Revision of release v1.3.2
This commit is contained in:
CyberPerspectives
@ -5,13 +5,14 @@
|
||||
* Author: Ryan Prather
|
||||
* Created: Feb 23, 2018
|
||||
*
|
||||
* Copyright 2018: Cyber Perspectives, All rights reserved
|
||||
* Copyright 2018: Cyber Perspectives, LLC, All rights reserved
|
||||
* Released under the Apache v2.0 License
|
||||
*
|
||||
* See license.txt for details
|
||||
*
|
||||
* Change Log:
|
||||
* - Feb 23, 2018 - File Created
|
||||
* - Apr 29, 2018 - Added return for formatted date/time string for start and stop
|
||||
*/
|
||||
|
||||
/**
|
||||
@ -60,7 +61,7 @@ class DateTimeDiff
|
||||
|
||||
/**
|
||||
* Getter function for _dtStart
|
||||
*
|
||||
*
|
||||
* @return DateTime
|
||||
*/
|
||||
public function getStartClock()
|
||||
@ -78,6 +79,16 @@ class DateTimeDiff
|
||||
return $this->_dtStart->format("H:i:s");
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter function for _dtStart as formatted date/time
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getStartClockDateTime()
|
||||
{
|
||||
return $this->_dtStart->format(MYSQL_DT_FORMAT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter function for _dtEnd
|
||||
*
|
||||
@ -98,6 +109,16 @@ class DateTimeDiff
|
||||
return $this->_dtEnd->format("H:i:s");
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter function for _dtEnd as formatted date/time
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getEndClockDateTime()
|
||||
{
|
||||
return $this->_dtEnd->format(MYSQL_DT_FORMAT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to stop the clock and set the ending time
|
||||
*/
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
* Purpose: Represents a finding
|
||||
* Created: Sep 12, 2013
|
||||
*
|
||||
* Portions Copyright 2016-2017: Cyber Perspectives, LLC, All rights reserved
|
||||
* Portions Copyright 2016-2018: Cyber Perspectives, LLC, All rights reserved
|
||||
* Released under the Apache v2.0 License
|
||||
*
|
||||
* Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||
@ -21,6 +21,7 @@
|
||||
* - Nov 7, 2016 - Added finding::inc_Finding_Count function to increment counter
|
||||
* - May 25, 2017 - Fixed bug of get_Category method returning empty severity (defaults to II if empty)
|
||||
* - Jan 10, 2018 - Formatting
|
||||
* - May 24, 2018 - Simplified get_Finding_Status_ID method
|
||||
*/
|
||||
|
||||
/**
|
||||
@ -260,11 +261,13 @@ class finding {
|
||||
* @return integer
|
||||
*/
|
||||
public function get_Finding_Status_ID($status) {
|
||||
foreach ($this->STATUS as $key => $val) {
|
||||
if ($val == $status) {
|
||||
return $key;
|
||||
$arr_flip = array_flip($this->STATUS);
|
||||
if(isset($arr_flip[$status])) {
|
||||
return $arr_flip[$status];
|
||||
}
|
||||
else {
|
||||
return $arr_flip['Not Reviewed'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -527,6 +530,28 @@ class deconflict_status {
|
||||
* Stores the matrix of current -> new statuses
|
||||
*
|
||||
* @var array:string
|
||||
*
|
||||
* / Finding Definitions
|
||||
* Open: The finding is valid for this host - the host does not meet the requirements
|
||||
* Not a Finding: The finding is not valid for this host - the host meets the requirements
|
||||
* Not Applicable: The requirement does not apply to this host - prerequisites do not exist.
|
||||
* Not Reviewed: The finding has not yet been reviewed.
|
||||
* Exception: (A type of Open) - The finding is valid, but the system cannot comply for a valid reason
|
||||
* False Positive: (A type of Not a Finding) - The scanning tool incorrectly reported Open.
|
||||
* No Data: Because dissimilar checklists were merged, there is no data available for this item (Uncommon)
|
||||
*
|
||||
* General Precedence Order: E, FP, O, NF, NA, NR, ND
|
||||
* Exception - the newest E or FP always take precedence (security engineer input)
|
||||
*
|
||||
* Decision Table:
|
||||
* orig\new | E | FP | O | NF | NA | NR | ND
|
||||
* E | E | FP | E | E | E | E | E
|
||||
* FP | E | FP | FP | FP | FP | FP | FP
|
||||
* O | E | FP | O | O | O | O | O
|
||||
* NF | E | FP | O | NF | NF | NF | NF
|
||||
* NA | E | FP | O | NF | NA | NA | NA
|
||||
* NR | E | FP | O | NF | NA | NR | NR
|
||||
* ND | E | FP | O | NF | NA | NR | ND
|
||||
*/
|
||||
static $DECONFLICTED_STATUS = [
|
||||
'Exception' => [
|
||||
@ -572,7 +597,7 @@ class deconflict_status {
|
||||
'Not a Finding' => 'Not a Finding',
|
||||
'Not Applicable' => 'Not Applicable',
|
||||
'Not Reviewed' => 'Not Applicable',
|
||||
'No Data' => 'Not Reviewed'
|
||||
'No Data' => 'Not Applicable'
|
||||
],
|
||||
'Not Reviewed' => [
|
||||
'Exception' => 'Exception',
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
* Purpose: Class to allow the parsing and traversing of the tmp directory to find result files to import
|
||||
* Created: Sep 27, 2013
|
||||
*
|
||||
* Portions Copyright 2016-2017: Cyber Perspectives, LLC, All rights reserved
|
||||
* Portions Copyright 2016-2018: Cyber Perspectives, LLC, All rights reserved
|
||||
* Released under the Apache v2.0 License
|
||||
*
|
||||
* Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||
@ -26,6 +26,7 @@
|
||||
* - Feb 21, 2017 - Fixed path issues with scripts not running
|
||||
* - Jun 27, 2017 - Removed include for PHPExcel.php library
|
||||
* - Oct 23, 2017 - Fixes for pdi class
|
||||
* - May 24, 2018 - Added throwing error if not able to create /exec/parse_config.ini
|
||||
*/
|
||||
include_once 'config.inc';
|
||||
include_once 'database.inc';
|
||||
@ -125,7 +126,9 @@ ignore = $ignore
|
||||
|
||||
EOF;
|
||||
|
||||
file_put_contents(DOC_ROOT . "/exec/parse_config.ini", $conf);
|
||||
if(!file_put_contents(DOC_ROOT . "/exec/parse_config.ini", $conf)) {
|
||||
throw new Exception("Error creating the parse_config.ini");
|
||||
}
|
||||
|
||||
$script = realpath(defined('PHP_BIN') ? PHP_BIN : PHP) .
|
||||
" -c " . realpath(PHP_CONF) .
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
* Purpose: Represents an imported scan
|
||||
* Created: Sep 12, 2013
|
||||
*
|
||||
* Portions Copyright 2016-2017: Cyber Perspectives, LLC, All rights reserved
|
||||
* Portions Copyright 2016-2018: Cyber Perspectives, LLC, All rights reserved
|
||||
* Released under the Apache v2.0 License
|
||||
*
|
||||
* Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||
@ -386,7 +386,7 @@ class scan
|
||||
"<td>{$host->getTargetName()}</td>" .
|
||||
"<td>{$host->getFindingCount()}</td>" .
|
||||
"<td>{$host->getTargetIp()}</td>" .
|
||||
"<td>" . ($host->getScanError() ? "<img src='/img/error.png' class='checklist_image' title='{$host->getScanError()}' />" : "") . "</td>" .
|
||||
"<td>" . ($host->getScanError() ? "<img src='/img/error.png' class='checklist_image' title='{$host->getScanNotes()}' />" : "") . "</td>" .
|
||||
"</tr>";
|
||||
}
|
||||
|
||||
|
||||
@ -271,7 +271,7 @@ class ste_cat
|
||||
}
|
||||
}
|
||||
|
||||
$cat_sources = array();
|
||||
$cat_sources = [];
|
||||
if (is_array($this->sources) && count($this->sources)) {
|
||||
foreach ($this->sources as $src) {
|
||||
$cat_sources[] = $src->get_ID();
|
||||
@ -334,7 +334,7 @@ EOC;
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getSTECatRow($status_count = null)
|
||||
public function getStatsCategoryRow($status_count = null)
|
||||
{
|
||||
$nf = "0%";
|
||||
$nr = "0%";
|
||||
@ -417,6 +417,14 @@ EOC;
|
||||
EOC;
|
||||
}
|
||||
|
||||
public function getTaskStatusCategoryRow()
|
||||
{
|
||||
$auto = 'NR';
|
||||
$man = 'NR';
|
||||
$data = 'NR';
|
||||
$fp = 'NR';
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to create vertical menu
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user