diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 1566129..49f29da 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -1,3 +1,5 @@
+# Report generation scripts
+
First copy templates/odt/config.conf to current work dir.
Fill out fields in config.conf (company name, your name, contact, tel etc.)
@@ -60,4 +62,30 @@
5.2.3 |Wildcard SSL Certificate |Low |3.7 |Configuration |A6 Security Misconfiguration
```
-copy created csv tables into corresponding parts of report
\ No newline at end of file
+copy created csv tables into corresponding parts of report
+
+# Vulnerability DB script
+
+```
+╰» ./vdb.php -s xss
+Ref | Title | Description
+-------|--------------------------------------------------|----------------------------------------------------------------
+125 |Missing HTTP Security Headers |- description here -
+151 |Reflected Cross-Site Scripting (XSS) |- description here -
+152 |Stored Cross-Site Scripting (XSS) |- description here -
+
+╰» ./vdb.php -i 151
+151 - Reflected Cross-Site Scripting (XSS)
+CVSS: -snip- Risk: -snip- OWASP: -snip-
+CVSS2: -snip-
+CVSS3: -snip-
+Description: -snip-
+Technical Description: -snip-
+Soluton: -snip-
+Impact: -snip-
+Remediation: -snip-
+Tags: reflected, xss, javascript, injection
+
+╰» ./vdb.php -i 151 -p /tmp
+xss-reflected.json copied to /tmp/
+```
\ No newline at end of file
diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 1566129..49f29da 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -1,3 +1,5 @@
+# Report generation scripts
+
First copy templates/odt/config.conf to current work dir.
Fill out fields in config.conf (company name, your name, contact, tel etc.)
@@ -60,4 +62,30 @@
5.2.3 |Wildcard SSL Certificate |Low |3.7 |Configuration |A6 Security Misconfiguration
```
-copy created csv tables into corresponding parts of report
\ No newline at end of file
+copy created csv tables into corresponding parts of report
+
+# Vulnerability DB script
+
+```
+╰» ./vdb.php -s xss
+Ref | Title | Description
+-------|--------------------------------------------------|----------------------------------------------------------------
+125 |Missing HTTP Security Headers |- description here -
+151 |Reflected Cross-Site Scripting (XSS) |- description here -
+152 |Stored Cross-Site Scripting (XSS) |- description here -
+
+╰» ./vdb.php -i 151
+151 - Reflected Cross-Site Scripting (XSS)
+CVSS: -snip- Risk: -snip- OWASP: -snip-
+CVSS2: -snip-
+CVSS3: -snip-
+Description: -snip-
+Technical Description: -snip-
+Soluton: -snip-
+Impact: -snip-
+Remediation: -snip-
+Tags: reflected, xss, javascript, injection
+
+╰» ./vdb.php -i 151 -p /tmp
+xss-reflected.json copied to /tmp/
+```
\ No newline at end of file
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index afc4424..b31ebf9 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -19,7 +19,7 @@
$definitions = new \Clapp\CommandLineArgumentDefinition(
array(
"help|h" => "Shows help message",
- "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
+ "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
)
);
@@ -65,12 +65,15 @@
$vuln[] = $found = json_decode(file_get_contents($finding), true);
}
-echo "[!] sorting vulns by CVSS\n";
+echo "[+] sorting vulns by CVSS\n";
usort($vuln, 'order_by_cvss');
function order_by_cvss($a, $b) {
return $b['cvss_score'] > $a['cvss_score'] ? 1 : -1;
}
+if(empty($vuln))
+ echo "[-] no vulns found!\n";
+
// create vulns for odf
$templateOrig = file_get_contents($vulnTemplate);
$Serious = $High = $Medium = $Low = "";
diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 1566129..49f29da 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -1,3 +1,5 @@
+# Report generation scripts
+
First copy templates/odt/config.conf to current work dir.
Fill out fields in config.conf (company name, your name, contact, tel etc.)
@@ -60,4 +62,30 @@
5.2.3 |Wildcard SSL Certificate |Low |3.7 |Configuration |A6 Security Misconfiguration
```
-copy created csv tables into corresponding parts of report
\ No newline at end of file
+copy created csv tables into corresponding parts of report
+
+# Vulnerability DB script
+
+```
+╰» ./vdb.php -s xss
+Ref | Title | Description
+-------|--------------------------------------------------|----------------------------------------------------------------
+125 |Missing HTTP Security Headers |- description here -
+151 |Reflected Cross-Site Scripting (XSS) |- description here -
+152 |Stored Cross-Site Scripting (XSS) |- description here -
+
+╰» ./vdb.php -i 151
+151 - Reflected Cross-Site Scripting (XSS)
+CVSS: -snip- Risk: -snip- OWASP: -snip-
+CVSS2: -snip-
+CVSS3: -snip-
+Description: -snip-
+Technical Description: -snip-
+Soluton: -snip-
+Impact: -snip-
+Remediation: -snip-
+Tags: reflected, xss, javascript, injection
+
+╰» ./vdb.php -i 151 -p /tmp
+xss-reflected.json copied to /tmp/
+```
\ No newline at end of file
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index afc4424..b31ebf9 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -19,7 +19,7 @@
$definitions = new \Clapp\CommandLineArgumentDefinition(
array(
"help|h" => "Shows help message",
- "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
+ "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
)
);
@@ -65,12 +65,15 @@
$vuln[] = $found = json_decode(file_get_contents($finding), true);
}
-echo "[!] sorting vulns by CVSS\n";
+echo "[+] sorting vulns by CVSS\n";
usort($vuln, 'order_by_cvss');
function order_by_cvss($a, $b) {
return $b['cvss_score'] > $a['cvss_score'] ? 1 : -1;
}
+if(empty($vuln))
+ echo "[-] no vulns found!\n";
+
// create vulns for odf
$templateOrig = file_get_contents($vulnTemplate);
$Serious = $High = $Medium = $Low = "";
diff --git a/ReportToolz/templates/issue/template.json b/ReportToolz/templates/issue/template.json
index 0e6eaf1..b10cff4 100644
--- a/ReportToolz/templates/issue/template.json
+++ b/ReportToolz/templates/issue/template.json
@@ -1,11 +1,16 @@
{
-"title": "",
-"description":"",
-"tech_description":"",
-"impact":"",
-"solution":"",
-"remediation":"",
-"cvss_score":"",
-"risk":"",
-"owasp":""
-}
+ "title": "",
+ "description":"",
+ "tech_description":"",
+ "impact":"",
+ "solution":"",
+ "remediation":"",
+ "cvss_score":"",
+ "cvss2_score": "",
+ "cvss2_vector": "",
+ "cvss3_score": "",
+ "cvss3_vector": "",
+ "risk":"",
+ "owasp":"",
+ "tags": ""
+}
\ No newline at end of file
diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 1566129..49f29da 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -1,3 +1,5 @@
+# Report generation scripts
+
First copy templates/odt/config.conf to current work dir.
Fill out fields in config.conf (company name, your name, contact, tel etc.)
@@ -60,4 +62,30 @@
5.2.3 |Wildcard SSL Certificate |Low |3.7 |Configuration |A6 Security Misconfiguration
```
-copy created csv tables into corresponding parts of report
\ No newline at end of file
+copy created csv tables into corresponding parts of report
+
+# Vulnerability DB script
+
+```
+╰» ./vdb.php -s xss
+Ref | Title | Description
+-------|--------------------------------------------------|----------------------------------------------------------------
+125 |Missing HTTP Security Headers |- description here -
+151 |Reflected Cross-Site Scripting (XSS) |- description here -
+152 |Stored Cross-Site Scripting (XSS) |- description here -
+
+╰» ./vdb.php -i 151
+151 - Reflected Cross-Site Scripting (XSS)
+CVSS: -snip- Risk: -snip- OWASP: -snip-
+CVSS2: -snip-
+CVSS3: -snip-
+Description: -snip-
+Technical Description: -snip-
+Soluton: -snip-
+Impact: -snip-
+Remediation: -snip-
+Tags: reflected, xss, javascript, injection
+
+╰» ./vdb.php -i 151 -p /tmp
+xss-reflected.json copied to /tmp/
+```
\ No newline at end of file
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index afc4424..b31ebf9 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -19,7 +19,7 @@
$definitions = new \Clapp\CommandLineArgumentDefinition(
array(
"help|h" => "Shows help message",
- "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
+ "path|p=s" => "/path/to/configs/", // should contain config.json and all vuln.json files
)
);
@@ -65,12 +65,15 @@
$vuln[] = $found = json_decode(file_get_contents($finding), true);
}
-echo "[!] sorting vulns by CVSS\n";
+echo "[+] sorting vulns by CVSS\n";
usort($vuln, 'order_by_cvss');
function order_by_cvss($a, $b) {
return $b['cvss_score'] > $a['cvss_score'] ? 1 : -1;
}
+if(empty($vuln))
+ echo "[-] no vulns found!\n";
+
// create vulns for odf
$templateOrig = file_get_contents($vulnTemplate);
$Serious = $High = $Medium = $Low = "";
diff --git a/ReportToolz/templates/issue/template.json b/ReportToolz/templates/issue/template.json
index 0e6eaf1..b10cff4 100644
--- a/ReportToolz/templates/issue/template.json
+++ b/ReportToolz/templates/issue/template.json
@@ -1,11 +1,16 @@
{
-"title": "",
-"description":"",
-"tech_description":"",
-"impact":"",
-"solution":"",
-"remediation":"",
-"cvss_score":"",
-"risk":"",
-"owasp":""
-}
+ "title": "",
+ "description":"",
+ "tech_description":"",
+ "impact":"",
+ "solution":"",
+ "remediation":"",
+ "cvss_score":"",
+ "cvss2_score": "",
+ "cvss2_vector": "",
+ "cvss3_score": "",
+ "cvss3_vector": "",
+ "risk":"",
+ "owasp":"",
+ "tags": ""
+}
\ No newline at end of file
diff --git a/ReportToolz/vdb.php b/ReportToolz/vdb.php
new file mode 100755
index 0000000..3fc479a
--- /dev/null
+++ b/ReportToolz/vdb.php
@@ -0,0 +1,137 @@
+#!/usr/bin/php
+<?php
+//error_reporting(0);
+
+/***
+ * Configuration options
+ */
+$vulnDB = "/opt/RossMarks/vdb/";
+
+/***
+ * Main program - Don't edit below
+ */
+#echo " +-+-+-+-+-+-+\n |V|u|l|n|D|B|\n +-+-+-+-+-+-+\n\n";
+
+
+foreach (glob("classes/*.php") as $filename)
+ include $filename;
+
+$definitions = new \Clapp\CommandLineArgumentDefinition(
+ array(
+ "help|h" => "Shows help message",
+ "search|s=s" => "search term",
+ "id|i=i" => "id of vuln to view details or copy (requires -p)",
+ "path|p=s" => "path to copy vuln to (requires -c)",
+ )
+);
+
+$filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
+
+if ($filter->getParam('h') === true || $argc < 2) {
+ fwrite(STDERR, $definitions->getUsage());
+ exit(0);
+}
+
+// get all vulns
+$vuln = recursiveScan($vulnDB);
+$i = 1;
+foreach($vuln as $key => $value){
+ $vuln[$key]['count'] = $i;
+ $i++;
+}
+
+// search for search term
+if($filter->getParam("search") == true){
+ #echo "[!] Searching: ".$filter->getParam("search")."\n";
+
+
+ echo"
+Ref | Title | Description
+-------|--------------------------------------------------|----------------------------------------------------------------\n";
+
+
+ foreach ($vuln as $key => $value) {
+ $flag = 0;
+ if (strpos($vuln[$key]['title'], $filter->getParam("search")) == true){ $flag = 1; }
+ if (strpos($vuln[$key]['description'], $filter->getParam("search")) == true){ $flag = 1; }
+ if (strpos($vuln[$key]['tech_description'], $filter->getParam("search")) == true){ $flag = 1; }
+ if (strpos($vuln[$key]['impact'], $filter->getParam("search")) == true){ $flag = 1; }
+ if (strpos($vuln[$key]['solution'], $filter->getParam("search")) == true){ $flag = 1; }
+ if (strpos($vuln[$key]['tags'], $filter->getParam("search")) == true){ $flag = 1; }
+ if($flag == 1){ // found search term
+ $ref = str_pad($vuln[$key]['count'], 7);
+ $title = str_pad($vuln[$key]['title'], 50);
+ $desc = trim(preg_replace('/\s\s+/', ' ', $vuln[$key]['tech_description']));
+ $desc = str_pad( $desc, 61);
+
+ echo substr($ref, 0, 7); echo "|";
+ echo substr($title, 0, 50); echo "|";
+ echo substr($desc, 0, 61); echo "\n";
+ }
+ }
+ echo "\n";
+}
+
+if($filter->getParam("id") == true){
+ $id = $filter->getParam("id");
+ foreach ($vuln as $key => $value) {
+ if($vuln[$key]['count'] == $id){
+ $chosenVuln = $vuln[$key];
+ $path = $key;
+ break;
+ }
+ }
+
+ echo "\033[1m\033[4m".$chosenVuln['count']." - ".$chosenVuln['title']."\033[0m\n";
+ echo "\033[1mCVSS:\033[0m ".$chosenVuln['cvss_score']." ";
+ echo "\033[1mRisk:\033[0m ".$chosenVuln['risk']." ";
+ echo "\033[1mOWASP:\033[0m ".$chosenVuln['owasp']."\n";
+ echo "\033[1mCVSS2:\033[0m ".$chosenVuln['cvss2_score']." ".$chosenVuln['cvss2_vector']."\n";
+ echo "\033[1mCVSS3:\033[0m ".$chosenVuln['cvss3_score']." ".$chosenVuln['cvss3_vector']."\n";
+ echo "\033[1mDescription:\033[0m ".$chosenVuln['description']."\n";
+ echo "\033[1mTechnical Description:\033[0m ".$chosenVuln['tech_description']."\n";
+ echo "\033[1mSoluton:\033[0m ".$chosenVuln['solution']."\n";
+ echo "\033[1mImpact: \033[0m".$chosenVuln['impact']."\n";
+ echo "\033[1mRemediation:\033[0m ".$chosenVuln['remediation']."\n";
+ echo "\033[1mTags:\033[0m ".$chosenVuln['tags']."\n";
+
+ if($filter->getParam("path") == true){
+ $resultsFolder = add_ending_slash($filter->getParam("path"));
+ if(file_exists($resultsFolder)){
+ if(!file_exists($resultsFolder.basename($path))){
+ system("cp $path $resultsFolder".basename($path));
+ echo "\n\033[0;92m\033[1m".basename($path)." copied to $resultsFolder\033[0m\n";
+ }else{
+ echo "\n\033[0;31m\033[1m".basename($path)." already in $resultsFolder\033[0m\n";
+ }
+ }else{
+ echo "\n\033[0;31m\033[1m$resultsFolder does not exist!\033[0m\n";
+ }
+ }
+}
+
+function recursiveScan($dir) {
+ global $vuln;
+ $tree = glob(rtrim($dir, '/') . '/*');
+ if (is_array($tree)) {
+ foreach($tree as $file) {
+ if (is_dir($file)) {
+ #echo "dir - ".$file . "\n";
+ recursiveScan($file);
+ } elseif (is_file($file)) {
+ //echo $file . "\n";
+ //$vuln[] = "test";
+ if(substr($file, -5) == '.json'){
+ $vuln[$file] = json_decode(file_get_contents($file), true);
+ }
+
+ }
+ }
+ }
+ return $vuln;
+}
+function add_ending_slash( $path ){
+ if ( substr( $path, ( 0 - ( int ) strlen( "/" ) ) ) !== "/" ){ $path .= "/"; }
+ return $path;
+}
+?>
\ No newline at end of file