Add a warning when the imported vulnerability data is missing the service protocol/port (looks like just one vendor today has this problem).

git-svn-id: file:///home/svn/framework3/trunk@12381 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 18:33:27 +00:00 · 2011-04-20 18:33:27 +00:00 · 545025dbea
parent 41cc038eca
commit 545025dbea
2 changed files with 17 additions and 0 deletions
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@ -3457,6 +3457,11 @@ class DBManager
 		data = args[:data]
 		wspace = args[:wspace] || workspace
 		bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
+		
+		yield(:warning, 
+			"Warning: The Retina XML format does not associate vulnerabilities with the specific service on which they were found.\n" +
+			"         This makes it impossible to correlate exploits to discovered vulnerabilities in a reliable fashion."
+		)
 	
 		parser = Rex::Parser::RetinaXMLStreamParser.new
 		parser.on_found_host = Proc.new do |host|
--- a/lib/msf/ui/console/command_dispatcher/db.rb
+++ b/lib/msf/ui/console/command_dispatcher/db.rb
@ -1213,6 +1213,7 @@ class Db
 						next
 					end
 					begin
+						warnings = 0
 						framework.db.import_file(:filename => filename) do |type,data|
 							case type
 							when :filetype
@ -1231,9 +1232,20 @@ class Db
 								print_status("Import: #{data} packets processed")
 							when :record_count
 								print_status("Import: #{data[1]} records processed")
+							when :warning
+								print_error("")
+								data.split("\n").each do |line|
+									print_error(line)
+								end
+								print_error("")
+								warnings += 1
 							end
 						end
 						print_status("Successfully imported #{filename}")
+						
+						print_error("Please note that there were #{warnings} warnings") if warnings > 1
+						print_error("Please note that there was one warning") if warnings == 1
+
 					rescue DBImportError
 						print_error("Failed to import #{filename}: #{$!}")
 						elog("Failed to import #{filename}: #{$!.class}: #{$!}")