risu 1.4.5 → 1.4.6
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.markdown +6 -0
- data/Rakefile +1 -1
- data/TODO.markdown +5 -3
- data/lib/risu.rb +1 -3
- data/lib/risu/base.rb +1 -2
- data/lib/risu/base/schema.rb +2 -0
- data/lib/risu/base/template_manager.rb +23 -18
- data/lib/risu/cli.rb +0 -2
- data/lib/risu/cli/banner.rb +0 -2
- data/lib/risu/exceptions/invaliddocument.rb +1 -4
- data/lib/risu/models/familyselection.rb +0 -2
- data/lib/risu/models/host.rb +0 -2
- data/lib/risu/models/individualpluginselection.rb +0 -2
- data/lib/risu/models/item.rb +7 -5
- data/lib/risu/models/plugin.rb +0 -2
- data/lib/risu/models/policy.rb +0 -2
- data/lib/risu/models/reference.rb +0 -2
- data/lib/risu/models/report.rb +0 -2
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +0 -2
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +6 -2
- metadata +2 -2
data/NEWS.markdown
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# News
|
|
2
2
|
|
|
3
|
+
#1.4.6 (July, 2011)
|
|
4
|
+
- Added pcidss:dns_zone_transfer to the Nessus parser
|
|
5
|
+
- Added pcidss:obsolete_operating_system to the Nessus parser
|
|
6
|
+
- Removed warnings about several Microsoft patch tags, not sure what to do with them at the moment.
|
|
7
|
+
- Added a user template directory. Risu will scan ~/.risu/templates for user templates.
|
|
8
|
+
|
|
3
9
|
#1.4.5 (July 4, 2011)
|
|
4
10
|
- Implemented an modular template system, **breaks all existing templates**.
|
|
5
11
|
- All templates are now implemented as Ruby classes this allows them to be dynamically loaded and removes the need to type the entire path to the template
|
data/Rakefile
CHANGED
|
@@ -12,7 +12,7 @@ end
|
|
|
12
12
|
task :release => :build do
|
|
13
13
|
system "gem push #{Risu::APP_NAME}-#{Risu::VERSION}.gem"
|
|
14
14
|
|
|
15
|
-
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is always available in RubyGems!"
|
|
15
|
+
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is always available in RubyGems! More information at http://hammackj.com/projects/risu/"
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
task :clean do
|
data/TODO.markdown
CHANGED
|
@@ -2,9 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
**Release dates are estimates, and features can be changed at any time.**
|
|
4
4
|
|
|
5
|
+
## 1.4.6
|
|
6
|
+
|
|
7
|
+
|
|
5
8
|
## 1.5 (7/4/2011)
|
|
6
|
-
-
|
|
7
|
-
-
|
|
9
|
+
- Rework the blacklisting of plugins/hosts add to the config file
|
|
10
|
+
- Complete comments for all existing code
|
|
8
11
|
- Create rSpec tests for everything (95%+ code coverage goal)
|
|
9
12
|
- Parser tests
|
|
10
13
|
- Add test for new xml element
|
|
@@ -31,7 +34,6 @@
|
|
|
31
34
|
- ms update summary
|
|
32
35
|
- pci compliance
|
|
33
36
|
- tech findings
|
|
34
|
-
- Rework the blacklisting of plugins/hosts add to the config file
|
|
35
37
|
|
|
36
38
|
##1.5.1 (8/4/2011) - Template work
|
|
37
39
|
- Provide more templates
|
data/lib/risu.rb
CHANGED
data/lib/risu/base.rb
CHANGED
data/lib/risu/base/schema.rb
CHANGED
|
@@ -63,6 +63,8 @@ module Risu
|
|
|
63
63
|
t.string :pcidss_compliance_passed
|
|
64
64
|
t.string :pcidss_deprecated_ssl
|
|
65
65
|
t.string :pcidss_expired_ssl_certificate
|
|
66
|
+
t.string :pcidss_obsolete_operating_system
|
|
67
|
+
t.string :pcidss_dns_zone_transfer
|
|
66
68
|
t.string :pcidss_high_risk_flaw
|
|
67
69
|
t.string :pcidss_medium_risk_flaw
|
|
68
70
|
t.string :pcidss_reachable_db
|
|
@@ -3,21 +3,28 @@ module Risu
|
|
|
3
3
|
class TemplateManager
|
|
4
4
|
attr_accessor :registered_templates
|
|
5
5
|
|
|
6
|
+
# Creates new instance of TemplateManager
|
|
6
7
|
#
|
|
8
|
+
# @param path Path relative to the base_dir of risu
|
|
7
9
|
#
|
|
10
|
+
# @return New instance of the template manager with templates loaded.
|
|
8
11
|
def initialize (path)
|
|
9
12
|
@registered_templates = Array.new
|
|
10
13
|
@templates = Array.new
|
|
11
14
|
|
|
12
|
-
|
|
15
|
+
base_dir = __FILE__.gsub("risu/base/template_manager.rb", "")
|
|
16
|
+
|
|
17
|
+
load_templates(base_dir + path)
|
|
18
|
+
load_templates(File.expand_path(USER_TEMPLATES_DIR)) if File.exists?(File.expand_path(USER_TEMPLATES_DIR)) && File.directory?(File.expand_path(USER_TEMPLATES_DIR))
|
|
13
19
|
end
|
|
14
20
|
|
|
21
|
+
# Loads templates from a specific path
|
|
15
22
|
#
|
|
23
|
+
# @param path Path to templates to load
|
|
16
24
|
#
|
|
17
|
-
def load_templates(path)
|
|
25
|
+
def load_templates(path)
|
|
18
26
|
begin
|
|
19
|
-
|
|
20
|
-
Dir["#{base_dir + path}/**/*.rb"].each do |x|
|
|
27
|
+
Dir["#{path}/**/*.rb"].each do |x|
|
|
21
28
|
begin
|
|
22
29
|
load x
|
|
23
30
|
rescue => e
|
|
@@ -27,28 +34,23 @@ module Risu
|
|
|
27
34
|
|
|
28
35
|
TemplateBase.possible_templates.each do |p|
|
|
29
36
|
if validate(p) == true
|
|
30
|
-
@registered_templates << p
|
|
37
|
+
@registered_templates << p if @registered_templates.include?(p) == false
|
|
31
38
|
end
|
|
32
39
|
end
|
|
33
40
|
rescue => e
|
|
34
|
-
puts "
|
|
41
|
+
puts "[!] Invalid template path"
|
|
35
42
|
end
|
|
36
43
|
end
|
|
37
44
|
|
|
45
|
+
# Validates that a template is a valid template
|
|
38
46
|
#
|
|
47
|
+
# @param template The template to validate
|
|
39
48
|
#
|
|
40
49
|
def validate(template)
|
|
41
50
|
t = template.new
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
if t.respond_to?(:render) == false
|
|
48
|
-
return false
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
return true
|
|
51
|
+
|
|
52
|
+
return false if t == nil
|
|
53
|
+
return t.respond_to?(:render)
|
|
52
54
|
end
|
|
53
55
|
|
|
54
56
|
#
|
|
@@ -71,11 +73,14 @@ module Risu
|
|
|
71
73
|
def register_template(plugin)
|
|
72
74
|
load plugin
|
|
73
75
|
|
|
74
|
-
@templates.push(plugin)
|
|
76
|
+
@templates.push(plugin) if @templates.include?(plugin) == false
|
|
75
77
|
end
|
|
76
78
|
|
|
79
|
+
# Finds a template by its name
|
|
77
80
|
#
|
|
81
|
+
# @param name Name of the template to find
|
|
78
82
|
#
|
|
83
|
+
# @return the instance of the template or nil if not found
|
|
79
84
|
def find_template_by_name(name)
|
|
80
85
|
@registered_templates.each do |template|
|
|
81
86
|
t = template.new
|
|
@@ -87,7 +92,7 @@ module Risu
|
|
|
87
92
|
return nil
|
|
88
93
|
end
|
|
89
94
|
|
|
90
|
-
#
|
|
95
|
+
# Displays a list of all the templates
|
|
91
96
|
#
|
|
92
97
|
def display_templates
|
|
93
98
|
puts "Available Templates"
|
data/lib/risu/cli.rb
CHANGED
data/lib/risu/cli/banner.rb
CHANGED
data/lib/risu/models/host.rb
CHANGED
data/lib/risu/models/item.rb
CHANGED
|
@@ -1,5 +1,3 @@
|
|
|
1
|
-
# encoding: utf-8
|
|
2
|
-
|
|
3
1
|
module Risu
|
|
4
2
|
module Models
|
|
5
3
|
|
|
@@ -112,7 +110,7 @@ module Risu
|
|
|
112
110
|
|
|
113
111
|
# Queries for all the high risks by plugin
|
|
114
112
|
#
|
|
115
|
-
# @
|
|
113
|
+
# @param limit Limits the result to a specific number, default 10
|
|
116
114
|
#
|
|
117
115
|
# @return [ActiveRecord::Relation] with the query results
|
|
118
116
|
def risks_by_plugin(limit=10)
|
|
@@ -121,6 +119,8 @@ module Risu
|
|
|
121
119
|
|
|
122
120
|
# Queries for all the risks by host
|
|
123
121
|
#
|
|
122
|
+
# @param limit Limits the result to a specific number, default 10
|
|
123
|
+
#
|
|
124
124
|
# @return [ActiveRecord::Relation] with the query results
|
|
125
125
|
def risks_by_host(limit=10)
|
|
126
126
|
select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => [3, 2]).group(:host_id).order("count_all DESC").limit(limit)
|
|
@@ -142,6 +142,8 @@ module Risu
|
|
|
142
142
|
|
|
143
143
|
# Generates a Graph of all the risks by service
|
|
144
144
|
#
|
|
145
|
+
# @param limit Limits the result to a specific number, default 10
|
|
146
|
+
#
|
|
145
147
|
# @return [StringIO] Object containing the generated PNG image
|
|
146
148
|
def risks_by_service_graph(limit=10)
|
|
147
149
|
g = Gruff::Pie.new(GRAPH_WIDTH)
|
|
@@ -152,9 +154,9 @@ module Risu
|
|
|
152
154
|
:background_colors => %w(white white)
|
|
153
155
|
}
|
|
154
156
|
|
|
155
|
-
Item.risks_by_service(limit).all.each
|
|
157
|
+
Item.risks_by_service(limit).all.each do |service|
|
|
156
158
|
g.data(service.svc_name, Item.find(:all, :conditions => {:svc_name => service.svc_name}).count)
|
|
157
|
-
|
|
159
|
+
end
|
|
158
160
|
|
|
159
161
|
StringIO.new(g.to_blob)
|
|
160
162
|
end
|
data/lib/risu/models/plugin.rb
CHANGED
data/lib/risu/models/policy.rb
CHANGED
data/lib/risu/models/report.rb
CHANGED
data/lib/risu/models/version.rb
CHANGED
data/lib/risu/parsers.rb
CHANGED
|
@@ -52,7 +52,9 @@ module Risu
|
|
|
52
52
|
"pcidss:medium_risk_flaw" => :pcidss_medium_risk_flaw,
|
|
53
53
|
"pcidss:reachable_db" => :pcidss_reachable_db,
|
|
54
54
|
"pcidss:www:xss" => :pcidss_www_xss,
|
|
55
|
-
"system-type" => :system_type
|
|
55
|
+
"system-type" => :system_type,
|
|
56
|
+
"pcidss:obsolete_operating_system" => :pcidss_obsolete_operating_system,
|
|
57
|
+
"pcidss:dns_zone_transfer" => :pcidss_dns_zone_transfer
|
|
56
58
|
}
|
|
57
59
|
|
|
58
60
|
@valid_ms_patches = {
|
|
@@ -71,7 +73,9 @@ module Risu
|
|
|
71
73
|
"MS11-020" => :ms11_020,
|
|
72
74
|
"MS11-018" => :ms11_018,
|
|
73
75
|
"MS11-028" => :ms11_028,
|
|
74
|
-
"MS11-032" => :ms11_032
|
|
76
|
+
"MS11-032" => :ms11_032,
|
|
77
|
+
"MS040-016" => :ms040_016,
|
|
78
|
+
"MS08-50" => :ms08_50
|
|
75
79
|
}
|
|
76
80
|
end
|
|
77
81
|
|
metadata
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: risu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease:
|
|
5
|
-
version: 1.4.
|
|
5
|
+
version: 1.4.6
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- Jacob Hammack
|
|
@@ -10,7 +10,7 @@ autorequire:
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
12
|
|
|
13
|
-
date: 2011-07-
|
|
13
|
+
date: 2011-07-12 00:00:00 -05:00
|
|
14
14
|
default_executable:
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|