risu 1.7.9 → 1.8.0

data/lib/risu/base/post_process_manager.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -30,7 +30,7 @@ module Risu
 			# @param path Path relative to the base_dir of risu
 			#
 			# @return New instance of the template manager with templates loaded.
-			def initialize (path)
+			def initialize path
 				@registered_postprocesses = Array.new
 				@postprocesses = Array.new
 
@@ -92,7 +92,7 @@ module Risu
 			# @param template The template to validate
 			#
 			# @return [Boolean] If the template is valid
-			def validate(template)
+			def validate template
 				t = template.new
 
 				return false if t == nil

data/lib/risu/base/scan_helper.rb

@@ -1,28 +1,22 @@
-# Copyright (c) 2012-2016 Arxopia LLC.
-# All rights reserved.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
 #
-#     * Redistributions of source code must retain the above copyright
-#       notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above copyright
-#       notice, this list of conditions and the following disclaimer in the
-#       documentation and/or other materials provided with the distribution.
-#     * Neither the name of the Arxopia LLC nor the names of its contributors
-#     	may be used to endorse or promote products derived from this software
-#     	without specific prior written permission.
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
 #
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
-# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 module Risu
 	module Templates
@@ -30,7 +24,7 @@ module Risu
 
 			#
 			# TODO doc
-			def scan_info_to_hash(plugin_output)
+			def scan_info_to_hash plugin_output
 				scan_info = {}
 
 				plugin_output.split("\n").each do |line|

data/lib/risu/base/schema.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -23,7 +23,7 @@ module Risu
 	module Base
 
 		# Risu database Schema
-		class Schema < ActiveRecord::Migration
+		class Schema < ActiveRecord::Migration[4.2]
 
 			# Creates all of the database tables required by the parser
 			def self.up

data/lib/risu/base/shares_template_helper.rb

@@ -1,28 +1,22 @@
-# Copyright (c) 2012-2016 Arxopia LLC.
-# All rights reserved.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
 #
-#     * Redistributions of source code must retain the above copyright
-#       notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above copyright
-#       notice, this list of conditions and the following disclaimer in the
-#       documentation and/or other materials provided with the distribution.
-#     * Neither the name of the Arxopia LLC nor the names of its contributors
-#     	may be used to endorse or promote products derived from this software
-#     	without specific prior written permission.
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
 #
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
-# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 module Risu
 	module Templates
@@ -32,7 +26,7 @@ module Risu
 			def anon_ftp_count
 				begin
 					return Item.where(:plugin_id => Plugin.where(:plugin_name => "Anonymous FTP Enabled").first.id).count
-				rescue => e
+				rescue
 					return 0
 				end
 			end
@@ -88,7 +82,7 @@ module Risu
 
 						count = count + 1
 					end
-				rescue => e
+				rescue
 					return 0
 				end
 

data/lib/risu/base/template_base.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/base/template_helper.rb

@@ -1,28 +1,22 @@
-# Copyright (c) 2012-2016 Arxopia LLC.
-# All rights reserved.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
 #
-#     * Redistributions of source code must retain the above copyright
-#       notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above copyright
-#       notice, this list of conditions and the following disclaimer in the
-#       documentation and/or other materials provided with the distribution.
-#     * Neither the name of the Arxopia LLC nor the names of its contributors
-#     	may be used to endorse or promote products derived from this software
-#     	without specific prior written permission.
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
 #
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
-# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 module Risu
 	module Templates
@@ -137,18 +131,18 @@ module Risu
 			end
 
 			#
-			def item_count_by_plugin_name (plugin_name)
+			def item_count_by_plugin_name plugin_name
 				begin
 					return Item.where(:plugin_id => Plugin.where(:plugin_name => plugin_name).first.id).count
-				rescue # => e
+				rescue
 					return 0
 				end
 			end
 
-			def item_count_by_plugin_id (plugin_id)
+			def item_count_by_plugin_id plugin_id
 				begin
 					return Item.where(:plugin_id => plugin_id).count
-				rescue => e
+				rescue
 					return 0
 				end
 			end

data/lib/risu/base/template_manager.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -30,7 +30,7 @@ module Risu
 			# @param path Path relative to the base_dir of risu
 			#
 			# @return New instance of the template manager with templates loaded.
-			def initialize (path)
+			def initialize path
 				@registered_templates = Array.new
 				@templates = Array.new
 
@@ -44,7 +44,7 @@ module Risu
 			# Loads templates from a specific path
 			#
 			# @param path Path to templates to load
-			def load_templates(path, recursive=true)
+			def load_templates path, recursive=true
 				begin
 					search_path = "#{path}/**/*.rb" if recursive == true
 					search_path = "#{path}/*.rb" if recursive == false
@@ -74,7 +74,7 @@ module Risu
 			# @param template The template to validate
 			#
 			# @return [Boolean] If the template is valid
-			def validate(template)
+			def validate template
 			  t = template.new
 
 				return false if t == nil
@@ -86,7 +86,7 @@ module Risu
 			# @param name Name of the template to find
 			#
 			# @return the instance of the template or nil if not found
-			def find_template_by_name(name)
+			def find_template_by_name name
 				@registered_templates.each do |template|
 					t = template.new
 					if t.template_info[:name] == name

data/lib/risu/base/templater.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@ module Risu
 			# Setups of the Templater class initializing all of the variables
 			#
 			# @return [Templater] New Instance
-			def initialize(template, findings, output, template_manager)
+			def initialize template, findings, output, template_manager
 				@template = template
 				@findings = findings
 				@output_file = output
@@ -59,10 +59,8 @@ module Risu
 							t = t.class.new
 							t.output = output
 							t.render(output) unless t == nil
-						end		
+						end
 					end
-
-
 				rescue => e
 					raise unless Rails.env.production?
 					puts "Templater Error: #{e.message} \n #{e.backtrace.join("\n\t")}\n"

data/lib/risu/cli.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/cli/application.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -53,6 +53,9 @@ module Risu
 					f.write("  author: \n")
 					f.write("  title: \n")
 					f.write("  company: \n")
+					f.write("  network: \n")
+					f.write("  owner: \n")
+					f.write("  location: \n")
 					f.write("  classification: \n\n")
 					f.write("database:\n")
 					f.write("  adapter: \n")
@@ -69,7 +72,7 @@ module Risu
 			#
 			# @param file Path to configuration file
 			# @param in_memory_config [Boolean] If the configuration is in memory
-			def load_config(file=CONFIG_FILE, in_memory_config=false)
+			def load_config file=CONFIG_FILE, in_memory_config=false
 				if File.exist?(file) == true or in_memory_config == true
 					begin
 						if in_memory_config
@@ -102,7 +105,7 @@ module Risu
 			# Initiator for [ActiveRecord] migrations.
 			#
 			# @param direction [Symbol] :up or :down
-			def migrate(direction)
+			def migrate direction
 				begin
 					if @database["adapter"] == nil
 						return false, "[!] Invalid database adapter, please check your configuration file"
@@ -168,8 +171,20 @@ module Risu
 					puts "[!] Database adapter not found, please check your configuration file"
 					puts "#{anf.message}\n #{anf.backtrace}" if @options[:debug]
 					exit
+				rescue ActiveRecord::NoDatabaseError => nde
+					puts "[!] Database not found. Please check your configuration file"
+					puts "#{nde.message}\n #{nde.backtrace}" if @options[:debug]
+					exit
+				rescue Mysql2::Error => mse
+					puts "[!] Unable to connect to MySQL. \"#{mse.message}\" Please check your configuration file"
+					puts "#{mse.message}\n #{mse.backtrace}" if @options[:debug]
+					exit
+				rescue SQLite3::Exception => se
+					puts "[!] Unable to open database. Please check your configuration file"
+					puts "#{se.message}\n #{se.backtrace}" if @options[:debug]
+					exit
 				rescue => e
-					puts "[!] Exception! #{e.message}\n #{e.backtrace}"
+					puts "[!] Exception (#{e.class})! #{e.message}\n #{e.backtrace}"
 				end
 			end
 
@@ -219,7 +234,7 @@ module Risu
 			def parse_options
 				begin
 					opts = OptionParser.new do |opt|
-						opt.banner =	"#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.arxopia.com\n\n"
+						opt.banner =	"#{APP_NAME} v#{VERSION}\nJacob Hammack\nhttp://www.hammackj.com\n\n"
 						opt.banner << "Usage: #{APP_NAME} [options] [files_to_parse]"
 						opt.separator('')
 						opt.separator("Parse Options")
@@ -327,6 +342,9 @@ module Risu
 						puts opts.to_s + "\n"
 						exit
 					end
+				rescue OptionParser::AmbiguousOption => a
+					puts opts.to_s + "\n"
+					exit
 				rescue OptionParser::MissingArgument => m
 					puts opts.to_s + "\n"
 					exit
@@ -398,6 +416,9 @@ module Risu
 					@findings.title = @report["title"]
 					@findings.company = @report["company"]
 					@findings.classification = @report["classification"]
+					@findings.network = @report["network"]
+					@findings.owner = @report["owner"]
+					@findings.location = @report["location"]
 					@findings.extra = @report
 
 					template = Templater.new(@options[:template], @findings, @options[:output_file], @template_manager)

data/lib/risu/cli/banner.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/exceptions.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/exceptions/invaliddocument.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/graphs.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/graphs/top_vuln_graph.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/graphs/windows_os_graph.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/models.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/models/attachment.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

data/lib/risu/models/familyselection.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2016 Arxopia LLC.
+# Copyright (c) 2010-2017 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal