@Override public String getIssueDetail() { return hasVulnerabilities() ? getVulnerableIssue() : getClearIssue(); }
@Override protected IScanIssue getScanIssue(IHttpRequestResponse baseRequestResponse, List<ScannerMatch> matches, List<int[]> startStop) { return new SoftwareIssue(baseRequestResponse, helpers, callbacks, startStop, new Software("", "", "", "", "")); //TODO }
@Override public String getIssueName() { return hasVulnerabilities() ? "[Vulners] Vulnerable Software detected" : "[Vulners] Software detected"; }
@Override public void onFail(JSONObject error) { // update gui component tabComponent.getSoftwareTable().refreshTable(domains, tabComponent.getCbxSoftwareShowVuln().isSelected()); callbacks.addScanIssue(new SoftwareIssue( baseRequestResponse, helpers, callbacks, startStop, domains.get(domainName).getSoftware().get(software.getKey()) )); } });
@Override public String getSeverity() { if (hasVulnerabilities()) { Collection<Double> scores = Collections2.transform( software.getVulnerabilities(), new Function<Vulnerability, Double>() { @Override public Double apply(Vulnerability vulnerability) { return vulnerability.getCvssScore(); } } ); Double maxValue = Ordering.natural().max(scores); if (maxValue > 7) { return ScanIssueSeverity.HIGH.getName(); } else if (maxValue > 4) { return ScanIssueSeverity.MEDIUM.getName(); } return ScanIssueSeverity.LOW.getName(); } return ScanIssueSeverity.INFO.getName(); }
@Override public void onScannerSuccess(Set<Vulnerability> vulnerabilities) { for (Vulnerability vulnerability : vulnerabilities) { // update cache domains.get(domainName) .getSoftware() .get(software.getKey()) .getVulnerabilities() .add(vulnerability); } // update gui component tabComponent.getSoftwareTable().refreshTable(domains, tabComponent.getCbxSoftwareShowVuln().isSelected()); // add Burp issue callbacks.addScanIssue(new SoftwareIssue( baseRequestResponse, helpers, callbacks, startStop, domains.get(domainName).getSoftware().get(software.getKey()) )); }