You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there any good way to pull the FQDN into the Evidence template in the Plugin Manager as an available field?
Proposed solution
Use the xml_host for building the evidence content instead of the xml_report_item. This makes the evidence content similar to the ReportHost and gives access to the HostProperties in the XML.
Other Information
If there's anything else that's important and relevant to your pull
request, mention that information here. This could include
benchmarks, or other information.
Thanks for contributing to Dradis!
Copyright assignment
Collaboration is difficult with commercial closed source but we want
to keep as much of the OSS ethos as possible available to users
who want to fix it themselves.
In order to unambiguously own and sell Dradis Framework commercial
products, we must have the copyright associated with the entire
codebase. Any code you create which is merged must be owned by us.
That's not us trying to be a jerks, that's just the way it works.
It would be nice if you could access the values already set in the host node process_report_host, such as the ip & fqdn. Since this function already parses the main <HostProperties>, these values are already set within this host and every piece of evidence could have these same properties.
Instead, it parses the nessus hostproperties once, then when process_report_item is called it will process the hostproperties again so that the evidence can have the same values.
While you can use %report_host.fqdn in the evidence template, this value will be overwritten with whatever value it finds due to the second stage xml parsing inside of process_report_item.
The use case for this is, just like the original issue, if someone wants to set a default value or modify one of the properties (fqdn,ip, netbios) (e.g., if a FQDN is not actually in the nessus file) they still have to modify the process_report_item for a second time, since no edits into the original host "stick" due to the multiple XML parsing issues.
evidence_content = template_service.process_template(template: 'evidence', data: xml_host_dup) has no awareness of the host_node object
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Spec
Several other plugins have fields like:
But, Nessus does not.
We can't pull something like the "evidence.fqdn" into Nessus because the FQDN is stored within the
tag (example: https://github.com/dradis/dradis-nessus/blob/master/spec/fixtures/files/example_v2.nessus#L1379) while the Issues/Evidence come from the tags: https://github.com/dradis/dradis-nessus/blob/master/spec/fixtures/files/example_v2.nessus#L1394
Is there any good way to pull the FQDN into the Evidence template in the Plugin Manager as an available field?
Proposed solution
Use the
xml_hostfor building the evidence content instead of thexml_report_item. This makes the evidence content similar to the ReportHost and gives access to the HostProperties in the XML.Other Information
If there's anything else that's important and relevant to your pull
request, mention that information here. This could include
benchmarks, or other information.
Thanks for contributing to Dradis!
Copyright assignment
Collaboration is difficult with commercial closed source but we want
to keep as much of the OSS ethos as possible available to users
who want to fix it themselves.
In order to unambiguously own and sell Dradis Framework commercial
products, we must have the copyright associated with the entire
codebase. Any code you create which is merged must be owned by us.
That's not us trying to be a jerks, that's just the way it works.
Please review the CONTRIBUTING.md
file for the details.
You can delete this section, but the following sentence needs to
remain in the PR's description: