RubyGems - ruby-nessus - Versions diffs - 0.1.4 → 1.0.0 - Mend

ruby-nessus 0.1.4 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

data/README.rdoc +21 -16
data/VERSION +1 -1
data/examples/example.rb +61 -40
data/examples/{example.nessus → example_v1.nessus} +0 -0
data/examples/example_v2.nessus +2076 -0
data/lib/ruby-nessus/Version1/event.rb +92 -0
data/lib/ruby-nessus/Version1/host.rb +260 -0
data/lib/ruby-nessus/Version1/port.rb +91 -0
data/lib/ruby-nessus/Version1/version1.rb +391 -0
data/lib/ruby-nessus/Version2/event.rb +333 -0
data/lib/ruby-nessus/Version2/host.rb +528 -0
data/lib/ruby-nessus/Version2/port.rb +79 -0
data/lib/ruby-nessus/Version2/version2.rb +359 -0
data/lib/ruby-nessus/nessus.rb +1 -9
data/lib/ruby-nessus/parse.rb +35 -0
data/spec/{event_spec.rb → Version1/event_spec.rb} +5 -5
data/spec/{host_spec.rb → Version1/host_spec.rb} +3 -3
data/spec/{xml_spec.rb → Version1/scan_spec.rb} +2 -2
data/spec/Version2/event_spec.rb +116 -0
data/spec/Version2/host_spec.rb +55 -0
data/spec/Version2/scan_spec.rb +59 -0
data/spec/helpers/{example.nessus → example_v1.nessus} +0 -0
data/spec/helpers/example_v2.nessus +2076 -0
data/spec/helpers/xml.rb +2 -1
data/tasks/yard.rb +1 -7
metadata +27 -17
data/examples/pdf_example.rb +0 -73
data/examples/ruby-nessus-example.pdf +0 -522
data/lib/ruby-nessus/event.rb +0 -87
data/lib/ruby-nessus/host.rb +0 -254
data/lib/ruby-nessus/port.rb +0 -86
data/lib/ruby-nessus/xml.rb +0 -298

data/lib/ruby-nessus/Version2/event.rb ADDED Viewed

@@ -0,0 +1,333 @@
+require 'ruby-nessus/Version2/port'
+module Nessus
+  module Version2
+    class Event
+      # Event
+      attr_reader :event
+      def initialize(event)
+        @event = event
+      end
+      #
+      # Return the event port.
+      #
+      # @return [Object]
+      #    Return the event port object or port string.
+      #
+      # @example
+      #   event.port            #=> "https (443/tcp)"
+      #   event.port.number     #=> 443
+      #   event.port.service    #=> "https"
+      #   event.port.protocol   #=> "tcp"
+      #
+      def port
+        @port ||= Port.new(@event.at('@port'), @event.at('@svc_name'), @event.at('@protocol'))
+      end
+      #
+      # Return the event severity.
+      #
+      # @return [String]
+      #    Return the event severity.
+      #
+      # @example
+      #   event.severity          #=> 3
+      #   event.severity.in_words #=> "High Severity"
+      #
+      # @see String#in_words
+      #
+      def severity
+        @severity ||= @event.at('@severity').inner_text.to_i
+      end
+      #
+      # Return true if event is of informational severity.
+      #
+      # @return [Boolean]
+      #    Return true if the event is informational.
+      #
+      def informational?
+        severity == 0
+      end
+      #
+      # Return ture if the event is of low severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is low severity.
+      #
+      def low?
+        severity == 1
+      end
+      #
+      # Return ture if the event is of medium severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is medium severity.
+      #
+      def medium?
+        severity == 2
+      end
+      #
+      # Return ture if the event is of high severity.
+      #
+      # @return [Boolean]
+      #   Return true if the event is high severity.
+      #
+      def high?
+        severity == 3
+      end
+      #
+      # Return the event object nessus plugin id
+      #
+      # @return [String]
+      #    Return the event object nessus plugin id
+      #
+      # @example
+      #   event.plugin_id #=> 3245
+      #
+      def id
+        @plugin_id ||= @event.at('@pluginID').inner_text.to_i
+      end
+      alias plugin_id id
+      #
+      # Return the event object plugin family name.
+      #
+      # @return [String]
+      #   Return the event object plugin family name.
+      #
+      # @example
+      #   event.family #=> "Service detection"
+      #
+      def family
+        @plugin_family ||= @event.at('@pluginFamily').inner_text
+      end
+      alias plugin_family family
+      #
+      # Return the event name (plugin_name)
+      #
+      # @return [String, false]
+      #    Return the event name (plugin_name)
+      #
+      # @example
+      #   event.plugin_name   #=> "PHP < 5.2.4 Multiple Vulnerabilities"
+      #   event.name          #=> "PHP < 5.2.4 Multiple Vulnerabilities"
+      #
+      def plugin_name
+        s = @event.at('@pluginName').inner_text
+        @plugin_name ||= if s.empty?
+          false
+        else
+          @event.at('@pluginName').inner_text
+        end
+        return @plugin_name
+      end
+      alias name plugin_name
+      #
+      # Return the event synopsis.
+      #
+      # @return [String, false]
+      #    Return the event synopsis.
+      #
+      def synopsis
+        @synopsis ||= if @event.at('synopsis')
+          @event.at('synopsis').inner_text
+        else
+          false
+        end
+      end
+      #
+      # Return the event description.
+      #
+      # @return [String, false]
+      #    Return the event description.
+      #
+      def description
+        @description ||= if @event.at('description')
+          @event.at('description').inner_text
+        else
+          false
+        end
+      end
+      #
+      # Return the event solution.
+      #
+      # @return [String, false]
+      #    Return the event solution.
+      #
+      def solution
+        @solution ||= if @event.at('solution')
+          @event.at('solution').inner_text
+        else
+          false
+        end
+      end
+      #
+      # Return the event risk.
+      #
+      # @return [String, false]
+      #    Return the event risk.
+      #
+      def risk
+        @risk_factor ||= if @event.at('risk_factor')
+          @event.at('risk_factor').inner_text
+        else
+          false
+        end
+      end
+      #
+      # Return the event plugin output.
+      #
+      # @return [String, false]
+      #    Return the event plugin output.
+      #
+      def output
+        @plugin_output ||= if @event.at('plugin_output')
+          @event.at('plugin_output').inner_text
+        else
+          false
+        end
+      end
+      alias data output
+      alias plugin_output output
+      #
+      # Return the event plugin version.
+      #
+      # @return [String, false]
+      #    Return the event plugin version.
+      #
+      def version
+        @plugin_version ||= if @event.at('plugin_version')
+          @event.at('plugin_version').inner_text
+        else
+          false
+        end
+      end
+      alias plugin_version version
+      #
+      # Return the event reference links.
+      #
+      # @return [String, false]
+      #    Return the event reference links.
+      #
+      def see_also
+        unless @see_also
+          @see_also = []
+          @event.xpath("see_also").each do |see_also|
+            @see_also << see_also.inner_text
+          end
+        end
+        @see_also
+      end
+      alias links see_also
+      alias more see_also
+      alias references see_also
+      #
+      # Return the event patch publication date.
+      #
+      # @return [String, false]
+      #    Return the event patch publication date.
+      #
+      def patch_publication_date
+        @patch_publication_date ||= if @event.at('patch_publication_date')
+          DateTime.strptime(@event.at('patch_publication_date').inner_text, fmt='%Y/%m/%d')
+        else
+          false
+        end
+      end
+      #
+      # Return the event cvss base score.
+      #
+      # @return [String, false]
+      #    Return the event cvss base score.
+      #
+      def cvss_base_score
+        @cvss_base_score ||= if @event.at('cvss_base_score')
+          @event.at('cvss_base_score').inner_text.to_f
+        else
+          false
+        end
+      end
+      #
+      # Return the event cve.
+      #
+      # @return [String, false]
+      #    Return the event cvss base score.
+      #
+      def cve
+        @cve ||= if @event.at('cve')
+          @event.at('cve').inner_text
+        else
+          false
+        end
+      end
+      #
+      # Return the event bid.
+      #
+      # @return [String, false]
+      #    Return the event bid.
+      #
+      def bid
+        @bid ||= if @event.at('bid')
+          @event.at('bid').inner_text.to_i
+        else
+          false
+        end
+      end
+      #
+      # Return other event related references.
+      #
+      # @return [String, false]
+      #    Return the event related references.
+      #
+      def xref
+        unless @xref
+          @xref = []
+          @event.xpath("xref").each do |xref|
+            @xref << xref.inner_text
+          end
+        end
+        @xref
+      end
+      #
+      # Return other event cvss vector.
+      #
+      # @return [String, false]
+      #    Return the event cvss vector.
+      #
+      def cvss_vector
+        @cvss_vector ||= if @event.at('cvss_vector')
+          @event.at('cvss_vector').inner_text
+        else
+          false
+        end
+      end
+    end
+  end
+end

data/lib/ruby-nessus/Version2/host.rb ADDED Viewed

@@ -0,0 +1,528 @@
+module Nessus
+  module Version2
+    class Host
+      include Enumerable
+      # Host
+      attr_reader :host
+      #
+      # Creates A New Host Object
+      #
+      # @param [Object] Host Object
+      #
+      # @example
+      # Host.new(object)
+      #
+      def initialize(host)
+        @host = host
+      end
+      #
+      # Return the Host Object hostname.
+      #
+      # @return [String]
+      #   The Host Object Hostname
+      #
+      # @example
+      #   host.hostname #=> "example.com"
+      #
+      def hostname
+        @hostname ||= @host.at('tag[name=host-fqdn]').inner_text
+      end
+      alias name hostname
+      alias fqdn hostname
+      alias dns_name hostname
+      #
+      # Return the Host Object IP.
+      #
+      # @return [String]
+      #   The Host Object IP
+      #
+      # @example
+      #   host.ip #=> "127.0.0.1"
+      #
+      def ip
+        @ip ||= @host.at('tag[name=host-ip]').inner_text
+      end
+      #
+      # Return the host scan start time.
+      #
+      # @return [DateTime]
+      #   The Host Scan Start Time
+      #
+      # @example
+      #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
+      #
+      def start_time
+        if @host.at('tag[name=HOST_START]').inner_text.blank?
+          return false
+        else
+          @host_scan_start_time = DateTime.strptime(@host.at('tag[name=HOST_START]').inner_text, fmt='%a %b %d %H:%M:%S %Y')
+        end
+      end
+      #
+      # Return the host scan stop time.
+      #
+      # @return [DateTime]
+      #   The Host Scan Stop Time
+      #
+      # @example
+      #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
+      #
+      def stop_time
+        if @host.at('tag[name=HOST_END]').inner_text.blank?
+          return false
+        else
+          @host_scan_stop_time = DateTime.strptime(@host.at('tag[name=HOST_END]').inner_text, fmt='%a %b %d %H:%M:%S %Y')
+        end
+      end
+      #
+      # Return the host run time.
+      #
+      # @return [String]
+      #   The Host Scan Run Time
+      #
+      # @example
+      #   scan.scan_run_time #=> '2 hours 5 minutes and 16 seconds'
+      #
+      def runtime
+        h = ("#{Time.parse(stop_time.to_s).strftime('%H').to_i - Time.parse(start_time.to_s).strftime('%H').to_i}").gsub('-', '')
+        m = ("#{Time.parse(stop_time.to_s).strftime('%M').to_i - Time.parse(start_time.to_s).strftime('%M').to_i}").gsub('-', '')
+        s = ("#{Time.parse(stop_time.to_s).strftime('%S').to_i - Time.parse(start_time.to_s).strftime('%S').to_i}").gsub('-', '')
+        return "#{h} hours #{m} minutes and #{s} seconds"
+      end
+      #
+      # Return the Host Netbios Name.
+      #
+      # @return [String]
+      #   The Host Netbios Name
+      #
+      # @example
+      #   host.netbios_name #=> "SOMENAME4243"
+      #
+      def netbios_name
+        @netbios_name ||= @host.at('tag[name=netbios-name]').inner_text
+      end
+      #
+      # Return the Host Mac Address.
+      #
+      # @return [String]
+      #   Return the Host Mac Address
+      #
+      # @example
+      #   host.mac_addr #=> "00:11:22:33:44:55"
+      #
+      def mac_addr
+        @mac_addr ||= @host.at('tag[name=mac-addr]').inner_text
+      end
+      alias mac_address mac_addr
+      #
+      # Return the Host OS Name.
+      #
+      # @return [String]
+      #   Return the Host OS Name
+      #
+      # @example
+      #   host.dns_name #=> "Microsoft Windows 2000, Microsoft Windows Server 2003"
+      #
+      def os_name
+        @os_name ||= @host.at('tag[name=operating-system]').inner_text
+      end
+      alias os os_name
+      alias operating_system os_name
+      #
+      # Return the open ports for a given host object.
+      #
+      # @return [Integer]
+      #   Return the open ports for a given host object.
+      #
+      # @example
+      #   host.open_ports #=> 213
+      #
+      def open_ports
+        @scanned_ports ||= host_stats[:open_ports].to_i
+      end
+      #
+      # Returns All Informational Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Informational Event Count For A Given Host.
+      #
+      # @example
+      #   host.informational_severity_events do |info|
+      #     puts info.port
+      #     puts info.data if info.data
+      #   end
+      #
+      def informational_severity_events(&block)
+        unless @informational_events
+          @informational_events = []
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 0
+            @informational_events << Event.new(event)
+          end
+        end
+        @informational_events.each(&block)
+      end
+      #
+      # Returns All Low Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Low Event Count For A Given Host.
+      #
+      # @example
+      #   host.low_severity_events do |low|
+      #     puts low.name if low.name
+      #   end
+      #
+      def low_severity_events(&block)
+        unless @low_severity_events
+          @low_severity_events = []
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 1
+            @low_severity_events << Event.new(event)
+          end
+        end
+        @low_severity_events.each(&block)
+      end
+      #
+      # Returns All Medium Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Medium Event Count For A Given Host.
+      #
+      # @example
+      #   host.medium_severity_events do |medium|
+      #     puts medium.name if medium.name
+      #   end
+      #
+      def medium_severity_events(&block)
+        unless @medium_severity_events
+          @medium_severity_events = []
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 2
+            @medium_severity_events << Event.new(event)
+          end
+        end
+        @medium_severity_events.each(&block)
+      end
+      def medium_severity
+        Enumerator.new(self,:medium_severity_events).to_a
+      end
+      #
+      # Returns All High Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The High Event Count For A Given Host.
+      #
+      # @example
+      #   host.high_severity_events do |high|
+      #     puts high.name if high.name
+      #   end
+      #
+      def high_severity_events(&block)
+        unless @high_severity_events
+          @high_severity_events = []
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 3
+            @high_severity_events << Event.new(event)
+          end
+        end
+        @high_severity_events.each(&block)
+      end
+      #
+      # Return the total event count for a given host.
+      #
+      # @return [Integer]
+      #   Return the total event count for a given host.
+      #
+      # @example
+      #   host.event_count #=> 3456
+      #
+      def event_count
+        ((low_severity_events.to_i) + (medium_severity_events.to_i) + (high_severity_events.to_i)).to_i
+      end
+      #
+      # Creates a new Event object to be parser
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @example
+      #   host.each_event do |event|
+      #     puts event.name if event.name
+      #     puts event.port
+      #   end
+      #
+      def each_event(&block)
+        @host.xpath("ReportItem").each do |event|
+          block.call(Event.new(event)) if block
+        end
+      end
+      #
+      # Parses the events of the host.
+      #
+      # @return [Array<String>]
+      #   The events of the host.
+      #
+      def events
+        Enumerator.new(self,:each_event).to_a
+      end
+      #
+      # Return the Open Ports count.
+      #
+      # @return [Array]
+      #   The Open Ports Count
+      #
+      # @example
+      #   scan.ports #=> ['22', '80', '443']
+      #
+      def ports
+        unless @ports
+          @ports = []
+          @host.xpath("ReportItem").each do |port|
+            @ports << port['port']
+          end
+          @ports.uniq!
+          @ports.sort!
+        end
+        @ports
+      end
+      #
+      # Return the TCP Event Count.
+      #
+      # @return [Integer]
+      #   The TCP Event Count
+      #
+      # @example
+      #   scan.tcp_count #=> 3
+      #
+      def tcp_count
+        host_stats[:tcp].to_i
+      end
+      #
+      # Return the UDP Event Count.
+      #
+      # @return [Integer]
+      #   The UDP Event Count
+      #
+      # @example
+      #   scan.udp_count #=> 3
+      #
+      def udp_count
+        host_stats[:udp].to_i
+      end
+      #
+      # Return the ICMP Event Count.
+      #
+      # @return [Integer]
+      #   The ICMP Event Count
+      #
+      # @example
+      #   scan.icmp_count #=> 3
+      #
+      def icmp_count
+        host_stats[:icmp].to_i
+      end
+      #
+      # Return the informational severity count.
+      #
+      # @return [Integer]
+      #   The Informational Severity Count
+      #
+      # @example
+      #   scan.informational_severity_count #=> 1203
+      #
+      def informational_severity_count
+        host_stats[:informational].to_i
+      end
+      #
+      # Return the High severity count.
+      #
+      # @return [Integer]
+      #   The High Severity Count
+      #
+      # @example
+      #   scan.high_severity_count #=> 10
+      #
+      def high_severity_count
+        host_stats[:high].to_i
+      end
+      #
+      # Return the Medium severity count.
+      #
+      # @return [Integer]
+      #   The Medium Severity Count
+      #
+      # @example
+      #   scan.medium_severity_count #=> 234
+      #
+      def medium_severity_count
+        host_stats[:medium].to_i
+      end
+      #
+      # Return the Low severity count.
+      #
+      # @return [Integer]
+      #   The Low Severity Count
+      #
+      # @example
+      #   scan.low_severity_count #=> 114
+      #
+      def low_severity_count
+        host_stats[:low].to_i
+      end
+      #
+      # Return the Total severity count. [high, medium, low, informational]
+      #
+      # @return [Integer]
+      #   The Total Severity Count
+      #
+      # @example
+      #   scan.total_event_count #=> 1561
+      #
+      def total_event_count(count_informational = false)
+        if count_informational
+          host_stats[:all].to_i + informational_severity_count
+        else
+          host_stats[:all].to_i
+        end
+      end
+      #
+      # Return the Total severity count.
+      #
+      # @param [String] severity the severity in which to calculate percentage for.
+      #
+      # @param [true, false] round round the result to the nearest whole number.
+      #
+      # @raise [ExceptionClass] One of the following severity options must be passed. [high, medium, low, informational, all]
+      #
+      # @return [Integer]
+      #   The Percentage Of Events For A Passed Severity
+      #
+      # @example
+      #   scan.event_percentage_for("low", true) #=> 11%
+      #
+      def event_percentage_for(type, round_percentage=false)
+        @sc ||= host_stats
+        if %W(high medium low tcp udp icmp all).include?(type)
+          calc = ((@sc[:"#{type}"].to_f / (@sc[:all].to_f)) * 100)
+          if round_percentage
+            return "#{calc.round}"
+          else
+            return "#{calc}"
+          end
+        else
+          raise "Error: #{type} is not an acceptable severity. Possible options include: all, tdp, udp, icmp, high, medium and low."
+        end
+      end
+      private
+        def host_stats
+          unless @host_stats
+            @host_stats = {}
+            @open_ports, @tcp, @udp, @icmp, @informational, @low, @medium, @high = 0,0,0,0,0,0,0,0
+            @host.xpath("ReportItem").each do |s|
+              case s['severity'].to_i
+                when 0
+                  @informational += 1
+                when 1
+                  @low += 1
+                when 2
+                  @medium += 1
+                when 3
+                  @high += 1
+              end
+              unless s['severity'].to_i == 0
+                @tcp += 1 if s['protocol'] == 'tcp'
+                @udp += 1 if s['protocol'] == 'udp'
+                @icmp += 1 if s['protocol'] == 'icmp'
+              end
+              @open_ports += 1 if s['port'].to_i != 0
+            end
+            @host_stats = {:open_ports => @open_ports,
+                      :tcp => @tcp,
+                      :udp => @udp,
+                      :icmp => @icmp,
+                      :informational => @informational,
+                      :low => @low,
+                      :medium => @medium,
+                      :high => @high,
+                      :all => (@low + @medium + @high)}
+          end
+          @host_stats
+        end
+    end
+  end
+end