File Coverage

blib/lib/Parse/Nessus/NBE.pm

Criterion	Covered	Total	%
statement	21	153	13.7
branch	0	48	0.0
condition			n/a
subroutine	7	17	41.1
pod	0	10	0.0
total	28	228	12.2

line	stmt	bran	sub	pod	time	code
1
2						package Parse::Nessus::NBE;
3
4	1		1		37620	use strict;
	1				2
	1				48
5	1		1		6	use vars qw/ $VERSION @ISA @EXPORT_OK %EXPORT_TAGS /;
	1				2
	1				163
6
7						require Exporter;
8
9						@ISA = qw/ Exporter /;
10						@EXPORT_OK =
11						qw/ nbanners nports nplugin nwebdirs nnfs nos nsnmp nstatos nstatservices nstatvulns /;
12						%EXPORT_TAGS = (all => [qw/ nbanners nports nplugin nwebdirs nnfs nos nsnmp nstatos nstatservices nstatvulns /] );
13						$VERSION = '1.1';
14
15	1		1		19	use constant WEBDIR => 11032; # nessus plugin id for web directories discovered
	1				6
	1				81
16	1		1		5	use constant NFS => 10437; # nessus plugin id for nfs shares discovered
	1				2
	1				45
17	1		1		4	use constant NMAP1 => 10336; # nessus plugin id for Nmap OS guess
	1				2
	1				43
18	1		1		5	use constant NMAP2 => 11268; # nessus plugin id for Nmap OS guess
	1				2
	1				36
19	1		1		5	use constant QUESO => 10337; # nessus plugin id for QueSO OS guess
	1				2
	1				3074
20
21						sub nbanners {
22	0		0	0		my (@ndata) = @_;
23	0					my (@banners);
24	0					foreach my $nbanner (@ndata) {
25	0	0				if ( $nbanner =~ /emote(.*)server (banner\|type)/ ) {
26	0					my @result = split ( /\\|/, $nbanner );
27	0					$result[6] =~ s/^(.)\:\\n\|Solution (.)$\|\\r\|\\n//g;
28	0					push @banners, join "\|", $result[2], $result[6];
29						}
30						}
31	0					return @banners;
32						}
33
34						sub nports {
35	0		0	0		my (@ndata) = @_;
36	0					my (@ports);
37	0					my $nport = pop (@ndata);
38	0					foreach my $ndata (@ndata) {
39	0					my @result = split ( /\\|/, $ndata );
40	0	0				if ( $result[4] ) {
		0
41	0					next;
42						}
43						elsif ( $result[3] =~ /\($nport\// ) {
44	0					push @ports, join "\|", $result[2], $result[3];
45						}
46						}
47	0					return @ports;
48						}
49
50						sub nplugin {
51	0		0	0		my (@ndata) = @_;
52	0					my (@plugins);
53	0					my $nplugin = pop (@ndata);
54	0					foreach my $ndata (@ndata) {
55	0					my @result = split ( /\\|/, $ndata );
56	0	0				if ( !$result[4] ) {
		0
57	0					next;
58						}
59						elsif ( $result[4] =~ /$nplugin/ ) {
60	0					$result[6] =~ s/\\n//;
61	0					push @plugins, join "\|", $result[2], $result[3], $result[6];
62						}
63						}
64	0					return @plugins;
65						}
66
67						sub nwebdirs {
68	0		0	0		my (@ndata) = @_;
69	0					my (@webdirs);
70	0					my $webdirplugin = WEBDIR;
71	0					foreach my $ndata (@ndata) {
72	0					my @result = split ( /\\|/, $ndata );
73	0	0				if ( !$result[4] ) {
		0
74	0					next;
75						}
76						elsif ( $result[4] =~ /$webdirplugin/ ) {
77	0					$result[6] =~ s/(^(.*)discovered\:\|\\n\|,)//g;
78	0					$result[6] =~ s/The following(.*)authentication:/\\|/;
79	0					push @webdirs, join "\|", $result[2], $result[3], $result[6];
80						}
81						}
82	0					return @webdirs;
83						}
84
85						sub nnfs {
86	0		0	0		my (@ndata) = @_;
87	0					my (@nfs);
88	0					my $nfsplugin = NFS;
89	0					foreach my $ndata (@ndata) {
90	0					my @result = split ( /\\|/, $ndata );
91	0	0				if ( !$result[4] ) {
		0
92	0					next;
93						}
94						elsif ( $result[4] =~ /$nfsplugin/ ) {
95	0					$result[6] =~ s/^(.) \: \\n\|\\n\\n(.)$//g;
96	0					$result[6] =~ s/\\n/,/g;
97	0					push @nfs, join "\|", $result[2], $result[3], $result[6];
98						}
99						}
100	0					return @nfs;
101						}
102
103						sub nos {
104	0		0	0		my (@ndata) = @_;
105	0					my (@os);
106	0					foreach my $ndata (@ndata) {
107	0	0				if ( $ndata =~
108						m/10336\\|Security Note\|11268\\|Security Note\|10337\\|Security Note/ )
109						{
110	0					my @result = split ( /\\|/, $ndata );
111	0	0				if ( $result[4] eq NMAP1 ) {
		0
		0
112	0					$result[6] =~ s/(Nmap(.*)running \|(\;\|\\n))//g;
113	0					push @os, join "\|", $result[2], $result[6];
114						}
115						elsif ( $result[4] eq NMAP2 ) {
116	0					$result[6] =~ s/(Remote OS guess : \|\\n\\n(.*)$)//g;
117	0					push @os, join "\|", $result[2], $result[6];
118						}
119						elsif ( $result[4] eq QUESO ) {
120	0					$result[6] =~
121						s/(QueSO has(.)\\n\\|\\n\\n\\nCVE (.)$\| \(by (.)$)//g;
122	0					push @os, join "\|", $result[2], $result[6];
123						}
124						}
125						}
126	0					return @os;
127						}
128
129						sub nsnmp {
130	0		0	0		my (@ndata) = @_;
131	0					my (@snmp);
132	0					foreach my $ndata (@ndata) {
133	0	0				if ( $ndata =~ m/10264\\|Security Hole\\|/ ) {
134	0					my @result = split ( /\\|/, $ndata );
135	0					$result[6] =~ s/\\nSNMP Agent(.*?)community name: //;
136	0					$result[6] =~
137						s/(\\nSNMP Agent (.?)community name: \|\\nCVE(.)$)/ /g;
138	0					push @snmp, join "\|", $result[2], $result[6];
139						}
140						}
141	0					return @snmp;
142						}
143
144						sub nstatos {
145	0		0	0		my (@ndata) = @_;
146	0					my (@allos);
147	0					foreach my $ndata (@ndata) {
148	0	0				if ( $ndata =~
149						m/10336\\|Security Note\|11268\\|Security Note\|10337\\|Security Note/ )
150						{
151	0					my @result = split ( /\\|/, $ndata );
152	0					chomp $result[6];
153	0	0				if ( $result[4] eq NMAP1 ) {
		0
		0
154	0					$result[6] =~ s/(Nmap(.*)running \|(\;\|\\n))//g;
155	0					push @allos, $result[6];
156						}
157						elsif ( $result[4] eq NMAP2 ) {
158	0					$result[6] =~ s/(Remote OS guess : \|\\n\\n(.*)$)//g;
159	0					push @allos, $result[6];
160						}
161						elsif ( $result[4] eq QUESO ) {
162	0					$result[6] =~
163						s/(QueSO has(.)\\n\\|\\n\\n\\nCVE (.)$\| \(by (.)$)//g;
164	0					push @allos, $result[6];
165						}
166						}
167						}
168	0					my %count;
169	0					map { $count{$_}++ } @allos;
	0
170	0					my @rearranged = sort { $count{$b} <=> $count{$a} } keys %count;
	0
171	0					my @graphos;
172	0					foreach (@rearranged) {
173	0					push @graphos, join "\|", $_, "$count{$_}\n";
174						}
175	0					return @graphos;
176						}
177
178						sub nstatservices {
179	0		0	0		my (@ndata) = @_;
180	0					my (@allports);
181	0					foreach my $ndata (@ndata) {
182	0					my @result = split ( /\\|/, $ndata );
183	0	0				if ( $result[4] ) {
184	0					next;
185						}
186						else {
187	0					chomp $result[3];
188	0					push @allports, $result[3];
189						}
190						}
191	0					my %count;
192	0					map { $count{$_}++ } @allports;
	0
193	0					my @rearranged = sort { $count{$b} <=> $count{$a} } keys %count;
	0
194	0					my @graphservices;
195	0					foreach (@rearranged) {
196	0					push @graphservices, join "\|", $_, "$count{$_}\n";
197						}
198	0					return @graphservices;
199						}
200
201						sub nstatvulns {
202	0		0	0		my (@ndata) = @_;
203	0					my (@allvuln);
204	0					my $nsevval = pop (@ndata);
205	0					my $nseverity;
206	0	0				if ($nsevval == 1) {
		0
		0
207	0					$nseverity = "Hole";
208						}
209						elsif ($nsevval == 2) {
210	0					$nseverity = "Warning";
211						}
212						elsif ($nsevval == 3) {
213	0					$nseverity = "Note";
214						}
215	0					foreach my $ndata (@ndata) {
216	0					my @result = split ( /\\|/, $ndata );
217	0	0				if (! $result[5]) {
		0
218	0					next;
219						}
220						elsif ( $result[5] =~ /Security $nseverity/ ) {
221	0					push @allvuln, $result[4];
222						}
223						}
224	0					my %count;
225	0					map { $count{$_}++ } @allvuln;
	0
226	0					my @rearranged = sort { $count{$b} <=> $count{$a} } keys %count;
	0
227	0					my @graphvuln;
228	0					foreach (@rearranged) {
229	0					push @graphvuln, join "\|", $_, "$count{$_}\n";
230						}
231	0					return @graphvuln;
232						}
233
234						1;
235
236						__END__