Merge pull request #8 from Ostorlab/improve_reporting

Improve openvas reporting.
Ostorlab · Mar 8, 2022 · f368a80 · f368a80
2 parents d3256d9 + 34f8d06
commit f368a80
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 22 deletions.
diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml
@@ -18,7 +18,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.8", "3.9", "3.10"]
+        python-version: ["3.9"]
 
     steps:
     - uses: actions/checkout@v2

diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml
@@ -18,7 +18,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.8", "3.9", "3.10"]
+        python-version: ["3.9"]
 
     steps:
     - uses: actions/checkout@v2

diff --git a/agent/openvas_agent.py b/agent/openvas_agent.py
@@ -26,6 +26,7 @@
 WAIT_VT_LOAD = 30
 CSV_PATH_OUTPUT = '/tmp/csvFilePath.csv'
 
+
 def _severity_map(severity: str) -> agent_report_vulnerability_mixin.RiskRating:
     if severity == 'log':
         return agent_report_vulnerability_mixin.RiskRating.INFO
@@ -85,13 +86,16 @@ def _process_results(self):
         with open(CSV_PATH_OUTPUT, encoding='UTF-8') as csv_file:
             line_results = csv.DictReader(csv_file)
             for line_result in line_results:
+                detail = line_result.get('Specific Result', '')
+                detail += '\n'
+                detail += f'```json\n{json.dumps(line_result, indent=4, sort_keys=True)}\n```'
                 self.report_vulnerability(
                     entry=kb.Entry(
-                        title='openvas',
+                        title=line_result.get('NVT Name', 'OpenVas Finding'),
                         risk_rating=_severity_map(line_result.get('severity', 'INFO').lower()).name,
                         cvss_v3_vector=line_result.get('CVSS', ''),
-                        short_description=line_result.get('Vulnerability Detection Method', ''),
-                        description=line_result.get('Summary', ''),
+                        short_description=line_result.get('Summary', ''),
+                        description=line_result.get('Summary', '') + line_result.get('Vulnerability Insight', ''),
                         recommendation=line_result.get('Solution', ''),
                         references={},
                         security_issue=True,
@@ -101,7 +105,7 @@ def _process_results(self):
                         targeted_by_ransomware=False,
                         targeted_by_nation_state=False
                     ),
-                    technical_detail=f'```json\n{json.dumps(line_result, indent=4, sort_keys=True)}\n```',
+                    technical_detail=detail,
                     risk_rating=_severity_map(line_result.get('severity', 'INFO').lower()))
 
 

diff --git a/tests/openvas_agent_test.py b/tests/openvas_agent_test.py
@@ -2,13 +2,14 @@
 import json
 
 from ostorlab.agent import definitions as agent_definitions
-from ostorlab.runtimes import definitions as runtime_definitions
-from ostorlab.utils import defintions as utils_definitions
 from ostorlab.agent.kb import kb
 from ostorlab.agent.mixins import agent_report_vulnerability_mixin
+from ostorlab.runtimes import definitions as runtime_definitions
+from ostorlab.utils import defintions as utils_definitions
 
 from agent import openvas_agent
 
+
 def testAgentOpenVas_whenBinaryAvailable_RunScan(scan_message, mocker):
     """Tests running the agent and parsing the json output."""
     definition = agent_definitions.AgentDefinition(
@@ -22,10 +23,10 @@ def testAgentOpenVas_whenBinaryAvailable_RunScan(scan_message, mocker):
             utils_definitions.Arg(name='reporting_engine_base_url', type='str', value=b'https://toto.ostorlab.co/test'),
             utils_definitions.Arg(name='reporting_engine_token', type='str', value=b'123456')],
         healthcheck_port=5301)
-    mocker.patch('agent.openvas.OpenVas.start_scan',return_value='hduzehfuhehfuhef')
-    mocker.patch('agent.openvas.OpenVas.wait_task',return_value=None)
+    mocker.patch('agent.openvas.OpenVas.start_scan', return_value='hduzehfuhehfuhef')
+    mocker.patch('agent.openvas.OpenVas.wait_task', return_value=None)
     with open('tests/openvas_result.csv', 'r', encoding='UTF-8') as f:
-        mocker.patch('agent.openvas.OpenVas.get_results',return_value=f.read())
+        mocker.patch('agent.openvas.OpenVas.get_results', return_value=f.read())
         mock_report_vulnerability = mocker.patch('agent.openvas_agent.OpenVasAgent.report_vulnerability',
                                                  return_value=None)
         test_agent = openvas_agent.OpenVasAgent(definition, settings)
@@ -38,15 +39,15 @@ def testAgentOpenVas_whenBinaryAvailable_RunScan(scan_message, mocker):
                   'Affected Software/OS': '', 'Vulnerability Insight': '', 'Vulnerability Detection Method': '',
                   'Product Detection Result': '', 'BIDs': '', 'CERTs': '', 'Other References': ''}
 
-        mock_report_vulnerability.assert_called_with(entry= kb.Entry(title='openvas', risk_rating='INFO',
-                                                                     references={}, short_description='',
-                                                                     description='', recommendation='',
-                                                                     security_issue=True, privacy_issue=False,
-                                                                     has_public_exploit=False,
-                                                                     targeted_by_malware=False,
-                                                                     targeted_by_ransomware=False,
-                                                                     targeted_by_nation_state=False,
-                                                                     cvss_v3_vector=''),
-                                                     risk_rating= agent_report_vulnerability_mixin.RiskRating.INFO,
+        mock_report_vulnerability.assert_called_with(entry=kb.Entry(title='', risk_rating='INFO',
+                                                                    references={}, short_description='',
+                                                                    description='', recommendation='',
+                                                                    security_issue=True, privacy_issue=False,
+                                                                    has_public_exploit=False,
+                                                                    targeted_by_malware=False,
+                                                                    targeted_by_ransomware=False,
+                                                                    targeted_by_nation_state=False,
+                                                                    cvss_v3_vector=''),
+                                                     risk_rating=agent_report_vulnerability_mixin.RiskRating.INFO,
                                                      technical_detail=
-                                                     f'```json\n{json.dumps(output, indent=4, sort_keys=True)}\n```')
+                                                     f'\n```json\n{json.dumps(output, indent=4, sort_keys=True)}\n```')