private String[] buildNmapStringArray(DataEntry entry) { String[] stringArray = new String[12]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected stringArray[1] = entry.getIp(); // Description stringArray[2] = entry.getDescription(); stringArray[3] = RiskFactorFunction.getEnumString(entry.getRiskFactor()); stringArray[4] = entry.getFileName(); stringArray[5] = entry.getEntryTypeString(); stringArray[6] = ((NmapDataEntry)entry).getOS(); stringArray[7] = ((NmapDataEntry)entry).getOSDetail(); stringArray[8] = ((NmapDataEntry)entry).getOpenPortListString(); stringArray[9] = ((NmapDataEntry)entry).getClosedPortListString(); stringArray[10] = ((NmapDataEntry)entry).getFilteredPortListString(); stringArray[11] = ((NmapDataEntry)entry).getUnknownPortListString(); return(stringArray); }
public void guiInsertUpdateRecordToDatabase(DataEntry entry, int oldId) { int revisionNo = getRevisionNo(oldId); // Create sqlite_conn = new SQLiteConnection("Data source=" + path + ";Version=3;New=True;Compress=True;"); // Open sqlite_conn.Open(); // Create command sqlite_cmd = sqlite_conn.CreateCommand(); String pluginName = addSlash(entry.getPluginName()); String ipList = addSlash(entry.getIp()); String description = addSlash(entry.getDescription()); String impact = addSlash(entry.getImpact()); String riskFactor = addSlash(RiskFactorFunction.getEnumString(entry.getRiskFactor())); String recommendation = addSlash(entry.getRecommendation()); String bidList = addSlash(entry.getBid()); String cveList = addSlash(entry.getCve()); String osvdbList = addSlash(entry.getOsvdb()); String referenceLink = addSlash(entry.getReferenceLink()); sqlite_cmd.CommandText = "INSERT INTO Record (" + "id," + "originalId," + "pluginName," + "ipList," + "description," + "impact," + "riskfactor," + "recommendation," + "bidlist," + "cvelist," + "osvdblist," + "referenceLink," + "revisionNo" + ")" + "VALUES (" + "NULL," + // pluginId (null means auto increment) "'" + oldId + "'," + // originalId "'" + pluginName + "'," + // pluginName "'" + ipList + "'," + // ipList "'" + description + "'," + // description "'" + impact + "'," + // impact "'" + riskFactor + "'," + // riskfactor "'" + recommendation + "'," + // recommendation "'" + bidList + "'," + // bidlist "'" + cveList + "'," + // cvelist "'" + osvdbList + "'," + // osvdblist "'" + referenceLink + "'," + // referenceLink "'" + revisionNo + "'" + // revisionNo ");"; // execute the command sqlite_cmd.ExecuteNonQuery(); sqlite_conn.Close(); }
private String[] buildMbsaStringArray(DataEntry entry) { String[] stringArray = new String[35]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected stringArray[1] = entry.getIp(); // Description stringArray[2] = entry.getDescription(); // Impact stringArray[3] = entry.getImpact(); // Risk Level stringArray[4] = RiskFactorFunction.getEnumString(entry.getRiskFactor()); // Recommendations stringArray[5] = entry.getRecommendation(); stringArray[6] = entry.getBid(); stringArray[7] = entry.getCve(); stringArray[8] = entry.getOsvdb(); stringArray[9] = entry.getReferenceLink(); stringArray[10] = entry.getFileName(); stringArray[11] = entry.getEntryTypeString(); stringArray[12] = ((MBSADataEntry)entry).getCheckID(); stringArray[13] = ((MBSADataEntry)entry).getCheckGrade(); stringArray[14] = ((MBSADataEntry)entry).getCheckType(); stringArray[15] = ((MBSADataEntry)entry).getCheckCat(); stringArray[16] = ((MBSADataEntry)entry).getCheckRank(); stringArray[17] = ((MBSADataEntry)entry).getCheckName(); stringArray[18] = ((MBSADataEntry)entry).getCheckURL1(); stringArray[19] = ((MBSADataEntry)entry).getCheckURL2(); stringArray[20] = ((MBSADataEntry)entry).getCheckGroupID(); stringArray[21] = ((MBSADataEntry)entry).getCheckGroupName(); stringArray[22] = ((MBSADataEntry)entry).getDetailText(); stringArray[23] = ((MBSADataEntry)entry).getUpdateDataIsInstalled(); stringArray[24] = ((MBSADataEntry)entry).getUpdateDataRestartRequired(); stringArray[25] = ((MBSADataEntry)entry).getUpdateDataID(); stringArray[26] = ((MBSADataEntry)entry).getUpdateDataGUID(); stringArray[27] = ((MBSADataEntry)entry).getUpdateDataBulletinID(); stringArray[28] = ((MBSADataEntry)entry).getUpdateDataKBID(); stringArray[29] = ((MBSADataEntry)entry).getUpdateDataType(); stringArray[30] = ((MBSADataEntry)entry).getUpdateDataInformationURL(); stringArray[31] = ((MBSADataEntry)entry).getUpdateDataDownloadURL(); stringArray[32] = ((MBSADataEntry)entry).getSeverityString(); stringArray[33] = ((MBSADataEntry)entry).getTableHeaderString(); stringArray[34] = ((MBSADataEntry)entry).getTableRowDataString(); return(stringArray); }
private String[] buildStringArray(DataEntry entry, RiskFactor riskFactor) { String[] stringArray = new String[9]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected String tempString = ""; foreach (String ip in entry.getIpList()) { tempString += ip + '\n'; } stringArray[1] = tempString.Substring(0, tempString.Length - 1); // Description stringArray[2] = entry.getDescription(); // Impact stringArray[3] = entry.getImpact(); // Risk Level stringArray[4] = RiskFactorFunction.getEnumString(riskFactor); // Recommendations stringArray[5] = entry.getRecommendation(); // Reference // CVE tempString = "N/A"; if (entry.getCve() != null) { tempString = entry.getCve(); } stringArray[6] = tempString; // BID tempString = "N/A"; if (entry.getBid() != null) { tempString = entry.getBid(); } stringArray[7] = tempString; // OSVDB tempString = "N/A"; if (entry.getOsvdb() != null) { tempString = entry.getOsvdb(); } stringArray[8] = tempString; return(stringArray); }
/// <summary> /// This is the buildStringArray method. /// It is used to build an array of String from given entry and riskFactor. /// </summary> /// <param name="entry">the DataEntry being transformed to a string array</param> /// <param name="riskFactor">the RiskFactor of the entry</param> /// <returns>a string array being transformed to a xlsx row</returns> private String[] buildStringArray(DataEntry entry, RiskFactor riskFactor) { String[] stringArray = new String[10]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected stringArray[1] = entry.getIp(); // Description stringArray[2] = entry.getDescription(); // Impact stringArray[3] = entry.getImpact(); // Risk Level stringArray[4] = RiskFactorFunction.getEnumString(riskFactor); // Recommendations stringArray[5] = entry.getRecommendation(); // Reference // CVE String tempString = "N/A"; if (entry.getCve() != null) { tempString = entry.getCve(); } stringArray[6] = tempString; // BID tempString = "N/A"; if (entry.getBid() != null) { tempString = entry.getBid(); } stringArray[7] = tempString; // OSVDB tempString = "N/A"; if (entry.getOsvdb() != null) { tempString = entry.getOsvdb(); } stringArray[8] = tempString; // Reference Link stringArray[9] = entry.getReferenceLink(); return(stringArray); }
private String[] buildNessusStringArray(DataEntry entry) { String[] stringArray = new String[26]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected stringArray[1] = entry.getIp(); // Description stringArray[2] = entry.getDescription(); // Impact stringArray[3] = entry.getImpact(); // Risk Level stringArray[4] = RiskFactorFunction.getEnumString(entry.getRiskFactor()); // Recommendations stringArray[5] = entry.getRecommendation(); stringArray[6] = entry.getBid(); stringArray[7] = entry.getCve(); stringArray[8] = entry.getOsvdb(); stringArray[9] = entry.getReferenceLink(); stringArray[10] = entry.getFileName(); stringArray[11] = entry.getEntryTypeString(); stringArray[12] = ((NessusDataEntry)entry).getPort(); stringArray[13] = ((NessusDataEntry)entry).getProtocol(); stringArray[14] = ((NessusDataEntry)entry).getSvc_name(); stringArray[15] = ((NessusDataEntry)entry).getPluginFamily(); stringArray[16] = ((NessusDataEntry)entry).getPlugin_publication_date(); stringArray[17] = ((NessusDataEntry)entry).getPlugin_modification_date(); stringArray[18] = ((NessusDataEntry)entry).getCvss_vector(); stringArray[19] = ((NessusDataEntry)entry).getCvss_base_score(); stringArray[20] = ((NessusDataEntry)entry).getPlugin_output(); stringArray[21] = ((NessusDataEntry)entry).getPlugin_version(); stringArray[22] = ((NessusDataEntry)entry).getSee_also(); stringArray[23] = ((NessusDataEntry)entry).getPluginID(); stringArray[24] = ((NessusDataEntry)entry).getMicrosoftID(); stringArray[25] = ((NessusDataEntry)entry).getSeverityString(); return(stringArray); }
private void insertRecordToDatabase(DataEntry entry) { String pluginName = addSlash(entry.getPluginName()); String ipList = addSlash(entry.getIp()); String description = addSlash(entry.getDescription()); String impact = addSlash(entry.getImpact()); String riskFactor = addSlash(RiskFactorFunction.getEnumString(entry.getRiskFactor())); String recommendation = addSlash(entry.getRecommendation()); String bidList = addSlash(entry.getBid()); String cveList = addSlash(entry.getCve()); String osvdbList = addSlash(entry.getOsvdb()); String referenceLink = addSlash(entry.getReferenceLink()); sqlite_cmd.CommandText = "INSERT INTO Record (" + "id," + "originalId," + "pluginName," + "ipList," + "description," + "impact," + "riskfactor," + "recommendation," + "bidlist," + "cvelist," + "osvdblist," + "revisionNo" + ")" + "VALUES (" + "NULL," + // pluginId (null means auto increment) "'" + originalId + "'," + // originalId "'" + pluginName + "'," + // pluginName "'" + ipList + "'," + // ipList "'" + description + "'," + // description "'" + impact + "'," + // impact "'" + riskFactor + "'," + // riskfactor "'" + recommendation + "'," + // recommendation "'" + bidList + "'," + // bidlist "'" + cveList + "'," + // cvelist "'" + osvdbList + "'," + // osvdblist "'" + "1" + "'" + // revisionNo ");"; originalId++; // execute the command sqlite_cmd.ExecuteNonQuery(); }
private String[] buildAcunetixStringArray(DataEntry entry, RiskFactor riskFactor, AffectedItem item) { String[] stringArray = new String[23]; // Plugin Name stringArray[0] = entry.getPluginName(); // Hosts Affected stringArray[1] = entry.getIp(); // Description stringArray[2] = entry.getDescription(); // Impact stringArray[3] = entry.getImpact(); // Risk Level stringArray[4] = RiskFactorFunction.getEnumString(riskFactor); // Recommendations stringArray[5] = entry.getRecommendation(); stringArray[6] = entry.getFileName(); stringArray[7] = ((AcunetixDataEntry)entry).getSubDomain(); stringArray[8] = item.getSubDirectory(); stringArray[9] = item.getDepartment(); stringArray[10] = item.getName(); stringArray[11] = item.getLink(); stringArray[12] = item.getDetail(); stringArray[13] = item.getRequest(); stringArray[14] = item.getResponse(); stringArray[15] = ((AcunetixDataEntry)entry).getModuleName(); stringArray[16] = ((AcunetixDataEntry)entry).getIsFalsePositive(); stringArray[17] = ((AcunetixDataEntry)entry).getAOP_SourceFile(); stringArray[18] = ((AcunetixDataEntry)entry).getAOP_SourceLine(); stringArray[19] = ((AcunetixDataEntry)entry).getAOP_Additional(); stringArray[20] = ((AcunetixDataEntry)entry).getDetailedInformation(); stringArray[21] = ((AcunetixDataEntry)entry).getAcunetixType(); stringArray[22] = ((AcunetixDataEntry)entry).getAcunetixReferenceListString(); return(stringArray); }
private void createNextKeyRow() { table.Clear(); DataRow row; String key = duplicateRecord.Keys.First(); tempEntryList = new List <DataEntry>(); foreach (DataEntry rawEntry in duplicateRecord[key]) { int dbid = Program.state.panelRecordEdit_recordDatabaser.getDBID(rawEntry); if (dbid == -1) { //error break; } DataEntry entry = Program.state.panelRecordEdit_recordDatabaser.getEntryFromDatabaseId(dbid); row = table.NewRow(); String MicrosoftID = key.Substring(0, key.IndexOf('@')); row["Microsoft ID"] = MicrosoftID; row["Plugin Name"] = entry.getPluginName(); row["Host Affected"] = entry.getIp(); row["Description"] = entry.getDescription(); row["Impact"] = entry.getImpact(); row["Risk Level"] = RiskFactorFunction.getEnumString(entry.getRiskFactor()); row["Recommendation"] = entry.getRecommendation(); row["Reference (CVE)"] = entry.getCve(); row["Reference (BID)"] = entry.getBid(); row["Reference (OSVDB)"] = entry.getOsvdb(); row["Reference Link"] = entry.getReferenceLink(); row["Entry Type"] = entry.getEntryTypeString(); table.Rows.Add(row); tempEntryList.Add(entry); } duplicateRecord.Remove(key); }
/* * This is the buildTable method. * It is used to create the table from given entry and riskFactor. */ private Dictionary <KeyValuePair <int, int>, String> buildTable(DataEntry entry, RiskFactor riskFactor) { Dictionary <KeyValuePair <int, int>, String> table = new Dictionary <KeyValuePair <int, int>, string>(); // Hosts Affected table[new KeyValuePair <int, int>(1, 1)] = "Hosts Affected:"; String tempString = ""; foreach (String ip in entry.getIpList()) { tempString += ip + '\n'; } table[new KeyValuePair <int, int>(1, 2)] = tempString.Substring(0, tempString.Length - 1); // Description table[new KeyValuePair <int, int>(2, 1)] = "Description"; table[new KeyValuePair <int, int>(2, 2)] = entry.getDescription(); // Impact table[new KeyValuePair <int, int>(3, 1)] = "Impact:"; table[new KeyValuePair <int, int>(3, 2)] = entry.getImpact(); // Risk Level table[new KeyValuePair <int, int>(4, 1)] = "Risk Level:"; table[new KeyValuePair <int, int>(4, 2)] = RiskFactorFunction.getEnumString(riskFactor); // Recommendations table[new KeyValuePair <int, int>(5, 1)] = "Recommendation:"; table[new KeyValuePair <int, int>(5, 2)] = entry.getRecommendation(); // Reference bool hasRef = false; table[new KeyValuePair <int, int>(6, 1)] = "Reference:"; tempString = ""; // CVE if (entry.getCve() != null) { hasRef = true; tempString = "CVE: " + entry.getCve() + "\n"; } // BID if (entry.getBid() != null) { hasRef = true; tempString += "BID: " + entry.getBid() + "\n"; } // OSVDB if (entry.getOsvdb() != null) { hasRef = true; tempString += "OSVDB: " + entry.getOsvdb(); } if (!hasRef) { tempString = "N/A"; } table[new KeyValuePair <int, int>(6, 2)] = tempString; return(table); }
private String getOutput(ref Record.Record record) { Dictionary <int, DataEntry> highRisk = record.getHighRisk(); Dictionary <int, DataEntry> mediumRisk = record.getMediumRisk(); Dictionary <int, DataEntry> lowRisk = record.getLowRisk(); Dictionary <int, DataEntry> noneRisk = record.getNoneRisk(); Dictionary <int, DataEntry> openPort = record.getOpenPort(); RiskStats riskStats = record.getRiskStats(); StringBuilder sb = new StringBuilder(); sb.Append("<DIV>" + "\n"); sb.Append("<H4>Risk Statistics</H4>" + "\n"); sb.Append("<br>High Risk: " + highRisk.Count + "\n"); sb.Append("<br>Medium Risk: " + mediumRisk.Count + "\n"); sb.Append("<br>Low Risk: " + lowRisk.Count + "\n"); sb.Append("<br>None Risk: " + noneRisk.Count + "\n"); sb.Append("<br>Open Port: " + openPort.Count + "\n"); sb.Append("</DIV>" + "\n"); // Per host statistics sb.Append("<DIV>" + "\n"); sb.Append("<H4>Risk Statistics</H4>" + "\n"); foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats()) { sb.Append("<br/>"); sb.Append(HTMLOutputFormater.forHTML(entry.Key)); sb.Append(":\t"); Dictionary <RiskFactor, int> hostRisks = entry.Value; foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks) { if (hostRisk.Key != RiskFactor.NULL) { sb.Append(HTMLOutputFormater.forHTML(RiskFactorFunction.getEnumString(hostRisk.Key) + " : ")); sb.Append(HTMLOutputFormater.forHTML(hostRisk.Value.ToString()) + '\t'); } } } sb.Append("</DIV>" + "\n"); // High Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>High Risk Findings</H4>" + "\n"); foreach (KeyValuePair <int, DataEntry> entry in highRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry.Value, RiskFactor.HIGH)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // Medium Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>Medium Risk Findings</H4>" + "\n"); foreach (KeyValuePair <int, DataEntry> entry in mediumRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry.Value, RiskFactor.MEDIUM)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // Low Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>Low Risk Findings</H4>" + "\n"); foreach (KeyValuePair <int, DataEntry> entry in lowRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry.Value, RiskFactor.LOW)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // None Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>None Risk Findings</H4>" + "\n"); foreach (KeyValuePair <int, DataEntry> entry in noneRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry.Value, RiskFactor.NONE)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // Open Ports sb.Append("<DIV>" + "\n"); sb.Append("<H4>Open Ports Findings</H4>" + "\n"); foreach (KeyValuePair <int, DataEntry> entry in openPort) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry.Value, RiskFactor.OPEN)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); return(sb.ToString()); }
private String getDataEntryHTML(DataEntry entry, RiskFactor riskFactor) { String HTML_TABLE_START = "<table border=\"1\">"; String HTML_TABLE_END = "</table>\n"; StringBuilder sb = new StringBuilder(); sb.Append("<H5>" + HTMLOutputFormater.forHTML(entry.getPluginName()) + "</H5>"); sb.Append(HTML_TABLE_START); sb.Append("\n"); // Hosts Affected sb.Append("<TR>\n"); sb.Append("<TD>Hosts Affected:</TD>\n"); sb.Append("<TD>"); foreach (String ip in entry.getIpList()) { sb.Append(ip + "<br/>"); } sb.Remove(sb.Length - 5, 5); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Description sb.Append("<TR>\n"); sb.Append("<TD>Description:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getDescription()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Impact sb.Append("<TR>\n"); sb.Append("<TD>Impact:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getImpact()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Risk Level sb.Append("<TR>\n"); sb.Append("<TD>Risk Level: </TD>\n"); sb.Append("<TD>"); sb.Append(RiskFactorFunction.getEnumString(riskFactor)); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Recommendations sb.Append("<TR>\n"); sb.Append("<TD>Recommendation:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getRecommendation()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Reference bool hasRef = false; sb.Append("<TR>\n"); sb.Append("<TD>Reference:</TD>\n"); sb.Append("<TD>"); // CVE if (entry.getCve() != null) { hasRef = true; sb.Append("CVE: "); sb.Append(HTMLOutputFormater.forHTML(entry.getCve())); sb.Append("<br/>"); } // BID if (entry.getBid() != null) { hasRef = true; sb.Append("BID: "); sb.Append(HTMLOutputFormater.forHTML(entry.getBid())); sb.Append("<br/>"); } // OSVDB if (entry.getOsvdb() != null) { hasRef = true; sb.Append("OSVDB: "); sb.Append(HTMLOutputFormater.forHTML(entry.getOsvdb())); sb.Append("<br/>"); } if (hasRef) { sb.Remove(sb.Length - 5, 5); } else { sb.Append("N/A"); } sb.Append("</TD>\n"); sb.Append("</TR>\n"); sb.Append(HTML_TABLE_END); return(sb.ToString()); }
public override void output(string path, ref Record.Record record) { Dictionary <int, DataEntry> highRisk = record.getHighRisk(); Dictionary <int, DataEntry> mediumRisk = record.getMediumRisk(); Dictionary <int, DataEntry> lowRisk = record.getLowRisk(); Dictionary <int, DataEntry> noneRisk = record.getNoneRisk(); Dictionary <int, DataEntry> openPort = record.getOpenPort(); RiskStats riskStats = record.getRiskStats(); using (WordprocessingDocument wordDoc = WordprocessingDocument.Create(path, WordprocessingDocumentType.Document)) { MainDocumentPart mainDocumentPart = wordDoc.AddMainDocumentPart(); Document document = new Document(); Body body = new Body(); document.Append(body); mainDocumentPart.Document = document; // start output addParagraph(body, "Risk Statistics", true, 5, false, false); addParagraph(body, "High Risk: " + highRisk.Count, false, 2, false, false); addParagraph(body, "Medium Risk: " + mediumRisk.Count, false, 2, false, false); addParagraph(body, "Low Risk: " + lowRisk.Count, false, 2, false, false); addParagraph(body, "None Risk: " + noneRisk.Count, false, 2, false, false); addParagraph(body, "Open Port: " + openPort.Count, false, 2, false, false); // Per host statistics addParagraph(body, "Risk Statistics", true, 5, true, false); foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats()) { String tempString = entry.Key; Dictionary <RiskFactor, int> hostRisks = entry.Value; foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks) { if (hostRisk.Key != RiskFactor.NULL) { tempString += " " + RiskFactorFunction.getEnumString(hostRisk.Key) + ": " + hostRisk.Value.ToString(); } } addParagraph(body, tempString, false, 0, false, false); } // High Risks addParagraph(body, "High Risk Findings\n", true, 2, true, false); foreach (KeyValuePair <int, DataEntry> entry in highRisk) { addParagraph(body, entry.Value.getPluginName(), true, 0, true, false); addTable(body, buildTable(entry.Value, RiskFactor.HIGH)); } // Medium Risks addParagraph(body, "Medium Risk Findings\n", true, 2, true, false); foreach (KeyValuePair <int, DataEntry> entry in mediumRisk) { addParagraph(body, entry.Value.getPluginName(), true, 0, true, false); addTable(body, buildTable(entry.Value, RiskFactor.MEDIUM)); } // Low Risks addParagraph(body, "Low Risk Findings\n", true, 2, true, false); foreach (KeyValuePair <int, DataEntry> entry in lowRisk) { addParagraph(body, entry.Value.getPluginName(), true, 0, true, false); addTable(body, buildTable(entry.Value, RiskFactor.LOW)); } // None Risks addParagraph(body, "None Risk Findings\n", true, 2, true, false); foreach (KeyValuePair <int, DataEntry> entry in noneRisk) { addParagraph(body, entry.Value.getPluginName(), true, 0, true, false); addTable(body, buildTable(entry.Value, RiskFactor.NONE)); } // Open Ports addParagraph(body, "Open Ports Findings\n", true, 2, true, false); foreach (KeyValuePair <int, DataEntry> entry in openPort) { addParagraph(body, entry.Value.getPluginName(), true, 0, true, false); addTable(body, buildTable(entry.Value, RiskFactor.OPEN)); } } }
/// <summary> /// This is the output method. /// It is used to output the file from given path and also given Record. /// </summary> /// <param name="path">the file path for output</param> /// <param name="record">the Record for output</param> public override void output(string path, ref Record.Record record) { #region // get Useful Data List <DataEntry> highRisk = record.getHighRiskEntriesWithoutHotfix(); List <DataEntry> mediumRisk = record.getMediumRiskEntriesWithoutHotfix(); List <DataEntry> lowRisk = record.getLowRiskEntriesWithoutHotfix(); List <DataEntry> noneRisk = record.getNoneRiskEntriesWithoutHotfix(); Dictionary <int, DataEntry> openPort = new Dictionary <int, DataEntry>(); if (Program.state.panelOutputSelect_isOutputOpenPort) { openPort = record.getOpenPort(); } List <DataEntry> tempEntries = record.getWholeEntriesWithoutOpenPortAndHotfix(); Record.Record tempRecord = new Record.Record(); foreach (DataEntry entry in tempEntries) { tempRecord.guiAddEntry(entry); } if (Program.state.panelOutputSelect_isOutputOpenPort) { foreach (DataEntry entry in openPort.Values) { tempRecord.guiAddEntry(entry); } } RiskStats riskStats = tempRecord.getRiskStats(); #endregion using (WordprocessingDocument wordDoc = WordprocessingDocument.Create(path, WordprocessingDocumentType.Document)) { MainDocumentPart mainDocumentPart = wordDoc.AddMainDocumentPart(); styleDefinitionsPart = wordDoc.MainDocumentPart.StyleDefinitionsPart; // If the Styles part does not exist, add it and then add the style. if (styleDefinitionsPart == null) { styleDefinitionsPart = AddStylesPartToPackage(wordDoc); // Code removed here... } AddNewStyle(styleDefinitionsPart, "entry_heading", "Entry_heading"); Document document = new Document(); Body body = new Body(); document.Append(body); mainDocumentPart.Document = document; #region // print Risk Statistics // start output addParagraph(body, "Risk Statistics", true, 5, false, false); addParagraph(body, "High Risk: " + highRisk.Count, false, 2, false, false); addParagraph(body, "Medium Risk: " + mediumRisk.Count, false, 2, false, false); addParagraph(body, "Low Risk: " + lowRisk.Count, false, 2, false, false); addParagraph(body, "None Risk: " + noneRisk.Count, false, 2, false, false); if (Program.state.panelOutputSelect_isOutputOpenPort) { addParagraph(body, "Open Port: " + openPort.Count, false, 2, false, false); } #endregion #region // print Host Statistics // Per host statistics addParagraph(body, "Risk Statistics", true, 5, true, false); foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats()) { String tempString = entry.Key; Dictionary <RiskFactor, int> hostRisks = entry.Value; foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks) { if (hostRisk.Key != RiskFactor.NULL) { if (hostRisk.Key != RiskFactor.OPEN || (hostRisk.Key == RiskFactor.OPEN && Program.state.panelOutputSelect_isOutputOpenPort)) { tempString += " " + RiskFactorFunction.getEnumString(hostRisk.Key) + ": "; if (hostRisk.Key != RiskFactor.OPEN) { tempString += hostRisk.Value.ToString(); } else if (Program.state.panelOutputSelect_isOutputOpenPort) { bool isOutput = false; foreach (DataEntry tempEntry in openPort.Values) { if (tempEntry.getIp() == entry.Key) { tempString += tempEntry.getDescription().Split(',').Length.ToString(); isOutput = true; break; } } if (!isOutput) { tempString += "0"; } } } } } addParagraph(body, tempString, false, 0, false, false); } #endregion #region // print HIGH/MEDIUM/LOW/NONE Findings // High Risks addParagraph(body, "High Risk Findings\n", true, 2, true, false); foreach (DataEntry entry in highRisk) { addParagraph(body, entry.getPluginName(), true, 0, true, false, true); addTable(body, buildTable(entry, RiskFactor.HIGH)); } // Medium Risks addParagraph(body, "Medium Risk Findings\n", true, 2, true, false); foreach (DataEntry entry in mediumRisk) { addParagraph(body, entry.getPluginName(), true, 0, true, false, true); addTable(body, buildTable(entry, RiskFactor.MEDIUM)); } // Low Risks addParagraph(body, "Low Risk Findings\n", true, 2, true, false); foreach (DataEntry entry in lowRisk) { addParagraph(body, entry.getPluginName(), true, 0, true, false, true); addTable(body, buildTable(entry, RiskFactor.LOW)); } // None Risks addParagraph(body, "None Risk Findings\n", true, 2, true, false); foreach (DataEntry entry in noneRisk) { addParagraph(body, entry.getPluginName(), true, 0, true, false, true); addTable(body, buildTable(entry, RiskFactor.NONE)); } #endregion #region // print Missing Hotfix findings if (Program.state.panelOutputSelect_isOutputHotfix) { addParagraph(body, "Missing Hotfix Findings\n", true, 2, true, false); addTable(body, buildTableHotfix(new Hotfix(record))); } #endregion #region // print Open Port Findings // Open Ports if (Program.state.panelOutputSelect_isOutputOpenPort) { addParagraph(body, "Open Ports Findings\n", true, 2, true, false); addTable(body, buildTableOpenPort(openPort)); } #endregion #region // print IP Host Table // Open Ports if (Program.state.panelOutputSelect_isOutputIpHost) { addParagraph(body, "IP Host Table\n", true, 2, true, false); addTable(body, buildTableIpHost()); } #endregion } }
/// <summary> /// This is the FormEditFinding method. /// It is used to display the current Form and fill the dataGridView with /// given data. /// </summary> /// <param name="indexArray">list of indexes that selected from the dataGridView on the previous form</param> /// <param name="dataArray">data to fill the dataGridView on this form</param> public FormEditFinding(List <int> indexArray, List <DataEntry> dataArray) { bool haveNessus = false; bool haveMBSA = false; this.indexArray = indexArray; InitializeComponent(); //buttonApplyToAll.Hide(); List <String> tempIPListNew = new List <String>(); List <String> tempBidListNew = new List <String>(); List <String> tempCveListNew = new List <String>(); List <String> tempOsvdbListNew = new List <String>(); List <String> tempReferenceLinkListNew = new List <String>(); // fill cell values on dataGridView dataGridViewOld. foreach (DataEntry entry in dataArray) { int n = dataGridViewOld.Rows.Add(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINNAME].Value = entry.getPluginName(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IPLIST].Value = entry.getIp(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.DESCRIPTION].Value = entry.getDescription(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IMPACT].Value = entry.getImpact(); if (entry.getRiskFactor() == RiskFactor.OPEN) { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = "OpenPort"; } else { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = RiskFactorFunction.getEnumString(entry.getRiskFactor()); } dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RECOMMENDATION].Value = entry.getRecommendation(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.CVE].Value = entry.getCve(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.BID].Value = entry.getBid(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.OSVDB].Value = entry.getOsvdb(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.REFERENCELINK].Value = entry.getReferenceLink(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.ENTRYTYPE].Value = entry.getEntryTypeString(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINVERSION].Value = entry.getpluginversion(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINID].Value = entry.getpluginID(); //check whether it is NESSUS + MBSA if (entry.getEntryType() == DataEntry.EntryType.NESSUS) { haveNessus = true; } else if (entry.getEntryType() == DataEntry.EntryType.MBSA) { haveMBSA = true; } List <String> tempIpList = entry.getIpList(); foreach (string ip in tempIpList) { if (!String.IsNullOrEmpty(ip) && !tempIPListNew.Contains(ip)) { tempIPListNew.Add(ip); } } List <String> tempBidList = entry.getBidList(); foreach (string bid in tempBidList) { if (!String.IsNullOrEmpty(bid) && !tempBidListNew.Contains(bid)) { tempBidListNew.Add(bid); } } List <String> tempCveList = entry.getCveList(); foreach (string cve in tempCveList) { if (!String.IsNullOrEmpty(cve) && !tempCveListNew.Contains(cve)) { tempCveListNew.Add(cve); } } List <String> tempOsvdbList = entry.getOsvdbList(); foreach (string osvdb in tempOsvdbList) { if (!String.IsNullOrEmpty(osvdb) && !tempOsvdbListNew.Contains(osvdb)) { tempOsvdbListNew.Add(osvdb); } } String tempReferenceLink = entry.getReferenceLink(); if (!String.IsNullOrEmpty(tempReferenceLink) && !tempReferenceLinkListNew.Contains(tempReferenceLink)) { tempReferenceLinkListNew.Add(tempReferenceLink); } } String ips = ""; foreach (String ip in tempIPListNew) { ips += ip + ", "; } if (!String.IsNullOrEmpty(ips)) { ips = ips.Substring(0, ips.Length - 2); } String bids = ""; foreach (String bid in tempBidListNew) { bids += bid + ", "; } if (!String.IsNullOrEmpty(bids)) { bids = bids.Substring(0, bids.Length - 2); } String cves = ""; foreach (String cve in tempCveListNew) { cves += cve + ", "; } if (!String.IsNullOrEmpty(cves)) { cves = cves.Substring(0, cves.Length - 2); } String osvdbs = ""; foreach (String osvdb in tempOsvdbListNew) { osvdbs += osvdb + ", "; } if (!String.IsNullOrEmpty(osvdbs)) { osvdbs = osvdbs.Substring(0, osvdbs.Length - 2); } String referenceLinks = ""; foreach (String referenceLink in tempReferenceLinkListNew) { referenceLinks += referenceLink + ", "; } if (!String.IsNullOrEmpty(referenceLinks)) { referenceLinks = referenceLinks.Substring(0, referenceLinks.Length - 2); } // fill cell values on dataGridView dataGridViewNew. int no = dataGridViewNew.Rows.Add(); for (int i = 0; i < (int)ColumnIndex.MAX; i++) { if (i == (int)ColumnIndex.IPLIST) { dataGridViewNew.Rows[no].Cells[i].Value = ips; continue; } if (i == (int)ColumnIndex.BID) { dataGridViewNew.Rows[no].Cells[i].Value = bids; continue; } if (i == (int)ColumnIndex.CVE) { dataGridViewNew.Rows[no].Cells[i].Value = cves; continue; } if (i == (int)ColumnIndex.OSVDB) { dataGridViewNew.Rows[no].Cells[i].Value = osvdbs; continue; } if (i == (int)ColumnIndex.REFERENCELINK) { dataGridViewNew.Rows[no].Cells[i].Value = referenceLinks; continue; } if (i == (int)ColumnIndex.ENTRYTYPE) { if (haveNessus && haveMBSA) { dataGridViewNew.Rows[no].Cells[i].Value = DataEntry.getEntryTypeString(DataEntry.EntryType.MBSA_NESSUS); continue; } } dataGridViewNew.Rows[no].Cells[i].Value = dataGridViewOld.Rows[0].Cells[i].Value; if (dataGridViewNew.Rows[no].Cells[i].Value.ToString() == "") { for (int j = 1; j < dataGridViewOld.Rows.Count; j++) { dataGridViewNew.Rows[no].Cells[i].Value = dataGridViewOld.Rows[j].Cells[i].Value; if (dataGridViewNew.Rows[no].Cells[i].Value.ToString() != "") { break; } } } } this.TopMost = true; this.TopMost = false; }
/// <summary> /// This is the getDataEntryHTML method. /// It is used to create a string for HTML output from given entry and /// RiskFactor. /// </summary> /// <param name="entry">the DataEntry being transformed to HTML text string</param> /// <param name="riskFactor">riskFactor of that entry</param> /// <returns>a HTML string text for that entry</returns> private String getDataEntryHTML(DataEntry entry, RiskFactor riskFactor) { StringBuilder sb = new StringBuilder(); sb.Append("<H5>" + HTMLOutputFormater.forHTML(entry.getPluginName()) + "</H5>"); sb.Append(HTML_TABLE_START); sb.Append("\n"); // Hosts Affected sb.Append("<TR>\n"); sb.Append("<TD>Hosts Affected:</TD>\n"); sb.Append("<TD>"); sb.Append(entry.getIp()); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Description sb.Append("<TR>\n"); sb.Append("<TD>Description:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getDescription()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Impact sb.Append("<TR>\n"); sb.Append("<TD>Impact:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getImpact()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Risk Level sb.Append("<TR>\n"); sb.Append("<TD>Risk Level: </TD>\n"); sb.Append("<TD>"); sb.Append(RiskFactorFunction.getEnumString(riskFactor)); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Recommendations sb.Append("<TR>\n"); sb.Append("<TD>Recommendation:</TD>\n"); sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getRecommendation()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Reference bool hasRef = false; sb.Append("<TR>\n"); sb.Append("<TD>Reference:</TD>\n"); sb.Append("<TD>"); // CVE/BID/OSVDB if (!String.IsNullOrEmpty(entry.getCve()) || !String.IsNullOrEmpty(entry.getBid()) || !String.IsNullOrEmpty(entry.getOsvdb())) { // CVE if (!String.IsNullOrEmpty(entry.getCve())) { hasRef = true; sb.Append("CVE: "); sb.Append(HTMLOutputFormater.forHTML(entry.getCve())); sb.Append("<br/>"); } // BID if (!String.IsNullOrEmpty(entry.getBid())) { hasRef = true; sb.Append("BID: "); sb.Append(HTMLOutputFormater.forHTML(entry.getBid())); sb.Append("<br/>"); } // OSVDB if (!String.IsNullOrEmpty(entry.getOsvdb())) { hasRef = true; sb.Append("OSVDB: "); sb.Append(HTMLOutputFormater.forHTML(entry.getOsvdb())); sb.Append("<br/>"); } } if (hasRef) { sb.Remove(sb.Length - 5, 5); } else { sb.Append("N/A"); } sb.Append("</TD>\n"); sb.Append("</TR>\n"); // Reference Link if (!String.IsNullOrEmpty(entry.getReferenceLink())) { sb.Append("<TR>\n"); sb.Append("<TD>Reference Link:</TD>\n"); sb.Append("<TD><a href=\""); sb.Append(HTMLOutputFormater.forHTML(entry.getReferenceLink()).Replace("\n", "<br/>")); sb.Append("\" target=\"_blank\" >" + HTMLOutputFormater.forHTML(entry.getReferenceLink()).Replace("\n", "<br/>") + "</a></TD>\n"); sb.Append("</TR>\n"); } sb.Append(HTML_TABLE_END); return(sb.ToString()); }
/// <summary> /// This is the buildTable method. /// It is used to build the table from given entry and riskFactor. /// </summary> /// <param name="entry">the DataEntry being transformed to a dictionary</param> /// <param name="riskFactor">the RiskFactor of the entry.</param> /// <returns>a dictionary with table's values</returns> private Dictionary <KeyValuePair <int, int>, String> buildTable(DataEntry entry, RiskFactor riskFactor) { Dictionary <KeyValuePair <int, int>, String> table = new Dictionary <KeyValuePair <int, int>, string>(); // Hosts Affected table[new KeyValuePair <int, int>(1, 1)] = "Hosts Affected:"; table[new KeyValuePair <int, int>(1, 2)] = entry.getIp(); // Description table[new KeyValuePair <int, int>(2, 1)] = "Description"; table[new KeyValuePair <int, int>(2, 2)] = entry.getDescription(); // Impact table[new KeyValuePair <int, int>(3, 1)] = "Impact:"; table[new KeyValuePair <int, int>(3, 2)] = entry.getImpact(); // Risk Level table[new KeyValuePair <int, int>(4, 1)] = "Risk Level:"; table[new KeyValuePair <int, int>(4, 2)] = RiskFactorFunction.getEnumString(riskFactor); // Recommendations table[new KeyValuePair <int, int>(5, 1)] = "Recommendation:"; table[new KeyValuePair <int, int>(5, 2)] = entry.getRecommendation(); // Reference table[new KeyValuePair <int, int>(6, 1)] = "Reference:"; // CVE/BID/OSVDB String tempString = ""; if (!String.IsNullOrEmpty(entry.getCve()) || !String.IsNullOrEmpty(entry.getBid()) || !String.IsNullOrEmpty(entry.getOsvdb())) { // CVE if (!String.IsNullOrEmpty(entry.getCve())) { tempString = "CVE: " + entry.getCve() + "\n"; } // BID if (!String.IsNullOrEmpty(entry.getBid())) { tempString += "BID: " + entry.getBid() + "\n"; } // OSVDB if (!String.IsNullOrEmpty(entry.getOsvdb())) { tempString += "OSVDB: " + entry.getOsvdb(); } } else { tempString = "N/A"; } table[new KeyValuePair <int, int>(6, 2)] = tempString; // Reference Link if (!String.IsNullOrEmpty(entry.getReferenceLink())) { table[new KeyValuePair <int, int>(7, 1)] = "Reference Link"; table[new KeyValuePair <int, int>(7, 2)] = entry.getReferenceLink(); } return(table); }
public Form4(List <int> indexArray, List <DataEntry> dataArray, int columnIndex) { this.indexArray = indexArray; this.columnIndex = columnIndex; InitializeComponent(); foreach (DataEntry entry in dataArray) { int n = dataGridViewOld.Rows.Add(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINNAME].Value = entry.getPluginName(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IPLIST].Value = entry.getIp(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.DESCRIPTION].Value = entry.getDescription(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IMPACT].Value = entry.getImpact(); if (entry.getRiskFactor() == RiskFactor.OPEN) { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = "OpenPort"; } else { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = RiskFactorFunction.getEnumString(entry.getRiskFactor()); } dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RECOMMENDATION].Value = entry.getRecommendation(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.CVE].Value = entry.getCve(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.BID].Value = entry.getBid(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.OSVDB].Value = entry.getOsvdb(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.REFERENCELINK].Value = entry.getReferenceLink(); } int no = dataGridViewNew.Rows.Add(); for (int i = 0; i < (int)ColumnIndex.MAX; i++) { dataGridViewNew.Rows[no].Cells[i].Value = dataGridViewOld.Rows[0].Cells[i].Value; } }
/// <summary> /// This is the getOutput method. /// It is used to create a series of string with HTML elements for the HTML /// output. /// </summary> /// <param name="record">the Record for output</param> /// <returns>a series of string with HTML tags for HTML output</returns> private String getOutput(ref Record.Record record) { #region // get Useful Data List <DataEntry> highRisk = record.getHighRiskEntriesWithoutHotfix(); List <DataEntry> mediumRisk = record.getMediumRiskEntriesWithoutHotfix(); List <DataEntry> lowRisk = record.getLowRiskEntriesWithoutHotfix(); List <DataEntry> noneRisk = record.getNoneRiskEntriesWithoutHotfix(); Dictionary <int, DataEntry> openPort = new Dictionary <int, DataEntry>(); if (Program.state.panelOutputSelect_isOutputOpenPort) { openPort = record.getOpenPort(); } List <DataEntry> tempEntries = record.getWholeEntriesWithoutOpenPortAndHotfix(); Record.Record tempRecord = new Record.Record(); foreach (DataEntry entry in tempEntries) { tempRecord.guiAddEntry(entry); } if (Program.state.panelOutputSelect_isOutputOpenPort) { foreach (DataEntry entry in openPort.Values) { tempRecord.guiAddEntry(entry); } } RiskStats riskStats = tempRecord.getRiskStats(); #endregion StringBuilder sb = new StringBuilder(); #region // print Risk Statistics sb.Append("<DIV>" + "\n"); sb.Append("<H4>Risk Statistics</H4>" + "\n"); sb.Append("<br>High Risk: " + highRisk.Count + "\n"); sb.Append("<br>Medium Risk: " + mediumRisk.Count + "\n"); sb.Append("<br>Low Risk: " + lowRisk.Count + "\n"); sb.Append("<br>None Risk: " + noneRisk.Count + "\n"); if (Program.state.panelOutputSelect_isOutputOpenPort) { sb.Append("<br>Open Port: " + openPort.Count + "\n"); } sb.Append("</DIV>" + "\n"); #endregion #region // print Host Statistics // Per host statistics sb.Append("<DIV>" + "\n"); sb.Append("<H4>Risk Statistics</H4>" + "\n"); foreach (KeyValuePair <String, Dictionary <RiskFactor, int> > entry in riskStats.getRiskStats()) { sb.Append("<br/>"); sb.Append(HTMLOutputFormater.forHTML(entry.Key)); sb.Append(":\t"); Dictionary <RiskFactor, int> hostRisks = entry.Value; foreach (KeyValuePair <RiskFactor, int> hostRisk in hostRisks) { if (hostRisk.Key != RiskFactor.NULL) { if (hostRisk.Key != RiskFactor.OPEN || (hostRisk.Key == RiskFactor.OPEN && Program.state.panelOutputSelect_isOutputOpenPort)) { sb.Append(HTMLOutputFormater.forHTML(RiskFactorFunction.getEnumString(hostRisk.Key) + " : ")); if (hostRisk.Key != RiskFactor.OPEN) { sb.Append(HTMLOutputFormater.forHTML(hostRisk.Value.ToString()) + '\t'); } else if (Program.state.panelOutputSelect_isOutputOpenPort) { bool isOutput = false; foreach (DataEntry tempEntry in openPort.Values) { if (tempEntry.getIp() == entry.Key) { sb.Append(tempEntry.getDescription().Split(',').Length.ToString() + '\t'); isOutput = true; break; } } if (!isOutput) { sb.Append("0\t"); } } } } } } sb.Append("</DIV>" + "\n"); #endregion #region // print HIGH/MEDIUM/LOW/NONE Findings // High Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>High Risk Findings</H4>" + "\n"); foreach (DataEntry entry in highRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry, RiskFactor.HIGH)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // Medium Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>Medium Risk Findings</H4>" + "\n"); foreach (DataEntry entry in mediumRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry, RiskFactor.MEDIUM)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // Low Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>Low Risk Findings</H4>" + "\n"); foreach (DataEntry entry in lowRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry, RiskFactor.LOW)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); // None Risks sb.Append("<DIV>" + "\n"); sb.Append("<H4>None Risk Findings</H4>" + "\n"); foreach (DataEntry entry in noneRisk) { sb.Append("<p>" + "\n"); sb.Append(getDataEntryHTML(entry, RiskFactor.NONE)); sb.Append("</p>" + "\n"); } sb.Append("</DIV>" + "\n"); #endregion #region // print Missing Hotfix Findings if (Program.state.panelOutputSelect_isOutputHotfix) { sb.Append("<DIV>" + "\n"); sb.Append("<H4>Missing Hotfix Findings</H4>" + "\n"); sb.Append("<p>" + "\n"); sb.Append(HTML_TABLE_START); sb.Append("\n"); sb.Append("<TR>\n"); sb.Append("<TD>Host</TD>\n"); sb.Append("<TD>Missing Hotfix(s)</TD>\n"); sb.Append("</TR>\n"); Dictionary <String, String> hotfixList = new Hotfix(record).getHotfixListGroupByHost(); foreach (KeyValuePair <String, String> finding in hotfixList) { sb.Append("<TR>\n"); // ip address for the open port findings sb.Append("<TD>"); //MessageBox.Show(finding.Key); sb.Append(finding.Key); sb.Append("</TD>\n"); // open ports sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(finding.Value).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); } sb.Append(HTML_TABLE_END); sb.Append("</p>" + "\n"); sb.Append("</DIV>" + "\n"); } #endregion #region // print Open Port Findings // Open Ports if (Program.state.panelOutputSelect_isOutputOpenPort) { sb.Append("<DIV>" + "\n"); sb.Append("<H4>Open Ports Findings</H4>" + "\n"); sb.Append("<p>" + "\n"); sb.Append(HTML_TABLE_START); sb.Append("\n"); sb.Append("<TR>\n"); sb.Append("<TD>Host</TD>\n"); sb.Append("<TD>Open Port(s)</TD>\n"); sb.Append("</TR>\n"); foreach (KeyValuePair <int, DataEntry> keyValuePair in openPort) { DataEntry entry = keyValuePair.Value; sb.Append("<TR>\n"); // ip address for the open port findings sb.Append("<TD>"); sb.Append(entry.getIp()); sb.Append("</TD>\n"); // open ports sb.Append("<TD>"); sb.Append(HTMLOutputFormater.forHTML(entry.getDescription()).Replace("\n", "<br/>")); sb.Append("</TD>\n"); sb.Append("</TR>\n"); } sb.Append(HTML_TABLE_END); sb.Append("</p>" + "\n"); sb.Append("</DIV>" + "\n"); } #endregion return(sb.ToString()); }
/// <summary> /// This is the FormEditFinding method. /// It is used to hide the current Form and display the Form /// FormEditFindingString for user to edit. /// </summary> /// <param name="indexArray">list of indexes that selected from the dataGridView on the previous form</param> /// <param name="dataArray">data to fill the dataGridView on this form (actually the next form)</param> /// <param name="columnIndex">determine which column needs to display on next form</param> public FormEditFinding(List <int> indexArray, List <DataEntry> dataArray, int columnIndex) { this.indexArray = indexArray; this.columnIndex = columnIndex; InitializeComponent(); //buttonApplyToAll.Show(); #region // actually useless on filling values on this form's dataGridViews foreach (DataEntry entry in dataArray) { int n = dataGridViewOld.Rows.Add(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINNAME].Value = entry.getPluginName(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IPLIST].Value = entry.getIp(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.DESCRIPTION].Value = entry.getDescription(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.IMPACT].Value = entry.getImpact(); if (entry.getRiskFactor() == RiskFactor.OPEN) { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = "OpenPort"; } else { dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RISKFACTOR].Value = RiskFactorFunction.getEnumString(entry.getRiskFactor()); } dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.RECOMMENDATION].Value = entry.getRecommendation(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.CVE].Value = entry.getCve(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.BID].Value = entry.getBid(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.OSVDB].Value = entry.getOsvdb(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.REFERENCELINK].Value = entry.getReferenceLink(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.ENTRYTYPE].Value = entry.getEntryTypeString(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINVERSION].Value = entry.getpluginversion(); dataGridViewOld.Rows[n].Cells[(int)ColumnIndex.PLUGINID].Value = entry.getpluginID(); } int no = dataGridViewNew.Rows.Add(); for (int i = 0; i < (int)ColumnIndex.MAX; i++) { dataGridViewNew.Rows[no].Cells[i].Value = dataGridViewOld.Rows[0].Cells[i].Value; } #endregion }