vars

package module
v0.0.0-...-3d1ce1f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2018 License: GPL-3.0 Imports: 8 Imported by: 0

README

VARS

Vulnerability Assessment Reference System

Installing Dependencies

We try to keep a stable development environment. Please use govendor to make sure you have the same version of our external packages.

#Install the govendor tool
go get github.com/kardianos/govendor
#Download the dependencies into the vendoring folder
govendor sync

Documentation

Index

Constants

View Source 
const (
	NameNotAvailable errType
)

Variables

View Source 
var (
	//ErrNoRowsInserted is used when there were not any rows inserted into the table
	ErrNoRowsInserted = errors.New("No rows were inserted")
	//ErrNoRowsUpdated is used when there were not any rows updated in the table
	ErrNoRowsUpdated = errors.New("No rows were updated")
	//ErrNameNotAvailable is used when the provided vulnnerability name is not available
	ErrNameNotAvailable = errors.New("The provided vulnerability name is not available")
	//ErrUknownType is used for the default case of the type switch
	ErrUnknownType = errors.New("The interface type is not supported")
	//ErrGenericVars is used when the error is too generic
	ErrGenericVars = errors.New("Something went wrong")
)

Functions

func CloseDB 

func CloseDB(db *sql.DB)

CloseDB is a way to close connections to the database safely

func ConnectDB 

func ConnectDB(conf *Config) (*sql.DB, error)

ConnectDB establishes a connection to the Postgresql database and returns a pointer to the database handler, as well as any errors encountered.

func GetClosedVulnIDs 

func GetClosedVulnIDs() (*[]int64, error)

GetClosedVulnIDs returns a pointer to a slice of vulnerability IDs that have a mitigated date.

func GetCves 

func GetCves(vid int64) (*[]string, error)

GetCves returns a pointer to a slice of cves associated with the vulnid.

func GetEmpID 

func GetEmpID(username string) (int64, error)

GetEmpID returns the empid associated with the employee.

func GetEmpIDtx 

func GetEmpIDtx(tx *sql.Tx, username string) (int64, error)

GetEmpIDtx returns the empid associated with the employee.

func GetExploit 

func GetExploit(vid int64) (VarsNullString, VarsNullBool, error)

GetExploit returns the row from the exploits table for the given vulnid.

func GetNoteAuthor 

func GetNoteAuthor(noteid int64) (int64, error)

GetNoteAuthor returns the empid of the author of the note.

func GetOpenVulnIDs 

func GetOpenVulnIDs() (*[]int64, error)

GetOpenVulnIDs returns a pointer to a slice of vulnerability IDs that do not have a mitigated date.

func GetReferences 

func GetReferences(vid int64) (*[]string, error)

GetReferences returns a pointer to a slice of urls associated with the vulnid.

func GetSystemID 

func GetSystemID(sysname string) (int64, error)

GetSystemID returns the sysid associated with the sysname.

func GetSystemIDtx 

func GetSystemIDtx(tx *sql.Tx, sysname string) (int64, error)

GetSystemIDtx returns the sysid associated with the sysname.

func GetTickets 

func GetTickets(vid int64) (*[]string, error)

GetTickets returns a pointer to a slice of tickets associated with the vulnid.

func GetVulnID 

func GetVulnID(vname string) (int64, error)

GetVulnID returns the vulnid associated with the vname.

func GetVulnIDtx 

func GetVulnIDtx(tx *sql.Tx, vulnname string) (int64, error)

GetVulnIDtx returns the vulnid associated with the vname.

func InsertDates 

func InsertDates(tx *sql.Tx, vid int64, ini time.Time, pub, mit VarsNullTime) error

InsertDates inserts the dates published, initiated, and mitigated.

func InsertEmployee 

func InsertEmployee(tx *sql.Tx, first, last, email, username string, level int) error

InsertEmployee inserts the employee's first name, last name, and email.

func InsertExploit 

func InsertExploit(tx *sql.Tx, vid int64, exploitable bool, exploit string) error

InsertExploit inserts a row into the exploits table for vulnid

func InsertImpact 

func InsertImpact(tx *sql.Tx, vid int64, cvss, corpscore float32, cvsslink VarsNullString) error

InsertImpact inserts the CVSS score, Corpscore, and CVSSlink.

func InsertVulnerability 

func InsertVulnerability(tx *sql.Tx, vname string, finder, initiator int64, summary, test, mitigation string) error

InsertVulnerability will insert a new row into the vuln table.

func IsNameNotAvailableError 

func IsNameNotAvailableError(err error) bool

IsNameNotAvailableError returns true if the error is caused by name not being available

func IsNilErr 

func IsNilErr(e interface{}) bool

IsNilErr type asserts the provided error (error, Err, Errs) and returns true if the error is nil, false otherwise.

func IsNoRowsError 

func IsNoRowsError(err error) bool

IsNoRowsError returns true if the error is caused by no rows being effected

func IsVulnOpen 

func IsVulnOpen(vid int64) (bool, error)

IsVulnOpen returns true if the Vulnerability associated with the passed ID is still open, false otherwise.

func NameIsAvailable 

func NameIsAvailable(obj, name string) (bool, error)

NameIsAvailable returns true if the vulnerability name is available, false otherwise.

func ReadConfig 

func ReadConfig(config string) (err error)

ReadConfig reads the configurations (specified in JSON format) into the Conf variable (type Config).

func SetCves 

func SetCves(tx *sql.Tx, vuln *Vulnerability) error

SetCves inserts entries into the cves table for all cves in the slice.

func SetExploit 

func SetExploit(tx *sql.Tx, vuln *Vulnerability) error

SetExploit inserts an entry into the exploits table if the exploit string isn't zero valued.

func SetReferences 

func SetReferences(tx *sql.Tx, vuln *Vulnerability) error

SetReferences inserts entries into the ref table for all URLs in the slice.

func SetTickets 

func SetTickets(tx *sql.Tx, vuln *Vulnerability) error

SetTickets inserts entries into the tickets table for all ticket ID's in the slice.

Types

type Affected 

type Affected struct {
	Sys       System
	Mitigated bool
}

Affected holds a system and whether is has been patched/mitigated for the vulnerability. The vulnerability object will hold a slice of these.

func GetAffected 

func GetAffected(vid int64) ([]*Affected, error)

GetAffected returns a slice of pointers to Affected objects.

type Config 

type Config struct {
	Host string
	Port string
	User string
	Pass string
	Name string
}

Config holds the configuration options for VARS. 

var Conf Config

Conf will hold the VARS configuration.

type Employee 

type Employee struct {
	ID        int64
	FirstName string
	LastName  string
	Email     string
	UserName  string
	Level     int
}

Employee holds information about an employee

func GetEmployee 

func GetEmployee(eid int64) (*Employee, error)

GetEmployee returns an Employee object with the given empid.

func GetEmployees 

func GetEmployees() ([]*Employee, error)

GetEmployees returns a slice of pointers to Employee objects.

type Err 

type Err struct {
	// contains filtered or unexported fields
}

Err is an error that occured inside the vars package

func DeleteAffected 

func DeleteAffected(tx *sql.Tx, vid, sid int64) Err

DeleteAffected deletes the row in the affected table with the given vulnid and sysid.

func DeleteCve 

func DeleteCve(tx *sql.Tx, vid int64, cve string) Err

DeleteCve deletes the row in the cves table with the given vulnid and cve.

func DeleteDates 

func DeleteDates(tx *sql.Tx, vid int64) Err

DeleteDates deletes the row in the dates table with the given vulnid.

func DeleteExploit 

func DeleteExploit(tx *sql.Tx, vid int64) Err

DeleteExploit deletes the row in the exploits table with the given vulnid.

func DeleteImpact 

func DeleteImpact(tx *sql.Tx, vid int64) Err

DeleteImpact deletes the row in the impact table with the given vulnid.

func DeleteNote 

func DeleteNote(tx *sql.Tx, noteid int64) Err

DeleteNote deletes the row in the notes table with the given noteid.

func DeleteRef 

func DeleteRef(tx *sql.Tx, vid int64, ref string) Err

DeleteRef deletes the row in the ref table with the given vulnid and url.

func DeleteSystem 

func DeleteSystem(tx *sql.Tx, sid int64) Err

DeleteSystem deletes the row in the systems table with the given sysid.

func DeleteSystemFromAffected 

func DeleteSystemFromAffected(tx *sql.Tx, sid int64) Err

DeleteSystemFromAffected deletes the rows in the affected table with the given sysid.

func DeleteTicket 

func DeleteTicket(tx *sql.Tx, vid int64, ticket string) Err

DeleteTicket deletes the row in the tickets table with the given vulnid and ticket.

func DeleteVulnerability 

func DeleteVulnerability(tx *sql.Tx, vid int64) Err

DeleteVulnerability deletes the row in the vuln table with the given vulnid.

func InsertAffected 

func InsertAffected(tx *sql.Tx, vid, sid int64, mitigated bool) Err

InsertAffected will insert a new row into the affected table with key (vid, sid).

func InsertCve 

func InsertCve(tx *sql.Tx, vid int64, cve string) Err

InsertCve will insert a new row into the cves table with key (vid, cve).

func InsertNote 

func InsertNote(tx *sql.Tx, vid, eid int64, note string) Err

InsertNote inserts the vulnid, empid, date added, and note.

func InsertRef 

func InsertRef(tx *sql.Tx, vid int64, url string) Err

InsertRef will insert a new row into the ref table with key (vid, url).

func InsertSystem 

func InsertSystem(tx *sql.Tx, sys *System) Err

InsertSystem will add a new system to the database.

func InsertTicket 

func InsertTicket(tx *sql.Tx, vid int64, ticket string) Err

InsertTicket will insert a new row into the ticket table with key (vid, ticket).

func NewErr 

func NewErr(errT errType, parents ...string) Err

func UpdateAffected 

func UpdateAffected(tx *sql.Tx, vid, sid int64, mit bool) Err

UpdateAffected will update the mitigated status for (vid, sid).

func UpdateCorpScore 

func UpdateCorpScore(tx *sql.Tx, vid int64, cscore float32) Err

UpdateCorpScore will update the corporate score for the given vulnerability ID.

func UpdateCve 

func UpdateCve(tx *sql.Tx, vid int64, oldCve, newCve string) Err

UpdateCve will update the CVE associated with the (vulnid, oldCve) row to newCve.

func UpdateCvss 

func UpdateCvss(tx *sql.Tx, vid int64, cvss float32) Err

UpdateCvss will update the CVSS score for the given vulnerability ID. 

func UpdateCvssLink(tx *sql.Tx, vid int64, cvssLink VarsNullString) Err

UpdateCvssLink will update the link to the CVSS score for the given vulnerability ID.

func UpdateEmpEmail 

func UpdateEmpEmail(tx *sql.Tx, eid int64, email string) Err

UpdateEmpEmail will update the email of the employee with the given ID.

func UpdateEmpFname 

func UpdateEmpFname(tx *sql.Tx, eid int64, name string) Err

UpdateEmpFname will update the first name of the employee with the given ID.

func UpdateEmpLevel 

func UpdateEmpLevel(tx *sql.Tx, eid int64, level int) Err

UpdateEmpLevel will update the level of the employee with the given ID.

func UpdateEmpLname 

func UpdateEmpLname(tx *sql.Tx, eid int64, name string) Err

UpdateEmpLname will update the last name of the employee with the given ID.

func UpdateEmpUname 

func UpdateEmpUname(tx *sql.Tx, eid int64, uname string) Err

UpdateEmpUname will update the username of the employee with the given ID.

func UpdateExploit 

func UpdateExploit(tx *sql.Tx, vid int64, exploit string) Err

UpdateExploit will update the exploit and the exploitable column for the given vulnerability ID. To set the exploitable column to false and have a NULL value for the exploits column, pass in an empty string to exploit.

func UpdateExploitable 

func UpdateExploitable(tx *sql.Tx, vid int64, exploitable bool) Err

UpdateExploitable will update the exploitable boolean for vulnid.

func UpdateFinder 

func UpdateFinder(tx *sql.Tx, vid, finder int64) Err

UpdateFinder will update the finder for the given vulnerability ID.

func UpdateInitDate 

func UpdateInitDate(tx *sql.Tx, vid int64, initDate time.Time) Err

UpdateInitDate will update the date that the vulnerability assessment was initiated for the given vulnerability ID.

func UpdateInitiator 

func UpdateInitiator(tx *sql.Tx, vid, initiator int64) Err

UpdateInitiator will update the initiator for the given vulnerability ID.

func UpdateMitDate 

func UpdateMitDate(tx *sql.Tx, vid int64, mitDate VarsNullTime) Err

UpdateMitDate will update the date that the vulnerability assessment was mitigated for the given vulnerability ID. To set the mitigation date to NULL, pass in an empty string for mitDate.

func UpdateMitigation 

func UpdateMitigation(tx *sql.Tx, vid int64, mit string) Err

UpdateMitigation will update the mitigation associated with the vulnerability ID.

func UpdateNote 

func UpdateNote(tx *sql.Tx, nid int64, note string) Err

UpdateNote will update the note and added date for the given noteid.

func UpdatePubDate 

func UpdatePubDate(tx *sql.Tx, vid int64, pubDate VarsNullTime) Err

UpdatePubDate will update the date that the vulnerability was published for the given vulnerability ID. To set the published date to NULL, pass in an empty string for pubDate.

func UpdateRefers 

func UpdateRefers(tx *sql.Tx, vid int64, oldURL, newURL string) Err

UpdateRefers will update the url associated with the (vid, oldURL) row to newURL.

func UpdateSummary 

func UpdateSummary(tx *sql.Tx, vid int64, summary string) Err

UpdateSummary will update the summary associated with the vulnerability ID.

func UpdateSysDesc 

func UpdateSysDesc(tx *sql.Tx, sid int64, desc string) Err

UpdateSysDesc will update the description associated with the sysid.

func UpdateSysLoc 

func UpdateSysLoc(tx *sql.Tx, sid int64, loc string) Err

UpdateSysLoc will update the location associated with the sysid.

func UpdateSysName 

func UpdateSysName(tx *sql.Tx, sid int64, name string) Err

UpdateSysName will update the name associated with the sysid.

func UpdateSysOS 

func UpdateSysOS(tx *sql.Tx, sid int64, os string) Err

UpdateSysOS will update the OS associated with the sysid.

func UpdateSysState 

func UpdateSysState(tx *sql.Tx, sid int64, state string) Err

UpdateSysState will update the state associated with the sysid.

func UpdateSysType 

func UpdateSysType(tx *sql.Tx, sid int64, stype string) Err

UpdateSysType will update the type associated with the sysid.

func UpdateTest 

func UpdateTest(tx *sql.Tx, vid int64, test string) Err

UpdateTest will update the test associated with the vulnerability ID.

func UpdateTicket 

func UpdateTicket(tx *sql.Tx, vid int64, oldTicket, newTicket string) Err

UpdateTicket will update the ticket associated with the (vid, oldTicket) row to newTicket.

func UpdateVulnName 

func UpdateVulnName(tx *sql.Tx, vid int64, vname string) Err

UpdateVulnName will update the vulnerability's name.

func (Err) Error 

func (e Err) Error() string

Error impliments the error interface

func (Err) IsNameNotAvailableError 

func (e Err) IsNameNotAvailableError() bool

IsNameNotAvailableError returns true if the error is caused by name not being available

func (Err) IsNoRowsError 

func (e Err) IsNoRowsError() bool

IsNoRowsError returns true if the error is caused by no rows being effected

type Errs 

type Errs []Err

Errs is a list of our errors making it easier to pass as a single paramenter and easier consumption

func (Errs) Error 

func (es Errs) Error() string

type Note 

type Note struct {
	ID     int64
	VulnID int64
	EmpID  int64
	Added  time.Time
	Note   string
}

Note holds the imformation about a note

func GetNotes 

func GetNotes(vid int64) ([]*Note, error)

GetNotes returns a slice of pointers to note objects.

type System 

type System struct {
	ID          int64
	Name        string
	Type        string // Server, router, switch, etc
	OpSys       string
	Location    string // Corporate, hosted, etc
	Description string
	State       string // Active or inactive
}

System holds information about systems in the environment.

func GetSystem 

func GetSystem(sid int64) (*System, error)

GetSystem returns a system struct matching the given systemID.

func GetSystems 

func GetSystems() ([]*System, error)

GetSystems returns a pointer to a slice of System types representing all systems.

func GetSystemsByState 

func GetSystemsByState(state string) ([]*System, error)

GetSystemsByState returns a pointer to a slice of System types representing the systems that are currently 'state'.

type VarsNullBool 

type VarsNullBool struct {
	sql.NullBool
}

VarsNullBool holds a sql.NullBool. Needed for marshaling/unmarshaling.

func (VarsNullBool) MarshalJSON 

func (v VarsNullBool) MarshalJSON() ([]byte, error)

MarshalJSON will marshal the string if it is valid.

func (*VarsNullBool) UnmarshalJSON 

func (v *VarsNullBool) UnmarshalJSON(data []byte) error

UnmarshalJSON will unmarshal the string if it is valid and set valid to true, otherwise valid is set to false.

type VarsNullString 

type VarsNullString struct {
	sql.NullString
}

VarsNullString holds a sql.NullString. Needed for marshaling/unmarshaling.

func GetImpact 

func GetImpact(vid int64) (float32, VarsNullString, float32, error)

GetImpact returns the row from the impact table for the given vulnid.

func ToVarsNullString 

func ToVarsNullString(s string) VarsNullString

ToVarsNullString creates a VarsNullString from a string.

func (VarsNullString) MarshalJSON 

func (v VarsNullString) MarshalJSON() ([]byte, error)

MarshalJSON will marshal the string if it is valid.

func (*VarsNullString) UnmarshalJSON 

func (v *VarsNullString) UnmarshalJSON(data []byte) error

UnmarshalJSON will unmarshal the string if it is valid and set valid to true, otherwise valid is set to false.

type VarsNullTime 

type VarsNullTime struct {
	pq.NullTime
}

VarsNullTime holds a pq.NullTime. Needed for marshaling/unmarshaling.

func (VarsNullTime) MarshalJSON 

func (v VarsNullTime) MarshalJSON() ([]byte, error)

MarshalJSON will marshal the time if it is valid.

func (*VarsNullTime) UnmarshalJSON 

func (v *VarsNullTime) UnmarshalJSON(data []byte) error

UnmarshalJSON will unmarshal the time if it is valid and set valid to true, otherwise valid is set to false.

type VulnDates 

type VulnDates struct {
	Published VarsNullTime // Date the vulnerability was made public
	Initiated time.Time    // Date the vulnerability assessment was started
	Mitigated VarsNullTime // Date the vulnerability was mitigated on all systems
}

VulnDates holds the different dates relating to the vulnerability.

func GetVulnDates 

func GetVulnDates(vid int64) (*VulnDates, error)

GetVulnDates returns a VulnDates object with the dates row associated with the vulnid.

type Vulnerability 

type Vulnerability struct {
	ID          int64
	Name        string
	Cves        []string
	Cvss        float32        // CVSS score
	CorpScore   float32        // Calculated corporate score
	CvssLink    VarsNullString // Link to CVSS scoresheet
	Finder      int64          // Employee that found the vulnerability
	Initiator   int64          // Employee that started the vulnerability assessment
	Summary     string
	Test        string // Test to see if system has this vulnerability
	Mitigation  string
	Dates       VulnDates      // The dates associated with the vulnerability
	Tickets     []string       // Tickets relating to the vulnerability
	References  []string       // Reference URLs
	Exploit     VarsNullString // Exploit for the vulnerability
	Exploitable VarsNullBool   // Are there currently exploits for the vulnerability
	AffSystems  []*Affected    // Affected systems and whether they have been mitigated
}

Vulnerability holds information about a discovered vulnerability and the vulnerability assessment.

func GetVulnerabilities 

func GetVulnerabilities() ([]*Vulnerability, error)

GetVulnerabilities returns a slice of pointers to Vulnerability objects. These objects will ONLY have the content from the vuln table in them. The id can then be passed into the other GetXYZ functions to retrieve the other parts of the vulnerability.

func GetVulnerability 

func GetVulnerability(vid int64) (*Vulnerability, error)

GetVulnerability returns a Vulnerability object for the given vulnid.

Source Files

View all Source files

Directories

Path Synopsis
cmd
varsweb
pkg
varsapi
plugin
ldap
report/initCount
report/vaStats
test
dummy

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.