fix for multiple headings
1 parent 3874508 commit 55e1edd1448fdce3b3526420be8b6caddf84586f
root authored on 31 Jan 2020
Showing 1 changed file
View
238
ReportToolz/pt2json.php
$ob= simplexml_load_string($xmlfile);
$json = json_encode($ob);
$configData = json_decode($json, true);
 
$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/";
//$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/";
 
foreach ($configData['report_sections']['section']['subsection'] as $key => $value) {
# code...
//echo $value['title']."\n";
//print_r($value);
foreach($value['finding'] as $key2 => $value2){
if($filter->getParam('no-save') === true){
echo "[+] issue: ".$value2['@attributes']['title']."\n";
}else{
echo "[+] creating json for: ".$value2['@attributes']['title']."\n";
}
$vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) );
if( isset($configData['report_sections']['section'][0]['subsection'][0]['@attributes']['title'])){
// multiple headings
foreach( $configData['report_sections']['section'] as $key1 => $val1 ){
//echo $key1." - ".$val1."\n";
foreach ($val1['subsection'] as $key => $value) {
if(isset($value['finding'] )){
foreach($value['finding'] as $key2 => $value2){
if(isset($value2['@attributes']['title']) && isset($value2['summary_description'])){
if($filter->getParam('no-save') === true){
echo "[+] issue: ".$value2['@attributes']['title']."\n";
}else{
echo "[+] creating json for: ".$value2['@attributes']['title']."\n";
}
$vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) );
 
if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){
$cvss3_score = $value2['cvss'];
$cvss3_vector = $value2['cvss_vector'];
}else{
$cvss3_score = "";
$cvss3_vector = "";
}
if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){
$cvss3_score = $value2['cvss'];
$cvss3_vector = $value2['cvss_vector'];
}else{
$cvss3_score = "";
$cvss3_vector = "";
}
 
$techD = "";
foreach ($value2['section'] as $key => $value) {
# code...
$techD .= @base64_decode($value)."\n";
}
$cvssS = (isset($value2['cvss']))? $value2['cvss'] : "";
$techD = "";
foreach ($value2['section'] as $key => $value) {
# code...
$techD .= @base64_decode($value)."\n";
}
$cvssS = (isset($value2['cvss']))? $value2['cvss'] : "";
 
$sev = $value2['severity'];
$sev = str_replace("serious", "Serious", $sev);
$sev = str_replace("high", "High", $sev);
$sev = str_replace("medium", "Medium", $sev);
$sev = str_replace("low", "Low", $sev);
$sev = str_replace("info", "Informational", $sev);
$sev = $value2['severity'];
$sev = str_replace("serious", "Serious", $sev);
$sev = str_replace("high", "High", $sev);
$sev = str_replace("medium", "Medium", $sev);
$sev = str_replace("low", "Low", $sev);
$sev = str_replace("info", "Informational", $sev);
 
$jsonFile = '{
"title":'.json_encode($value2['@attributes']['title']).',
"category":"",
"remediation":'.json_encode(base64_decode($value2['remediation'])).',
"cvss_score":'.json_encode($cvssS).',
"risk":'.json_encode($sev).',
"impact":"High/Medium/Low",
"description":'.json_encode(base64_decode($value2['summary_description'])).',
"tech_description":'.json_encode($techD).',
"solution":'.json_encode(base64_decode($value2['summary_fix'])).',
"cvss2_score":"",
"cvss2_vector":"",
"cvss3_score":'.json_encode($cvss3_score).',
"cvss3_vector":'.json_encode($cvss3_vector).',
"owasp":"",
"tags":'.json_encode(base64_decode($value2['vuln_tags'])).',
"to_check":"checked"}';
$jsonFile = '{
"title":'.json_encode($value2['@attributes']['title']).',
"category":"",
"remediation":'.json_encode(base64_decode($value2['remediation'])).',
"cvss_score":'.json_encode($cvssS).',
"risk":'.json_encode($sev).',
"impact":"High/Medium/Low",
"description":'.json_encode(base64_decode($value2['summary_description'])).',
"tech_description":'.json_encode($techD).',
"solution":'.json_encode(base64_decode($value2['summary_fix'])).',
"cvss2_score":"",
"cvss2_vector":"",
"cvss3_score":'.json_encode($cvss3_score).',
"cvss3_vector":'.json_encode($cvss3_vector).',
"owasp":"",
"tags":'.json_encode(base64_decode($value2['vuln_tags'])).',
"to_check":"checked"}';
 
if($filter->getParam('no-save') === false){
file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile);
if($filter->getParam('no-save') === false){
file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile);
}
}
}
}
 
}
}
// single heading
}else{
foreach ($configData['report_sections']['section']['subsection'] as $key => $value) {
# code...
//echo $value['title']."\n";
//print_r($value);
foreach($value['finding'] as $key2 => $value2){
 
if($filter->getParam('no-save') === true){
echo "[+] issue: ".$value2['@attributes']['title']."\n";
}else{
echo "[+] creating json for: ".$value2['@attributes']['title']."\n";
}
$vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) );
 
if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){
$cvss3_score = $value2['cvss'];
$cvss3_vector = $value2['cvss_vector'];
}else{
$cvss3_score = "";
$cvss3_vector = "";
}
 
$techD = "";
foreach ($value2['section'] as $key => $value) {
# code...
$techD .= @base64_decode($value)."\n";
}
$cvssS = (isset($value2['cvss']))? $value2['cvss'] : "";
 
$sev = $value2['severity'];
$sev = str_replace("serious", "Serious", $sev);
$sev = str_replace("high", "High", $sev);
$sev = str_replace("medium", "Medium", $sev);
$sev = str_replace("low", "Low", $sev);
$sev = str_replace("info", "Informational", $sev);
 
$jsonFile = '{
"title":'.json_encode($value2['@attributes']['title']).',
"category":"",
"remediation":'.json_encode(base64_decode($value2['remediation'])).',
"cvss_score":'.json_encode($cvssS).',
"risk":'.json_encode($sev).',
"impact":"High/Medium/Low",
"description":'.json_encode(base64_decode($value2['summary_description'])).',
"tech_description":'.json_encode($techD).',
"solution":'.json_encode(base64_decode($value2['summary_fix'])).',
"cvss2_score":"",
"cvss2_vector":"",
"cvss3_score":'.json_encode($cvss3_score).',
"cvss3_vector":'.json_encode($cvss3_vector).',
"owasp":"",
"tags":'.json_encode(base64_decode($value2['vuln_tags'])).',
"to_check":"checked"}';
 
if($filter->getParam('no-save') === false){
file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile);
}
}
}
}
Buy Me A Coffee