diff --git a/ReportToolz/pt2json.php b/ReportToolz/pt2json.php index 23500af..fca3ac2 100755 --- a/ReportToolz/pt2json.php +++ b/ReportToolz/pt2json.php @@ -40,63 +40,131 @@ $json = json_encode($ob); $configData = json_decode($json, true); -$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/"; +//$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/"; -foreach ($configData['report_sections']['section']['subsection'] as $key => $value) { - # code... - //echo $value['title']."\n"; - //print_r($value); - foreach($value['finding'] as $key2 => $value2){ - if($filter->getParam('no-save') === true){ - echo "[+] issue: ".$value2['@attributes']['title']."\n"; - }else{ - echo "[+] creating json for: ".$value2['@attributes']['title']."\n"; - } - $vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) ); +if( isset($configData['report_sections']['section'][0]['subsection'][0]['@attributes']['title'])){ + // multiple headings + foreach( $configData['report_sections']['section'] as $key1 => $val1 ){ + //echo $key1." - ".$val1."\n"; + foreach ($val1['subsection'] as $key => $value) { + if(isset($value['finding'] )){ + foreach($value['finding'] as $key2 => $value2){ + if(isset($value2['@attributes']['title']) && isset($value2['summary_description'])){ + if($filter->getParam('no-save') === true){ + echo "[+] issue: ".$value2['@attributes']['title']."\n"; + }else{ + echo "[+] creating json for: ".$value2['@attributes']['title']."\n"; + } + $vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) ); - if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){ - $cvss3_score = $value2['cvss']; - $cvss3_vector = $value2['cvss_vector']; - }else{ - $cvss3_score = ""; - $cvss3_vector = ""; - } + if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){ + $cvss3_score = $value2['cvss']; + $cvss3_vector = $value2['cvss_vector']; + }else{ + $cvss3_score = ""; + $cvss3_vector = ""; + } - $techD = ""; - foreach ($value2['section'] as $key => $value) { - # code... - $techD .= @base64_decode($value)."\n"; - } - $cvssS = (isset($value2['cvss']))? $value2['cvss'] : ""; + $techD = ""; + foreach ($value2['section'] as $key => $value) { + # code... + $techD .= @base64_decode($value)."\n"; + } + $cvssS = (isset($value2['cvss']))? $value2['cvss'] : ""; - $sev = $value2['severity']; - $sev = str_replace("serious", "Serious", $sev); - $sev = str_replace("high", "High", $sev); - $sev = str_replace("medium", "Medium", $sev); - $sev = str_replace("low", "Low", $sev); - $sev = str_replace("info", "Informational", $sev); + $sev = $value2['severity']; + $sev = str_replace("serious", "Serious", $sev); + $sev = str_replace("high", "High", $sev); + $sev = str_replace("medium", "Medium", $sev); + $sev = str_replace("low", "Low", $sev); + $sev = str_replace("info", "Informational", $sev); - $jsonFile = '{ - "title":'.json_encode($value2['@attributes']['title']).', - "category":"", - "remediation":'.json_encode(base64_decode($value2['remediation'])).', - "cvss_score":'.json_encode($cvssS).', - "risk":'.json_encode($sev).', - "impact":"High/Medium/Low", - "description":'.json_encode(base64_decode($value2['summary_description'])).', - "tech_description":'.json_encode($techD).', - "solution":'.json_encode(base64_decode($value2['summary_fix'])).', - "cvss2_score":"", - "cvss2_vector":"", - "cvss3_score":'.json_encode($cvss3_score).', - "cvss3_vector":'.json_encode($cvss3_vector).', - "owasp":"", - "tags":'.json_encode(base64_decode($value2['vuln_tags'])).', - "to_check":"checked"}'; + $jsonFile = '{ + "title":'.json_encode($value2['@attributes']['title']).', + "category":"", + "remediation":'.json_encode(base64_decode($value2['remediation'])).', + "cvss_score":'.json_encode($cvssS).', + "risk":'.json_encode($sev).', + "impact":"High/Medium/Low", + "description":'.json_encode(base64_decode($value2['summary_description'])).', + "tech_description":'.json_encode($techD).', + "solution":'.json_encode(base64_decode($value2['summary_fix'])).', + "cvss2_score":"", + "cvss2_vector":"", + "cvss3_score":'.json_encode($cvss3_score).', + "cvss3_vector":'.json_encode($cvss3_vector).', + "owasp":"", + "tags":'.json_encode(base64_decode($value2['vuln_tags'])).', + "to_check":"checked"}'; - if($filter->getParam('no-save') === false){ - file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile); + if($filter->getParam('no-save') === false){ + file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile); + } + } + } + } + } } - + // single heading +}else{ + foreach ($configData['report_sections']['section']['subsection'] as $key => $value) { + # code... + //echo $value['title']."\n"; + //print_r($value); + foreach($value['finding'] as $key2 => $value2){ + + if($filter->getParam('no-save') === true){ + echo "[+] issue: ".$value2['@attributes']['title']."\n"; + }else{ + echo "[+] creating json for: ".$value2['@attributes']['title']."\n"; + } + $vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) ); + + if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){ + $cvss3_score = $value2['cvss']; + $cvss3_vector = $value2['cvss_vector']; + }else{ + $cvss3_score = ""; + $cvss3_vector = ""; + } + + $techD = ""; + foreach ($value2['section'] as $key => $value) { + # code... + $techD .= @base64_decode($value)."\n"; + } + $cvssS = (isset($value2['cvss']))? $value2['cvss'] : ""; + + $sev = $value2['severity']; + $sev = str_replace("serious", "Serious", $sev); + $sev = str_replace("high", "High", $sev); + $sev = str_replace("medium", "Medium", $sev); + $sev = str_replace("low", "Low", $sev); + $sev = str_replace("info", "Informational", $sev); + + $jsonFile = '{ + "title":'.json_encode($value2['@attributes']['title']).', + "category":"", + "remediation":'.json_encode(base64_decode($value2['remediation'])).', + "cvss_score":'.json_encode($cvssS).', + "risk":'.json_encode($sev).', + "impact":"High/Medium/Low", + "description":'.json_encode(base64_decode($value2['summary_description'])).', + "tech_description":'.json_encode($techD).', + "solution":'.json_encode(base64_decode($value2['summary_fix'])).', + "cvss2_score":"", + "cvss2_vector":"", + "cvss3_score":'.json_encode($cvss3_score).', + "cvss3_vector":'.json_encode($cvss3_vector).', + "owasp":"", + "tags":'.json_encode(base64_decode($value2['vuln_tags'])).', + "to_check":"checked"}'; + + if($filter->getParam('no-save') === false){ + file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile); + } + } + + } } \ No newline at end of file