/// <summary> /// This is the nessusAddEntry method. /// It is used to add an Nessus finding to the Record. /// </summary> /// <param name="pluginId">the pluginID of the nessus finding</param> /// <param name="ip">the host name of the nessus finding</param> /// <param name="entry">the whole nessus dataentry finding</param> public void nessusAddEntry(DataEntry entry) { int pluginId = int.Parse(((NessusDataEntry)entry).getPluginID()); string ip = entry.getIp(); Dictionary <int, DataEntry> targetDictionary = null; List <DataEntry> targetDictionaryRaw = null; // Find which Dictionary the entry to be stored switch (entry.getRiskFactor()) { case RiskFactor.HIGH: targetDictionary = highRisk; targetDictionaryRaw = highRiskRaw; break; case RiskFactor.MEDIUM: targetDictionary = mediumRisk; targetDictionaryRaw = mediumRiskRaw; break; case RiskFactor.LOW: targetDictionary = lowRisk; targetDictionaryRaw = lowRiskRaw; break; case RiskFactor.NONE: targetDictionary = noneRisk; targetDictionaryRaw = noneRiskRaw; break; case RiskFactor.OPEN: targetDictionary = openPort; targetDictionaryRaw = openPortRaw; break; default: targetDictionary = checkNA; targetDictionaryRaw = checkNARaw; break; } // return if entry is with unknow RiskFactor if (targetDictionary == null) { return; } string fileName = entry.getFileName(); if (!fileNameRaw.ContainsKey(DataEntry.EntryType.NESSUS)) { fileNameRaw.Add(DataEntry.EntryType.NESSUS, new List <string>()); } if (!fileNameRaw[DataEntry.EntryType.NESSUS].Contains(fileName)) { fileNameRaw[DataEntry.EntryType.NESSUS].Add(fileName); } targetDictionaryRaw.Add(entry.deepCopy()); if (!openPortTableItem.ContainsKey(ip)) { openPortTableItem[ip] = new OpenPortTableItemData(); } openPortTableItem[ip].addNessusOpenPort(((NessusDataEntry)entry).getPort(), ((NessusDataEntry)entry).getProtocol()); // Change risk stat riskStats.addHost(ip, entry.getRiskFactor()); // Add ReportItem entry to the dictionary (for an non-openPort finding) if (entry.getRiskFactor() != RiskFactor.OPEN) { if (targetDictionary.ContainsKey((int)pluginId)) { //String p_w_p = entry.getportwithprotocol(); //@@@@@System.Windows.Forms.MessageBox.Show(entry.getIpList().IndexOf(ip.Substring(0, ip.Length)).ToString() + "))" + ip + ">>" + ip.Substring(0, ip.IndexOf("("))); //Plan 3targetDictionary[pluginId].addIp(ip, entry.getportwithprotocol()[entry.getIpList().IndexOf(ip.Substring(0,ip.IndexOf("(")))]); //@@@@@ //Plan 2 targetDictionary[pluginId].addIp(ip, entry.getportwithprotocol(), entry.getpluginoutput_findingdetail()); } else { targetDictionary[pluginId] = entry; //plan 2 //targetDictionary[pluginId].combine_ip_with_corresponding_port(); } } // Add Open Port finding to dictionary else { //entry.combine_ip_with_corresponding_port(); // bool isDuplicate = false; // foreach (KeyValuePair<int, DataEntry> keyValuePair in targetDictionary) // { // DataEntry tempEntry = keyValuePair.Value; // List<String> ipList = tempEntry.getIpList(); // foreach (String host in ipList) // { // // merging of open port finding if host exist in open port findings // if (host == entry.getIp()) // { // if (!tempEntry.getDescription().Contains(entry.getDescription())) // { // tempEntry.setDescription(tempEntry.getDescription() + ", " + entry.getDescription()); // } // isDuplicate = true; // break; // } // } // if (isDuplicate) // { // break; // } // } // // If the current entry is not an Duplicate entry // if (!isDuplicate) // { // // Add it to the OpenPort findings // targetDictionary.Add(targetDictionary.Count, entry); // } } }
/// <summary> /// This is the isDuplicate method. /// </summary> /// <param name="risk">high/medium/low/none/openport risk findings</param> /// <param name="entry">the DataEntry</param> /// <returns>true if the entry is already found from the risk findings.</returns> private bool isDuplicate(Dictionary <int, DataEntry> risk, DataEntry entry) { foreach (KeyValuePair <int, DataEntry> keyValuePair in risk) { DataEntry tempEntry = keyValuePair.Value; if (entry.getRiskFactor() != RiskFactor.OPEN) { if (tempEntry.getIp() == entry.getIp() && tempEntry.getPluginName() == entry.getPluginName() && tempEntry.getDescription() == entry.getDescription() && tempEntry.getReferenceLink() == entry.getReferenceLink()) { return(true); } else if (tempEntry.getPluginName() == entry.getPluginName() && tempEntry.getDescription() == entry.getDescription() && tempEntry.getReferenceLink() == entry.getReferenceLink()) { List <String> ips = entry.getIpList(); //Plan3 List<String> port_with_protocols = entry.getportwithprotocol(); String port_with_protocols = entry.getportwithprotocol(); foreach (String ip in ips) { tempEntry.addIp(ip, port_with_protocols, entry.getpluginoutput_findingdetail()); //@@@@@ } return(true); } } else { if (tempEntry.getRiskFactor() != RiskFactor.OPEN) { return(false); } else { List <String> ips = tempEntry.getIpList(); foreach (String ip in ips) { if (ip == entry.getIp()) { String tempDescription = tempEntry.getDescription(); String[] tempSplitter = { ", " }; String[] descriptionList = entry.getDescription().Split(tempSplitter, StringSplitOptions.None); foreach (String description in descriptionList) { if (!tempDescription.Contains(description)) { tempDescription += ", " + description; } } tempEntry.setDescription(tempDescription); return(true); } } } } } return(false); }