Class: Risu::Templates::StigFindingsSummaryTemplate

Inherits:
Base::TemplateBase show all
Includes:
TemplateHelper
Defined in:
lib/risu/templates/stig_findings_summary.rb

Instance Attribute Summary

Attributes inherited from Base::TemplateBase

#output, #template_info

Instance Method Summary collapse

Methods included from TemplateHelper

#default_credential_plugins, #default_credentials_appendix_section, #default_credentials_section, #definition, #has_default_credentials?, #heading1, #heading2, #heading3, #heading4, #heading5, #heading6, #item_count_by_plugin_id, #item_count_by_plugin_name, #new_page, #report_author, #report_classification, #report_subtitle, #report_title, #table, #text, #title

Methods included from ScanHelper

#authenticated_count, #scan_info_to_hash

Methods included from SharesTemplateHelper

#anon_ftp_count, #anon_ftp_section, #anon_smb_count, #anon_smb_query, #anon_smb_section, #shares_appendix_section, #shares_section, #shares_section_has_findings?

Methods included from GraphTemplateHelper

#other_os_graph_page, #risks_by_service_graph_page, #risks_by_severity_graph_page, #root_cause_graph_page, #windows_os_graph_page

Methods included from MalwareTemplateHelper

#conficker_appendix_section, #conficker_count, #conficker_section, #known_malicious_process_appendix_section, #known_malicious_process_count, #known_malicious_process_section, #malware_appendix_section, #malware_section

Methods included from HostTemplateHelper

#unsupported_os, #unsupported_os_appendix_section

Methods inherited from Base::TemplateBase

inherited

Constructor Details

#initializeStigFindingsSummaryTemplate

Returns a new instance of StigFindingsSummaryTemplate.



27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 27

def initialize
	@template_info =
	{
		:name => "stig_findings_summary",
		:author => "hammackj",
		:version => "0.0.5",
		:renderer => "PDF",
		:description => "DISA Stig findings summary report"
	}

	@output = nil
end

Instance Method Details

#headerObject 



40
41
42
43
44
45
46
47
48
49
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 40

def header
	text Report.classification.upcase, :align => :center
	text "\n"

	report_title Report.title
	report_subtitle "Stig Findings Summary"
	report_author "This report was prepared by\n#{Report.author}"

	text "\n\n\n"
end

#host_list_from_plugin_id(plugin_id) ⇒ Object

Creates a list of hosts from an list of Items

Parameters:

  • items 


54
55
56
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 54

def host_list_from_plugin_id(plugin_id)
		Host.where('id IN (:hosts)', :hosts => Item.where(:plugin_id => plugin_id).select(:host_id).select('host_id AS id'))
end

#host_list_text(hosts) ⇒ Object 



61
62
63
64
65
66
67
68
69
70
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 61

def host_list_text(hosts)
	host_string = ""
	hosts.all.each do |host|
		host_string << "#{host.ip}"
		host_string << " (#{host.netbios})" if host.netbios
		host_string << ", "
	end

	return host_string.chomp!(", ")
end

#ref_string(ref) ⇒ Object 



108
109
110
111
112
113
114
115
116
117
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 108

def ref_string ref
	return "" if ref == nil

	ref_string = ""
	ref.each do |r|
		ref_string << r.value + ", "
	end

	ref_string.chomp!(", ")
end

#render(output) ⇒ Object 



119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 119

def render output
	header

	if Item.stig_findings("I").count > 0
		text "<color rgb='551A8B'>Category I Findings</color>", :size => 18, :style => :bold, :inline_format => true
		stig_findings_text("I")
	end

	if Item.stig_findings("II").count > 0
		@output.start_new_page
		text "<color rgb='FF0000'>Category II Findings</color>", :size => 18, :style => :bold, :inline_format => true
		stig_findings_text("II")
	end

	if Item.stig_findings("III").count > 0
		@output.start_new_page
		text "<color rgb='FF8040'>Category III Findings</color>", :size => 18, :style => :bold, :inline_format => true
		stig_findings_text("III")
	end

	@output.number_pages "<page> of <total>", :at => [@output.bounds.right - 75, 0], :width => 150, :page_filter => :all
end

#stig_findings_text(category = "I") ⇒ Object

Generates STIG finding text for

Parameters:

  • category (defaults to: "I")

    I/II/III for each STIG severity



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'lib/risu/templates/stig_findings_summary.rb', line 75

def stig_findings_text(category="I")
	if category != "I" || category != "II" || category != "III"
		return
	end

	stigs = Item.stig_findings(category).group(:plugin_id)

	stigs.each do |stig|
		text "#{stig.plugin_name}", :size => 16
		hosts = host_list_from_plugin_id(stig.plugin_id)
		hosts_string = host_list_text(hosts)

		if hosts.count > 1
			text "<b>Hosts</b>: #{hosts_string}", :inline_format => true
		else
			text "<b>Host</b>: #{hosts_string}", :inline_format => true
		end

		text "<b>Risk</b>: #{stig.plugin.risk_factor}", :inline_format => true
		text "<b>CVE Reference</b>: #{ref_string(stig.plugin.references.cve)}", :inline_format => true
		text "<b>IAVA Reference</b>: #{ref_string(stig.plugin.references.iava)}", :inline_format => true

		if stig.plugin.description != nil
			text "\nDescription:", :style => :bold
			text stig.plugin.description
		end

		text "\n"
	end
end