risu 1.7.9 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/LICENSE +1 -1
- data/README.markdown +16 -8
- data/Rakefile +12 -3
- data/bin/risu +2 -2
- data/docs/NEWS.markdown +32 -9
- data/lib/risu.rb +2 -2
- data/lib/risu/base.rb +1 -1
- data/lib/risu/base/graph_template_helper.rb +20 -26
- data/lib/risu/base/host_template_helper.rb +17 -23
- data/lib/risu/base/malware_template_helper.rb +18 -24
- data/lib/risu/base/post_process_base.rb +97 -71
- data/lib/risu/base/post_process_manager.rb +3 -3
- data/lib/risu/base/scan_helper.rb +17 -23
- data/lib/risu/base/schema.rb +2 -2
- data/lib/risu/base/shares_template_helper.rb +18 -24
- data/lib/risu/base/template_base.rb +1 -1
- data/lib/risu/base/template_helper.rb +20 -26
- data/lib/risu/base/template_manager.rb +5 -5
- data/lib/risu/base/templater.rb +3 -5
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +26 -5
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/graphs.rb +1 -1
- data/lib/risu/graphs/top_vuln_graph.rb +1 -1
- data/lib/risu/graphs/windows_os_graph.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +13 -13
- data/lib/risu/models/hostproperty.rb +1 -1
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +7 -7
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +2 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/7zip.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +8 -1
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +5 -3
- data/lib/risu/parsers/nessus/postprocess/apache.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +2 -1
- data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +26 -3
- data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +5 -1
- data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/db2.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +3 -2
- data/lib/risu/parsers/nessus/postprocess/filezilla.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +3 -1
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +29 -26
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/foxit_phantom_pdf.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +11 -8
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +11 -1
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +2 -1
- data/lib/risu/parsers/nessus/postprocess/irfanview.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/java.rb +3 -1
- data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +3 -2
- data/lib/risu/parsers/nessus/postprocess/openoffice.rb +3 -1
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/php.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/real_player.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +2 -3
- data/lib/risu/parsers/nessus/postprocess/servu.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/skype.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/symantec_endpoint.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vlc.rb +12 -9
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +9 -2
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/windows.rb +751 -705
- data/lib/risu/parsers/nessus/postprocess/winscp.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +2 -1
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/csvrenderer.rb +3 -3
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +4 -5
- data/lib/risu/template_helpers.rb +1 -1
- data/lib/risu/templates/assets.rb +3 -3
- data/lib/risu/templates/authentication_summary.rb +34 -5
- data/lib/risu/templates/cover_sheet.rb +3 -6
- data/lib/risu/templates/exec_summary.rb +12 -4
- data/lib/risu/templates/executive_summary_detailed.rb +3 -3
- data/lib/risu/templates/exploitablity_summary.rb +3 -3
- data/lib/risu/templates/failed_audits.rb +20 -26
- data/lib/risu/templates/finding_statistics.rb +3 -3
- data/lib/risu/templates/findings_host.rb +3 -3
- data/lib/risu/templates/findings_summary.rb +5 -5
- data/lib/risu/templates/findings_summary_with_pluginid.rb +5 -5
- data/lib/risu/templates/graphs.rb +3 -3
- data/lib/risu/templates/host_findings_csv.rb +3 -3
- data/lib/risu/templates/host_summary.rb +3 -3
- data/lib/risu/templates/malicious_process_detection.rb +3 -3
- data/lib/risu/templates/missing_root_causes.rb +3 -3
- data/lib/risu/templates/ms_patch_summary.rb +3 -3
- data/lib/risu/templates/ms_update_summary.rb +3 -3
- data/lib/risu/templates/ms_wsus_findings.rb +19 -26
- data/lib/risu/templates/notable.rb +3 -3
- data/lib/risu/templates/notable_detailed.rb +3 -3
- data/lib/risu/templates/pci_compliance.rb +3 -3
- data/lib/risu/templates/stig_findings_summary.rb +3 -3
- data/lib/risu/templates/talking_points.rb +5 -31
- data/lib/risu/templates/technical_findings.rb +3 -3
- data/lib/risu/templates/template.rb +3 -3
- data/lib/risu/templates/top_25.rb +3 -3
- data/lib/risu/version.rb +6 -5
- data/risu.gemspec +9 -7
- metadata +49 -20
- metadata.gz.sig +2 -0
- data/Gemfile.lock +0 -148
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: accf90c8309d4a0ccc6b26f830b8830458855492
|
4
|
+
data.tar.gz: d05b1dde76b40f7fdc5c30961b44ec1cc2d55848
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c5631c1e7ca724d503e77b8505b7451529bccf01ea088b6acdc80becc1512a6ca2dcffd32df537c20d7ab2dad62d82bcc175dad0214341b189dce836ea35bc0c
|
7
|
+
data.tar.gz: 5755fa9507c02125832f8b4fed8642cd75e71454838772ae252d6aa03fc749e524c09a6a7dea019d8c41f0785df6a19e9de1690d8a7636114615f1f2ee1485d5
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
ADDED
Binary file
|
data/LICENSE
CHANGED
data/README.markdown
CHANGED
@@ -1,4 +1,9 @@
|
|
1
|
-
# risu
|
1
|
+
# risu
|
2
|
+
|
3
|
+
[![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu)
|
4
|
+
[![Build Status](https://travis-ci.org/hammackj/risu.png?branch=master)](https://travis-ci.org/hammackj/risu)
|
5
|
+
[![Code Climate](https://codeclimate.com/github/hammackj/risu/badges/gpa.svg)](https://codeclimate.com/github/hammackj/risu)
|
6
|
+
[![Inline docs](http://inch-ci.org/github/hammackj/risu.png)](http://inch-ci.org/github/hammackj/risu)
|
2
7
|
|
3
8
|
Risu is [Nessus](http://www.nessus.org) parser, that converts Nessus .nessus xml files into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
9
|
|
@@ -32,6 +37,11 @@ Installation is really easy just gem install!
|
|
32
37
|
|
33
38
|
% gem install risu
|
34
39
|
|
40
|
+
## Installation with gem signature verification
|
41
|
+
|
42
|
+
% gem cert --add <(curl -Ls https://raw.github.com/hammackj/risu/master/certs/hammackj.pem
|
43
|
+
% gem install risu -P MediumSecurity
|
44
|
+
|
35
45
|
### Runtime Requirements
|
36
46
|
|
37
47
|
These are all available through [RubyGems](http://rubygems.org/). The should be installed automatically when you install risu, If not this command will install them all:
|
@@ -94,10 +104,10 @@ Using the risu Console is just like using Rails. You can access all of the Activ
|
|
94
104
|
|
95
105
|
risu Console v1.7.2
|
96
106
|
>> Host.first
|
97
|
-
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.
|
107
|
+
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
|
98
108
|
|
99
109
|
## Templates
|
100
|
-
Several templates are included
|
110
|
+
Several templates are included, but is recommend you build your own based on what you need.
|
101
111
|
|
102
112
|
$ risu -l
|
103
113
|
Available Templates
|
@@ -125,12 +135,10 @@ Several templates are included:
|
|
125
135
|
The templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
|
126
136
|
|
127
137
|
# Contributing
|
128
|
-
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on [github](http://github.com/
|
138
|
+
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on [github](http://github.com/hammackj/risu) and make the changes in your fork and the submit a pull request to the project on the dev branch. Please include unit tests for anything non trivial.
|
129
139
|
|
130
140
|
# Issues
|
131
|
-
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/
|
141
|
+
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/hammackj/risu/issues).
|
132
142
|
|
133
143
|
# Contact
|
134
|
-
You can reach me at jacob.hammack[at]
|
135
|
-
|
136
|
-
You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
144
|
+
You can reach me at jacob.hammack[at]hammackj[dot]com. You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
data/Rakefile
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -24,11 +24,21 @@ $LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
|
|
24
24
|
require "risu"
|
25
25
|
require 'rake'
|
26
26
|
require 'rake/testtask'
|
27
|
+
require 'digest/sha2'
|
27
28
|
|
28
29
|
task :build do
|
29
30
|
system "gem build #{Risu::APP_NAME}.gemspec"
|
30
31
|
end
|
31
32
|
|
33
|
+
task :checksum do
|
34
|
+
built_gem_path = "#{Risu::APP_NAME}-#{Risu::VERSION}.gem"
|
35
|
+
checksum = Digest::SHA512.new.hexdigest(File.read(built_gem_path))
|
36
|
+
checksum_path = "checksum/#{Risu::APP_NAME}-#{Risu::VERSION}.gem.sha512"
|
37
|
+
File.open(checksum_path, 'w' ) {|f| f.write(checksum) }
|
38
|
+
system "git add #{checksum_path}"
|
39
|
+
system "git commit #{checksum_path} -m 'Added #{Risu::APP_NAME}-#{Risu::VERSION}.gem checksum'"
|
40
|
+
end
|
41
|
+
|
32
42
|
task :tag_and_bag do
|
33
43
|
system "git tag -a v#{Risu::VERSION} -m 'version #{Risu::VERSION}'"
|
34
44
|
system "git push --tags"
|
@@ -45,8 +55,7 @@ task :tweet do
|
|
45
55
|
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is an Nessus XML parser/database/report generator. More information at #{Risu::HOME_PAGE}"
|
46
56
|
end
|
47
57
|
|
48
|
-
task :release => [:
|
49
|
-
|
58
|
+
task :release => [:build, :checksum, :tag_and_bag, :push, :tweet] do
|
50
59
|
end
|
51
60
|
|
52
61
|
task :clean do
|
data/bin/risu
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
1
|
+
#!/usr/bin/env ruby -W0
|
2
2
|
|
3
|
-
# Copyright (c) 2010-
|
3
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
4
4
|
#
|
5
5
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
6
|
# of this software and associated documentation files (the "Software"), to deal
|
data/docs/NEWS.markdown
CHANGED
@@ -1,5 +1,28 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
# 1.8.0 (March 1, 2017)
|
4
|
+
- **Moved repo from http://github.com/arxopia/risu to http://github.com/hammackj/risu**
|
5
|
+
- **Upgraded to Rails 5**
|
6
|
+
- Added gem signing
|
7
|
+
- Lots of clean up for Rails 5 and Ruby 2.4
|
8
|
+
- Various improvements / fixes [@abenson]
|
9
|
+
- Post Processing Updates
|
10
|
+
- Added 7-Zip
|
11
|
+
- Added Foxit Phantom PDF
|
12
|
+
- Added RealPlayer
|
13
|
+
- Added Skype
|
14
|
+
- Updated OpenSSH plugin list
|
15
|
+
- Updated VMware ESXi plugin list
|
16
|
+
- Updated Apple QuickTime
|
17
|
+
- Updated Cisco AnyConnect
|
18
|
+
- Updated Firefox
|
19
|
+
- Updated Foxit Reader
|
20
|
+
- Updated Google Chrome
|
21
|
+
- Updated Java
|
22
|
+
- Updated Libre Office
|
23
|
+
- Updated Windows updates
|
24
|
+
- Updated Wireshark
|
25
|
+
|
3
26
|
# 1.7.9 (July 1, 2016)
|
4
27
|
- Updated RootCauses
|
5
28
|
- Fixed issue #99 with the FindingsHost template enumerating the wrong findings. [@ghuisman]
|
@@ -114,7 +137,7 @@
|
|
114
137
|
# 1.7.0 (September 12, 2014)
|
115
138
|
- Update Copyrights to 2014
|
116
139
|
- Wiki
|
117
|
-
- New page for installing on [OSX]((https://github.com/
|
140
|
+
- New page for installing on [OSX]((https://github.com/hammackj/risu/wiki/OSX-Installation-Guide)
|
118
141
|
- Models
|
119
142
|
- Host Model
|
120
143
|
- Changed the field type of 'mac' from string to text to increase the size
|
@@ -236,7 +259,7 @@
|
|
236
259
|
it is rough at the moment but good for viewing all the findings. It requires
|
237
260
|
that local checks were run, for the plugin to fire during the Nessus scan.
|
238
261
|
- Wiki
|
239
|
-
- New page for installing on [Kali Linux](https://github.com/
|
262
|
+
- New page for installing on [Kali Linux](https://github.com/hammackj/risu/wiki/Kali-Linux-Risu-Installation-Guide)
|
240
263
|
- Post Processing (Alpha Support)
|
241
264
|
- Started to develop a method for doing post processing on all the findings
|
242
265
|
- Initial RiskScore plugin to calculate a risk score for Plugins / Findings / Hosts
|
@@ -328,10 +351,10 @@
|
|
328
351
|
- template
|
329
352
|
- cleaned up and updated to use the TemplateHelper mixin
|
330
353
|
- Wiki Pages
|
331
|
-
- New page for installing on [Fedora](https://github.com/
|
332
|
-
- New page for installing on [CentOS](https://github.com/
|
333
|
-
- New page for installing on [Gentoo](https://github.com/
|
334
|
-
- New page for installing on [ArchLinux](https://github.com/
|
354
|
+
- New page for installing on [Fedora](https://github.com/hammackj/risu/wiki/Fedora-Installation-Guide)
|
355
|
+
- New page for installing on [CentOS](https://github.com/hammackj/risu/wiki/CentOS-Installation-Guide)
|
356
|
+
- New page for installing on [Gentoo](https://github.com/hammackj/risu/wiki/Gentoo-Installation-Guide)
|
357
|
+
- New page for installing on [ArchLinux](https://github.com/hammackj/risu/wiki/Arch-Linux-Install-Guide)
|
335
358
|
|
336
359
|
#1.5.3 (August 29, 2012)
|
337
360
|
- New Parsed Tags
|
@@ -470,14 +493,14 @@
|
|
470
493
|
- Fixed a bug on the exec_summary_detailed detailed report
|
471
494
|
- A quick reference for Microsoft findings can now be found in the Patch model,
|
472
495
|
You are able to get host_id, name(patch name, ie MS01-001), value (plugin_id)
|
473
|
-
- Please report any missing tags that risu outputs to
|
496
|
+
- Please report any missing tags that risu outputs to jacob.hammack[@]hammackj[.]com, I expect a ton of Microsoft Patch tags missing
|
474
497
|
|
475
498
|
#1.4.8 (August 21, 2011)
|
476
499
|
- Fixed a gemspec dependency error reported by mlpotgieter
|
477
500
|
- Fixed a parser error related to Microsoft Bulletins report by stevelodin
|
478
501
|
- Added a Table for all host related patches, currently only has Microsoft Bulletins
|
479
502
|
You can access it via `Host.first.patches` or `Patch.all`
|
480
|
-
- Please report any missing tags that risu outputs to
|
503
|
+
- Please report any missing tags that risu outputs to jacob.hammack[@]hammackj[.]com, I expect a ton of Microsoft Patch tags missing
|
481
504
|
|
482
505
|
#1.4.7 (August 13, 2011)
|
483
506
|
- Fixed issue #39 Ruby 1.8.7 Syntax error reported by mlpotgieter
|
@@ -510,7 +533,7 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
510
533
|
|
511
534
|
#1.4.3 (May 23, 2011)
|
512
535
|
|
513
|
-
**This is the last release under the NessusDB name, I received a legal notice to change the name. They gave me a few weeks to change the name but I do not have a new name yet. If you have any suggestions please submit them to
|
536
|
+
**This is the last release under the NessusDB name, I received a legal notice to change the name. They gave me a few weeks to change the name but I do not have a new name yet. If you have any suggestions please submit them to jacob.hammack[@]hammackj[.]com**
|
514
537
|
|
515
538
|
- Fixed small bug in Windows/Other OS graphs
|
516
539
|
- Increased the verboseness of Error messages Ticket #29
|
data/lib/risu.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -20,7 +20,7 @@
|
|
20
20
|
|
21
21
|
|
22
22
|
module Risu
|
23
|
-
# @TODO 1.8 - move graph variables to graphs.rb
|
23
|
+
# @TODO 1.8.1 - move graph variables to graphs.rb
|
24
24
|
GRAPH_WIDTH = 750
|
25
25
|
# red orange yellow green blue purple grey pink
|
26
26
|
GRAPH_COLORS = %w(#d2403f #ec9241 #fcc343 #50ad51 #397bbb #8E6B8E black #cccccc brown #e52d89)
|
data/lib/risu/base.rb
CHANGED
@@ -1,40 +1,34 @@
|
|
1
|
-
# Copyright (c)
|
2
|
-
# All rights reserved.
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
3
2
|
#
|
4
|
-
#
|
5
|
-
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
6
9
|
#
|
7
|
-
#
|
8
|
-
#
|
9
|
-
# * Redistributions in binary form must reproduce the above copyright
|
10
|
-
# notice, this list of conditions and the following disclaimer in the
|
11
|
-
# documentation and/or other materials provided with the distribution.
|
12
|
-
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
-
# may be used to endorse or promote products derived from this software
|
14
|
-
# without specific prior written permission.
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
15
12
|
#
|
16
|
-
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
26
20
|
|
27
21
|
module Risu
|
28
22
|
module Templates
|
29
23
|
module GraphTemplateHelper
|
30
|
-
|
24
|
+
|
31
25
|
#
|
32
26
|
def other_os_graph_page
|
33
27
|
if Host.other_os_graph_has_data?
|
34
28
|
new_page
|
35
29
|
@output.image Host.other_os_graph, :width => 500, :height => 375, :position => :center
|
36
30
|
text Host.other_os_graph_text
|
37
|
-
end
|
31
|
+
end
|
38
32
|
end
|
39
33
|
|
40
34
|
#
|
@@ -65,7 +59,7 @@ module Risu
|
|
65
59
|
new_page
|
66
60
|
@output.image Item.risks_by_severity_graph, :width => 500, :height => 375, :position => :center
|
67
61
|
text Item.risks_by_severity_graph_text, :inline_format => true
|
68
|
-
end
|
62
|
+
end
|
69
63
|
end
|
70
64
|
end
|
71
|
-
end
|
65
|
+
end
|
@@ -1,35 +1,29 @@
|
|
1
|
-
# Copyright (c)
|
2
|
-
# All rights reserved.
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
3
2
|
#
|
4
|
-
#
|
5
|
-
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
6
9
|
#
|
7
|
-
#
|
8
|
-
#
|
9
|
-
# * Redistributions in binary form must reproduce the above copyright
|
10
|
-
# notice, this list of conditions and the following disclaimer in the
|
11
|
-
# documentation and/or other materials provided with the distribution.
|
12
|
-
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
-
# may be used to endorse or promote products derived from this software
|
14
|
-
# without specific prior written permission.
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
15
12
|
#
|
16
|
-
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
26
20
|
|
27
21
|
module Risu
|
28
22
|
module Templates
|
29
23
|
module HostTemplateHelper
|
30
24
|
|
31
25
|
#
|
32
|
-
def unsupported_os
|
26
|
+
def unsupported_os title, plugin_name
|
33
27
|
if item_count_by_plugin_name(plugin_name) <= 0
|
34
28
|
return
|
35
29
|
end
|
@@ -1,28 +1,22 @@
|
|
1
|
-
# Copyright (c)
|
2
|
-
# All rights reserved.
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
3
2
|
#
|
4
|
-
#
|
5
|
-
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
6
9
|
#
|
7
|
-
#
|
8
|
-
#
|
9
|
-
# * Redistributions in binary form must reproduce the above copyright
|
10
|
-
# notice, this list of conditions and the following disclaimer in the
|
11
|
-
# documentation and/or other materials provided with the distribution.
|
12
|
-
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
-
# may be used to endorse or promote products derived from this software
|
14
|
-
# without specific prior written permission.
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
15
12
|
#
|
16
|
-
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
26
20
|
|
27
21
|
module Risu
|
28
22
|
module Templates
|
@@ -32,7 +26,7 @@ module Risu
|
|
32
26
|
def conficker_count
|
33
27
|
begin
|
34
28
|
return Item.where(:plugin_id => Plugin.where(:plugin_name => "Conficker Worm Detection (uncredentialed check)").first.id).count
|
35
|
-
rescue
|
29
|
+
rescue
|
36
30
|
return 0
|
37
31
|
end
|
38
32
|
end
|
@@ -88,7 +82,7 @@ module Risu
|
|
88
82
|
def known_malicious_process_count
|
89
83
|
begin
|
90
84
|
return Item.where(:plugin_id => 59275).count
|
91
|
-
rescue
|
85
|
+
rescue
|
92
86
|
return 0
|
93
87
|
end
|
94
88
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2017 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -34,11 +34,11 @@ module Risu
|
|
34
34
|
attr_accessor :info
|
35
35
|
|
36
36
|
#
|
37
|
-
def self.inherited
|
37
|
+
def self.inherited child
|
38
38
|
possible_postprocesses << child
|
39
39
|
end
|
40
40
|
|
41
|
-
def ==
|
41
|
+
def == other
|
42
42
|
|
43
43
|
if self.info == nil || self.info[:plugin_id] == nil
|
44
44
|
false
|
@@ -49,7 +49,7 @@ module Risu
|
|
49
49
|
end
|
50
50
|
end
|
51
51
|
|
52
|
-
def <=>
|
52
|
+
def <=> other
|
53
53
|
if self.info[:plugin_id] < other.info[:plugin_id]
|
54
54
|
-1
|
55
55
|
elsif self.info[:plugin_id] > other.info[:plugin_id]
|
@@ -59,72 +59,110 @@ module Risu
|
|
59
59
|
end
|
60
60
|
end
|
61
61
|
|
62
|
-
#
|
63
|
-
#
|
64
|
-
|
65
|
-
#end
|
62
|
+
# Create a plugin based on a combination of all plugins
|
63
|
+
# to be rolled up.
|
64
|
+
def create_plugin
|
66
65
|
|
67
|
-
|
68
|
-
#looks like its working
|
69
|
-
def newest_reader_plugin
|
70
|
-
newest = DateTime.new(0001, 01, 01)
|
71
|
-
newest_plugin = nil
|
66
|
+
plugin = Plugin.find_by_id(@info[:plugin_id])
|
72
67
|
|
73
|
-
|
74
|
-
plugin = Plugin.
|
68
|
+
if plugin == nil
|
69
|
+
plugin = Plugin.new
|
70
|
+
end
|
75
71
|
|
76
|
-
|
77
|
-
|
72
|
+
# Populate items from post process module
|
73
|
+
plugin.id = @info[:plugin_id]
|
74
|
+
plugin.plugin_name = @info[:plugin_name]
|
75
|
+
plugin.description = @info[:description]
|
76
|
+
plugin.plugin_version = @info[:version]
|
77
|
+
plugin.plugin_publication_date = @info[:publication_date]
|
78
|
+
plugin.plugin_modification_date = @info[:modification_date]
|
79
|
+
|
80
|
+
# Boiler plate for all roll up plugins
|
81
|
+
plugin.family_name = "Risu Rollup Plugins"
|
82
|
+
plugin.synopsis = "Software often has vulnerabilities that are corrected in newer versions. It was determined that an older version of the software is installed on this system."
|
83
|
+
plugin.solution = "If possible, update to the latest version of the software."
|
84
|
+
plugin.plugin_type = "Rollup"
|
85
|
+
plugin.rollup = true
|
86
|
+
plugin.compliance = false
|
87
|
+
|
88
|
+
# Find oldest vuln date.
|
89
|
+
begin
|
90
|
+
p = Plugin.where(:id => @info[:plugin_ids]).where.not(:vuln_publication_date => nil).order(:vuln_publication_date).first
|
91
|
+
unless p.nil?
|
92
|
+
plugin.vuln_publication_date = p.vuln_publication_date
|
78
93
|
end
|
94
|
+
end
|
79
95
|
|
80
|
-
|
81
|
-
|
82
|
-
|
96
|
+
begin
|
97
|
+
p = Plugin.where(:id => @info[:plugin_ids]).where.not(:cvss_base_score => nil).order(:cvss_base_score).last
|
98
|
+
unless p.nil?
|
99
|
+
plugin.cvss_base_score = p.cvss_base_score
|
100
|
+
plugin.cvss_vector = p.cvss_vector
|
83
101
|
end
|
84
102
|
end
|
85
103
|
|
86
|
-
|
87
|
-
|
104
|
+
begin
|
105
|
+
p = Plugin.where(:id => @info[:plugin_ids]).where.not(:cvss_temporal_score => nil).order(:cvss_temporal_score).last
|
106
|
+
unless p.nil?
|
107
|
+
plugin.cvss_temporal_score = p.cvss_temporal_score
|
108
|
+
plugin.cvss_temporal_vector = p.cvss_temporal_vector
|
109
|
+
end
|
110
|
+
end
|
88
111
|
|
89
|
-
|
90
|
-
|
91
|
-
|
112
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_available => true).count > 0
|
113
|
+
plugin.exploit_available = true
|
114
|
+
end
|
92
115
|
|
93
|
-
|
116
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_framework_core => "true").count > 0
|
117
|
+
plugin.exploit_framework_core = true
|
118
|
+
end
|
94
119
|
|
95
|
-
|
120
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_framework_metasploit => "true").count > 0
|
121
|
+
plugin.exploit_framework_metasploit = true
|
122
|
+
end
|
96
123
|
|
97
|
-
if
|
98
|
-
|
124
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_framework_canvas => "true").count > 0
|
125
|
+
plugin.exploit_framework_canvas = true
|
99
126
|
end
|
100
127
|
|
101
|
-
if
|
102
|
-
plugin =
|
128
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_framework_exploithub => "true").count > 0
|
129
|
+
plugin.exploit_framework_exploithub = true
|
103
130
|
end
|
104
131
|
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
132
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploit_framework_d2_elliot => "true").count > 0
|
133
|
+
plugin.exploit_framework_d2_elliot = true
|
134
|
+
end
|
135
|
+
|
136
|
+
if Plugin.where(:id => @info[:plugin_ids], :in_the_news => true).count > 0
|
137
|
+
plugin.in_the_news = true
|
138
|
+
end
|
139
|
+
|
140
|
+
if Plugin.where(:id => @info[:plugin_ids], :exploited_by_malware => "true").count > 0
|
141
|
+
plugin.exploited_by_malware = true
|
142
|
+
end
|
143
|
+
|
144
|
+
["Critical", "High", "Medium", "Low", "Info"].each do |risk|
|
145
|
+
if Plugin.where(:id => @info[:plugin_ids], :risk_factor => risk).size > 0
|
146
|
+
plugin.risk_factor = risk
|
147
|
+
break
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
begin
|
152
|
+
p = Plugin.where(:id => @info[:plugin_ids]).where.not(:stig_severity => nil).order(:stig_severity).first
|
153
|
+
unless p.nil?
|
154
|
+
plugin.stig_severity = p.stig_severity
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
# Broken
|
159
|
+
#plugin.references << References.where(:plugin_id => @info[:plugin_ids], :reference_name => "cve")
|
122
160
|
|
123
161
|
plugin.save
|
124
162
|
end
|
125
163
|
|
126
164
|
#
|
127
|
-
def create_item
|
165
|
+
def create_item host_id, severity
|
128
166
|
item = Item.new
|
129
167
|
|
130
168
|
item.host_id = host_id
|
@@ -138,24 +176,12 @@ module Risu
|
|
138
176
|
end
|
139
177
|
|
140
178
|
#
|
141
|
-
def
|
142
|
-
@info[:plugin_ids].
|
143
|
-
if Item.where(:plugin_id => plugin_id)
|
144
|
-
return true
|
145
|
-
end
|
146
|
-
end
|
147
|
-
|
148
|
-
return false
|
179
|
+
def has_findings
|
180
|
+
Item.where(:plugin_id => @info[:plugin_ids]).count > 0
|
149
181
|
end
|
150
182
|
|
151
|
-
def
|
152
|
-
@info[:plugin_ids].
|
153
|
-
if Item.where(:plugin_id => plugin_id).where(:host_id => host_id).count >= 1
|
154
|
-
return true
|
155
|
-
end
|
156
|
-
end
|
157
|
-
|
158
|
-
return false
|
183
|
+
def has_host_findings(host_id)
|
184
|
+
Item.where(:plugin_id => @info[:plugin_ids]).where(:host_id => host_id).count > 0
|
159
185
|
end
|
160
186
|
|
161
187
|
#
|
@@ -169,20 +195,20 @@ module Risu
|
|
169
195
|
|
170
196
|
#
|
171
197
|
def run
|
172
|
-
if !
|
198
|
+
if !has_findings()
|
173
199
|
return
|
174
200
|
end
|
175
201
|
|
176
|
-
#
|
177
|
-
|
202
|
+
# If this is a "roll up" post-process, create a plugin
|
203
|
+
if Plugin.where(:id => @info[:plugin_ids]).count > 0
|
204
|
+
create_plugin()
|
205
|
+
end
|
178
206
|
|
179
207
|
Host.all.each do |host|
|
180
|
-
if !
|
208
|
+
if !has_host_findings(host.id)
|
181
209
|
next
|
182
210
|
end
|
183
211
|
|
184
|
-
#puts "Found host with reader finding #{host.ip}"
|
185
|
-
|
186
212
|
finding_severity = 0
|
187
213
|
|
188
214
|
@info[:plugin_ids].each do |plugin_id|
|