mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-22 11:48:17 +00:00
132 lines
4.3 KiB
Ruby
132 lines
4.3 KiB
Ruby
require_relative('../constants.rb')
|
|
|
|
class Vulnerability
|
|
# The type of vulnerability
|
|
attr_accessor :type
|
|
|
|
# The privilege level the vulnerability gives
|
|
attr_accessor :privilege
|
|
|
|
# The access level the vulnerability gives
|
|
attr_accessor :access
|
|
|
|
# The puppet files used for the vulnerability
|
|
attr_accessor :puppets
|
|
|
|
# Details describing the vulnerability
|
|
attr_accessor :details
|
|
|
|
# Ports used by the vulnerability
|
|
attr_accessor :ports
|
|
|
|
# Name given to the vulnerability
|
|
attr_accessor :name
|
|
|
|
# Vulnerability's CVE number
|
|
attr_accessor :cve
|
|
|
|
#
|
|
attr_accessor :files
|
|
|
|
#
|
|
attr_accessor :scripts
|
|
|
|
# Platform the vulnerability will work on
|
|
attr_accessor :platform
|
|
|
|
# Difficulty of the vulnerability
|
|
attr_accessor :difficulty
|
|
|
|
# Vulnerability's cvss_rating
|
|
attr_accessor :cvss_rating
|
|
|
|
# Vulnerability's cvss_score
|
|
attr_accessor :cvss_score
|
|
|
|
# Vulnerability's vector_string, e.g. AV:L/AC:H/Au:N/C:N/I:P/A:C
|
|
attr_accessor :vector_string
|
|
|
|
# Initialises Vulnerability object
|
|
# @param type [String] Type of vulnerability
|
|
# @param privilege [String] Privilege obtained after successful exploitation
|
|
# @param access [String] Access obtained after successful exploitation
|
|
# @param puppets [Array] Array of puppet files needed for the vulnerability
|
|
# @param details [String] Details of the vulnerability
|
|
# @param ports [Array] Ports used by the vulnerability
|
|
# @param platform [String] Platform the vulnerability will work on
|
|
# @param name [String] Name of the vulnerability
|
|
# @param cve [String] CVE number of the vulnerability
|
|
# @param files [Array]
|
|
# @param scripts [Array]
|
|
# @param difficulty [String] Difficulty level of exploiting the vulnerability
|
|
# @param cvss_rating [String] Vulnerability's cvss_rating
|
|
# @param cvss_score [String] Vulnerability's cvss_score
|
|
# @param vector_string [String] Vulnerability's vector_string, e.g. AV:L/AC:H/Au:N/C:N/I:P/A:C
|
|
def initialize(type='', privilege='', access='', puppets=[], details='', ports=[], platform ='', name='', cve='', files=[], scripts=[], difficulty ='', cvss_rating='', cvss_score='',vector_string='')
|
|
@type = type
|
|
@privilege = privilege
|
|
@access = access
|
|
@puppets = puppets
|
|
@details = details
|
|
@ports = ports
|
|
@platform = platform
|
|
@name = name
|
|
@cve = cve
|
|
@files = files
|
|
@scripts = scripts
|
|
@difficulty = difficulty
|
|
@cvss_rating = cvss_rating
|
|
@cvss_score = cvss_score
|
|
@vector_string = vector_string
|
|
|
|
# Base Vector String:
|
|
# Example 1: 'AV:L/AC:H/Au:N/C:N/I:P/A:C'
|
|
# Access Vector: L = Local access, A = adjacent access, N = network access
|
|
# Access Complexity: H = High, M = Medium, L = Low
|
|
# Authentication: N = None required, S = Single instance, M = Multi instance
|
|
# Confidentiality Impact: N = None, P = Partial, C = Complete
|
|
# Integrity Impact: N = None, P = Partial, C = Complete
|
|
# Availability Impact: N = None, P = Partial, C = Complete
|
|
|
|
end
|
|
|
|
# Returns identifier string made of the @type, @privilege and @access object variables
|
|
# @return [String] Identifier string made of the @type, @privilege and @access object variables
|
|
def id
|
|
return @type + @privilege + @access
|
|
end
|
|
|
|
# Returns path to the selected vulnerabilities files
|
|
# @return [String] Path to the vulnerability files
|
|
def vulnerability_path
|
|
return "#{ROOT_DIR}/modules/vulnerabilities/#{@platform}/#{@type}/#{@name}"
|
|
end
|
|
|
|
# Returns path to the puppet files for the selected vulnerability
|
|
# @return [String] Path to the puppet files for the selected vulnerability
|
|
def puppet_path
|
|
return vulnerability_path + '/puppet'
|
|
end
|
|
|
|
def is_vector_populated
|
|
return vector_string.length > 0
|
|
end
|
|
|
|
# Returns hash made of all the components in the vector string
|
|
# @return [Hash] Hash of vector string components
|
|
def get_vector_hash
|
|
base_vector_string = vector_string # for example: "AV:L/AC:H/Au:N/C:N/I:P/A:C"
|
|
base_vector_array = base_vector_string.split('/') # split to get: ['AV:L', 'AC:H', 'Au:N','C:N', 'I:P', 'A:C']
|
|
|
|
# convert this into a hash map
|
|
base_vector_hash = {}
|
|
for vector_element_string in base_vector_array
|
|
vector_element_array = vector_element_string.split(':')
|
|
if vector_element_array[1] != nil
|
|
base_vector_hash.store(vector_element_array[0], vector_element_array[1])
|
|
end
|
|
end
|
|
return base_vector_hash
|
|
end
|
|
end
|