risu 1.6.1 → 1.6.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/NEWS.markdown +6 -0
- data/README.markdown +2 -2
- data/Rakefile +5 -2
- data/lib/risu.rb +1 -1
- data/lib/risu/cli/application.rb +1 -0
- data/lib/risu/models/report.rb +1 -1
- data/lib/risu/templates/pci_compliance.rb +8 -6
- data/lib/risu/templates/technical_findings.rb +2 -2
- data/lib/risu/templates/template.rb +2 -2
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b5cd1e3ce6b95cafbd6932d61bf077fe216e4a60
|
|
4
|
+
data.tar.gz: 6897e5ee7f28b2289f2fa9830522778f3996e5c5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 71f8a12245e3cf7378773cafc6d349b8aa0728902c35b0f130c1f7be54f4555d3ef9517855b429fb521a9dab444fbd9ea66d07e24af201e9ef5e4e591dd9b4bd
|
|
7
|
+
data.tar.gz: 217fa0b9def0e3e267dd5ef0541d261df3f0bc32c6883be5168d8bba5b9a7103a05b6d4221c37e5201d940df928aea4fee8dd4a9054671d4f292db3bb0fac66d
|
data/NEWS.markdown
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# News
|
|
2
2
|
|
|
3
|
+
#1.6.2 (March 13, 2013)
|
|
4
|
+
- pci_compliance template - Correct a bug that prevented it from working. Reported by [jkordish]
|
|
5
|
+
- Added Report.extra to contain any extra risu.config yaml settings to be passed to a report
|
|
6
|
+
- Check for nil before using it!
|
|
7
|
+
- It will contain all tags in the report: section of the config file
|
|
8
|
+
|
|
3
9
|
#1.6.1 (March 1, 2013)
|
|
4
10
|
- Models
|
|
5
11
|
- Reference Model
|
data/README.markdown
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
|
4
4
|
|
|
5
|
-
Version **1.6.
|
|
5
|
+
Version **1.6.2** is the current release.
|
|
6
6
|
|
|
7
7
|
## Requirements
|
|
8
8
|
|
|
@@ -75,7 +75,7 @@ Using the risu Console is just like using Rails. You can access all of the Activ
|
|
|
75
75
|
|_| |_|___/\__,_|
|
|
76
76
|
|
|
77
77
|
|
|
78
|
-
risu Console v1.6.
|
|
78
|
+
risu Console v1.6.2
|
|
79
79
|
>> Host.first
|
|
80
80
|
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.arxopia.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
|
|
81
81
|
|
data/Rakefile
CHANGED
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
26
26
|
|
|
27
27
|
$LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
|
|
28
28
|
|
|
@@ -38,6 +38,9 @@ end
|
|
|
38
38
|
task :tag_and_bag do
|
|
39
39
|
system "git tag -a v#{Risu::VERSION} -m 'version #{Risu::VERSION}'"
|
|
40
40
|
system "git push --tags"
|
|
41
|
+
system "git checkout master"
|
|
42
|
+
system "git merge #{Risu::VERSION}"
|
|
43
|
+
system "git push"
|
|
41
44
|
end
|
|
42
45
|
|
|
43
46
|
task :release => [:tag_and_bag, :build] do
|
data/lib/risu.rb
CHANGED
data/lib/risu/cli/application.rb
CHANGED
|
@@ -387,6 +387,7 @@ module Risu
|
|
|
387
387
|
@findings.title = @report["title"]
|
|
388
388
|
@findings.company = @report["company"]
|
|
389
389
|
@findings.classification = @report["classification"]
|
|
390
|
+
@findings.extra = @report
|
|
390
391
|
|
|
391
392
|
template = Templater.new(@options[:template], @findings, @options[:output_file], @template_manager)
|
|
392
393
|
template.generate
|
data/lib/risu/models/report.rb
CHANGED
|
@@ -50,11 +50,11 @@ module Risu
|
|
|
50
50
|
text "\n\n\n"
|
|
51
51
|
|
|
52
52
|
#@hosts_count = Host.find(:all, :conditions => ["pci_dss_compliance is not null"]).count
|
|
53
|
-
@hosts_count = HostProperty.where(:name => "
|
|
53
|
+
@hosts_count = HostProperty.where(:name => "pci-dss-compliance").count
|
|
54
54
|
#@hosts_passed = Host.find(:all, :conditions => ["pci_dss_compliance like 'passed'"])
|
|
55
|
-
@hosts_passed = HostProperty.where(:name => "
|
|
55
|
+
@hosts_passed = HostProperty.where(:name => "pci-dss-compliance").where(:value => "passed")
|
|
56
56
|
#@hosts_failed = Host.find(:all, :conditions => ["pci_dss_compliance like 'failed'"])
|
|
57
|
-
@hosts_failed = HostProperty.where(:name => "
|
|
57
|
+
@hosts_failed = HostProperty.where(:name => "pci-dss-compliance").where(:value => "failed")
|
|
58
58
|
|
|
59
59
|
output.font_size(20) do
|
|
60
60
|
output.text "Summary\n", :style => :bold
|
|
@@ -73,7 +73,8 @@ module Risu
|
|
|
73
73
|
|
|
74
74
|
output.text "\n"
|
|
75
75
|
|
|
76
|
-
@hosts_passed.each do |
|
|
76
|
+
@hosts_passed.each do |host_prop|
|
|
77
|
+
host = host_prop.host
|
|
77
78
|
text "#{host.ip} / #{host.fqdn} - passed\n"
|
|
78
79
|
end unless @hosts_passed == nil
|
|
79
80
|
|
|
@@ -89,8 +90,9 @@ module Risu
|
|
|
89
90
|
|
|
90
91
|
text "\n"
|
|
91
92
|
|
|
92
|
-
@hosts_failed.each do |
|
|
93
|
-
host_id =
|
|
93
|
+
@hosts_failed.each do |host_prop|
|
|
94
|
+
host_id = host_prop.host_id
|
|
95
|
+
host = host_prop.host
|
|
94
96
|
plugin = Plugin.find(:first, :conditions => { :id => 33929 })
|
|
95
97
|
item = Item.find(:first, :conditions => { :host_id => host_id, :plugin_id => plugin.id })
|
|
96
98
|
|
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
26
26
|
|
|
27
27
|
module Risu
|
|
28
28
|
module Templates
|
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
26
26
|
|
|
27
27
|
module Risu
|
|
28
28
|
module Templates
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: risu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.6.
|
|
4
|
+
version: 1.6.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jacob Hammack
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-03-
|
|
11
|
+
date: 2013-03-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: simplecov
|
|
@@ -246,3 +246,4 @@ signing_key:
|
|
|
246
246
|
specification_version: 4
|
|
247
247
|
summary: risu
|
|
248
248
|
test_files: []
|
|
249
|
+
has_rdoc: yard
|