public void printMediumRisk(Paragraph paragraph)
{
String s = "5.2.2.";
int no = 1;
foreach (KeyValuePair <int, DataEntry> entry in record.getMediumRisk())
{
if (no == 1)
{
foreach (OpenXmlLeafTextElement text in paragraph.Descendants <OpenXmlLeafTextElement>())
{
if (text == paragraph.Descendants <OpenXmlLeafTextElement>().First())
{
text.Text = s + no.ToString() + " " + entry.Value.getPluginName();
}
else
{
text.Remove();
}
}
}
else
{
paragraph.InsertBeforeSelf(addParagraph(s + no.ToString() + " " + entry.Value.getPluginName(), paragraph));
}
paragraph.InsertBeforeSelf(addParagraph("", paragraph));
paragraph.InsertBeforeSelf <Table>(addTable(buildTable(entry.Value, RiskFactor.MEDIUM)));
no++;
}
}
public void printMediumRisk(SheetData sheetData)
{
foreach (KeyValuePair <int, DataEntry> entry in record.getMediumRisk())
{
sheetData.Append(buildRow(buildStringArray(entry.Value, RiskFactor.MEDIUM)));
}
}
/*
* This is the printMediumRisk method.
* It is used to output the medium risk findings.
*/
public void printMediumRisk(Body body)
{
String s = "5.2.2.";
int no = 1;
foreach (KeyValuePair <int, DataEntry> entry in record.getMediumRisk())
{
addParagraph(body, s + no.ToString() + " " + entry.Value.getPluginName());
addTable(body, buildTable(entry.Value, RiskFactor.MEDIUM));
no++;
}
}
public Databaser(String path, ref Record.Record record)
{
this.path = path;
this.record = record;
// Create
sqlite_conn = new SQLiteConnection("Data source=" + path + ";Version=3;New=True;Compress=True;");
// Open
sqlite_conn.Open();
// Create command
sqlite_cmd = sqlite_conn.CreateCommand();
// Command
sqlite_cmd.CommandText = "CREATE TABLE IF NOT EXISTS Record(" +
"id INTEGER PRIMARY KEY," +
"originalId INTEGER," +
"pluginName VARCHAR(500) NOT NULL," +
"ipList VARCHAR(1000) NOT NULL," +
"description VARCHAR(1000) NOT NULL," +
"impact VARCHAR(2000) NOT NULL," +
"riskfactor VARCHAR(10) NOT NULL," +
"recommendation VARCHAR(2000) NOT NULL," +
"bidlist VARCHAR(2000) NOT NULL," +
"cvelist VARCHAR(2000) NOT NULL," +
"osvdblist VARCHAR(2000) NOT NULL," +
"referenceLink VARCHAR(200)," +
"revisionNo INTEGER" +
");";
// Execute non query command
sqlite_cmd.ExecuteNonQuery();
insertRecordToDatabase(record.getHighRisk());
insertRecordToDatabase(record.getMediumRisk());
insertRecordToDatabase(record.getLowRisk());
insertRecordToDatabase(record.getNoneRisk());
insertRecordToDatabase(record.getOpenPort());
sqlite_conn.Close();
}
private String getOutput(ref Record.Record record)
{
Dictionary <int, DataEntry> highRisk = record.getHighRisk();
Dictionary <int, DataEntry> mediumRisk = record.getMediumRisk();
Dictionary <int, DataEntry> lowRisk = record.getLowRisk();
Dictionary <int, DataEntry> noneRisk = record.getNoneRisk();
Dictionary <int, DataEntry> openPort = record.getOpenPort();
RiskStats riskStats = record.getRiskStats();
StringBuilder sb = new StringBuilder();
sb.Append("<DIV>" + "\n");
sb.Append("<H4>Risk Statistics</H4>" + "\n");
sb.Append("<br>High Risk: " + highRisk.Count + "\n");
sb.Append("<br>Medium Risk: " + mediumRisk.Count + "\n");
sb.Append("<br>Low Risk: " + lowRisk.Count + "\n");
sb.Append("<br>None Risk: " + noneRisk.Count + "\n");
sb.Append("<br>Open Port: " + openPort.Count + "\n");
sb.Append("</DIV>" + "\n");
// Per host statistics
sb.Append("<DIV>" + "\n");
sb.Append("<H4>Risk Statistics</H4>" + "\n");
foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats())
{
sb.Append("<br/>");
sb.Append(HTMLOutputFormater.forHTML(entry.Key));
sb.Append(":\t");
Dictionary <RiskFactor, int> hostRisks = entry.Value;
foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks)
{
if (hostRisk.Key != RiskFactor.NULL)
{
sb.Append(HTMLOutputFormater.forHTML(RiskFactorFunction.getEnumString(hostRisk.Key) + " : "));
sb.Append(HTMLOutputFormater.forHTML(hostRisk.Value.ToString()) + '\t');
}
}
}
sb.Append("</DIV>" + "\n");
// High Risks
sb.Append("<DIV>" + "\n");
sb.Append("<H4>High Risk Findings</H4>" + "\n");
foreach (KeyValuePair <int, DataEntry> entry in highRisk)
{
sb.Append("<p>" + "\n");
sb.Append(getDataEntryHTML(entry.Value, RiskFactor.HIGH));
sb.Append("</p>" + "\n");
}
sb.Append("</DIV>" + "\n");
// Medium Risks
sb.Append("<DIV>" + "\n");
sb.Append("<H4>Medium Risk Findings</H4>" + "\n");
foreach (KeyValuePair <int, DataEntry> entry in mediumRisk)
{
sb.Append("<p>" + "\n");
sb.Append(getDataEntryHTML(entry.Value, RiskFactor.MEDIUM));
sb.Append("</p>" + "\n");
}
sb.Append("</DIV>" + "\n");
// Low Risks
sb.Append("<DIV>" + "\n");
sb.Append("<H4>Low Risk Findings</H4>" + "\n");
foreach (KeyValuePair <int, DataEntry> entry in lowRisk)
{
sb.Append("<p>" + "\n");
sb.Append(getDataEntryHTML(entry.Value, RiskFactor.LOW));
sb.Append("</p>" + "\n");
}
sb.Append("</DIV>" + "\n");
// None Risks
sb.Append("<DIV>" + "\n");
sb.Append("<H4>None Risk Findings</H4>" + "\n");
foreach (KeyValuePair <int, DataEntry> entry in noneRisk)
{
sb.Append("<p>" + "\n");
sb.Append(getDataEntryHTML(entry.Value, RiskFactor.NONE));
sb.Append("</p>" + "\n");
}
sb.Append("</DIV>" + "\n");
// Open Ports
sb.Append("<DIV>" + "\n");
sb.Append("<H4>Open Ports Findings</H4>" + "\n");
foreach (KeyValuePair <int, DataEntry> entry in openPort)
{
sb.Append("<p>" + "\n");
sb.Append(getDataEntryHTML(entry.Value, RiskFactor.OPEN));
sb.Append("</p>" + "\n");
}
sb.Append("</DIV>" + "\n");
return(sb.ToString());
}
public override void output(string path, ref Record.Record record)
{
Dictionary <int, DataEntry> highRisk = record.getHighRisk();
Dictionary <int, DataEntry> mediumRisk = record.getMediumRisk();
Dictionary <int, DataEntry> lowRisk = record.getLowRisk();
Dictionary <int, DataEntry> noneRisk = record.getNoneRisk();
Dictionary <int, DataEntry> openPort = record.getOpenPort();
RiskStats riskStats = record.getRiskStats();
using (WordprocessingDocument wordDoc = WordprocessingDocument.Create(path, WordprocessingDocumentType.Document)) {
MainDocumentPart mainDocumentPart = wordDoc.AddMainDocumentPart();
Document document = new Document();
Body body = new Body();
document.Append(body);
mainDocumentPart.Document = document;
// start output
addParagraph(body, "Risk Statistics", true, 5, false, false);
addParagraph(body, "High Risk: " + highRisk.Count, false, 2, false, false);
addParagraph(body, "Medium Risk: " + mediumRisk.Count, false, 2, false, false);
addParagraph(body, "Low Risk: " + lowRisk.Count, false, 2, false, false);
addParagraph(body, "None Risk: " + noneRisk.Count, false, 2, false, false);
addParagraph(body, "Open Port: " + openPort.Count, false, 2, false, false);
// Per host statistics
addParagraph(body, "Risk Statistics", true, 5, true, false);
foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats())
{
String tempString = entry.Key;
Dictionary <RiskFactor, int> hostRisks = entry.Value;
foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks)
{
if (hostRisk.Key != RiskFactor.NULL)
{
tempString += " " + RiskFactorFunction.getEnumString(hostRisk.Key) + ": " +
hostRisk.Value.ToString();
}
}
addParagraph(body, tempString, false, 0, false, false);
}
// High Risks
addParagraph(body, "High Risk Findings\n", true, 2, true, false);
foreach (KeyValuePair <int, DataEntry> entry in highRisk)
{
addParagraph(body, entry.Value.getPluginName(), true, 0, true, false);
addTable(body, buildTable(entry.Value, RiskFactor.HIGH));
}
// Medium Risks
addParagraph(body, "Medium Risk Findings\n", true, 2, true, false);
foreach (KeyValuePair <int, DataEntry> entry in mediumRisk)
{
addParagraph(body, entry.Value.getPluginName(), true, 0, true, false);
addTable(body, buildTable(entry.Value, RiskFactor.MEDIUM));
}
// Low Risks
addParagraph(body, "Low Risk Findings\n", true, 2, true, false);
foreach (KeyValuePair <int, DataEntry> entry in lowRisk)
{
addParagraph(body, entry.Value.getPluginName(), true, 0, true, false);
addTable(body, buildTable(entry.Value, RiskFactor.LOW));
}
// None Risks
addParagraph(body, "None Risk Findings\n", true, 2, true, false);
foreach (KeyValuePair <int, DataEntry> entry in noneRisk)
{
addParagraph(body, entry.Value.getPluginName(), true, 0, true, false);
addTable(body, buildTable(entry.Value, RiskFactor.NONE));
}
// Open Ports
addParagraph(body, "Open Ports Findings\n", true, 2, true, false);
foreach (KeyValuePair <int, DataEntry> entry in openPort)
{
addParagraph(body, entry.Value.getPluginName(), true, 0, true, false);
addTable(body, buildTable(entry.Value, RiskFactor.OPEN));
}
}
}
