Class: Rex::Parser::NexposeXMLStreamParser

Inherits:

Object

• Object
• Rex::Parser::NexposeXMLStreamParser

Defined in:

lib/rex/parser/nexpose_xml.rb

Overview

XXX doesn’t tie services to vulns

Instance Attribute Summary

• #callback ⇒ Object

  Returns the value of attribute callback.

Instance Method Summary

• #attlist ⇒ Object

  :nodoc:.

• #cdata ⇒ Object

  :nodoc:.

• #comment(str) ⇒ Object

  :nodoc:.

• #initialize(callback = nil) ⇒ NexposeXMLStreamParser constructor

  A new instance of NexposeXMLStreamParser.

• #instruction(name, instruction) ⇒ Object

  :nodoc:.

• #parse_vulnerable_states_only(only_vuln_states_needed) ⇒ Object

  If all vuln states are required set this to false.

• #reset_state ⇒ Object
• #tag_end(name) ⇒ Object
• #tag_start(name, attributes) ⇒ Object
• #text(str) ⇒ Object
• #xmldecl(version, encoding, standalone) ⇒ Object

  We don’t need these methods, but they’re necessary to keep REXML happy.

Constructor Details

#initialize(callback = nil) ⇒ NexposeXMLStreamParser

Returns a new instance of NexposeXMLStreamParser.

# File 'lib/rex/parser/nexpose_xml.rb', line 9

def initialize(callback = nil)
	reset_state
	self.callback = callback if callback
end

Instance Attribute Details

#callback ⇒ Object

Returns the value of attribute callback.

# File 'lib/rex/parser/nexpose_xml.rb', line 7

def callback
  @callback
end

Instance Method Details

#attlist ⇒ Object

:nodoc:

# File 'lib/rex/parser/nexpose_xml.rb', line 128

def attlist # :nodoc:
end

#cdata ⇒ Object

:nodoc:

# File 'lib/rex/parser/nexpose_xml.rb', line 122

def cdata # :nodoc:
end

#comment(str) ⇒ Object

:nodoc:

# File 'lib/rex/parser/nexpose_xml.rb', line 124

def comment(str) # :nodoc:
end

#instruction(name, instruction) ⇒ Object

:nodoc:

# File 'lib/rex/parser/nexpose_xml.rb', line 126

def instruction(name, instruction) # :nodoc:
end

#parse_vulnerable_states_only(only_vuln_states_needed) ⇒ Object

If all vuln states are required set this to false

# File 'lib/rex/parser/nexpose_xml.rb', line 24

def parse_vulnerable_states_only only_vuln_states_needed
	@only_vuln_states_needed = only_vuln_states_needed
end

#reset_state ⇒ Object

# File 'lib/rex/parser/nexpose_xml.rb', line 14

def reset_state
	@state = :generic_state
	@only_vuln_states_needed = true
	@current_vuln_id = nil
	@vulnerable_markers = ['vulnerable-exploited', 'vulnerable-version', 'potential']
	@host = {"status" => nil, "endpoints" => [], "names" => [], "vulns" => {}}
	@vuln = {"refs" => [], "description" => [], "solution" => []}
end

#tag_end(name) ⇒ Object

# File 'lib/rex/parser/nexpose_xml.rb', line 106

def tag_end(name)
	case name
	when "node"
		callback.call(:host, @host) if callback
		reset_state
	when "vulnerability"
		callback.call(:vuln, @vuln) if callback
		reset_state
	when "service","reference","names"
		@state = :generic_state
	end
end

#tag_start(name, attributes) ⇒ Object

# File 'lib/rex/parser/nexpose_xml.rb', line 28

def tag_start(name, attributes)
	case name
	when "node"
		@host["hardware-address"] = attributes["hardware-address"]
		@host["addr"] = attributes["address"]
		@host["status"] = attributes["status"]
	when "os"
		# Take only the highest certainty
		if not @host["os_certainty"] or (@host["os_certainty"].to_f < attributes["certainty"].to_f)
			@host["os_vendor"]    = attributes["vendor"]
			@host["os_family"]    = attributes["family"]
			@host["os_product"]   = attributes["product"]
			@host["os_version"]   = attributes["version"]
			@host["arch"]         = attributes["arch"]
			@host["os_certainty"] = attributes["certainty"]
		end
	when "name"
		#@host["names"].push attributes["name"]
		@state = :in_name
	when "endpoint"
		# This is a port in NeXpose parlance
		@host["endpoints"].push(attributes)
	when "service"
		@state = :in_service
		# Store any service info with the associated port.  There shouldn't
		# be any collisions on attribute names here, so just merge them.
		@host["endpoints"].last.merge!(attributes)
	when "fingerprint"
		if @state == :in_service
			@host["endpoints"].last.merge!(attributes)
		end
		when "test"
			if (not @only_vuln_states_needed) or (@vulnerable_markers.include? attributes["status"].to_s.chomp and @only_vuln_states_needed)
				@state = :in_test
				@current_vuln_id = attributes["id"]
				@host["vulns"][@current_vuln_id] = attributes.dup
				# Append the endpoint info for how the vuln was discovered
				unless @host["endpoints"].empty?
					@host["vulns"][@current_vuln_id].merge!("endpoint_data" => @host["endpoints"].last)
				end
				if attributes["key"]
					@host["notes"] ||= []
					@host["notes"] << [@current_vuln_id, attributes["key"]]
				end
			end
		when "vulnerability"
			@vuln.merge! attributes
		when "reference"
			@state = :in_reference
			@vuln["refs"].push attributes
		when "solution"
			@state = :in_solution
		when "description"
			@state = :in_description
		when "URLLink"
			@vuln["solution"] << attributes
	end
end

#text(str) ⇒ Object

# File 'lib/rex/parser/nexpose_xml.rb', line 87

def text(str)
	case @state
	when :in_name
		@host["names"].push str
	when :in_reference
		@vuln["refs"].last["value"] = str
   when :in_solution
     @vuln["solution"] << str
   when :in_description
     @vuln["description"] << str
   when :in_test
     if @host["vulns"][@current_vuln_id]
        proof = @host["vulns"][@current_vuln_id]["proof"] || []
        proof << str
        @host["vulns"][@current_vuln_id]["proof"] = proof
     end
   end
end

#xmldecl(version, encoding, standalone) ⇒ Object

We don’t need these methods, but they’re necessary to keep REXML happy

# File 'lib/rex/parser/nexpose_xml.rb', line 120

def xmldecl(version, encoding, standalone) # :nodoc:
end