kennasecurity / all_samples Goto Github PK

When processing an asset tag csv with multiple threads, there can occur times when one thread open the log for writing, another thread also opens the file for writing, the first thread closes the file, and the second thread attempts to write to the (now closed) file - raising EBADF or a stream closed error.

An easy "fix" use Logger on a single file opened once outside the block creating threads, closed once via an ensure at the end of the block. This will possibly not enforce in-order logging (two threads might mix their lines and the log would be corrupt, but the program will run). I believe the open/close can be lifted out of the thread code to here: https://github.com/KennaPublicSamples/All_Samples/blob/updates_branch/kenna-asset-tagger/kenna-asset-tagger_mt.rb#L319-L321

Better to find a standard thread safe logging option - or use a thread local log output file, and splice them if needed after the execution.

Usage:

kenna-guardium-upload.rb cust_field_id1 cust_field_id2 cust_field_id3 cust_field_id4

Should be

kenna-zap-upload.rb cust_field_id1 cust_field_id2 cust_field_id3 cust_field_id4

Tested on:

This script will no longer work for the majority of customers on September 1st when Kenna roles out multiple roles per user functionality. "role" field will need to change to "roles", and role names will need to be passed as part of an array. I suggest creating a legacy version of the script for customers without MRPU, while updating the default script to use MRPU by default

Traceback (most recent call last):
2: from csv_extract_with_details.rb:172:in <main>' 1: from csv_extract_with_details.rb:160:in get_bulk_assets'
csv_extract_with_details.rb:160:in `delete': no implicit conversion of nil into String (TypeError)

Hello,

I am trying to run the script un the /asset_priority_by_risk_meter/ folder and getting the following error message. Can you help me how to fix this issue?

$ ruby kenna-priority-by-risk-meter.rb $KENNA_TOKEN rm_meters_meta.csv  rmid priority
Currently processing page 1 of 12
Currently processing page 1 of 1
made it to bulk update
https://api.kennasecurity.com/assets/bulk
made it to bulk update
https://api.kennasecurity.com/assets/bulk
{"assets_updated"=>19}
kenna-priority-by-risk-meter.rb:266:in `rescue in block (3 levels) in <main>': uninitialized constant RestClient::TooManyRequests (NameError)
        from kenna-priority-by-risk-meter.rb:223:in `block (3 levels) in <main>'
$

I am using the tested ruby version on my server

$ ruby --version
ruby 2.0.0p648 (2015-12-16) [x86_64-linux]

I'm trying to run the KDI generic transformed script.

My csv has the following fields:
artifact,date,fixedVersion,installedVersion,Vuln Description,resource,CVSS,severity,CVE,Vuln Name

I have edited default_meta as follows

However, on execution fails:

[~]$ ruby csv_KDI_json.rb vuln_parsed.csv has_header? default_meta.csv skip_autoclose? output.json assets_only? domain_suffix?
Traceback (most recent call last):
3: from csv_KDI_json.rb:223:in '<main>'
2: from /usr/share/ruby/csv.rb:1319:in 'parse'
1: from /usr/share/ruby/csv.rb:1764:in 'each'
csv_KDI_json.rb:231:in 'block in <main>': no implicit conversion of String into Integer (TypeError)

How do I create a vulnerability in a way that doesn't require uploading files? Thanks!

Hello. This code allows me to include vulnerabilities with only open vulnerabilities. How do I enable it to allow closed vulnerabilities or all vulnerabilities?

The documentation for the script says that the script will grab all risk meters if a meter list csv is not provided. This isn't currently working. The API response for all risk meters comes in as an array instead of a hash (asset_groups:[] vs asset_group:{}). To support this the array for all risk meters would need to be mapped into hashes. Alternatively, the documentation could be updated to require a meter list to be provided. I would also note that many customers have a large number of risk meters and would require pagination support to be added to the script to work as intended

Hi
I was going through this
https://github.com/KennaSecurity/All_Samples/tree/master/postman
Json file. And realised that it is missing response definition. Is there more accurate json/yaml spec somewhere?
Thanks
Sm

Checkmarx identifies many vulnerability categories which have no mapping to WASC id. The script stops if the mapping is not found hard-coded dictionary in the script. How to deal with such situation? I have Checkmarx scan results with CWE ids which are not mapped to WASC id.