class Risu::Models::Plugin
Plugin
Model
Public Class Methods
critical_risks()
click to toggle source
Queries for all the critical risks based on Plugin.risk_factor
@return [ActiveRelation] of Critical Risks
# File lib/risu/models/plugin.rb, line 53 def critical_risks where(:risk_factor => "Critical") end
high_risks()
click to toggle source
Queries for all the critical risks based on Plugin.risk_factor
@return [ActiveRelation] of High Risks
# File lib/risu/models/plugin.rb, line 60 def high_risks where(:risk_factor => "High") end
in_the_news()
click to toggle source
TODO doc
# File lib/risu/models/plugin.rb, line 87 def in_the_news where(:in_the_news => true) end
low_risks()
click to toggle source
Queries for all the critical risks based on Plugin.risk_factor
@return [ActiveRelation] of Low Risks
# File lib/risu/models/plugin.rb, line 74 def low_risks where(:risk_factor => "Low") end
medium_risks()
click to toggle source
Queries for all the critical risks based on Plugin.risk_factor
@return [ActiveRelation] of Medium Risks
# File lib/risu/models/plugin.rb, line 67 def medium_risks where(:risk_factor => "Medium") end
none_risks()
click to toggle source
Queries for all the critical risks based on Plugin.risk_factor
@return [ActiveRelation] of None Risks
# File lib/risu/models/plugin.rb, line 81 def none_risks where(:risk_factor => "None") end
risks()
click to toggle source
Queries for all risks based on Plugin.risk_factor
@return [Array] of all risks
# File lib/risu/models/plugin.rb, line 46 def risks critical_risks + high_risks + medium_risks + low_risks + none_risks end
root_cause_graph()
click to toggle source
# File lib/risu/models/plugin.rb, line 130 def root_cause_graph g = Gruff::Pie.new(GRAPH_WIDTH) g.title = sprintf "Vulnerability Root Cause" g.sort = false g.marker_count = 1 g.theme = { :colors => Risu::GRAPH_COLORS, :background_colors => %w(white white) } g.data('Vendor Patch', Plugin.where(:root_cause => 'Vendor Patch').count) g.data('Vendor Support', Plugin.where(:root_cause => 'Vendor Support').count) g.data('Configuration', Plugin.where(:root_cause => 'Configuration').count) StringIO.new(g.to_blob) end
root_cause_graph_text()
click to toggle source
# File lib/risu/models/plugin.rb, line 147 def root_cause_graph_text graph_text = "This graph shows the basic root cause of a vulnerability, the data is broken up into " + "three categories. Vendor Patch, Vendor Support and Configuration.\n\n" graph_text << "Vendor Patch represents vulnerabilities from missing patches. IE missing Microsoft patches.\n" graph_text << "Vendor Support represents vulnerabilities caused by the lack of vendor support. IE unsupported software.\n" graph_text << "Configuration represents vulnerabilities caused by misconfiguration of software or hardware. IE default passwords.\n\n" return graph_text end
top_by_count_graph(limit=10)
click to toggle source
Creates a graph based on the top plugins sorted by count
@return Filename of the created graph
# File lib/risu/models/plugin.rb, line 94 def top_by_count_graph(limit=10) g = Gruff::Bar.new(GRAPH_WIDTH) g.title = sprintf "Top %d Critical Findings By Plugin", Item.risks_by_plugin(limit).to_a.count g.sort = false g.marker_count = 1 g.theme = { :colors => Risu::GRAPH_COLORS, :background_colors => %w(white white) } Item.risks_by_plugin(limit).to_a.each do |plugin| plugin_name = Plugin.find_by_id(plugin.plugin_id).plugin_name #We need to filter the names a little to make everything look nice on the graph #@TODO this concept should be added to the database via a yaml file plugin_name = case plugin.plugin_id when 35362 then plugin_name.split(":")[0] when 34477 then plugin_name.split(":")[0] when 35635 then plugin_name.split(":")[0] when 21564 then "VNC Remote Authentication Bypass" when 38664 then "Intel Common Base Agent Remote Command Execution" when 42411 then "Windows SMB Shares Unprivileged Access" else plugin_name = Plugin.find_by_id(plugin.plugin_id).plugin_name end if plugin_name =~ /^(MS\d{2}-\d{3}):/ plugin_name = $1 end g.data(plugin_name, Item.where(:plugin_id => plugin.plugin_id).count) end StringIO.new(g.to_blob) end
Public Instance Methods
cvss_base_score()
click to toggle source
# File lib/risu/models/plugin.rb, line 37 def cvss_base_score read_attribute(:cvss_base_score).to_s end
cvss_base_score=(cvss_base_score)
click to toggle source
# File lib/risu/models/plugin.rb, line 33 def cvss_base_score=(cvss_base_score) write_attribute(:cvss_base_score, cvss_base_score.to_f) end