class Risu::Models::Plugin

Plugin Model

Public Class Methods

critical_risks() click to toggle source

Queries for all the critical risks based on Plugin.risk_factor

@return [ActiveRelation] of Critical Risks

# File lib/risu/models/plugin.rb, line 53
def critical_risks
        where(:risk_factor => "Critical")
end
high_risks() click to toggle source

Queries for all the critical risks based on Plugin.risk_factor

@return [ActiveRelation] of High Risks
# File lib/risu/models/plugin.rb, line 60
def high_risks
        where(:risk_factor => "High")
end
in_the_news() click to toggle source

TODO doc

# File lib/risu/models/plugin.rb, line 87
def in_the_news
        where(:in_the_news => true)
end
low_risks() click to toggle source

Queries for all the critical risks based on Plugin.risk_factor

@return [ActiveRelation] of Low Risks

# File lib/risu/models/plugin.rb, line 74
def low_risks
        where(:risk_factor => "Low")
end
medium_risks() click to toggle source

Queries for all the critical risks based on Plugin.risk_factor

@return [ActiveRelation] of Medium Risks

# File lib/risu/models/plugin.rb, line 67
def medium_risks
        where(:risk_factor => "Medium")
end
none_risks() click to toggle source

Queries for all the critical risks based on Plugin.risk_factor

@return [ActiveRelation] of None Risks

# File lib/risu/models/plugin.rb, line 81
def none_risks
        where(:risk_factor => "None")
end
risks() click to toggle source

Queries for all risks based on Plugin.risk_factor

@return [Array] of all risks

# File lib/risu/models/plugin.rb, line 46
def risks
        critical_risks + high_risks + medium_risks + low_risks + none_risks
end
root_cause_graph() click to toggle source
# File lib/risu/models/plugin.rb, line 130
def root_cause_graph
        g = Gruff::Pie.new(GRAPH_WIDTH)
        g.title = sprintf "Vulnerability Root Cause"
        g.sort = false
        g.marker_count = 1
        g.theme = {
                :colors => Risu::GRAPH_COLORS,
                :background_colors => %w(white white)
        }

        g.data('Vendor Patch', Plugin.where(:root_cause => 'Vendor Patch').count)
        g.data('Vendor Support', Plugin.where(:root_cause => 'Vendor Support').count)
        g.data('Configuration', Plugin.where(:root_cause => 'Configuration').count)

        StringIO.new(g.to_blob)
end
root_cause_graph_text() click to toggle source
# File lib/risu/models/plugin.rb, line 147
def root_cause_graph_text
        graph_text = "This graph shows the basic root cause of a vulnerability, the data is broken up into " +
        "three categories. Vendor Patch, Vendor Support and Configuration.\n\n"

        graph_text << "Vendor Patch represents vulnerabilities from missing patches. IE missing Microsoft patches.\n"
        graph_text << "Vendor Support represents vulnerabilities caused by the lack of vendor support. IE unsupported software.\n"
        graph_text << "Configuration represents vulnerabilities caused by misconfiguration of software or hardware. IE default passwords.\n\n"

        return graph_text
end
top_by_count_graph(limit=10) click to toggle source

Creates a graph based on the top plugins sorted by count

@return Filename of the created graph

# File lib/risu/models/plugin.rb, line 94
def top_by_count_graph(limit=10)
        g = Gruff::Bar.new(GRAPH_WIDTH)
        g.title = sprintf "Top %d Critical Findings By Plugin", Item.risks_by_plugin(limit).to_a.count
        g.sort = false
        g.marker_count = 1
        g.theme = {
                :colors => Risu::GRAPH_COLORS,
                :background_colors => %w(white white)
        }

        Item.risks_by_plugin(limit).to_a.each do |plugin|
                plugin_name = Plugin.find_by_id(plugin.plugin_id).plugin_name

                #We need to filter the names a little to make everything look nice on the graph
                #@TODO this concept should be added to the database via a yaml file
                plugin_name = case plugin.plugin_id
                        when 35362 then plugin_name.split(":")[0]
                        when 34477 then plugin_name.split(":")[0]
                        when 35635 then plugin_name.split(":")[0]
                        when 21564 then "VNC Remote Authentication Bypass"
                        when 38664 then "Intel Common Base Agent Remote Command Execution"
                        when 42411 then "Windows SMB Shares Unprivileged Access"
                        else
                                plugin_name = Plugin.find_by_id(plugin.plugin_id).plugin_name
                end

                if plugin_name =~ /^(MS\d{2}-\d{3}):/
                        plugin_name = $1
                end

                g.data(plugin_name, Item.where(:plugin_id => plugin.plugin_id).count)
        end

        StringIO.new(g.to_blob)
end

Public Instance Methods

cvss_base_score() click to toggle source
# File lib/risu/models/plugin.rb, line 37
def cvss_base_score
        read_attribute(:cvss_base_score).to_s
end
cvss_base_score=(cvss_base_score) click to toggle source
# File lib/risu/models/plugin.rb, line 33
def cvss_base_score=(cvss_base_score)
        write_attribute(:cvss_base_score, cvss_base_score.to_f)
end