ryan/sagacity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ryan:v1.4.0
Branches Tags
ryan:master ryan:dependabot/composer/inc/phpoffice/phpspreadsheet-1.16.0 ryan:v1.4.0 ryan:v1.3.4
ryan:1.3.4 ryan:v1.3.2 ryan:0.1
..
compare: ryan:v1.3.4
Branches Tags
ryan:dependabot/composer/inc/phpoffice/phpspreadsheet-1.16.0 ryan:master ryan:v1.4.0 ryan:v1.3.4
ryan:1.3.4 ryan:v1.3.2 ryan:0.1

2 Commits
v1.4.0 ... v1.3.4

Author SHA1 Message Date
Jeff Odegard
9865904e04 Nmap filetype not found for .nmap files 
The file type for Normal output .nmap files were not being correctly detected and were producing an error on import.
 2019-01-21 17:03:12 -07:00
Jeff Odegard
1af6091e55 Fix for Nessus Solaris 11 Sparc and VMWare ESXi ID 
parse_nessus.php had an issue when parsing Nessus results with Solaris 11 results.  It would only identify the x86 architecture, but not sparc architectures.  Additionally, VMWare ESXi hosts were not identified.
 2019-01-21 15:13:30 -07:00
8 changed files with 2164 additions and 51 deletions
Expand all files Collapse all files

BIN
Database_Baseline.zip
View File

Binary file not shown.

2050
conf/php-dev.ini Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
conf/php_xdebug-2.6.0-7.2-vc15.dll Normal file
View File

Binary file not shown.

5
config.inc
View File

@ -17,7 +17,6 @@
* - Jun 2, 2018 - Added new STIG_EXCLUSIONS constant to permanently exclude STIGs
* - Aug 28, 2018 - Updated constants for 1.3.3 release
* - Jan 15, 2019 - Updated constants for 1.3.4 release
* - Jan 19, 2019 - Updated constants for 1.4.0 release
*/
// @new
/**
@ -32,8 +31,8 @@ define('E_DEBUG', 65535);
define('DOC_ROOT', '{DOC_ROOT}');
define('PWD_FILE', '{PWD_FILE}');
define('TMP', '{TMP_PATH}');
define('VER', '1.4.0');
define('REL_DATE', '2019-12-31');
define('VER', '1.3.4');
define('REL_DATE', '2019-01-15');
define('LOG_LEVEL', '{E_ERROR}');
define('LOG_PATH', '{LOG_PATH}');
define('SALT', '{SALT}');

2
exec/parse_nessus.php
View File

@ -149,7 +149,7 @@ class nessus_parser extends scan_xml_parser
"cpe:\/o:microsoft:windows_server_2008:r2::x64.*" => "cpe:/o:microsoft:windows_server_2008:r2",
"cpe:\/o:redhat:enterprise_linux:([\d]+)::.*" => "cpe:/o:redhat:enterprise_linux:$1",
"cpe:\/o:sun:sunos:([\d]+)::.*" => "cpe:/o:oracle:solaris:$1",
"cpe:\/o:vmware:esx_server.*" => "cpe:/o:vmware:esxi:5.0",
"cpe:\/o:vmware:esx_server.*" => "cpe:/o:vmware:esxi:5.0",
"cpe:\/o:centos:centos:([\d]+).*" => "cpe:/o:centos:centos:$1",
];

9
exec/parse_nmap.php
View File

@ -22,6 +22,7 @@
* - Nov 7, 2016 - Added d parameter documentation
* - Dec 7, 2016 - Added check for "Interesting ports on {IP}" line
* - Jan 30, 2017 - Updated to use parse_config.ini file, and added populating new targets with shortened os software string if available.
* - Jan 21, 2019 - fixed filetype check for .nmap and .gnmap files.
*/
$cmd = getopt("f:", ['debug::', 'help::']);
@ -95,12 +96,12 @@ foreach ($lines as $line_num => $line) {
$matches = [];
if (!isset($filetype)) {
if (preg_match('/\.nmap/', $cmd['f'])) {
$filetype = "text";
}
elseif (preg_match('/\.gnmap/', $cmd['f'])) {
$filetype = "text";
}
elseif (preg_match('/\.gnmap/', $cmd['f'])) {
$filetype = "grep";
}
elseif (preg_match('/Starting|\-oN/', $line)) {
elseif (preg_match('/Starting|\-oN/', $line)) {
$filetype = "text";
}
elseif (preg_match('/\-oG/', $line)) {

48
inc/xml_parser.inc
View File

@ -388,8 +388,6 @@ class scan_xml_parser
$this->fh = fopen($this->file, "r");
while ($data = fread($this->fh, 4096)) {
$data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
try {
if (!xml_parse($this->parser, $data, feof($this->fh)) && !xml_get_error_code($this->parser)) {
$this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_ERROR);
@ -472,11 +470,6 @@ class scan_xml_parser
}
}
/**
* XML Stream Parser class
*
* @author Ryan Prather
*/
class basic_xml_parser
{
@ -496,12 +489,6 @@ class basic_xml_parser
var $skip = false;
var $previous = null;
/**
* Constructor
*
* @param mixed $obj_in
* @param string $xml_fname
*/
function __construct($obj_in, $xml_fname)
{
$this->parser = xml_parser_create();
@ -522,13 +509,11 @@ class basic_xml_parser
$this->last_time = microtime(true);
}
/**
* Method called when parsing the opening element
*
* @param mixed $parser
* @param string $name
* @param array $attrs
*/
function __destruct()
{
}
function startElement($parser, $name, $attrs)
{
$this->stack[] = str_replace("-", "_", str_replace(":", "_", $name));
@ -554,12 +539,6 @@ class basic_xml_parser
}
}
/**
* Method called when parsing the ending element
*
* @param mixed $parser
* @param string $name
*/
function stopElement($parser, $name)
{
if (method_exists($this->obj, implode("_", $this->stack) . "_end")) {
@ -580,12 +559,6 @@ class basic_xml_parser
array_pop($this->stack);
}
/**
* Method to parse the element contents
*
* @param mixed $parser
* @param string $data
*/
function characterData($parser, $data)
{
if (method_exists($this->obj, implode("_", $this->stack) . "_data") && !$this->skip) {
@ -603,15 +576,10 @@ class basic_xml_parser
}
}
/**
* Method to start reading the file and parsing it
*/
function parse()
{
$fh = fopen($this->file, "r");
while ($data = fread($fh, 4096)) {
$data = preg_replace("/\<[^\/]+\/[^\>]+\>[^\n]+\n/", "", $data);
if (!xml_parse($this->parser, $data, feof($fh)) && !xml_get_error_code($this->parser)) {
print_r($this->stack);
$this->log->script_log(xml_error_string(xml_get_error_code($this->parser)), E_WARNING);
@ -621,12 +589,6 @@ class basic_xml_parser
xml_parser_free($this->parser);
}
/**
* Method to output a log entry if the difference between previous call and current is more than 3 seconds
*
* @param string $msg
* @param string $function
*/
function time_log_diff($msg, $function = null)
{
if (is_null($function)) {

101
install-dev.bat Normal file
View File

@ -0,0 +1,101 @@
@echo off
REM File: install-dev.bat
REM Author: Ryan Prather, Jeff Odegard
REM Purpose: Windows / XAMPP Installation Script
REM Created: Jan 5, 2015
REM Portions Copyright 2016-2019: Cyber Perspective, All rights reserved
REM Released under the Apache v2.0 License
REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
REM Portions Copyright (c) 2008-2011, Science Applications International Corporation (SAIC)
REM Released under Modified BSD License
REM See license.txt for details
REM Change Log:
REM - Jan 5, 2015 - File created
REM - Sep 1, 2016 - Copyright updated, added comments and file header
REM - Oct 7, 2016 - Copying Windows / XAMPP config.xml
REM - Nov 14, 2016 - Converted xcopy for config file to copy
REM - Nov 18, 2016 - Changed file moves to copies, removed deleting existing *.cgi & *.pl script in the CGI_PATH and deleting CONF folder
REM - Dec 12, 2016 - Removed pthreads library because it is no longer needed.
REM Rename existing Apache, MySQL/mariaDB, and PHP config files to .old before copying hardened files.
REM - Dec 13, 2016 - Fixed syntax of the rename command
REM - Dec 19, 2016 - Fixed copy syntax for config.xml file
REM - Jan 30, 2017 - Fixed error with copy of config-xampp-win.xml to config.xml where it required full path
REM - Apr 5, 2017 - Added mkdir for \xampp\php\logs directory (not included when installed)
REM - Jun 27, 2017 - Removed copy cgi-bin contents
REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
REM - Nov 27, 2018 - Added php-dev.ini to conf folder and added prompts to allow for development installation
REM - Jan 10, 2019 - broke out the dev installation from install.bat and streamlined the installation process.
@echo The Sagacity dev configuration installs and enables php xdebug used for troubleshooting and development work.
echo.
@echo NOTE: The dev configuration will *noticably* impact Sagacity's performance.
@echo *** For a production environment, please use install.bat instead! ***
@echo.
@echo For your dev installation we also recommend installing QCacheGrindWin from
@echo.
@echo https://sourceforge.net/projects/qcachegrindwin/
@echo.
set /p dev="Do you want to install the dev configuration? (y/N) "
set result=0
if "%dev%"=="Y" (set result=1)
if "%dev%"=="y" (set result=1)
if "%dev%"=="Yes" (set result=1)
if "%dev%"=="YES" (set result=1)
if "%dev%"=="yes" (set result=1)
if "%result%"=="0" (
@echo Dev installation aborted.
@echo Please use install.bat for a production installation.
exit
)
@echo - Create PHP log folder
mkdir c:\xampp\php\logs
@echo - Copy Apache, MySQL/mariaDB, and PHP configuration files
@echo - Renaming the original config files to *.old.
rename c:\xampp\mysql\bin\my.ini my.ini.old
copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
@echo - Installing MySQL service
c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
net start mysql
rename c:\xampp\apache\conf\httpd.conf httpd.conf.old
copy c:\xampp\www\conf\httpd.conf c:\xampp\apache\conf
rename c:\xampp\apache\conf\extra\httpd-ssl.conf httpd-ssl.conf.old
copy c:\xampp\www\conf\httpd-ssl.conf c:\xampp\apache\conf\extra
rename c:\xampp\apache\conf\extra\httpd-xampp.conf httpd-xampp.conf.old
copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
rename c:\xampp\php\php.ini php.ini.old
copy c:\xampp\www\conf\php-dev.ini c:\xampp\php\php.ini
copy c:\xampp\www\conf\php_xdebug-2.6.0-7.2-vc15.dll c:\xampp\php\ext\php_xdebug-2.6.0-7.2-vc15.dll
@echo - Deleting unnecessary C:\xampp\htdocs folder.
del /F /S /Q c:\xampp\htdocs 1>nul
@echo - Installing Apache service
c:\xampp\apache\bin\httpd -k install
net start apache2.4
@echo.
@echo Thank you for installing Sagacity. We want to know what you think!
@echo Please contact us at https://www.cyberperspectives.com/contact_us
@echo.
@echo If you like this tool, please tell a friend or co-worker!
@echo.
set /p browser="Press enter to continue setup with http://localhost/setup.php"
start http://localhost