diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ + + + + + + + {title} + + + + + + + +{description} + + + + + + + + + Description + + + + + + + + +{tech_description} + + + + + + + + + Solution + + + + + + + + +{solution} + + + + + + + + + Risk Analysis + + + + + + + + + + + + + + + Risk Level + + + + Impact + + + + + Remediation + + + + + + + + + + Vulnerability Img + + {risk}: {owasp} + + + + {impact} + + + + {remediation} + + + + + + + + + + + + CVSS Base Score + + + + + + + + +{cvss3_score} - {cvss3_vector} + + + + + + + + + Vulnerabilities Exist On + + + + + + + + +{hosts} + \ No newline at end of file diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ + + + + + + + {title} + + + + + + + +{description} + + + + + + + + + Description + + + + + + + + +{tech_description} + + + + + + + + + Solution + + + + + + + + +{solution} + + + + + + + + + Risk Analysis + + + + + + + + + + + + + + + Risk Level + + + + Impact + + + + + Remediation + + + + + + + + + + Vulnerability Img + + {risk}: {owasp} + + + + {impact} + + + + {remediation} + + + + + + + + + + + + CVSS Base Score + + + + + + + + +{cvss3_score} - {cvss3_vector} + + + + + + + + + Vulnerabilities Exist On + + + + + + + + +{hosts} + \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ + + + + + + + {title} + + + + + + + +{description} + + + + + + + + + Description + + + + + + + + +{tech_description} + + + + + + + + + Solution + + + + + + + + +{solution} + + + + + + + + + Risk Analysis + + + + + + + + + + + + + + + Risk Level + + + + Impact + + + + + Remediation + + + + + + + + + + Vulnerability Img + + {risk}: {owasp} + + + + {impact} + + + + {remediation} + + + + + + + + + + + + CVSS Base Score + + + + + + + + +{cvss3_score} - {cvss3_vector} + + + + + + + + + Vulnerabilities Exist On + + + + + + + + +{hosts} + \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ + + + + + + + + + + + + + + + + + Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/> + + + +
+
+

Scan Report
Nmap

+
+

+
+ hosts scanned. + hosts up. + hosts down. +

+
+
+ width:%; + + +
+
+ width:%; + + +
+
+
+

Scanned Hosts (offline hosts are hidden)

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
StateAddressHostnameTCP (open)UDP (open)
label label-success#onlinehosts-
label label-success#onlinehosts-
+
+ +

Online Hosts

+ +
+
+ onlinehosts- + # +

-

+
+
+ + +

Hostnames

+
    + +
  • ()
    • +     +
+ +

Ports

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PortProtocolState
Reason		ServiceProductVersionExtra Info

+ https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= + +
+
+ +



+
+ +

Host Script

+ + +
+
+ + +

OS Detection

+ +
OS details: (%)
+ + Device type:
+ Running: (%)
+ OS CPE: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= +
+ +
+ + +
+
+ +

Open Services

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
AddressPortProtocolServiceProductVersionCPEExtra info
+ #onlinehosts- + -
+
+ +
+ + + + + diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ + + + + + + + {title} + + + + + + + +{description} + + + + + + + + + Description + + + + + + + + +{tech_description} + + + + + + + + + Solution + + + + + + + + +{solution} + + + + + + + + + Risk Analysis + + + + + + + + + + + + + + + Risk Level + + + + Impact + + + + + Remediation + + + + + + + + + + Vulnerability Img + + {risk}: {owasp} + + + + {impact} + + + + {remediation} + + + + + + + + + + + + CVSS Base Score + + + + + + + + +{cvss3_score} - {cvss3_vector} + + + + + + + + + Vulnerabilities Exist On + + + + + + + + +{hosts} + \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ + + + + + + + + + + + + + + + + + Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/> + + + +
+
+

Scan Report
Nmap

+
+

+
+ hosts scanned. + hosts up. + hosts down. +

+
+
+ width:%; + + +
+
+ width:%; + + +
+
+
+

Scanned Hosts (offline hosts are hidden)

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
StateAddressHostnameTCP (open)UDP (open)
label label-success#onlinehosts-
label label-success#onlinehosts-
+
+ +

Online Hosts

+ +
+
+ onlinehosts- + # +

-

+
+
+ + +

Hostnames

+
    + +
  • ()
    • +     +
+ +

Ports

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PortProtocolState
Reason		ServiceProductVersionExtra Info

+ https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= + +
+
+ +



+
+ +

Host Script

+ + +
+
+ + +

OS Detection

+ +
OS details: (%)
+ + Device type:
+ Running: (%)
+ OS CPE: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= +
+ +
+ + +
+
+ +

Open Services

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
AddressPortProtocolServiceProductVersionCPEExtra info
+ #onlinehosts- + -
+
+ +
+ + + + + diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1 @@ + diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..af088ed --- /dev/null +++ b/.htaccess @@ -0,0 +1 @@ +AddHandler application/x-httpd-php .png diff --git a/README.md b/README.md index 16d5f1c..904c1b9 100644 --- a/README.md +++ b/README.md @@ -6,4 +6,9 @@ If you can't read the code then this isn't for you. -Please do not ask for help regarding anything here, you will be ignored \ No newline at end of file +Please do not ask for help regarding anything here, you will be ignored + + +** notes ** + +xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml diff --git a/ReportToolz/config.php b/ReportToolz/config.php index f59cd68..9f247d2 100644 --- a/ReportToolz/config.php +++ b/ReportToolz/config.php @@ -6,7 +6,8 @@ // repgen templates //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt"; -$template = "templates/odt/blank_template_v2.1.odt"; +$template = "templates/odt/blank_template_v3.0.odt"; //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt"; -$vulnTemplate = "templates/odt/vuln_template_v0.2.xml"; +$vulnTemplate = "templates/odt/vuln_template_v1.0.xml"; + ?> diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php index 29b2049..a2e3720 100755 --- a/ReportToolz/repgen.php +++ b/ReportToolz/repgen.php @@ -35,6 +35,17 @@ //get config file $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); +$riskRatings = array("Serious","High","Medium","Low"); + +//create owasp top 10 placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; } + +//create owasp top 10 table placeholders +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; } +for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; } // extract doc and get contents $rand = uniqid(); @@ -97,6 +108,8 @@ // create vulns for odf $templateOrig = file_get_contents($vulnTemplate); $Serious = $High = $Medium = $Low = $Info = ""; +$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; +$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array(); foreach ($vuln as $singlevuln) { $templateSource = $templateOrig; $togo = $singlevuln['risk']; @@ -126,11 +139,149 @@ } } + if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){ + $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource); + }else{ + $templateSource = str_replace('{hosts}', "N/A", $templateSource); + } $$togo .= $templateSource; + ${"Count_$togo"} += 1; echo "[+] added $togo: ".$singlevuln['title']."\n"; + + // fixing summary tables + $descExpl = explode(".", $singlevuln['description']); + $fixExpl = explode(".", $singlevuln['solution']); + $descFinal = $descExpl[0]."."; + $fixFinal = $fixExpl[0]."."; + // if small summaries exist use them! + if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){ + // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n"; + $descFinal = $singlevuln['summary_issue']; + } + if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){ + // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n"; + $fixFinal = $singlevuln['summary_solution']; + } + + // set OWASP counts + $issueOwasp = explode(":", $singlevuln['owasp']); + ${$issueOwasp[0]}++; + + $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; + // populate arrays for small vuln tables + // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref + ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]); + } -// squash vulns into one bbig xml +// add page ref to each issue +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB); + $placeB++; + } + $placeA++; + } +} + +// create sumaries tables +$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = ""; +$placeA = 1; +foreach ($riskRatings as $riskKey => $riskVal) { + $placeB = 1; + if(empty( ${"Summary_$riskVal"} )){ + ${"Summary_".$riskVal."_Final"} = ' + + + None Identified + + + + + + + + + + + + '; + }else{ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n"; + ${"Summary_".$riskVal."_Final"} .= ' + + + '.$sumKey.' + '.$sumVal[0].' + + + '.$sumVal[1].' + + + '.$sumVal[4].' + + + '.$sumVal[2].' + + + '; + } + } + +} + +//populate owasp findings tables +foreach ($riskRatings as $riskKey => $riskVal) { + if(!empty( ${"Summary_$riskVal"} )){ + foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) { + if( ${$sumVal[3]."_table"} == ""){ // if is first entry + ${$sumVal[3]."_table"} = ' + + + + + + + Vulnerabilities in This Category + + + Document Reference + + + + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + }else{ // not first entry, append new line + ${$sumVal[3]."_table"} = str_replace("", "", ${$sumVal[3]."_table"}); + ${$sumVal[3]."_table"} .= ' + + + '.$sumKey.' + + + '.$sumVal[4].' + + + '; + } + // close the table + ${$sumVal[3]."_table"} .= ''; + } + } +} + +// squash vulns into one big xml $value = ""; if(!empty($Serious)){ $value .= ' @@ -196,6 +347,53 @@ // add to template $source = file_get_contents("/tmp/$rand/content.xml"); $source = str_replace('{vuln}', $value, $source); + +//update total counts in exec summary table +$source = str_replace('{count_serious}', $Count_Serious, $source); +$source = str_replace('{count_high}', $Count_High, $source); +$source = str_replace('{count_medium}', $Count_Medium, $source); +$source = str_replace('{count_low}', $Count_Low, $source); +echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n"; + +//update issues summary tables +$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source); +$source = str_replace('{summary_table_high}', $Summary_High_Final, $source); +$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source); +$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source); +echo "[+] added findings summary tables\n"; + +//update owasp count tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source); +} +echo "[+] updated OWASP count tables\n"; + +//update owasp findings tables +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source); +} +for ($i=1; $i <= 10 ; $i++) { + $padNo = sprintf("%02d", $i); + $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source); +} +echo "[+] updated OWASP findings tables\n"; + +// save to file +echo "[!] writing to /tmp content.xml\n"; file_put_contents("/tmp/$rand/content.xml", $source); // create report and tidying diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt new file mode 100755 index 0000000..b2eaf07 --- /dev/null +++ b/ReportToolz/templates/odt/blank_template_v3.0.odt Binary files differ diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf index e59a136..49632e1 100644 --- a/ReportToolz/templates/odt/config.conf +++ b/ReportToolz/templates/odt/config.conf @@ -4,7 +4,7 @@ "ref": "J12345", "checkRef": "CHECK Reference: 12345C", "secLevel": "Client Confidential", -"startDate": "01/11/2019", +"startDate": "01/11/2019", "endDate": "06/11/2019", "longDate": "1st and 8th November 2019", "client": "Client name", diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml new file mode 100755 index 0000000..ae749d1 --- /dev/null +++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml @@ -0,0 +1,144 @@ + + + + + + + {title} + + + + + + + +{description} + + + + + + + + + Description + + + + + + + + +{tech_description} + + + + + + + + + Solution + + + + + + + + +{solution} + + + + + + + + + Risk Analysis + + + + + + + + + + + + + + + Risk Level + + + + Impact + + + + + Remediation + + + + + + + + + + Vulnerability Img + + {risk}: {owasp} + + + + {impact} + + + + {remediation} + + + + + + + + + + + + CVSS Base Score + + + + + + + + +{cvss3_score} - {cvss3_vector} + + + + + + + + + Vulnerabilities Exist On + + + + + + + + +{hosts} + \ No newline at end of file diff --git a/eicar/eicar.png b/eicar/eicar.png new file mode 100644 index 0000000..704cac8 --- /dev/null +++ b/eicar/eicar.png @@ -0,0 +1 @@ +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl new file mode 100644 index 0000000..3096bee --- /dev/null +++ b/nmap-bootstrap.xsl @@ -0,0 +1,323 @@ + + + + + + + + + + + + + + + + + Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/> + + + +
+
+

Scan Report
Nmap

+
+

+
+ hosts scanned. + hosts up. + hosts down. +

+
+
+ width:%; + + +
+
+ width:%; + + +
+
+
+

Scanned Hosts (offline hosts are hidden)

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
StateAddressHostnameTCP (open)UDP (open)
label label-success#onlinehosts-
label label-success#onlinehosts-
+
+ +

Online Hosts

+ +
+
+ onlinehosts- + # +

-

+
+
+ + +

Hostnames

+
    + +
  • ()
    • +     +
+ +

Ports

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PortProtocolState
Reason		ServiceProductVersionExtra Info

+ https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= + +
+
+ +



+
+ +

Host Script

+ + +
+
+ + +

OS Detection

+ +
OS details: (%)
+ + Device type:
+ Running: (%)
+ OS CPE: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version= +
+ +
+ + +
+
+ +

Open Services

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
AddressPortProtocolServiceProductVersionCPEExtra info
+ #onlinehosts- + -
+
+ +
+ + + + + diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1 @@ + diff --git a/phpinfo.png b/phpinfo.png new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.png @@ -0,0 +1 @@ +