From 0425adacb6f81b828a429ddc2cd8df4fb2e5a137 Mon Sep 17 00:00:00 2001 From: Jeff Odegard <42775175+JeffOdegard@users.noreply.github.com> Date: Wed, 23 Jan 2019 09:20:02 -0700 Subject: [PATCH] Bug fixes for Nessus and Nmap parsers Nessus was not assigning checklists to Oracle Solaris 11 for Sparc architectures. Nmap was not correctly identifying normal text output files (.nmap) --- exec/parse_nessus.php | 3 ++- exec/parse_nmap.php | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/exec/parse_nessus.php b/exec/parse_nessus.php index 255e2b4..b53d14f 100644 --- a/exec/parse_nessus.php +++ b/exec/parse_nessus.php @@ -148,7 +148,8 @@ class nessus_parser extends scan_xml_parser "cpe:\/o:microsoft:windows_2003_server::sp([\d]).*" => "cpe:/o:microsoft:windows_2003_server:-:sp$1", "cpe:\/o:microsoft:windows_server_2008:r2::x64.*" => "cpe:/o:microsoft:windows_server_2008:r2", "cpe:\/o:redhat:enterprise_linux:([\d]+)::.*" => "cpe:/o:redhat:enterprise_linux:$1", - "cpe:\/o:sun:sunos:([\d]+)::x([\d]+).*" => "cpe:/o:oracle:solaris:$1", + "cpe:\/o:sun:sunos:([\d]+)::.*" => "cpe:/o:oracle:solaris:$1", + "cpe:\/o:vmware:esx_server.*" => "cpe:/o:vmware:esxi:5.0", "cpe:\/o:centos:centos:([\d]+).*" => "cpe:/o:centos:centos:$1", ]; diff --git a/exec/parse_nmap.php b/exec/parse_nmap.php index 7040468..2b37dfd 100644 --- a/exec/parse_nmap.php +++ b/exec/parse_nmap.php @@ -22,6 +22,7 @@ * - Nov 7, 2016 - Added d parameter documentation * - Dec 7, 2016 - Added check for "Interesting ports on {IP}" line * - Jan 30, 2017 - Updated to use parse_config.ini file, and added populating new targets with shortened os software string if available. + * - Jan 21, 2019 - fixed filetype check for .nmap and .gnmap files. */ $cmd = getopt("f:", ['debug::', 'help::']); @@ -94,7 +95,13 @@ foreach ($lines as $line_num => $line) { $line = trim($line, "\t\n\r"); # chomp would be nice... $matches = []; if (!isset($filetype)) { - if (preg_match('/Starting|\-oN/', $line)) { + if (preg_match('/\.nmap/', $cmd['f'])) { + $filetype = "text"; + } + elseif (preg_match('/\.gnmap/', $cmd['f'])) { + $filetype = "grep"; + } + elseif (preg_match('/Starting|\-oN/', $line)) { $filetype = "text"; } elseif (preg_match('/\-oG/', $line)) {