search

infobyte / faraday_plugins

Security tools report parsers for Faradaysec.com
https://www.faradaysec.com/
GNU General Public License v3.0
47 stars 17 forks source link

OpenVAS parsing #18

Closed Drunkenslav closed 2 years ago

Drunkenslav commented 2 years ago

Hello,

first off, great job on this project. I love it! I would just like a bit more information from OpenVAS XML to be parsed.

What's the problem this feature will solve? Will help with user effectivity

Describe the solution you'd like If more information would be parsed it would be great. Usually for each finding Openavas adds references and CVE (if applicable)

OpenVAS XML:

<refs>
    <ref id="CVE-2016-2183" type="cve">
    </ref>
    <ref id="CVE-2016-6329" type="cve">
    </ref>
    <ref id="CVE-2020-12872" type="cve">
    </ref>
    <ref id="https://bettercrypto.org/" type="url">
    </ref>
    <ref id="https://mozilla.github.io/server-side-tls/ssl-config-generator/" type="url">
    </ref>
    <ref id="https://sweet32.info/" type="url">

CVE's after being parsed could be hyperlinked - https://cve.mitre.org/cgi-bin/cvename.cgi?name=$CVENUM

The current parsing does give you only description and solution, but if you need more information, you need to google. But OpenVAS XML gives you nice references, so you would just click the link to get more information without wasting valuable time :)

Thanks

aenima-x commented 2 years ago

@Drunkenslav can you add a full xml example? change all the sensitive information. Because in the file we have, we dont have those tags. Can you tell me the Openvas version?

Drunkenslav commented 2 years ago

It's thousands of lines so i pasted it here: https://pastebin.pl/view/60aea84e

Version of OpenaVAS GMP is the newest one: 21.4

Drunkenslav commented 2 years ago

btw I dont want to ask too much but OpenVAS does not work with Critical severity (max is High). If it would be possible to parse CVSS 9.0 and above as Critical, that would be jjust awesome. But if not, its fine :)

Drunkenslav commented 2 years ago

Hello any update on this please?

Or can specify which version of OpenVas you use so i can use that meanwhile?

Thank you!

aenima-x commented 2 years ago

@Drunkenslav the "critical severity" issue will be on the next plugins release.

The CVE link, that will be in the v4 of the UI (the CVE on the manage will be a link to que CVE description)

Drunkenslav commented 2 years ago

Awesome, thanks

aenima-x commented 2 years ago

@Drunkenslav faraday-plugins 1.6.5 is out. Try it and give us some feedback of the change Thanks