Sign upLogin

hammackj/risu

View on GitHub
Star
lib/risu/parsers/nessus/postprocess/post_process.rb

Summary

Maintainability
A
1 hr
Test Coverage
# Copyright (c) 2010-2020 Jacob Hammack.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.


module Risu
    module Parsers
        module Nessus
            module PostProcess
                class PostProcess #< Risu::Base::PostProcessBase

                    #
                    def initialize
                        @name = ""
                        @plugin_id = -1
                        @plugin_ids = []
                        @plugin_name = ""
                        @item_name = ""
                    end

                    #NOTE:
                    #looks like its working
                    def newest_plugin
                        newest = DateTime.new(0001, 01, 01)
                        newest_plugin = nil

                        @plugin_ids.uniq.each do |id|
                            plugin = Plugin.find_by_id(id)

                            if plugin == nil || plugin.plugin_modification_date == nil
                                next
                            end

                            if plugin.plugin_modification_date >= newest
                                newest = plugin.plugin_modification_date if plugin.plugin_modification_date != nil
                                newest_plugin = plugin
                            end
                        end

                        return newest_plugin
                    end

                    # Creates a rollup plugin
                    #
                    def create_plugin
                        plugin = Plugin.find_by_id(@plugin_id)

                        newest_plugin = newest_plugin()

                        if newest_plugin == nil
                            return
                        end

                        if plugin == nil
                            plugin = Plugin.new
                        end

                        plugin.id = @plugin_id
                        plugin.plugin_name = @plugin_name
                        plugin.family_name = "Risu Rollup Plugins"
                        plugin.description = @description #newest_plugin.description || ""
                        plugin.plugin_version = newest_plugin.plugin_version || ""
                        plugin.plugin_publication_date = newest_plugin.plugin_publication_date
                        plugin.plugin_modification_date = newest_plugin.plugin_modification_date
                        plugin.vuln_publication_date = newest_plugin.vuln_publication_date
                        plugin.cvss_vector = newest_plugin.cvss_vector || ""
                        plugin.cvss_base_score = newest_plugin.cvss_base_score
                        plugin.cvss_temporal_score = newest_plugin.cvss_temporal_score
                        plugin.cvss_temporal_vector = newest_plugin.cvss_temporal_vector
                        plugin.risk_factor = newest_plugin.risk_factor
                        plugin.solution = newest_plugin.solution
                        plugin.synopsis = newest_plugin.synopsis
                        plugin.plugin_type = "Rollup"
                        plugin.rollup = true

                        plugin.save
                    end

                    #
                    def create_item(host_id, severity)
                        item = Item.new

                            item.host_id = host_id
                            item.plugin_id = @plugin_id
                            item.plugin_output = nil
                            item.port = 0
                            item.severity = severity
                            item.plugin_name = @item_name

                        item.save
                    end

                    #
                    def has_findings
                        @plugin_ids.each do |plugin_id|
                            if Item.where(:plugin_id => plugin_id)
                                return true
                            end
                        end

                        return false
                    end

                    def has_host_findings? host_id
                        @plugin_ids.each do |plugin_id|
                            if Item.where(:plugin_id => plugin_id).where(:host_id => host_id).count >= 1
                                return true
                            end
                        end

                        return false
                    end

                    #
                    def calculate_severity current_severity, severity
                        if severity > current_severity
                            return severity
                        else
                            return current_severity
                        end
                    end

                    #
                    def run
                        if !has_findings()
                            return
                        end

                        #Create the dummy plugin
                        create_plugin()

                        Host.all.each do |host|
                            if !has_host_findings?(host.id)
                                next
                            end

                            finding_severity = 0

                            @plugin_ids.each do |plugin_id|
                                Item.where(:plugin_id => plugin_id).each do |item|
                                    severity = item.severity
                                    item.real_severity = severity
                                    item.severity = -1
                                    item.save

                                    finding_severity = calculate_severity(finding_severity, severity)
                                end
                            end

                            create_item(host.id, finding_severity)
                        end
                    end
                end
            end
        end
    end
end