Commit Graph

105 Commits

Author SHA1 Message Date
0425adacb6 Bug fixes for Nessus and Nmap parsers
Nessus was not assigning checklists to Oracle Solaris 11 for Sparc architectures.
Nmap was not correctly identifying normal text output files (.nmap)
2019-01-23 09:20:02 -07:00
27bbeeca80 Merge pull request #89 from cyberperspectives/v1.3.4
V1.3.4
1.3.4
2019-01-17 14:09:32 -05:00
cf5e8237c7 typo fix 2019-01-17 13:17:07 -05:00
91a00ba892 Merge branch 'v1.3.4' of https://github.com/cyberperspectives/sagacity into v1.3.4 2019-01-17 12:24:16 -05:00
55f086e8af bug(software): Bug fix with software detection
Ubuntu.png - Add new Ubuntu checklist icon
Database_Baseline.zip - Update software detection tables
checklist.inc - Fix software icon detection for IE and SLES, and added detection for Ubuntu
software.inc - Fix bug adding extra spaces to software strings
parse_stig.php - Formatting and add save for when icon is updated
parse_stig_viewer.php - Add scan note when CKL file is missing or has empty <HOST_NAME> tag

Fix #87
2019-01-17 12:20:18 -05:00
87991666fd fix(config): Added HOST_LIST constant and updated constants for 1.3.4 release
In a previous pull config.inc file was overwritten and I missed committing the new HOST_LIST constant which resulted in a warning in the log file

fix #86
2019-01-16 15:59:21 -05:00
d365c9a11a Merge pull request #85 from cyberperspectives/v1.3.4
V1.3.4
2019-01-16 12:34:08 -05:00
41a83cd754 Merge branch 'master' into v1.3.4 2019-01-16 12:33:50 -05:00
9620adf3b9 fix(parse_nessus): bug fix
Fix null parameter call
2019-01-16 10:49:54 -05:00
059d84f953 Parse_nessus.php null parameter bug
Parse_nessus threw an error when parsing by-name Nessus scans. Fixed using an isset() check.
2019-01-15 16:55:42 -07:00
6efe94f4dc parse_nessus.php null parameter fix
Line 1214 of parse_nessus.php had a bug when parsing by-name Nessus scan data.  Fixed with isset() check.
2019-01-15 16:53:54 -07:00
c07f0a709b Merge pull request #84 from cyberperspectives/v1.3.4
V1.3.4
2019-01-15 16:27:40 -05:00
ee3cccd17c img(echecklist): Add echecklist-failed.png image 2019-01-15 15:21:05 -05:00
eec2c371fe fix: fix host_list overwriting with eChecklist 2019-01-15 14:56:57 -05:00
5d65d6294f format 2019-01-15 13:12:35 -05:00
bb9e2f4adb fix(eChecklist): Fix bug with eChecklist note duplication
parse_excel_echecklist.php - change preg_match to a stripos method check for notes string and add update_Scan_Host_List call after importing all worksheets
database.inc - add a check for if appending a duplicate string to the checklist notes. add update_Target_Counts call when updating host list

fix #80, #10
2019-01-15 13:08:49 -05:00
e893267c60 enh(scan class): Add return for set_Host_Error method 2019-01-15 12:51:17 -05:00
4660bc3b99 Merge branch 'v1.3.4' of https://github.com/cyberperspectives/sagacity into v1.3.4 2019-01-14 17:49:16 -05:00
601d417e6b fix(vertical menu): fix display of vertical menu
Fixed bug with vertical popup menu for categories not displaying properly with large category sets.

Fix #69
2019-01-14 17:41:37 -05:00
044ae691b9 Install, Uninstall - with changes commented.
I forgot to update the comments in the headers to describe what changes were made.  Also updated the copyright statements for the new year.
2019-01-10 15:38:27 -07:00
5cc1fd2e31 Add files via upload
Fix for Uninstall leaves www/exec #53 and other improvements
 - Split regular installation and install-dev into separate scripts
 - Streamlined the installation script (only requires <enter> at the end to move to setup)
 - Redirected some unnecessary output to nul
 - Made formatting changes to prettify the output
2019-01-10 14:08:25 -07:00
99eb5342cf fix(eChecklist-import): Fix error with formulas in status column
This should remedy the reported behavior of statuses quietly being changed to "Not Reviewed".
scan.inc - Added new set_Host_Error method to set the error value for a specific host
parse_excel_echecklist.php - explicitly check for the status to equal 1-of-7 expected values, if not, add note to finding, set scan error message, and default status to "Not Reviewed"
export.php - Added cell lock for A11:E{last row} with the default password of "sagacity" (all lowercase)

Fixes #80
2019-01-09 21:49:58 -05:00
8973c2e046 fix(ckl-export): Fix bug when exporting CKL
Added a "group by STIG_ID" statement to fix a bug.  This is a short-term fix as it will result in random VMS IDs populating where there is a duplicate.  A real fix will require capturing the checklist ID and saving it as part of the VMS ID.

#78 fixed
2019-01-09 20:17:13 -05:00
4e0b6c08c6 feat: add git template
Add a git commit template for better messages.
2019-01-07 13:09:28 -05:00
4d20608767 Fix for bug #82 2019-01-03 17:47:16 -05:00
a32988ed03 parse_excel_echecklist.php:
Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000

database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist

setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
2018-12-14 09:32:40 -05:00
92cbf58145 Fix error with compliant and assessed percentages format on the stats page (was showing more than 2 decimal places). 2018-12-14 09:22:06 -05:00
904f1e4655 Fixed formatting with percentage compliant and percentage assessed (default to only show 2 decimal places) 2018-12-12 11:41:13 -05:00
8048fea8d7 Typo fix #77 2018-12-04 23:11:32 -05:00
dfb81bf388 Updates 2018-12-01 23:21:20 -05:00
5849a2620e Fix for #75 2018-11-29 14:32:45 -05:00
16fb5885b2 Fix for #74 2018-11-29 14:31:20 -05:00
3c9a848615 Update README.pdf for next release 2018-11-27 11:10:22 -05:00
afd98f79d4 Added files for bug #56 2018-11-27 10:08:37 -05:00
3deecb098b Fix for #73 2018-11-27 09:31:48 -05:00
437de8548a Fix for #71 2018-11-23 09:50:42 -05:00
f022791e44 Misc updates 2018-11-16 21:42:57 -05:00
699604534c Draft update for #47 2018-11-16 17:24:02 -05:00
2f82147240 #20 2018-11-16 16:25:41 -05:00
7810e0a3dd #14 2018-11-16 15:56:06 -05:00
f46d148654 Fix for #15 (mouse over message to see files) 2018-11-16 15:47:35 -05:00
52159a16a6 Fix for bug #34
Import was deleted because export was changed to JSON format instead of XML, will have to rebuild
2018-11-16 13:39:23 -05:00
f530c5a2a1 Changes to support bug #33
Remove query limit when retrieving CPEs
2018-11-16 11:54:19 -05:00
ca89e02c4e host_list.inc - Added method to increase finding count
system.inc - fixed typo
parse_excel_echecklist.php - added functionality to assign OS and checklists based on worksheet contents
database.inc - Added a couple methods to support changes for #25
export.php - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
2018-11-08 17:26:27 -05:00
7e44403d93 Fix for #67 2018-11-08 09:45:12 -05:00
e8fdd4217e Dumb mistake in data validation 2018-11-07 21:52:28 -05:00
a6808b2add Database_Baseline.zip - updated sagacity_routines.sql to support removing findings.id field
database.inc - uncomment code block in post_Processing
2018-11-06 15:42:59 -05:00
a9fc4f6a86 Merge branch 'v1.3.4' of https://github.com/cyberperspectives/sagacity into v1.3.4 2018-11-06 15:37:55 -05:00
21082c7513 checklist.inc - deleted duplicate BIND 9 checklist icon entry
finding.inc - removed ID property to prevent duplicate findings from being added to the table
host_list.inc - deleted unused constructor
import.inc - formatting
db_schema.json - removed sagacity.findings.id field (making tgt_id and pdi_id new primary keys), and updated references
Database_Baseline.zip - updated routines for above change
background_results.php - fixed bug #19
export-ckl.php - performance adjustments
parse_excel_echecklist.php - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id field
parse_nvd_json_cve.php - convert reading json to array instead of object for reading CPEs (which were updated to CPE 2.3 instead of 2.2)
parse_* - remove findings.id field
database.inc - formatting, and update for removing findings.id field
index.php - ensure user can't import a host list without uploading a host list file

Fixed:
#65, #51, #28, #27, #10
2018-11-06 15:36:48 -05:00
5b749f6844 Fix for #62
Commented out last INSERT in post_Processing
2018-11-03 16:02:08 -06:00