risu 1.8.3 → 1.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/Gemfile.lock +159 -0
- data/LICENSE +1 -1
- data/README.markdown +2 -5
- data/Rakefile +1 -1
- data/bin/risu +1 -1
- data/docs/NEWS.markdown +3 -0
- data/lib/risu.rb +2 -2
- data/lib/risu/base.rb +1 -1
- data/lib/risu/base/graph_template_helper.rb +1 -1
- data/lib/risu/base/host_template_helper.rb +2 -1
- data/lib/risu/base/malware_template_helper.rb +1 -1
- data/lib/risu/base/post_process_base.rb +7 -4
- data/lib/risu/base/post_process_manager.rb +1 -1
- data/lib/risu/base/scan_helper.rb +1 -1
- data/lib/risu/base/schema.rb +10 -3
- data/lib/risu/base/shares_template_helper.rb +1 -1
- data/lib/risu/base/template_base.rb +1 -1
- data/lib/risu/base/template_helper.rb +1 -1
- data/lib/risu/base/template_manager.rb +1 -1
- data/lib/risu/base/templater.rb +1 -1
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +16 -16
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/graphs.rb +1 -1
- data/lib/risu/graphs/top_vuln_graph.rb +1 -1
- data/lib/risu/graphs/windows_os_graph.rb +1 -1
- data/lib/risu/models.rb +2 -1
- data/lib/risu/models/attachment.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +34 -2
- data/lib/risu/models/hostproperty.rb +1 -1
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +248 -20
- data/lib/risu/models/nessuspluginmetadata.rb +28 -0
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -1
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +3 -2
- data/lib/risu/parsers/nessus/postprocess.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/7zip.rb +6 -4
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +48 -54
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +58 -63
- data/lib/risu/parsers/nessus/postprocess/adobe_coldfusion.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/{shockwave.rb → adobe_creative_desktop.rb} +9 -34
- data/lib/risu/parsers/nessus/postprocess/adobe_flash_player.rb +175 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +73 -55
- data/lib/risu/parsers/nessus/postprocess/adobe_shockwave_player.rb +74 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +38 -33
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +8 -10
- data/lib/risu/parsers/nessus/postprocess/apple_icloud.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +23 -17
- data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +38 -32
- data/lib/risu/parsers/nessus/postprocess/artifex_ghostscript.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +10 -14
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +10 -10
- data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +18 -20
- data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +25 -15
- data/lib/risu/parsers/nessus/postprocess/cisco_telepresence.rb +45 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +6 -6
- data/lib/risu/parsers/nessus/postprocess/db2.rb +7 -9
- data/lib/risu/parsers/nessus/postprocess/dell_idrac.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +4 -2
- data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/filezilla.rb +4 -6
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +113 -71
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_phantom_pdf.rb +10 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +13 -12
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +34 -6
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/iLo.rb +50 -0
- data/lib/risu/parsers/nessus/postprocess/intel_mgt_engine.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/irfanview.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/java.rb +70 -64
- data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/microsoft_office.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_visual_studio.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_windows.rb +1312 -0
- data/lib/risu/parsers/nessus/postprocess/mongo_db.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/mozzila_thunderbird.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/normalize_plugin_names.rb +5 -2
- data/lib/risu/parsers/nessus/postprocess/openoffice.rb +14 -11
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +58 -39
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/php.rb +94 -69
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/putty.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/real_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +16 -3
- data/lib/risu/parsers/nessus/postprocess/samba.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +4 -4
- data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/skype.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/solarwinds_dameware.rb +48 -0
- data/lib/risu/parsers/nessus/postprocess/symantec_endpoint.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/tenable_nessus.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/vlc.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +64 -54
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +11 -5
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/winscp.rb +7 -8
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +73 -51
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/csvrenderer.rb +1 -1
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +1 -1
- data/lib/risu/template_helpers.rb +1 -1
- data/lib/risu/templates/assets.rb +1 -1
- data/lib/risu/templates/authentication_summary.rb +1 -1
- data/lib/risu/templates/cover_sheet.rb +1 -1
- data/lib/risu/templates/exec_summary.rb +1 -1
- data/lib/risu/templates/executive_summary_detailed.rb +1 -1
- data/lib/risu/templates/exploitablity_summary.rb +1 -1
- data/lib/risu/templates/failed_audits.rb +1 -1
- data/lib/risu/templates/finding_statistics.rb +1 -1
- data/lib/risu/templates/findings_host.rb +1 -1
- data/lib/risu/templates/findings_summary.rb +1 -1
- data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
- data/lib/risu/templates/graphs.rb +1 -1
- data/lib/risu/templates/host_findings_csv.rb +1 -1
- data/lib/risu/templates/host_summary.rb +1 -1
- data/lib/risu/templates/malicious_process_detection.rb +1 -1
- data/lib/risu/templates/missing_root_causes.rb +1 -1
- data/lib/risu/templates/ms_patch_summary.rb +1 -1
- data/lib/risu/templates/ms_update_summary.rb +1 -1
- data/lib/risu/templates/ms_wsus_findings.rb +1 -1
- data/lib/risu/templates/notable.rb +1 -1
- data/lib/risu/templates/notable_detailed.rb +1 -1
- data/lib/risu/templates/pci_compliance.rb +1 -1
- data/lib/risu/templates/rollup_summary.rb +82 -0
- data/lib/risu/templates/stig_findings_summary.rb +1 -1
- data/lib/risu/templates/talking_points.rb +1 -1
- data/lib/risu/templates/technical_findings.rb +1 -1
- data/lib/risu/templates/template.rb +1 -1
- data/lib/risu/templates/top_25.rb +1 -1
- data/lib/risu/version.rb +2 -2
- data/risu.gemspec +5 -5
- metadata +59 -56
- metadata.gz.sig +0 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +0 -145
- data/lib/risu/parsers/nessus/postprocess/windows.rb +0 -976
data/lib/risu/cli/banner.rb
CHANGED
data/lib/risu/exceptions.rb
CHANGED
data/lib/risu/graphs.rb
CHANGED
data/lib/risu/models.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -39,3 +39,4 @@ require 'risu/models/servicedescription'
|
|
39
39
|
require 'risu/models/patch'
|
40
40
|
require 'risu/models/hostproperty'
|
41
41
|
require 'risu/models/attachment'
|
42
|
+
require 'risu/models/nessuspluginmetadata'
|
data/lib/risu/models/host.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -799,6 +799,10 @@ module Risu
|
|
799
799
|
|
800
800
|
# @TODO
|
801
801
|
def unique_hosts_with_critical_and_high_count
|
802
|
+
unique_hosts_with_critical_and_high().size
|
803
|
+
end
|
804
|
+
|
805
|
+
def unique_hosts_with_critical_and_high
|
802
806
|
hosts = Array.new
|
803
807
|
crit = Item.critical_risks_by_host(Host.all.size)
|
804
808
|
|
@@ -812,7 +816,35 @@ module Risu
|
|
812
816
|
hosts.push(item.host_id)
|
813
817
|
end
|
814
818
|
|
815
|
-
hosts.uniq
|
819
|
+
hosts.uniq
|
820
|
+
end
|
821
|
+
|
822
|
+
def unique_hosts_with_common_missing_patches_count
|
823
|
+
unique_hosts_with_common_missing_patches().size
|
824
|
+
end
|
825
|
+
|
826
|
+
def unique_hosts_with_common_missing_patches
|
827
|
+
results = Array.new
|
828
|
+
|
829
|
+
common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)
|
830
|
+
hosts = Host.all
|
831
|
+
|
832
|
+
hosts.each do |host|
|
833
|
+
common_patches.each do |plugin|
|
834
|
+
results.push(host.id) if host.items.where(:plugin_id => plugin.id).count > 0
|
835
|
+
end
|
836
|
+
end
|
837
|
+
|
838
|
+
results.uniq
|
839
|
+
end
|
840
|
+
|
841
|
+
def uniquie_hosts_with_critical_high_common
|
842
|
+
hosts = unique_hosts_with_common_missing_patches() + unique_hosts_with_critical_and_high()
|
843
|
+
hosts.uniq
|
844
|
+
end
|
845
|
+
|
846
|
+
def uniquie_hosts_with_critical_high_common_count
|
847
|
+
uniquie_hosts_with_critical_high_common().size
|
816
848
|
end
|
817
849
|
end
|
818
850
|
end
|
data/lib/risu/models/item.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -35,13 +35,20 @@ module Risu
|
|
35
35
|
#
|
36
36
|
# @return [ActiveRecord::Relation] with the query results
|
37
37
|
def risks
|
38
|
-
where(:severity => [0,1,2,3,4])
|
38
|
+
where(:severity => [0,1,2,3,4]).where(:rollup_finding => false)
|
39
39
|
end
|
40
40
|
|
41
|
-
# Queries for all the
|
41
|
+
# Queries for all the critical risks in the database
|
42
42
|
#
|
43
43
|
# @return [ActiveRecord::Relation] with the query results
|
44
44
|
def critical_risks
|
45
|
+
where(:severity => 4).where(:rollup_finding => false)
|
46
|
+
end
|
47
|
+
|
48
|
+
# Queries for all the real critical risks in the database
|
49
|
+
#
|
50
|
+
# @return [ActiveRecord::Relation] with the query results
|
51
|
+
def raw_critical_risks
|
45
52
|
where(:severity => 4)
|
46
53
|
end
|
47
54
|
|
@@ -49,6 +56,13 @@ module Risu
|
|
49
56
|
#
|
50
57
|
# @return [ActiveRecord::Relation] with the query results
|
51
58
|
def high_risks
|
59
|
+
where(:severity => 3).where(:rollup_finding => false)
|
60
|
+
end
|
61
|
+
|
62
|
+
# Queries for all the real high risks in the database
|
63
|
+
#
|
64
|
+
# @return [ActiveRecord::Relation] with the query results
|
65
|
+
def raw_high_risks
|
52
66
|
where(:severity => 3)
|
53
67
|
end
|
54
68
|
|
@@ -56,6 +70,10 @@ module Risu
|
|
56
70
|
#
|
57
71
|
# @return [ActiveRecord::Relation] with the query results
|
58
72
|
def medium_risks
|
73
|
+
where(:severity => 2).where(:rollup_finding => false)
|
74
|
+
end
|
75
|
+
|
76
|
+
def raw_medium_risks
|
59
77
|
where(:severity => 2)
|
60
78
|
end
|
61
79
|
|
@@ -63,6 +81,10 @@ module Risu
|
|
63
81
|
#
|
64
82
|
# @return [ActiveRecord::Relation] with the query results
|
65
83
|
def low_risks
|
84
|
+
where(:severity => 1).where(:rollup_finding => false)
|
85
|
+
end
|
86
|
+
|
87
|
+
def raw_low_risks
|
66
88
|
where(:severity => 1)
|
67
89
|
end
|
68
90
|
|
@@ -70,6 +92,10 @@ module Risu
|
|
70
92
|
#
|
71
93
|
# @return [ActiveRecord::Relation] with the query results
|
72
94
|
def info_risks
|
95
|
+
where(:severity => 0).where(:rollup_finding => false)
|
96
|
+
end
|
97
|
+
|
98
|
+
def raw_info_risks
|
73
99
|
where(:severity => 0)
|
74
100
|
end
|
75
101
|
|
@@ -92,14 +118,14 @@ module Risu
|
|
92
118
|
# @return [ActiveRecord::Relation] with the query results
|
93
119
|
def critical_risks_unique_sorted
|
94
120
|
#Item.select("items.*").select("count(*) as count_all").where(:severity => 4).group(:plugin_id).order("count_all DESC")
|
95
|
-
Item.where(:severity => 4).group(:plugin_id).order('
|
121
|
+
Item.where(:severity => 4).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
|
96
122
|
end
|
97
123
|
|
98
124
|
# Queries for all the unique high findings and sorts them by count
|
99
125
|
#
|
100
126
|
# @return [ActiveRecord::Relation] with the query results
|
101
127
|
def high_risks_unique_sorted
|
102
|
-
Item.where(:severity => 3).group(:plugin_id).order('
|
128
|
+
Item.where(:severity => 3).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
|
103
129
|
#select("items.*").select("count(*) as count_all").where(:severity => 3).group(:plugin_id).order("count_all DESC")
|
104
130
|
end
|
105
131
|
|
@@ -115,7 +141,7 @@ module Risu
|
|
115
141
|
#
|
116
142
|
# @return [ActiveRecord::Relation] with the query results
|
117
143
|
def medium_risks_unique_sorted
|
118
|
-
Item.where(:severity => 2).group(:plugin_id).order('
|
144
|
+
Item.where(:severity => 2).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
|
119
145
|
#select("items.*").select("count(*) as count_all").where(:severity => 2).group(:plugin_id).order("count_all DESC")
|
120
146
|
end
|
121
147
|
|
@@ -172,10 +198,18 @@ module Risu
|
|
172
198
|
#
|
173
199
|
# @param limit Limits the result to a specific number, default 10
|
174
200
|
#
|
201
|
+
#
|
202
|
+
# => "SELECT \"items\".* FROM \"items\" INNER JOIN \"hosts\" ON \"hosts\".\"id\" = \"items\".\"host_id\" WHERE \"items\".\"plugin_id\" != 1 AND \"items\".\"severity\" = 4 GROUP BY \"items\".\"host_id\" ORDER BY count(*) desc LIMIT 10"
|
203
|
+
#
|
204
|
+
#
|
205
|
+
#
|
206
|
+
#
|
207
|
+
|
175
208
|
# @return [ActiveRecord::Relation] with the query results
|
176
209
|
def risks_by_host(limit=10)
|
177
210
|
#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
|
178
|
-
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order('
|
211
|
+
#Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
212
|
+
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
179
213
|
end
|
180
214
|
|
181
215
|
# Queries for all the Critical risks by host
|
@@ -185,7 +219,7 @@ module Risu
|
|
185
219
|
# @return [ActiveRecord::Relation] with the query results
|
186
220
|
def critical_risks_by_host(limit=10)
|
187
221
|
#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
|
188
|
-
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order('
|
222
|
+
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
189
223
|
end
|
190
224
|
|
191
225
|
# Queries for all the High risks by host
|
@@ -196,7 +230,7 @@ module Risu
|
|
196
230
|
def high_risks_by_host(limit=10)
|
197
231
|
#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 3).group(:host_id).order("count_all DESC").limit(limit)
|
198
232
|
|
199
|
-
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 3).group(:host_id).order('
|
233
|
+
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 3).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
200
234
|
end
|
201
235
|
|
202
236
|
# Queries for all the Medium risks by host
|
@@ -206,7 +240,7 @@ module Risu
|
|
206
240
|
# @return [ActiveRecord::Relation] with the query results
|
207
241
|
def medium_risks_by_host(limit=10)
|
208
242
|
#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 2).group(:host_id).order("count_all DESC").limit(limit)
|
209
|
-
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 2).group(:host_id).order('
|
243
|
+
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 2).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
210
244
|
end
|
211
245
|
|
212
246
|
# Queries for all the Low risks by host
|
@@ -216,7 +250,7 @@ module Risu
|
|
216
250
|
# @return [ActiveRecord::Relation] with the query results
|
217
251
|
def low_risks_by_host(limit=10)
|
218
252
|
#select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 1).group(:host_id).order("count_all DESC").limit(limit)
|
219
|
-
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 1).group(:host_id).order('
|
253
|
+
Item.joins(:host).where.not(plugin_id: 1).where(:severity => 1).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
|
220
254
|
end
|
221
255
|
|
222
256
|
# Queries for all the hosts with the Microsoft patch summary plugin (38153)
|
@@ -346,10 +380,21 @@ module Risu
|
|
346
380
|
def calculate_vulnerable_host_percent
|
347
381
|
#patch to fix double counting
|
348
382
|
#unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical.count + Host.unique_hosts_with_high.count
|
383
|
+
#unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical_and_high_count
|
349
384
|
unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical_and_high_count
|
350
385
|
host_percent = (unique_hosts_with_critical_and_high.to_f / Host.count.to_f) * 100
|
351
386
|
end
|
352
387
|
|
388
|
+
def calculate_missing_common_patch_host_percent
|
389
|
+
hosts = Host.unique_hosts_with_common_missing_patches_count
|
390
|
+
host_percent = (hosts.to_f / Host.count.to_f) * 100
|
391
|
+
end
|
392
|
+
|
393
|
+
def calculate_overall_host_percent
|
394
|
+
hosts = Host.uniquie_hosts_with_critical_high_common_count
|
395
|
+
host_percent = (hosts.to_f / Host.count.to_f) * 100
|
396
|
+
end
|
397
|
+
|
353
398
|
# @TODO w t f
|
354
399
|
# @deprecated
|
355
400
|
def calculate_vulnerable_host_percent_with_patches_applied
|
@@ -467,14 +512,70 @@ module Risu
|
|
467
512
|
"#{calculate_vulnerable_host_percent_with_patches_applied().round}%"
|
468
513
|
end
|
469
514
|
|
515
|
+
def common_patch_percent_rounded_text
|
516
|
+
"#{calculate_missing_common_patch_host_percent().round}%"
|
517
|
+
end
|
518
|
+
|
519
|
+
def overall_risk_percent_rounded_text
|
520
|
+
"#{calculate_overall_host_percent().round}%"
|
521
|
+
end
|
522
|
+
|
470
523
|
# @deprecated
|
471
524
|
def risk_percent_text
|
472
|
-
"%.2f
|
525
|
+
"%.2f%%" % calculate_vulnerable_host_percent()
|
526
|
+
end
|
527
|
+
|
528
|
+
def common_patch_percent_text
|
529
|
+
"%.2f%%" % calculate_missing_common_patch_host_percent()
|
530
|
+
end
|
531
|
+
|
532
|
+
def overall_risk_percent_text
|
533
|
+
"%.2f%%" % calculate_overall_host_percent()
|
473
534
|
end
|
474
535
|
|
475
536
|
# @deprecated
|
476
537
|
def risk_percent_patched_text
|
477
|
-
"%.2f
|
538
|
+
"%.2f%%" % calculate_vulnerable_host_percent_with_patches_applied()
|
539
|
+
end
|
540
|
+
|
541
|
+
|
542
|
+
def common_patches_order_by_cvss_raw
|
543
|
+
#items = Item.joins(:plugin).where(:severity => [4, 3, 2, 1]).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
544
|
+
#items = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
545
|
+
#items = items.merge Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
546
|
+
#items = items.merge Item.joins(:plugin).where(:severity => 2).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
547
|
+
#items = items.merge Item.joins(:plugin).where(:severity => 1).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
548
|
+
# items = items.sort_by{|k,v| v}.reverse.to_h
|
549
|
+
# results = {}
|
550
|
+
#
|
551
|
+
# items.each do |id, count|
|
552
|
+
# if Item.where(:plugin_id => id).plugin.first.family_name != "Risu Rollup Plugins"
|
553
|
+
# next
|
554
|
+
# end
|
555
|
+
#
|
556
|
+
# results[id] = count;
|
557
|
+
# end
|
558
|
+
#
|
559
|
+
# return results
|
560
|
+
|
561
|
+
results = {}
|
562
|
+
final_results = {}
|
563
|
+
|
564
|
+
common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)
|
565
|
+
common_patches.each do |plugin|
|
566
|
+
count = Item.where(:plugin_id => plugin.id).count
|
567
|
+
results[plugin.id] = count
|
568
|
+
end
|
569
|
+
|
570
|
+
results.each do |k,v|
|
571
|
+
if v > 0
|
572
|
+
final_results[k] = v
|
573
|
+
end
|
574
|
+
end
|
575
|
+
|
576
|
+
results = final_results.sort_by{|k,v| v}.reverse.to_h
|
577
|
+
|
578
|
+
return results
|
478
579
|
end
|
479
580
|
|
480
581
|
#
|
@@ -487,18 +588,43 @@ module Risu
|
|
487
588
|
|
488
589
|
#return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").count(:all, :group => :plugin_id)
|
489
590
|
#return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
490
|
-
|
491
|
-
critical = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
492
591
|
#critical = Item.joins(:plugin).where(:severity => 4).group(:plugin_id).distinct.count
|
493
592
|
|
494
|
-
|
495
|
-
|
496
|
-
|
593
|
+
|
594
|
+
#critical = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
595
|
+
#if critical.size < 10
|
596
|
+
# high = Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
597
|
+
# critical = critical.merge high
|
598
|
+
#end
|
599
|
+
|
600
|
+
#critical =Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
601
|
+
#high = Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
602
|
+
#critical = critical.merge high
|
603
|
+
|
604
|
+
items = Item.joins(:plugin).where(:severity => [4, 3]).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
605
|
+
items = items.sort_by{|k,v| v}.reverse.to_h
|
606
|
+
results = {}
|
607
|
+
|
608
|
+
items.each do |id, count|
|
609
|
+
if Item.where(:plugin_id => id).plugin.first.family_name == "Risu Rollup Plugins"
|
610
|
+
next
|
611
|
+
end
|
612
|
+
|
613
|
+
results[id] = count;
|
497
614
|
end
|
498
615
|
|
499
|
-
|
616
|
+
return results
|
617
|
+
|
618
|
+
|
619
|
+
#items = Item.joins(:plugin).where(:severity => [4, 3])
|
620
|
+
|
621
|
+
#items = items.where.not("plugin.family_name" => 'Risu Rollup Plugins')
|
622
|
+
|
623
|
+
#items.where.not(:plugin.family_name = Risu Rollup Plugins').order("plugins.cvss_base_score").group(:plugin_id).distinct.count
|
624
|
+
|
625
|
+
#items.sort_by{|k,v| v}.to_h
|
626
|
+
|
500
627
|
|
501
|
-
return critical
|
502
628
|
end
|
503
629
|
|
504
630
|
# Scrubs a plugin_name to remove all pointless data
|
@@ -534,6 +660,28 @@ module Risu
|
|
534
660
|
return data
|
535
661
|
end
|
536
662
|
|
663
|
+
def common_patches_sorted_raw
|
664
|
+
raw = common_patches_order_by_cvss_raw
|
665
|
+
|
666
|
+
data = Array.new
|
667
|
+
|
668
|
+
raw.each do |vuln|
|
669
|
+
row = Array.new
|
670
|
+
plugin_id = vuln[0]
|
671
|
+
count = vuln[1]
|
672
|
+
|
673
|
+
row.push(plugin_id)
|
674
|
+
row.push(count)
|
675
|
+
data.push(row) if count > 0
|
676
|
+
end
|
677
|
+
|
678
|
+
data = data.sort do |a, b|
|
679
|
+
b[1] <=> a[1]
|
680
|
+
end
|
681
|
+
|
682
|
+
return data
|
683
|
+
end
|
684
|
+
|
537
685
|
# Returns an array of plugin_id and plugin_name for the top 10
|
538
686
|
# findings sorted by CVSS score
|
539
687
|
#
|
@@ -561,6 +709,29 @@ module Risu
|
|
561
709
|
return data
|
562
710
|
end
|
563
711
|
|
712
|
+
def common_patches_sorted
|
713
|
+
raw = common_patches_order_by_cvss_raw
|
714
|
+
data = Array.new
|
715
|
+
|
716
|
+
raw.each do |vuln|
|
717
|
+
row = Array.new
|
718
|
+
plugin_id = vuln[0]
|
719
|
+
count = vuln[1]
|
720
|
+
|
721
|
+
name = scrub_plugin_name(Plugin.find_by_id(plugin_id).plugin_name)
|
722
|
+
|
723
|
+
row.push(name)
|
724
|
+
row.push(count)
|
725
|
+
data.push(row)
|
726
|
+
end
|
727
|
+
|
728
|
+
data = data.sort do |a, b|
|
729
|
+
b[1] <=> a[1]
|
730
|
+
end
|
731
|
+
|
732
|
+
return data
|
733
|
+
end
|
734
|
+
|
564
735
|
# Returns a prawn pdf table for the top 10 notable findings
|
565
736
|
#
|
566
737
|
# @TODO change this method to return a array/table and let the template render it
|
@@ -579,6 +750,18 @@ module Risu
|
|
579
750
|
end
|
580
751
|
end
|
581
752
|
|
753
|
+
def common_patches_table(output)
|
754
|
+
headers = ["Description", "Count"]
|
755
|
+
header_widths = {0 => (output.bounds.width - 50), 1 => 50}
|
756
|
+
|
757
|
+
data = common_patches_sorted
|
758
|
+
|
759
|
+
output.table([headers] + data[0..9], :header => true, :column_widths => header_widths, :width => output.bounds.width) do
|
760
|
+
row(0).style(:font_style => :bold, :background_color => 'cccccc')
|
761
|
+
cells.borders = [:top, :bottom, :left, :right]
|
762
|
+
end
|
763
|
+
end
|
764
|
+
|
582
765
|
# Queries for all unique risks and sorts them by count
|
583
766
|
#
|
584
767
|
# @return [ActiveRecord::Relation] with the query results
|
@@ -617,6 +800,51 @@ module Risu
|
|
617
800
|
|
618
801
|
return results
|
619
802
|
end
|
803
|
+
|
804
|
+
|
805
|
+
def common_patch_risks
|
806
|
+
results = Array.new
|
807
|
+
|
808
|
+
common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)
|
809
|
+
|
810
|
+
common_patches.each do |plugin|
|
811
|
+
items = Item.where(:plugin_id => plugin.id).to_a
|
812
|
+
items.each do |item|
|
813
|
+
results.push(item.id)
|
814
|
+
end
|
815
|
+
end
|
816
|
+
|
817
|
+
results
|
818
|
+
end
|
819
|
+
|
820
|
+
def critical_high_common_risks
|
821
|
+
results = Array.new
|
822
|
+
|
823
|
+
common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)
|
824
|
+
|
825
|
+
common_patches.each do |plugin|
|
826
|
+
items = Item.where(:plugin_id => plugin.id).to_a
|
827
|
+
items.each do |item|
|
828
|
+
results.push(item.id)
|
829
|
+
end
|
830
|
+
end
|
831
|
+
|
832
|
+
items = Item.critical_risks.to_a
|
833
|
+
items.each do |item|
|
834
|
+
results.push(item.id)
|
835
|
+
end
|
836
|
+
|
837
|
+
items = Item.high_risks.to_a
|
838
|
+
items.each do |item|
|
839
|
+
results.push(item.id)
|
840
|
+
end
|
841
|
+
|
842
|
+
results
|
843
|
+
end
|
844
|
+
|
845
|
+
def critical_high_common_risks_count
|
846
|
+
critical_high_common_risks().size
|
847
|
+
end
|
620
848
|
end
|
621
849
|
end
|
622
850
|
end
|