ruby-nessus2 2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. checksums.yaml +7 -0
  2. data/.drone.yml +51 -0
  3. data/.gitignore +5 -0
  4. data/.rspec +1 -0
  5. data/.rubocop.yml +4 -0
  6. data/.rubocop_todo.yml +124 -0
  7. data/.travis.yml +13 -0
  8. data/.yardopts +1 -0
  9. data/Gemfile +6 -0
  10. data/Gemfile.lock +75 -0
  11. data/LICENSE.txt +20 -0
  12. data/README.md +181 -0
  13. data/Rakefile +21 -0
  14. data/bin/recess +10 -0
  15. data/examples/example.rb +46 -0
  16. data/examples/example_bid.rb +28 -0
  17. data/examples/example_cpe.rb +28 -0
  18. data/examples/example_cve.rb +36 -0
  19. data/examples/example_v1.nessus +1 -0
  20. data/examples/example_v2.nessus +2076 -0
  21. data/examples/example_v3.nessus +7449 -0
  22. data/lib/ruby-nessus.rb +5 -0
  23. data/lib/ruby-nessus/cli.rb +126 -0
  24. data/lib/ruby-nessus/log.rb +84 -0
  25. data/lib/ruby-nessus/parse.rb +46 -0
  26. data/lib/ruby-nessus/ruby-nessus.rb +6 -0
  27. data/lib/ruby-nessus/version.rb +5 -0
  28. data/lib/ruby-nessus/version1/event.rb +85 -0
  29. data/lib/ruby-nessus/version1/host.rb +267 -0
  30. data/lib/ruby-nessus/version1/port.rb +84 -0
  31. data/lib/ruby-nessus/version1/scan.rb +404 -0
  32. data/lib/ruby-nessus/version2/event.rb +410 -0
  33. data/lib/ruby-nessus/version2/host.rb +522 -0
  34. data/lib/ruby-nessus/version2/port.rb +75 -0
  35. data/lib/ruby-nessus/version2/scan.rb +393 -0
  36. data/ruby-nessus.gemspec +28 -0
  37. data/spec/ruby-nessus/parse_spec.rb +40 -0
  38. data/spec/ruby-nessus/version1/event_spec.rb +69 -0
  39. data/spec/ruby-nessus/version1/host_spec.rb +75 -0
  40. data/spec/ruby-nessus/version1/scan_spec.rb +97 -0
  41. data/spec/ruby-nessus/version2/event_spec.rb +225 -0
  42. data/spec/ruby-nessus/version2/host_spec.rb +148 -0
  43. data/spec/ruby-nessus/version2/scan_spec.rb +96 -0
  44. data/spec/ruby-nessus/version_spec.rb +11 -0
  45. data/spec/spec_fixtures/example_v1.nessus +1 -0
  46. data/spec/spec_fixtures/example_v2.nessus +2080 -0
  47. data/spec/spec_fixtures/example_v_wrong.nessus +3 -0
  48. data/spec/spec_fixtures/xml.rb +15 -0
  49. data/spec/spec_helper.rb +7 -0
  50. metadata +190 -0
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: dfbb0cc4b36dc02060dca5a459faeaad1b20b56c164877ddd0acd58cd94388f8
4
+ data.tar.gz: f90aedfb65787d0581ec50b8a028bb6bd92a429a63dace56456b43a2a6609538
5
+ SHA512:
6
+ metadata.gz: 340eb02d96eebc0cf51c8938df59d78502396651fa38162452361bb953880dfb4152abea5cc1b31fb3f6d8a0f2603dc5d24f8f13eb67634c9167287d45d5a85a
7
+ data.tar.gz: 4e374de44ad59e08518df095709f8399d8cb0283c660fd0b1113ba6cccf37fa9f805dfae08ba67ebf4b611071c2ffae0f8556f9bd79a1d5b38b16178a1af8709
@@ -0,0 +1,51 @@
1
+ clone:
2
+ git:
3
+ image: plugins/git
4
+ branch: master
5
+ depth: 32767
6
+
7
+ workspace:
8
+ base: /build
9
+ path: src/github.com/mephux/ruby-nessus
10
+
11
+ pipeline:
12
+ normal:
13
+ image: mephux/docker-golang
14
+ environment:
15
+ - GO15VENDOREXPERIMENT=1
16
+ commands:
17
+ - export GEM_HOME=$HOME/.gem
18
+ - export GEM_PATH=$HOME/.gem
19
+ - export PATH=$PATH:$GEM_PATH/bin
20
+ - apk add --update rpm ruby-dev gcc make > /dev/null 2>&1
21
+ - gem install bundler --no-rdoc --no-ri --no-document
22
+ - bundle install --jobs=3 --retry=3
23
+ - bundle exec rubocop -F --fail-level C -f s
24
+ - bundle exec rspec spec
25
+ when:
26
+ event: [push]
27
+ dist:
28
+ image: mephux/docker-golang
29
+ environment:
30
+ - GO15VENDOREXPERIMENT=1
31
+ commands:
32
+ - export GEM_HOME=$HOME/.gem
33
+ - export GEM_PATH=$HOME/.gem
34
+ - export PATH=$PATH:$GEM_PATH/bin
35
+ - apk add --update rpm ruby-dev gcc make > /dev/null 2>&1
36
+ - gem install bundler --no-rdoc --no-ri --no-document
37
+ - bundle install --jobs=3 --retry=3
38
+ - bundle exec rubocop -F --fail-level C -f s
39
+ - bundle exec rspec spec
40
+ - gem build ruby-nessus.gemspec
41
+ - gem push ruby-nessus.gem --key=$$rubygems
42
+ when:
43
+ event: [tag]
44
+ publish:
45
+ github_release:
46
+ api_key: $$GITHUB
47
+ files: dist/*xz
48
+ file_exists: fail
49
+ # draft: true
50
+ when:
51
+ event: tag
@@ -0,0 +1,5 @@
1
+ doc/
2
+ pkg/
3
+ .
4
+ .idea
5
+ coverage
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --colour --format documentation
@@ -0,0 +1,4 @@
1
+ inherit_from: .rubocop_todo.yml
2
+
3
+ AllCops:
4
+ TargetRubyVersion: 2.3
@@ -0,0 +1,124 @@
1
+ # This configuration was generated by
2
+ # `rubocop --auto-gen-config`
3
+ # on 2017-12-21 10:52:38 +0100 using RuboCop version 0.52.0.
4
+ # The point is for the user to remove these configuration records
5
+ # one by one as the offenses are removed from the code base.
6
+ # Note that changes in the inspected code, or installation of new
7
+ # versions of RuboCop, may require this file to be generated again.
8
+
9
+ # Offense count: 1
10
+ Lint/DuplicateMethods:
11
+ Exclude:
12
+ - 'lib/ruby-nessus/version1/port.rb'
13
+
14
+ # Offense count: 7
15
+ Metrics/AbcSize:
16
+ Max: 70
17
+
18
+ # Offense count: 11
19
+ # Configuration parameters: CountComments, ExcludedMethods.
20
+ Metrics/BlockLength:
21
+ Max: 79
22
+
23
+ # Offense count: 5
24
+ # Configuration parameters: CountComments.
25
+ Metrics/ClassLength:
26
+ Max: 187
27
+
28
+ # Offense count: 2
29
+ Metrics/CyclomaticComplexity:
30
+ Max: 12
31
+
32
+ # Offense count: 10
33
+ # Configuration parameters: CountComments.
34
+ Metrics/MethodLength:
35
+ Max: 49
36
+
37
+ # Offense count: 2
38
+ Metrics/PerceivedComplexity:
39
+ Max: 9
40
+
41
+ # Offense count: 1
42
+ Naming/AccessorMethodName:
43
+ Exclude:
44
+ - 'lib/ruby-nessus/version1/host.rb'
45
+
46
+ # Offense count: 2
47
+ # Configuration parameters: ExpectMatchingDefinition, Regex, IgnoreExecutableScripts, AllowedAcronyms.
48
+ # AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
49
+ Naming/FileName:
50
+ Exclude:
51
+ - 'lib/ruby-nessus.rb'
52
+ - 'lib/ruby-nessus/ruby-nessus.rb'
53
+
54
+ # Offense count: 5
55
+ Style/DateTime:
56
+ Exclude:
57
+ - 'lib/ruby-nessus/version1/host.rb'
58
+ - 'lib/ruby-nessus/version1/scan.rb'
59
+
60
+ # Offense count: 12
61
+ Style/Documentation:
62
+ Exclude:
63
+ - 'spec/**/*'
64
+ - 'test/**/*'
65
+ - 'lib/ruby-nessus/cli.rb'
66
+ - 'lib/ruby-nessus/log.rb'
67
+ - 'lib/ruby-nessus/parse.rb'
68
+ - 'lib/ruby-nessus/ruby-nessus.rb'
69
+ - 'lib/ruby-nessus/version1/event.rb'
70
+ - 'lib/ruby-nessus/version1/host.rb'
71
+ - 'lib/ruby-nessus/version1/port.rb'
72
+ - 'lib/ruby-nessus/version1/scan.rb'
73
+ - 'lib/ruby-nessus/version2/event.rb'
74
+ - 'lib/ruby-nessus/version2/host.rb'
75
+ - 'lib/ruby-nessus/version2/port.rb'
76
+ - 'lib/ruby-nessus/version2/scan.rb'
77
+
78
+ # Offense count: 14
79
+ # Configuration parameters: .
80
+ # SupportedStyles: annotated, template, unannotated
81
+ Style/FormatStringToken:
82
+ EnforcedStyle: unannotated
83
+
84
+ # Offense count: 10
85
+ # Configuration parameters: MinBodyLength.
86
+ Style/GuardClause:
87
+ Exclude:
88
+ - 'lib/ruby-nessus/version1/port.rb'
89
+ - 'lib/ruby-nessus/version1/scan.rb'
90
+ - 'lib/ruby-nessus/version2/host.rb'
91
+ - 'lib/ruby-nessus/version2/scan.rb'
92
+
93
+ # Offense count: 3
94
+ # Cop supports --auto-correct.
95
+ # Configuration parameters: AutoCorrect, EnforcedStyle.
96
+ # SupportedStyles: predicate, comparison
97
+ Style/NumericPredicate:
98
+ Exclude:
99
+ - 'spec/**/*'
100
+ - 'lib/ruby-nessus/version2/event.rb'
101
+ - 'lib/ruby-nessus/version2/host.rb'
102
+ - 'lib/ruby-nessus/version2/scan.rb'
103
+
104
+ # Offense count: 1
105
+ # Cop supports --auto-correct.
106
+ # Configuration parameters: EnforcedStyle, AllowInnerSlashes.
107
+ # SupportedStyles: slashes, percent_r, mixed
108
+ Style/RegexpLiteral:
109
+ Exclude:
110
+ - 'lib/ruby-nessus/version1/port.rb'
111
+
112
+ # Offense count: 1
113
+ # Cop supports --auto-correct.
114
+ # Configuration parameters: EnforcedStyle.
115
+ # SupportedStyles: implicit, explicit
116
+ Style/RescueStandardError:
117
+ Exclude:
118
+ - 'lib/ruby-nessus/cli.rb'
119
+
120
+ # Offense count: 75
121
+ # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
122
+ # URISchemes: http, https
123
+ Metrics/LineLength:
124
+ Max: 185
@@ -0,0 +1,13 @@
1
+ language: ruby
2
+ sudo: false
3
+ cache: bundler
4
+ rvm:
5
+ - 2.3.4
6
+ - 2.4.1
7
+
8
+ script:
9
+ - bundle exec rubocop -F --fail-level C -f s
10
+ - bundle exec rspec spec
11
+
12
+ notifications:
13
+ email: false
@@ -0,0 +1 @@
1
+ --markup markdown --title "ruby-nessus Documentation" --protected
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ source 'https://rubygems.org'
4
+ gemspec
5
+
6
+ gem 'coveralls', require: false
@@ -0,0 +1,75 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ ruby-nessus (2.0.beta)
5
+ nokogiri (~> 1.4)
6
+ rainbow (>= 2.0)
7
+
8
+ GEM
9
+ remote: https://rubygems.org/
10
+ specs:
11
+ ast (2.3.0)
12
+ coveralls (0.8.21)
13
+ json (>= 1.8, < 3)
14
+ simplecov (~> 0.14.1)
15
+ term-ansicolor (~> 1.3)
16
+ thor (~> 0.19.4)
17
+ tins (~> 1.6)
18
+ diff-lcs (1.3)
19
+ docile (1.1.5)
20
+ json (2.1.0)
21
+ mini_portile2 (2.3.0)
22
+ nokogiri (1.8.1)
23
+ mini_portile2 (~> 2.3.0)
24
+ parallel (1.12.1)
25
+ parser (2.4.0.2)
26
+ ast (~> 2.3)
27
+ powerpack (0.1.1)
28
+ rainbow (3.0.0)
29
+ rspec (3.7.0)
30
+ rspec-core (~> 3.7.0)
31
+ rspec-expectations (~> 3.7.0)
32
+ rspec-mocks (~> 3.7.0)
33
+ rspec-core (3.7.0)
34
+ rspec-support (~> 3.7.0)
35
+ rspec-expectations (3.7.0)
36
+ diff-lcs (>= 1.2.0, < 2.0)
37
+ rspec-support (~> 3.7.0)
38
+ rspec-mocks (3.7.0)
39
+ diff-lcs (>= 1.2.0, < 2.0)
40
+ rspec-support (~> 3.7.0)
41
+ rspec-support (3.7.0)
42
+ rubocop (0.52.0)
43
+ parallel (~> 1.10)
44
+ parser (>= 2.4.0.2, < 3.0)
45
+ powerpack (~> 0.1)
46
+ rainbow (>= 2.2.2, < 4.0)
47
+ ruby-progressbar (~> 1.7)
48
+ unicode-display_width (~> 1.0, >= 1.0.1)
49
+ ruby-progressbar (1.9.0)
50
+ rubygems-tasks (0.2.4)
51
+ simplecov (0.14.1)
52
+ docile (~> 1.1.0)
53
+ json (>= 1.8, < 3)
54
+ simplecov-html (~> 0.10.0)
55
+ simplecov-html (0.10.2)
56
+ term-ansicolor (1.6.0)
57
+ tins (~> 1.0)
58
+ thor (0.19.4)
59
+ tins (1.16.3)
60
+ unicode-display_width (1.3.0)
61
+ yard (0.9.12)
62
+
63
+ PLATFORMS
64
+ ruby
65
+
66
+ DEPENDENCIES
67
+ coveralls
68
+ rspec (~> 3.7)
69
+ rubocop (~> 0.51)
70
+ ruby-nessus!
71
+ rubygems-tasks (~> 0.1)
72
+ yard (~> 0.9.11)
73
+
74
+ BUNDLED WITH
75
+ 1.16.0
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2013 Dustin Willis Webber
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,181 @@
1
+ [![Build Status](http://komanda.io:8080/api/badges/mephux/ruby-nessus/status.svg)](http://komanda.io:8080/mephux/ruby-nessus)
2
+
3
+ # Ruby-Nessus
4
+
5
+ [![Build Status](https://travis-ci.org/Cyberwatch/ruby-nessus.svg?branch=master)](https://travis-ci.org/Cyberwatch/ruby-nessus)
6
+ [![Coverage Status](https://coveralls.io/repos/github/Cyberwatch/ruby-nessus/badge.svg?branch=master)](https://coveralls.io/github/Cyberwatch/ruby-nessus?branch=master)
7
+
8
+ ## Description
9
+
10
+ Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner. Ruby-Nessus aims to deliver an easy yet powerful interface for interacting and manipulating Nessus scan results and configurations. Ruby-Nessus currently supports both version 1.0 and 2.0 of the .nessus file format. Please remember to submit bugs and request features if needed.
11
+
12
+ More Information:
13
+ * Documentation: http://rdoc.info/projects/mephux/ruby-nessus
14
+
15
+ ## Install
16
+
17
+ ```sudo gem install ruby-nessus```
18
+
19
+ ## Usage & Examples
20
+
21
+ The below example illustrates how easy it really is to iterate over result data.
22
+ ```ruby
23
+ require 'rubygems'
24
+ require 'ruby-nessus'
25
+
26
+ RubyNessus::Parse.new("example_v1.nessus", :version => 1) do |scan|
27
+ # OR: RubyNessus::Parse.new("example_v2.nessus") do |scan| <-- Ruby-Nessus will figured out the correct Nessus file version.
28
+
29
+ puts scan.title # The Nessus Report Title.
30
+ puts scan.host_count # Host Count.
31
+ puts scan.unique_ports # All Unique Ports Seen.
32
+
33
+ scan.hosts.each do |host|
34
+ next if host.event_count.zero? # Next Host If Event Count Is Zero.
35
+ puts host.hostname # The HostName For The Current Host.
36
+ puts host.event_count # The Event Count For The Current Host.
37
+
38
+ host.events.each do |event|
39
+ next if event.severity.medium? # Next Event Is The Event Severity Is Low. (supports high? medium? low?)
40
+ puts event.name if event.name # The Event Name If Not Blank.
41
+ puts event.port # The Event Port. (supports .number, .protocol and .service)
42
+ puts event.severity # The Event Severity (0->Informational, 1->low, 2->medium, 3->high, 4->critical)
43
+ puts event.plugin_id # The Nessus Plugin ID.
44
+ puts event.data if event.data # Raw Nessus Plugin Output Data.
45
+ end
46
+ end
47
+ end
48
+ ```
49
+
50
+ You also have the ability to search for particular hostnames. In the near future I plan to add the ability to pass the hosts block a hash of options for more complex searches.
51
+ ```ruby
52
+ scan.find_by_hostname("127.0.0.1") do |host|
53
+
54
+ puts host.scan_start_time
55
+ puts host.scan_stop_time
56
+ puts host.scan_runtime
57
+
58
+ host.high_severity_events do |event|
59
+ puts event.severity
60
+ puts event.port
61
+ puts event.data if event.data
62
+ end
63
+
64
+ end
65
+ ```
66
+ There are a bunch of convenient methods (maybe more then needed) added to make reporting a bit easier to produce quickly from a raw scan file. If you do not pass :version as an option it will default to the 2.0 .nessus schema.
67
+ ```ruby
68
+ RubyNessus::Parse.new("example_v2.nessus") do |scan|
69
+
70
+ puts scan.event_percentage_for('low', true) #=> 8%
71
+
72
+ puts scan.critical_severity_count # Critical Severity Event Count
73
+ puts scan.high_severity_count # High Severity Event Count
74
+ puts scan.medium_severity_count # Medium Severity Event Count
75
+ puts scan.low_severity_count # Low Severity Event Count
76
+ puts scan.open_ports_count # Open Port Count
77
+
78
+ puts scan.total_event_count #=> 3411 # Total Event Count
79
+ puts scan.hosts.count #=> 12
80
+
81
+
82
+ scan.host.each do |host|
83
+ puts host.hostname
84
+ puts host.event_percentage_for('low', true)
85
+ puts host.tcp_count #=> tcp, icmp, udp supported.
86
+
87
+ host.events.each do |event|
88
+ next if event.informational?
89
+
90
+ puts event.severity
91
+ puts event.synopsis
92
+ puts event.description
93
+ puts event.solution
94
+ puts event.output
95
+ puts event.risk
96
+
97
+ end
98
+
99
+ end
100
+
101
+ end
102
+ ```
103
+ Ruby-Nessus also ships with a POC CLI application for the lib called 'recess':
104
+ ```
105
+ Recess 0.1.1
106
+ usage: recess FILE [OPTIONS]
107
+ -f, --file FILE The .nessus file to parse.
108
+ -h, --help This help summary page.
109
+ -v, --version Recess Version.
110
+ ```
111
+ Below is example output generated by recess:
112
+ ```
113
+ $> recess examples/example_v2.nessus
114
+ Recess - Ruby-Nessus CLI
115
+ Version: 0.1.1
116
+
117
+ -> SCAN Metadata:
118
+
119
+ Scan Title: Ruby-Nessus
120
+ Policy Title: Ruby-Nessus
121
+
122
+ -> SCAN Statistics:
123
+
124
+ Host Count: 2
125
+ Open Port Count: 51
126
+ TCP Count: 38
127
+ UDP Count: 11
128
+ ICMP Count: 1
129
+
130
+ -> EVENT Statistics:
131
+
132
+ Informational Severity Count: 19
133
+ Low Severity Count: 47
134
+ Medium Severity Count: 3
135
+ High Severity Count: 0
136
+ Total Event Count: 50
137
+
138
+
139
+ Low Event Percentage: 94
140
+ Medium Event Percentage: 6
141
+ High Event Percentage: 0
142
+
143
+ -> HOSTS:
144
+
145
+ Hostname: snorby.org
146
+ - IP Address:: 173.45.230.150
147
+ - Informational Count: 12
148
+ - Low Count: 34
149
+ - Medium Count: 1
150
+ - High Count: 0
151
+
152
+ Hostname: scanme.insecure.org
153
+ - IP Address:: 64.13.134.52
154
+ - Informational Count: 7
155
+ - Low Count: 13
156
+ - Medium Count: 2
157
+ - High Count: 0
158
+ ```
159
+ ## Requirements
160
+ * Ruby >= 2.3
161
+ * Nokogiri http://github.com/tenderlove/nokogiri
162
+
163
+ ## Todo
164
+ * Add The Ability to parse the scan configuration and plugin options.
165
+ * Building XML (.nessus) files configurations
166
+ * Add Support For NBE File Formats.
167
+
168
+ ## Note on Patches & Pull Requests
169
+ * Fork the project.
170
+ * Make your feature addition or bug fix.
171
+ * Add tests for it. This is important so I don't break it in a
172
+ future version unintentionally.
173
+ * Commit, do not mess with rakefile, version, or history.
174
+ (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
175
+ * Send me a pull request. Bonus points for topic branches.
176
+
177
+ ## Copyright
178
+
179
+ Copyright (c) 2009 Dustin Willis Webber. See LICENSE for details.
180
+
181
+ Copyright (c) 2017 Florian Wininger. See LICENSE for details.