search

hammackj / risu

Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
http://hammackj.github.io/risu
MIT License
63 stars 20 forks source link

findings_summary by name #25

Closed ebdavison closed 13 years ago

ebdavison commented 13 years ago

Need to do the findings_summary.rb template sorted by plugin name. This code is where the loop happens:

Item.critical_risks_unique_sorted.each do |item| name = Plugin.find_by_id(item.plugin_id).plugin_name count = Item.where(:plugin_id => item.plugin_id).count

    text "#{count} - #{name}"

end

Do I need to add those to an array and then loop through the array or create a new critical_risks_unique_sorted_by_name item in the item.rb file to accomplish this? Seems like the latter is the better long term option but could no figure out how to do it on my own as there are no plugin_name's in the items table.

Ed

hammackj commented 13 years ago

@items = Item.critical_risks_unique.order("plugins.plugin_name") @items.each do |item| puts item.plugin_name end

that should order the plugin names for you

ebdavison commented 13 years ago

Awesome!

ebdavison commented 13 years ago

It almost worked: 1 - Adobe Download Manager Arbitrary File Download (APSB10-08) 3 - Apache 2.2 < 2.2.15 Multiple Vulnerabilities 2 - Compaq WBEM HTTP Server Remote Overflow 1 - Linksys Router Debug Credentials (Gemtek / gemtekswd) 2 - Microsoft Windows 2000 Unsupported Installation Detection 2 - MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) (remote check) 1 - Oracle Java JDK / JRE 6 < Update 20 Multiple Vulnerabilities 7 - Oracle Java SE Multiple Vulnerabilities (February 2011 CPU) 3 - Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) 1 - Shockwave Player < 11.5.9.620 (APSB11-01) 2 - Trend Micro Antivirus Detection 1 - Adobe Photoshop Elements Active File Monitor Service Privilege Escalation (APSB09-17) 1 - Deterministic Network Extender 'dne2000.sys' Local Privilege Escalation 4 - SMB Insecurely Configured Service 178 - Trend Micro OfficeScan TMTDI Module Local Privilege Escalation 1 - Computer Associates Anti-Virus Engine arclib.dll < 8.1.4.0 Multiple Flaws ...

hammackj commented 13 years ago

Try: @items = Item.where(:severity => 3).joins(:plugin).order("plugins.plugin_name").group(:plugin_id) @items.each do |item| puts item.plugin_name end

it seems that i sort by the cvss score on that query. going to fix that next release

ebdavison commented 13 years ago

Bingo! Perfect.