Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2
require "rex/parser/nokogiri_doc_mixin"
3

4
module Rex
5
module Parser
6

7
  # If Nokogiri is available, define  document class.
8
  load_nokogiri && class FusionVMDocument < Nokogiri::XML::SAX::Document
9

10

11
  include NokogiriDocMixin
12

13
  def start_element(name=nil,attrs=[])
14
    return nil if in_tag("JobOrder")
15
    attrs = normalize_attrs(attrs)
16
    attrs = attr_hash(attrs)
17
    @state[:current_tag][name] = true
18
    case name
19
    when "IPAddress"
20
      thost={}
21
      return nil unless attrs["IPAddress"] and attrs["HostName"]
22
      thost = {
23
        :host      => attrs["IPAddress"],
24
        :name      => attrs["HostName"],
25
        :workspace => @args[:workspace]
26
      }
27
      thost[:host] = attrs["IPAddress"]
28
      thost[:name] = attrs["HostName"]
29
      @host = db_report(:host, thost)
30
    when "OS"
31
      @state[:has_text] = true
32
    when "Port"
33
      @service = {
34
        :host   => @host,
35
        :port   => attrs["Number"],
36
        :state  => "open"
37
      }
38
    when "Service"
39
      @state[:has_text] = true
40
    when "Protocol"
41
      @state[:has_text] = true
42
    when "Exposure"
43
      @vuln = {
44
        :host => @host,
45
        :refs => []
46
      }
47
    when "Title"
48
      @state[:has_text] = true
49
    when "Description"
50
      @state[:has_text] = true
51
    when "CVE"
52
      @state[:has_text] = true
53
    when "References"
54
      @state[:has_text] = true
55
    end
56
  end
57

58
  def end_element(name=nil)
59
    unless in_tag("JobOrder")
60
      case name
61
      when "OS"
62
        unless @host.nil? or @text.to_s.strip.empty?
63
          tnote = {
64
            :type       => "host.os.fusionvm_fingerprint",
65
            :data       => { :os => @text.strip },
66
            :host       => @host,
67
            :workspace  => @args[:workspace]
68
          }
69
          db_report(:note, tnote)
70
          @host.normalize_os
71
        end
72
      when  "IPAdress"
73
        @host = nil
74
      when "Service"
75
        @service[:name] = @text.strip
76
      when "Protocol"
77
        @service[:proto] = @text.strip.downcase
78
      when "Port"
79
        db_report(:service, @service)
80
      when "Exposure"
81
        db_report(:vuln, @vuln)
82
      when "Title"
83
        @vuln[:name] = @text.strip
84
      when "Description"
85
        @vuln[:info] = @text.strip
86
      when "CVE"
87
        @vuln[:refs] << "CVE-#{@text.strip}"
88
      when "References"
89
        unless @text.to_s.strip.empty?
90
          @text.split(' ').each do |ref|
91
            next unless ref.start_with? "http"
92
            if ref =~ /MS\d{2}-\d{3}/
93
              @vuln[:refs] << "MSB-#{$&}"
94
            else
95
              @vuln[:refs] << "URL-#{ref.strip}"
96
            end
97
          end
98
        end
99
      end
100
    end
101
    @text = nil
102
    @state[:current_tag].delete name
103
  end
104

105

106

107
end
108
end
109
end
110

111