ruby-nessus 1.1.0 → 1.2.0

data/README.md

@@ -10,20 +10,19 @@ More Information:
 
 ## Install
 
-  sudo gem install ruby-nessus
+  ```sudo gem install ruby-nessus```
 
 ## Usage & Examples
 
-The below example illustrates how easy it really is to iterate of result data.
-  
+The below example illustrates how easy it really is to iterate over result data.
+```ruby  
   require 'rubygems'
-  require 'ruby-nessus'
+  require 'nessus'
 
   Nessus::Parse.new("example_v1.nessus", :version => 1) do |scan|
   # OR: Nessus::Parse.new("example_v2.nessus") do |scan|   <-- Ruby-Nessus will figured out the correct Nessus file version.
   
     puts scan.title                     # The Nessus Report Title.
-    puts scan.runtime                   # The Scan Runtime. #=> 2 hours 23 minutes 12 seconds
     puts scan.host_count                # Host Count.
     puts scan.unique_ports              # All Unique Ports Seen.
 
@@ -42,10 +41,10 @@ The below example illustrates how easy it really is to iterate of result data.
       end
     end
   end
-
+```
 
 You also have the ability to search for particular hostnames. In the near future I plan to add the ability to pass the hosts block a hash of options for more complex searches.
-
+```ruby
   scan.find_by_hostname("127.0.0.1") do |host|
 
     puts host.scan_start_time
@@ -59,9 +58,9 @@ You also have the ability to search for particular hostnames. In the near future
     end
 
   end
-
+```
 There are a bunch of convenient methods (maybe more then needed) added to make reporting a bit easier to produce quickly from a raw scan file. If you do not pass :version as an option it will default to the 2.0 .nessus schema.
-
+```ruby
   Nessus::Parse.new("example_v2.nessus") do |scan|
 
     puts scan.event_percentage_for('low', true) #=> 8%
@@ -95,17 +94,17 @@ There are a bunch of convenient methods (maybe more then needed) added to make r
     end
 
   end
-  
+```
 Ruby-Nessus also ships with a POC CLI application for the lib called 'recess':
-  
+```  
   Recess 0.1.1
   usage: recess FILE [OPTIONS]
       -f, --file FILE                  The .nessus file to parse.
       -h, --help                       This help summary page.
       -v, --version                    Recess Version.
-      
+```
 Below is example output generated by recess:
-  
+```  
   $> recess examples/example_v2.nessus 
   Recess - Ruby-Nessus CLI
   Version: 0.1.1
@@ -151,7 +150,7 @@ Below is example output generated by recess:
   		- Low Count: 13
   		- Medium Count: 2
   		- High Count: 0
-  
+```  
 ## Requirements
 * Ruby 1.8 or 1.9
 * Nokogiri http://github.com/tenderlove/nokogiri

data/examples/example.rb

@@ -1,44 +1,45 @@
+#!/usr/bin/env ruby
 $LOAD_PATH << File.expand_path(File.join(File.dirname(__FILE__),'..','lib'))
 
-#!/usr/bin/env ruby
 require 'rubygems'
 require 'nessus'
 
 # Ruby-Nessus Example
+#
+# This proc is called by scan.each_host in each variation of Nessus::Parse
+def print_info(host)
+  puts host.ip
+  puts host.hostname
+  puts host.os_name
+  puts host.runtime
 
-Nessus::Parse.new('example_v1.nessus') do |scan|  
-  
-  scan.each_host do |host|
-    puts host.ip
-    puts host.hostname
-    puts host.os_name
-    puts host.runtime
-    
-    #puts host.mac_addr
-    # puts host.event_percentage_for('icmp', true)
-    # puts host.ports.inspect
-    #   
-    # puts "\n"
-    # 
-    host.each_event do |event|
-      
-      puts "=> #{event.name}" if event.name
-      # puts event.synopsis if event.synopsis
-      # puts "\n"
-      # puts event.output
-      # puts "\n"
-      # puts event.patch_publication_date.pretty if event.patch_publication_data
-      # puts event.see_also unless event.see_also.empty?
-      # puts event.synopsis if event.synopsis
-      # puts event.solution if event.solution
-      
-    end
-    # 
+  # puts host.mac_addr
+  # puts host.event_percentage_for('icmp', true)
+  # puts host.ports.inspect
+
+  host.each_event do |event|
+    puts "=> #{event.name}" if event.name
+    # puts event.synopsis if event.synopsis
     # puts "\n"
+    # puts event.output
     # puts "\n"
-    
-    
+    # puts event.patch_publication_date.pretty if event.patch_publication_data
+    # puts event.see_also unless event.see_also.empty?
+    # puts event.synopsis if event.synopsis
+    # puts event.solution if event.solution
   end
-  
-  
+end
+
+# From a file:
+puts '+ Using a Nessus XML file:'
+Nessus::Parse.new('example_v1.nessus') do |scan|
+  scan.each_host(&method(:print_info))
+end
+
+puts
+
+# From a string:
+puts '+ Using an XML string:'
+Nessus::Parse.new(nil, { :xml => File.read('example_v1.nessus') }) do |scan|
+  scan.each_host(&method(:print_info))
 end

data/gemspec.yml

@@ -1,6 +1,6 @@
 name: ruby-nessus
 summary: Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner.
-version: 1.1.0
+version: 1.2.0
 description:
   Ruby-Nessus aims to deliver an easy yet powerful interface for interacting and 
   manipulating Nessus scan results and configurations.

data/lib/nessus/Version2/event.rb

@@ -87,7 +87,7 @@ module Nessus
       # @return [Boolean]
       #   Return true if the event is critical severity.
       #
-      def high?
+      def critical?
         severity == 4
       end
       

data/lib/nessus/Version2/host.rb

@@ -289,6 +289,37 @@ module Nessus
         @high_severity_events.each(&block)
       end
 
+      #
+      # Returns All Critical Event Objects For A Given Host.
+      #
+      # @yield [prog] If a block is given, it will be passed the newly
+      #               created Event object.
+      #
+      # @yieldparam [EVENT] prog The newly created Event object.
+      #
+      # @return [Integer]
+      #   Return The Critical Event Count For A Given Host.
+      #
+      # @example
+      #   host.critical_severity_events do |critical|
+      #     puts critical.name if critical.name
+      #   end
+      #
+      def critical_severity_events(&block)
+
+        unless @critical_severity_events
+          @critical_severity_events = []
+
+          @host.xpath("ReportItem").each do |event|
+            next if event['severity'].to_i != 4
+            @critical_severity_events << Event.new(event)
+          end
+
+        end
+
+        @critical_severity_events.each(&block)
+      end
+
       #
       # Return the total event count for a given host.
       #
@@ -299,7 +330,7 @@ module Nessus
       #   host.event_count #=> 3456
       #
       def event_count
-        ((low_severity_events.count) + (medium_severity_events.count) + (high_severity_events.count)).to_i
+        ((low_severity_events.count) + (medium_severity_events.count) + (high_severity_events.count) + (critical_severity_events.count)).to_i
       end
 
       #
@@ -332,10 +363,10 @@ module Nessus
       end
 
       #
-      # Return the Open Ports count.
+      # Return an Array of open ports. 
       #
       # @return [Array]
-      #   The Open Ports Count
+      #   The open ports
       #
       # @example
       #   scan.ports #=> ['22', '80', '443']
@@ -404,6 +435,19 @@ module Nessus
         host_stats[:informational].to_i
       end
 
+      #
+      # Return the Critical severity count.
+      #
+      # @return [Integer]
+      #   The Critical Severity Count
+      #
+      # @example
+      #   scan.critical_severity_count #=> 10
+      #
+      def critical_severity_count
+        host_stats[:critical].to_i
+      end
+
       #
       # Return the High severity count.
       #
@@ -506,7 +550,7 @@ module Nessus
 
           unless @host_stats
             @host_stats = {}
-            @open_ports, @tcp, @udp, @icmp, @informational, @low, @medium, @high = 0,0,0,0,0,0,0,0
+            @open_ports, @tcp, @udp, @icmp, @informational, @low, @medium, @high, @critical = 0,0,0,0,0,0,0,0,0
 
             @host.xpath("ReportItem").each do |s|
               case s['severity'].to_i
@@ -518,6 +562,8 @@ module Nessus
                   @medium += 1
                 when 3
                   @high += 1
+                when 4
+                  @critical += 1
               end
 
               unless s['severity'].to_i == 0
@@ -537,7 +583,8 @@ module Nessus
                            :low => @low,
                            :medium => @medium,
                            :high => @high,
-                           :all => (@low + @medium + @high)}
+                           :critical => @critical,
+                           :all => (@low + @medium + @high + @critical)}
 
           end
           @host_stats

data/lib/nessus/parse.rb

@@ -11,10 +11,10 @@ module Nessus
 
   class Parse
 
-    def initialize(file, options={}, &block)
-      @file = File.open(file)
+    def initialize(file = nil, options = {}, &block)
+      doc = file ? File.read(file) : options[:xml]
+      @xml = Nokogiri::XML.parse(doc)
       @version = options[:version]
-      @xml = Nokogiri::XML.parse(@file.read)
 
       if @version
         case @version

data/lib/nessus/version.rb

@@ -1,3 +1,3 @@
 module Nessus
-  VERSION = '1.1.0'
+  VERSION = '1.2.0'
 end

data/spec/helpers/xml.rb

@@ -1,6 +1,10 @@
 module Helpers
-  v1 = File.join(File.dirname(__FILE__),'example_v1.nessus')
-  v2 = File.join(File.dirname(__FILE__),'example_v2.nessus')
-  DOT_NESSUS_V1 = Nokogiri::XML.parse(File.open(v1).read)
-  DOT_NESSUS_V2 = Nokogiri::XML.parse(File.open(v2).read)
-end
+  DOT_NESSUS_V1_PATH = File.join(File.dirname(__FILE__),'example_v1.nessus')
+  DOT_NESSUS_V2_PATH = File.join(File.dirname(__FILE__),'example_v2.nessus')
+
+  DOT_NESSUS_V1_DOC = File.read(DOT_NESSUS_V1_PATH)
+  DOT_NESSUS_V2_DOC = File.read(DOT_NESSUS_V2_PATH)
+
+  DOT_NESSUS_V1 = Nokogiri::XML.parse(DOT_NESSUS_V1_DOC)
+  DOT_NESSUS_V2 = Nokogiri::XML.parse(DOT_NESSUS_V2_DOC)
+end

data/spec/ruby-nessus/parse_spec.rb

@@ -0,0 +1,22 @@
+require_relative '../spec_helper'
+require_relative '../helpers/xml'
+
+describe 'Nessus::Parse' do
+  it 'should parse a valid v1 .nessus file' do
+    lambda { Nessus::Parse.new(Helpers::DOT_NESSUS_V1_PATH) }.should_not raise_error
+  end
+
+  it 'should parse a valid v2 .nessus file' do
+    lambda { Nessus::Parse.new(Helpers::DOT_NESSUS_V2_PATH) }.should_not raise_error
+  end
+
+  it 'should parse a valid v1 .nessus string' do
+    options = { :xml => Helpers::DOT_NESSUS_V1_DOC }
+    lambda { Nessus::Parse.new(nil, options) }.should_not raise_error
+  end
+
+  it 'should parse a valid v2 .nessus string' do
+    options = { :xml => Helpers::DOT_NESSUS_V2_DOC }
+    lambda { Nessus::Parse.new(nil, options) }.should_not raise_error
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-nessus
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-30 00:00:00.000000000 Z
+date: 2013-10-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -138,6 +138,7 @@ files:
 - spec/helpers/example_v1.nessus
 - spec/helpers/example_v2.nessus
 - spec/helpers/xml.rb
+- spec/ruby-nessus/parse_spec.rb
 - spec/ruby-nessus_spec.rb
 - spec/spec_helper.rb
 homepage: http://github.com/mephux/ruby-nessus
@@ -161,7 +162,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner.