Class: Rex::Parser::NexposeXMLStreamParser

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/parser/nexpose_xml.rb

Overview

XXX doesn’t tie services to vulns

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(callback = nil) ⇒ NexposeXMLStreamParser

Returns a new instance of NexposeXMLStreamParser.

[View source]

10
11
12
13
# File 'lib/rex/parser/nexpose_xml.rb', line 10

def initialize(callback = nil)
  reset_state
  self.callback = callback if callback
end

Instance Attribute Details

#callbackObject

Returns the value of attribute callback.


8
9
10
# File 'lib/rex/parser/nexpose_xml.rb', line 8

def callback
  @callback
end

Instance Method Details

#attlistObject

:nodoc:

[View source]

129
130
# File 'lib/rex/parser/nexpose_xml.rb', line 129

def attlist # :nodoc:
end

#cdataObject

:nodoc:

[View source]

123
124
# File 'lib/rex/parser/nexpose_xml.rb', line 123

def cdata # :nodoc:
end

#comment(str) ⇒ Object

:nodoc:

[View source]

125
126
# File 'lib/rex/parser/nexpose_xml.rb', line 125

def comment(str) # :nodoc:
end

#instruction(name, instruction) ⇒ Object

:nodoc:

[View source]

127
128
# File 'lib/rex/parser/nexpose_xml.rb', line 127

def instruction(name, instruction) # :nodoc:
end

#parse_vulnerable_states_only(only_vuln_states_needed) ⇒ Object

If all vuln states are required set this to false

[View source]

25
26
27
# File 'lib/rex/parser/nexpose_xml.rb', line 25

def parse_vulnerable_states_only only_vuln_states_needed
  @only_vuln_states_needed = only_vuln_states_needed
end

#reset_stateObject

[View source]

15
16
17
18
19
20
21
22
# File 'lib/rex/parser/nexpose_xml.rb', line 15

def reset_state
  @state = :generic_state
  @only_vuln_states_needed = true
  @current_vuln_id = nil
  @vulnerable_markers = ['vulnerable-exploited', 'vulnerable-version', 'potential']
  @host = {"status" => nil, "endpoints" => [], "names" => [], "vulns" => {}}
  @vuln = {"refs" => [], "description" => [], "solution" => []}
end

#tag_end(name) ⇒ Object

[View source]

107
108
109
110
111
112
113
114
115
116
117
118
# File 'lib/rex/parser/nexpose_xml.rb', line 107

def tag_end(name)
  case name
  when "node"
    callback.call(:host, @host) if callback
    reset_state
  when "vulnerability"
    callback.call(:vuln, @vuln) if callback
    reset_state
  when "service","reference","names"
    @state = :generic_state
  end
end

#tag_start(name, attributes) ⇒ Object

[View source]

29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# File 'lib/rex/parser/nexpose_xml.rb', line 29

def tag_start(name, attributes)
  case name
  when "node"
    @host["hardware-address"] = attributes["hardware-address"]
    @host["addr"] = attributes["address"]
    @host["status"] = attributes["status"]
  when "os"
    # Take only the highest certainty
    if not @host["os_certainty"] or (@host["os_certainty"].to_f < attributes["certainty"].to_f)
      @host["os_vendor"]    = attributes["vendor"]
      @host["os_family"]    = attributes["family"]
      @host["os_product"]   = attributes["product"]
      @host["os_version"]   = attributes["version"]
      @host["arch"]         = attributes["arch"]
      @host["os_certainty"] = attributes["certainty"]
    end
  when "name"
    #@host["names"].push attributes["name"]
    @state = :in_name
  when "endpoint"
    # This is a port in NeXpose parlance
    @host["endpoints"].push(attributes)
  when "service"
    @state = :in_service
    # Store any service info with the associated port.  There shouldn't
    # be any collisions on attribute names here, so just merge them.
    @host["endpoints"].last.merge!(attributes)
  when "fingerprint"
    if @state == :in_service
      @host["endpoints"].last.merge!(attributes)
    end
    when "test"
      if (not @only_vuln_states_needed) or (@vulnerable_markers.include? attributes["status"].to_s.chomp and @only_vuln_states_needed)
        @state = :in_test
        @current_vuln_id = attributes["id"]
        @host["vulns"][@current_vuln_id] = attributes.dup
        # Append the endpoint info for how the vuln was discovered
        unless @host["endpoints"].empty?
          @host["vulns"][@current_vuln_id].merge!("endpoint_data" => @host["endpoints"].last)
        end
        if attributes["key"]
          @host["notes"] ||= []
          @host["notes"] << [@current_vuln_id, attributes["key"]]
        end
      end
    when "vulnerability"
      @vuln.merge! attributes
    when "reference"
      @state = :in_reference
      @vuln["refs"].push attributes
    when "solution"
      @state = :in_solution
    when "description"
      @state = :in_description
    when "URLLink"
      @vuln["solution"] << attributes
  end
end

#text(str) ⇒ Object

[View source]

88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# File 'lib/rex/parser/nexpose_xml.rb', line 88

def text(str)
  case @state
  when :in_name
    @host["names"].push str
  when :in_reference
    @vuln["refs"].last["value"] = str
  when :in_solution
    @vuln["solution"] << str
  when :in_description
    @vuln["description"] << str
  when :in_test
    if @host["vulns"][@current_vuln_id]
       proof = @host["vulns"][@current_vuln_id]["proof"] || []
       proof << str
       @host["vulns"][@current_vuln_id]["proof"] = proof
    end
  end
end

#xmldecl(version, encoding, standalone) ⇒ Object

We don’t need these methods, but they’re necessary to keep REXML happy

[View source]

121
122
# File 'lib/rex/parser/nexpose_xml.rb', line 121

def xmldecl(version, encoding, standalone) # :nodoc:
end