public GuiDataEntry(String pluginName,
String ip,
String description,
String impact,
RiskFactor riskFactor,
String recommendation,
List <String> cveList,
List <String> bidList,
List <String> osvdbList,
String referenceLink,
DataEntry.EntryType entryType)
{
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : description;
this.impact = impact == null ? "" : impact;
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : recommendation;
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.referenceLink = referenceLink;
if (entryType != EntryType.NULL)
{
this.type = entryType;
}
else
{
this.type = EntryType.GUI;
}
}
/// <summary>
/// This is the addHotfix method.
/// It is used to add a given entry to the Hotfix list.
/// </summary>
/// <param name="entry">the DataEntry that being added to the hotfix</param>
private void addHotfix(DataEntry entry)
{
RiskFactor tempRiskFactor = entry.getRiskFactor();
switch (tempRiskFactor)
{
case RiskFactor.HIGH:
highRiskHotfix++;
break;
case RiskFactor.MEDIUM:
mediumRiskHotfix++;
break;
case RiskFactor.LOW:
lowRiskHotfix++;
break;
case RiskFactor.NONE:
noneRiskHotfix++;
break;
}
hotfixList.Add(entry);
hotfixList.Sort(delegate(DataEntry d1, DataEntry d2) {
return(d1.getPluginName().CompareTo(d2.getPluginName()));
});
}
internal static String getEnumString(RiskFactor severity)
{
if (severity == RiskFactor.NONE)
{
return("None");
}
else if (severity == RiskFactor.OPEN)
{
return("Open Port");
}
else if (severity == RiskFactor.LOW)
{
return("Low");
}
else if (severity == RiskFactor.MEDIUM)
{
return("Medium");
}
else if (severity == RiskFactor.HIGH)
{
return("High");
}
else
{
return("Not Applicable");
}
}
/**
* Add one to the given ip-riskFactor paring
* @param ip The ip of the host to add stats too
* @param riskFactor The desired riskFactor
*/
public void add(String ip, RiskFactor riskFactor)
{
if (riskFactor == RiskFactor.NULL)
{
Console.Error.WriteLine("RiskStats: Invalid RiskFactor");
return;
}
if (riskStats.ContainsKey(ip))
{
Dictionary <RiskFactor, int> hostStat = riskStats[ip];
int i = hostStat[riskFactor];
hostStat[riskFactor] = i + 1;
}
else
{
Dictionary <RiskFactor, int> hostStat = new Dictionary <RiskFactor, int>();
foreach (RiskFactor risks in Enum.GetValues(typeof(RiskFactor)))
{
hostStat[risks] = 0;
}
int i = hostStat[riskFactor];
hostStat[riskFactor] = i + 1;
riskStats[ip] = hostStat;
}
}
public void addHotfix(DataEntry entry)
{
if (!isDuplicate(entry))
{
RiskFactor tempRiskFactor = entry.getRiskFactor();
switch (tempRiskFactor)
{
case RiskFactor.HIGH:
highRiskHotfix++;
break;
case RiskFactor.MEDIUM:
mediumRiskHotfix++;
break;
case RiskFactor.LOW:
lowRiskHotfix++;
break;
case RiskFactor.NONE:
noneRiskHotfix++;
break;
}
hotfixList.Add(entry);
}
}
public async Task <PatientResponse> AddPatientRiskFactor(AddPatientRiskFactorRequest request)
{
if ((request?.PatientId == null) || (request?.RiskFactorId == null))
{
throw new ArgumentNullException();
}
Patient patient = await _patientRepository.GetAsync(request.PatientId);
RiskFactor riskFactor = await _riskFactorRepository.GetAsync(request.RiskFactorId);
PatientRiskFactor patientRiskFactor = new PatientRiskFactor
{
//Přes Id to funguje, přes celé entity ne!!!
PatientId = patient.Id,
RiskFactorId = riskFactor.Id
};
_patientRiskFactorRepository.Add(patientRiskFactor);
await _patientRiskFactorRepository.UnitOfWork.SaveChangesAsync();
//aktualizace pacienta
patient = await _patientRepository.GetAsync(request.PatientId);
return(_patientMapper.Map(patient));
}
public NessusDataEntry(String pluginName,
String ip,
String description,
String impact,
int severity,
RiskFactor riskFactor,
String recommendation,
List <String> cveList,
List <String> bidList,
List <String> osvdbList)
{
if (severity <= 1 && riskFactor == RiskFactor.NULL)
{
this.valid = false;
return;
}
else if (riskFactor == RiskFactor.NULL)
{
riskFactor = RiskFactorFunction.getEnum(severity);
}
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : processString(description);
this.impact = impact == null ? "" : processString(impact);
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : processString(recommendation);
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.referenceLink = "";
this.valid = true;
this.type = EntryType.NESSUS;
}
/// <summary>
/// This is addHost method.
/// It is used to add a host to the RiskStats.
/// </summary>
/// <param name="ip">the host name</param>
/// <param name="riskFactor">the RiskFactor of that finding</param>
public void addHost(String ip, RiskFactor riskFactor)
{
// if riskFactor = RiskFactor.NULL, this finding is not valid
if (riskFactor == RiskFactor.NULL)
{
return;
}
// action taken if the host already in the riskStats
if (riskStats.ContainsKey(ip))
{
Dictionary <RiskFactor, int> hostStat = riskStats[ip];
hostStat[riskFactor]++;
}
// action taken if the host is new to riskStats
else
{
Dictionary <RiskFactor, int> hostStat = new Dictionary <RiskFactor, int>();
foreach (RiskFactor risks in Enum.GetValues(typeof(RiskFactor)))
{
hostStat[risks] = 0;
}
hostStat[riskFactor]++;
riskStats[ip] = hostStat;
}
}
public MBSADataEntry(String pluginName,
String ip,
String description,
int severity,
RiskFactor riskFactor,
List <String> cveList,
List <String> bidList,
List <String> osvdbList)
{
if (severity <= 1 && riskFactor == RiskFactor.NULL)
{
this.valid = false;
return;
}
else if (riskFactor == RiskFactor.NULL)
{
riskFactor = RiskFactorFunction.getEnum(severity);
}
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : description;
this.riskFactor = riskFactor;
this.valid = true;
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.type = EntryType.MBSA;
}
/// <summary>
/// 获取结果集合
/// </summary>
/// <param name="strWhere"></param>
/// <returns></returns>
public List <model.RiskFactor> GetList(string strWhere)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select ID,RF_code,RF_name,RF_class,Spare1,Spare2,Spare3,Spare4");
strSql.Append(" FROM RiskFactor ");
if (strWhere.Trim() != "")
{
strSql.Append(" where " + strWhere);
}
DataSet ds = DbHelperSQL.Query(strSql.ToString());
List <RiskFactor> list = new List <RiskFactor>();
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
RiskFactor model = new RiskFactor();
if (ds.Tables[0].Rows[i]["ID"].ToString() != "")
{
model.ID = int.Parse(ds.Tables[0].Rows[i]["ID"].ToString());
}
model.RF_name = ds.Tables[0].Rows[i]["RF_name"].ToString();
model.RF_code = ds.Tables[0].Rows[i]["RF_code"].ToString();
model.RF_class = ds.Tables[0].Rows[i]["RF_class"].ToString();
model.Spare1 = ds.Tables[0].Rows[i]["Spare1"].ToString();
model.Spare2 = ds.Tables[0].Rows[i]["Spare2"].ToString();
model.Spare3 = ds.Tables[0].Rows[i]["Spare3"].ToString();
model.Spare4 = ds.Tables[0].Rows[i]["Spare4"].ToString();
list.Add(model);
}
return(list);
}
private String[] buildStringArray(DataEntry entry, RiskFactor riskFactor)
{
String[] stringArray = new String[9];
// Plugin Name
stringArray[0] = entry.getPluginName();
// Hosts Affected
String tempString = "";
foreach (String ip in entry.getIpList())
{
tempString += ip + '\n';
}
stringArray[1] = tempString.Substring(0, tempString.Length - 1);
// Description
stringArray[2] = entry.getDescription();
// Impact
stringArray[3] = entry.getImpact();
// Risk Level
stringArray[4] = RiskFactorFunction.getEnumString(riskFactor);
// Recommendations
stringArray[5] = entry.getRecommendation();
// Reference
// CVE
tempString = "N/A";
if (entry.getCve() != null)
{
tempString = entry.getCve();
}
stringArray[6] = tempString;
// BID
tempString = "N/A";
if (entry.getBid() != null)
{
tempString = entry.getBid();
}
stringArray[7] = tempString;
// OSVDB
tempString = "N/A";
if (entry.getOsvdb() != null)
{
tempString = entry.getOsvdb();
}
stringArray[8] = tempString;
return(stringArray);
}
/// <summary>
/// This is the buildStringArray method.
/// It is used to build an array of String from given entry and riskFactor.
/// </summary>
/// <param name="entry">the DataEntry being transformed to a string array</param>
/// <param name="riskFactor">the RiskFactor of the entry</param>
/// <returns>a string array being transformed to a xlsx row</returns>
private String[] buildStringArray(DataEntry entry, RiskFactor riskFactor)
{
String[] stringArray = new String[10];
// Plugin Name
stringArray[0] = entry.getPluginName();
// Hosts Affected
stringArray[1] = entry.getIp();
// Description
stringArray[2] = entry.getDescription();
// Impact
stringArray[3] = entry.getImpact();
// Risk Level
stringArray[4] = RiskFactorFunction.getEnumString(riskFactor);
// Recommendations
stringArray[5] = entry.getRecommendation();
// Reference
// CVE
String tempString = "N/A";
if (entry.getCve() != null)
{
tempString = entry.getCve();
}
stringArray[6] = tempString;
// BID
tempString = "N/A";
if (entry.getBid() != null)
{
tempString = entry.getBid();
}
stringArray[7] = tempString;
// OSVDB
tempString = "N/A";
if (entry.getOsvdb() != null)
{
tempString = entry.getOsvdb();
}
stringArray[8] = tempString;
// Reference Link
stringArray[9] = entry.getReferenceLink();
return(stringArray);
}
public async Task <RiskFactorResponse> AddRiskFactorAsync(AddRiskFactorRequest request)
{
var riskFactor = new RiskFactor();
riskFactor.Factor = request.Factor;
var result = _riskFactorRepository.Add(riskFactor);
await _riskFactorRepository.UnitOfWork.SaveChangesAsync();
return(_riskFactorMapper.Map(result));
}
/*
* This is the constructor of GuiDataEntry.
* (Without EntryType)
*/
/// <summary>
/// This is the constructor of GuiDataEntry.
/// (Without EntryType)
/// </summary>
/// <param name="pluginName">pluginName of the DataEntry</param>
/// <param name="ipString">string with all host name of the DataEntry</param>
/// <param name="description">description of the DataEntry</param>
/// <param name="impact">impact of the DataEntry</param>
/// <param name="riskFactor">RiskFactor of the DataEntry</param>
/// <param name="recommendation">recommendation of the DataEntry</param>
/// <param name="cveList">cveList of the DataEntry</param>
/// <param name="bidList">bidList of the DataEntry</param>
/// <param name="osvdbList">osvdbList of the DataEntry</param>
/// <param name="referenceLink">referenceLink of the DataEntry</param>
public GuiDataEntry(String pluginName,
String ipString,
String description,
String impact,
RiskFactor riskFactor,
String recommendation,
List <String> cveList,
List <String> bidList,
List <String> osvdbList,
String referenceLink)
{
this.pluginName = pluginName;
if (ipString.Contains(","))
{
String[] ipListArray = ipString.Split(',');
for (int i = 0; i < ipListArray.Length; i++)
{
ipListArray[i] = ipListArray[i].Replace(" ", "");
//String tempString = "";
//foreach (char c in ipListArray[i]) {
// if (c != ' ') {
// tempString += c;
// }
//}
ipListArray[i] = ipListArray[i].Replace("(", " (");
}
foreach (String s in ipListArray)
{
if (!ipList.Contains(s))
{
ipList.Add(s);
}
}
}
else if (!ipList.Contains(ipString))
{
ipList.Add(ipString);
}
this.description = description == null ? "" : description;
this.impact = impact == null ? "" : impact;
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : recommendation;
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.referenceLink = referenceLink;
this.type = EntryType.NULL;
}
public RiskFactorResponse Map(RiskFactor riskFactor)
{
if (riskFactor == null)
{
return(null);
}
return(new RiskFactorResponse
{
Id = riskFactor.Id,
Factor = riskFactor.Factor
});
}
public RiskFactor Map(AddRiskFactorRequest request)
{
if (request == null)
{
return(null);
}
RiskFactor factor = new RiskFactor
{
Factor = request.Factor,
};
return(factor);
}
public RiskFactor Map(EditRiskFactorRequest request)
{
if (request == null)
{
return(null);
}
RiskFactor factor = new RiskFactor
{
Id = request.Id,
Factor = request.Factor,
};
return(factor);
}
public void remove(String ip, RiskFactor riskFactor)
{
if (riskFactor == RiskFactor.NULL)
{
Console.Error.WriteLine("RiskStats: Invalid RiskFactor");
return;
}
if (riskStats.ContainsKey(ip))
{
Dictionary <RiskFactor, int> hostStat = riskStats[ip];
int i = hostStat[riskFactor];
hostStat[riskFactor] = i - 1;
}
}
/// <summary>
/// This is the removeHost method.
/// It is used to remove a host from the RiskStats.
/// </summary>
/// <param name="ip">the host name</param>
/// <param name="riskFactor">the RiskFactor of that finding</param>
public void removeHost(String ip, RiskFactor riskFactor)
{
// if riskFactor = RiskFactor.NULL, this finding is not valid
if (riskFactor == RiskFactor.NULL)
{
return;
}
// action taken if the host is in the riskStats
if (riskStats.ContainsKey(ip))
{
Dictionary <RiskFactor, int> hostStat = riskStats[ip];
hostStat[riskFactor]--;
}
}
public async Task <IActionResult> UpdateFactor(int id, RiskFactor factorForUpdate)
{
var updatedFactor = await _context.RiskFactors.FirstOrDefaultAsync(f => f.Id == id);
if (updatedFactor == null)
{
return(NotFound());
}
updatedFactor.Code = factorForUpdate.Code;
updatedFactor.Name = factorForUpdate.Name;
if (await _context.SaveChangesAsync() > 0)
{
return(Ok(updatedFactor));
}
return(BadRequest("Error update Risk Factor"));
}
private String[] buildAcunetixStringArray(DataEntry entry, RiskFactor riskFactor, AffectedItem item)
{
String[] stringArray = new String[23];
// Plugin Name
stringArray[0] = entry.getPluginName();
// Hosts Affected
stringArray[1] = entry.getIp();
// Description
stringArray[2] = entry.getDescription();
// Impact
stringArray[3] = entry.getImpact();
// Risk Level
stringArray[4] = RiskFactorFunction.getEnumString(riskFactor);
// Recommendations
stringArray[5] = entry.getRecommendation();
stringArray[6] = entry.getFileName();
stringArray[7] = ((AcunetixDataEntry)entry).getSubDomain();
stringArray[8] = item.getSubDirectory();
stringArray[9] = item.getDepartment();
stringArray[10] = item.getName();
stringArray[11] = item.getLink();
stringArray[12] = item.getDetail();
stringArray[13] = item.getRequest();
stringArray[14] = item.getResponse();
stringArray[15] = ((AcunetixDataEntry)entry).getModuleName();
stringArray[16] = ((AcunetixDataEntry)entry).getIsFalsePositive();
stringArray[17] = ((AcunetixDataEntry)entry).getAOP_SourceFile();
stringArray[18] = ((AcunetixDataEntry)entry).getAOP_SourceLine();
stringArray[19] = ((AcunetixDataEntry)entry).getAOP_Additional();
stringArray[20] = ((AcunetixDataEntry)entry).getDetailedInformation();
stringArray[21] = ((AcunetixDataEntry)entry).getAcunetixType();
stringArray[22] = ((AcunetixDataEntry)entry).getAcunetixReferenceListString();
return(stringArray);
}
public NmapDataEntry(String pluginName,
String ip,
String description,
RiskFactor riskFactor)
{
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : description;
this.impact = impact == null ? "" : impact;
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : recommendation;
this.cveList = null;
this.bidList = null;
this.osvdbList = null;
this.referenceLink = "";
this.valid = true;
this.type = EntryType.NMAP;
}
/// <summary>
/// This is the constructor of NmapDataEntry.
/// </summary>
/// <param name="pluginName">plugin name of the DataEntry</param>
/// <param name="ip">host name of the DataEntry</param>
/// <param name="description">description of the DataEntry</param>
/// <param name="riskFactor">RiskFactor of the DataEntry</param>
public NmapDataEntry(String pluginName,
String ip,
String description,
RiskFactor riskFactor,
String fileName,
List <String> openPortList,
List <String> filteredPortList,
List <String> closedPortList,
List <String> unknownPortList,
String OS,
String OSDetail)
{
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : description;
this.impact = impact == null ? "" : impact;
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : recommendation;
this.cveList = null;
this.bidList = null;
this.osvdbList = null;
this.referenceLink = "";
this.fileName = fileName;
this.valid = true;
this.type = EntryType.NMAP;
this.openPortList = openPortList;
this.filteredPortList = filteredPortList;
this.closedPortList = closedPortList;
this.unknownPortList = unknownPortList;
this.OS = OS;
this.OSDetail = OSDetail;
//this.louise = "00000"; //@@@@@
//System.Windows.Forms.MessageBox.Show(this.louise);
}
/*
* This is the constructor of MBSADataEntry.
* (Without referenceLink)
*/
/// <summary>
/// This is the constructor of MBSADataEntry for output excel.
/// (Without referenceLink)
/// </summary>
/// <param name="pluginName">plugin name of the DataEntry</param>
/// <param name="ip">host name of the DataEntry</param>
/// <param name="description">description of the DataEntry</param>
/// <param name="severity">int represents the risk of the DataEntry</param>
/// <param name="riskFactor">RiskFactor of the DataEntry</param>
/// <param name="cveList">cveList of the DataEntry</param>
/// <param name="bidList">bidList of the DataEntry</param>
/// <param name="osvdbList">osvdbList of the DataEntry</param>
public MBSADataEntry(String pluginName,
String ip,
String description,
String severityString,
RiskFactor riskFactor,
List <String> cveList,
List <String> bidList,
List <String> osvdbList,
string fileName,
string checkID,
string checkGrade,
string checkType,
string checkCat,
string checkRank,
string checkName,
string checkURL1,
string checkURL2,
string checkGroupID,
string checkGroupName,
string detailText,
string updateDataIsInstalled,
string updateDataRestartRequired,
string updateDataID,
string updateDataGUID,
string updateDataBulletinID,
string updateDataKBID,
string updateDataType,
string tableHeaderString,
string tableRowDataString,
string UpdateDataInformationURL,
string UpdateDataDownloadURL,
String referenceLink = "")
{ //BulletinURL
this.severityString = severityString;
//if (severity <= 1 && riskFactor == RiskFactor.NULL) {
// this.valid = false;
// return;
//}
//else if (riskFactor == RiskFactor.NULL) {
this.valid = true;
//if (riskFactor == RiskFactor.NULL)
//{
// riskFactor = RiskFactorFunction.getEnum(severity);
//}
this.pluginName = pluginName;
ipList.Add(ip);
this.description = description == null ? "" : description;
this.impact = "";
this.recommendation = "";
this.riskFactor = riskFactor;
this.valid = true;
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.fileName = fileName;
this.checkID = checkID;
this.checkGrade = checkGrade;
this.checkType = checkType;
this.checkCat = checkCat;
this.checkRank = checkRank;
this.checkName = checkName;
this.checkURL1 = checkURL1;
this.checkURL2 = checkURL2;
this.checkGroupID = checkGroupID;
this.checkGroupName = checkGroupName;
this.detailText = detailText;
this.updateDataIsInstalled = updateDataIsInstalled;
this.updateDataRestartRequired = updateDataRestartRequired;
this.updateDataID = updateDataID;
this.updateDataGUID = updateDataGUID;
this.updateDataBulletinID = updateDataBulletinID;
this.updateDataKBID = updateDataKBID;
this.updateDataType = updateDataType;
this.UpdateDataInformationURL = UpdateDataInformationURL;
this.UpdateDataDownloadURL = UpdateDataDownloadURL;
this.type = EntryType.MBSA;
if (referenceLink != null)
{
this.referenceLink = referenceLink;
}
else
{
this.referenceLink = "";
}
this.tableHeaderString = tableHeaderString;
this.tableRowDataString = tableRowDataString;
//this.louise = updateDataKBID;
}
/// <summary>
/// This is the getDataEntryHTML method.
/// It is used to create a string for HTML output from given entry and
/// RiskFactor.
/// </summary>
/// <param name="entry">the DataEntry being transformed to HTML text string</param>
/// <param name="riskFactor">riskFactor of that entry</param>
/// <returns>a HTML string text for that entry</returns>
private String getDataEntryHTML(DataEntry entry, RiskFactor riskFactor)
{
StringBuilder sb = new StringBuilder();
sb.Append("<H5>" + HTMLOutputFormater.forHTML(entry.getPluginName()) + "</H5>");
sb.Append(HTML_TABLE_START);
sb.Append("\n");
// Hosts Affected
sb.Append("<TR>\n");
sb.Append("<TD>Hosts Affected:</TD>\n");
sb.Append("<TD>");
sb.Append(entry.getIp());
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Description
sb.Append("<TR>\n");
sb.Append("<TD>Description:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getDescription()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Impact
sb.Append("<TR>\n");
sb.Append("<TD>Impact:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getImpact()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Risk Level
sb.Append("<TR>\n");
sb.Append("<TD>Risk Level: </TD>\n");
sb.Append("<TD>");
sb.Append(RiskFactorFunction.getEnumString(riskFactor));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Recommendations
sb.Append("<TR>\n");
sb.Append("<TD>Recommendation:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getRecommendation()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Reference
bool hasRef = false;
sb.Append("<TR>\n");
sb.Append("<TD>Reference:</TD>\n");
sb.Append("<TD>");
// CVE/BID/OSVDB
if (!String.IsNullOrEmpty(entry.getCve()) || !String.IsNullOrEmpty(entry.getBid()) || !String.IsNullOrEmpty(entry.getOsvdb()))
{
// CVE
if (!String.IsNullOrEmpty(entry.getCve()))
{
hasRef = true;
sb.Append("CVE: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getCve()));
sb.Append("<br/>");
}
// BID
if (!String.IsNullOrEmpty(entry.getBid()))
{
hasRef = true;
sb.Append("BID: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getBid()));
sb.Append("<br/>");
}
// OSVDB
if (!String.IsNullOrEmpty(entry.getOsvdb()))
{
hasRef = true;
sb.Append("OSVDB: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getOsvdb()));
sb.Append("<br/>");
}
}
if (hasRef)
{
sb.Remove(sb.Length - 5, 5);
}
else
{
sb.Append("N/A");
}
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Reference Link
if (!String.IsNullOrEmpty(entry.getReferenceLink()))
{
sb.Append("<TR>\n");
sb.Append("<TD>Reference Link:</TD>\n");
sb.Append("<TD><a href=\"");
sb.Append(HTMLOutputFormater.forHTML(entry.getReferenceLink()).Replace("\n", "<br/>"));
sb.Append("\" target=\"_blank\" >" + HTMLOutputFormater.forHTML(entry.getReferenceLink()).Replace("\n", "<br/>") + "</a></TD>\n");
sb.Append("</TR>\n");
}
sb.Append(HTML_TABLE_END);
return(sb.ToString());
}
public Person(string name, int age, RiskFactor risk)
{
Name = name;
Age = age;
RiskFactor = risk;
}
/// <summary>
/// This is the constructor of GuiDataEntry.
/// (With EntryType parameter)
/// </summary>
/// <param name="pluginName">pluginName of the DataEntry</param>
/// <param name="ipString">string with all host name of the DataEntry</param>
/// <param name="description">description of the DataEntry</param>
/// <param name="impact">impact of the DataEntry</param>
/// <param name="riskFactor">RiskFactor of the DataEntry</param>
/// <param name="recommendation">recommendation of the DataEntry</param>
/// <param name="cveList">cveList of the DataEntry</param>
/// <param name="bidList">bidList of the DataEntry</param>
/// <param name="osvdbList">osvdbList of the DataEntry</param>
/// <param name="referenceLink">referenceLink of the DataEntry</param>
/// <param name="entryType">EntryType of the DataEntry</param>
public GuiDataEntry(String pluginName,
String ipString,
String description,
String impact,
RiskFactor riskFactor,
String recommendation,
List <String> cveList,
List <String> bidList,
List <String> osvdbList,
String referenceLink,
DataEntry.EntryType entryType,
String pluginversion,
String pluginID)
{
this.pluginID_nessusfinding = pluginID;
this.pluginversion_nessusfinding = pluginversion;
//this.louise = louiselouise;
this.pluginName = pluginName;
if (ipString.Contains(","))
{
String[] ipListArray = ipString.Split(',');
for (int i = 0; i < ipListArray.Length; i++)
{
ipListArray[i] = ipListArray[i].Replace(" ", "");
//foreach (char c in ipListArray[i])
//{
// if (c != ' ') {
// tempString += c;
// }
//}
ipListArray[i] = ipListArray[i].Replace("(", " (");
}
foreach (String s in ipListArray)
{
if (!ipList.Contains(s))
{
ipList.Add(s);
hostlist_findingdetail.Add(s);
port_with_protocollist_findingdetail.Add("");
pluginoutputlist_findingdetail.Add("");
}
}
}
else if (!ipList.Contains(ipString))
{
ipList.Add(ipString);
hostlist_findingdetail.Add(ipString);
port_with_protocollist_findingdetail.Add("");
pluginoutputlist_findingdetail.Add("");
}
this.description = description == null ? "" : description;
this.impact = impact == null ? "" : impact;
this.riskFactor = riskFactor;
this.recommendation = recommendation == null ? "" : recommendation;
this.cveList = cveList;
this.bidList = bidList;
this.osvdbList = osvdbList;
this.referenceLink = referenceLink;
if (entryType != EntryType.NULL)
{
this.type = entryType;
}
else
{
this.type = EntryType.GUI;
}
}
/*
* This is the buildTable method.
* It is used to create the table from given entry and riskFactor.
*/
private Dictionary <KeyValuePair <int, int>, String> buildTable(DataEntry entry, RiskFactor riskFactor)
{
Dictionary <KeyValuePair <int, int>, String> table = new Dictionary <KeyValuePair <int, int>, string>();
// Hosts Affected
table[new KeyValuePair <int, int>(1, 1)] = "Hosts Affected:";
String tempString = "";
foreach (String ip in entry.getIpList())
{
tempString += ip + '\n';
}
table[new KeyValuePair <int, int>(1, 2)] = tempString.Substring(0, tempString.Length - 1);
// Description
table[new KeyValuePair <int, int>(2, 1)] = "Description";
table[new KeyValuePair <int, int>(2, 2)] = entry.getDescription();
// Impact
table[new KeyValuePair <int, int>(3, 1)] = "Impact:";
table[new KeyValuePair <int, int>(3, 2)] = entry.getImpact();
// Risk Level
table[new KeyValuePair <int, int>(4, 1)] = "Risk Level:";
table[new KeyValuePair <int, int>(4, 2)] = RiskFactorFunction.getEnumString(riskFactor);
// Recommendations
table[new KeyValuePair <int, int>(5, 1)] = "Recommendation:";
table[new KeyValuePair <int, int>(5, 2)] = entry.getRecommendation();
// Reference
bool hasRef = false;
table[new KeyValuePair <int, int>(6, 1)] = "Reference:";
tempString = "";
// CVE
if (entry.getCve() != null)
{
hasRef = true;
tempString = "CVE: " + entry.getCve() + "\n";
}
// BID
if (entry.getBid() != null)
{
hasRef = true;
tempString += "BID: " + entry.getBid() + "\n";
}
// OSVDB
if (entry.getOsvdb() != null)
{
hasRef = true;
tempString += "OSVDB: " + entry.getOsvdb();
}
if (!hasRef)
{
tempString = "N/A";
}
table[new KeyValuePair <int, int>(6, 2)] = tempString;
return(table);
}
private String getDataEntryHTML(DataEntry entry, RiskFactor riskFactor)
{
String HTML_TABLE_START = "<table border=\"1\">";
String HTML_TABLE_END = "</table>\n";
StringBuilder sb = new StringBuilder();
sb.Append("<H5>" + HTMLOutputFormater.forHTML(entry.getPluginName()) + "</H5>");
sb.Append(HTML_TABLE_START);
sb.Append("\n");
// Hosts Affected
sb.Append("<TR>\n");
sb.Append("<TD>Hosts Affected:</TD>\n");
sb.Append("<TD>");
foreach (String ip in entry.getIpList())
{
sb.Append(ip + "<br/>");
}
sb.Remove(sb.Length - 5, 5);
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Description
sb.Append("<TR>\n");
sb.Append("<TD>Description:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getDescription()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Impact
sb.Append("<TR>\n");
sb.Append("<TD>Impact:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getImpact()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Risk Level
sb.Append("<TR>\n");
sb.Append("<TD>Risk Level: </TD>\n");
sb.Append("<TD>");
sb.Append(RiskFactorFunction.getEnumString(riskFactor));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Recommendations
sb.Append("<TR>\n");
sb.Append("<TD>Recommendation:</TD>\n");
sb.Append("<TD>");
sb.Append(HTMLOutputFormater.forHTML(entry.getRecommendation()).Replace("\n", "<br/>"));
sb.Append("</TD>\n");
sb.Append("</TR>\n");
// Reference
bool hasRef = false;
sb.Append("<TR>\n");
sb.Append("<TD>Reference:</TD>\n");
sb.Append("<TD>");
// CVE
if (entry.getCve() != null)
{
hasRef = true;
sb.Append("CVE: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getCve()));
sb.Append("<br/>");
}
// BID
if (entry.getBid() != null)
{
hasRef = true;
sb.Append("BID: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getBid()));
sb.Append("<br/>");
}
// OSVDB
if (entry.getOsvdb() != null)
{
hasRef = true;
sb.Append("OSVDB: ");
sb.Append(HTMLOutputFormater.forHTML(entry.getOsvdb()));
sb.Append("<br/>");
}
if (hasRef)
{
sb.Remove(sb.Length - 5, 5);
}
else
{
sb.Append("N/A");
}
sb.Append("</TD>\n");
sb.Append("</TR>\n");
sb.Append(HTML_TABLE_END);
return(sb.ToString());
}
public RiskFactor Update(RiskFactor riskFactor)
{
_context.Entry(riskFactor).State = EntityState.Modified;
return(riskFactor);
}
