Display metasploit module information for each detected CVE-IDs (#1011)

* add metasploit * fix go deps * fix msf report * fix msfdb server port number * delete non-unique msfdb url from fulltext report * fix(report): validate msfdb config on report (#1) * fix(msfdb): update deps (go-msfdb) * version up go-msfdb v0.1.0 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
2020-07-03 14:05:07 +09:00
parent 89f49b0e29
commit 11a7a0c934
15 changed files with 539 additions and 87 deletions
--- a/report/tui.go
+++ b/report/tui.go
@@ -618,7 +618,7 @@ func summaryLines(r models.ScanResult) string {
 		pkgNames = append(pkgNames, vinfo.LibraryFixedIns.Names()...)

 		exploits := ""
-		if 0 < len(vinfo.Exploits) {
+		if 0 < len(vinfo.Exploits) || 0 < len(vinfo.Metasploits) {
 			exploits = "POC"
 		}

@@ -770,6 +770,21 @@ func setChangelogLayout(g *gocui.Gui) error {
 			}
 		}

+		if len(vinfo.Metasploits) != 0 {
+			lines = append(lines, "\n",
+				"Metasploit Modules",
+				"==================",
+			)
+			for _, module := range vinfo.Metasploits {
+				lines = append(lines, fmt.Sprintf("* %s: %s", module.Name, module.Description))
+				if 0 < len(module.URLs) {
+					for _, u := range module.URLs {
+						lines = append(lines, fmt.Sprintf(" - %s", u))
+					}
+				}
+			}
+		}
+
 		if len(vinfo.AlertDict.En) > 0 {
 			lines = append(lines, "\n",
 				"USCERT Alert",
@@ -822,6 +837,7 @@ type dataForTmpl struct {
 	CveID            string
 	Cvsses           string
 	Exploits         []models.Exploit
+	Metasploits      []models.Metasploit
 	Summary          string
 	Mitigation       string
 	Confidences      models.Confidences