class Nessus::Version2::XML

Public Class Methods

new(xml) click to toggle source

Creates a new .Nessus (XML) object to be parser

@param [String] file The Nessus xml results file to parse.

@yield [prog] If a block is given, it will be passed the newly

created XML object.

@yieldparam [XML] prog The newly created XML object.

@example

Nessus::XML.new(nessus_scan_file) do |scan|
  scan.report_name
end
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 30
def initialize(xml)
  @xml = xml
  raise "Error: Not A Version 2.0 .Nessus file." unless @xml.at('NessusClientData_v2')
end

Public Instance Methods

each_host(&block) click to toggle source

Creates a new Host object to be parser

@yield [prog] If a block is given, it will be passed the newly

created Host object.

@yieldparam [XML] prog The newly created Host object.

@example

scan.hosts do |host|
  puts host.hostname
end
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 85
def each_host(&block)
  hosts = []
  @xml.xpath("//ReportHost").each do |host|
    hosts << host['name'] if host['name']
    block.call(Host.new(host)) if block
  end
  hosts
end
event_percentage_for(type, round_percentage=false) click to toggle source

Return the Total severity count.

@param [String] severity the severity in which to calculate percentage for.

@param [Boolean] round round the result to the nearest whole number.

@raise [ExceptionClass] One of the following severity options must be passed. [high, medium, low, informational, all]

@return [Integer]

The Percentage Of Events For A Passed Severity

@example

scan.event_percentage_for("low", true) #=> 11%
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 274
def event_percentage_for(type, round_percentage=false)
  @sc ||= count_stats
  if %W(high medium low tcp udp icmp all).include?(type)
    calc = ((@sc[:"#{type}"].to_f / (@sc[:all].to_f)) * 100)
    if round_percentage
      return "#{calc.round}"
    else
      return "#{calc}"
    end
  else
    raise "Error: #{type} is not an acceptable severity. Possible options include: all, tdp, udp, icmp, high, medium and low."
  end
end
find_by_hostname(hostname, &block) click to toggle source

Creates a new Host object to be parser from a passed search param.

@param [String] hostname the hostname to build a Host object for.

@yield [prog] If a block is given, it will be passed the newly

created Host object.

@yieldparam [XML] prog The newly created Host object.

@example

scan.find_by_hostname('127.0.0.1') do |host|
  puts host.hostname
end
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 303
def find_by_hostname(hostname, &block)
  raise "Error: hostname can't be blank." if hostname.blank?
  @xml.xpath('//ReportHost').each do |host|
    next unless host['name'].match(hostname)
    block.call(Host.new(host)) if block
  end
end
high_severity_count() click to toggle source

Return the High severity count.

@return [Integer]

The High Severity Count

@example

scan.high_severity_count #=> 10
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 210
def high_severity_count
  count_stats[:high].to_i
end
host_count() click to toggle source

Return the nessus scan host count.

@return [Integer]

The Nessus Scan Host Count

@example

scan.host_count #=> 23
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 113
def host_count
  each_host.size
end
hosts() click to toggle source

Parses the hosts of the scan.

@return [Array<String>]

The Hosts of the scan.
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 100
def hosts
  Enumerator.new(self,:each_host).to_a
end
icmp_count() click to toggle source

Return the ICMP Event Count.

@return [Integer]

The ICMP Event Count

@example

scan.icmp_count #=> 3
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 184
def icmp_count
  count_stats[:icmp].to_i
end
informational_severity_count() click to toggle source

Return the informational severity count.

@return [Integer]

The Informational Severity Count

@example

scan.informational_severity_count #=> 1203
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 197
def informational_severity_count
  count_stats[:informational].to_i
end
low_severity_count() click to toggle source

Return the Low severity count.

@return [Integer]

The Low Severity Count

@example

scan.low_severity_count #=> 114
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 236
def low_severity_count
  count_stats[:low].to_i
end
medium_severity_count() click to toggle source

Return the Medium severity count.

@return [Integer]

The Medium Severity Count

@example

scan.medium_severity_count #=> 234
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 223
def medium_severity_count
  count_stats[:medium].to_i
end
open_ports_count() click to toggle source

Return the Open Ports count.

@return [Integer]

The Open Ports Count

@example

scan.open_ports_count #=> 1203
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 145
def open_ports_count
  count_stats[:open_ports].to_i
end
policy_notes() click to toggle source

Return the nessus scan policy comments. This is the description field when creating a new policy with the Nessus GUI client.

@return [String]

The Nessus Scan Policy Comments
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 69
def policy_notes
  @policy_notes ||= @xml.at("//Policy/policyComments").inner_text
end
policy_title() click to toggle source

Return the nessus scan policy name. When creating a nessus policy this is usually the title field.

@return [String]

The Nessus Scan Policy Name
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 59
def policy_title
  @policy_name ||= @xml.at("//Policy/policyName").inner_text
end
tcp_count() click to toggle source

Return the TCP Event Count.

@return [Integer]

The TCP Event Count

@example

scan.tcp_count #=> 3
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 158
def tcp_count
  count_stats[:tcp].to_i
end
title() click to toggle source

Return the nessus report title.

@return [String]

The Nessus Report Title

@example

scan.report_name #=> "My Super Cool Nessus Report"
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 49
def title
  @report_name ||= @xml.at('Report/@name').inner_text
end
total_event_count(count_informational = false) click to toggle source

Return the Total severity count. [high, medium, low, informational]

@param [true, false] argname only true or false

@return [Integer]

The Total Severity Count

@example

scan.total_event_count #=> 1561
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 251
def total_event_count(count_informational = false)
  if count_informational
    count_stats[:all].to_i + informational_severity_count
  else
    count_stats[:all].to_i
  end
end
udp_count() click to toggle source

Return the UDP Event Count.

@return [Integer]

The UDP Event Count

@example

scan.udp_count #=> 3
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 171
def udp_count
  count_stats[:udp].to_i
end
unique_ports() click to toggle source

Retunrs an array of all unique ports.

@return [Array]

@example

scan.unique_ports #=> 234
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 125
def unique_ports
  unless @unique_ports
    @unique_ports = []
    @xml.xpath("//ReportItem").each do |port|
      @unique_ports << port['port']
    end
    @unique_ports.uniq!
    @unique_ports.sort!
  end
end
version() click to toggle source
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 36
def version
  2
end

Private Instance Methods

count_stats() click to toggle source

Calculates an event hash of totals for severity counts.

@return [Hash]

The Event Totals For Severity
# File lib/gemcache/ruby-nessus/ruby-nessus/Version2/version2.rb, line 319
def count_stats
  unless @count
    @count = {}
    @open_ports, @tcp, @udp, @icmp, @informational, @low, @medium, @high = 0,0,0,0,0,0,0,0

    @xml.xpath("//ReportItem").each do |s|
      case s['severity'].to_i
        when 0
          @informational += 1
        when 1
          @low += 1
        when 2
          @medium += 1
        when 3
          @high += 1
      end
      
      unless s['severity'].to_i == 0
        @tcp += 1 if s['protocol'] == 'tcp'
        @udp += 1 if s['protocol'] == 'udp'
        @icmp += 1 if s['protocol'] == 'icmp'
      end
      
      @open_ports += 1 if s['port'].to_i != 0
    end

    @count = {:open_ports => @open_ports,
              :tcp => @tcp,
              :udp => @udp,
              :icmp => @icmp,
              :informational => @informational,
              :low => @low,
              :medium => @medium,
              :high => @high,
              :all => (@low + @medium + @high)}
  end

  return @count
end