Class: Offrep::NessusXML

Inherits:
Object
  • Object
show all
Defined in:
lib/offrep/nessusxml.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeNessusXML

Returns a new instance of NessusXML.



8
9
10
11
 
# File 'lib/offrep/nessusxml.rb', line 8

def initialize
  @log=Logger.new(STDERR)
  @log.level = Logger::WARN
end

Instance Attribute Details

#logObject

Returns the value of attribute log.



6
7
8
 
# File 'lib/offrep/nessusxml.rb', line 6

def log
  @log
end

#xmldocObject

Returns the value of attribute xmldoc.



6
7
8
 
# File 'lib/offrep/nessusxml.rb', line 6

def xmldoc
  @xmldoc
end

Instance Method Details

#getcontent(cont, defvalue) ⇒ Object 



62
63
64
65
66
67
68
 
# File 'lib/offrep/nessusxml.rb', line 62

def getcontent(cont,defvalue)
  if cont.nil? then
    return defvalue
  else
    return cont.content
  end
end

#importxml(trxml) ⇒ Object 



19
20
21
22
23
24
25
 
# File 'lib/offrep/nessusxml.rb', line 19

def importxml(trxml)
	if @xmldoc.nil? then
      readxml(trxml)
    else
      mergexml(trxml)
    end
end

#mergexml(trxml) ⇒ Object 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/offrep/nessusxml.rb', line 27

def mergexml(trxml)
	f = File.open(trxml)
	doc = Nokogiri::XML(f)

    reportnode=@xmldoc.at_xpath("/NessusClientData_v2/Report")
	doc.xpath("/NessusClientData_v2/Report/ReportHost").each { |host|
	  hostname=host.attribute("name").to_s
	  result=@xmldoc.xpath('/NessusClientData_v2/Report/ReportHost[@name="'+hostname+'"]')
	  if result.empty?
 reportnode.add_child(host)
 @log.debug("host "+hostname+": not found, added")
	  else
 @log.debug("host "+hostname+": found, not added new")
 rhnode=@xmldoc.at_xpath('/NessusClientData_v2/Report/ReportHost[@name="'+hostname+'"]')
 host.xpath("./ReportItem").each { |ri|
   port=ri.attribute("port").to_s
   pluginid=ri.attribute("pluginID").to_s
   protocol=ri.attribute("protocol").to_s

   resultri=@xmldoc.xpath('/NessusClientData_v2/Report/ReportHost[@name="'+hostname+'"]/ReportItem[@pluginID="'+pluginid+
   '" and @port="'+port+
   '" and @protocol="'+protocol+'"]')
   if resultri.empty?
		rhnode.add_child(ri)
		@log.debug(port+";"+protocol+";"+pluginid+": not found, added")
   else
		@log.debug(port+";"+protocol+";"+pluginid+": found, not added new")
   end
 } # host.xpath
	  end
	} # xpath.each host

	f.close
end

#readxml(trxml) ⇒ Object 



13
14
15
16
17
 
# File 'lib/offrep/nessusxml.rb', line 13

def readxml(trxml)
  # f=File.open(trxml)
  @xmldoc=Nokogiri::XML(trxml)
  #f.close
end

#to_commonObject 



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'lib/offrep/nessusxml.rb', line 70

def to_common
builder = Nokogiri::XML::Builder.new do |xml|
xml.vulnerabilities {
  @xmldoc.xpath("/NessusClientData_v2/Report/ReportHost").each do |host|
  host.xpath("./ReportItem").each do |ri|
  xml.vulnerability_ {
    xml.target_ {
      xml.ip_ host.attribute("name").to_s || '0'
      xml.port_ ri.attribute("port").to_s || '0'
      xml.protocol_ ri.attribute("protocol").to_s || 'ip'
      xml.service_ ri.attribute("svc_name").to_s || 'general'
	}
    xml.id_ {
      xml.nessusPluginId_ ri.attribute("pluginID").to_s || '0'
    }
    xml.data_ {
      xml.common {
        xml.severity_ ri.attribute("severity").to_s || '0'
        xml.score_ getcontent(ri.at_xpath('./cvss_base_score'),'')
        xml.title_ ri.attribute("pluginName").to_s || ''
 xml.synopsis_ getcontent(ri.at_xpath('./synopsis'),'')
 xml.description_ getcontent(ri.at_xpath('./description'),'')
 xml.solution_ getcontent(ri.at_xpath('./solution'),'')
 xml.output_ getcontent(ri.at_xpath('./plugin_output'),'')
 xml.references_ getcontent(ri.at_xpath('./see_also'),'')
      }
    }
  }
  end # host.xpath
  end # @xmldoc.xpath
}
end
return builder.to_xml

end