the big return update
1 parent 0d96da8 commit 91c1b6aa58dd9352506ae37960c9c07e87199e2a
root authored on 10 Nov 2022
Showing 11 changed files
View
2
■■■
.htaccess 0 → 100644
AddHandler application/x-httpd-php .png
View
6
README.md
 
If you can't read the code then this isn't for you.
 
Please do not ask for help regarding anything here, you will be ignored
 
 
** notes **
 
xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
View
6
ReportToolz/config.php
$vdbPath = "/opt/RossMarks/DirtyScripts/ReportToolz/";
 
// repgen templates
//$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
$template = "templates/odt/blank_template_v2.1.odt";
$template = "templates/odt/blank_template_v3.0.odt";
//$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
 
?>
View
336
ReportToolz/repgen.php
die("[-] no such folder! \n");
 
//get config file
$config = json_decode(file_get_contents($filter->getParam("path")."config.conf"));
$riskRatings = array("Serious","High","Medium","Low");
 
//create owasp top 10 placeholders
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
 
//create owasp top 10 table placeholders
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
// extract doc and get contents
$rand = uniqid();
mkdir("/tmp/$rand");
 
// create vulns for odf
$templateOrig = file_get_contents($vulnTemplate);
$Serious = $High = $Medium = $Low = $Info = "";
$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0;
$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
foreach ($vuln as $singlevuln) {
$templateSource = $templateOrig;
$togo = $singlevuln['risk'];
foreach ($singlevuln as $key => $value){
}
}
}
if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
$templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
}else{
$templateSource = str_replace('{hosts}', "N/A", $templateSource);
}
$$togo .= $templateSource;
${"Count_$togo"} += 1;
echo "[+] added $togo: ".$singlevuln['title']."\n";
}
 
// squash vulns into one bbig xml
 
// fixing summary tables
$descExpl = explode(".", $singlevuln['description']);
$fixExpl = explode(".", $singlevuln['solution']);
$descFinal = $descExpl[0].".";
$fixFinal = $fixExpl[0].".";
// if small summaries exist use them!
if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
// DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
$descFinal = $singlevuln['summary_issue'];
}
if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
// DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
$fixFinal = $singlevuln['summary_solution'];
}
 
// set OWASP counts
$issueOwasp = explode(":", $singlevuln['owasp']);
${$issueOwasp[0]}++;
 
$hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A";
// populate arrays for small vuln tables
// key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);
}
 
// add page ref to each issue
$placeA = 1;
foreach ($riskRatings as $riskKey => $riskVal) {
$placeB = 1;
if(!empty( ${"Summary_$riskVal"} )){
foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
$placeB++;
}
$placeA++;
}
}
 
// create sumaries tables
$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
$placeA = 1;
foreach ($riskRatings as $riskKey => $riskVal) {
$placeB = 1;
if(empty( ${"Summary_$riskVal"} )){
${"Summary_".$riskVal."_Final"} = '
<table:table-row table:style-name="Table11.1">
<table:table-cell table:style-name="Table11.A2" office:value-type="string">
<text:p text:style-name="P189">None Identified</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table11.A2" office:value-type="string">
<text:p text:style-name="P170"/>
</table:table-cell>
<table:table-cell table:style-name="Table11.C2" office:value-type="string">
<text:p text:style-name="P171"/>
</table:table-cell>
<table:table-cell table:style-name="Table11.C2" office:value-type="string">
<text:p text:style-name="P172"/>
</table:table-cell>
</table:table-row>
';
}else{
foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
// DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
${"Summary_".$riskVal."_Final"} .= '
<table:table-row table:style-name="Table11.1">
<table:table-cell table:style-name="Table11.A2" office:value-type="string">
<text:p text:style-name="P189">'.$sumKey.'</text:p>
<text:p text:style-name="P170">'.$sumVal[0].'</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table11.A2" office:value-type="string">
<text:p text:style-name="P170">'.$sumVal[1].'</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table11.C2" office:value-type="string">
<text:p text:style-name="P171">'.$sumVal[4].'</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table11.C2" office:value-type="string">
<text:p text:style-name="P172">'.$sumVal[2].'</text:p>
</table:table-cell>
</table:table-row>
';
}
}
 
}
 
//populate owasp findings tables
foreach ($riskRatings as $riskKey => $riskVal) {
if(!empty( ${"Summary_$riskVal"} )){
foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
if( ${$sumVal[3]."_table"} == ""){ // if is first entry
${$sumVal[3]."_table"} = '
<table:table table:name="Table8" table:style-name="Table8">
<table:table-column table:style-name="Table8.C"/>
<table:table-column table:style-name="Table8.D"/>
<table:table-header-rows>
<table:table-row table:style-name="Table8.1">
<table:table-cell table:style-name="Table8.A1" office:value-type="string">
<text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table8.B1" office:value-type="string">
<text:p text:style-name="P72">Document Reference</text:p>
</table:table-cell>
</table:table-row>
</table:table-header-rows>
<table:table-row>
<table:table-cell table:style-name="Table8.A10" office:value-type="string">
<text:p text:style-name="P40">'.$sumKey.'</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table8.B2" office:value-type="string">
<text:p text:style-name="P44">'.$sumVal[4].'</text:p>
</table:table-cell>
</table:table-row>
';
}else{ // not first entry, append new line
${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
${$sumVal[3]."_table"} .= '
<table:table-row>
<table:table-cell table:style-name="Table8.A10" office:value-type="string">
<text:p text:style-name="P40">'.$sumKey.'</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table8.B2" office:value-type="string">
<text:p text:style-name="P44">'.$sumVal[4].'</text:p>
</table:table-cell>
</table:table-row>
';
}
// close the table
${$sumVal[3]."_table"} .= '</table:table>';
}
}
}
 
// squash vulns into one big xml
$value = "";
if(!empty($Serious)){
$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
}
// add to template
$source = file_get_contents("/tmp/$rand/content.xml");
$source = str_replace('{vuln}', $value, $source);
 
//update total counts in exec summary table
$source = str_replace('{count_serious}', $Count_Serious, $source);
$source = str_replace('{count_high}', $Count_High, $source);
$source = str_replace('{count_medium}', $Count_Medium, $source);
$source = str_replace('{count_low}', $Count_Low, $source);
echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
 
//update issues summary tables
$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
echo "[+] added findings summary tables\n";
 
//update owasp count tables
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
}
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
}
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
}
echo "[+] updated OWASP count tables\n";
 
//update owasp findings tables
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
}
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
}
for ($i=1; $i <= 10 ; $i++) {
$padNo = sprintf("%02d", $i);
$source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
}
echo "[+] updated OWASP findings tables\n";
 
// save to file
echo "[!] writing to /tmp content.xml\n";
file_put_contents("/tmp/$rand/content.xml", $source);
 
// create report and tidying
$repOutName = $config->ref.".3 ".$config->client ." ". $config->title1;
View
ReportToolz/templates/odt/blank_template_v3.0.odt 0 → 100755
Not supported
View
2
■■■
ReportToolz/templates/odt/config.conf
"cert": "(CHECK Team Leader)",
"ref": "J12345",
"checkRef": "CHECK Reference: 12345C",
"secLevel": "Client Confidential",
"startDate": "01/11/2019",
"startDate": "01/11/2019",
"endDate": "06/11/2019",
"longDate": "1st and 8th November 2019",
"client": "Client name",
"title1": "Vulnerability Assessment",
View
144
ReportToolz/templates/odt/vuln_template_v1.0.xml 0 → 100755
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="3"><text:span>{title}</text:span>
</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<text:p text:style-name="Text_20_body">{description}</text:p>
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="4">Description</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<text:p text:style-name="Text_20_body">{tech_description}</text:p>
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="4">Solution</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<text:p text:style-name="Text_20_body">{solution}</text:p>
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="4">Risk Analysis</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<table:table table:name="Table99" table:style-name="Table6">
<table:table-column table:style-name="Table99.A"/>
<table:table-column table:style-name="Table99.B"/>
<table:table-column table:style-name="Table99.C"/>
<table:table-header-rows><table:table-row table:style-name="Table10.1">
<table:table-cell table:style-name="Table99.A1" office:value-type="string">
<text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table99.C1" office:value-type="string">
<text:p text:style-name="Sapphire_20_Table_20_Header">
Impact
</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table99.C1" office:value-type="string">
<text:p text:style-name="Sapphire_20_Table_20_Header">
<text:span >Remediation</text:span>
</text:p>
</table:table-cell>
</table:table-row>
</table:table-header-rows>
<table:table-row>
<table:table-cell table:style-name="Table99.A2" office:value-type="string">
<text:p text:style-name="P59">
<draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
<draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
<svg:title>Vulnerability Img</svg:title>
</draw:frame>
<text:s/>{risk}: {owasp}</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table99.B2" office:value-type="string">
<text:p text:style-name="P59">
<text:span >{impact}</text:span>
</text:p>
</table:table-cell>
<table:table-cell table:style-name="Table99.C2" office:value-type="string">
<text:p text:style-name="P30">{remediation}</text:p>
</table:table-cell>
</table:table-row>
</table:table>
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="4">CVSS Base Score</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
<text:list text:continue-numbering="true" text:style-name="Outline">
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:list>
<text:list-item>
<text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
</text:list-item>
</text:list>
<text:p text:style-name="Text_20_body">{hosts}</text:p>
<text:p text:style-name="PageBreak"></text:p>
View
eicar/eicar.png 0 → 100644
View
324
nmap-bootstrap.xsl 0 → 100644
<?xml version="1.0" encoding="utf-8"?>
<!--
Nmap Bootstrap XSL
Creative Commons BY-SA
This software must not be used by military or secret service organisations.
Andreas Hontzia (@honze_net)
-->
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/>
<xsl:template match="/">
<html lang="en">
<head>
<meta name="referrer" content="no-referrer"/>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/>
<script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script>
<script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script>
<script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<style>
.target:before {
content: "";
display: block;
height: 50px;
margin: -20px 0 0;
}
@media only screen and (min-width:1900px) {
.container {
width: 1800px;
}
}
.footer {
margin-top:60px;
padding-top:60px;
width: 100%;
height: 180px;
background-color: #f5f5f5;
}
.clickable {
cursor: pointer;
}
.panel-heading > h3:before {
font-family: 'Glyphicons Halflings';
content: "\e114"; /* glyphicon-chevron-down */
padding-right: 1em;
}
.panel-heading.collapsed > h3:before {
content: "\e080"; /* glyphicon-chevron-right */
}
</style>
<title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title>
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li><a href="#scannedhosts">Scanned Hosts</a></li>
<li><a href="#onlinehosts">Online Hosts</a></li>
<li><a href="#openservices">Open Services</a></li>
</ul>
</div>
</div>
</nav>
<div class="container">
<div class="jumbotron">
<h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1>
<pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre>
<p class="lead">
<xsl:value-of select="/nmaprun/@startstr"/><xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/>
<xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned.
<xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up.
<xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down.
</p>
<div class="progress">
<div class="progress-bar progress-bar-success" style="width: 0%">
<xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
<xsl:value-of select="/nmaprun/runstats/hosts/@up"/>
<span class="sr-only"></span>
</div>
<div class="progress-bar progress-bar-danger" style="width: 0%">
<xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
<xsl:value-of select="/nmaprun/runstats/hosts/@down"/>
<span class="sr-only"></span>
</div>
</div>
</div>
<h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2>
<div class="table-responsive">
<table id="table-overview" class="table table-striped dataTable" role="grid">
<thead>
<tr>
<th>State</th>
<th>Address</th>
<th>Hostname</th>
<th>TCP (open)</th>
<th>UDP (open)</th>
</tr>
</thead>
<tbody>
<xsl:choose>
<xsl:when test="/nmaprun/runstats/hosts/@down > 1024">
<xsl:for-each select="/nmaprun/host[status/@state='up']">
<tr>
<td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
<td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
<td><xsl:value-of select="hostnames/hostname/@name"/></td>
<td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
<td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
</tr>
</xsl:for-each>
</xsl:when>
<xsl:otherwise>
<xsl:for-each select="/nmaprun/host">
<tr>
<td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
<td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
<td><xsl:value-of select="hostnames/hostname/@name"/></td>
<td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
<td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
</tr>
</xsl:for-each>
</xsl:otherwise>
</xsl:choose>
</tbody>
</table>
</div>
<script>
$(document).ready(function() {
$('#table-overview').DataTable();
});
$('#table-overview').DataTable( {
"lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
});
</script>
<h2 id="onlinehosts" class="target">Online Hosts</h2>
<xsl:for-each select="/nmaprun/host[status/@state='up']">
<div class="panel panel-default">
<div class="panel-heading clickable" data-toggle="collapse">
<xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
<xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
<h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3>
</div>
<div class="panel-body collapse in">
<xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
<xsl:if test="count(hostnames/hostname) > 0">
<h4>Hostnames</h4>
<ul>
<xsl:for-each select="hostnames/hostname">
<li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li>
</xsl:for-each>
</ul>
</xsl:if>
<h4>Ports</h4>
<div class="table-responsive">
<table class="table table-bordered">
<thead>
<tr>
<th>Port</th>
<th>Protocol</th>
<th>State<br/>Reason</th>
<th>Service</th>
<th>Product</th>
<th>Version</th>
<th>Extra Info</th>
</tr>
</thead>
<tbody>
<xsl:for-each select="ports/port">
<xsl:choose>
<xsl:when test="state/@state = 'open'">
<tr class="success">
<td title="Port"><xsl:value-of select="@portid"/></td>
<td title="Protocol"><xsl:value-of select="@protocol"/></td>
<td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
<td title="Service"><xsl:value-of select="service/@name"/></td>
<td title="Product"><xsl:value-of select="service/@product"/></td>
<td title="Version"><xsl:value-of select="service/@version"/></td>
<td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td>
</tr>
<tr>
<td colspan="7">
<a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a>
<xsl:for-each select="script">
<h5><xsl:value-of select="@id"/></h5>
<pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
</xsl:for-each>
</td>
</tr>
</xsl:when>
<xsl:when test="state/@state = 'filtered'">
<tr class="warning">
<td><xsl:value-of select="@portid"/></td>
<td><xsl:value-of select="@protocol"/></td>
<td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
<td><xsl:value-of select="service/@name"/></td>
<td><xsl:value-of select="service/@product"/></td>
<td><xsl:value-of select="service/@version"/></td>
<td><xsl:value-of select="service/@extrainfo"/></td>
</tr>
</xsl:when>
<xsl:when test="state/@state = 'closed'">
<tr class="active">
<td><xsl:value-of select="@portid"/></td>
<td><xsl:value-of select="@protocol"/></td>
<td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
<td><xsl:value-of select="service/@name"/></td>
<td><xsl:value-of select="service/@product"/></td>
<td><xsl:value-of select="service/@version"/></td>
<td><xsl:value-of select="service/@extrainfo"/></td>
</tr>
</xsl:when>
<xsl:otherwise>
<tr class="info">
<td><xsl:value-of select="@portid"/></td>
<td><xsl:value-of select="@protocol"/></td>
<td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
<td><xsl:value-of select="service/@name"/></td>
<td><xsl:value-of select="service/@product"/></td>
<td><xsl:value-of select="service/@version"/></td>
<td><xsl:value-of select="service/@extrainfo"/></td>
</tr>
</xsl:otherwise>
</xsl:choose>
</xsl:for-each>
</tbody>
</table>
</div>
<xsl:if test="count(hostscript/script) > 0">
<h4>Host Script</h4>
</xsl:if>
<xsl:for-each select="hostscript/script">
<h5><xsl:value-of select="@id"/></h5>
<pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
</xsl:for-each>
<xsl:if test="count(os/osmatch) > 0">
<h4>OS Detection</h4>
<xsl:for-each select="os/osmatch">
<h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5>
<xsl:for-each select="osclass">
Device type: <xsl:value-of select="@type"/><br/>
Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/>
OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a>
<br/>
</xsl:for-each>
<br/>
</xsl:for-each>
</xsl:if>
</div>
</div>
</xsl:for-each>
<h2 id="openservices" class="target">Open Services</h2>
<div class="table-responsive">
<table id="table-services" class="table table-striped dataTable" role="grid">
<thead>
<tr>
<th>Address</th>
<th>Port</th>
<th>Protocol</th>
<th>Service</th>
<th>Product</th>
<th>Version</th>
<th>CPE</th>
<th>Extra info</th>
</tr>
</thead>
<tbody>
<xsl:for-each select="/nmaprun/host">
<xsl:for-each select="ports/port[state/@state='open']">
<tr>
<td><a>
<xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/>
<xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td>
<td><xsl:value-of select="@portid"/></td>
<td><xsl:value-of select="@protocol"/></td>
<td><xsl:value-of select="service/@name"/></td>
<td><xsl:value-of select="service/@product"/></td>
<td><xsl:value-of select="service/@version"/></td>
<td><xsl:value-of select="service/cpe"/></td>
<td><xsl:value-of select="service/@extrainfo"/></td>
</tr>
</xsl:for-each>
</xsl:for-each>
</tbody>
</table>
</div>
<script>
$(document).ready(function() {
$('#table-services').DataTable();
$("a[href^='#onlinehosts-']").click(function(event){
event.preventDefault();
$('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500);
});
});
$('#table-services').DataTable( {
"lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
});
</script>
</div>
<footer class="footer">
<div class="container">
<p class="text-muted">
This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/>
Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/>
Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/>
</p>
</div>
</footer>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
View
2
■■■
phpinfo.php 0 → 100644
<?php phpinfo(); ?>
View
phpinfo.png 0 → 100644
Buy Me A Coffee