Class: Ronin::Advisory

Inherits:
Object
  • Object
show all
Includes:
Model
Defined in:
lib/ronin/advisory.rb

Overview

Represents a vulnerability Advisory, with a Publisher, Number and URL.

Since:

  • 1.0.0

Constant Summary collapse

URLS =

URL generators for various Advisory publishers

Since:

  • 1.0.0

{
  'CVE' => proc { |year,number|
    "https://web.nvd.nist.gov/view/vuln/detail?vulnId=#{year}-#{number}"
  },
  'OSVDB' => proc { |year,number|
    "https://osvdb.org/show/osvdb/#{number}"
  }
}
REGEXP =

Regexp for parsing Advisory identifiers

Since:

  • 1.0.0

/([A-Z][A-Z0-9]+)-(?:(\d+)-)?(\d+)/

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.[](identifier) ⇒ Advisory?

Searches for an Advisory.

Examples:

Advisory['CVE-2011-1337']
# => #<Ronin::Advisory: CVE-2011-1337>

Since:

  • 1.0.0


138
139
140
141
142
143
144
145
146
# File 'lib/ronin/advisory.rb', line 138

def self.[](identifier)
  publisher, year, number = split(identifier)

  return first(
    publisher: publisher,
    year:      year,
    number:    number
  )
end

.parse(identifier) ⇒ Advisory

Parses an Advisory identifier String.

Since:

  • 1.0.0


113
114
115
116
117
118
119
120
121
# File 'lib/ronin/advisory.rb', line 113

def self.parse(identifier)
  publisher, year, number = split(identifier)

  return first_or_new(
    publisher: publisher,
    year:      year,
    number:    number
  )
end

.split(identifier) ⇒ Array<publisher, year, number>

Splits an Advisory identifier String.

Examples:

Advisory.split('CVE-2011-1337')
# => ["CVE", "2011", "1337"]
Advisory.split('OSVDB-1337')
# => ["OSVDB", nil, "1337"]

Since:

  • 1.0.0


96
97
98
99
100
# File 'lib/ronin/advisory.rb', line 96

def self.split(identifier)
  if (match = identifier.match(REGEXP))
    [match[1], (match[2].to_i if match[2]), match[3].to_i]
  end
end

Instance Method Details

#inspectString

Inspects the advisory.

Since:

  • 1.0.0


198
199
200
# File 'lib/ronin/advisory.rb', line 198

def inspect
  "#<#{self.class}: #{self}>"
end

#to_aryArray<publisher, year, number>

Coerces the advisory into an Array.

Since:

  • 1.0.0


186
187
188
# File 'lib/ronin/advisory.rb', line 186

def to_ary
  [self.publisher, self.year, self.number]
end

#to_sString

Converts the advisory to a String.

Since:

  • 1.0.0


170
171
172
173
174
175
176
# File 'lib/ronin/advisory.rb', line 170

def to_s
  if self.year
    "#{self.publisher}-#{self.year}-#{self.number}"
  else
    "#{self.publisher}-#{self.number}"
  end
end

#urlString

Generates a URL for the advisory.

Since:

  • 1.0.0


156
157
158
159
160
# File 'lib/ronin/advisory.rb', line 156

def url
  if URLS.has_key?(self.publisher)
    URLS[self.publisher][self.year,self.number]
  end
end