public List <PatrOwlFinding> GetFindings() { var output = new List <PatrOwlFinding>(); var re = new Regex("^(?<control>[a-zA-Z]+)_(?<index>\\d+)$"); int k = 1; if (errors != null) { foreach (var error in errors) { output.Add(error); } } if (results != null) { foreach (var report in results) { var o = new Dictionary <int, PatrOwlFinding>(); foreach (var item in report.Data) { var m = re.Match(item.Key); if (m.Success) { int id = int.Parse(m.Groups["index"].Value); if (!o.ContainsKey(id)) { o[id] = new PatrOwlFinding(); o[id].issue_id = id; o[id].timestamp = DateTime.Now; o[id].target = new PatrOwlFindingTarget(); o[id].target.addr = new List <string>() { GetItem(report, "Target") }; o[id].type = "pingcastle"; o[id].confidence = PatrOwlFindingConfidenceEnum.certain; } PatrOwlFinding p = o[id]; string control = m.Groups["control"].Value; string value = item.Value; switch (control) { case "Rationale": p.title = value; p.raw = value; break; case "Title": p.PingCastleTitle = value; break; case "TechnicalExplanation": p.PingCastleTechnicalExplanation = value; break; case "Solution": p.solution = value; break; case "Detail": if (p.PingCastleDetail == null) { p.PingCastleDetail = new List <string>(); } p.PingCastleDetail.Add(value); break; case "Points": { int point = 0; int.TryParse(value, out point); p.severity = GetSeverity(point); } break; case "Documentation": { o[id].metadata = new PatrOwlFindingMetadata(); o[id].metadata.links = new List <string>(); var links = o[id].metadata.links; var relink = new Regex("<a\\s+(?:[^>]*?\\s+)?href=([\"'])(?<url>(.*?))\\1"); foreach (Match link in relink.Matches(value)) { var l = link.Groups["url"].Value; if (!links.Contains(l)) { links.Add(l); } } } break; default: break; } } } foreach (var i in o.Values) { i.issue_id = k++; output.Add(i); } } } return(output); }
// si scan fail pour 1 machine (sur plusieurs) => ajouter findings pour cette machine // scan toujours successful, mais ajouter en findings les raisons des echecs public void AnalyzeData() { pipe.WaitForConnection(); lock (this) { Status = PatrOwlOuputStatus.SCANNING; } foreach (var t in ScanSetting.assets) { bool hasError = false; if (stop) { continue; } try { var output = RunHealthCheck(t); string status = GetItem(output, "Status"); switch (status) { case "OK": results.Add(output); continue; case "Error": Error = GetItem(output, "Error"); hasError = true; break; default: Error = "Invalid return code " + status; hasError = true; break; } } catch (Exception ex) { hasError = true; Error = "Exception when running job: " + ex.Message; } if (hasError) { var o = new PatrOwlFinding(); o.issue_id = 0; o.timestamp = DateTime.Now; o.target = new PatrOwlFindingTarget(); o.target.addr = new List <string>() { t.value }; o.type = "pingcastle"; o.confidence = PatrOwlFindingConfidenceEnum.certain; o.PingCastleTitle = "An error occured while running the scan"; o.PingCastleTechnicalExplanation = "The error is:\r\n" + Error; o.solution = "We recommand to check the settings defined in the scan and if the scanner can reach the domain it has been asked to scan"; o.title = "An error occured while running the scan"; o.severity = PatrOwlFindingSeverityEnum.critical; if (errors == null) { errors = new List <PatrOwlFinding>(); } errors.Add(o); } } Status = PatrOwlOuputStatus.FINISHED; try { SendAndReceiveCommand(GenerateNewCommand("shutdown")); } catch (Exception) { } Stop(); }