ruby-nessus 0.1.4 → 1.0.0

data/lib/ruby-nessus/Version2/event.rb

@@ -0,0 +1,333 @@
+require 'ruby-nessus/Version2/port'
+
+module Nessus
+  module Version2
+
+    class Event
+      # Event
+      attr_reader :event
+
+      def initialize(event)
+        @event = event
+      end
+
+      #
+      # Return the event port.
+      #
+      # @return [Object]
+      #    Return the event port object or port string.
+      #
+      # @example
+      #   event.port            #=> "https (443/tcp)"
+      #   event.port.number     #=> 443
+      #   event.port.service    #=> "https"
+      #   event.port.protocol   #=> "tcp"
+      #
+      def port
+        @port ||= Port.new(@event.at('@port'), @event.at('@svc_name'), @event.at('@protocol'))
+      end
+
+      #
+      # Return the event severity.
+      #
+      # @return [String]
+      #    Return the event severity.
+      #
+      # @example
+      #   event.severity          #=> 3
+      #   event.severity.in_words #=> "High Severity"
+      #
+      # @see String#in_words
+      #
+      def severity
+        @severity ||= @event.at('@severity').inner_text.to_i
+      end
+
+      #
+      # Return true if event is of informational severity.
+      #
+      # @return [Boolean]
+      #    Return true if the event is informational.
+      #
+      def informational?
+        severity == 0
+      end
+
+      #
+      # Return ture if the event is of low severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is low severity.
+      # 
+      def low?
+        severity == 1
+      end
+
+      #
+      # Return ture if the event is of medium severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is medium severity.
+      #
+      def medium?
+        severity == 2
+      end
+
+      #
+      # Return ture if the event is of high severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is high severity.
+      #
+      def high?
+        severity == 3
+      end
+
+      #
+      # Return the event object nessus plugin id
+      #
+      # @return [String]
+      #    Return the event object nessus plugin id
+      #
+      # @example
+      #   event.plugin_id #=> 3245
+      #
+      def id
+        @plugin_id ||= @event.at('@pluginID').inner_text.to_i
+      end
+      alias plugin_id id
+
+      #
+      # Return the event object plugin family name.
+      #
+      # @return [String]
+      #   Return the event object plugin family name.
+      #
+      # @example
+      #   event.family #=> "Service detection"
+      #
+      def family
+        @plugin_family ||= @event.at('@pluginFamily').inner_text
+      end
+      alias plugin_family family
+
+      #
+      # Return the event name (plugin_name)
+      #
+      # @return [String, false]
+      #    Return the event name (plugin_name)
+      #
+      # @example
+      #   event.plugin_name   #=> "PHP < 5.2.4 Multiple Vulnerabilities"
+      #   event.name          #=> "PHP < 5.2.4 Multiple Vulnerabilities"
+      #
+      def plugin_name
+        s = @event.at('@pluginName').inner_text
+
+        @plugin_name ||= if s.empty?
+          false
+        else
+          @event.at('@pluginName').inner_text
+        end
+
+        return @plugin_name
+      end
+      alias name plugin_name
+
+      #
+      # Return the event synopsis.
+      #
+      # @return [String, false]
+      #    Return the event synopsis.
+      #
+      def synopsis
+        @synopsis ||= if @event.at('synopsis')
+          @event.at('synopsis').inner_text
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event description.
+      #
+      # @return [String, false]
+      #    Return the event description.
+      #
+      def description
+        @description ||= if @event.at('description')
+          @event.at('description').inner_text
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event solution.
+      #
+      # @return [String, false]
+      #    Return the event solution.
+      #
+      def solution
+        @solution ||= if @event.at('solution')
+          @event.at('solution').inner_text
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event risk.
+      #
+      # @return [String, false]
+      #    Return the event risk.
+      #
+      def risk
+        @risk_factor ||= if @event.at('risk_factor')
+          @event.at('risk_factor').inner_text
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event plugin output.
+      #
+      # @return [String, false]
+      #    Return the event plugin output.
+      #
+      def output
+        @plugin_output ||= if @event.at('plugin_output')
+          @event.at('plugin_output').inner_text
+        else
+          false
+        end
+      end
+      alias data output
+      alias plugin_output output
+
+      #
+      # Return the event plugin version.
+      #
+      # @return [String, false]
+      #    Return the event plugin version.
+      #
+      def version
+        @plugin_version ||= if @event.at('plugin_version')
+          @event.at('plugin_version').inner_text
+        else
+          false
+        end
+      end
+      alias plugin_version version
+
+      #
+      # Return the event reference links.
+      #
+      # @return [String, false]
+      #    Return the event reference links.
+      #
+      def see_also
+        unless @see_also
+          @see_also = []
+          @event.xpath("see_also").each do |see_also|
+            @see_also << see_also.inner_text
+          end
+        end
+        @see_also
+      end
+      alias links see_also
+      alias more see_also
+      alias references see_also
+
+      #
+      # Return the event patch publication date.
+      #
+      # @return [String, false]
+      #    Return the event patch publication date.
+      #
+      def patch_publication_date
+        @patch_publication_date ||= if @event.at('patch_publication_date')
+          DateTime.strptime(@event.at('patch_publication_date').inner_text, fmt='%Y/%m/%d')
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event cvss base score.
+      #
+      # @return [String, false]
+      #    Return the event cvss base score.
+      #
+      def cvss_base_score
+        @cvss_base_score ||= if @event.at('cvss_base_score')
+          @event.at('cvss_base_score').inner_text.to_f
+        else
+          false
+        end
+      end
+      
+      #
+      # Return the event cve.
+      #
+      # @return [String, false]
+      #    Return the event cvss base score.
+      #
+      def cve
+        @cve ||= if @event.at('cve')
+          @event.at('cve').inner_text
+        else
+          false
+        end
+      end
+
+      #
+      # Return the event bid.
+      #
+      # @return [String, false]
+      #    Return the event bid.
+      #
+      def bid
+        @bid ||= if @event.at('bid')
+          @event.at('bid').inner_text.to_i
+        else
+          false
+        end
+      end
+
+      #
+      # Return other event related references.
+      #
+      # @return [String, false]
+      #    Return the event related references.
+      #
+      def xref
+        unless @xref
+          @xref = []
+          @event.xpath("xref").each do |xref|
+            @xref << xref.inner_text
+          end
+        end
+        @xref
+      end
+
+      #
+      # Return other event cvss vector.
+      #
+      # @return [String, false]
+      #    Return the event cvss vector.
+      #
+      def cvss_vector
+        @cvss_vector ||= if @event.at('cvss_vector')
+          @event.at('cvss_vector').inner_text
+        else
+          false
+        end
+      end
+
+    end
+
+  end
+
+end

data/lib/ruby-nessus/Version2/host.rb

@@ -0,0 +1,528 @@
+module Nessus
+  module Version2
+
+    class Host
+      include Enumerable
+
+      # Host
+      attr_reader :host
+
+      #
+      # Creates A New Host Object
+      #
+      # @param [Object] Host Object
+      #
+      # @example
+      # Host.new(object)
+      #
+      def initialize(host)
+        @host = host
+      end
+
+      #
+      # Return the Host Object hostname.
+      #
+      # @return [String]
+      #   The Host Object Hostname
+      #
+      # @example
+      #   host.hostname #=> "example.com"
+      #
+      def hostname
+        @hostname ||= @host.at('tag[name=host-fqdn]').inner_text
+      end
+      alias name hostname
+      alias fqdn hostname
+      alias dns_name hostname
+
+      #
+      # Return the Host Object IP.
+      #
+      # @return [String]
+      #   The Host Object IP
+      #
+      # @example
+      #   host.ip #=> "127.0.0.1"
+      #
+      def ip
+        @ip ||= @host.at('tag[name=host-ip]').inner_text
+      end
+
+      #
+      # Return the host scan start time.
+      #
+      # @return [DateTime]
+      #   The Host Scan Start Time
+      #
+      # @example
+      #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
+      #
+      def start_time
+        if @host.at('tag[name=HOST_START]').inner_text.blank?
+          return false
+        else
+          @host_scan_start_time = DateTime.strptime(@host.at('tag[name=HOST_START]').inner_text, fmt='%a %b %d %H:%M:%S %Y')
+        end
+      end
+
+      #
+      # Return the host scan stop time.
+      #
+      # @return [DateTime]
+      #   The Host Scan Stop Time
+      #
+      # @example
+      #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
+      #
+      def stop_time
+        if @host.at('tag[name=HOST_END]').inner_text.blank?
+          return false
+        else
+          @host_scan_stop_time = DateTime.strptime(@host.at('tag[name=HOST_END]').inner_text, fmt='%a %b %d %H:%M:%S %Y')
+        end
+      end
+
+      #
+      # Return the host run time.
+      #
+      # @return [String]
+      #   The Host Scan Run Time
+      #
+      # @example
+      #   scan.scan_run_time #=> '2 hours 5 minutes and 16 seconds'
+      #
+      def runtime
+        h = ("#{Time.parse(stop_time.to_s).strftime('%H').to_i - Time.parse(start_time.to_s).strftime('%H').to_i}").gsub('-', '')
+        m = ("#{Time.parse(stop_time.to_s).strftime('%M').to_i - Time.parse(start_time.to_s).strftime('%M').to_i}").gsub('-', '')
+        s = ("#{Time.parse(stop_time.to_s).strftime('%S').to_i - Time.parse(start_time.to_s).strftime('%S').to_i}").gsub('-', '')
+        return "#{h} hours #{m} minutes and #{s} seconds"
+      end
+
+      #
+      # Return the Host Netbios Name.
+      #
+      # @return [String]
+      #   The Host Netbios Name
+      #
+      # @example
+      #   host.netbios_name #=> "SOMENAME4243"
+      #
+      def netbios_name
+        @netbios_name ||= @host.at('tag[name=netbios-name]').inner_text
+      end
+
+      #
+      # Return the Host Mac Address.
+      #
+      # @return [String]
+      #   Return the Host Mac Address
+      #
+      # @example
+      #   host.mac_addr #=> "00:11:22:33:44:55"
+      #
+      def mac_addr
+        @mac_addr ||= @host.at('tag[name=mac-addr]').inner_text
+      end
+      alias mac_address mac_addr
+
+      #
+      # Return the Host OS Name.
+      #
+      # @return [String]
+      #   Return the Host OS Name
+      #
+      # @example
+      #   host.dns_name #=> "Microsoft Windows 2000, Microsoft Windows Server 2003"
+      #
+      def os_name
+        @os_name ||= @host.at('tag[name=operating-system]').inner_text
+      end
+      alias os os_name
+      alias operating_system os_name
+
+      #
+      # Return the open ports for a given host object.
+      #
+      # @return [Integer]
+      #   Return the open ports for a given host object.
+      #
+      # @example
+      #   host.open_ports #=> 213
+      #
+      def open_ports
+        @scanned_ports ||= host_stats[:open_ports].to_i
+      end
+
+      #
+      # Returns All Informational Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Informational Event Count For A Given Host.
+      #
+      # @example
+      #   host.informational_severity_events do |info|
+      #     puts info.port
+      #     puts info.data if info.data
+      #   end
+      #
+      def informational_severity_events(&block)
+        unless @informational_events
+          @informational_events = []
+
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 0
+            @informational_events << Event.new(event)
+          end
+
+        end
+
+        @informational_events.each(&block)
+      end
+
+      #
+      # Returns All Low Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Low Event Count For A Given Host.
+      #
+      # @example
+      #   host.low_severity_events do |low|
+      #     puts low.name if low.name
+      #   end
+      #
+      def low_severity_events(&block)
+
+        unless @low_severity_events
+          @low_severity_events = []
+
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 1
+            @low_severity_events << Event.new(event)
+          end
+
+        end
+
+        @low_severity_events.each(&block)
+      end
+
+      #
+      # Returns All Medium Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Medium Event Count For A Given Host.
+      #
+      # @example
+      #   host.medium_severity_events do |medium|
+      #     puts medium.name if medium.name
+      #   end
+      #
+      def medium_severity_events(&block)
+
+        unless @medium_severity_events
+          @medium_severity_events = []
+
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 2
+            @medium_severity_events << Event.new(event)
+          end
+
+        end
+
+        @medium_severity_events.each(&block)
+      end
+      
+      def medium_severity
+        Enumerator.new(self,:medium_severity_events).to_a
+      end
+
+      #
+      # Returns All High Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The High Event Count For A Given Host.
+      #
+      # @example
+      #   host.high_severity_events do |high|
+      #     puts high.name if high.name
+      #   end
+      #
+      def high_severity_events(&block)
+
+        unless @high_severity_events
+          @high_severity_events = []
+
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 3
+            @high_severity_events << Event.new(event)
+          end
+
+        end
+
+        @high_severity_events.each(&block)
+      end
+
+      #
+      # Return the total event count for a given host.
+      #
+      # @return [Integer]
+      #   Return the total event count for a given host.
+      #
+      # @example
+      #   host.event_count #=> 3456
+      #
+      def event_count
+        ((low_severity_events.to_i) + (medium_severity_events.to_i) + (high_severity_events.to_i)).to_i
+      end
+
+      #
+      # Creates a new Event object to be parser
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @example
+      #   host.each_event do |event|
+      #     puts event.name if event.name
+      #     puts event.port
+      #   end
+      #
+      def each_event(&block)
+        @host.xpath("ReportItem").each do |event|
+          block.call(Event.new(event)) if block
+        end
+      end
+
+      #
+      # Parses the events of the host.
+      #
+      # @return [Array<String>]
+      #   The events of the host.
+      #
+      def events
+        Enumerator.new(self,:each_event).to_a
+      end
+
+      #
+      # Return the Open Ports count.
+      #
+      # @return [Array]
+      #   The Open Ports Count
+      #
+      # @example
+      #   scan.ports #=> ['22', '80', '443']
+      #
+      def ports
+        unless @ports
+          @ports = []
+          @host.xpath("ReportItem").each do |port|
+            @ports << port['port']
+          end
+          @ports.uniq!
+          @ports.sort!
+        end
+        @ports
+      end
+
+      #
+      # Return the TCP Event Count.
+      #
+      # @return [Integer]
+      #   The TCP Event Count
+      #
+      # @example
+      #   scan.tcp_count #=> 3
+      #
+      def tcp_count
+        host_stats[:tcp].to_i
+      end
+
+      #
+      # Return the UDP Event Count.
+      #
+      # @return [Integer]
+      #   The UDP Event Count
+      #
+      # @example
+      #   scan.udp_count #=> 3
+      #
+      def udp_count
+        host_stats[:udp].to_i
+      end
+
+      #
+      # Return the ICMP Event Count.
+      #
+      # @return [Integer]
+      #   The ICMP Event Count
+      #
+      # @example
+      #   scan.icmp_count #=> 3
+      #
+      def icmp_count
+        host_stats[:icmp].to_i
+      end
+
+      #
+      # Return the informational severity count.
+      #
+      # @return [Integer]
+      #   The Informational Severity Count
+      #
+      # @example
+      #   scan.informational_severity_count #=> 1203
+      #
+      def informational_severity_count
+        host_stats[:informational].to_i
+      end
+
+      #
+      # Return the High severity count.
+      #
+      # @return [Integer]
+      #   The High Severity Count
+      #
+      # @example
+      #   scan.high_severity_count #=> 10
+      #
+      def high_severity_count
+        host_stats[:high].to_i
+      end
+
+      #
+      # Return the Medium severity count.
+      #
+      # @return [Integer]
+      #   The Medium Severity Count
+      #
+      # @example
+      #   scan.medium_severity_count #=> 234
+      #
+      def medium_severity_count
+        host_stats[:medium].to_i
+      end
+
+      #
+      # Return the Low severity count.
+      #
+      # @return [Integer]
+      #   The Low Severity Count
+      #
+      # @example
+      #   scan.low_severity_count #=> 114
+      #
+      def low_severity_count
+        host_stats[:low].to_i
+      end
+
+      #
+      # Return the Total severity count. [high, medium, low, informational]
+      #
+      # @return [Integer]
+      #   The Total Severity Count
+      #
+      # @example
+      #   scan.total_event_count #=> 1561
+      #
+      def total_event_count(count_informational = false)
+        if count_informational
+          host_stats[:all].to_i + informational_severity_count
+        else
+          host_stats[:all].to_i
+        end
+      end
+
+      #
+      # Return the Total severity count.
+      #
+      # @param [String] severity the severity in which to calculate percentage for.
+      #
+      # @param [true, false] round round the result to the nearest whole number.
+      #
+      # @raise [ExceptionClass] One of the following severity options must be passed. [high, medium, low, informational, all]
+      #
+      # @return [Integer]
+      #   The Percentage Of Events For A Passed Severity
+      #
+      # @example
+      #   scan.event_percentage_for("low", true) #=> 11%
+      #
+      def event_percentage_for(type, round_percentage=false)
+        @sc ||= host_stats
+        if %W(high medium low tcp udp icmp all).include?(type)
+          calc = ((@sc[:"#{type}"].to_f / (@sc[:all].to_f)) * 100)
+          if round_percentage
+            return "#{calc.round}"
+          else
+            return "#{calc}"
+          end
+        else
+          raise "Error: #{type} is not an acceptable severity. Possible options include: all, tdp, udp, icmp, high, medium and low."
+        end
+      end
+      
+      private
+
+        def host_stats
+
+          unless @host_stats
+            @host_stats = {}
+            @open_ports, @tcp, @udp, @icmp, @informational, @low, @medium, @high = 0,0,0,0,0,0,0,0
+
+            @host.xpath("ReportItem").each do |s|
+              case s['severity'].to_i
+                when 0
+                  @informational += 1
+                when 1
+                  @low += 1
+                when 2
+                  @medium += 1
+                when 3
+                  @high += 1
+              end
+
+              unless s['severity'].to_i == 0
+                @tcp += 1 if s['protocol'] == 'tcp'
+                @udp += 1 if s['protocol'] == 'udp'
+                @icmp += 1 if s['protocol'] == 'icmp'
+              end
+
+              @open_ports += 1 if s['port'].to_i != 0
+            end
+
+            @host_stats = {:open_ports => @open_ports,
+                      :tcp => @tcp,
+                      :udp => @udp,
+                      :icmp => @icmp,
+                      :informational => @informational,
+                      :low => @low,
+                      :medium => @medium,
+                      :high => @high,
+                      :all => (@low + @medium + @high)}
+
+          end
+          @host_stats
+        end
+
+    end
+  end
+end