Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing openvas parser and including script_id for openvas and nmap #11454

Open
wants to merge 2 commits into
base: bugfix
Choose a base branch
from

Conversation

LeoOMaia
Copy link

im including the script_id from tool to consider in the parser of nmapandopenvas` fixing a problem of get the id from openvas parser who get the id by the param of the tag.

Copy link

dryrunsecurity bot commented Dec 22, 2024

DryRun Security Summary

The code changes improve the parsing and reporting of security findings from Nmap and OpenVAS tools by enhancing script ID tracking, vulnerability details extraction, and output formatting.

Expand for full summary

Summary:

The provided code changes are focused on improving the parsing and reporting of security findings from two different security tools: Nmap and OpenVAS.

The changes to the Nmap parser (parser.py) aim to capture more detailed information about the scripts run during the Nmap scan, including extracting the script_id and associating it with the corresponding finding. This enhancement can provide valuable context and traceability for the identified findings.

The changes to the OpenVAS XML parser (xml_parser.py) also focus on improving the handling of the script_id and the parsing of the nvt element, which contains detailed information about the identified vulnerabilities. Additionally, the code ensures consistent formatting of the finding details, which enhances the readability and usability of the output.

Overall, these changes are positive improvements to the application security tooling, as they enhance the ability to track, understand, and report on the identified security findings. The improved parsing and reporting capabilities can benefit security analysts and developers in their efforts to identify and address vulnerabilities within the application.

Files Changed:

  1. dojo/tools/nmap/parser.py:

    • The changes introduce a new variable script_id and use it to capture the script ID from the Nmap XML output.
    • The script_id is then added to the description of the finding and stored in the vuln_id_from_tool field.
    • These changes improve the tracking and reporting of findings from the Nmap parser.
  2. dojo/tools/openvas/xml_parser.py:

    • The code now explicitly assigns the script_id variable for each finding and stores it in the vuln_id_from_tool field.
    • The parsing of the nvt element has been improved to handle cases where both the oid attribute and text content are present, providing more comprehensive information about the vulnerability.
    • The code ensures consistent formatting of the finding details, such as the title, description, and severity, which enhances the readability and usability of the output.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

Copy link

@cunha cunha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Suggestions:

  • Check whether we should print finding.text when tag == "nvt"
  • Move the test=test bugfix to a separate PR

dojo/tools/openvas/xml_parser.py Outdated Show resolved Hide resolved
dojo/tools/openvas/xml_parser.py Outdated Show resolved Hide resolved
@LeoOMaia LeoOMaia requested a review from cunha December 23, 2024 20:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants