fix: Fixed a typo in McAfee software detection.

Nessus 8.2 can accommodate invalid XML tags.  In plugin 86067, it now includes a tag <ssl/chain/sha-1>{data}</ssl/chain/sha-1>.  The forward slashes in the opening tag cause the PHP stream parser to barf.  I added a regex to remove tags with forward slashes in the tag that don't appear as the first character after the less than sign.  As a result, this will also remove <attachment> tag items because the <attachment> tag also includes a "type" attribute that contains the MIME type of the attachment file.  Not a big deal though because we are not using the attachments.  If we decide to grab those as well, we will have to change this regex to make it work.

README.md

@@ -33,16 +33,12 @@ _Keen insight. Sound judgment. Wise decisions. Sagacity._
 
 ### Software Requirements
 Sagacity has the following software requirements. The versions listed are the minimum required for operation. For PHP, we recommend the closest version you can get to the one listed, further versions may deprecate features before we have the chance to update the code.
-
-*Please note:  Sagacity is not fully compatible with XAMPP 7.3.x or PHP 7.3.  Please use XAMPP 7.2 / PHP 7.2 instead.*
-
 - PHP 7.2
 - MySQL 5.7+ or MariaDB 10+
 - Apache 2.4+
 
 For Windows, you can install XAMPP 7.2.x from https://www.apachefriends.org/download.html
 
-
 ## Installation
 
 See README.pdf for complete installation instructions.

config.inc

@@ -17,6 +17,7 @@
  *  - Jun 2, 2018 - Added new STIG_EXCLUSIONS constant to permanently exclude STIGs
  *  - Aug 28, 2018 - Updated constants for 1.3.3 release
  *  - Jan 15, 2019 - Updated constants for 1.3.4 release
+ *  - Jan 19, 2019 - Updated constants for 1.4.0 release
  */
 // @new
 /**
@@ -31,8 +32,8 @@ define('E_DEBUG', 65535);
 define('DOC_ROOT', '{DOC_ROOT}');
 define('PWD_FILE', '{PWD_FILE}');
 define('TMP', '{TMP_PATH}');
-define('VER', '1.3.4');
-define('REL_DATE', '2019-01-15');
+define('VER', '1.4.0');
+define('REL_DATE', '2019-12-31');
 define('LOG_LEVEL', '{E_ERROR}');
 define('LOG_PATH', '{LOG_PATH}');
 define('SALT', '{SALT}');

exec/export-ckl.php

@@ -90,7 +90,7 @@ if ($tgt_count = count($tgts)) {
     print "Target: {$tgt->get_Name()}" . PHP_EOL;
 
     foreach ($tgt->checklists as $key => $chk) {
-      if ($chk->name == 'Orphan' || $chk->type == 'benchmark') {
+      if ($chk->name == 'Orphan' || $chk->type != 'manual') {
         unset($tgt->checklists[$key]);
       }
     }

exec/parse_nessus.php

@@ -149,7 +149,7 @@ class nessus_parser extends scan_xml_parser
         "cpe:\/o:microsoft:windows_server_2008:r2::x64.*"   => "cpe:/o:microsoft:windows_server_2008:r2",
         "cpe:\/o:redhat:enterprise_linux:([\d]+)::.*"       => "cpe:/o:redhat:enterprise_linux:$1",
         "cpe:\/o:sun:sunos:([\d]+)::.*"             		=> "cpe:/o:oracle:solaris:$1",
-		"cpe:\/o:vmware:esx_server.*" 						=> "cpe:/o:vmware:esxi:5.0",
+        "cpe:\/o:vmware:esx_server.*" 						=> "cpe:/o:vmware:esxi:5.0",
         "cpe:\/o:centos:centos:([\d]+).*"                   => "cpe:/o:centos:centos:$1",
     ];
 

exec/parse_nmap.php

@@ -22,7 +22,6 @@
  *  - Nov 7, 2016 - Added d parameter documentation
  *  - Dec 7, 2016 - Added check for "Interesting ports on {IP}" line
  *  - Jan 30, 2017 - Updated to use parse_config.ini file, and added populating new targets with shortened os software string if available.
- *  - Jan 21, 2019 - fixed filetype check for .nmap and .gnmap files.
  */
 $cmd = getopt("f:", ['debug::', 'help::']);
 
@@ -96,12 +95,12 @@ foreach ($lines as $line_num => $line) {
     $matches = [];
     if (!isset($filetype)) {
         if (preg_match('/\.nmap/', $cmd['f'])) {
-			$filetype = "text";
-		}
-		elseif (preg_match('/\.gnmap/', $cmd['f'])) {
+            $filetype = "text";
+        }
+        elseif (preg_match('/\.gnmap/', $cmd['f'])) {
             $filetype = "grep";
         }
-		elseif (preg_match('/Starting|\-oN/', $line)) {
+        elseif (preg_match('/Starting|\-oN/', $line)) {
             $filetype = "text";
         }
         elseif (preg_match('/\-oG/', $line)) {

inc/xml_parser.inc

@@ -388,6 +388,8 @@ class scan_xml_parser
 
         $this->fh = fopen($this->file, "r");
         while ($data     = fread($this->fh, 4096)) {
+            $data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
+            
             try {
                 if (!xml_parse($this->parser, $data, feof($this->fh)) && !xml_get_error_code($this->parser)) {
                     $this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_ERROR);
@@ -470,6 +472,11 @@ class scan_xml_parser
     }
 }
 
+/**
+ * XML Stream Parser class
+ * 
+ * @author Ryan Prather
+ */
 class basic_xml_parser
 {
 
@@ -489,6 +496,12 @@ class basic_xml_parser
     var $skip        = false;
     var $previous    = null;
 
+    /**
+     * Constructor
+     * 
+     * @param mixed $obj_in
+     * @param string $xml_fname
+     */
     function __construct($obj_in, $xml_fname)
     {
         $this->parser = xml_parser_create();
@@ -509,11 +522,13 @@ class basic_xml_parser
         $this->last_time   = microtime(true);
     }
 
-    function __destruct()
-    {
-
-    }
-
+    /**
+     * Method called when parsing the opening element
+     * 
+     * @param mixed $parser
+     * @param string $name
+     * @param array $attrs
+     */
     function startElement($parser, $name, $attrs)
     {
         $this->stack[] = str_replace("-", "_", str_replace(":", "_", $name));
@@ -539,6 +554,12 @@ class basic_xml_parser
         }
     }
 
+    /**
+     * Method called when parsing the ending element
+     * 
+     * @param mixed $parser
+     * @param string $name
+     */
     function stopElement($parser, $name)
     {
         if (method_exists($this->obj, implode("_", $this->stack) . "_end")) {
@@ -559,6 +580,12 @@ class basic_xml_parser
         array_pop($this->stack);
     }
 
+    /**
+     * Method to parse the element contents
+     * 
+     * @param mixed $parser
+     * @param string $data
+     */
     function characterData($parser, $data)
     {
         if (method_exists($this->obj, implode("_", $this->stack) . "_data") && !$this->skip) {
@@ -576,10 +603,15 @@ class basic_xml_parser
         }
     }
 
+    /**
+     * Method to start reading the file and parsing it
+     */
     function parse()
     {
         $fh   = fopen($this->file, "r");
         while ($data = fread($fh, 4096)) {
+            $data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
+            
             if (!xml_parse($this->parser, $data, feof($fh)) && !xml_get_error_code($this->parser)) {
                 print_r($this->stack);
                 $this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_WARNING);
@@ -589,6 +621,12 @@ class basic_xml_parser
         xml_parser_free($this->parser);
     }
 
+    /**
+     * Method to output a log entry if the difference between previous call and current is more than 3 seconds
+     * 
+     * @param string $msg
+     * @param string $function
+     */
     function time_log_diff($msg, $function = null)
     {
         if (is_null($function)) {

install-dev.bat

@@ -1,101 +0,0 @@
-@echo off
-
- REM File: install-dev.bat
- REM Author: Ryan Prather, Jeff Odegard
- REM Purpose: Windows / XAMPP Installation Script
- REM Created: Jan 5, 2015
-
- REM Portions Copyright 2016-2019: Cyber Perspective, All rights reserved
- REM Released under the Apache v2.0 License
-
- REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
- REM Portions Copyright (c) 2008-2011, Science Applications International Corporation (SAIC)
- REM Released under Modified BSD License
-
- REM See license.txt for details
-
- REM Change Log:
- REM - Jan 5, 2015 - File created
- REM - Sep 1, 2016 - Copyright updated, added comments and file header
- REM - Oct 7, 2016 - Copying Windows / XAMPP config.xml
- REM - Nov 14, 2016 - Converted xcopy for config file to copy
- REM - Nov 18, 2016 - Changed file moves to copies, removed deleting existing *.cgi & *.pl script in the CGI_PATH and deleting CONF folder
- REM - Dec 12, 2016 - Removed pthreads library because it is no longer needed.
- REM				  Rename existing Apache, MySQL/mariaDB, and PHP config files to .old before copying hardened files.
- REM - Dec 13, 2016 - Fixed syntax of the rename command
- REM - Dec 19, 2016 - Fixed copy syntax for config.xml file
- REM - Jan 30, 2017 - Fixed error with copy of config-xampp-win.xml to config.xml where it required full path
- REM - Apr 5, 2017 - Added mkdir for \xampp\php\logs directory (not included when installed)
- REM - Jun 27, 2017 - Removed copy cgi-bin contents
- REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
- REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
- REM - Nov 27, 2018 - Added php-dev.ini to conf folder and added prompts to allow for development installation
- REM - Jan 10, 2019 - broke out the dev installation from install.bat and streamlined the installation process.
-
-@echo The Sagacity dev configuration installs and enables php xdebug used for troubleshooting and development work.  
-echo.
-@echo NOTE: The dev configuration will *noticably* impact Sagacity's performance.
-@echo       *** For a production environment, please use install.bat instead! ***
-@echo.
-
-@echo For your dev installation we also recommend installing QCacheGrindWin from
-@echo.
-@echo       https://sourceforge.net/projects/qcachegrindwin/
-@echo.
-
-set /p dev="Do you want to install the dev configuration? (y/N) "
-set result=0
-if "%dev%"=="Y" (set result=1)
-if "%dev%"=="y" (set result=1)
-if "%dev%"=="Yes" (set result=1)
-if "%dev%"=="YES" (set result=1)
-if "%dev%"=="yes" (set result=1)
-
-if "%result%"=="0" (
-	@echo Dev installation aborted.
-	@echo Please use install.bat for a production installation.
-	exit
-)
-
-@echo    - Create PHP log folder
-mkdir c:\xampp\php\logs
-
-@echo    - Copy Apache, MySQL/mariaDB, and PHP configuration files
-@echo    - Renaming the original config files to *.old.
-
-rename c:\xampp\mysql\bin\my.ini my.ini.old
-copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
-
-@echo    - Installing MySQL service
-c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
-net start mysql
-
-rename c:\xampp\apache\conf\httpd.conf httpd.conf.old
-copy c:\xampp\www\conf\httpd.conf c:\xampp\apache\conf
-rename c:\xampp\apache\conf\extra\httpd-ssl.conf httpd-ssl.conf.old
-copy c:\xampp\www\conf\httpd-ssl.conf c:\xampp\apache\conf\extra
-rename c:\xampp\apache\conf\extra\httpd-xampp.conf httpd-xampp.conf.old
-copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
-rename c:\xampp\php\php.ini php.ini.old
-
-copy c:\xampp\www\conf\php-dev.ini c:\xampp\php\php.ini
-copy c:\xampp\www\conf\php_xdebug-2.6.0-7.2-vc15.dll c:\xampp\php\ext\php_xdebug-2.6.0-7.2-vc15.dll
-
-@echo    - Deleting unnecessary C:\xampp\htdocs folder.
-del /F /S /Q c:\xampp\htdocs 1>nul
-
-@echo    - Installing Apache service
-c:\xampp\apache\bin\httpd -k install
-net start apache2.4
-
-@echo.
-@echo Thank you for installing Sagacity.  We want to know what you think!
-@echo Please contact us at https://www.cyberperspectives.com/contact_us
-@echo.
-@echo If you like this tool, please tell a friend or co-worker!
-@echo.
-
-set /p browser="Press enter to continue setup with http://localhost/setup.php"
-
-start http://localhost
-