public List <PatrOwlFinding> GetFindings()
{
var output = new List <PatrOwlFinding>();
var re = new Regex("^(?<control>[a-zA-Z]+)_(?<index>\\d+)$");
int k = 1;
if (errors != null)
{
foreach (var error in errors)
{
output.Add(error);
}
}
if (results != null)
{
foreach (var report in results)
{
var o = new Dictionary <int, PatrOwlFinding>();
foreach (var item in report.Data)
{
var m = re.Match(item.Key);
if (m.Success)
{
int id = int.Parse(m.Groups["index"].Value);
if (!o.ContainsKey(id))
{
o[id] = new PatrOwlFinding();
o[id].issue_id = id;
o[id].timestamp = DateTime.Now;
o[id].target = new PatrOwlFindingTarget();
o[id].target.addr = new List <string>()
{
GetItem(report, "Target")
};
o[id].type = "pingcastle";
o[id].confidence = PatrOwlFindingConfidenceEnum.certain;
}
PatrOwlFinding p = o[id];
string control = m.Groups["control"].Value;
string value = item.Value;
switch (control)
{
case "Rationale":
p.title = value;
p.raw = value;
break;
case "Title":
p.PingCastleTitle = value;
break;
case "TechnicalExplanation":
p.PingCastleTechnicalExplanation = value;
break;
case "Solution":
p.solution = value;
break;
case "Detail":
if (p.PingCastleDetail == null)
{
p.PingCastleDetail = new List <string>();
}
p.PingCastleDetail.Add(value);
break;
case "Points":
{
int point = 0;
int.TryParse(value, out point);
p.severity = GetSeverity(point);
}
break;
case "Documentation":
{
o[id].metadata = new PatrOwlFindingMetadata();
o[id].metadata.links = new List <string>();
var links = o[id].metadata.links;
var relink = new Regex("<a\\s+(?:[^>]*?\\s+)?href=([\"'])(?<url>(.*?))\\1");
foreach (Match link in relink.Matches(value))
{
var l = link.Groups["url"].Value;
if (!links.Contains(l))
{
links.Add(l);
}
}
}
break;
default:
break;
}
}
}
foreach (var i in o.Values)
{
i.issue_id = k++;
output.Add(i);
}
}
}
return(output);
}
// si scan fail pour 1 machine (sur plusieurs) => ajouter findings pour cette machine
// scan toujours successful, mais ajouter en findings les raisons des echecs
public void AnalyzeData()
{
pipe.WaitForConnection();
lock (this)
{
Status = PatrOwlOuputStatus.SCANNING;
}
foreach (var t in ScanSetting.assets)
{
bool hasError = false;
if (stop)
{
continue;
}
try
{
var output = RunHealthCheck(t);
string status = GetItem(output, "Status");
switch (status)
{
case "OK":
results.Add(output);
continue;
case "Error":
Error = GetItem(output, "Error");
hasError = true;
break;
default:
Error = "Invalid return code " + status;
hasError = true;
break;
}
}
catch (Exception ex)
{
hasError = true;
Error = "Exception when running job: " + ex.Message;
}
if (hasError)
{
var o = new PatrOwlFinding();
o.issue_id = 0;
o.timestamp = DateTime.Now;
o.target = new PatrOwlFindingTarget();
o.target.addr = new List <string>()
{
t.value
};
o.type = "pingcastle";
o.confidence = PatrOwlFindingConfidenceEnum.certain;
o.PingCastleTitle = "An error occured while running the scan";
o.PingCastleTechnicalExplanation = "The error is:\r\n" + Error;
o.solution = "We recommand to check the settings defined in the scan and if the scanner can reach the domain it has been asked to scan";
o.title = "An error occured while running the scan";
o.severity = PatrOwlFindingSeverityEnum.critical;
if (errors == null)
{
errors = new List <PatrOwlFinding>();
}
errors.Add(o);
}
}
Status = PatrOwlOuputStatus.FINISHED;
try
{
SendAndReceiveCommand(GenerateNewCommand("shutdown"));
}
catch (Exception)
{
}
Stop();
}
