risu 1.4.9 → 1.5.0

data/Gemfile.ci

@@ -0,0 +1,18 @@
+source :rubygems
+source "http://rubygems.org"
+source :rubyforge
+source "http://gems.rubyforge.org"
+
+gem "rails"
+gem "libxml-ruby"
+gem "prawn"
+gem "gruff"
+gem "mysql"
+gem "rmagick"
+gem "sqlite3"
+gem "simplecov"
+
+gem "rspec", "2.8.0"
+gem "machinist", "1.0.6"
+gem "sham", "1.0.2"
+gem "faker", "1.0.1"

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2010-2012 Jacob Hammack, Hammackj LLC
+Copyright (c) 2010-2012 Jacob Hammack, Arxopia LLC
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -9,14 +9,14 @@ modification, are permitted provided that the following conditions are met:
     * Redistributions in binary form must reproduce the above copyright
       notice, this list of conditions and the following disclaimer in the
       documentation and/or other materials provided with the distribution.
-    * Neither the name of the Jacob Hammack or Hammackj LLC nor the
+    * Neither the name of the Jacob Hammack or Arxopia LLC nor the
       names of its contributors may be used to endorse or promote products
       derived from this software without specific prior written permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL JACOB HAMMACK or HAMMACKJ LLC BE LIABLE FOR ANY
+DISCLAIMED. IN NO EVENT SHALL JACOB HAMMACK or Arxopia LLC BE LIABLE FOR ANY
 DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

data/NEWS.markdown

@@ -1,5 +1,50 @@
 # News
 
+#1.5.0 (February 20, 2012)
+- Updated the Item model to be compatible with Nessus 5.0
+	- Added critical_risks()
+	- Added critical_risks_unique()
+	- Added critical to the Risks by Severity Graph
+	- Everything that used High as its data now uses Critical
+	- The new methods also have associated tests.
+- Updated the Plugin model to be compatible with Nessus 5.0
+	- Added critical_risks()
+- Added New tags
+	- Plugin Model
+		- fname
+	- Item Model
+		- plugin_name (Not all plugins seem to support this XML struct yet, maybe nil at times; might add a fix up post processing like ips)
+- Added new Methods to the Reference class for accessing references easier
+	- cve
+	- cpe
+	- cwe
+	- iava
+	- msft
+	- osvdb
+	- owasp
+	- cert
+	- edb_id
+	- rhsa
+	- secunia
+	- suse
+- Added new methods to the Item class
+	- stigs_severity_graph()
+	- stig_findings()
+	- all_risks_unique_sorted() from [aeriff] on github
+- New Templates
+	- stig_findings_summary - Quick summary of all the stig related findings by severity
+- Template Updates
+	- technical_findings - Added critical risks
+	- exec_summary - added critical risks and a stig graph
+	- findings_host - added critical and lowered the font sizes a bunch
+	- notable_detailed - added critical and changed header to Notable
+	- exec_summary_detailed - added critical risks
+	- host_summary - added critical risks
+	- graphs - added stig graph
+	- host_summary - added critical risks and page numbers
+	- Misc changes in other templates
+- Added test::unit tests for most of the specs
+
 #1.4.9 (January 23, 2012)
 - Added a simple notable vulnerability template table report
 - Added a detailed notable vulnerability template like the technical_findings report just limited to the top vulnerabilities up to 10

data/README.markdown

@@ -2,7 +2,7 @@
 
 Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a  [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification. 
 
-Version 1.4.9 is the current release.
+Version 1.5.0 is the current release.
 
 ## Requirements
 
@@ -74,7 +74,7 @@ Using the risu Console is just like using Rails. You can access all of the Activ
 	|_|  |_|___/\__,_|
 
 
-	risu Console v1.4.9
+	risu Console v1.5.0
 	>> Host.first
 	=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
 	
@@ -108,5 +108,13 @@ If you would like to contribute templates/bug fixes/etc to risu. The easiest way
 # Issues
 If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/hammackj/risu/issues).
 
+#Donations
+I have received several requests for a method to donate to the project. You can use the following Paypal donation link; if you are interested in donating to the Risu Project. Your donations are welcome and help the development of Risu.
+
+<a href='http://www.pledgie.com/campaigns/16810'><img alt='Click here to lend your support to: Risu and make a donation at www.pledgie.com !' src='http://www.pledgie.com/campaigns/16810.png?skin_name=chrome' border='0' /></a>
+
 # Contact
 You can reach me at jacob[dot]hammack[at]hammackj[dot]com.
+
+You can also contact me on IRC as hammackj on irc.freenode.net, #risu 
+

data/Rakefile

@@ -4,6 +4,7 @@ require 'rubygems' # not sure why...
 require "risu"
 require 'rake'
 require 'rspec/core/rake_task'
+require 'rake/testtask'
 
 task :build do
   system "gem build #{Risu::APP_NAME}.gemspec"
@@ -23,11 +24,20 @@ task :clean do
 	system "rm -rf coverage"
 end
 
-task :report do
-  require 'cover_me'
-  CoverMe.complete!
-end
+task :default => [:spec]
 
 RSpec::Core::RakeTask.new(:spec) do |t|
-	Rake::Task['report'].invoke
+  t.pattern = './spec/**/*_spec.rb'
 end
+
+Rake::TestTask.new("test_units") { |t|
+	t.libs << "test"
+  t.pattern = 'test/*/*_test.rb'
+  t.verbose = true
+}
+
+Rake::TestTask.new("test_functional") { |t|
+	t.libs << "test"
+  t.pattern = 'test/functional/*_test.rb'
+  t.verbose = true
+}

data/TODO.markdown

@@ -2,23 +2,34 @@
 
 **Release dates are estimates, and features can be changed at any time.**
 
-## 1.4.10 (??)
-- Ensure font sizes are standard in the templates
-- The font in tech findings could be 1 size smaller
-- Add a filtering system for lowering the rating of plugins based on config
-- Compact the data in tech findings to be more printer friendly
-- Add tests for Patch model
-- Plugin reference accessors with auto text
-- finding summary coversheet looks odd
-- unsupported OS template
-- add list of unsupported os ip's accessor
-- detailed findings should be combined to save paper on printing
-- add more detailed pci templates
-
 ## 1.5 (??)
 - Nessus 5.0 compatible
+
+##1.5.1 (??) -
+- display ruby and gems version in -v
+- clean up tests move to fixtures
+- hash all template results to make sure templates are being created correctly
+
+- clean up old plugins, some are nasty
+- Fix list report
+	- by host ordered by risk
+		- vulnerability name
+		- first cve
+		- Host
+		- vuln name     |   cve
+		- vuln name     |   cve	
+- add findings by host report 
+- ms_wsus_findings: Takes the plugin_output from plugin ####pluginid### 
+- windows policy report
+- stig pie graph for cat 1 / 2 /3
+- move all pci related host properties to their own table
+- stig detailed report
+- migration error handling
+- bug report info collection option
+- template for rhs plugins
+- template for wsus plugins
 - Complete comments for all existing code
-- Create rSpec tests for everything (95%+ code coverage goal)
+- Create tests for everything (95%+ code coverage goal)
 	- Parser tests
 		- Add test for new xml element
 		- Add test for new host properties tag
@@ -44,7 +55,6 @@
 		- ms update summary
 		- pci compliance
 		- tech findings
-
 - CentOS 6 tutorial
 - Ubuntu latest tutorial
 - Implement the ability to filter data out of the report
@@ -52,9 +62,18 @@
 		- Host Mac Address
 		- Host IP
 		- Plugin ID
-		- 
-
-##1.5.1 (??) - Template work
+- Ensure font sizes are standard in the templates
+- The font in tech findings could be 1 size smaller
+- Add a filtering system for lowering the rating of plugins based on config
+- Compact the data in tech findings to be more printer friendly
+- Add tests for Patch model
+- Plugin reference accessors with auto text
+- finding summary coversheet looks odd
+- unsupported OS template
+- unsupported vs supported os graph
+- add list of unsupported os ip's accessor
+- detailed findings should be combined to save paper on printing
+- add more detailed pci templates
 - Provide more templates
 	- Virtual Machine Summary
 	- Fix list Report?
@@ -64,6 +83,13 @@
 - Add template validation and more error checking
 - Colorize the reports with better style
 - Added TOC/Index to the technical findings report, issue 15
+- Category I
+	- Vulnerabilities that allow an attacker immediate access into amachine, allow superuser access, or bypass a firewall.These can lead to the immediate compromise of the web serverallowing the attacker to take complete control of the web serverand associated operating system, which can then be used as aresource to control other systems in your network.Some examples would be the running of unsupported software,anonymous access to privledge accounts, and the presence of sample applications installed on the web server.
+- Category II
+	- Vulnerabilities aide the ability of an attacker to gain access into amachine, compromise sensitive data, or bypass a firewall.These will lead to the eventual compromise of the web serverallowing the attacker to manipulate the content or server settingson the web server and have access to other systems in yournetwork.Some examples would be trust relationships with unauthorizedseparate enclaves, non compliance with appropriate hostoperating system security controls, and the non compliance withthe IAVM program.
+- Category III
+	- Vulnerabilities that impact the security posture of the system andif configured, will improve the overall security of asset.These could result in the degradation of service, compromise of information, and in some cases lead to unauthorized access to thesystem.Some examples would be untrained staff, development tools on aproduction environment, and the uncontrolled release of information to the web server.
+
 	
 ##1.5.2 (??) - Parser work
 - Add Schema checks to make sure the schema is compatible with the version of risu
@@ -80,7 +106,7 @@
 
 ## 1.6 (??)
 - Remove rmagick (GRRRR!)
-- Move to ruby 1.9.2 only support
+- Move to ruby 1.9.3 only support
 - Add Parser for Nessus NBE Format
 - Add Parser for Nessus NSR Format
 - Add Parser for Nessus V1 of the XML Format

data/lib/risu.rb

@@ -1,6 +1,6 @@
 module Risu
 	APP_NAME = "risu"
-	VERSION = "1.4.9"
+	VERSION = "1.5.0"
 	GRAPH_WIDTH = 750
 	EMAIL = "jacob.hammack@hammackj.com"
 	CONFIG_FILE = "./risu.cfg"
@@ -27,5 +27,6 @@ require 'risu/cli'
 require 'risu/exceptions'
 require 'risu/models'
 require 'risu/parsers'
+require 'risu/renderers'
 
 include Risu::Models

data/lib/risu/base/schema.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module Risu
 
 	# Risu Schema
@@ -87,6 +85,7 @@ module Risu
 				t.string :svc_name
 				t.string :protocol
 				t.integer :severity
+				t.string :plugin_name
 				t.boolean :verified
 			end
 
@@ -96,8 +95,8 @@ module Risu
 				t.text :description
 				t.string :plugin_version
 				t.datetime :plugin_publication_date
+				t.datetime :plugin_modification_date
 				t.datetime :vuln_publication_date
-				t.string :cpe
 				t.string :cvss_vector
 				t.string :cvss_base_score
 				t.string :cvss_temporal_score
@@ -116,6 +115,7 @@ module Risu
 				t.string :exploit_framework_exploithub
 				t.string :exploithub_sku
 				t.string :stig_severity
+				t.string :fname
 			end
 
 			create_table :individual_plugin_selections do |t|
@@ -177,6 +177,5 @@ module Risu
 			drop_table :service_descriptions
 			drop_table :patches
 		end
-
 	end
 end

data/lib/risu/base/template_base.rb

@@ -1,26 +1,26 @@
 module Risu
 	module Base
 
-  	# Base template class, all report templates must be a subclass of this.
+		# Base template class, all report templates must be a subclass of this.
 		#
 		class TemplateBase			
-	    @possible_templates = []
+			@possible_templates = []
 	
-	    class << self
-	      attr_reader :possible_templates
-	    end
-    	
+			class << self
+				attr_reader :possible_templates
+			end
+			
 			# Accessor for template metadata
 			#
 			# @return [Hash] Containing template metadata
 			attr_accessor :template_info
 			
-			#  Adds any class that inherits from [TemplateBase] into an [Array] of
+			#	 Adds any class that inherits from [TemplateBase] into an [Array] of
 			# possible templates for further validation.
 			#			
-	    def self.inherited(child)
-	      possible_templates << child
-	    end
-	  end
+			def self.inherited(child)
+				possible_templates << child
+			end
+		end
 	end
 end

data/lib/risu/cli/application.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module Risu
 	module CLI
 
@@ -10,8 +8,8 @@ module Risu
 			include Risu::Base
 			attr_accessor :database
 
-			#
-			#
+			# Initalizes a CLI Application 
+			# 
 			def initialize
 				@options = {}
 				@database = {}
@@ -26,6 +24,10 @@ module Risu
 
 			# Creates a blank config file
 			#
+			# @todo does this need exception handling
+			#
+			# @param file Path to config file
+			#
 			def create_config(file=CONFIG_FILE)
 				File.open(file, 'w+') do |f|
 					f.write("report:\n")
@@ -41,16 +43,14 @@ module Risu
 					f.write("  username: \n")
 					f.write("  password: \n")
 					f.write("  timeout: \n\n")
-					#TODO blacklisting
-					#f.write("blacklist:\n")
-					#f.write("	ips: \n")
-					#f.write("	macs: \n")
-					#f.write("	plugins: \n\n")
 				end
 			end
 
 			# Loads the configuration file
 			#
+			# @param file Path to config file
+			# @param in_memory_config [Boolean] If the config is in memory
+			#
 			def load_config(file=CONFIG_FILE, in_memory_config=false)
 				if File.exists?(file) == true or in_memory_config == true
 					begin
@@ -71,8 +71,6 @@ module Risu
 								@report[k] = "No #{k}"
 							end
 						end
-
-						#@blacklist = yaml["blacklist"]
 					rescue => e
 						puts "[!] Error loading config! - #{e.message}"
 						exit
@@ -85,6 +83,8 @@ module Risu
 
 			# Initiator for [ActiveRecord] migrations.
 			#
+			# @param direction [Symbol] :up or :down
+			#
 			def migrate(direction)
 				begin
 					if @database["adapter"] == nil
@@ -96,10 +96,13 @@ module Risu
 					Schema.migrate(direction)
 
 					if direction == :up
+						puts "[*] Creating tables"
 						ver = Version.create
 						ver.version = Risu::VERSION
 						ver.save
 					end
+					
+					puts "[*] Dropping tables" if direction == :down
 
 				rescue ActiveRecord::AdapterNotSpecified => ans
 					puts "[!] Database adapter not found, please check your config file"
@@ -117,7 +120,7 @@ module Risu
 				end
 			end
 
-			#
+			# Establishes an [ActiveRecord::Base] database connection
 			#
 			def db_connect
 				begin
@@ -133,18 +136,21 @@ module Risu
 				rescue ActiveRecord::AdapterNotSpecified => ans
 					puts "[!] Database adapter not found, please check your config file"
 					puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
+					
 					exit
 				rescue ActiveRecord::AdapterNotFound => anf
 					puts "[!] Database adapter not found, please check your config file"
 					puts "#{anf.message}\n #{anf.backtrace}" if @options[:debug]
+					
 					exit
 				rescue => e
 					puts "[!] Exception! #{e.message}\n #{e.backtrace}"
 				end
 			end
 
+			# Tests the database connection
 			#
-			#
+			# @return [Boolean] True on successful, False on failure
 			def test_connection?
 				begin
 
@@ -162,6 +168,7 @@ module Risu
 
 			# Starts a console and executes anything in a block sent to it
 			#
+			# @param block Code block to transfer control
 			def consolize &block
 
 				yield
@@ -293,7 +300,8 @@ module Risu
 				end
 			end
 
-			#
+			# Main Application loop, handles all of the command line arguments and
+			#parsing of files on the command line
 			#
 			def run
 				parse_options
@@ -378,6 +386,7 @@ module Risu
 
 			# Handles the parsing of a single file
 			#
+			# @param file 
 			def parse_file file
 				begin
 						puts "[*] Parsing #{file}..."
@@ -392,7 +401,6 @@ module Risu
 							doc.parse
 
 							puts "[*] Fixing IP Address field"
-
 							doc.fix_ips
 
 						else