Display metasploit module information for each detected CVE-IDs (#1011)

* add metasploit * fix go deps * fix msf report * fix msfdb server port number * delete non-unique msfdb url from fulltext report * fix(report): validate msfdb config on report (#1) * fix(msfdb): update deps (go-msfdb) * version up go-msfdb v0.1.0 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
2020-07-03 14:05:07 +09:00
parent 89f49b0e29
commit 11a7a0c934
15 changed files with 539 additions and 87 deletions
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -346,13 +346,14 @@ func (r ScanResult) FormatTextReportHeadedr() string {
 		buf.WriteString("=")
 	}

-	return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s, %s\n",
+	return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s, %s, %s\n",
 		r.ServerInfo(),
 		buf.String(),
 		r.ScannedCves.FormatCveSummary(),
 		r.ScannedCves.FormatFixedStatus(r.Packages),
 		r.FormatUpdatablePacksSummary(),
 		r.FormatExploitCveSummary(),
+		r.FormatMetasploitCveSummary(),
 		r.FormatAlertSummary(),
 	)
 }
@@ -388,6 +389,17 @@ func (r ScanResult) FormatExploitCveSummary() string {
 	return fmt.Sprintf("%d exploits", nExploitCve)
 }

+// FormatMetasploitCveSummary returns a summary of exploit cve
+func (r ScanResult) FormatMetasploitCveSummary() string {
+	nMetasploitCve := 0
+	for _, vuln := range r.ScannedCves {
+		if 0 < len(vuln.Metasploits) {
+			nMetasploitCve++
+		}
+	}
+	return fmt.Sprintf("%d modules", nMetasploitCve)
+}
+
 // FormatAlertSummary returns a summary of XCERT alerts
 func (r ScanResult) FormatAlertSummary() string {
 	jaCnt := 0