100
|
-
rails-html-sanitizer (1.0.
|
106
|
+
rails-html-sanitizer (1.0.3)
|
101
107
|
loofah (~> 2.0)
|
102
|
-
railties (4.2.
|
103
|
-
actionpack (= 4.2.
|
104
|
-
activesupport (= 4.2.
|
108
|
+
railties (4.2.6)
|
109
|
+
actionpack (= 4.2.6)
|
110
|
+
activesupport (= 4.2.6)
|
105
111
|
rake (>= 0.8.7)
|
106
112
|
thor (>= 0.18.1, < 2.0)
|
107
|
-
rake (
|
113
|
+
rake (11.2.2)
|
108
114
|
rmagick (2.15.4)
|
109
|
-
simplecov (0.11.
|
115
|
+
simplecov (0.11.2)
|
110
116
|
docile (~> 1.1.0)
|
111
117
|
json (~> 1.8)
|
112
118
|
simplecov-html (~> 0.10.0)
|
113
119
|
simplecov-html (0.10.0)
|
114
|
-
sprockets (3.
|
120
|
+
sprockets (3.6.2)
|
121
|
+
concurrent-ruby (~> 1.0)
|
115
122
|
rack (> 1, < 3)
|
116
|
-
sprockets-rails (
|
117
|
-
actionpack (>=
|
118
|
-
activesupport (>=
|
119
|
-
sprockets (>=
|
123
|
+
sprockets-rails (3.0.4)
|
124
|
+
actionpack (>= 4.0)
|
125
|
+
activesupport (>= 4.0)
|
126
|
+
sprockets (>= 3.0.0)
|
120
127
|
sqlite3 (1.3.11)
|
121
|
-
test-unit (3.
|
128
|
+
test-unit (3.2.0)
|
122
129
|
power_assert
|
123
130
|
thor (0.19.1)
|
124
131
|
thread_safe (0.3.5)
|
@@ -131,11 +138,11 @@ PLATFORMS
|
|
131
138
|
ruby
|
132
139
|
|
133
140
|
DEPENDENCIES
|
134
|
-
minitest (~> 5.0, >= 5.
|
141
|
+
minitest (~> 5.0, >= 5.9)
|
135
142
|
risu!
|
136
|
-
simplecov (~> 0.11, >= 0.11.
|
137
|
-
test-unit (~> 3.
|
138
|
-
yard (~> 0.8, >= 0.8.
|
143
|
+
simplecov (~> 0.11, >= 0.11.2)
|
144
|
+
test-unit (~> 3.2, >= 3.2)
|
145
|
+
yard (~> 0.8, >= 0.8.7.6)
|
139
146
|
|
140
147
|
BUNDLED WITH
|
141
|
-
1.
|
148
|
+
1.12.5
|
data/README.markdown
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# risu [![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu) [![Build Status](https://travis-ci.org/arxopia/risu.png?branch=master)](https://travis-ci.org/arxopia/risu) [![Code Climate](https://codeclimate.com/github/arxopia/risu/badges/gpa.svg)](https://codeclimate.com/github/arxopia/risu) [![Inline docs](http://inch-ci.org/github/arxopia/risu.png)](http://inch-ci.org/github/arxopia/risu)
|
1
|
+
# risu [![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu) [![Build Status](https://travis-ci.org/arxopia/risu.png?branch=master)](https://travis-ci.org/arxopia/risu) [![Code Climate](https://codeclimate.com/github/arxopia/risu/badges/gpa.svg)](https://codeclimate.com/github/arxopia/risu) [![Inline docs](http://inch-ci.org/github/arxopia/risu.png)](http://inch-ci.org/github/arxopia/risu)
|
2
2
|
|
3
3
|
Risu is [Nessus](http://www.nessus.org) parser, that converts Nessus .nessus xml files into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
4
|
|
@@ -131,9 +131,6 @@ If you would like to contribute templates/bug fixes/etc to risu. The easiest way
|
|
131
131
|
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/arxopia/risu/issues).
|
132
132
|
|
133
133
|
# Contact
|
134
|
-
You can reach me at
|
134
|
+
You can reach me at jacob.hammack[at]arxopia[dot]com.
|
135
135
|
|
136
136
|
You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
137
|
-
|
138
|
-
# Donations / tips
|
139
|
-
Feel free to donate or tip to BTC: 1Cfd5G6rJmSBrNcTHxEgE4uYgH7XZJPY7Z
|
data/docs/NEWS.markdown
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
# 1.7.9 (July 1, 2016)
|
4
|
+
- Updated RootCauses
|
5
|
+
- Fixed issue #99 with the FindingsHost template enumerating the wrong findings. [@ghuisman]
|
6
|
+
- Fixed issue #94 Where some fields in the Schema were strings instead of bool [@abenson]
|
7
|
+
|
3
8
|
# 1.7.8 (June 25, 2016)
|
4
9
|
- Changed license from 3 clause BSD to MIT.
|
5
10
|
|
@@ -209,8 +214,8 @@
|
|
209
214
|
- Support for Ruby less than 1.9.3 also doesn't exist
|
210
215
|
- Schema
|
211
216
|
- Changed size of ServerPreferences.value to text instead of string. Pull Request from [alanjones]
|
212
|
-
- Changed size of HostProperties.value to text instead of string. Pull Request from [alanjones]
|
213
|
-
- Changed size of References.value to text instead of string. Pull Request from [alanjones]
|
217
|
+
- Changed size of HostProperties.value to text instead of string. Pull Request from [@alanjones]
|
218
|
+
- Changed size of References.value to text instead of string. Pull Request from [@alanjones]
|
214
219
|
- Models
|
215
220
|
- Policy Model
|
216
221
|
- Added policy_comments
|
data/lib/risu/base/schema.rb
CHANGED
@@ -139,7 +139,7 @@ module Risu
|
|
139
139
|
t.string :script_version
|
140
140
|
t.string :d2_elliot_name
|
141
141
|
t.string :exploit_framework_d2_elliot
|
142
|
-
t.
|
142
|
+
t.boolean :exploited_by_malware
|
143
143
|
t.boolean :rollup
|
144
144
|
t.integer :risk_score
|
145
145
|
t.string :compliance
|
@@ -289,6 +289,12 @@ module Risu
|
|
289
289
|
90510 => "Vendor Patch",
|
290
290
|
87311 => "Vendor Patch",
|
291
291
|
-99980 => "Vendor Patch",
|
292
|
+
86994 => "Vendor Patch",
|
293
|
+
91230 => "Vendor Patch",
|
294
|
+
-99990 => "Vendor Patch",
|
295
|
+
-99975 => "Vendor Patch",
|
296
|
+
-99961 => "Vendor Patch",
|
297
|
+
88577 => "Vendor Patch",
|
292
298
|
|
293
299
|
|
294
300
|
|
@@ -322,6 +328,8 @@ module Risu
|
|
322
328
|
84729 => "Vendor Support",
|
323
329
|
58991 => "Vendor Support",
|
324
330
|
69552 => "Vendor Support",
|
331
|
+
56212 => "Vendor Support",
|
332
|
+
11057 => "Vendor Support",
|
325
333
|
|
326
334
|
|
327
335
|
|
@@ -408,6 +416,9 @@ module Risu
|
|
408
416
|
15984 => "Configuration",
|
409
417
|
66349 => "Configuration",
|
410
418
|
10483 => "Configuration",
|
419
|
+
59275 => "Configuration",
|
420
|
+
35453 => "Configuration",
|
421
|
+
90317 => "Configuration",
|
411
422
|
|
412
423
|
}
|
413
424
|
end
|
@@ -18,7 +18,6 @@
|
|
18
18
|
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
19
|
# THE SOFTWARE.
|
20
20
|
|
21
|
-
|
22
21
|
module Risu
|
23
22
|
module Templates
|
24
23
|
class FindingsHost < Risu::Base::TemplateBase
|
@@ -31,7 +30,7 @@ module Risu
|
|
31
30
|
{
|
32
31
|
:name => "findings_host",
|
33
32
|
:author => "hammackj",
|
34
|
-
:version => "0.0.
|
33
|
+
:version => "0.0.4",
|
35
34
|
:renderer => "PDF",
|
36
35
|
:description => "Generates a findings report by host"
|
37
36
|
}
|
@@ -68,7 +67,7 @@ module Risu
|
|
68
67
|
output.fill_color "000000"
|
69
68
|
end
|
70
69
|
|
71
|
-
host.items.
|
70
|
+
host.items.critical_risks_unique_sorted.each do |item|
|
72
71
|
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
73
72
|
output.text "#{name}"
|
74
73
|
end
|
data/lib/risu/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: risu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.7.
|
4
|
+
version: 1.7.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jacob Hammack
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-07-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -436,3 +436,4 @@ signing_key:
|
|
436
436
|
specification_version: 4
|
437
437
|
summary: risu
|
438
438
|
test_files: []
|
439
|
+
has_rdoc: yard
|