Mercurial > farol > farolluz
diff farolluz/renderer.py @ 0:e18b61a73a68
Initial Release
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 23 Sep 2014 15:19:14 +0200 |
parents | |
children | 809db989cac5 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/farolluz/renderer.py Tue Sep 23 15:19:14 2014 +0200 @@ -0,0 +1,153 @@ +# -*- encoding: utf-8 -*- +# Description: +# Module related to the rendering of a Security Advisory. +# +# Authors: +# BenoƮt Allard <benoit.allard@greenbone.net> +# +# Copyright: +# Copyright (C) 2014 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + +from __future__ import print_function + +import os +import sys +from datetime import datetime +import jinja2 + +from .parsers import cvrf +from .utils import utcnow + +# Supported Red Hat OSes for parsing. The value is as used in +# gather-package-list.nasl to set "ssh/login/release" +# Refer to that file, or the lsc_generator for a complete list. +OS_MAP = { + 'Red Hat Enterprise Linux Server (v. 7)' : 'RHENT_7', + 'Red Hat Enterprise Linux Server (v. 6)' : 'RHENT_6', + 'Red Hat Enterprise Linux Workstation (v. 6)' : 'RHENT_6', + 'Red Hat Enterprise Linux Desktop (v. 6)' : 'RHENT_6', + 'Red Hat Enterprise Linux Desktop 6' : 'RHENT_6', + 'Red Hat Enterprise Linux (v. 5 server)' : 'RHENT_5', + 'Red Hat Enterprise Linux ES version 2.1' : 'RHENT_2.1', + 'Red Hat Enterprise Linux WS version 2.1' : 'RHENT_2.1', + 'Red Hat Enterprise Linux AS version 3' : 'RHENT_3', + 'Red Hat Enterprise Linux ES version 3' : 'RHENT_3', + 'Red Hat Enterprise Linux WS version 3' : 'RHENT_3', + 'Red Hat Enterprise Linux AS version 4' : 'RHENT_4', + 'Red Hat Enterprise Linux ES version 4' : 'RHENT_4', + 'Red Hat Enterprise Linux WS version 4' : 'RHENT_4', + 'Red Hat Enterprise Linux AS (Advanced Server) version 2.1' : 'RHENT_2.1', +} + +def calculateRiskFactor(cvss_score, debug=0): + """ + Calculates and Return Risk Factor given CVSS Base Score + """ + cvss_score = float(cvss_score) + + for high, name in [ + (2, 'Low'), + (5, 'Medium'), + (8, 'High'), + (10, 'Critical')]: + if cvss_score <= high: + return name + + +def getReleaseName(os_name): + return OS_MAP.get(os_name, 'UNKNOWN') + +def getPackageName(rpm_name): + return rpm_name.split('-')[0] + +def PackageNameForrpmvuln(package_name): + package_name = package_name.rstrip('.src.rpm|.x86_64.rpm') + return (package_name.replace('-', '~')) + +def render(cvrf, templatepath, **kwargs): + + red_hat = False + script_family = "" + os_cpe = "" + ## check the platform + if "Red Hat Security Advisory" in cvrf._title: + red_hat = True + script_family = "Red Hat Local Security Checks" + os_cpe = "cpe:/o:redhat:enterprise_linux" + +# product_id = cvrf._vulnerabilities[0]._productstatuses[0]._productids +# print (product_id) +# for eachid in cvrf._vulnerabilities[0]._productstatuses[0]._productids: +# print(cvrf.getProductForID(eachid)._name) +# +# print("productnames") +# print(', '.join(p._name for p in cvrf.getProductList())) + + + + templatedir = os.path.join(os.path.dirname(__file__), 'templates') + templateLoader = jinja2.FileSystemLoader(searchpath=templatedir) + templateEnv = jinja2.Environment( + loader=templateLoader, + extensions=['jinja2.ext.with_'] + ) + + templateEnv.filters['risk_factor'] = calculateRiskFactor + templateEnv.filters['release_map'] = getReleaseName + templateEnv.filters['package_name'] = getPackageName + templateEnv.filters['for_rpmvuln'] = PackageNameForrpmvuln + + template = templateEnv.get_template(templatepath) + + + + templateVars = { + "cvrf": cvrf, + "script_id": 0, + "now" : utcnow(), + "red_hat": red_hat, + "script_family" : script_family, + "os_cpe" : os_cpe, + + } + + templateVars.update(kwargs) + + return template.render(templateVars) + +def main(cvrfpath, templatepath): + + with open(cvrfpath, 'rt') as f: + cvrfdoc = cvrf.parse(f) + + outputText = render(cvrfdoc, templatepath) + + adv_id = cvrfdoc._tracking._identification._id + if adv_id : + file_name = adv_id.replace(":", "_"); + file_name = "gb_" + file_name + "." + os.path.basename(templatepath).split('.')[0] + + with open(file_name, 'w') as file_handle: + file_handle.write(outputText) + print("file written to:", file_name) + +if __name__ == "__main__": + import sys + template = "nasl.j2" + if len(sys.argv) >= 3: + template = sys.argv[2] + main(sys.argv[1], template)