ryan/sagacity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix for #60

Browse Source 
Some formatting
Die if installer.php fails to create password file
Update target counts after importing eChecklist and CKL
This commit is contained in:
Ryan Prather 2018-10-25 17:48:57 -04:00
parent d43775b26f
commit 7f2f6a9046
8 changed files with 26 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -1,4 +1,4 @@
FROM php:7.2.8-apache-stretch FROM php:apache-stretch
COPY conf/docker-php.ini /usr/local/etc/php/php.ini COPY conf/docker-php.ini /usr/local/etc/php/php.ini
RUN apt update && apt -y install zlib1g-dev mysql-client RUN apt update && apt -y install zlib1g-dev mysql-client
RUN docker-php-ext-install mysqli zip RUN docker-php-ext-install mysqli zip

3
conf/my.ini
View File

@ -147,8 +147,7 @@ innodb_log_group_home_dir = "C:/xampp/mysql/data"
#innodb_log_arch_dir = "C:/xampp/mysql/data" #innodb_log_arch_dir = "C:/xampp/mysql/data"
## You can set .._buffer_pool_size up to 50 - 80 % ## You can set .._buffer_pool_size up to 50 - 80 %
## of RAM but beware of setting memory usage too high ## of RAM but beware of setting memory usage too high
innodb_buffer_pool_size = 16M innodb_buffer_pool_size = 20M
innodb_additional_mem_pool_size = 2M
## Set .._log_file_size to 25 % of buffer pool size ## Set .._log_file_size to 25 % of buffer pool size
innodb_log_file_size = 5M innodb_log_file_size = 5M
innodb_log_buffer_size = 8M innodb_log_buffer_size = 8M

4
exec/installer.php
View File

@ -181,7 +181,9 @@ function save_Database($params)
* CREATE DB PASSWORD FILE * CREATE DB PASSWORD FILE
* --------------------------------- */ * --------------------------------- */
$enc_pwd = my_encrypt($params['web-pwd']); $enc_pwd = my_encrypt($params['web-pwd']);
file_put_contents(DOC_ROOT . "/" . PWD_FILE, $enc_pwd); if(!file_put_contents(DOC_ROOT . "/" . PWD_FILE, $enc_pwd)) {
die(json_encode(['error' => "Could not create the password file"]));
}
if (isset($params['conf-root-pwd']) && $params['conf-root-pwd'] == $params['root-pwd']) { if (isset($params['conf-root-pwd']) && $params['conf-root-pwd'] == $params['root-pwd']) {
$db = new mysqli(DB_SERVER, $params['root-uname'], '', 'mysql'); $db = new mysqli(DB_SERVER, $params['root-uname'], '', 'mysql');

7
exec/parse_excel_echecklist.php
View File

@ -347,6 +347,13 @@ $scan->isTerminated();
} }
} }
/**
* @var host_list $h
*/
foreach($host_list as $h) {
$db->update_Target_Counts($h->getTargetId());
}
unset($objSS); unset($objSS);
$db->update_Scan_Host_List($scan, $host_list); $db->update_Scan_Host_List($scan, $host_list);
if (!isset($cmd['debug'])) { if (!isset($cmd['debug'])) {

2
exec/parse_stig_viewer.php
View File

@ -296,6 +296,8 @@ foreach ($vulns as $vul) {
$vuln_count++; $vuln_count++;
} }
$db->update_Target_Counts($tgt->get_ID());
unset($xml); unset($xml);
if (!isset($cmd['debug'])) { if (!isset($cmd['debug'])) {
rename($cmd['f'], TMP . "/stig_viewer/$base_name"); rename($cmd['f'], TMP . "/stig_viewer/$base_name");

6
exec/update_db.php
View File

@ -601,6 +601,7 @@ if (isset($cmd['stig'])) {
'stig-progress' => 0, 'stig-progress' => 0,
'stig-count' => 0 'stig-count' => 0
]); ]);
check_path(TMP . "/stigs");
$path = TMP . "/stigs/zip"; $path = TMP . "/stigs/zip";
check_path($path); check_path($path);
$stigUrlArray = []; $stigUrlArray = [];
@ -639,6 +640,11 @@ if (isset($cmd['stig'])) {
$log->debug("Match count: " . count($stigUrlArray)); $log->debug("Match count: " . count($stigUrlArray));
print "Downloading " . count($stigUrlArray) . PHP_EOL; print "Downloading " . count($stigUrlArray) . PHP_EOL;
$stigUrlArray = array_unique(array_map(function($url){return str_replace("http://", "https://", $url);}, $stigUrlArray);
sort($stigUrlArray);
$log->debug("stig array", $stigUrlArray);
if(is_array($stigUrlArray) && count($stigUrlArray)) { if(is_array($stigUrlArray) && count($stigUrlArray)) {
foreach($stigUrlArray as $url) { foreach($stigUrlArray as $url) {
$stigFname = basename($url); $stigFname = basename($url);

2
inc/database.inc
View File

@ -2713,7 +2713,7 @@ class db
] ]
]); ]);
$sw_rows = $this->help->execute(); $sw_rows = $this->help->execute();
if (count($sw_rows)) { if (is_array($sw_rows) && count($sw_rows)) {
if (isset($sw_rows['sw_id'])) { if (isset($sw_rows['sw_id'])) {
$sw_rows = [0 => $sw_rows]; $sw_rows = [0 => $sw_rows];
} }

11
setup.php
View File

@ -112,7 +112,7 @@ EOO;
if (!class_exists('ZipArchive')) { if (!class_exists('ZipArchive')) {
print <<<EOO print <<<EOO
The PHP ZipArchive moduel is not installed or enabled.<br /> The PHP ZipArchive module is not installed or enabled.<br />
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this.<br /><br /> Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this.<br /><br />
EOO; EOO;
$fail = true; $fail = true;
@ -127,7 +127,7 @@ EOO;
} }
elseif (strtolower(substr(PHP_OS, 0, 3)) == 'win') { elseif (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
try { try {
$com = new COM("WScript.Shell"); new COM("WScript.Shell");
} }
catch (Exception $e) { catch (Exception $e) {
print <<<EOO print <<<EOO
@ -170,7 +170,6 @@ EOO;
$fail = true; $fail = true;
} }
$match = [];
$mem_limit = return_bytes(ini_get("memory_limit")); $mem_limit = return_bytes(ini_get("memory_limit"));
$gig = return_bytes('1G'); $gig = return_bytes('1G');
if ($mem_limit < $gig) { if ($mem_limit < $gig) {
@ -347,10 +346,10 @@ EOL;
switch ($step) { switch ($step) {
case 2: case 2:
print " $('#tabs').tabs('disable', 1);" . PHP_EOL; print "$('#tabs').tabs('disable', 1);" . PHP_EOL;
case 1: case 1:
print " $('#tabs').tabs('disable', 0);" . PHP_EOL; print "$('#tabs').tabs('disable', 0);" . PHP_EOL;
print " setTimeout(function(){enable_next(current_step);}, 3000);" . PHP_EOL; print "setTimeout(function(){enable_next(current_step);}, 3000);" . PHP_EOL;
} }
} }