Class: Dradis::Plugins::Saint::Importer

Inherits:
Upload::Importer
  • Object
show all
Defined in:
lib/dradis/plugins/saint/importer.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.templatesObject 



3
4
5
 
# File 'lib/dradis/plugins/saint/importer.rb', line 3

def self.templates
  { evidence: 'evidence', issue: 'vulnerability' }
end

Instance Method Details

#import(params = {}) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/dradis/plugins/saint/importer.rb', line 7

def import(params={})
  @issues = {}
  @hosts = {}
  file_content = File.read(params[:file])

  logger.info {'Parsing SAINT output file...'}
  doc = Nokogiri::XML( file_content )
  logger.info{'Done.'}

  if doc.xpath('/report').empty?
    error = "No reports were detected in the uploaded file (/report). Ensure you uploaded a SAINT XML report."
    logger.fatal{ error }
    content_service.create_note text: error
    return false
  end

  doc.xpath('/report').each do |xml_report|
    logger.info {'Processing report...'}

    # Process <host> tags
    xml_report.xpath('./overview/hosts/host').each do |host|
      process_host_item(host)
    end

    # Process <vulnerability> tags
    xml_report.xpath('./details/vulnerability').each do |vuln|
      process_vuln_issue(vuln)
    end

    # Process <vulnerabilities> tag
    xml_report.xpath('./overview/vulnerabilities/host_info').each do |xml_host_info|
      host_name = xml_host_info.xpath('./hostname').first.text
      xml_host_info.xpath('./vulnerability').each do |evidence|
        process_evidence(evidence, host_name)
      end
    end

    logger.info {'Report processed...'}
  end

  true
end