From f1cab1325111a3872bb1a21cf39c008dee825df8 Mon Sep 17 00:00:00 2001 From: Jeff Odegard <42775175+JeffOdegard@users.noreply.github.com> Date: Mon, 29 Oct 2018 19:42:36 -0600 Subject: [PATCH 1/3] Add ROLE to .ckl ASSET Tag and delete HOST_GUID These changes make the .ckl exports compatible with the latest STIG Viewer 2.8. --- exec/export-ckl.php | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/exec/export-ckl.php b/exec/export-ckl.php index 01b1fac..4697215 100644 --- a/exec/export-ckl.php +++ b/exec/export-ckl.php @@ -73,6 +73,8 @@ $xml = new Array2XML(); $xml->standalone = true; $xml->formatOutput = true; +$chk_comp_count = 0; +$tgt_comp_count = 0; $total_chk_count = 0; $total_stigs = 0; @@ -83,6 +85,7 @@ if ($tgt_count = count($tgts)) { $host_ip = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_IPv4() : null); $host_fqdn = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_FQDN() : null); $host_mac = (is_array($tgt->interfaces) && count($tgt->interfaces) ? current($tgt->interfaces)->get_MAC() : null); + //$host_mac = (count($tgt->interfaces) ? current($tgt->interfaces)->get_Mac() : null); print "Target: {$tgt->get_Name()}" . PHP_EOL; @@ -119,8 +122,8 @@ if ($tgt_count = count($tgts)) { $arr = [ '@comment' => "CyberPerspectives Sagacity v" . VER, 'ASSET' => [ - 'ROLE' => 'None', - 'ASSET_TYPE' => 'Computing', + 'ROLE' => 'None', + 'ASSET_TYPE' => 'Computing', 'HOST_NAME' => $tgt->get_Name(), 'HOST_IP' => $host_ip, 'HOST_MAC' => $host_mac, @@ -217,7 +220,7 @@ if ($tgt_count = count($tgts)) { } // decoding because check contents are already encoded - //$cc = str_replace("\\n", "\n", htmlentities(html_entity_decode($pdi['check_contents']))); + $cc = str_replace("\\n", "
", htmlentities(html_entity_decode($pdi['check_contents']))); $stig_data = array_merge([ [ @@ -254,11 +257,11 @@ if ($tgt_count = count($tgts)) { ], [ 'VULN_ATTRIBUTE' => 'Check_Content', - 'ATTRIBUTE_DATA' => htmlentities(str_replace("\\n", "\n", html_entity_decode(html_entity_decode($pdi['check_contents'])))) + 'ATTRIBUTE_DATA' => $cc ], [ 'VULN_ATTRIBUTE' => 'Fix_Text', - 'ATTRIBUTE_DATA' => htmlentities(str_replace("\\n", "\n", html_entity_decode(html_entity_decode($pdi['fix_text'])))) + 'ATTRIBUTE_DATA' => htmlentities($pdi['fix_text']) ], [ 'VULN_ATTRIBUTE' => 'False_Positives', @@ -298,11 +301,7 @@ if ($tgt_count = count($tgts)) { ], [ 'VULN_ATTRIBUTE' => 'Check_Content_Ref', - 'ATTRIBUTE_DATA' => 'M' - ], - [ - 'VULN_ATTRIBUTE' => 'Weight', - 'ATTRIBUTE_DATA' => '10.0' + 'ATTRIBUTE_DATA' => '' ], [ 'VULN_ATTRIBUTE' => 'Class', @@ -322,7 +321,6 @@ if ($tgt_count = count($tgts)) { $notes = ''; if (is_a($find, 'finding')) { - /** @var finding $find */ $status = $status_map[$find->get_Finding_Status_String()]; $notes = $find->get_Notes(); } From ebc5cc6a7e024fd5ef8f866f859f08b9f7d8896a Mon Sep 17 00:00:00 2001 From: Jeff Odegard <42775175+JeffOdegard@users.noreply.github.com> Date: Mon, 29 Oct 2018 20:03:24 -0600 Subject: [PATCH 2/3] Fix for #63 Line 11926, added isset to check for index 0: if (is_array($pri_find) && count($pri_find) && isset($pri_find[0])) { --- inc/database.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/database.inc b/inc/database.inc index c9bb7d7..43a4a24 100644 --- a/inc/database.inc +++ b/inc/database.inc @@ -11923,7 +11923,7 @@ class db $stig = $this->get_STIG_By_PDI($find->get_PDI_ID()); $pri_find = $this->get_Finding($pri_tgt, $stig); - if (is_array($pri_find) && count($pri_find)) { + if (is_array($pri_find) && count($pri_find) && isset($pri_find[0])) { $pri_find = $pri_find[0]; if ($pri_find->get_Finding_Status() != $find->get_Finding_Status()) { $pri_find->set_Finding_Status_By_String($pri_find->get_Deconflicted_Status($find->get_Finding_Status_String())); From 5b749f6844dd674ac3845473cc94f79f9ae2e683 Mon Sep 17 00:00:00 2001 From: Jeff Odegard <42775175+JeffOdegard@users.noreply.github.com> Date: Sat, 3 Nov 2018 16:02:08 -0600 Subject: [PATCH 3/3] Fix for #62 Commented out last INSERT in post_Processing --- inc/database.inc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/inc/database.inc b/inc/database.inc index 43a4a24..92c0f48 100644 --- a/inc/database.inc +++ b/inc/database.inc @@ -74,6 +74,7 @@ * - Jun 2, 2018 - Formatting and added set_Setting_Array method * - Jun 5, 2018 - Changed set_Setting_Array method to use SQL update instead of replace * - Sep 5, 2018 - Fix for #8 + * - Nov 3, 2018 - Fix for fix #62, commented out last INSERT in post_Processing, jao */ include_once 'base.inc'; include_once 'software.inc'; @@ -11291,12 +11292,13 @@ class db ]); $this->help->execute(); - $this->help->sql = "INSERT IGNORE INTO findings (tgt_id,pdi_id,findings_status_id) " . - "SELECT {$id},pcl.pdi_id,1 " . - "FROM target_checklist tc " . - "JOIN pdi_checklist_lookup pcl ON pcl.checklist_id = tc.chk_id " . - "WHERE tc.tgt_id = {$id}"; - $this->help->execute(); +# Commented out 3 Nov 18 to fix #62 - Jeff Odegard +# $this->help->sql = "INSERT IGNORE INTO findings (tgt_id,pdi_id,findings_status_id) " . +# "SELECT {$id},pcl.pdi_id,1 " . +# "FROM target_checklist tc " . +# "JOIN pdi_checklist_lookup pcl ON pcl.checklist_id = tc.chk_id " . +# "WHERE tc.tgt_id = {$id}"; +# $this->help->execute(); $this->update_Target_Counts($id); }