Class: Offrep::CommonXML
- Inherits:
-
Object
- Object
- Offrep::CommonXML
- Defined in:
- lib/offrep/commonxml.rb
Instance Attribute Summary collapse
-
#log ⇒ Object
Returns the value of attribute log.
-
#xmldoc ⇒ Object
Returns the value of attribute xmldoc.
Instance Method Summary collapse
- #anonymize(xmln) ⇒ Object
- #cmpvuln(vuln1, vuln2) ⇒ Object
- #cvss2f(score) ⇒ Object
- #emptyxml ⇒ Object
- #getcontent(cont, defvalue) ⇒ Object
- #importxml(trxml) ⇒ Object
-
#initialize ⇒ CommonXML
constructor
A new instance of CommonXML.
- #isortbysev! ⇒ Object
- #isortbysevrev! ⇒ Object
- #mergexml(trxml) ⇒ Object
- #osortbysev ⇒ Object
- #osortbysev! ⇒ Object
- #readxml(trxml) ⇒ Object
- #removebydef(defxml) ⇒ Object
- #removesev(sev) ⇒ Object
- #sev2i(sev) ⇒ Object
- #sevnum2text(sev) ⇒ Object
- #sortbysev ⇒ Object
- #sortbysevrev ⇒ Object
- #sortbyvuln ⇒ Object
- #swapvuln(vuln1, vuln2) ⇒ Object
- #to_com ⇒ Object
- #to_common ⇒ Object
- #translate(trxml) ⇒ Object
- #xsortbysev ⇒ Object
Constructor Details
#initialize ⇒ CommonXML
Returns a new instance of CommonXML.
10 11 12 13 |
# File 'lib/offrep/commonxml.rb', line 10 def initialize @log=Logger.new(STDERR) @log.level = Logger::WARN end |
Instance Attribute Details
#log ⇒ Object
Returns the value of attribute log.
8 9 10 |
# File 'lib/offrep/commonxml.rb', line 8 def log @log end |
#xmldoc ⇒ Object
Returns the value of attribute xmldoc.
8 9 10 |
# File 'lib/offrep/commonxml.rb', line 8 def xmldoc @xmldoc end |
Instance Method Details
#anonymize(xmln) ⇒ Object
82 83 84 85 86 87 88 89 90 |
# File 'lib/offrep/commonxml.rb', line 82 def anonymize(xmln) xmln.xpath('/vulnerabilities/vulnerability/target').each do |target| target.remove end xmln.xpath('/vulnerabilities/vulnerability/data/common/output').each do |output| output.remove end return xmln end |
#cmpvuln(vuln1, vuln2) ⇒ Object
116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 |
# File 'lib/offrep/commonxml.rb', line 116 def cmpvuln(vuln1,vuln2) sev1=sev2i(getcontent(vuln1.at_xpath('./data/common/severity'),'0')) cvss1=cvss2f(getcontent(vuln1.at_xpath('./data/common/score'),'0.0')) sev2=sev2i(getcontent(vuln2.at_xpath('./data/common/severity'),'0')) cvss2=cvss2f(getcontent(vuln2.at_xpath('./data/common/score'),'0.0')) ret=0 case when sev1>sev2 ret=1 when sev1<sev2 ret=-1 when sev1==sev2 case when cvss1>cvss2 ret=1 when cvss1<cvss2 ret=-1 when cvss1==cvss2 ret=0 end end return ret end |
#cvss2f(score) ⇒ Object
65 66 67 68 69 70 71 72 73 |
# File 'lib/offrep/commonxml.rb', line 65 def cvss2f(score) scorenum=0.to_f if score.is_a? Float scorenum=score else scorenum=score.to_f end return scorenum end |
#emptyxml ⇒ Object
92 93 94 95 96 97 98 99 |
# File 'lib/offrep/commonxml.rb', line 92 def emptyxml misvulns = Nokogiri::XML::Builder.new do |xml| xml.vulnerabilities { } end # misvulns misxml = Nokogiri::XML(misvulns.to_xml) return misxml end |
#getcontent(cont, defvalue) ⇒ Object
256 257 258 259 260 261 262 |
# File 'lib/offrep/commonxml.rb', line 256 def getcontent(cont,defvalue) if cont.nil? then return defvalue else return cont.content end end |
#importxml(trxml) ⇒ Object
21 22 23 24 25 26 27 |
# File 'lib/offrep/commonxml.rb', line 21 def importxml(trxml) if @xmldoc.nil? then readxml(trxml) else mergexml(trxml) end end |
#isortbysev! ⇒ Object
140 141 142 143 |
# File 'lib/offrep/commonxml.rb', line 140 def isortbysev! vulnxml=sortbysev @xmldoc=vulnxml end |
#isortbysevrev! ⇒ Object
145 146 147 148 |
# File 'lib/offrep/commonxml.rb', line 145 def isortbysevrev! vulnxml=sortbysevrev @xmldoc=vulnxml end |
#mergexml(trxml) ⇒ Object
250 251 252 253 254 |
# File 'lib/offrep/commonxml.rb', line 250 def mergexml(trxml) doc = Nokogiri::XML(trxml) doc.xpath("/vulnerabilities/vulnerability").each do |vuln| end end |
#osortbysev ⇒ Object
177 178 179 180 181 |
# File 'lib/offrep/commonxml.rb', line 177 def osortbysev vulns=@xmldoc.xpath('/vulnerabilities/vulnerability') sorted=vulns.sort{|a,b| cmpvuln(a,b) } return sorted end |
#osortbysev! ⇒ Object
171 172 173 174 175 |
# File 'lib/offrep/commonxml.rb', line 171 def osortbysev! vulns=@xmldoc.xpath('/vulnerabilities/vulnerability') sorted=vulns.sort{|a,b| cmpvuln(a,b) } vulns=sorted end |
#readxml(trxml) ⇒ Object
15 16 17 18 19 |
# File 'lib/offrep/commonxml.rb', line 15 def readxml(trxml) # f=File.open(trxml) @xmldoc=Nokogiri::XML(trxml) #f.close end |
#removebydef(defxml) ⇒ Object
101 102 103 104 105 106 107 108 |
# File 'lib/offrep/commonxml.rb', line 101 def removebydef(defxml) defxml.xpath("/vulnerabilities/vulnerability").each do |vulndef| vulndef.element_children.each do |vulnele| vulnele.element_children.each do |vulnele| end end end end |
#removesev(sev) ⇒ Object
75 76 77 78 79 80 |
# File 'lib/offrep/commonxml.rb', line 75 def removesev(sev) @xmldoc.xpath("/vulnerabilities/vulnerability[./data/common/severity='#{sev}']").each do |vuln| vuln.remove end @xmldoc end |
#sev2i(sev) ⇒ Object
55 56 57 58 59 60 61 62 63 |
# File 'lib/offrep/commonxml.rb', line 55 def sev2i(sev) sevnum=0 if sev.is_a? Integer sevnum=sev else sevnum=sev.to_i end return sevnum end |
#sevnum2text(sev) ⇒ Object
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/offrep/commonxml.rb', line 29 def sevnum2text(sev) str="NOT" nsev=0 if sev.is_a? Integer nsev=sev else nsev=sev.to_i end case nsev when 4 str="CRITICAL" when 3 str="HIGH" when 2 str="MEDIUM" when 1 str="LOW" when 0 str="INFO" else str="UNKNOWN" end return str end |
#sortbysev ⇒ Object
157 158 159 160 161 162 |
# File 'lib/offrep/commonxml.rb', line 157 def sortbysev sorted=xsortbysev sorted.each do |vuln| @xmldoc.at_xpath('/vulnerabilities').add_child(vuln) end end |
#sortbysevrev ⇒ Object
150 151 152 153 154 155 |
# File 'lib/offrep/commonxml.rb', line 150 def sortbysevrev sorted=xsortbysev.reverse sorted.each do |vuln| @xmldoc.at_xpath('/vulnerabilities').add_child(vuln) end end |
#sortbyvuln ⇒ Object
183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 |
# File 'lib/offrep/commonxml.rb', line 183 def sortbyvuln vulnxml=emptyxml() xmldoc=@xmldoc xmldoc.xpath("/vulnerabilities/vulnerability").each do |vuln| foundid=false vuln.at_xpath('./id').element_children.each do |ids| if foundid then next end foundvuln=vulnxml.at_xpath("/vulnerabilities/vulnerability[./id/#{ids.name}='#{ids.content}']") if foundvuln.nil? # if not found add complete vulnerability vulnxml.at_xpath('/vulnerabilities').add_child(vuln.dup) else # if found, add only target part foundvuln.add_child(vuln.at_xpath('./target').dup) # TODO: add output as well foundid=true end end end return vulnxml end |
#swapvuln(vuln1, vuln2) ⇒ Object
110 111 112 113 114 |
# File 'lib/offrep/commonxml.rb', line 110 def swapvuln(vuln1,vuln2) tempvuln=vuln1.dup vuln1=vuln2 vuln2=tempvuln end |
#to_com ⇒ Object
268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 |
# File 'lib/offrep/commonxml.rb', line 268 def to_com builder = Nokogiri::XML::Builder.new do |xml| xml.vulnerabilities { @xmldoc.xpath("/NessusClientData_v2/Report/ReportHost").each do |host| host.xpath("./ReportItem").each do |ri| xml.vulnerability_ { xml.target_ { xml.ip_ host.attribute("name").to_s || '0' xml.port_ ri.attribute("port").to_s || '0' xml.protocol_ ri.attribute("protocol").to_s || 'ip' xml.service_ ri.attribute("svc_name").to_s || 'general' } xml.id_ { xml.nessusPluginId_ ri.attribute("pluginID").to_s || '0' } xml.data_ { xml.common { xml.severity_ ri.attribute("severity").to_s || '0' xml.score_ getcontent(ri.at_xpath('./cvss_base_score'),'') xml.title_ ri.attribute("pluginName").to_s || '' xml.synopsis_ getcontent(ri.at_xpath('./synopsis'),'') xml.description_ getcontent(ri.at_xpath('./description'),'') xml.solution_ getcontent(ri.at_xpath('./solution'),'') } } } end # host.xpath end # @xmldoc.xpath } end return builder.to_xml end |
#to_common ⇒ Object
264 265 266 |
# File 'lib/offrep/commonxml.rb', line 264 def to_common return @xmldoc end |
#translate(trxml) ⇒ Object
207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 |
# File 'lib/offrep/commonxml.rb', line 207 def translate(trxml) misxml = emptyxml() @xmldoc.xpath('/vulnerabilities/vulnerability').each do |vuln| foundit=false # binding.pry vuln.at_xpath('./id').element_children.each do |ids| if ids.name=='cve' then next end # binding.pry trid=trxml.at_xpath("/vulnerabilities/vulnerability[./id/#{ids.name}='#{ids.content}']") if not trid.nil? then foundit=true # replace all XML elements inside /data/common to translated ones trid.at_xpath('./data/common').element_children.each do |ele| # puts ele.name foundele=vuln.at_xpath("./data/common/#{ele.name}") # if element not found, add as a child in common # binding.pry if foundele.nil? vuln.at_xpath("./data/common").add_child(trid.at_xpath("./data/common").dup) else foundele.content = ele.content end end # trid.at_xpath end # if not trid end # vuln.at_xpath .. ids # trxml.xpath('/vulnerabilities/vulnerability').each do |trvuln| # vuln.at_xpath('./data/common').element_children.each { |e| puts e.name } if foundit then # puts "Found for #{vuln.to_s[0..60]}" else # puts "Not found for #{vuln.to_s[0..60]}" # binding.pry misxml.at_xpath('/vulnerabilities').add_child(vuln.dup) end end # @xmldoc ... vuln # puts misxml return misxml end |
#xsortbysev ⇒ Object
164 165 166 167 168 169 |
# File 'lib/offrep/commonxml.rb', line 164 def xsortbysev vulnsnode=@xmldoc.at_xpath('/vulnerabilities') vulns=vulnsnode.xpath('./vulnerability') sorted=vulns.sort {|a,b| cmpvuln(a,b) } return sorted end |