5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# File 'lib/parsers/nmap.rb', line 5
def parse(xml,threshold)
vulns = Hash.new
findings = Array.new
items = Array.new
doc = Nokogiri::XML(xml)
doc.css("//host").each do |hostnode|
address = hostnode.css("address")
host = address.attr("addr")
host = " " unless host
vulns[host] = []
affected_hosts = ""
hostnode.css("/hostnames").each do |hname|
hostname = hname.attr("hostname")
hname.traverse do |x|
if x.values[0]
if affected_hosts == ""
affected_hosts = x.values[0]
else
affected_hosts = affected_hosts + " " + x.values[0]
end
end
end
finding = Finding.new()
finding.affected_hosts = affected_hosts
vulns[host] << finding.to_hash
hostnode.css("/ports/port").each do |port|
proto = port.attr("protocol")
portid = port.attr("portid")
state = port.css("/state").attr("state").value
service = port.css("/service").attr("name").value
finding = Finding.new()
finding.affected_hosts = affected_hosts
if port.css("/script").size > 0
finding.title = "Script Scan:"+port.css("/script").attr("id").value+" [#{state} #{portid} (#{service})]"
finding.overview = port.css("/script").attr("output").value
vulns[host] << finding.to_hash
else
if state == "open"
finding.title = "Open port [#{state} #{portid} (#{service})]"
vulns[host] << finding.to_hash
end
end
end
end
items = []
end
return vulns.to_json
end
|