Compare commits
7 Commits
Author | SHA1 | Date | |
---|---|---|---|
f21b4a25b1 | |||
f20ad5d912 | |||
44669decf4 | |||
55dd61f462 | |||
3f0ef45c1e | |||
aebd3ba0f9 | |||
2a6edd119f |
Binary file not shown.
2050
conf/php-dev.ini
2050
conf/php-dev.ini
File diff suppressed because it is too large
Load Diff
Binary file not shown.
|
@ -17,6 +17,7 @@
|
|||
* - Jun 2, 2018 - Added new STIG_EXCLUSIONS constant to permanently exclude STIGs
|
||||
* - Aug 28, 2018 - Updated constants for 1.3.3 release
|
||||
* - Jan 15, 2019 - Updated constants for 1.3.4 release
|
||||
* - Jan 19, 2019 - Updated constants for 1.4.0 release
|
||||
*/
|
||||
// @new
|
||||
/**
|
||||
|
@ -31,8 +32,8 @@ define('E_DEBUG', 65535);
|
|||
define('DOC_ROOT', '{DOC_ROOT}');
|
||||
define('PWD_FILE', '{PWD_FILE}');
|
||||
define('TMP', '{TMP_PATH}');
|
||||
define('VER', '1.3.4');
|
||||
define('REL_DATE', '2019-01-15');
|
||||
define('VER', '1.4.0');
|
||||
define('REL_DATE', '2019-12-31');
|
||||
define('LOG_LEVEL', '{E_ERROR}');
|
||||
define('LOG_PATH', '{LOG_PATH}');
|
||||
define('SALT', '{SALT}');
|
||||
|
|
|
@ -148,7 +148,8 @@ class nessus_parser extends scan_xml_parser
|
|||
"cpe:\/o:microsoft:windows_2003_server::sp([\d]).*" => "cpe:/o:microsoft:windows_2003_server:-:sp$1",
|
||||
"cpe:\/o:microsoft:windows_server_2008:r2::x64.*" => "cpe:/o:microsoft:windows_server_2008:r2",
|
||||
"cpe:\/o:redhat:enterprise_linux:([\d]+)::.*" => "cpe:/o:redhat:enterprise_linux:$1",
|
||||
"cpe:\/o:sun:sunos:([\d]+)::x([\d]+).*" => "cpe:/o:oracle:solaris:$1",
|
||||
"cpe:\/o:sun:sunos:([\d]+)::.*" => "cpe:/o:oracle:solaris:$1",
|
||||
"cpe:\/o:vmware:esx_server.*" => "cpe:/o:vmware:esxi:5.0",
|
||||
"cpe:\/o:centos:centos:([\d]+).*" => "cpe:/o:centos:centos:$1",
|
||||
];
|
||||
|
||||
|
|
|
@ -94,7 +94,13 @@ foreach ($lines as $line_num => $line) {
|
|||
$line = trim($line, "\t\n\r"); # chomp would be nice...
|
||||
$matches = [];
|
||||
if (!isset($filetype)) {
|
||||
if (preg_match('/Starting|\-oN/', $line)) {
|
||||
if (preg_match('/\.nmap/', $cmd['f'])) {
|
||||
$filetype = "text";
|
||||
}
|
||||
elseif (preg_match('/\.gnmap/', $cmd['f'])) {
|
||||
$filetype = "grep";
|
||||
}
|
||||
elseif (preg_match('/Starting|\-oN/', $line)) {
|
||||
$filetype = "text";
|
||||
}
|
||||
elseif (preg_match('/\-oG/', $line)) {
|
||||
|
|
|
@ -388,6 +388,8 @@ class scan_xml_parser
|
|||
|
||||
$this->fh = fopen($this->file, "r");
|
||||
while ($data = fread($this->fh, 4096)) {
|
||||
$data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
|
||||
|
||||
try {
|
||||
if (!xml_parse($this->parser, $data, feof($this->fh)) && !xml_get_error_code($this->parser)) {
|
||||
$this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_ERROR);
|
||||
|
@ -470,6 +472,11 @@ class scan_xml_parser
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* XML Stream Parser class
|
||||
*
|
||||
* @author Ryan Prather
|
||||
*/
|
||||
class basic_xml_parser
|
||||
{
|
||||
|
||||
|
@ -489,6 +496,12 @@ class basic_xml_parser
|
|||
var $skip = false;
|
||||
var $previous = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param mixed $obj_in
|
||||
* @param string $xml_fname
|
||||
*/
|
||||
function __construct($obj_in, $xml_fname)
|
||||
{
|
||||
$this->parser = xml_parser_create();
|
||||
|
@ -509,11 +522,13 @@ class basic_xml_parser
|
|||
$this->last_time = microtime(true);
|
||||
}
|
||||
|
||||
function __destruct()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Method called when parsing the opening element
|
||||
*
|
||||
* @param mixed $parser
|
||||
* @param string $name
|
||||
* @param array $attrs
|
||||
*/
|
||||
function startElement($parser, $name, $attrs)
|
||||
{
|
||||
$this->stack[] = str_replace("-", "_", str_replace(":", "_", $name));
|
||||
|
@ -539,6 +554,12 @@ class basic_xml_parser
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Method called when parsing the ending element
|
||||
*
|
||||
* @param mixed $parser
|
||||
* @param string $name
|
||||
*/
|
||||
function stopElement($parser, $name)
|
||||
{
|
||||
if (method_exists($this->obj, implode("_", $this->stack) . "_end")) {
|
||||
|
@ -559,6 +580,12 @@ class basic_xml_parser
|
|||
array_pop($this->stack);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method to parse the element contents
|
||||
*
|
||||
* @param mixed $parser
|
||||
* @param string $data
|
||||
*/
|
||||
function characterData($parser, $data)
|
||||
{
|
||||
if (method_exists($this->obj, implode("_", $this->stack) . "_data") && !$this->skip) {
|
||||
|
@ -576,10 +603,15 @@ class basic_xml_parser
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Method to start reading the file and parsing it
|
||||
*/
|
||||
function parse()
|
||||
{
|
||||
$fh = fopen($this->file, "r");
|
||||
while ($data = fread($fh, 4096)) {
|
||||
$data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
|
||||
|
||||
if (!xml_parse($this->parser, $data, feof($fh)) && !xml_get_error_code($this->parser)) {
|
||||
print_r($this->stack);
|
||||
$this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_WARNING);
|
||||
|
@ -589,6 +621,12 @@ class basic_xml_parser
|
|||
xml_parser_free($this->parser);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method to output a log entry if the difference between previous call and current is more than 3 seconds
|
||||
*
|
||||
* @param string $msg
|
||||
* @param string $function
|
||||
*/
|
||||
function time_log_diff($msg, $function = null)
|
||||
{
|
||||
if (is_null($function)) {
|
||||
|
|
101
install-dev.bat
101
install-dev.bat
|
@ -1,101 +0,0 @@
|
|||
@echo off
|
||||
|
||||
REM File: install-dev.bat
|
||||
REM Author: Ryan Prather, Jeff Odegard
|
||||
REM Purpose: Windows / XAMPP Installation Script
|
||||
REM Created: Jan 5, 2015
|
||||
|
||||
REM Portions Copyright 2016-2019: Cyber Perspective, All rights reserved
|
||||
REM Released under the Apache v2.0 License
|
||||
|
||||
REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||
REM Portions Copyright (c) 2008-2011, Science Applications International Corporation (SAIC)
|
||||
REM Released under Modified BSD License
|
||||
|
||||
REM See license.txt for details
|
||||
|
||||
REM Change Log:
|
||||
REM - Jan 5, 2015 - File created
|
||||
REM - Sep 1, 2016 - Copyright updated, added comments and file header
|
||||
REM - Oct 7, 2016 - Copying Windows / XAMPP config.xml
|
||||
REM - Nov 14, 2016 - Converted xcopy for config file to copy
|
||||
REM - Nov 18, 2016 - Changed file moves to copies, removed deleting existing *.cgi & *.pl script in the CGI_PATH and deleting CONF folder
|
||||
REM - Dec 12, 2016 - Removed pthreads library because it is no longer needed.
|
||||
REM Rename existing Apache, MySQL/mariaDB, and PHP config files to .old before copying hardened files.
|
||||
REM - Dec 13, 2016 - Fixed syntax of the rename command
|
||||
REM - Dec 19, 2016 - Fixed copy syntax for config.xml file
|
||||
REM - Jan 30, 2017 - Fixed error with copy of config-xampp-win.xml to config.xml where it required full path
|
||||
REM - Apr 5, 2017 - Added mkdir for \xampp\php\logs directory (not included when installed)
|
||||
REM - Jun 27, 2017 - Removed copy cgi-bin contents
|
||||
REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
|
||||
REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
|
||||
REM - Nov 27, 2018 - Added php-dev.ini to conf folder and added prompts to allow for development installation
|
||||
REM - Jan 10, 2019 - broke out the dev installation from install.bat and streamlined the installation process.
|
||||
|
||||
@echo The Sagacity dev configuration installs and enables php xdebug used for troubleshooting and development work.
|
||||
echo.
|
||||
@echo NOTE: The dev configuration will *noticably* impact Sagacity's performance.
|
||||
@echo *** For a production environment, please use install.bat instead! ***
|
||||
@echo.
|
||||
|
||||
@echo For your dev installation we also recommend installing QCacheGrindWin from
|
||||
@echo.
|
||||
@echo https://sourceforge.net/projects/qcachegrindwin/
|
||||
@echo.
|
||||
|
||||
set /p dev="Do you want to install the dev configuration? (y/N) "
|
||||
set result=0
|
||||
if "%dev%"=="Y" (set result=1)
|
||||
if "%dev%"=="y" (set result=1)
|
||||
if "%dev%"=="Yes" (set result=1)
|
||||
if "%dev%"=="YES" (set result=1)
|
||||
if "%dev%"=="yes" (set result=1)
|
||||
|
||||
if "%result%"=="0" (
|
||||
@echo Dev installation aborted.
|
||||
@echo Please use install.bat for a production installation.
|
||||
exit
|
||||
)
|
||||
|
||||
@echo - Create PHP log folder
|
||||
mkdir c:\xampp\php\logs
|
||||
|
||||
@echo - Copy Apache, MySQL/mariaDB, and PHP configuration files
|
||||
@echo - Renaming the original config files to *.old.
|
||||
|
||||
rename c:\xampp\mysql\bin\my.ini my.ini.old
|
||||
copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
|
||||
|
||||
@echo - Installing MySQL service
|
||||
c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
|
||||
net start mysql
|
||||
|
||||
rename c:\xampp\apache\conf\httpd.conf httpd.conf.old
|
||||
copy c:\xampp\www\conf\httpd.conf c:\xampp\apache\conf
|
||||
rename c:\xampp\apache\conf\extra\httpd-ssl.conf httpd-ssl.conf.old
|
||||
copy c:\xampp\www\conf\httpd-ssl.conf c:\xampp\apache\conf\extra
|
||||
rename c:\xampp\apache\conf\extra\httpd-xampp.conf httpd-xampp.conf.old
|
||||
copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
|
||||
rename c:\xampp\php\php.ini php.ini.old
|
||||
|
||||
copy c:\xampp\www\conf\php-dev.ini c:\xampp\php\php.ini
|
||||
copy c:\xampp\www\conf\php_xdebug-2.6.0-7.2-vc15.dll c:\xampp\php\ext\php_xdebug-2.6.0-7.2-vc15.dll
|
||||
|
||||
@echo - Deleting unnecessary C:\xampp\htdocs folder.
|
||||
del /F /S /Q c:\xampp\htdocs 1>nul
|
||||
|
||||
@echo - Installing Apache service
|
||||
c:\xampp\apache\bin\httpd -k install
|
||||
net start apache2.4
|
||||
|
||||
@echo.
|
||||
@echo Thank you for installing Sagacity. We want to know what you think!
|
||||
@echo Please contact us at https://www.cyberperspectives.com/contact_us
|
||||
@echo.
|
||||
@echo If you like this tool, please tell a friend or co-worker!
|
||||
@echo.
|
||||
|
||||
set /p browser="Press enter to continue setup with http://localhost/setup.php"
|
||||
|
||||
start http://localhost
|
||||
|
Loading…
Reference in New Issue
Block a user