stevecoward / nasl-parser Goto Github PK

Is it possible that only work with Nessus and not with OpenVas files.

When I run with my openvas nasl files, the parser get all the variables empty.

{'attributes': {},
'bugtraq_id': [11071],
'category': 'ACT_GATHER_INFO',
'checks': [],
'copyright': [],
'cve_id': [],
'cvs_date': '',
'cvss3_base_vector': '',
'cvss3_temporal_vector': '',
'cvss_base_vector': '',
'cvss_temporal_vector': '',
'cwe_id': [],
'family': [],
'id': 0,
'name': [],
'osvdb_id': [],
'summary': '',
'version': '',
'xref': {}}

Found an issue with the attribute keys. The following are the different keys that are meant to be the same attribute keys but aren't same due to programmer errors in the NASL files. I added the double quotes to demonstrate the erroneous leading and trailing whitespaces and single quotes.

Everything between the double quotes seems to appear in the keys of the attributes dict, which is not supposed to be the case.

***ATTRIBUTES***
" 'cvss_vector'"
" cvss_vector"
"patch_publication_date "
"'patch_publication_date'"
"patch_publication_date"
" patch_publication_date"
"cpe"
"'cpe'"
" cpe"
"description"
"'description'"
" description"

"vuln_publication_date"
"vuln_publication_date "
"'vuln_publication_date'"

"exploit_framework_metasploit"
"plugin_publication_date"
" plugin_publication_date"
"'plugin_publication_date'"

"solution"
"'solution'"
" solution"

"cvss_score_rationale"
"'cvss_score_rationale'"

"synopsis"
" synopsis"
"'synopsis'"

"cvss_score_source"
"'cvss_score_source'"

"risk_factor"
"'risk_factor'"
" 'risk_factor'"
" risk_factor"

"see_also"
" see_also"
"'see_also'"
" 'see_also'"

"plugin_type"
" plugin_type"
"'plugin_type'"

I've made a change to to GenericDictType class, stripping leading and trailing white spaces and single quotes in that order to fix the issue and it works for the all the plugins published by Tenable in my SecurityCenter.

class GenericDictType(RegexValueFinder):
    def __init__(self, value):
        attributes = {}
        for attribute in value:
            parsed_attribute = attribute.replace(',value', ', value').split(', value:')
            try:
                attributes.update({
                    parsed_attribute[0].split(':')[1].strip().strip("'"): parsed_attribute[1].strip(),
                })
            except:
                pass
        self.values = attributes

Fixed by #4.

Is this library compatible with python3?

Hi, i have difficult to understand how can i use it?
Can you show me an example?

Thanks

Do you have any usage guidelines or examples?