Exemplo n.º 1
0
 public static Note create(String title, String notes, UUID foreignID, Long schoolClassId) {
   Note note = new Note(title, notes, foreignID, SchoolClass.find.ref(schoolClassId));
   note.save();
   return note;
 }
  public Element getVulnAsElement(Vulnerability vuln, Document doc) {

    Base64 b64 = new Base64();

    Element vulnElement = doc.createElement("vuln");
    if (vuln.isIs_custom_risk() == false) {
      vulnElement.setAttribute("custom-risk", "false");
      vulnElement.setAttribute("cvss", vuln.getCvss_vector_string());
    } else {
      vulnElement.setAttribute("custom-risk", "true");
    }
    vulnElement.setAttribute("category", vuln.getRisk_category());
    vulnElement.setAttribute("risk-score", "" + vuln.getRiskScore());

    Element vulnTitle = doc.createElement("title");
    vulnTitle.appendChild(doc.createTextNode(b64.encodeAsString(vuln.getTitle().getBytes())));

    Element identifiersElement = doc.createElement("identifiers");
    HashMap identifiersMap = vuln.getIdentifiers();
    Iterator it = identifiersMap.keySet().iterator();
    while (it.hasNext()) {
      String hashed_title = (String) it.next();
      String import_tool = (String) identifiersMap.get(hashed_title);
      // add a tag mofo!
      Element identifier = doc.createElement("identifier");
      identifier.setAttribute("hash", hashed_title);
      identifier.setAttribute("import_tool", import_tool);
      identifiersElement.appendChild(identifier);
    }

    Element vulnDescription = doc.createElement("description");
    vulnDescription.appendChild(
        doc.createTextNode(b64.encodeAsString(vuln.getDescription().getBytes())));

    Element vulnRecommendation = doc.createElement("recommendation");
    vulnRecommendation.appendChild(
        doc.createTextNode(b64.encodeAsString(vuln.getRecommendation().getBytes())));

    // TODO Fill out <References> tag
    Element vulnReferences = doc.createElement("references");
    Enumeration refs_enums = vuln.getReferences().elements();
    while (refs_enums.hasMoreElements()) {
      Reference ref = (Reference) refs_enums.nextElement();
      Element vulnReference = doc.createElement("reference");
      vulnReference.setAttribute("description", ref.getDescription());
      vulnReference.appendChild(doc.createTextNode(ref.getUrl()));
      vulnReferences.appendChild(vulnReference);
    }

    Element affectedHosts = doc.createElement("affected-hosts");
    Enumeration enums = vuln.getAffectedHosts().elements();
    while (enums.hasMoreElements()) {
      Host host = (Host) enums.nextElement();

      // Create all the lovely element nodes
      Element affectedHost = doc.createElement("host");
      Element ipAddress = doc.createElement("ip-address");
      if (host.getIp_address() != null) {
        ipAddress.appendChild(doc.createTextNode(host.getIp_address()));
      }
      Element hostname = doc.createElement("hostname");
      if (host.getHostname() != null) {
        hostname.appendChild(doc.createTextNode(host.getHostname()));
      }
      Element netbios = doc.createElement("netbios-name");
      if (host.getNetbios_name() != null) {
        netbios.appendChild(doc.createTextNode(host.getNetbios_name()));
      }
      Element os = doc.createElement("operating-system");
      if (host.getOperating_system() != null) {
        os.appendChild(doc.createTextNode(host.getOperating_system()));
      }
      Element macAddress = doc.createElement("mac-address");
      if (host.getMac_address() != null) {
        macAddress.appendChild(doc.createTextNode(host.getMac_address()));
      }
      Element portnumber = doc.createElement("portnumber");
      if (host.getPortnumber() != null) {
        portnumber.appendChild(doc.createTextNode(host.getPortnumber()));
      }
      Element protocol = doc.createElement("protocol");
      if (host.getProtocol() != null) {
        protocol.appendChild(doc.createTextNode(host.getProtocol()));
      }

      Element note = doc.createElement("note");
      if (host.getNotes() != null) {
        Note n = host.getNotes();
        note.appendChild(doc.createTextNode(b64.encodeAsString(n.getNote_text().getBytes())));
      }

      // Append them to the affected Host node
      affectedHost.appendChild(ipAddress);
      affectedHost.appendChild(hostname);
      affectedHost.appendChild(netbios);
      affectedHost.appendChild(os);
      affectedHost.appendChild(macAddress);
      affectedHost.appendChild(portnumber);
      affectedHost.appendChild(protocol);
      affectedHost.appendChild(note);

      // Add that host to the affected hosts node
      affectedHosts.appendChild(affectedHost);
    }

    vulnElement.appendChild(vulnTitle);
    vulnElement.appendChild(identifiersElement);
    vulnElement.appendChild(vulnDescription);
    vulnElement.appendChild(vulnRecommendation);
    vulnElement.appendChild(vulnReferences);
    vulnElement.appendChild(affectedHosts);
    return vulnElement;
  }