diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="3"><text:span>{title}</text:span> + </text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> +</text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Description</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{tech_description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Solution</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{solution}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Risk Analysis</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<table:table table:name="Table99" table:style-name="Table6"> + <table:table-column table:style-name="Table99.A"/> + <table:table-column table:style-name="Table99.B"/> + <table:table-column table:style-name="Table99.C"/> + <table:table-header-rows><table:table-row table:style-name="Table10.1"> + <table:table-cell table:style-name="Table99.A1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + Impact + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + <text:span >Remediation</text:span> + </text:p> + </table:table-cell> + </table:table-row> +</table:table-header-rows> +<table:table-row> + <table:table-cell table:style-name="Table99.A2" office:value-type="string"> + <text:p text:style-name="P59"> + <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40"> + <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/> + <svg:title>Vulnerability Img</svg:title> + </draw:frame> + <text:s/>{risk}: {owasp}</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.B2" office:value-type="string"> + <text:p text:style-name="P59"> + <text:span >{impact}</text:span> + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C2" office:value-type="string"> + <text:p text:style-name="P30">{remediation}</text:p> + </table:table-cell> +</table:table-row> +</table:table> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">CVSS Base Score</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Vulnerabilities Exist On</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{hosts}</text:p> +<text:p text:style-name="PageBreak"></text:p> \ No newline at end of file diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="3"><text:span>{title}</text:span> + </text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> +</text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Description</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{tech_description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Solution</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{solution}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Risk Analysis</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<table:table table:name="Table99" table:style-name="Table6"> + <table:table-column table:style-name="Table99.A"/> + <table:table-column table:style-name="Table99.B"/> + <table:table-column table:style-name="Table99.C"/> + <table:table-header-rows><table:table-row table:style-name="Table10.1"> + <table:table-cell table:style-name="Table99.A1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + Impact + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + <text:span >Remediation</text:span> + </text:p> + </table:table-cell> + </table:table-row> +</table:table-header-rows> +<table:table-row> + <table:table-cell table:style-name="Table99.A2" office:value-type="string"> + <text:p text:style-name="P59"> + <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40"> + <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/> + <svg:title>Vulnerability Img</svg:title> + </draw:frame> + <text:s/>{risk}: {owasp}</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.B2" office:value-type="string"> + <text:p text:style-name="P59"> + <text:span >{impact}</text:span> + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C2" office:value-type="string"> + <text:p text:style-name="P30">{remediation}</text:p> + </table:table-cell> +</table:table-row> +</table:table> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">CVSS Base Score</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Vulnerabilities Exist On</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{hosts}</text:p> +<text:p text:style-name="PageBreak"></text:p> \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="3"><text:span>{title}</text:span> + </text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> +</text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Description</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{tech_description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Solution</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{solution}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Risk Analysis</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<table:table table:name="Table99" table:style-name="Table6"> + <table:table-column table:style-name="Table99.A"/> + <table:table-column table:style-name="Table99.B"/> + <table:table-column table:style-name="Table99.C"/> + <table:table-header-rows><table:table-row table:style-name="Table10.1"> + <table:table-cell table:style-name="Table99.A1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + Impact + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + <text:span >Remediation</text:span> + </text:p> + </table:table-cell> + </table:table-row> +</table:table-header-rows> +<table:table-row> + <table:table-cell table:style-name="Table99.A2" office:value-type="string"> + <text:p text:style-name="P59"> + <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40"> + <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/> + <svg:title>Vulnerability Img</svg:title> + </draw:frame> + <text:s/>{risk}: {owasp}</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.B2" office:value-type="string"> + <text:p text:style-name="P59"> + <text:span >{impact}</text:span> + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C2" office:value-type="string"> + <text:p text:style-name="P30">{remediation}</text:p> + </table:table-cell> +</table:table-row> +</table:table> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">CVSS Base Score</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Vulnerabilities Exist On</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{hosts}</text:p> +<text:p text:style-name="PageBreak"></text:p> \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- +Nmap Bootstrap XSL +Creative Commons BY-SA +This software must not be used by military or secret service organisations. +Andreas Hontzia (@honze_net) +--> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/> + <xsl:template match="/"> + <html lang="en"> + <head> + <meta name="referrer" content="no-referrer"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/> + <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script> + <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> + <style> + .target:before { + content: ""; + display: block; + height: 50px; + margin: -20px 0 0; + } + @media only screen and (min-width:1900px) { + .container { + width: 1800px; + } + } + .footer { + margin-top:60px; + padding-top:60px; + width: 100%; + height: 180px; + background-color: #f5f5f5; + } + .clickable { + cursor: pointer; + } + .panel-heading > h3:before { + font-family: 'Glyphicons Halflings'; + content: "\e114"; /* glyphicon-chevron-down */ + padding-right: 1em; + } + .panel-heading.collapsed > h3:before { + content: "\e080"; /* glyphicon-chevron-right */ + } + </style> + <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title> + </head> + <body> + <nav class="navbar navbar-default navbar-fixed-top"> + <div class="container-fluid"> + <div class="navbar-header"> + <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false"> + <span class="sr-only">Toggle navigation</span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + </button> + <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a> + </div> + <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> + <ul class="nav navbar-nav"> + <li><a href="#scannedhosts">Scanned Hosts</a></li> + <li><a href="#onlinehosts">Online Hosts</a></li> + <li><a href="#openservices">Open Services</a></li> + </ul> + </div> + </div> + </nav> + <div class="container"> + <div class="jumbotron"> + <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre> + <p class="lead"> + <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/> + <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned. + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up. + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down. + </p> + <div class="progress"> + <div class="progress-bar progress-bar-success" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> + <span class="sr-only"></span> + </div> + <div class="progress-bar progress-bar-danger" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> + <span class="sr-only"></span> + </div> + </div> + </div> + <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2> + <div class="table-responsive"> + <table id="table-overview" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>State</th> + <th>Address</th> + <th>Hostname</th> + <th>TCP (open)</th> + <th>UDP (open)</th> + </tr> + </thead> + <tbody> + <xsl:choose> + <xsl:when test="/nmaprun/runstats/hosts/@down > 1024"> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:when> + <xsl:otherwise> + <xsl:for-each select="/nmaprun/host"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:otherwise> + </xsl:choose> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-overview').DataTable(); + }); + $('#table-overview').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + </script> + <h2 id="onlinehosts" class="target">Online Hosts</h2> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <div class="panel panel-default"> + <div class="panel-heading clickable" data-toggle="collapse"> + <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3> + </div> + <div class="panel-body collapse in"> + <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:if test="count(hostnames/hostname) > 0"> + <h4>Hostnames</h4> + <ul> + <xsl:for-each select="hostnames/hostname"> + <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li> + </xsl:for-each> + </ul> + </xsl:if> + <h4>Ports</h4> + <div class="table-responsive"> + <table class="table table-bordered"> + <thead> + <tr> + <th>Port</th> + <th>Protocol</th> + <th>State<br/>Reason</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>Extra Info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="ports/port"> + <xsl:choose> + <xsl:when test="state/@state = 'open'"> + <tr class="success"> + <td title="Port"><xsl:value-of select="@portid"/></td> + <td title="Protocol"><xsl:value-of select="@protocol"/></td> + <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td title="Service"><xsl:value-of select="service/@name"/></td> + <td title="Product"><xsl:value-of select="service/@product"/></td> + <td title="Version"><xsl:value-of select="service/@version"/></td> + <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td> + </tr> + <tr> + <td colspan="7"> + <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a> + <xsl:for-each select="script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + </td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'filtered'"> + <tr class="warning"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'closed'"> + <tr class="active"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:otherwise> + <tr class="info"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:otherwise> + </xsl:choose> + </xsl:for-each> + </tbody> + </table> + </div> + <xsl:if test="count(hostscript/script) > 0"> + <h4>Host Script</h4> + </xsl:if> + <xsl:for-each select="hostscript/script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + <xsl:if test="count(os/osmatch) > 0"> + <h4>OS Detection</h4> + <xsl:for-each select="os/osmatch"> + <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5> + <xsl:for-each select="osclass"> + Device type: <xsl:value-of select="@type"/><br/> + Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/> + OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a> + <br/> + </xsl:for-each> + <br/> + </xsl:for-each> + </xsl:if> + </div> + </div> + </xsl:for-each> + <h2 id="openservices" class="target">Open Services</h2> + <div class="table-responsive"> + <table id="table-services" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>Address</th> + <th>Port</th> + <th>Protocol</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>CPE</th> + <th>Extra info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="/nmaprun/host"> + <xsl:for-each select="ports/port[state/@state='open']"> + <tr> + <td><a> + <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/> + <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/cpe"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:for-each> + </xsl:for-each> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-services').DataTable(); + $("a[href^='#onlinehosts-']").click(function(event){ + event.preventDefault(); + $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500); + }); + }); + $('#table-services').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + + </script> + </div> + <footer class="footer"> + <div class="container"> + <p class="text-muted"> + This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/> + Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/> + Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/> + </p> + </div> + </footer> + </body> + </html> + </xsl:template> +</xsl:stylesheet> diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="3"><text:span>{title}</text:span> + </text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> +</text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Description</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{tech_description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Solution</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{solution}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Risk Analysis</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<table:table table:name="Table99" table:style-name="Table6"> + <table:table-column table:style-name="Table99.A"/> + <table:table-column table:style-name="Table99.B"/> + <table:table-column table:style-name="Table99.C"/> + <table:table-header-rows><table:table-row table:style-name="Table10.1"> + <table:table-cell table:style-name="Table99.A1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + Impact + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + <text:span >Remediation</text:span> + </text:p> + </table:table-cell> + </table:table-row> +</table:table-header-rows> +<table:table-row> + <table:table-cell table:style-name="Table99.A2" office:value-type="string"> + <text:p text:style-name="P59"> + <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40"> + <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/> + <svg:title>Vulnerability Img</svg:title> + </draw:frame> + <text:s/>{risk}: {owasp}</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.B2" office:value-type="string"> + <text:p text:style-name="P59"> + <text:span >{impact}</text:span> + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C2" office:value-type="string"> + <text:p text:style-name="P30">{remediation}</text:p> + </table:table-cell> +</table:table-row> +</table:table> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">CVSS Base Score</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Vulnerabilities Exist On</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{hosts}</text:p> +<text:p text:style-name="PageBreak"></text:p> \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- +Nmap Bootstrap XSL +Creative Commons BY-SA +This software must not be used by military or secret service organisations. +Andreas Hontzia (@honze_net) +--> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/> + <xsl:template match="/"> + <html lang="en"> + <head> + <meta name="referrer" content="no-referrer"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/> + <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script> + <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> + <style> + .target:before { + content: ""; + display: block; + height: 50px; + margin: -20px 0 0; + } + @media only screen and (min-width:1900px) { + .container { + width: 1800px; + } + } + .footer { + margin-top:60px; + padding-top:60px; + width: 100%; + height: 180px; + background-color: #f5f5f5; + } + .clickable { + cursor: pointer; + } + .panel-heading > h3:before { + font-family: 'Glyphicons Halflings'; + content: "\e114"; /* glyphicon-chevron-down */ + padding-right: 1em; + } + .panel-heading.collapsed > h3:before { + content: "\e080"; /* glyphicon-chevron-right */ + } + </style> + <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title> + </head> + <body> + <nav class="navbar navbar-default navbar-fixed-top"> + <div class="container-fluid"> + <div class="navbar-header"> + <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false"> + <span class="sr-only">Toggle navigation</span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + </button> + <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a> + </div> + <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> + <ul class="nav navbar-nav"> + <li><a href="#scannedhosts">Scanned Hosts</a></li> + <li><a href="#onlinehosts">Online Hosts</a></li> + <li><a href="#openservices">Open Services</a></li> + </ul> + </div> + </div> + </nav> + <div class="container"> + <div class="jumbotron"> + <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre> + <p class="lead"> + <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/> + <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned. + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up. + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down. + </p> + <div class="progress"> + <div class="progress-bar progress-bar-success" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> + <span class="sr-only"></span> + </div> + <div class="progress-bar progress-bar-danger" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> + <span class="sr-only"></span> + </div> + </div> + </div> + <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2> + <div class="table-responsive"> + <table id="table-overview" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>State</th> + <th>Address</th> + <th>Hostname</th> + <th>TCP (open)</th> + <th>UDP (open)</th> + </tr> + </thead> + <tbody> + <xsl:choose> + <xsl:when test="/nmaprun/runstats/hosts/@down > 1024"> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:when> + <xsl:otherwise> + <xsl:for-each select="/nmaprun/host"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:otherwise> + </xsl:choose> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-overview').DataTable(); + }); + $('#table-overview').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + </script> + <h2 id="onlinehosts" class="target">Online Hosts</h2> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <div class="panel panel-default"> + <div class="panel-heading clickable" data-toggle="collapse"> + <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3> + </div> + <div class="panel-body collapse in"> + <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:if test="count(hostnames/hostname) > 0"> + <h4>Hostnames</h4> + <ul> + <xsl:for-each select="hostnames/hostname"> + <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li> + </xsl:for-each> + </ul> + </xsl:if> + <h4>Ports</h4> + <div class="table-responsive"> + <table class="table table-bordered"> + <thead> + <tr> + <th>Port</th> + <th>Protocol</th> + <th>State<br/>Reason</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>Extra Info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="ports/port"> + <xsl:choose> + <xsl:when test="state/@state = 'open'"> + <tr class="success"> + <td title="Port"><xsl:value-of select="@portid"/></td> + <td title="Protocol"><xsl:value-of select="@protocol"/></td> + <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td title="Service"><xsl:value-of select="service/@name"/></td> + <td title="Product"><xsl:value-of select="service/@product"/></td> + <td title="Version"><xsl:value-of select="service/@version"/></td> + <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td> + </tr> + <tr> + <td colspan="7"> + <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a> + <xsl:for-each select="script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + </td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'filtered'"> + <tr class="warning"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'closed'"> + <tr class="active"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:otherwise> + <tr class="info"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:otherwise> + </xsl:choose> + </xsl:for-each> + </tbody> + </table> + </div> + <xsl:if test="count(hostscript/script) > 0"> + <h4>Host Script</h4> + </xsl:if> + <xsl:for-each select="hostscript/script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + <xsl:if test="count(os/osmatch) > 0"> + <h4>OS Detection</h4> + <xsl:for-each select="os/osmatch"> + <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5> + <xsl:for-each select="osclass"> + Device type: <xsl:value-of select="@type"/><br/> + Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/> + OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a> + <br/> + </xsl:for-each> + <br/> + </xsl:for-each> + </xsl:if> + </div> + </div> + </xsl:for-each> + <h2 id="openservices" class="target">Open Services</h2> + <div class="table-responsive"> + <table id="table-services" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>Address</th> + <th>Port</th> + <th>Protocol</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>CPE</th> + <th>Extra info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="/nmaprun/host"> + <xsl:for-each select="ports/port[state/@state='open']"> + <tr> + <td><a> + <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/> + <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/cpe"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:for-each> + </xsl:for-each> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-services').DataTable(); + $("a[href^='#onlinehosts-']").click(function(event){ + event.preventDefault(); + $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500); + }); + }); + $('#table-services').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + + </script> + </div> + <footer class="footer"> + <div class="container"> + <p class="text-muted"> + This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/> + Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/> + Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/> + </p> + </div> + </footer> + </body> + </html> + </xsl:template> +</xsl:stylesheet> diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1 @@ +<?php phpinfo(); ?> diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">None Identified</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171"/> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172"/> + </table:table-cell> + </table:table-row> + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + <table:table-row table:style-name="Table11.1"> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P189">'.$sumKey.'</text:p> + <text:p text:style-name="P170">'.$sumVal[0].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.A2" office:value-type="string"> + <text:p text:style-name="P170">'.$sumVal[1].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P171">'.$sumVal[4].'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table11.C2" office:value-type="string"> + <text:p text:style-name="P172">'.$sumVal[2].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' +<table:table table:name="Table8" table:style-name="Table8"> + <table:table-column table:style-name="Table8.C"/> + <table:table-column table:style-name="Table8.D"/> + <table:table-header-rows> + <table:table-row table:style-name="Table8.1"> + <table:table-cell table:style-name="Table8.A1" office:value-type="string"> + <text:p text:style-name="P71">Vulnerabilities in This Category</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B1" office:value-type="string"> + <text:p text:style-name="P72">Document Reference</text:p> + </table:table-cell> + </table:table-row> + </table:table-header-rows> + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + <table:table-row> + <table:table-cell table:style-name="Table8.A10" office:value-type="string"> + <text:p text:style-name="P40">'.$sumKey.'</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table8.B2" office:value-type="string"> + <text:p text:style-name="P44">'.$sumVal[4].'</text:p> + </table:table-cell> + </table:table-row> + '; + } + // close the table + ${$sumVal[3]."_table"} .= '</table:table>'; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline"> @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="3"><text:span>{title}</text:span> + </text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> +</text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Description</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{tech_description}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Solution</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{solution}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Risk Analysis</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<table:table table:name="Table99" table:style-name="Table6"> + <table:table-column table:style-name="Table99.A"/> + <table:table-column table:style-name="Table99.B"/> + <table:table-column table:style-name="Table99.C"/> + <table:table-header-rows><table:table-row table:style-name="Table10.1"> + <table:table-cell table:style-name="Table99.A1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + Impact + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C1" office:value-type="string"> + <text:p text:style-name="Sapphire_20_Table_20_Header"> + <text:span >Remediation</text:span> + </text:p> + </table:table-cell> + </table:table-row> +</table:table-header-rows> +<table:table-row> + <table:table-cell table:style-name="Table99.A2" office:value-type="string"> + <text:p text:style-name="P59"> + <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40"> + <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/> + <svg:title>Vulnerability Img</svg:title> + </draw:frame> + <text:s/>{risk}: {owasp}</text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.B2" office:value-type="string"> + <text:p text:style-name="P59"> + <text:span >{impact}</text:span> + </text:p> + </table:table-cell> + <table:table-cell table:style-name="Table99.C2" office:value-type="string"> + <text:p text:style-name="P30">{remediation}</text:p> + </table:table-cell> +</table:table-row> +</table:table> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">CVSS Base Score</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p> +<text:list text:continue-numbering="true" text:style-name="Outline"> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:list> + <text:list-item> + <text:h text:outline-level="4">Vulnerabilities Exist On</text:h> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> + </text:list> + </text:list-item> +</text:list> +<text:p text:style-name="Text_20_body">{hosts}</text:p> +<text:p text:style-name="PageBreak"></text:p> \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- +Nmap Bootstrap XSL +Creative Commons BY-SA +This software must not be used by military or secret service organisations. +Andreas Hontzia (@honze_net) +--> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/> + <xsl:template match="/"> + <html lang="en"> + <head> + <meta name="referrer" content="no-referrer"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/> + <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/> + <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script> + <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script> + <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> + <style> + .target:before { + content: ""; + display: block; + height: 50px; + margin: -20px 0 0; + } + @media only screen and (min-width:1900px) { + .container { + width: 1800px; + } + } + .footer { + margin-top:60px; + padding-top:60px; + width: 100%; + height: 180px; + background-color: #f5f5f5; + } + .clickable { + cursor: pointer; + } + .panel-heading > h3:before { + font-family: 'Glyphicons Halflings'; + content: "\e114"; /* glyphicon-chevron-down */ + padding-right: 1em; + } + .panel-heading.collapsed > h3:before { + content: "\e080"; /* glyphicon-chevron-right */ + } + </style> + <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title> + </head> + <body> + <nav class="navbar navbar-default navbar-fixed-top"> + <div class="container-fluid"> + <div class="navbar-header"> + <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false"> + <span class="sr-only">Toggle navigation</span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + </button> + <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a> + </div> + <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> + <ul class="nav navbar-nav"> + <li><a href="#scannedhosts">Scanned Hosts</a></li> + <li><a href="#onlinehosts">Online Hosts</a></li> + <li><a href="#openservices">Open Services</a></li> + </ul> + </div> + </div> + </nav> + <div class="container"> + <div class="jumbotron"> + <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre> + <p class="lead"> + <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/> + <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned. + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up. + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down. + </p> + <div class="progress"> + <div class="progress-bar progress-bar-success" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> + <span class="sr-only"></span> + </div> + <div class="progress-bar progress-bar-danger" style="width: 0%"> + <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute> + <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> + <span class="sr-only"></span> + </div> + </div> + </div> + <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2> + <div class="table-responsive"> + <table id="table-overview" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>State</th> + <th>Address</th> + <th>Hostname</th> + <th>TCP (open)</th> + <th>UDP (open)</th> + </tr> + </thead> + <tbody> + <xsl:choose> + <xsl:when test="/nmaprun/runstats/hosts/@down > 1024"> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:when> + <xsl:otherwise> + <xsl:for-each select="/nmaprun/host"> + <tr> + <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td> + <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td> + <td><xsl:value-of select="hostnames/hostname/@name"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td> + <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td> + </tr> + </xsl:for-each> + </xsl:otherwise> + </xsl:choose> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-overview').DataTable(); + }); + $('#table-overview').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + </script> + <h2 id="onlinehosts" class="target">Online Hosts</h2> + <xsl:for-each select="/nmaprun/host[status/@state='up']"> + <div class="panel panel-default"> + <div class="panel-heading clickable" data-toggle="collapse"> + <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3> + </div> + <div class="panel-body collapse in"> + <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute> + <xsl:if test="count(hostnames/hostname) > 0"> + <h4>Hostnames</h4> + <ul> + <xsl:for-each select="hostnames/hostname"> + <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li> + </xsl:for-each> + </ul> + </xsl:if> + <h4>Ports</h4> + <div class="table-responsive"> + <table class="table table-bordered"> + <thead> + <tr> + <th>Port</th> + <th>Protocol</th> + <th>State<br/>Reason</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>Extra Info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="ports/port"> + <xsl:choose> + <xsl:when test="state/@state = 'open'"> + <tr class="success"> + <td title="Port"><xsl:value-of select="@portid"/></td> + <td title="Protocol"><xsl:value-of select="@protocol"/></td> + <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td title="Service"><xsl:value-of select="service/@name"/></td> + <td title="Product"><xsl:value-of select="service/@product"/></td> + <td title="Version"><xsl:value-of select="service/@version"/></td> + <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td> + </tr> + <tr> + <td colspan="7"> + <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a> + <xsl:for-each select="script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + </td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'filtered'"> + <tr class="warning"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:when test="state/@state = 'closed'"> + <tr class="active"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:when> + <xsl:otherwise> + <tr class="info"> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:otherwise> + </xsl:choose> + </xsl:for-each> + </tbody> + </table> + </div> + <xsl:if test="count(hostscript/script) > 0"> + <h4>Host Script</h4> + </xsl:if> + <xsl:for-each select="hostscript/script"> + <h5><xsl:value-of select="@id"/></h5> + <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre> + </xsl:for-each> + <xsl:if test="count(os/osmatch) > 0"> + <h4>OS Detection</h4> + <xsl:for-each select="os/osmatch"> + <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5> + <xsl:for-each select="osclass"> + Device type: <xsl:value-of select="@type"/><br/> + Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/> + OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a> + <br/> + </xsl:for-each> + <br/> + </xsl:for-each> + </xsl:if> + </div> + </div> + </xsl:for-each> + <h2 id="openservices" class="target">Open Services</h2> + <div class="table-responsive"> + <table id="table-services" class="table table-striped dataTable" role="grid"> + <thead> + <tr> + <th>Address</th> + <th>Port</th> + <th>Protocol</th> + <th>Service</th> + <th>Product</th> + <th>Version</th> + <th>CPE</th> + <th>Extra info</th> + </tr> + </thead> + <tbody> + <xsl:for-each select="/nmaprun/host"> + <xsl:for-each select="ports/port[state/@state='open']"> + <tr> + <td><a> + <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/> + <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td> + <td><xsl:value-of select="@portid"/></td> + <td><xsl:value-of select="@protocol"/></td> + <td><xsl:value-of select="service/@name"/></td> + <td><xsl:value-of select="service/@product"/></td> + <td><xsl:value-of select="service/@version"/></td> + <td><xsl:value-of select="service/cpe"/></td> + <td><xsl:value-of select="service/@extrainfo"/></td> + </tr> + </xsl:for-each> + </xsl:for-each> + </tbody> + </table> + </div> + <script> + $(document).ready(function() { + $('#table-services').DataTable(); + $("a[href^='#onlinehosts-']").click(function(event){ + event.preventDefault(); + $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500); + }); + }); + $('#table-services').DataTable( { + "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ] + }); + + </script> + </div> + <footer class="footer"> + <div class="container"> + <p class="text-muted"> + This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/> + Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/> + Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/> + </p> + </div> + </footer> + </body> + </html> + </xsl:template> +</xsl:stylesheet> diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1 @@ +<?php phpinfo(); ?> diff --git a/phpinfo.png b/phpinfo.png new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.png @@ -0,0 +1 @@ +<?php phpinfo(); ?>