Skip to content

Commit

Permalink
RustyHog: improve description and file_path
Browse files Browse the repository at this point in the history
  • Loading branch information
valentijnscholten committed Dec 17, 2024
1 parent 81e650c commit 094c350
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 8 deletions.
26 changes: 18 additions & 8 deletions dojo/tools/rusty_hog/parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -76,12 +76,17 @@ def __getitem(self, vulnerabilities, scanner):
found_secret_string = ""
cwe = 200
for vulnerability in vulnerabilities:
description = ""
if vulnerability.get("reason") is not None:
description += "\n**Reason:** {}".format(
vulnerability.get("reason"),
)
if scanner == "Rusty Hog":
break
if scanner == "Choctaw Hog":
"""Choctaw Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or "")
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("commit") is not None:
description += "\n**Commit message:** {}".format(
vulnerability.get("commit"),
Expand Down Expand Up @@ -116,8 +121,8 @@ def __getitem(self, vulnerabilities, scanner):
)
elif scanner == "Duroc Hog":
"""Duroc Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or "")
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("path") is not None:
description += "\n**Path of Issue:** {}".format(
vulnerability.get("path"),
Expand All @@ -132,8 +137,8 @@ def __getitem(self, vulnerabilities, scanner):
)
elif scanner == "Gottingen Hog":
"""Gottingen Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or "")
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("issue_id") is not None:
description += "\n**JIRA Issue ID:** {}".format(
vulnerability.get("issue_id"),
Expand All @@ -147,8 +152,8 @@ def __getitem(self, vulnerabilities, scanner):
vulnerability.get("url"), vulnerability.get("url"),
)
elif scanner == "Essex Hog":
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or "")
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("page_id") is not None:
description += "\n**Confluence URL:** [{}]({})".format(
vulnerability.get("url"), vulnerability.get("url"),
Expand Down Expand Up @@ -179,10 +184,15 @@ def __getitem(self, vulnerabilities, scanner):
vulnerability.get("issue_id"),
vulnerability.get("location"),
)
if not file_path:
file_path = vulnerability.get("url")
elif scanner == "Essex Hog":
title = "{} found in Confluence Page ID {}".format(
vulnerability.get("reason"), vulnerability.get("page_id"),
)
if not file_path:
file_path = vulnerability.get("url")

# create the finding object
finding = Finding(
title=title,
Expand Down
3 changes: 3 additions & 0 deletions unittests/tools/test_rusty_hog_parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,9 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog(self):
parser = RustyhogParser()
findings = parser.get_items(testfile, "Essex Hog", Test())
self.assertEqual(3, len(findings))
self.assertEqual("https://confluence.com/pages/viewpage.action?pageId=12345", findings[0].file_path)
self.assertEqual("['-----BEGIN EC PRIVATE KEY-----']", findings[0].payload)
self.assertEqual("**Reason:** SSH (EC) private key", findings[0].description[:32])

def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog_content(self):
with open("unittests/scans/rusty_hog/essexhog_many_vulns.json", encoding="utf-8") as testfile:
Expand Down

0 comments on commit 094c350

Please sign in to comment.