public static Dictionary <string, OpenVASReportHost> ParseHostsFromReport(XmlDocument doc)
{
Dictionary <string, OpenVASReportHost> hosts = new Dictionary <string, OpenVASReportHost>();
foreach (XmlNode node in doc.FirstChild.FirstChild.FirstChild.ChildNodes)
{
if (node.Name == "ports")
{
foreach (XmlNode port in node.ChildNodes)
{
string description = string.Empty;
string host = string.Empty;
string threat = string.Empty;
foreach (XmlNode portInfo in port.ChildNodes)
{
if (portInfo.Name == "host")
{
host = portInfo.InnerText;
}
else if (portInfo.Name == "threat")
{
threat = portInfo.InnerText;
}
else
{
description = portInfo.InnerText;
}
}
OpenVASReportHostPort rport = new OpenVASReportHostPort();
rport.Description = description;
rport.Host = host;
rport.Threat = threat;
try
{
hosts[host].Ports.Add(rport);
}
catch
{
OpenVASReportHost rhost = new OpenVASReportHost();
rhost.IPAddress = host;
rhost.Ports = new List <OpenVASReportHostPort>();
rhost.Results = new List <OpenVASReportHostResult>();
hosts.Add(host, rhost);
hosts[host].Ports.Add(rport);
}
}
}
else if (node.Name == "results")
{
foreach (XmlNode result in node.ChildNodes)
{
string id = result.Attributes["id"].Value;
string subnet = string.Empty;
string host = string.Empty;
string port = string.Empty;
OpenVASReportHostResultNVT nvt = null;
string threat = string.Empty;
string description = string.Empty;
foreach (XmlNode resultInfo in result.ChildNodes)
{
if (resultInfo.Name == "subnet")
{
subnet = resultInfo.InnerText;
}
else if (resultInfo.Name == "host")
{
host = resultInfo.InnerText;
}
else if (resultInfo.Name == "port")
{
port = resultInfo.InnerText;
}
else if (resultInfo.Name == "nvt")
{
nvt = new OpenVASReportHostResultNVT();
nvt.OID = resultInfo.Attributes["oid"].Value;
foreach (XmlNode nvtinfo in resultInfo.ChildNodes)
{
if (nvtinfo.Name == "name")
{
nvt.Name = nvtinfo.InnerText;
}
else if (nvtinfo.Name == "cvss_base")
{
nvt.CVSSBaseScore = nvtinfo.InnerText;
}
else if (nvtinfo.Name == "risk_factor")
{
nvt.RiskFactor = nvtinfo.InnerText;
}
else if (nvtinfo.Name == "cve")
{
nvt.CVE = nvtinfo.InnerText;
}
else if (nvtinfo.Name == "bid")
{
nvt.BID = nvtinfo.InnerText;
}
}
}
else if (resultInfo.Name == "threat")
{
threat = resultInfo.InnerText;
}
else if (resultInfo.Name == "description")
{
description = resultInfo.InnerText;
}
}
OpenVASReportHostResult rresult = new OpenVASReportHostResult();
rresult.Description = description;
rresult.Host = host;
rresult.ID = id;
rresult.NVT = nvt;
rresult.Port = port;
rresult.Subnet = subnet;
rresult.Threat = threat;
hosts[host].Results.Add(rresult);
}
}
}
//calculate some pseudo-quantitative number regarding overall risk
foreach (var pair in hosts)
{
int risk = 0;
foreach (var port in pair.Value.Ports)
{
if (port.Threat == "High")
{
risk += 4;
}
else if (port.Threat == "Medium")
{
risk += 3;
}
else if (port.Threat == "Low")
{
risk += 2;
}
else if (port.Threat == "Log")
{
risk += 1;
}
else if (port.Threat == "Debug")
{
risk += 0;
}
}
pair.Value.Risk = risk;
}
return(hosts);
}
public static Dictionary<string, OpenVASReportHost> ParseHostsFromReport(XmlDocument doc)
{
Dictionary<string, OpenVASReportHost> hosts = new Dictionary<string, OpenVASReportHost>();
foreach (XmlNode node in doc.FirstChild.FirstChild.FirstChild.ChildNodes)
{
if (node.Name == "ports")
{
foreach (XmlNode port in node.ChildNodes)
{
string description = string.Empty;
string host = string.Empty;
string threat = string.Empty;
foreach (XmlNode portInfo in port.ChildNodes)
{
if (portInfo.Name == "host")
host = portInfo.InnerText;
else if (portInfo.Name == "threat")
threat = portInfo.InnerText;
else
description = portInfo.InnerText;
}
OpenVASReportHostPort rport = new OpenVASReportHostPort();
rport.Description = description;
rport.Host = host;
rport.Threat = threat;
try
{
hosts[host].Ports.Add(rport);
}
catch
{
OpenVASReportHost rhost = new OpenVASReportHost();
rhost.IPAddress = host;
rhost.Ports = new List<OpenVASReportHostPort>();
rhost.Results = new List<OpenVASReportHostResult>();
hosts.Add(host, rhost);
hosts[host].Ports.Add(rport);
}
}
}
else if (node.Name == "results")
{
foreach (XmlNode result in node.ChildNodes)
{
string id = result.Attributes["id"].Value;
string subnet = string.Empty;
string host = string.Empty;
string port = string.Empty;
OpenVASReportHostResultNVT nvt = null;
string threat = string.Empty;
string description = string.Empty;
foreach (XmlNode resultInfo in result.ChildNodes)
{
if (resultInfo.Name == "subnet")
subnet = resultInfo.InnerText;
else if (resultInfo.Name == "host")
host = resultInfo.InnerText;
else if (resultInfo.Name == "port")
port = resultInfo.InnerText;
else if (resultInfo.Name == "nvt")
{
nvt = new OpenVASReportHostResultNVT();
nvt.OID = resultInfo.Attributes["oid"].Value;
foreach (XmlNode nvtinfo in resultInfo.ChildNodes)
{
if (nvtinfo.Name == "name")
nvt.Name = nvtinfo.InnerText;
else if (nvtinfo.Name == "cvss_base")
nvt.CVSSBaseScore = nvtinfo.InnerText;
else if (nvtinfo.Name == "risk_factor")
nvt.RiskFactor = nvtinfo.InnerText;
else if (nvtinfo.Name == "cve")
nvt.CVE = nvtinfo.InnerText;
else if (nvtinfo.Name == "bid")
nvt.BID = nvtinfo.InnerText;
}
}
else if (resultInfo.Name == "threat")
threat = resultInfo.InnerText;
else if (resultInfo.Name == "description")
description = resultInfo.InnerText;
}
OpenVASReportHostResult rresult = new OpenVASReportHostResult();
rresult.Description = description;
rresult.Host = host;
rresult.ID = id;
rresult.NVT = nvt;
rresult.Port = port;
rresult.Subnet = subnet;
rresult.Threat = threat;
hosts[host].Results.Add(rresult);
}
}
}
//calculate some pseudo-quantitative number regarding overall risk
foreach (var pair in hosts)
{
int risk = 0;
foreach(var port in pair.Value.Ports)
{
if (port.Threat == "High")
risk += 4;
else if (port.Threat == "Medium")
risk += 3;
else if (port.Threat == "Low")
risk += 2;
else if (port.Threat == "Log")
risk += 1;
else if (port.Threat == "Debug")
risk += 0;
}
pair.Value.Risk = risk;
}
return hosts;
}
