Class: Risu::Templates::MaliciousProcessDetection

Inherits:

Base::TemplateBase

Object
Base::TemplateBase
Risu::Templates::MaliciousProcessDetection

show all

Includes:: TemplateHelper

Defined in:: lib/risu/templates/malicious_process_detection.rb

Instance Attribute Summary

Attributes inherited from Base::TemplateBase

#output, #template_info

Instance Method Summary collapse

#initialize ⇒ MaliciousProcessDetection constructor

A new instance of MaliciousProcessDetection.
#render(output) ⇒ Object

Constructor Details

#initialize ⇒ `MaliciousProcessDetection`

Returns a new instance of MaliciousProcessDetection.

# File 'lib/risu/templates/malicious_process_detection.rb', line 27

def initialize
	@template_info =
	{
		:name => "malicious_process_detection",
		:author => "hammackj",
		:version => "0.0.1",
		:renderer => "PDF",
		:description => "Generates a Malicious Process Detection Report"
	}
end

Instance Method Details

#render(output) ⇒ `Object`

# File 'lib/risu/templates/malicious_process_detection.rb', line 38

def render output
	text Report.classification.upcase, :align => :center
	text "\n"

	report_title Report.title
	report_subtitle "Malicious Process Detection Findings"
	report_author "This report was prepared by\n#{Report.author}"

	text "\n\n\n"

	unique_risks = Array.new
	unique_risks << Hash[:title => "Malicious Processes", :color => "9B30FF", :values => Item.where(:plugin_id => 59275)] if Item.where(:plugin_id => 59275).count != 0

	unique_risks.each_with_index do |h, index|
		if h[:values].length > 0

			output.font_size(18) do
				output.fill_color h[:color]
				text h[:title], :style => :bold
				output.fill_color "000000"
			end

			text "\n"

			h[:values].each do |f|
				plugin = Plugin.find_by_id(f.plugin_id)

				references = Reference.where(:plugin_id => plugin.id).group(:value).order(:reference_name)

				output.font_size(16) do
					text "#{plugin.plugin_name}\n"
				end

				text "Host", :style => :bold

				ho = Host.find_by_id(f.host_id)

				host_string = "#{ho.name}"
				host_string << " (#{ho.fqdn})" if ho.fqdn != nil

				text host_string

				if f.plugin_output != nil
					text "\nPlugin output", :style => :bold
					text f.plugin_output
				end

				if plugin.description != nil
					text "\nDescription", :style => :bold
					text plugin.description.gsub(/[ ]{2,}/, " "), :inline_format => true
				end

				if plugin.synopsis != nil
					text "\nSynopsis", :style => :bold
					text plugin.synopsis
				end

				if plugin.cvss_base_score != nil
					text "\nCVSS Base Score", :style => :bold
					text plugin.cvss_base_score
				end

				if plugin.exploit_available != nil
					text "\nExploit Available", :style => :bold

					plugin.exploit_available? ? "Yes" : "No"
				end

				if plugin.solution != nil
					text "\nSolution", :style => :bold
					text plugin.solution
				end

				if references.size != 0
					text "\nReferences", :style => :bold
					text plugin.references.reference_string, :inline_format => true
					plugin_url = "http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{plugin.id}"
					text "<b>nessus_plugin</b>: #{plugin_url}", :inline_format => true, :link => plugin_url
				end

				text "\n"
			end
		end

		output.start_new_page if unique_risks[index+1] != nil
	end

	output.number_pages "<page> of <total>", :at => [output.bounds.right - 75, 0], :width => 150, :page_filter => :all
end

Class: Risu::Templates::MaliciousProcessDetection

Instance Attribute Summary

Attributes inherited from Base::TemplateBase

Instance Method Summary collapse

Methods included from TemplateHelper

Methods included from ScanHelper

Methods included from SharesTemplateHelper

Methods included from GraphTemplateHelper

Methods included from MalwareTemplateHelper

Methods included from HostTemplateHelper

Methods inherited from Base::TemplateBase

Constructor Details

#initialize ⇒ MaliciousProcessDetection

Instance Method Details

#render(output) ⇒ Object

#initialize ⇒ `MaliciousProcessDetection`

#render(output) ⇒ `Object`