module Risu::Templates::SharesTemplateHelper
Public Instance Methods
anon_ftp_count()
click to toggle source
# File lib/risu/base/shares_template_helper.rb, line 26 def anon_ftp_count begin return Item.where(:plugin_id => Plugin.where(:plugin_name => "Anonymous FTP Enabled").first.id).count rescue return 0 end end
anon_ftp_section()
click to toggle source
# File lib/risu/base/shares_template_helper.rb, line 35 def anon_ftp_section if anon_ftp_count() <= 0 return end heading2 "Anonymous FTP Detection" findings = Item.where(:plugin_id => Plugin.where(:plugin_name => "Anonymous FTP Enabled").first.id) findings.each do |finding| host = Host.find_by_id(finding.host_id) host_string = "#{host.name}" host_string << " (#{host.fqdn})" if host.fqdn != nil text "Host", :style => :bold text host_string text "\n" text "Plugin Output", :style => :bold text finding.plugin_output text "\n" end end
anon_smb_count()
click to toggle source
# File lib/risu/base/shares_template_helper.rb, line 69 def anon_smb_count count = 0 begin anon_smb_query().each do |finding| host = Host.find_by_id(finding.host_id) login = host.host_properties.where(:name => 'smb-login-used').first.value login = login.split("\\")[1] if login.include?("\\") if finding.plugin_output.include?("The following shares can be accessed as #{login}") # If the output was collect via the username that is authenitcated skip it. next end count = count + 1 end rescue return 0 end return count end
anon_smb_query()
click to toggle source
# File lib/risu/base/shares_template_helper.rb, line 64 def anon_smb_query return Item.where(:plugin_id => Plugin.where(:plugin_name => "Microsoft Windows SMB Shares Unprivileged Access").first.id) end
anon_smb_section()
click to toggle source
# File lib/risu/base/shares_template_helper.rb, line 93 def anon_smb_section if anon_smb_count() <= 0 return end heading2 "Anonymous SMB Share Detection" anon_smb_query().each do |finding| host = Host.find_by_id(finding.host_id) login = host.host_properties.where(:name => 'smb-login-used').first.value login = login.split("\\")[1] if login.include?("\\") if finding.plugin_output.include?("The following shares can be accessed as #{login}") # If the output was collect via the username that is authenitcated skip it. next end host_string = "#{host.name}" host_string << " (#{host.fqdn})" if host.fqdn != nil text "Host", :style => :bold text host_string text "\n" text "Plugin Output", :style => :bold text finding.plugin_output text "\n" end end