Luke Imhoff
parent
cceec8eb53
commit
b43035145d
|
|
@ -1930,144 +1930,6 @@ module Msf::DBManager::Import
|
|||
|
||||
protected
|
||||
|
||||
#
|
||||
# This holds all of the shared parsing/handling used by the
|
||||
# Nessus NBE and NESSUS v1 methods
|
||||
#
|
||||
def handle_nessus(wspace, hobj, port, nasl, plugin_name, severity, data,task=nil)
|
||||
addr = hobj.address
|
||||
# The port section looks like:
|
||||
# http (80/tcp)
|
||||
p = port.match(/^([^\(]+)\((\d+)\/([^\)]+)\)/)
|
||||
return if not p
|
||||
|
||||
# Unnecessary as the caller should already have reported this host
|
||||
#report_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive)
|
||||
name = p[1].strip
|
||||
port = p[2].to_i
|
||||
proto = p[3].downcase
|
||||
|
||||
info = { :workspace => wspace, :host => hobj, :port => port, :proto => proto, :task => task }
|
||||
if name != "unknown" and name[-1,1] != "?"
|
||||
info[:name] = name
|
||||
end
|
||||
report_service(info)
|
||||
|
||||
if nasl.nil? || nasl.empty? || nasl == 0 || nasl == "0"
|
||||
return
|
||||
end
|
||||
|
||||
data.gsub!("\\n", "\n")
|
||||
|
||||
refs = []
|
||||
|
||||
if (data =~ /^CVE : (.*)$/)
|
||||
$1.gsub(/C(VE|AN)\-/, '').split(',').map { |r| r.strip }.each do |r|
|
||||
refs.push('CVE-' + r)
|
||||
end
|
||||
end
|
||||
|
||||
if (data =~ /^BID : (.*)$/)
|
||||
$1.split(',').map { |r| r.strip }.each do |r|
|
||||
refs.push('BID-' + r)
|
||||
end
|
||||
end
|
||||
|
||||
if (data =~ /^Other references : (.*)$/)
|
||||
$1.split(',').map { |r| r.strip }.each do |r|
|
||||
ref_id, ref_val = r.split(':')
|
||||
ref_val ? refs.push(ref_id + '-' + ref_val) : refs.push(ref_id)
|
||||
end
|
||||
end
|
||||
|
||||
nss = 'NSS-' + nasl.to_s.strip
|
||||
refs << nss
|
||||
|
||||
unless plugin_name.to_s.strip.empty?
|
||||
vuln_name = plugin_name
|
||||
else
|
||||
vuln_name = nss
|
||||
end
|
||||
|
||||
vuln_info = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:port => port,
|
||||
:proto => proto,
|
||||
:name => vuln_name,
|
||||
:info => data,
|
||||
:refs => refs,
|
||||
:task => task,
|
||||
}
|
||||
report_vuln(vuln_info)
|
||||
end
|
||||
|
||||
#
|
||||
# NESSUS v2 file format has a dramatically different layout
|
||||
# for ReportItem data
|
||||
#
|
||||
def handle_nessus_v2(wspace,hobj,port,proto,name,nasl,nasl_name,severity,description,cve,bid,xref,msf,task=nil)
|
||||
addr = hobj.address
|
||||
|
||||
info = { :workspace => wspace, :host => hobj, :port => port, :proto => proto, :task => task }
|
||||
|
||||
unless name =~ /^unknown$|\?$/
|
||||
info[:name] = name
|
||||
end
|
||||
|
||||
if port.to_i != 0
|
||||
report_service(info)
|
||||
end
|
||||
|
||||
if nasl.nil? || nasl.empty? || nasl == 0 || nasl == "0"
|
||||
return
|
||||
end
|
||||
|
||||
refs = []
|
||||
|
||||
cve.each do |r|
|
||||
r.to_s.gsub!(/C(VE|AN)\-/, '')
|
||||
refs.push('CVE-' + r.to_s)
|
||||
end if cve
|
||||
|
||||
bid.each do |r|
|
||||
refs.push('BID-' + r.to_s)
|
||||
end if bid
|
||||
|
||||
xref.each do |r|
|
||||
ref_id, ref_val = r.to_s.split(':')
|
||||
ref_val ? refs.push(ref_id + '-' + ref_val) : refs.push(ref_id)
|
||||
end if xref
|
||||
|
||||
msfref = "MSF-" << msf if msf
|
||||
refs.push msfref if msfref
|
||||
|
||||
nss = 'NSS-' + nasl
|
||||
if nasl_name.nil? || nasl_name.empty?
|
||||
vuln_name = nss
|
||||
else
|
||||
vuln_name = nasl_name
|
||||
end
|
||||
|
||||
refs << nss.strip
|
||||
|
||||
vuln = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:name => vuln_name,
|
||||
:info => description ? description : "",
|
||||
:refs => refs,
|
||||
:task => task,
|
||||
}
|
||||
|
||||
if port.to_i != 0
|
||||
vuln[:port] = port
|
||||
vuln[:proto] = proto
|
||||
end
|
||||
|
||||
report_vuln(vuln)
|
||||
end
|
||||
|
||||
def process_nexpose_data_sxml_refs(vuln)
|
||||
refs = []
|
||||
vid = vuln.attributes['id'].to_s.downcase
|
||||
|
|
|
|||
|
|
@ -4,4 +4,78 @@ module Msf::DBManager::Import::Nessus
|
|||
|
||||
include Msf::DBManager::Import::Nessus::NBE
|
||||
include Msf::DBManager::Import::Nessus::XML
|
||||
|
||||
protected
|
||||
|
||||
#
|
||||
# This holds all of the shared parsing/handling used by the
|
||||
# Nessus NBE and NESSUS v1 methods
|
||||
#
|
||||
def handle_nessus(wspace, hobj, port, nasl, plugin_name, severity, data,task=nil)
|
||||
addr = hobj.address
|
||||
# The port section looks like:
|
||||
# http (80/tcp)
|
||||
p = port.match(/^([^\(]+)\((\d+)\/([^\)]+)\)/)
|
||||
return if not p
|
||||
|
||||
# Unnecessary as the caller should already have reported this host
|
||||
#report_host(:workspace => wspace, :host => addr, :state => Msf::HostState::Alive)
|
||||
name = p[1].strip
|
||||
port = p[2].to_i
|
||||
proto = p[3].downcase
|
||||
|
||||
info = { :workspace => wspace, :host => hobj, :port => port, :proto => proto, :task => task }
|
||||
if name != "unknown" and name[-1,1] != "?"
|
||||
info[:name] = name
|
||||
end
|
||||
report_service(info)
|
||||
|
||||
if nasl.nil? || nasl.empty? || nasl == 0 || nasl == "0"
|
||||
return
|
||||
end
|
||||
|
||||
data.gsub!("\\n", "\n")
|
||||
|
||||
refs = []
|
||||
|
||||
if (data =~ /^CVE : (.*)$/)
|
||||
$1.gsub(/C(VE|AN)\-/, '').split(',').map { |r| r.strip }.each do |r|
|
||||
refs.push('CVE-' + r)
|
||||
end
|
||||
end
|
||||
|
||||
if (data =~ /^BID : (.*)$/)
|
||||
$1.split(',').map { |r| r.strip }.each do |r|
|
||||
refs.push('BID-' + r)
|
||||
end
|
||||
end
|
||||
|
||||
if (data =~ /^Other references : (.*)$/)
|
||||
$1.split(',').map { |r| r.strip }.each do |r|
|
||||
ref_id, ref_val = r.split(':')
|
||||
ref_val ? refs.push(ref_id + '-' + ref_val) : refs.push(ref_id)
|
||||
end
|
||||
end
|
||||
|
||||
nss = 'NSS-' + nasl.to_s.strip
|
||||
refs << nss
|
||||
|
||||
unless plugin_name.to_s.strip.empty?
|
||||
vuln_name = plugin_name
|
||||
else
|
||||
vuln_name = nss
|
||||
end
|
||||
|
||||
vuln_info = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:port => port,
|
||||
:proto => proto,
|
||||
:name => vuln_name,
|
||||
:info => data,
|
||||
:refs => refs,
|
||||
:task => task,
|
||||
}
|
||||
report_vuln(vuln_info)
|
||||
end
|
||||
end
|
||||
|
|
@ -92,4 +92,72 @@ module Msf::DBManager::Import::Nessus::XML::V2
|
|||
REXML::Document.parse_stream(data, parser)
|
||||
|
||||
end
|
||||
|
||||
protected
|
||||
|
||||
#
|
||||
# NESSUS v2 file format has a dramatically different layout
|
||||
# for ReportItem data
|
||||
#
|
||||
def handle_nessus_v2(wspace,hobj,port,proto,name,nasl,nasl_name,severity,description,cve,bid,xref,msf,task=nil)
|
||||
addr = hobj.address
|
||||
|
||||
info = { :workspace => wspace, :host => hobj, :port => port, :proto => proto, :task => task }
|
||||
|
||||
unless name =~ /^unknown$|\?$/
|
||||
info[:name] = name
|
||||
end
|
||||
|
||||
if port.to_i != 0
|
||||
report_service(info)
|
||||
end
|
||||
|
||||
if nasl.nil? || nasl.empty? || nasl == 0 || nasl == "0"
|
||||
return
|
||||
end
|
||||
|
||||
refs = []
|
||||
|
||||
cve.each do |r|
|
||||
r.to_s.gsub!(/C(VE|AN)\-/, '')
|
||||
refs.push('CVE-' + r.to_s)
|
||||
end if cve
|
||||
|
||||
bid.each do |r|
|
||||
refs.push('BID-' + r.to_s)
|
||||
end if bid
|
||||
|
||||
xref.each do |r|
|
||||
ref_id, ref_val = r.to_s.split(':')
|
||||
ref_val ? refs.push(ref_id + '-' + ref_val) : refs.push(ref_id)
|
||||
end if xref
|
||||
|
||||
msfref = "MSF-" << msf if msf
|
||||
refs.push msfref if msfref
|
||||
|
||||
nss = 'NSS-' + nasl
|
||||
if nasl_name.nil? || nasl_name.empty?
|
||||
vuln_name = nss
|
||||
else
|
||||
vuln_name = nasl_name
|
||||
end
|
||||
|
||||
refs << nss.strip
|
||||
|
||||
vuln = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:name => vuln_name,
|
||||
:info => description ? description : "",
|
||||
:refs => refs,
|
||||
:task => task,
|
||||
}
|
||||
|
||||
if port.to_i != 0
|
||||
vuln[:port] = port
|
||||
vuln[:proto] = proto
|
||||
end
|
||||
|
||||
report_vuln(vuln)
|
||||
end
|
||||
end
|
||||
Loading…
Reference in New Issue