71 lines
No EOL
1.7 KiB
Ruby
71 lines
No EOL
1.7 KiB
Ruby
module KennaKdi
|
|
class VulnGenerator
|
|
attr_accessor :cve_data_path
|
|
|
|
def initialize(cve_data_path)
|
|
# path to a directory of json.gz nvd files for CveReport class
|
|
@cve_data_path = cve_data_path
|
|
end
|
|
|
|
def vulns(vulns_and_vuln_defs)
|
|
vulns_and_vuln_defs.flat_map do |vdata|
|
|
vdata[:vuln]
|
|
end
|
|
end
|
|
|
|
def vuln_defs(vulns_and_vuln_defs)
|
|
vulns_and_vuln_defs.flat_map do |vdata|
|
|
vdata[:vuln_def]
|
|
end
|
|
end
|
|
|
|
def multiple_vulns(num_of_vulns)
|
|
num_of_vulns.times.map { random_vuln_and_vuln_def }
|
|
end
|
|
|
|
private
|
|
|
|
def random_cve_report
|
|
cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
|
|
CveReport.new(cve_files.sample)
|
|
end
|
|
|
|
def vuln_hash
|
|
scanner_id = Faker::Code.nric
|
|
t = Time.new
|
|
timestamp = t.strftime("%Y-%m-%d %H:%M:%S")
|
|
|
|
{
|
|
"scanner_identifier": scanner_id,
|
|
"scanner_type": "KDI Faker Data",
|
|
"created_at": timestamp,
|
|
"last_seen_at": timestamp,
|
|
"status": "open"
|
|
}
|
|
end
|
|
|
|
def vuln_def_hash(vuln_hash)
|
|
cve_data = random_cve_report
|
|
id = cve_data.cve_ids.sample
|
|
cve = cve_data.cve(id)
|
|
description = cve_data.description(id)
|
|
|
|
{
|
|
"scanner_identifier": vuln_hash[:scanner_identifier],
|
|
"scanner_type": vuln_hash[:scanner_type],
|
|
"cve_identifiers": id,
|
|
"name": "#{vuln_hash[:scanner_identifier]} - #{id}",
|
|
"description": description
|
|
}
|
|
end
|
|
|
|
def random_vuln_and_vuln_def
|
|
# spit out a pair of vuln/vuln_def hashes
|
|
vuln = vuln_hash
|
|
{
|
|
"vuln": vuln,
|
|
"vuln_def": vuln_def_hash(vuln)
|
|
}
|
|
end
|
|
end
|
|
end |