RubyGems - ruby_burp - Versions diffs - 1.0.0 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +7 -0
data/lib/ruby_burp.rb +51 -0
data/lib/ruby_burp/rb_host.rb +8 -0
data/lib/ruby_burp/rb_issue.rb +3 -0
data/lib/ruby_burp/rb_reference.rb +21 -0
data/lib/ruby_burp/rb_request.rb +40 -0
data/lib/ruby_burp/rb_response.rb +38 -0
data/lib/ruby_burp/rb_vulnerability_classification.rb +22 -0
data/lib/ruby_burp/version.rb +3 -0
metadata +52 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 757c3b327d0a5d016a8ecae7766365cc0f4a32be
+  data.tar.gz: 8c8ffeaea906bb2235a552103155630f125217fe
+SHA512:
+  metadata.gz: 5bf68134ff68b1b9c1879732879b5cc5b6e660ba63489f6a8a4581e77b0e4f501c495c0e8b07e721c5a02023700c67b6f3e2bb1a7c0d8d6c2409950c766bd8cd
+  data.tar.gz: 0c75a43ca7525841fd050107cadc577a9b7204f4e11334d2fd8729ff029872ea0ad12adeac3b93f25ee1da90ec1da3a0a464f6e6cd02306efd0b913bf1d4d912

data/lib/ruby_burp.rb ADDED Viewed

@@ -0,0 +1,51 @@
+require 'nokogiri'
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'version')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_host')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_issue')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_request')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_response')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_reference')
+require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_vulnerability_classification')
+module RubyBurp
+  def self.parse(path)
+    issues = []
+    doc = Nokogiri::XML(File.open(path))
+    doc.xpath('//issues/issue').map do |xml_issue|
+      issue = RbIssue.new
+      [:serialNumber, :type, :name, :path, :location, :severity, :confidence, :issueBackground, :remediationBackground, :issueDetail].each do |field|
+        issue.send("#{rb_underscore(field.to_s)}=", xml_issue.css(field.to_s).text)
+      end
+      ip = xml_issue.css('host').attribute('ip').value
+      host = xml_issue.css('host').text
+      issue.host = RbHost.new(ip, host)
+      # p 'ref'
+      issue.references = RbReference.parse(xml_issue.css('references').text)
+      # p 'req'
+      issue.request = RbRequest.parse(xml_issue.to_s)
+      # p 'res'
+      issue.response = RbResponse.parse(xml_issue.to_s)
+      # p 'cla'
+      issue.vulnerability_classifications = RbVulnerabilityClassification.parse(xml_issue.css('vulnerability_classification').text)
+      issues.push issue
+      break
+    end
+    return issues
+  end
+  def self.rb_underscore(value)
+    value.gsub(/::/, '/').
+    gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
+    gsub(/([a-z\d])([A-Z])/,'\1_\2').
+    tr("-", "_").
+    downcase
+  end
+end

data/lib/ruby_burp/rb_host.rb ADDED Viewed

@@ -0,0 +1,8 @@
+class RbHost
+  attr_accessor :ip, :host
+  def initialize(ip, host)
+    self.ip = ip
+    self.host = host
+  end
+end

data/lib/ruby_burp/rb_issue.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class RbIssue
+  attr_accessor :serial_number, :type, :name, :host, :path, :location, :severity, :confidence, :issue_background, :remediation_background, :references, :vulnerability_classifications, :issue_detail, :request, :response
+end

data/lib/ruby_burp/rb_reference.rb ADDED Viewed

@@ -0,0 +1,21 @@
+class RbReference
+  attr_accessor :link, :name
+  def initialize(link, name)
+    self.link = link
+    self.name = name
+  end
+  class << self
+    def parse(html)
+      references = []
+      html_doc = Nokogiri::HTML(html)
+      html_doc.xpath('//ul/li').map do |link|
+        references.push(RbReference.new(link.css('a').attribute('href').value, link.css('a').text))
+      end
+      references
+    end
+  end
+end

data/lib/ruby_burp/rb_request.rb ADDED Viewed

@@ -0,0 +1,40 @@
+class RbRequest
+  attr_accessor :method, :base64, :text
+  def initialize(method, base64, text)
+    self.method = method
+    self.base64 = base64
+    self.text = text
+  end
+  class << self
+    def parse(xml)
+      requests = []
+      html_doc = Nokogiri::XML(xml)
+      req = html_doc.xpath('//requestresponse/request').first
+      begin
+        method = req.attribute('method').value
+      rescue
+        method = ''
+      end
+      begin
+        base64 = req.attribute('base64').value
+      rescue
+        base64 = ''
+      end
+      begin
+        req = req.text
+      rescue
+        req = ''
+      end
+      requests.push(RbRequest.new(method, base64, req))
+      requests
+    end
+  end
+end

data/lib/ruby_burp/rb_response.rb ADDED Viewed

@@ -0,0 +1,38 @@
+class RbResponse
+  attr_accessor :base64, :text, :redirected
+  def initialize(base64, text, redirected)
+    self.base64 = base64
+    self.text = text
+    self.redirected = redirected
+  end
+  class << self
+    def parse(xml)
+      responses = []
+      html_doc = Nokogiri::XML(xml)
+      res = html_doc.xpath('//requestresponse//response').first
+      begin
+        redirected = html_doc.xpath('//requestresponse//responseRedirected').first.text
+      rescue
+        redirected = ''
+      end
+      begin
+        base64 = res.attribute('base64').value
+      rescue
+        base64 = ''
+      end
+      begin
+        res = res.text
+      rescue
+        res = ''
+      end
+      responses.push(RbResponse.new(base64, res, redirected))
+      responses
+    end
+  end
+end

data/lib/ruby_burp/rb_vulnerability_classification.rb ADDED Viewed

@@ -0,0 +1,22 @@
+class RbVulnerabilityClassification
+  attr_accessor :link, :name
+  def initialize(link, name)
+    self.link = link
+    self.name = name
+  end
+  class << self
+    def parse(html)
+      classifications = []
+      html_doc = Nokogiri::HTML(html)
+      html_doc.xpath('//ul/li').map do |link|
+        classifications.push(RbVulnerabilityClassification.new(link.css('a').attribute('href').value, link.css('a').text))
+      end
+      classifications
+    end
+  end
+end

data/lib/ruby_burp/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module RubyBurp
+  VERSION = '1.0.0'
+end

metadata ADDED Viewed

@@ -0,0 +1,52 @@
+--- !ruby/object:Gem::Specification
+name: ruby_burp
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Adilson Chacon
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2018-11-16 00:00:00.000000000 Z
+dependencies: []
+description: Parses Burp Scanner XML file
+email:
+- adilsonchacon@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/ruby_burp.rb
+- lib/ruby_burp/rb_host.rb
+- lib/ruby_burp/rb_issue.rb
+- lib/ruby_burp/rb_reference.rb
+- lib/ruby_burp/rb_request.rb
+- lib/ruby_burp/rb_response.rb
+- lib/ruby_burp/rb_vulnerability_classification.rb
+- lib/ruby_burp/version.rb
+homepage: https://github.com/adilsonchacon/ruby_burp
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.3
+signing_key:
+specification_version: 4
+summary: Ruby Burp Parser
+test_files: []

ruby_burp 1.0.0