connect_errno) { die($db->connect_error); } if (!isset($cmd['d'])) { die("Did not include the directory the files are in"); } chdir($cmd['d']); if (isset($cmd['f'])) { $files = array(0 => $cmd['f']); } else { $files = glob("*.xml"); } foreach ($files as $file) { print $file . PHP_EOL; $doc = new DOMDocument(); $doc->load($file); $pi = $doc->createProcessingInstruction('xml-stylesheet', 'type="text/xsl" href="iavm.xsl"'); $doc->insertBefore($pi, $doc->getElementsByTagName("iavmNotice")->item(0)); $doc->xmlStandalone = true; $tmp = $doc->saveXML(); $tmp = str_replace(" xmlns=\"http://iavm.csd.disa.mil/schemas/IavmNoticeSchema/1.2\"", "", $tmp); $doc->loadXML($tmp); // root node values (iavm_notice table) $id = getValue($doc, '/iavmNotice/@noticeId'); $xmlurl = getValue($doc, '/iavmNotice/xmlUrl'); $htmlurl = getValue($doc, '/iavmNotice/htmlUrl'); $noticeNumber = getValue($doc, '/iavmNotice/iavmNoticeNumber'); $title = getValue($doc, '/iavmNotice/title'); $type = getValue($doc, '/iavmNotice/type'); $state = getValue($doc, '/iavmNotice/state'); $lastUpdated = getValue($doc, '/iavmNotice/lastUpdated'); $releaseDate = getValue($doc, '/iavmNotice/releaseDate'); $supersedes = getValue($doc, '/iavmNotice/supersedes'); $execSummary = getValue($doc, '/iavmNotice/executiveSummary'); $fixAction = getValue($doc, '/iavmNotice/fixAction'); $note = getValue($doc, '/iavmNotice/note'); $vulnAppsSysAndCntrmsrs = getValue($doc, '/iavmNotice/vulnAppsSysAndCntrmsrs'); $knownExploits = getValue($doc, '/iavmNotice/knownExploits'); $stigFindingSeverity = getValue($doc, '/iavmNotice/vms/stigFindingSeverity'); // iavm_tech_overview $techOverview = getValue($doc, '/iavmNotice/techOverview', null, true); // iavm_references $references = getValue($doc, '/iavmNotice/references/reference', null, true); // iavm_bids $bids = getValue($doc, '/iavmNotice/deepSightBids/bid', null, true); // iavm_patches $patches = getValue($doc, '/iavmNotice/patches/patch', null, true); // iavm_mitigations $mitHeader = getValue($doc, '/iavmNotice/tempMitStrat/header'); $mitBody = getValue($doc, '/iavmNotice/tempMitStrat/body'); $doc->formatOutput = true; $doc->preserveWhiteSpace = true; //print $doc->saveXML(); if (is_array($supersedes)) { $supersedes = implode(',', $supersedes); } $stig = $sys->get_Stig($noticeNumber); if (is_array($stig) && count($stig) && isset($stig[0]) && is_a($stig[0], 'stig')) { $stig = $stig[0]; $pdi_id = $stig->get_PDI_ID(); } else { $pdi = new pdi(null, $stigFindingSeverity, $lastUpdated); $pdi->set_Short_Title($title); $pdi->set_Group_Title($title); $pdi->set_Description($execSummary); // print_r($pdi); $pdi_id = $sys->save_PDI($pdi); $stig = new stig($pdi_id, $noticeNumber, $execSummary); // print_r($stig); $sys->add_Stig($stig); } $last_updated_dt = new DateTime($lastUpdated); $release_date_dt = new DateTime($releaseDate); $iavm = $sys->get_IAVM($noticeNumber); if (is_null($iavm)) { $sys->help->insert("sagacity.iavm_notices", [ 'pdi_id' => $pdi_id, 'noticeId' => $id, 'xmlUrl' => $xmlurl, 'htmlUrl' => $htmlurl, 'file_name' => basename($file), 'iavmNoticeNumber' => $noticeNumber, 'title' => $title, 'type' => $type, 'state' => $state, 'lastUpdated' => $last_updated_dt->format(MYSQL_D_FORMAT), 'releaseDate' => $release_date_dt->format(MYSQL_D_FORMAT), 'supersedes' => $supersedes, 'executiveSummary' => $execSummary, 'fixAction' => $fixAction, 'note' => $note, 'vulnAppsSysAndCntrmsrs' => $vulnAppsSysAndCntrmsrs, 'stigFindingSeverity' => $stigFindingSeverity, 'knownExploits' => $knownExploits ], true); if (!$sys->help->execute()) { error_log("file: $file" . PHP_EOL . $db->error . PHP_EOL . $ins_sql); continue; //die; } } if ($bids->length) { foreach ($bids as $bid) { if ($res = $db->query( "SELECT COUNT(1) as 'cnt' FROM sagacity.iavm_bids WHERE iavm_notice_id = $id AND bid = '" . $bid->textContent . "'")) { if ($res->num_rows) { $row = $res->fetch_array(MYSQLI_ASSOC); print "existing bid: $bid->textContent" . PHP_EOL; } else { $sql = "INSERT INTO sagacity.iavm_bids (iavm_notice_id, bid) VALUES ($id, $bid->textContent)"; $db->real_query($sql); print "new bid: $bid->textContent" . PHP_EOL; } } else { error_log($db->error); } } } if ($references->length) { foreach ($references as $ref) { $url = getValue($doc, "url", $ref); $title = getValue($doc, "title", $ref); $type = getValue($doc, "type", $ref); $res = $db->query( "SELECT id FROM sagacity.iavm_references WHERE iavm_notice_id = $id AND url='" . $db->real_escape_string($url) . "'"); if ($res->num_rows) { $row = $res->fetch_array(MYSQLI_ASSOC); $sql = "UPDATE sagacity.iavm_references SET title = '" . $db->real_escape_string($title) . "' WHERE id = " . $row['id']; $db->real_query($sql); print "existing reference: " . $title . " (" . $row['id'] . ")" . PHP_EOL; } else { $sql = "INSERT INTO sagacity.iavm_references (iavm_notice_id, title, url) VALUES ($id, '" . $db->real_escape_string($title) . "','" . $db->real_escape_string($url) . "')"; $db->real_query($sql); // print "db error: ".$db->error.PHP_EOL; print "new reference: " . $title . PHP_EOL; } $matches = array(); if (preg_match("/microsoft\.com.*\/([\d]+)/i", $url, $matches) || preg_match("/(MS[\d]+\-[\d]+)/", $title, $matches)) { if (is_numeric($matches[1])) { $matches[1] = "KB" . $matches[1]; } $adv = new advisory($pdi_id, $matches[1], "", "", $url); $sys->save_Advisory(array( 0 => $adv )); } } } if ($techOverview->length) { foreach ($techOverview as $to) { $details = getValue($doc, "details", $to); if ($details) { $res = $db->query( "SELECT id FROM sagacity.iavm_tech_overview WHERE iavm_notice_id = $id AND details='" . $db->real_escape_string($details) . "'"); $row = $res->fetch_array(MYSQLI_ASSOC); if ($row['id']) { print "existing overview for $id" . PHP_EOL; } else { $sql = "INSERT INTO sagacity.iavm_tech_overview (iavm_notice_id, details) VALUES ($id, '" . $db->real_escape_string($details) . "')"; $db->real_query($sql); print "new overview" . PHP_EOL; } } $entries = getValue($doc, "entry", $to, true); if ($entries->length) { foreach ($entries as $entry) { $entry_title = getValue($doc, "title", $entry); $entry_desc = getValue($doc, "description", $entry); if (substr($entry_title, 0, 3) == 'CVE') { print "CVE: $entry_title" . PHP_EOL; $sql = "REPLACE INTO sagacity.iavm_to_cve (noticeId, cve_id) VALUES (" . $id . "," . "'" . $db->real_escape_string($entry_title) . "')"; $db->real_query($sql); } else { Sagacity_Error::err_handler("Entry title: $entry_title in file $file"); } } } } } if ($patches->length) { foreach ($patches as $patch) { $title = getValue($doc, "title", $patch); $type = getValue($doc, "type", $patch); $url = getValue($doc, "url", $patch); $res = $db->query( "SELECT id FROM sagacity.iavm_patches WHERE iavm_notice_id = $id AND url = '" . $db->real_escape_string($url) . "'"); $row = $res->fetch_array(MYSQLI_ASSOC); if ($row['id']) { $sql = "UPDATE sagacity.iavm_patches SET `type` = '" . $db->real_escape_string($type) . "', `title` = '" . $db->real_escape_string($title) . "' WHERE id = " . $row['id']; $db->real_query($sql); print "existing patch: $title (" . $row['id'] . ")" . PHP_EOL; } else { $sql = "INSERT INTO sagacity.iavm_patches (iavm_notice_id, `type`, title, url) VALUES ($id, '" . $db->real_escape_string($type) . "','" . $db->real_escape_string($title) . "','" . $db->real_escape_string($url) . "')"; $db->real_query($sql); print "new patch: $title" . PHP_EOL; } $matches = array(); if (preg_match("/(KB[\d]+)|(MS[\d]+\-[\d]+)/i", $title, $matches)) { $adv = new advisory($pdi_id, $matches[1], "", "", $url); $sys->save_Advisory(array( 0 => $adv )); } } } if ($mitHeader) { $res = $db->query( "SELECT id FROM sagacity.iavm_mitigations WHERE iavm_notice_id = $id AND header = '" . $db->real_escape_string($mitHeader) . "'"); $row = $res->fetch_array(MYSQLI_ASSOC); if ($row['id']) { $sql = "UPDATE sagacity.iavm_mitigations SET body = '" . $db->real_escape_string($mitBody) . "' WHERE id = " . $row['id']; $db->real_query($sql); print "existing mitigation: " . $row['id'] . PHP_EOL; } else { $sql = "INSERT INTO sagacity.iavm_mitigations (iavm_notice_id, header, body) VALUES ($id, '" . $db->real_escape_string($mitHeader) . "','" . $db->real_escape_string($mitBody) . "')"; $db->real_query($sql); print "new mitigation: $mitHeader" . PHP_EOL; } } if (!$doc->save(DOC_ROOT . "/reference/iavms/$file")) { print "error saving" . PHP_EOL; die; } } function usage() { print <<