risu 1.4.4 → 1.4.5
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.markdown +14 -1
- data/README.markdown +23 -41
- data/TODO.markdown +48 -39
- data/lib/risu.rb +4 -9
- data/lib/risu/base.rb +15 -0
- data/lib/risu/base/prawn_templater.rb +37 -0
- data/lib/risu/{schema.rb → base/schema.rb} +34 -15
- data/lib/risu/base/template_base.rb +23 -0
- data/lib/risu/base/template_manager.rb +106 -0
- data/lib/risu/base/templater.rb +37 -0
- data/lib/risu/cli/application.rb +28 -8
- data/lib/risu/models.rb +1 -2
- data/lib/risu/models/host.rb +147 -23
- data/lib/risu/models/item.rb +131 -43
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/report.rb +11 -1
- data/lib/risu/models/serverpreference.rb +0 -2
- data/lib/risu/models/servicedescription.rb +10 -0
- data/lib/risu/parsers.rb +2 -3
- data/lib/risu/parsers/nessus/nessus_document.rb +69 -0
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +278 -0
- data/lib/risu/templates/assets.rb +45 -18
- data/lib/risu/templates/cover_sheet.rb +70 -42
- data/lib/risu/templates/exec_summary.rb +64 -45
- data/lib/risu/templates/executive_summary.rb +185 -161
- data/lib/risu/templates/finding_statistics.rb +44 -17
- data/lib/risu/templates/findings_host.rb +70 -46
- data/lib/risu/templates/findings_summary.rb +78 -54
- data/lib/risu/templates/findings_summary_with_pluginid.rb +80 -54
- data/lib/risu/templates/graphs.rb +46 -19
- data/lib/risu/templates/host_summary.rb +62 -39
- data/lib/risu/templates/ms_patch_summary.rb +59 -35
- data/lib/risu/templates/ms_update_summary.rb +59 -35
- data/lib/risu/templates/pci_compliance.rb +88 -64
- data/lib/risu/templates/technical_findings.rb +132 -106
- data/lib/risu/templates/template.rb +24 -0
- metadata +12 -6
- data/lib/risu/listener.rb +0 -274
- data/lib/risu/nessusdocument.rb +0 -66
- data/lib/risu/prawn_templater.rb +0 -38
data/NEWS.markdown
CHANGED
@@ -1,7 +1,20 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
#1.4.5 (July 4, 2011)
|
4
|
+
- Implemented an modular template system, **breaks all existing templates**.
|
5
|
+
- All templates are now implemented as Ruby classes this allows them to be dynamically loaded and removes the need to type the entire path to the template
|
6
|
+
- This allows me to implement rendering systems that will be able to write pdf/html/rtf/csv in the future without having to have templates for each type
|
7
|
+
- Updated the Severity Graph and added some auto generated text based on the graph percentages
|
8
|
+
- Added a method to generate text for the other_os_graph
|
9
|
+
- Added a method to generate text for the windows_os_graph
|
10
|
+
- Added some auto generated text for unsupported operating systems to put into a report.
|
11
|
+
- Added AIX named_scopes on the Host model (os_aix and not_os_aix)
|
12
|
+
- Unified the colors to be the same for all the graphs
|
13
|
+
- Added validation of the XML files for Nessus Documents
|
14
|
+
- Added 'system_type' field to the Nessus parser
|
15
|
+
|
3
16
|
#1.4.4 (May 28, 2011)
|
4
|
-
- NessusDB has been renamed to risu
|
17
|
+
- NessusDB has been renamed to risu, NessusDB gem now install risu and warns you.
|
5
18
|
- Fixed a bug in --create-config, where tabs were being inserted with spaces
|
6
19
|
- Fixed a bug in load_config where the exception was not printed.
|
7
20
|
- Added more banners to the console for fun
|
data/README.markdown
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
4
|
|
5
|
-
Version 1.4.
|
5
|
+
Version 1.4.5 is the current release.
|
6
6
|
|
7
7
|
## Requirements
|
8
8
|
|
@@ -59,7 +59,7 @@ The data can be viewed with a query browser available for your database. A Rails
|
|
59
59
|
## Generating Reports
|
60
60
|
To generate a report please execute the following after the the data is parsed into the database.
|
61
61
|
|
62
|
-
% risu -t
|
62
|
+
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
|
63
63
|
|
64
64
|
## Risu Console
|
65
65
|
|
@@ -74,51 +74,33 @@ Using the risu Console is just like using Rails. You can access all of the Activ
|
|
74
74
|
|_| |_|___/\__,_|
|
75
75
|
|
76
76
|
|
77
|
-
risu Console v1.4.
|
77
|
+
risu Console v1.4.5
|
78
78
|
>> Host.first
|
79
79
|
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
|
80
80
|
|
81
81
|
## Templates
|
82
82
|
Several templates are included:
|
83
83
|
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
[hammackj@taco
|
102
|
-
|
103
|
-
|
104
|
-
drwxr-xr-x 8 hammackj admin 272B Oct 21 19:24 ../
|
105
|
-
-rw-r--r-- 1 hammackj staff 695B Mar 9 15:59 assets.rb
|
106
|
-
-rw-r--r-- 1 hammackj staff 691B Mar 9 15:59 cover_sheet.rb
|
107
|
-
drwxr-xr-x 3 hammackj staff 102B Mar 9 15:59 data/
|
108
|
-
-rw-r--r-- 1 hammackj staff 2.0K Mar 9 15:59 exec_summary.rb
|
109
|
-
-rw-r--r-- 1 hammackj staff 6.7K Mar 9 15:59 executive_summary.rb
|
110
|
-
-rw-r--r-- 1 hammackj staff 724B Mar 9 15:59 finding_statistics.rb
|
111
|
-
-rw-r--r--@ 1 hammackj staff 1.2K Mar 17 14:55 findings_host.rb
|
112
|
-
-rw-r--r-- 1 hammackj staff 1.5K Mar 9 15:59 findings_summary.rb
|
113
|
-
-rw-r--r-- 1 hammackj staff 831B Mar 9 15:59 graphs.rb
|
114
|
-
-rw-r--r-- 1 hammackj staff 1.2K Mar 9 15:59 host_summary.rb
|
115
|
-
-rw-r--r-- 1 hammackj staff 663B Mar 9 15:59 ms_patch_summary.rb
|
116
|
-
-rw-r--r-- 1 hammackj staff 924B Mar 9 15:59 ms_update_summary.rb
|
117
|
-
-rw-r--r-- 1 hammackj staff 1.6K Mar 9 15:59 pci_compliance.rb
|
118
|
-
-rw-r--r-- 1 hammackj staff 2.8K Mar 9 15:59 technical_findings.rb
|
119
|
-
[hammackj@taco:~]$
|
120
|
-
|
121
|
-
The templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested.
|
84
|
+
[hammackj@taco:~/Projects/public/risu]$ ./bin/risu -l
|
85
|
+
Available Templates
|
86
|
+
assets - Generates a Assets Summary Report
|
87
|
+
cover_sheet - Generates a coversheet with a logo (Example Template)
|
88
|
+
exec_summary - Generates a simple executive summary.
|
89
|
+
exec_summary_detailed - Generates a detailed executive summary report
|
90
|
+
finding_statistics - Generates report finding statistics
|
91
|
+
findings_host - Generates a findings report by host
|
92
|
+
findings_summary - Generates a findings summary report
|
93
|
+
findings_summary_with_pluginid - Geneates a Findings Summary with Nessus Plugin ID
|
94
|
+
graphs - Generates a report with all the graphs in it
|
95
|
+
host_summary - Generates a Host Summary Report
|
96
|
+
ms_patch_summary - Generates a Microsoft Patch Summary Report
|
97
|
+
ms_update_summary - Generates a Microsoft Update Summary Report
|
98
|
+
pci_compliance - Generates a PCI Compliance Overview Report
|
99
|
+
technical_findings - Generates a Technical Findings Report
|
100
|
+
template - template
|
101
|
+
[hammackj@taco:~/Projects/public/risu]$
|
102
|
+
|
103
|
+
The templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested. See 'template' for creating your own template.
|
122
104
|
|
123
105
|
# Issues
|
124
106
|
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/hammackj/risu/issues).
|
data/TODO.markdown
CHANGED
@@ -2,62 +2,71 @@
|
|
2
2
|
|
3
3
|
**Release dates are estimates, and features can be changed at any time.**
|
4
4
|
|
5
|
-
## 1.4.5 (May)
|
6
|
-
|
7
|
-
- Add a CVSS risk factor graph
|
8
|
-
- Update Assets templates to use this if possible plugin: http://www.nessus.org/plugins/index.php?view=single&id=54615 for extra data
|
9
|
-
|
10
5
|
## 1.5 (7/4/2011)
|
11
|
-
-
|
12
|
-
-
|
6
|
+
- Comment all named scope from 1.2
|
7
|
+
- Clean up code
|
8
|
+
- Create rSpec tests for everything (95%+ code coverage goal)
|
13
9
|
- Parser tests
|
14
10
|
- Add test for new xml element
|
15
11
|
- Add test for new host properties tag
|
16
|
-
-
|
12
|
+
- Model Specs
|
13
|
+
- Report
|
14
|
+
- Item
|
15
|
+
- Host
|
16
|
+
- Application specs
|
17
17
|
- Add a failed load_config() test
|
18
18
|
- add test for load config from file
|
19
19
|
- add test for non existent config file
|
20
|
-
-
|
21
|
-
-
|
22
|
-
-
|
23
|
-
-
|
24
|
-
-
|
25
|
-
-
|
26
|
-
-
|
27
|
-
-
|
28
|
-
- plugin
|
29
|
-
-
|
30
|
-
-
|
31
|
-
-
|
32
|
-
-
|
33
|
-
-
|
34
|
-
- Rework the blacklisting
|
35
|
-
- Add blacklisting to config
|
36
|
-
- Add Schema checks to make sure the schema is compatible with the version of risu
|
37
|
-
- Check to see that the xml is version 2
|
38
|
-
- Version 1 = NessusClientData
|
39
|
-
- Version 2 = NessusClientData_V2
|
20
|
+
- Template specs
|
21
|
+
- Assets
|
22
|
+
- Coversheet
|
23
|
+
- exec summary
|
24
|
+
- executive summary(detailed)
|
25
|
+
- finding stats
|
26
|
+
- findings host
|
27
|
+
- findings summary
|
28
|
+
- findings summary with plugin id
|
29
|
+
- host summary
|
30
|
+
- ms patch summary
|
31
|
+
- ms update summary
|
32
|
+
- pci compliance
|
33
|
+
- tech findings
|
34
|
+
- Rework the blacklisting of plugins/hosts add to the config file
|
40
35
|
|
41
|
-
|
42
|
-
- DSL for report creation to abstract the reports to have different output types
|
36
|
+
##1.5.1 (8/4/2011) - Template work
|
43
37
|
- Provide more templates
|
44
38
|
- Virtual Machine Summary
|
45
39
|
- Fix list Report?
|
40
|
+
- Add a CVSS risk factor graph
|
41
|
+
- Update Assets templates to use this if possible plugin: http://www.nessus.org/plugins/index.php?view=single&id=54615 for extra data
|
42
|
+
- Sort Technical Findings Report by count/score
|
46
43
|
- Add template validation and more error checking
|
47
44
|
- Colorize the reports with better style
|
48
|
-
|
45
|
+
|
46
|
+
##1.5.2 (9/4/2011) - Parser work
|
47
|
+
- Add Schema checks to make sure the schema is compatible with the version of risu
|
48
|
+
- Create a Nessus document generator, for testing the parser
|
49
|
+
|
50
|
+
#1.5.3 (10/4/2011) - Template Work
|
51
|
+
- Implement different renderers
|
52
|
+
- pdf
|
53
|
+
- cvs
|
54
|
+
- html
|
55
|
+
- rtf
|
56
|
+
- Abstract the api for prawn to support different renders
|
57
|
+
- DSL for report creation to abstract the reports to have different output types
|
49
58
|
|
50
|
-
## 1.6 (
|
51
|
-
- Remove rmagick
|
59
|
+
## 1.6 (11/4/2011)
|
60
|
+
- Remove rmagick (GRRRR!)
|
52
61
|
- Move to ruby 1.9.2 only support
|
53
|
-
- Add Parser for NBE Format
|
54
|
-
- Add Parser for NSR Format
|
55
|
-
- Add Parser for V1 of the XML Format
|
62
|
+
- Add Parser for Nessus NBE Format
|
63
|
+
- Add Parser for Nessus NSR Format
|
64
|
+
- Add Parser for Nessus V1 of the XML Format
|
56
65
|
- Add Parser for OpenVas Output
|
57
66
|
- Add Parser for SecurityCenter Output
|
58
|
-
- Add Parser for Nexpose
|
59
|
-
- Add Parser for Qualys
|
67
|
+
- Add Parser for Nexpose xml
|
68
|
+
- Add Parser for Qualys xml
|
60
69
|
- Look at moving to nokogiri for xml parsing, current benchmarks so it faster than libxml-ruby; http://nokogiri.org
|
61
70
|
|
62
|
-
## 2.0 (
|
71
|
+
## 2.0 (?)
|
63
72
|
- Rails FrontEnd to Risu
|
data/lib/risu.rb
CHANGED
@@ -2,10 +2,11 @@
|
|
2
2
|
|
3
3
|
module Risu
|
4
4
|
APP_NAME = "risu"
|
5
|
-
VERSION = "1.4.
|
5
|
+
VERSION = "1.4.5"
|
6
6
|
GRAPH_WIDTH = 750
|
7
7
|
EMAIL = "jacob.hammack@hammackj.com"
|
8
8
|
CONFIG_FILE = "./risu.cfg"
|
9
|
+
USER_TEMPLATES_DIR = "~/.risu/templates/"
|
9
10
|
end
|
10
11
|
|
11
12
|
require 'active_record'
|
@@ -23,16 +24,10 @@ require 'irb'
|
|
23
24
|
|
24
25
|
require 'optparse'
|
25
26
|
|
26
|
-
|
27
|
-
require 'risu/schema'
|
28
|
-
end
|
29
|
-
|
30
|
-
require 'risu/listener'
|
31
|
-
require 'risu/prawn_templater'
|
32
|
-
require 'risu/nessusdocument'
|
33
|
-
|
27
|
+
require 'risu/base'
|
34
28
|
require 'risu/cli'
|
35
29
|
require 'risu/exceptions'
|
36
30
|
require 'risu/models'
|
31
|
+
require 'risu/parsers'
|
37
32
|
|
38
33
|
include Risu::Models
|
data/lib/risu/base.rb
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
|
3
|
+
module Risu
|
4
|
+
module Base
|
5
|
+
end
|
6
|
+
end
|
7
|
+
|
8
|
+
#if ActiveRecord::Base.connected? == true
|
9
|
+
# require 'risu/base/schema'
|
10
|
+
#end
|
11
|
+
|
12
|
+
require 'risu/base/template_base'
|
13
|
+
require 'risu/base/template_manager'
|
14
|
+
require 'risu/base/prawn_templater'
|
15
|
+
require 'risu/base/templater'
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Risu
|
2
|
+
module Base
|
3
|
+
# Templater class for generating a report from a erb template
|
4
|
+
#
|
5
|
+
# @author Jacob Hammack
|
6
|
+
class PrawnTemplater
|
7
|
+
attr_accessor :template, :template_source, :findings, :output_file
|
8
|
+
|
9
|
+
# Setups of the Templater class initalizing all of the variables
|
10
|
+
#
|
11
|
+
# @return [PrawnTemplater] New Instance
|
12
|
+
def initialize(template, findings, output)
|
13
|
+
@template = template
|
14
|
+
@findings = findings
|
15
|
+
@output_file = output
|
16
|
+
|
17
|
+
@template_source = File.new(@template).read
|
18
|
+
end
|
19
|
+
|
20
|
+
# Generates a report based on the erb template
|
21
|
+
#
|
22
|
+
# @return [String] html output of the erb template
|
23
|
+
def generate
|
24
|
+
begin
|
25
|
+
source = @template_source
|
26
|
+
template = @template
|
27
|
+
Prawn::Document.generate(@output_file, :margin => [75, 50, 75, 50]) do
|
28
|
+
font_size 12
|
29
|
+
eval source
|
30
|
+
end
|
31
|
+
rescue => e
|
32
|
+
puts "Error: #{e.message} \n #{e.backtrace.join("\n\t")}\n"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -1,26 +1,26 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
|
3
3
|
module Risu
|
4
|
-
|
4
|
+
|
5
5
|
# Risu Schema
|
6
6
|
#
|
7
7
|
# @author Jacob Hammack <jacob.hammack@hammackj.com>
|
8
8
|
class Schema < ActiveRecord::Migration
|
9
9
|
|
10
10
|
# Creates all of the database tables required by the parser
|
11
|
-
#
|
11
|
+
#
|
12
12
|
def self.up
|
13
13
|
create_table :policies do |t|
|
14
14
|
t.string :name
|
15
15
|
t.string :comments
|
16
16
|
end
|
17
|
-
|
17
|
+
|
18
18
|
create_table :server_preferences do |t|
|
19
19
|
t.integer :policy_id
|
20
20
|
t.string :name
|
21
21
|
t.string :value
|
22
|
-
end
|
23
|
-
|
22
|
+
end
|
23
|
+
|
24
24
|
create_table :plugins_preferences do |t|
|
25
25
|
t.integer :policy_id
|
26
26
|
t.integer :plugin_id
|
@@ -36,13 +36,13 @@ module Risu
|
|
36
36
|
t.integer :policy_id
|
37
37
|
t.string :family_name
|
38
38
|
t.string :status
|
39
|
-
end
|
40
|
-
|
39
|
+
end
|
40
|
+
|
41
41
|
create_table :reports do |t|
|
42
42
|
t.integer :policy_id
|
43
43
|
t.string :name
|
44
44
|
end
|
45
|
-
|
45
|
+
|
46
46
|
create_table :hosts do |t|
|
47
47
|
t.integer :report_id
|
48
48
|
t.string :name
|
@@ -66,7 +66,8 @@ module Risu
|
|
66
66
|
t.string :pcidss_high_risk_flaw
|
67
67
|
t.string :pcidss_medium_risk_flaw
|
68
68
|
t.string :pcidss_reachable_db
|
69
|
-
t.string :pcidss_www_xss
|
69
|
+
t.string :pcidss_www_xss
|
70
|
+
t.string :system_type
|
70
71
|
t.text :notes
|
71
72
|
end
|
72
73
|
|
@@ -79,8 +80,8 @@ module Risu
|
|
79
80
|
t.string :protocol
|
80
81
|
t.integer :severity
|
81
82
|
t.boolean :verified
|
82
|
-
end
|
83
|
-
|
83
|
+
end
|
84
|
+
|
84
85
|
create_table :plugins do |t|
|
85
86
|
t.string :plugin_name
|
86
87
|
t.string :family_name
|
@@ -105,7 +106,7 @@ module Risu
|
|
105
106
|
t.text :synopsis
|
106
107
|
t.string :plugin_type
|
107
108
|
end
|
108
|
-
|
109
|
+
|
109
110
|
create_table :individual_plugin_selections do |t|
|
110
111
|
t.string :policy_id
|
111
112
|
t.integer :plugin_id
|
@@ -113,18 +114,35 @@ module Risu
|
|
113
114
|
t.string :family
|
114
115
|
t.string :status
|
115
116
|
end
|
116
|
-
|
117
|
+
|
117
118
|
create_table :references do |t|
|
118
119
|
t.integer :plugin_id
|
119
120
|
t.string :reference_name
|
120
121
|
t.string :value
|
121
122
|
end
|
122
|
-
|
123
|
+
|
123
124
|
create_table :versions do |t|
|
124
125
|
t.string :version
|
125
126
|
end
|
127
|
+
|
128
|
+
create_table :service_descriptions do |t|
|
129
|
+
t.string :name
|
130
|
+
t.integer :port
|
131
|
+
t.string :description
|
132
|
+
end
|
133
|
+
|
134
|
+
ServiceDescription.create :name => "www", :description => ""
|
135
|
+
ServiceDescription.create :name => "cifs", :description => ""
|
136
|
+
ServiceDescription.create :name => "smb", :description => ""
|
137
|
+
ServiceDescription.create :name => "netbios-ns", :description => ""
|
138
|
+
ServiceDescription.create :name => "snmp", :description => ""
|
139
|
+
ServiceDescription.create :name => "ftp", :description => ""
|
140
|
+
ServiceDescription.create :name => "epmap", :description => ""
|
141
|
+
ServiceDescription.create :name => "ntp", :description => ""
|
142
|
+
ServiceDescription.create :name => "dce-rpc", :description => ""
|
143
|
+
ServiceDescription.create :name => "telnet", :description => ""
|
126
144
|
end
|
127
|
-
|
145
|
+
|
128
146
|
# Deletes all of the database tables created
|
129
147
|
#
|
130
148
|
def self.down
|
@@ -139,6 +157,7 @@ module Risu
|
|
139
157
|
drop_table :plugins
|
140
158
|
drop_table :references
|
141
159
|
drop_table :versions
|
160
|
+
drop_table :service_descriptions
|
142
161
|
end
|
143
162
|
|
144
163
|
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
module Risu
|
2
|
+
module Base
|
3
|
+
#
|
4
|
+
#
|
5
|
+
class TemplateBase
|
6
|
+
@possible_templates = []
|
7
|
+
|
8
|
+
class << self
|
9
|
+
attr_reader :possible_templates
|
10
|
+
end
|
11
|
+
|
12
|
+
#
|
13
|
+
#
|
14
|
+
attr_accessor :template_info
|
15
|
+
|
16
|
+
#
|
17
|
+
#
|
18
|
+
def self.inherited(child)
|
19
|
+
possible_templates << child
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|