Class: RubyNessus::Version2::Event

Inherits:

Object

• Object
• RubyNessus::Version2::Event

Defined in:

lib/ruby-nessus/version2/event.rb

Instance Method Summary

• #bid ⇒ Array<String>^?

  Return the event bid.

• #canvas_package ⇒ String^?

  Return the name of the CANVAS exploit package.

• #cpe ⇒ Array<String>

  Return the event cpe.

• #critical? ⇒ Boolean

  Return true if the event is of critical severity.

• #cve ⇒ Array<String>^?

  Return the event cve.

• #cvss_base_score ⇒ float^?

  Return the event cvss base score.

• #cvss_temporal_score ⇒ float^?

  Return the event cvss temporal score.

• #cvss_vector ⇒ String^?

  Return other event cvss vector.

• #description ⇒ String^?

  Return the event description.

• #exploit_available ⇒ Boolean

  Return event exploit available.

• #exploit_framework_canvas ⇒ Boolean

  Return if an exploit exists in the Immunity CANVAS framework.

• #exploit_framework_core ⇒ Boolean

  Return if an exploit exploit exists in the CORE Impact framework.

• #exploit_framework_metasploit ⇒ Boolean

  Return if an exploit exploit exists in the Metasploit framework.

• #exploitability_ease ⇒ String^?

  Return event exploitability ease.

• #family ⇒ String (also: #plugin_family)

  Return the event object plugin family name.

• #high? ⇒ Boolean

  Return true if the event is of high severity.

• #id ⇒ Integer (also: #plugin_id)

  Return the event object nessus plugin id.

• #informational? ⇒ Boolean

  Return true if event is of informational severity.

• #initialize(event) ⇒ Event constructor

  A new instance of Event.

• #low? ⇒ Boolean

  Return true if the event is of low severity.

• #medium? ⇒ Boolean

  Return true if the event is of medium severity.

• #metasploit_name ⇒ String^?

  Return name of the Metasploit exploit module.

• #output ⇒ String^? (also: #data, #plugin_output)

  Return the event plugin output.

• #patch_publication_date ⇒ Time^?

  Return the event patch publication date.

• #plugin_name ⇒ String^? (also: #name)

  Return the event name (plugin_name).

• #plugin_type ⇒ String^?

  Return the event object plugin type (plugin_type).

• #port ⇒ Object

  Return the event port.

• #risk ⇒ String^?

  Return the event risk.

• #see_also ⇒ Array<String> (also: #links, #more, #references)

  Return the event reference links.

• #severity ⇒ Integer

  Return the event severity.

• #solution ⇒ String^?

  Return the event solution.

• #synopsis ⇒ String^?

  Return the event synopsis.

• #version ⇒ String^? (also: #plugin_version)

  Return the event plugin version.

• #vuln_publication_date ⇒ Time^?

  Return the event vulnerability publication date.

• #xref ⇒ Array<String>

  Return other event related references.

Constructor Details

#initialize(event) ⇒ Event

Returns a new instance of Event.

# File 'lib/ruby-nessus/version2/event.rb', line 8

def initialize(event)
  @event = event
end

Instance Method Details

#bid ⇒ Array<String>^?

Return the event bid.

Returns:

• (Array<String>, nil) —

  Return the event bid.

# File 'lib/ruby-nessus/version2/event.rb', line 286

def bid
  unless @bid
    @bid = []
    @event.xpath('bid').each do |bid|
      @bid << bid.inner_text
    end
    @bid = nil if @bid.empty?
  end
  @bid
end

#canvas_package ⇒ String^?

Return the name of the CANVAS exploit package

Returns:

• (String, nil) —

  Return the canvas_package.

# File 'lib/ruby-nessus/version2/event.rb', line 375

def canvas_package
  @canvas_package ||= @event.at('canvas_package')&.inner_text
end

#cpe ⇒ Array<String>

Return the event cpe.

Returns:

• (Array<String>) —

  Return the event cpe.

# File 'lib/ruby-nessus/version2/event.rb', line 329

def cpe
  unless @cpe
    @cpe = []
    @event.xpath('cpe').each do |cpe|
      @cpe << cpe.inner_text
    end
  end
  @cpe
end

#critical? ⇒ Boolean

Return true if the event is of critical severity.

Returns:

• (Boolean) —

  Return true if the event is critical severity.

# File 'lib/ruby-nessus/version2/event.rb', line 87

def critical?
  severity == 4
end

#cve ⇒ Array<String>^?

Return the event cve.

Returns:

• (Array<String>, nil) —

  Return the event cvss base score.

# File 'lib/ruby-nessus/version2/event.rb', line 269

def cve
  unless @cve
    @cve = []
    @event.xpath('cve').each do |cve|
      @cve << cve.inner_text
    end
    @cve = nil if @cve.empty?
  end
  @cve
end

#cvss_base_score ⇒ float^?

Return the event cvss base score.

Returns:

• (float, nil) —

  Return the event cvss base score.

# File 'lib/ruby-nessus/version2/event.rb', line 249

def cvss_base_score
  @cvss_base_score ||= @event.at('cvss_base_score')&.inner_text.to_f
end

#cvss_temporal_score ⇒ float^?

Return the event cvss temporal score.

Returns:

• (float, nil) —

  Return the event cvss temporal score.

# File 'lib/ruby-nessus/version2/event.rb', line 259

def cvss_temporal_score
  @cvss_temporal_score ||= @event.at('cvss_temporal_score')&.inner_text.to_f
end

#cvss_vector ⇒ String^?

Return other event cvss vector.

Returns:

• (String, nil) —

  Return the event cvss vector.

# File 'lib/ruby-nessus/version2/event.rb', line 319

def cvss_vector
  @cvss_vector ||= @event.at('cvss_vector')&.inner_text
end

#description ⇒ String^?

Return the event description.

Returns:

• (String, nil) —

  Return the event description.

# File 'lib/ruby-nessus/version2/event.rb', line 163

def description
  @description ||= @event.at('description')&.inner_text
end

#exploit_available ⇒ Boolean

Return event exploit available.

Returns:

• (Boolean) —

  Return the event exploit available.

# File 'lib/ruby-nessus/version2/event.rb', line 355

def exploit_available
  @exploit_available ||= @event.at('exploit_available')&.inner_text == "true"
end

#exploit_framework_canvas ⇒ Boolean

Return if an exploit exists in the Immunity CANVAS framework.

Returns:

• (Boolean) —

  Return the event exploit framework canvas.

# File 'lib/ruby-nessus/version2/event.rb', line 365

def exploit_framework_canvas
  @exploit_framework_canvas ||= @event.at('exploit_framework_canvas')&.inner_text == "true"
end

#exploit_framework_core ⇒ Boolean

Return if an exploit exploit exists in the CORE Impact framework

Returns:

• (Boolean) —

  Return the event exploit framework core.

# File 'lib/ruby-nessus/version2/event.rb', line 405

def exploit_framework_core
  @exploit_framework_core ||= @event.at('exploit_framework_core')&.inner_text == "true"
end

#exploit_framework_metasploit ⇒ Boolean

Return if an exploit exploit exists in the Metasploit framework

Returns:

• (Boolean) —

  Return the event exploit framework metasploit.

# File 'lib/ruby-nessus/version2/event.rb', line 385

def exploit_framework_metasploit
  @exploit_framework_metasploit ||= @event.at('exploit_framework_metasploit')&.inner_text == "true"
end

#exploitability_ease ⇒ String^?

Return event exploitability ease.

Returns:

• (String, nil) —

  Return the event exploitability ease.

# File 'lib/ruby-nessus/version2/event.rb', line 345

def exploitability_ease
  @exploitability_ease ||= @event.at('exploitability_ease')&.inner_text
end

#family ⇒ String Also known as: plugin_family

Return the event object plugin family name.

Examples:

event.family #=> "Service detection"

Returns:

• (String) —

  Return the event object plugin family name.

# File 'lib/ruby-nessus/version2/event.rb', line 114

def family
  @plugin_family ||= @event.at('@pluginFamily').inner_text
end

#high? ⇒ Boolean

Return true if the event is of high severity.

Returns:

• (Boolean) —

  Return true if the event is high severity.

# File 'lib/ruby-nessus/version2/event.rb', line 77

def high?
  severity == 3
end

#id ⇒ Integer Also known as: plugin_id

Return the event object nessus plugin id

Examples:

event.plugin_id #=> 3245

Returns:

• (Integer) —

  Return the event object nessus plugin id

# File 'lib/ruby-nessus/version2/event.rb', line 100

def id
  @plugin_id ||= @event.at('@pluginID').inner_text.to_i
end

#informational? ⇒ Boolean

Return true if event is of informational severity.

Returns:

• (Boolean) —

  Return true if the event is informational.

# File 'lib/ruby-nessus/version2/event.rb', line 47

def informational?
  severity == 0
end

#low? ⇒ Boolean

Return true if the event is of low severity.

Returns:

• (Boolean) —

  Return true if the event is low severity.

# File 'lib/ruby-nessus/version2/event.rb', line 57

def low?
  severity == 1
end

#medium? ⇒ Boolean

Return true if the event is of medium severity.

Returns:

• (Boolean) —

  Return true if the event is medium severity.

# File 'lib/ruby-nessus/version2/event.rb', line 67

def medium?
  severity == 2
end

#metasploit_name ⇒ String^?

Return name of the Metasploit exploit module.

Returns:

• (String, nil) —

  Return the metasploit_name.

# File 'lib/ruby-nessus/version2/event.rb', line 395

def metasploit_name
  @metasploit_name ||= @event.at('metasploit_name')&.inner_text
end

#output ⇒ String^? Also known as: data, plugin_output

Return the event plugin output.

Returns:

• (String, nil) —

  Return the event plugin output.

# File 'lib/ruby-nessus/version2/event.rb', line 193

def output
  @plugin_output ||= @event.at('plugin_output')&.inner_text
end

#patch_publication_date ⇒ Time^?

Return the event patch publication date.

Returns:

• (Time, nil) —

  Return the event patch publication date.

# File 'lib/ruby-nessus/version2/event.rb', line 239

def patch_publication_date
  @patch_publication_date ||= Time.parse(@event.at('patch_publication_date').inner_text + ' UTC') if @event.at('patch_publication_date')
end

#plugin_name ⇒ String^? Also known as: name

Return the event name (plugin_name)

Examples:

event.plugin_name   #=> "PHP < 5.2.4 Multiple Vulnerabilities"
event.name          #=> "PHP < 5.2.4 Multiple Vulnerabilities"

Returns:

• (String, nil) —

  Return the event name (plugin_name)

# File 'lib/ruby-nessus/version2/event.rb', line 129

def plugin_name
  @plugin_name ||= @event.at('@pluginName')&.inner_text unless @event.at('@pluginName').inner_text.empty?
end

#plugin_type ⇒ String^?

Return the event object plugin type (plugin_type)

Examples:

event.plugin_type   #=> "remote"

Returns:

• (String, nil) —

  Return the event object plugin type (plugin_type)

# File 'lib/ruby-nessus/version2/event.rb', line 143

def plugin_type
  @plugin_type ||= @event.at('plugin_type')&.inner_text
end

#port ⇒ Object

Return the event port.

Examples:

event.port            #=> "https (443/tcp)"
event.port.number     #=> 443
event.port.service    #=> "https"
event.port.protocol   #=> "tcp"

Returns:

• (Object) —

  Return the event port object or port string.

# File 'lib/ruby-nessus/version2/event.rb', line 24

def port
  @port ||= Port.new(@event.at('@port'), @event.at('@svc_name'), @event.at('@protocol'))
end

#risk ⇒ String^?

Return the event risk.

Returns:

• (String, nil) —

  Return the event risk.

# File 'lib/ruby-nessus/version2/event.rb', line 183

def risk
  @risk_factor ||= @event.at('risk_factor')&.inner_text
end

#see_also ⇒ Array<String> Also known as: links, more, references

Return the event reference links.

Returns:

• (Array<String>) —

  Return the event reference links.

# File 'lib/ruby-nessus/version2/event.rb', line 216

def see_also
  @see_also ||= @event.at('see_also')&.inner_text&.split("\n")
end

#severity ⇒ Integer

Return the event severity.

Examples:

event.severity          #=> 3

Returns:

• (Integer) —

  Return the event severity.

# File 'lib/ruby-nessus/version2/event.rb', line 37

def severity
  @severity ||= @event.at('@severity').inner_text.to_i
end

#solution ⇒ String^?

Return the event solution.

Returns:

• (String, nil) —

  Return the event solution.

# File 'lib/ruby-nessus/version2/event.rb', line 173

def solution
  @solution ||= @event.at('solution')&.inner_text
end

#synopsis ⇒ String^?

Return the event synopsis.

Returns:

• (String, nil) —

  Return the event synopsis.

# File 'lib/ruby-nessus/version2/event.rb', line 153

def synopsis
  @synopsis ||= @event.at('synopsis')&.inner_text
end

#version ⇒ String^? Also known as: plugin_version

Return the event plugin version.

Returns:

• (String, nil) —

  Return the event plugin version.

# File 'lib/ruby-nessus/version2/event.rb', line 205

def version
  @plugin_version ||= @event.at('plugin_version')&.inner_text
end

#vuln_publication_date ⇒ Time^?

Return the event vulnerability publication date.

Returns:

• (Time, nil) —

  Return the event vulnerability publication date.

# File 'lib/ruby-nessus/version2/event.rb', line 229

def vuln_publication_date
  @vuln_publication_date ||= Time.parse(@event.at('vuln_publication_date').inner_text + ' UTC') if @event.at('vuln_publication_date')
end

#xref ⇒ Array<String>

Return other event related references.

Returns:

• (Array<String>) —

  Return the event related references.

# File 'lib/ruby-nessus/version2/event.rb', line 303

def xref
  unless @xref
    @xref = []
    @event.xpath('xref').each do |xref|
      @xref << xref.inner_text
    end
  end
  @xref
end