Closed ebdavison closed 12 years ago
hammackj
commented
12 years ago You can put the template in ~/.risu/templates and it will be loaded automatically. Templates are validated against a template and if they are not correct they are not loaded. Saves some trouble shooting issues.
Also take a look at template.rb in /usr/local/rvm/gems/ruby-1.9.2-p290/gems/risu-1.4.8/lib/risu/templates for an example of the template format. Its a lot like a metasploit module if you have seen those.
ebdavison
commented
12 years ago Wow, that was somewhat painful. I see you changed the template format rather dramatically, especially the table output. I finally got my template "converted" to the new format and there are quite a few changes to account for.
But I still have a couple of items:
table output column widths are not working. Used to be
header_widths = {0 => 75, 1 => 125} :column_widths = header_widths
But the table procedure does not recognize column_widths and my columns widths are formatted way wrong.
hammackj
commented
12 years ago The table stuff is related to Prawn the PDF generator used, Just something that happen to change while updating risu.
This is an example of using table widths
def top_10_table(output)
headers = ["Description", "Count"]
header_widths = {0 => (output.bounds.width - 50), 1 => 50}
data = top_10_sorted
output.table([headers] + data[0..9], :header => true, :column_widths => header_widths, :width => output.bounds.width) do
row(0).style(:font_style => :bold, :background_color => 'cccccc')
cells.borders = [:top, :bottom, :left, :right]
end
end
Item.critical_risks was incorrect. Nessus has High/Medium/Low/Info findings, Risu was fixed to be correct.
Item.critical_risks should be Item.high_risks.count now.
You can you the CVSS score of 10 to have something critical if you want but it is still a high finding from the Nessus standpoint.
1.4.9 adds a whole top 10 api for putting into reports. Not sure when I will have that done. Having a baby has cut my time down a lot.
ebdavison
commented
12 years ago Thanks for the clarification. I will look at this and let you know if there are other items I need.
I still think that maybe the Critical will be wanted by my boss and the customer but I will go with high/med/low/info for now to match with Nessus. This ensures there is no compatibility issue between Nessus and the report which got me last audit and made us look bad when we found the bug in nessusdb and had to reclassify the finding categories.
Congrats on the baby; I have been there and understand.
I have downloaded and installed risu and works so far. I have a template I created and am trying to use it. I tried 'risu -t ~/Documents/my_template.rb -o my_template.pdf' and was told '[!] Template "my_template.rb" does not exist. Please check the name'. I tried without the '.rb' and same result. So, I copied the template to /usr/local/rvm/gems/ruby-1.9.2-p290/gems/risu-1.4.8/lib/risu/templates where I found the other templates that come with risu and same result. I tried 'risu -l' and it does not show up.
How do I use my own template with risu?