Fork: 0
0xRoM / DirtyScripts
Transfer to URL with SHA Find file
Newer
Older
DirtyScripts / ReportToolz / repgen.php
root on 10 Nov 2022 17 KB the big return update
Raw Blame History 
  1. #!/usr/bin/php
  2. <?php
  3. //error_reporting(0);
  4. include('config.php');
  5.  
  6. /***
  7.  * Main program - Don't edit below
  8.  */
  9. echo "_____ _____ _____ Gen\n||_// ||==  ||_// \n|| \\  ||___ ||    \n\n";
  10.  
  11. foreach (glob("classes/*.php") as $filename)
  12.     include $filename;
  13.  
  14. $definitions = new \Clapp\CommandLineArgumentDefinition(
  15.     array(
  16.         "help|h"            => "Shows help message",
  17.         "path|p=s"          => "/path/to/configs/", // should contain config.json and all vuln.json files
  18.     )
  19. );
  20.  
  21. $filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
  22.  
  23. if ($filter->getParam('h') === true || $argc < 2) {
  24.     fwrite(STDERR, $definitions->getUsage());
  25.     exit(0);
  26. } 
  27.  
  28. // see if doc exists 
  29. if ($filter->getParam("path") == false)
  30. 	die("[-] no path set\n");
  31.  
  32. echo "[!] path: ".$filter->getParam("path")."\n";
  33. if(!is_dir($filter->getParam("path")))
  34. 	die("[-] no such folder! \n");
  35.  
  36. //get config file
  37. $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
  38. $riskRatings = array("Serious","High","Medium","Low");
  39.  
  40. //create owasp top 10 placeholders
  41. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
  42. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
  43. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
  44.  
  45. //create owasp top 10 table placeholders
  46. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
  47. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
  48. for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
  49.  
  50. // extract doc and get contents
  51. $rand = uniqid();
  52. mkdir("/tmp/$rand");
  53. if(unzipFolder($template, "/tmp/$rand/")) {
  54.     $source = file_get_contents("/tmp/$rand/content.xml");
  55.     echo "[+] doc extracted\n";
  56. } else {
  57. 	die("[-] unable to extract doc\n");
  58. }
  59. $source = file_get_contents("/tmp/$rand/content.xml");
  60. 	
  61. // add CHECK section into report if needed
  62. if(isset($config->checkRef) && trim($config->checkRef) <> ""){
  63.     $check_img = '<draw:frame draw:style-name="fr9" draw:name="FPCheckLogo" text:anchor-type="frame" svg:x="0cm" svg:y="5.879cm" svg:width="6.83cm" svg:height="2.628cm" draw:z-index="40">
  64.             <draw:image xlink:href="Pictures/10000000000004A3000001C98E2CC6AE1D6F811E.jpg" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/jpeg"/>
  65.         </draw:frame>';
  66.     $check_section = '<text:p text:style-name="P26"/>
  67.         <text:p text:style-name="P26"/>
  68.         <text:p text:style-name="P26"/>
  69.         <text:p text:style-name="P26"/>
  70.         <text:p text:style-name="P26">
  71.             CHECK Ref: {checkRef}
  72.         </text:p>';
  73.     $source = str_replace('{check_img}', $check_img, $source);
  74.     $source = str_replace('{check_section}', $check_section, $source);
  75.     echo "[+] Added CHECK section\n";
  76. }else{
  77.     $check_section = '<text:p text:style-name="P26">
  78.             <text:bookmark-start text:name="__RefHeading___Toc72207_536000782"/>
  79.             <text:bookmark-end text:name="__RefHeading___Toc72207_536000782"/>
  80.         </text:p>';
  81.     $source = str_replace('{check_img}', "", $source);
  82.     $source = str_replace('{check_section}', $check_section, $source);
  83. }
  84.  
  85. // add config into template
  86. foreach ($config as $key => $value) {
  87. 	$source = str_replace('{'.$key.'}', $value, $source);
  88. }
  89. file_put_contents("/tmp/$rand/content.xml", $source);
  90. echo "[+] added config values\n";
  91.  
  92. // get all vulns
  93. $vuln = array();
  94. $files = glob($filter->getParam("path")."*.json");
  95. foreach($files as $finding){
  96.     $vuln[] = $found = json_decode(file_get_contents($finding), true);
  97. }
  98.  
  99. echo "[+] sorting vulns by CVSS\n";
  100. usort($vuln, 'order_by_cvss');
  101. function order_by_cvss($a, $b) {
  102.     return $b['cvss_score'] > $a['cvss_score'] ? 1 : -1;
  103. }
  104.  
  105. if(empty($vuln))
  106.     echo "[-] no vulns found!\n";
  107.  
  108. // create vulns for odf
  109. $templateOrig = file_get_contents($vulnTemplate);
  110. $Serious = $High = $Medium = $Low = $Info = ""; 
  111. $Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
  112. $Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
  113. foreach ($vuln as $singlevuln) {
  114. 	$templateSource = $templateOrig;
  115. 	$togo = $singlevuln['risk'];
  116. 	foreach ($singlevuln as $key => $value){
  117.         $value = str_replace("<", "&lt;", $value);
  118.         $value = str_replace(">", "&gt;", $value);
  119. 		$value = str_replace("\n", "</text:p><text:p text:style-name=\"Text_20_body\">", $value);
  120. 		$templateSource = str_replace('{'.$key.'}', $value, $templateSource);
  121.         if($key == "risk"){
  122.             switch ($togo) {
  123.                 case 'Serious':
  124.                     $templateSource = str_replace('{risk_img}', '100000000000001C0000001C2B2344F988E3C014.png', $templateSource);
  125.                     break;
  126.                 case 'High':
  127.                     $templateSource = str_replace('{risk_img}', '100000000000001C0000001C478E326DAB1B0673.gif', $templateSource);
  128.                     break;
  129.                 case 'Medium':
  130.                     $templateSource = str_replace('{risk_img}', '100000000000001C0000001C08AD11DB0A5D02CD.png', $templateSource);
  131.                     break;
  132.                 case 'Low':
  133.                     $templateSource = str_replace('{risk_img}', '100000000000001C0000001C6CC3BB57AA64608B.gif', $templateSource);
  134.                     break;
  135.                 case 'Info':
  136.                     $templateSource = str_replace('{risk_img}', '100000000000001C0000001C7365C375D1750C0F.gif', $templateSource);
  137.                     break;
  138.             }
  139.         }
  140. 	}
  141.     
  142.     if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
  143.         $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
  144.     }else{
  145.         $templateSource = str_replace('{hosts}', "N/A", $templateSource);
  146.     }
  147. 	$$togo .= $templateSource;
  148.     ${"Count_$togo"} += 1;
  149. 	echo "[+] added $togo: ".$singlevuln['title']."\n";
  150.  
  151.     // fixing summary tables
  152.     $descExpl = explode(".", $singlevuln['description']);
  153.     $fixExpl = explode(".", $singlevuln['solution']);
  154.     $descFinal = $descExpl[0].".";
  155.     $fixFinal = $fixExpl[0].".";
  156.     // if small summaries exist use them!
  157.     if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
  158.         // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
  159.         $descFinal = $singlevuln['summary_issue'];
  160.     }
  161.     if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
  162.         // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
  163.         $fixFinal = $singlevuln['summary_solution'];
  164.     }
  165.  
  166.     // set OWASP counts
  167.     $issueOwasp = explode(":", $singlevuln['owasp']);
  168.     ${$issueOwasp[0]}++;
  169.  
  170.     $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
  171.     // populate arrays for small vuln tables    
  172.     // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
  173.     ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
  174.           
  175. }
  176.  
  177. // add page ref to each issue
  178. $placeA = 1;
  179. foreach ($riskRatings as $riskKey => $riskVal) {
  180.     $placeB = 1;
  181.     if(!empty( ${"Summary_$riskVal"} )){
  182.         foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
  183.             array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
  184.             $placeB++;
  185.         }
  186.         $placeA++;
  187.     }
  188. }
  189.  
  190. // create sumaries tables
  191. $Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
  192. $placeA = 1;
  193. foreach ($riskRatings as $riskKey => $riskVal) {
  194.     $placeB = 1;
  195.     if(empty( ${"Summary_$riskVal"} )){
  196.         ${"Summary_".$riskVal."_Final"} = '
  197.             <table:table-row table:style-name="Table11.1">
  198.                 <table:table-cell table:style-name="Table11.A2" office:value-type="string">
  199.                     <text:p text:style-name="P189">None Identified</text:p>
  200.                 </table:table-cell>
  201.                 <table:table-cell table:style-name="Table11.A2" office:value-type="string">
  202.                     <text:p text:style-name="P170"/>
  203.                 </table:table-cell>
  204.                 <table:table-cell table:style-name="Table11.C2" office:value-type="string">
  205.                     <text:p text:style-name="P171"/>
  206.                 </table:table-cell>
  207.                 <table:table-cell table:style-name="Table11.C2" office:value-type="string">
  208.                     <text:p text:style-name="P172"/>
  209.                 </table:table-cell>
  210.             </table:table-row>
  211.         ';
  212.     }else{
  213.         foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
  214.             // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
  215.             ${"Summary_".$riskVal."_Final"} .= '
  216.             <table:table-row table:style-name="Table11.1">
  217.                 <table:table-cell table:style-name="Table11.A2" office:value-type="string">
  218.                     <text:p text:style-name="P189">'.$sumKey.'</text:p>
  219.                     <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
  220.                 </table:table-cell>
  221.                 <table:table-cell table:style-name="Table11.A2" office:value-type="string">
  222.                     <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
  223.                 </table:table-cell>
  224.                 <table:table-cell table:style-name="Table11.C2" office:value-type="string">
  225.                     <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
  226.                 </table:table-cell>
  227.                 <table:table-cell table:style-name="Table11.C2" office:value-type="string">
  228.                     <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
  229.                 </table:table-cell>
  230.             </table:table-row>
  231.         ';
  232.         }
  233.     }  
  234.  
  235. }
  236.  
  237. //populate owasp findings tables
  238. foreach ($riskRatings as $riskKey => $riskVal) {
  239.     if(!empty( ${"Summary_$riskVal"} )){
  240.         foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
  241.             if( ${$sumVal[3]."_table"} == ""){ // if is first entry
  242.                 ${$sumVal[3]."_table"} = '
  243. <table:table table:name="Table8" table:style-name="Table8">
  244.     <table:table-column table:style-name="Table8.C"/>
  245.     <table:table-column table:style-name="Table8.D"/>
  246.     <table:table-header-rows>
  247.         <table:table-row table:style-name="Table8.1">
  248.             <table:table-cell table:style-name="Table8.A1" office:value-type="string">
  249.                 <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
  250.             </table:table-cell>
  251.             <table:table-cell table:style-name="Table8.B1" office:value-type="string">
  252.                 <text:p text:style-name="P72">Document Reference</text:p>
  253.             </table:table-cell>
  254.         </table:table-row>
  255.     </table:table-header-rows>
  256.     <table:table-row>
  257.         <table:table-cell table:style-name="Table8.A10" office:value-type="string">
  258.             <text:p text:style-name="P40">'.$sumKey.'</text:p>
  259.         </table:table-cell>
  260.         <table:table-cell table:style-name="Table8.B2" office:value-type="string">
  261.             <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
  262.         </table:table-cell>
  263.     </table:table-row>
  264.                 ';
  265.             }else{ // not first entry, append new line
  266.                 ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
  267.                 ${$sumVal[3]."_table"} .= '
  268.     <table:table-row>
  269.         <table:table-cell table:style-name="Table8.A10" office:value-type="string">
  270.             <text:p text:style-name="P40">'.$sumKey.'</text:p>
  271.         </table:table-cell>
  272.         <table:table-cell table:style-name="Table8.B2" office:value-type="string">
  273.             <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
  274.         </table:table-cell>
  275.     </table:table-row>
  276.                 ';
  277.             }
  278.             // close the table
  279.             ${$sumVal[3]."_table"} .= '</table:table>';
  280.         }
  281.     }
  282. }  
  283.  
  284. // squash vulns into one big xml
  285. $value = "";
  286. if(!empty($Serious)){
  287. 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
  288.     <text:list-item>
  289.         <text:list>
  290.             <text:list-item>
  291.                 <text:h text:outline-level="2">Serious Risk Vulnerabilities</text:h>
  292.             </text:list-item>
  293.         </text:list>
  294.     </text:list-item>
  295. </text:list>';
  296. 	$value .= $Serious;
  297. }
  298.  
  299. if(!empty($High)){
  300. 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
  301.     <text:list-item>
  302.         <text:list>
  303.             <text:list-item>
  304.                 <text:h text:outline-level="2">High Risk Vulnerabilities</text:h>
  305.             </text:list-item>
  306.         </text:list>
  307.     </text:list-item>
  308. </text:list>';
  309. 	$value .= $High;
  310. }
  311. if(!empty($Medium)){
  312. 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
  313.     <text:list-item>
  314.         <text:list>
  315.             <text:list-item>
  316.                 <text:h text:outline-level="2">Medium Risk Vulnerabilities</text:h>
  317.             </text:list-item>
  318.         </text:list>
  319.     </text:list-item>
  320. </text:list>';
  321. 	$value .= $Medium;
  322. }
  323. if(!empty($Low)){
  324. 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
  325.     <text:list-item>
  326.         <text:list>
  327.             <text:list-item>
  328.                 <text:h text:outline-level="2">Low Risk Vulnerabilities</text:h>
  329.             </text:list-item>
  330.         </text:list>
  331.     </text:list-item>
  332. </text:list>';
  333. 	$value .= $Low;
  334. }
  335. if(!empty($Info)){
  336.     $value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
  337.     <text:list-item>
  338.         <text:list>
  339.             <text:list-item>
  340.                 <text:h text:outline-level="2">Informational Risk Vulnerabilities</text:h>
  341.             </text:list-item>
  342.         </text:list>
  343.     </text:list-item>
  344. </text:list>';
  345.     $value .= $Info;
  346. }
  347. // add to template
  348. $source = file_get_contents("/tmp/$rand/content.xml");
  349. $source = str_replace('{vuln}', $value, $source);
  350.  
  351. //update total counts in exec summary table
  352. $source = str_replace('{count_serious}', $Count_Serious, $source);
  353. $source = str_replace('{count_high}', $Count_High, $source);
  354. $source = str_replace('{count_medium}', $Count_Medium, $source);
  355. $source = str_replace('{count_low}', $Count_Low, $source);
  356. echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
  357.  
  358. //update issues summary tables
  359. $source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
  360. $source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
  361. $source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
  362. $source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
  363. echo "[+] added findings summary tables\n";
  364.  
  365. //update owasp count tables
  366. for ($i=1; $i <= 10 ; $i++) { 
  367.     $padNo = sprintf("%02d", $i);
  368.     $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
  369. }
  370. for ($i=1; $i <= 10 ; $i++) { 
  371.     $padNo = sprintf("%02d", $i);
  372.     $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
  373. }
  374. for ($i=1; $i <= 10 ; $i++) { 
  375.     $padNo = sprintf("%02d", $i);
  376.     $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
  377. }
  378. echo "[+] updated OWASP count tables\n";
  379.  
  380. //update owasp findings tables
  381. for ($i=1; $i <= 10 ; $i++) { 
  382.     $padNo = sprintf("%02d", $i);
  383.     $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
  384. }
  385. for ($i=1; $i <= 10 ; $i++) { 
  386.     $padNo = sprintf("%02d", $i);
  387.     $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
  388. }
  389. for ($i=1; $i <= 10 ; $i++) { 
  390.     $padNo = sprintf("%02d", $i);
  391.     $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
  392. }
  393. echo "[+] updated OWASP findings tables\n";
  394.  
  395. // save to file
  396. echo "[!] writing to /tmp content.xml\n";
  397. file_put_contents("/tmp/$rand/content.xml", $source);
  398.  
  399. // create report and tidying
  400. $repOutName = $config->ref.".3 ".$config->client ." ". $config->title1;
  401. zipFolder("/tmp/$rand", $filter->getParam("path").$repOutName.".odt");
  402. echo "[=] generated report: ".$filter->getParam("path").$repOutName.".odt\n";
  403. delTree("/tmp/$rand");
  404. echo "[+] temp files removed\n";
  405.  
  406. function unzipFolder($zipInputFile, $outputFolder) {
  407.     $zip = new ZipArchive;
  408.     $res = $zip->open($zipInputFile);
  409.     if ($res === true) {
  410.         $zip->extractTo($outputFolder);
  411.         $zip->close();
  412.         return true;
  413.     }
  414.     else {
  415.         return false;
  416.     }
  417. }
  418.  
  419. function XML2Array(SimpleXMLElement $parent){
  420.     $array = array();
  421.  
  422.     foreach ($parent as $name => $element) {
  423.         ($node = & $array[$name])
  424.             && (1 === count($node) ? $node = array($node) : 1)
  425.             && $node = & $node[];
  426.  
  427.         $node = $element->count() ? XML2Array($element) : trim($element);
  428.     }
  429.  
  430.     return $array;
  431. }
  432.  
  433. function delTree($dir){ 
  434.     $files = array_diff(scandir($dir), array('.', '..')); 
  435.  
  436.     foreach ($files as $file) { 
  437.         (is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file"); 
  438.     }
  439.  
  440.     return rmdir($dir); 
  441. } 
  442.  
  443. function zipFolder($inputFolder, $zipOutputFile) {
  444.     if (!extension_loaded('zip') || !file_exists($inputFolder)) {
  445.         return false;
  446.     }
  447.  
  448.     $zip = new ZipArchive();
  449.     if (!$zip->open($zipOutputFile, ZIPARCHIVE::CREATE)) {
  450.         return false;
  451.     }
  452.  
  453.     $inputFolder = str_replace('\\', "/", realpath($inputFolder));
  454.  
  455.     if (is_dir($inputFolder) === true) {
  456.         $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($inputFolder), RecursiveIteratorIterator::SELF_FIRST);
  457.  
  458.         foreach ($files as $file) {
  459.             $file = str_replace('\\', "/", $file);
  460.  
  461.             if (in_array(substr($file, strrpos($file, '/')+1), array('.', '..'))) {
  462.                 continue;
  463.             }
  464.  
  465.             $file = realpath($file);
  466.  
  467.             if (is_dir($file) === true) {
  468.                 $dirName = str_replace($inputFolder."/", '', $file."/");
  469.                 $zip->addEmptyDir($dirName);
  470.             }
  471.             else if (is_file($file) === true) {
  472.                 $fileName = str_replace($inputFolder."/", '', $file);
  473.                 $zip->addFromString($fileName, file_get_contents($file));
  474.             }
  475.         }
  476.     }
  477.     else if (is_file($inputFolder) === true) {
  478.         $zip->addFromString(basename($inputFolder), file_get_contents($inputFolder));
  479.     }
  480.  
  481.     return $zip->close();
  482. }
  483.  
  484. ?>
Buy Me A Coffee