parse_excel_echecklist.php:

Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000

database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist

setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
This commit is contained in:
Ryan Prather 2018-12-14 09:32:40 -05:00
parent 92cbf58145
commit a32988ed03
No known key found for this signature in database
GPG Key ID: 66FDE2B4E8AB87A7
3 changed files with 22 additions and 9 deletions

View File

@ -127,6 +127,9 @@ foreach ($objSS->getWorksheetIterator() as $wksht) {
elseif (isset($conf['ignore']) && $wksht->getSheetState() == Worksheet::SHEETSTATE_HIDDEN) { elseif (isset($conf['ignore']) && $wksht->getSheetState() == Worksheet::SHEETSTATE_HIDDEN) {
$log->info("Skipping hidden worksheet {$wksht->getTitle()}"); $log->info("Skipping hidden worksheet {$wksht->getTitle()}");
continue; continue;
} elseif ($wksht->getTitle() == 'Orphan') {
$log->info("Skipping Orphan worksheet because it creates problems right now");
continue;
} }
$scan->isTerminated(); $scan->isTerminated();
@ -279,6 +282,15 @@ foreach ($objSS->getWorksheetIterator() as $wksht) {
break; break;
} }
} }
if(count($tgts) > 100) {
$db->update_Running_Scan($base_name, ['name' => 'status', 'value' => 'ERROR']);
$db->update_Running_Scan($base_name, ['name' => 'notes', 'value' => "Too many targets in worksheet {$wksht->getTitle()}"]);
$log->error("Too many targets in worksheet {$wksht->getTitle()}");
unset($objSS);
rename($cmd['f'], TMP . "/terminated/$base_name");
die();
}
$db->update_Running_Scan($base_name, ['name' => 'host_count', 'value' => count($tgts)]); $db->update_Running_Scan($base_name, ['name' => 'host_count', 'value' => count($tgts)]);
@ -368,11 +380,9 @@ foreach ($objSS->getWorksheetIterator() as $wksht) {
} }
$log->debug("{$tgt->get_Name()} {$stig->get_ID()} ({$tmp->get_Finding_Status_String()})"); $log->debug("{$tgt->get_Name()} {$stig->get_ID()} ({$tmp->get_Finding_Status_String()})");
$x++; $x++;
} }
$row_count++; if(count($updated_findings) + count($new_findings) >= 1000) {
if($row_count % 100 == 0) {
if(!$db->add_Findings_By_Target($updated_findings, $new_findings)) { if(!$db->add_Findings_By_Target($updated_findings, $new_findings)) {
die(print_r(debug_backtrace(), true)); die(print_r(debug_backtrace(), true));
} else { } else {

View File

@ -3436,6 +3436,7 @@ class db
} }
} }
/*
$where = [ $where = [
[ [
'field' => 'gof.cat_id', 'field' => 'gof.cat_id',
@ -3546,6 +3547,7 @@ class db
} }
} }
} }
*/
return $ret; return $ret;
} }

View File

@ -70,14 +70,15 @@ EOO;
$fail = true; $fail = true;
} }
else { else {
$algorithms = ["AES-256-CBC-HMAC-SHA256", "AES-256-CBC-HMAC-SHA1", "AES-256-CBC"]; $algorithms = ["aes-256-cbc-hmac-sha256", "aec-256-cbc-hmac-sha1", "aes-256-cbc"];
if (in_array($algorithms[0], openssl_get_cipher_methods())) { $ciphers = array_map('strtolower', openssl_get_cipher_methods());
if (in_array($algorithms[0], $ciphers)) {
$idx = 0; $idx = 0;
} }
elseif (in_array($algorithms[1], openssl_get_cipher_methods())) { elseif (in_array($algorithms[1], $ciphers)) {
$idx = 1; $idx = 1;
} }
elseif (in_array($algorithms[2], openssl_get_cipher_methods())) { elseif (in_array($algorithms[2], $ciphers)) {
$idx = 2; $idx = 2;
} }
else { else {