Closed ebdavison closed 13 years ago
There is a verified field on the Items table for doing something like this. I am going to use it in the gui for checking off manually checked items during an assessment. That might help for now.
I did see that there were notes in the code about blacklist. Is this the same feature. I need to be able to mark some plugins so I can produce a report that has all results and then a follow-up report with the listed items removed as they have a remediation plan.
How would I hook the verified field in the queries for results?
So verified is nil by default, if you set it to false for false positives and true for correct results. you have 3 states u can check for
so if Item.first.verified == true u can add at the to report display or queries
where(:verified => true)
depending how you want to handle it.
Tried the latter as follows and I get an error:
@hosts = Host.where('hosts.ip like ?', "10.11.72.%")
@host_ids = @hosts.map { |h| h.id }.flatten
@items = Item.where("host_id IN (?)", @host_ids).where(:verified => true)
Error: /usr/lib/ruby/gems/1.8/gems/prawn-layout-0.8.4/lib/prawn/table.rb:47:in table': data must be a non-empty, non-nil, two dimensional array of Prawn::Cells or strings /usr/lib/ruby/gems/1.8/gems/nessusdb-1.3/bin/../lib/nessusdb/prawn_templater.rb:31:in
generate'
(eval):134:in `generate'
The ability to mark a false positive is a feature that would be great to have. I have some that I know I do not need in the results, like the share allows full access due to the credentials used for the scan (domain admin) and this is NOT a critical.