Fixing export

artemis/modules/dalfox.py

@@ -9,12 +9,14 @@
 
 from karton.core import Task
 
+from artemis import load_risk_class
 from artemis.binds import Service, TaskStatus, TaskType
 from artemis.config import Config
 from artemis.module_base import ArtemisBase
 from artemis.task_utils import get_target_url
 
 
+@load_risk_class.load_risk_class(load_risk_class.LoadRiskClass.MEDIUM)
 class DalFox(ArtemisBase):
     """
     Running the Dalfox tool to scan for XSS vulnerabilities."""

artemis/reporting/export/export_data.py

@@ -3,6 +3,7 @@
 from typing import Dict, List, Optional
 
 from artemis.domains import is_domain
+from artemis.reporting.base.language import Language
 from artemis.reporting.base.report import Report
 from artemis.reporting.base.report_type import ReportType
 from artemis.reporting.base.reporters import get_all_reporters
@@ -23,6 +24,7 @@ class SingleTopLevelTargetExportData:
 class ExportData:
     timestamp: datetime.datetime
     tag: Optional[str]
+    language: str
     scanned_top_level_targets: List[str]
     scanned_targets: List[str]
     messages: Dict[str, SingleTopLevelTargetExportData]
@@ -32,6 +34,7 @@ class ExportData:
 def build_export_data(
     previous_reports: List[Report],
     tag: Optional[str],
+    language: Language,
     db: DataLoader,
     custom_template_arguments_parsed: Dict[str, str],
     timestamp: datetime.datetime,
@@ -80,6 +83,7 @@ def build_export_data(
     return ExportData(
         timestamp=timestamp,
         tag=tag,
+        language=language.value,
         scanned_top_level_targets=list(db.scanned_top_level_targets),
         scanned_targets=list(db.scanned_targets),
         messages=message_data,

artemis/reporting/export/main.py

@@ -151,7 +151,9 @@ def export(
     db = DB()
     export_db_connector = DataLoader(db, blocklist, language, tag, silent)
     timestamp = datetime.datetime.now()
-    export_data = build_export_data(previous_reports, tag, export_db_connector, custom_template_arguments, timestamp)
+    export_data = build_export_data(
+        previous_reports, tag, language, export_db_connector, custom_template_arguments, timestamp
+    )
     date_str = timestamp.isoformat()
     output_dir = OUTPUT_LOCATION / str(tag) / date_str
     os.makedirs(output_dir)
@@ -198,7 +200,7 @@ def export_cli(
         help="Allows you to filter by the tag you provided when adding targets to be scanned. Only vulnerabilities "
         "from targets with this tag will be exported.",
     ),
-    language: Language = typer.Option(Language.en_US.value, help="Output report language (e.g. pl_PL or en_US)."),  # type: ignore
+    language: str = typer.Option(Language.en_US.value, help="Output report language (e.g. pl_PL or en_US)."),  # type: ignore
     custom_template_arguments: Optional[str] = typer.Option(
         "",
         help="Custom template arguments in the form of name1=value1,name2=value2,... - the original templates "
@@ -222,7 +224,7 @@ def export_cli(
     return export(
         previous_reports_directory=previous_reports_directory,
         tag=tag,
-        language=language,
+        language=Language(language),
         custom_template_arguments=custom_template_arguments_parsed,
         silent=silent,
         verbose=verbose,

artemis/reporting/modules/nuclei/translations/nuclei_messages/pl_PL.py

@@ -252,6 +252,7 @@
     + UPDATE_HINT,
     "Adminer before 4.7.9 is susceptible to server-side request forgery due to exposure of sensitive information in error messages. Users of Adminer versions bundling all drivers, e.g. adminer.php, are affected. An attacker can possibly obtain this information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.": "Narzędzie Adminer w wersji poniżej 4.7.9 zawiera podatność Server-Side Request Forgery. Może to umożliwić atakującemu komunikację z usługami w sieci wewnętrznej, a w niektórych konfiguracjach również uzyskanie nieuprawnionego dostępu do systemu."
     + UPDATE_HINT,
+    "[no description] http/fuzzing/ssrf-via-proxy.yaml": "Wykryto podatność Server-Side Request Forgery. Może ona umożliwić atakującemu komunikację z usługami w sieci wewnętrznej, a w niektórych konfiguracjach również uzyskanie nieuprawnionego dostępu do systemu.",
     "WordPress Fusion Builder plugin before 3.6.2 is susceptible to server-side request forgery. The plugin does not validate a parameter in its forms, which can be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. An attacker can potentially interact with hosts on the server's local network, bypass firewalls, and access control measures.": "Wtyczka WordPress o nazwie Fusion Builder w wersji poniżej 3.6.2 zawiera podatność Server-Side Request Forgery. Może to umożliwić atakującemu komunikację z usługami w sieci wewnętrznej, a w niektórych konfiguracjach również uzyskanie nieuprawnionego dostępu do systemu."
     + WORDPRESS_UPDATE_HINT,
     "WordPress Metform plugin through 2.1.3 is susceptible to information disclosure due to improper access control in the ~/core/forms/action.php file. An attacker can view all API keys and secrets of integrated third-party APIs such as that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more.": "Wtyczka WordPress o nazwie Metform w wersjach do 2.1.3 umożliwia atakującemu pobranie kluczy API usług takich jak PayPal, Stripe, Mailchimp, Hubspot, HelpScout czy reCAPTCHA."
@@ -998,6 +999,8 @@
     "Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in ThemePunch OHG Essential Grid plugin <= 3.1.0 versions.": "Wtyczka WordPress o nazwie ThemePunch OHG Essential Grid w wersji do 3.1.0 włącznie zawiera podatność "
     + REFLECTED_XSS_DESCRIPTION
     + WORDPRESS_UPDATE_HINT,
+    "[no description] http/exposures/logs/action-controller-exception.yaml": "Wykryto dziennik zdarzeń Action Controller.",
+    "Detection of SAP NetWeaver ABAP Webserver /public/info page": "Wykryto stronę z informacjami systemu SAP NetWeaver ABAP Webserver.",
     "An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.": "Memcached w wersji 1.4.31 i wcześniejszych zawiera podatność umożliwiającą potencjalnie atakującemu zdalne wykonanie kodu."
     + RCE_EFFECT_DESCRIPTION
     + UPDATE_HINT,
@@ -1514,4 +1517,5 @@
     "Slurm HPC Dashboard was detected.": "Wykryto panel Slurm HPC.",
     "http/exposed-panels/gitlab-explore.yaml": "Wykryto system GitLab.",
     "Micro Focus Enterprise Server Admin panel was detected.": "Wykryto panel Micro Focus Enterprise Server.",
+    "The presence of SAML-based authentication on GitLab instances. SAML is commonly used for Single Sign-On (SSO) integrations, which allows users to authenticate with GitLab using an external Identity Provider (IdP).": "Wykryto panel GitLab SAML.",
 }

artemis/reporting/severity.py

@@ -84,6 +84,7 @@ def get_severity(report: Any) -> Severity:
             "info": Severity.LOW,
             "low": Severity.LOW,
             "medium": Severity.MEDIUM,
+            "unknown": Severity.MEDIUM,
             "high": Severity.HIGH,
             "critical": Severity.HIGH,
         }