ryan/sagacity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'v1.3.4' of https://github.com/cyberperspectives/sagacity into v1.3.4

Browse Source
This commit is contained in:
Ryan Prather 2018-11-06 15:37:55 -05:00
commit a9fc4f6a86
2 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
exec/export-ckl.php
View File

@ -73,6 +73,8 @@ $xml = new Array2XML();
$xml->standalone = true;
$xml->formatOutput = true;
$chk_comp_count = 0;
$tgt_comp_count = 0;
$total_chk_count = 0;
$total_stigs = 0;
@ -83,6 +85,7 @@ if ($tgt_count = count($tgts)) {
$host_ip = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_IPv4() : null);
$host_fqdn = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_FQDN() : null);
$host_mac = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_MAC() : null);
//$host_mac = (count($tgt->interfaces) ? current($tgt->interfaces)->get_Mac() : null);
print "Target: {$tgt->get_Name()}" . PHP_EOL;
@ -119,8 +122,8 @@ if ($tgt_count = count($tgts)) {
$arr = [
'@comment' => "CyberPerspectives Sagacity v" . VER,
'ASSET' => [
'ROLE' => 'None',
'ASSET_TYPE' => 'Computing',
'ROLE' => 'None',
'ASSET_TYPE' => 'Computing',
'HOST_NAME' => $tgt->get_Name(),
'HOST_IP' => $host_ip,
'HOST_MAC' => $host_mac,
@ -218,7 +221,7 @@ if ($tgt_count = count($tgts)) {
}
// decoding because check contents are already encoded
//$cc = str_replace("\\n", "\n", htmlentities(html_entity_decode($pdi['check_contents'])));
$cc = str_replace("\\n", "<br />", htmlentities(html_entity_decode($pdi['check_contents'])));
$stig_data = array_merge([
[
@ -255,11 +258,11 @@ if ($tgt_count = count($tgts)) {
],
[
'VULN_ATTRIBUTE' => 'Check_Content',
'ATTRIBUTE_DATA' => htmlentities(str_replace("\\n", "\n", html_entity_decode(html_entity_decode($pdi['check_contents']))))
'ATTRIBUTE_DATA' => $cc
],
[
'VULN_ATTRIBUTE' => 'Fix_Text',
'ATTRIBUTE_DATA' => htmlentities(str_replace("\\n", "\n", html_entity_decode(html_entity_decode($pdi['fix_text']))))
'ATTRIBUTE_DATA' => htmlentities($pdi['fix_text'])
],
[
'VULN_ATTRIBUTE' => 'False_Positives',
@ -299,11 +302,7 @@ if ($tgt_count = count($tgts)) {
],
[
'VULN_ATTRIBUTE' => 'Check_Content_Ref',
'ATTRIBUTE_DATA' => 'M'
],
[
'VULN_ATTRIBUTE' => 'Weight',
'ATTRIBUTE_DATA' => '10.0'
'ATTRIBUTE_DATA' => ''
],
[
'VULN_ATTRIBUTE' => 'Class',
@ -323,7 +322,6 @@ if ($tgt_count = count($tgts)) {
$notes = '';
if (is_a($find, 'finding')) {
/** @var finding $find */
$status = $status_map[$find->get_Finding_Status_String()];
$notes = $find->get_Notes();
}

14
inc/database.inc
View File

@ -74,6 +74,7 @@
* - Jun 2, 2018 - Formatting and added set_Setting_Array method
* - Jun 5, 2018 - Changed set_Setting_Array method to use SQL update instead of replace
* - Sep 5, 2018 - Fix for #8
* - Nov 3, 2018 - Fix for fix #62, commented out last INSERT in post_Processing, jao
*/
include_once 'base.inc';
include_once 'software.inc';
@ -11476,12 +11477,13 @@ EOQ;
]);
$this->help->execute();
$this->help->sql = "INSERT IGNORE INTO findings (tgt_id,pdi_id,findings_status_id) " .
"SELECT {$id},pcl.pdi_id,1 " .
"FROM target_checklist tc " .
"JOIN pdi_checklist_lookup pcl ON pcl.checklist_id = tc.chk_id " .
"WHERE tc.tgt_id = {$id}";
$this->help->execute();
# Commented out 3 Nov 18 to fix #62 - Jeff Odegard
# $this->help->sql = "INSERT IGNORE INTO findings (tgt_id,pdi_id,findings_status_id) " .
# "SELECT {$id},pcl.pdi_id,1 " .
# "FROM target_checklist tc " .
# "JOIN pdi_checklist_lookup pcl ON pcl.checklist_id = tc.chk_id " .
# "WHERE tc.tgt_id = {$id}";
# $this->help->execute();
$this->update_Target_Counts($id);
}