Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2
require 'rexml/document'
3

4
module Rex
5
module Parser
6

7

8
class IP360ASPLXMLStreamParser
9

10
  @vulnid = nil
11
  @appid = nil
12
  @location = nil
13

14
  attr_accessor :on_found_aspl
15

16
  def initialize(&block)
17
    reset_state
18
    on_found_aspl = block if block
19
  end
20

21
  def reset_state
22
    @aspl = {'vulns' => {'name' => { }, 'cve' => { }, 'bid' => { } },
23
      'oses' => {'name' => { } } }
24
    @state = :generic_state
25
  end
26

27
  def tag_start(name, attributes)
28
    case name
29
    when "vulns"
30
      @location = "vulns"
31
    when "vuln"
32
      @vulnid = attributes['id'].strip
33
    when "name"
34
      @state = :is_name
35
    when "advisories"
36
      @c = ""
37
      @cfirst = 1
38
      @b = ""
39
      @bfirst = 1
40
      @x = Hash.new
41
    when "publisher"
42
      @state = :is_pub
43
    when "id"
44
      @state = :is_refid
45
    when "operatingSystems"
46
      @location = "os"
47
    when "operatingSystem"
48
      @osid = attributes['id'].strip
49
    end
50
  end
51

52
  def text(str)
53
    case @state
54
    when :is_name
55
      @aspl['vulns']['name'][@vulnid] = str if @location == "vulns"
56
      @aspl['oses'][@osid] = str if @location == "os"
57
    when :is_pub
58
      @x['pub'] = str
59
    when :is_refid
60
      @x['refid'] = str
61
    end
62
  end
63

64
  def tag_end(name)
65
    case name
66
    when "ontology"
67
      on_found_aspl.call(@aspl) if on_found_aspl
68
      reset_state
69
    when "advisory"
70
      if (@x['pub'] =~ /CVE/)
71
        if (@cfirst == 0)
72
          @c += ","
73
        end
74
        @c += @x['refid']
75
        @cfirst = 0
76
      elsif (@x['pub'] =~ /BugTraq/)
77
        if (@bfirst == 0)
78
          @b += ","
79
        end
80
        @b += @x['refid']
81
        @bfirst = 0
82
      end
83
    when "advisories"
84
      @aspl['vulns']['cve'][@vulnid] = @c
85
      @aspl['vulns']['bid'][@vulnid] = @b
86
      @c = ""
87
      @b = ""
88
    end
89
    @state = :generic_state
90
  end
91

92
  # We don't need these methods, but they're necessary to keep REXML happy
93
  #
94
  def xmldecl(version, encoding, standalone); end
95
  def cdata; end
96
  def comment(str); end
97
  def instruction(name, instruction); end
98
  def attlist; end
99
end
100

101
end
102
end
103

104