├── README.md └── parse_nessus_xml.v24.pl /README.md: -------------------------------------------------------------------------------- 1 | # Nessus Parser 2 | Nessus Parser from http://www.melcara.com/archives/253 3 | 4 | This is a program to parse a series of Nessus XMLv2 files into a XLSX file. The data from the XML file is placed into a series of tabs to for easier review and reporting. New features with this edition are better reporting of policy plugin families, user account reporting, summary graphs, and a home page with summary data. 5 | 6 | ## Install dependencies 7 | ```cpan install XML::TreePP Data::Dumper Math::Round Excel::Writer::XLSX Data::Table Excel::Writer::XLSX::Chart Getopt::Std``` 8 | 9 | ## Credits 10 | This script has been designed and maitained by Melcara. 11 | 12 | For more information and questions please contact Cody Dumont cody@melcara.com 13 | -------------------------------------------------------------------------------- /parse_nessus_xml.v24.pl: -------------------------------------------------------------------------------- 1 | #!/opt/local/bin/perl 2 | 3 | use strict; 4 | use XML::TreePP; 5 | use Data::Dumper; 6 | use Math::Round; 7 | use Excel::Writer::XLSX; 8 | use Data::Table; 9 | use Excel::Writer::XLSX::Chart; 10 | use Getopt::Std; 11 | #use Devel::Size qw(size total_size); ############# New module 12 | 13 | print ""; 14 | ## Copyright (C) 2016 Cody Dumont 15 | ## 16 | ## This program is free software; you can redistribute it and/or 17 | ## modify it under the terms of the GNU General Public License 18 | ## as published by the Free Software Foundation; either version 2 19 | ## of the License, or (at your option) any later version. 20 | ## 21 | ## This program is distributed in the hope that it will be useful, 22 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of 23 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 24 | ## GNU General Public License for more details. 25 | ## 26 | ## You should have received a copy of the GNU General Public License 27 | ## along with this program; if not, write to the Free Software 28 | ## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 29 | ## This is a program to parse a series of Nessus XMLv2 30 | ## files into a XLSX file. The data from the XML file is placed into a series 31 | ## of tabs to for easier review and reporting. New features with this edition 32 | ## are better reporting of policy plugin families, user account reporting, 33 | ## summary graphs, and a home page with summary data. For more information 34 | ## and questions please contact Cody Dumont cody@melcara.com 35 | ## 36 | ## Version 0.24 37 | 38 | our %recast_plugin; 39 | our (@installedSoftware,@portScanner,@vuln_entries,@host_scan_data,@WinWirelessSSID,@cpe_data,@PCIDSS,@ADUsers,@ScanInfo,@MS_Process_Info); 40 | our (@WinUserData,@WinUsers,@WinGuestUserData,@PasswordPolicyData,@WirelessAccessPointDetection,@DeviceType,@EnumLocalGrp); 41 | our $highvuln_cnt = 0; 42 | our $medvuln_cnt = 0; 43 | our $lowvuln_cnt = 0; 44 | our $nonevuln_cnt = 0; 45 | our $PolicySummaryReport_worksheet; 46 | our $PolicySummaryReport_cnt; 47 | our $center_format; 48 | our $center_border6_format; 49 | our $cell_format; 50 | our $wrap_text_format; 51 | our $workbook; 52 | my $is_domain_controller_users_checked = 0; 53 | our %complaince; 54 | our %compliance_summary; 55 | our %audit_result_type; 56 | our %vulnerability_data; 57 | our %ip_vuln_data; 58 | our %ms_process_cnt; 59 | our $home_url; 60 | our $url_format; 61 | my @targets; 62 | my $target_cnt; 63 | our $ip_add_regex = '(25[0-5]|[2][0-4][0-9]|1[0-9]{2}|[\d][\d]|[\d])(\.(25[0-5]|[2][0-4][0-9]|1[0-9]{2}|[\d][\d]|[\d])){3}'; 64 | my $dir; 65 | my $target_file; 66 | my @xml_files; 67 | our %cvss_score; 68 | our $port_scan_plugin = '(10335)|(34277)|(11219)|(14272)|(34220)'; 69 | our $installed_software_plugin = '(20811)|(58452)|(22869)'; 70 | our %total_discovered; 71 | our %vuln_totals; 72 | our @host_data; 73 | my @PolicyCompliance; 74 | my @policy_data; 75 | 76 | my $new_stuff = ' 77 | These are the new features with version 24 78 | 79 | 1. Fix regex \Q\E line est 1477,1484 v22 80 | 2. Removing plugin 33929 from High Vulns calculation 81 | 3. Removed Compliance from being part of High Vuln Calculation 82 | 4. Version 23 Skipped 83 | 5. reordered vuln data processing to not use as much memory. 84 | 6. 85 | 7. 86 | 8. 87 | 9. 88 | '; 89 | 90 | print $new_stuff; 91 | sleep 2; 92 | 93 | ##################### get arguments from the command 94 | my $help_msg = ' 95 | NAME 96 | parse_nessus_xml.v24.pl -- parse nessus v2 XML files into an XLSX file 97 | 98 | SYNOPSIS 99 | perl parse_nessus_xml.v24.pl [-vVhH] [-f file] [-d directory] [-r recast_file optional ] 100 | 101 | DESCRIPTION 102 | Nessus Parser v0.24 - This is a program to parse a series of Nessus XMLv2 103 | files into a XLSX file. The data from the XML file is placed into a series 104 | of tabs to for easier review and reporting. New features with this edition 105 | are better reporting of policy plugin families, user account reporting, 106 | summary graphs, and a home page with summary data. For more information 107 | and questions please contact Cody Dumont cody@melcara.com 108 | 109 | The Nessus parser requires some additional modules, they are: 110 | o XML::TreePP 111 | o Data::Dumper 112 | o Math::Round 113 | o Excel::Writer::XLSX 114 | o Data::Table 115 | o Excel::Writer::XLSX::Chart 116 | o Getopt::Std 117 | 118 | The options are as follows: 119 | -o Changes the filename prefix. The default prefix is "nessus_report". 120 | A time stamp is appended onto the prefix. An exmaple of the default 121 | file name is nessus_report_20130409162908.xlsx. if the "-o foobar" is 122 | passed, then the file name will be foobar_20130409162908.xlsx 123 | 124 | -d The target directory where the Nessus V2 XML files are located. 125 | This option will search the target directory files that end with 126 | XML, xml, or nessus extentions. Each file found will be check for 127 | Nessus V2 XML format. Each Nessus V2 XML file will be parsed and 128 | will be stored into an XLSX file. This option should not be used 129 | with any other option. 130 | 131 | -f The target file is a method to call a single file for parsing. 132 | With this method the XLSX file will be stored in the same folder 133 | as the XML. Please note if the path to file has a "SPACE" use 134 | double quotes around the file path and/or name. 135 | 136 | -r The Recast option is a feature request from user KurtW. Kurt wanted 137 | to be able to change the reported value of Nessus Plugin ID. While 138 | this is not recommended in many cases, in some instances the change 139 | may provide the Nessus user with more accurate report. 140 | To use this feature create a CSV file with three fields. 141 | 142 | Field 1: Nessus Plugin ID 143 | Field 2: Nessus-assigned Severity 144 | Field 3: Recasted (User-assigned) Severity 145 | 146 | Examples 147 | 148 | # Recast vulnerability SSL Certificate Cannot Be Trusted (Plugin ID 51192) from Medium to Critical 149 | 51192,2,4 150 | 151 | # Recast vulnerability MySQL 5.1 < 5.1.63 Multiple Vulnerabilities (Plugin ID 59448) from High to Low 152 | 59448,3,1 153 | 154 | # Recast vulnerability MS12-067: Vulnerabilities in FAST Search Server 2010 for Sharepoint RCE from High to Critical 155 | 62462,3,4 156 | 157 | The file would contain 3 lines. 158 | 51192,2,4 159 | 59448,3,1 160 | 62462,3,4 161 | 162 | The command used would be passed the -r recast.txt. See examples listed below. 163 | 164 | -v Print this help message. 165 | 166 | -h Print this help message. 167 | 168 | EXAMPLES 169 | The command: 170 | perl /path/to/script/parse_nessus_xml.v24.pl -v 171 | 172 | This command will print this help message. 173 | 174 | The command: 175 | perl /path/to/script/parse_nessus_xml.v24.pl -h 176 | 177 | This command will print this help message. 178 | 179 | The command: 180 | perl /path/to/script/parse_nessus_xml.v24.pl -d /foo/bar 181 | 182 | This command will seearch the direcoty specified by the "-d" option 183 | for Nessus XML v2 files and parse the files found. 184 | 185 | The command: 186 | perl /path/to/script/parse_nessus_xml.v24.pl -f /foo/bar/scan1.nessus 187 | ----- or ----- 188 | perl /path/to/script/parse_nessus_xml.v24.pl -f /foo/bar/scan1.nessus.xml 189 | 190 | This command will seearch the direcoty specified by the "-d" option 191 | for Nessus XML v2 files and parse the files found. 192 | 193 | The command: 194 | perl /path/to/script/parse_nessus_xml.v24.pl -f /foo/bar/scan1.nessus -r /path/to/script/recast.txt 195 | 196 | '; 197 | 198 | my $version = $ARGV[0]; 199 | my %opt; 200 | getopt('dfro', \%opt); 201 | 202 | if($version =~ /-(v|V|h|H)/){ 203 | print $help_msg;exit; 204 | } 205 | elsif($opt{"d"} && $opt{"f"}){ 206 | print "Please only use a file or directory as a command line argument.\n\n"; 207 | print $help_msg;exit; 208 | } 209 | elsif($opt{"d"}){ 210 | $dir = $opt{"d"}; 211 | print "The target directory is \"$dir\"\.\n"; 212 | opendir DIR, $dir; 213 | my @files = readdir(DIR); 214 | closedir DIR; 215 | my @xml = grep {$_ =~ /((xml)|(XML)|(nessus))$/} @files; 216 | #@xml_files = grep {$_ !~ /^\./} @xml_files; 217 | my @verified; 218 | my $eol_marker = $/; 219 | undef $/; 220 | 221 | foreach (@xml){ 222 | my $f = "$dir/$_"; 223 | open FILE, $f; 224 | my $tmp_data = ; 225 | close FILE; 226 | if($tmp_data =~ /(NessusClientData_v2)/m){print "File $_ is a Valid Nessus Ver2 format and will be parsed.\n\n";push @verified,$f} 227 | else{print "This file \"$_\" is not using the Nessus version 2 format, and will NOT be parsed!!!\n\n";} 228 | } 229 | # end of foreach (@xml) 230 | $/ = $eol_marker; 231 | @xml_files = @verified; 232 | } 233 | elsif($opt{"f"}){ 234 | $target_file = $opt{"f"}; 235 | print "The target file is \"$target_file\"\.\n"; 236 | my $eol_marker = $/; 237 | undef $/; 238 | open FILE, $target_file; 239 | my $tmp_data = ; 240 | close FILE; 241 | if($tmp_data =~ /(NessusClientData_v2)/m){ 242 | print "File $target_file is a Valid Nessus Ver2 format and will be parsed.\n\n"; 243 | my @dirs = split /\\|\//,$target_file; 244 | pop @dirs; 245 | if(!@dirs){push @dirs, "."} 246 | $dir = join "/", @dirs; 247 | push @xml_files, $target_file; 248 | 249 | print ""; 250 | } 251 | else{print "This file \"$target_file\" is not using the Nessus version 2 format, and will NOT be parsed!!!\n\n";exit;} 252 | $/ = $eol_marker; 253 | } 254 | else{ 255 | print $help_msg;exit; 256 | } 257 | 258 | if($opt{"r"}){ 259 | my $recast_file = $opt{"r"}; 260 | print "The recast option is selected, the recast definition file is \"$recast_file\"\.\nPlease note all the following Plugin ID's will have thier severity changed accordingly.\n\n"; 261 | open FILE, $recast_file or die "Can't open the $recast_file file\n"; 262 | my @tmp_data = ; 263 | close FILE; 264 | chomp @tmp_data; 265 | print "PLUGIN ID\tOLD SEV\tNEW SEV\n"; 266 | foreach my $p (@tmp_data){ 267 | my @t = split /\,/,$p; 268 | if($t[3]){print "There is a error in your RECAST file, please review the help message using the -h option.\n";exit;} 269 | print "$t[0]\t\t$t[1]\t$t[2]\n"; 270 | $recast_plugin{$t[0]}->{old} = $t[1]; 271 | $recast_plugin{$t[0]}->{new} = $t[2]; 272 | } 273 | } 274 | 275 | 276 | ################## end command arguments 277 | 278 | ###### Code contributed by Whinston Antion 279 | my $random_number = rand(); 280 | my $now_string = localtime; 281 | my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); 282 | my $report_prefix = "nessus_report"; 283 | if($opt{"o"}){$report_prefix = $opt{"o"}} 284 | my $report_file = sprintf("%4d%02d%02d%02d%02d%02d",($year + 1900),($mon+1),$mday,$hour,$min,$sec); 285 | ###### end contribution 286 | 287 | print " 288 | ################################################################################ 289 | NESSUS PARSER V0.24 290 | ################################################################################ 291 | "; 292 | 293 | ############################## START SUBROUTINES 294 | 295 | sub vulnerability_plugin_worksheet { 296 | my $vuln_type = $_[0]; 297 | my $tmp_worksheet = $_[1]; 298 | my $vuln_type_ctr = 2; 299 | $tmp_worksheet->write_url( 'A1', $home_url, $url_format, $_); 300 | $tmp_worksheet->keep_leading_zeros(); 301 | $tmp_worksheet->write(1, 0, 'File',$center_border6_format); 302 | $tmp_worksheet->write(1, 1, 'plugin Family',$center_border6_format); 303 | $tmp_worksheet->write(1, 2, 'plugin id',$center_border6_format); 304 | $tmp_worksheet->write(1, 3, 'plugin Name',$center_border6_format); 305 | $tmp_worksheet->write(1, 4, 'count',$center_border6_format); 306 | $tmp_worksheet->write(1, 5, 'Bid',$center_border6_format); 307 | $tmp_worksheet->write(1, 6, 'CVE',$center_border6_format); 308 | $tmp_worksheet->write(1, 7, 'OSVDB',$center_border6_format); 309 | $tmp_worksheet->write(1, 8, 'CVSS Vector',$center_border6_format); 310 | $tmp_worksheet->write(1, 9, 'CVSS Base Score',$center_border6_format); 311 | $tmp_worksheet->write(1, 10, 'CVSS Temporal Score',$center_border6_format); 312 | $tmp_worksheet->write(1, 11, 'Solution',$center_border6_format); 313 | $tmp_worksheet->write(1, 12, 'Description',$center_border6_format); 314 | $tmp_worksheet->write(1, 13, 'Exploitability Ease',$center_border6_format); 315 | $tmp_worksheet->write(1, 14, 'Exploit Available',$center_border6_format); 316 | $tmp_worksheet->write(1, 15, 'Exploit Framework Canvas',$center_border6_format); 317 | $tmp_worksheet->write(1, 16, 'Exploit Framework Metasploit',$center_border6_format); 318 | $tmp_worksheet->write(1, 17, 'Exploit Framework Core',$center_border6_format); 319 | $tmp_worksheet->write(1, 18, 'Metasploit Name',$center_border6_format); 320 | $tmp_worksheet->write(1, 19, 'Canvas Package',$center_border6_format); 321 | $tmp_worksheet->write(1, 20, 'Solution',$center_border6_format); 322 | $tmp_worksheet->write(1, 21, 'Synopsis',$center_border6_format); 323 | $tmp_worksheet->write(1, 22, 'plugin_publication_date',$center_border6_format); 324 | $tmp_worksheet->write(1, 23, 'plugin_modification_date',$center_border6_format); 325 | $tmp_worksheet->write(1, 24, 'patch_publication_date',$center_border6_format); 326 | $tmp_worksheet->write(1, 25, 'vuln_publication_date',$center_border6_format); 327 | 328 | $tmp_worksheet->freeze_panes('C3'); 329 | $tmp_worksheet->autofilter('A2:Z2'); 330 | $tmp_worksheet->set_column('A:A', 20); 331 | $tmp_worksheet->set_column('B:B', 25); 332 | $tmp_worksheet->set_column('C:C', 10); 333 | $tmp_worksheet->set_column('D:D', 35); 334 | $tmp_worksheet->set_column('E:H', 10); 335 | $tmp_worksheet->set_column('I:R', 35); 336 | $tmp_worksheet->set_column('S:S', 60); 337 | $tmp_worksheet->set_column('T:T', 60); 338 | $tmp_worksheet->set_column('U:U', 60); 339 | $tmp_worksheet->set_column('V:V', 60); 340 | $tmp_worksheet->set_column('W:Z', 20); 341 | foreach (@{$vulnerability_data{$vuln_type}}){ 342 | my @tmp = split /\,/, $_; 343 | $tmp_worksheet->write($vuln_type_ctr, 0, $tmp[4],$cell_format); 344 | $tmp_worksheet->write($vuln_type_ctr, 1, $tmp[5],$cell_format); 345 | $tmp_worksheet->write($vuln_type_ctr, 2, $tmp[0],$cell_format); 346 | $tmp_worksheet->write($vuln_type_ctr, 3, $tmp[3],$cell_format); 347 | $tmp_worksheet->write($vuln_type_ctr, 4, $tmp[2],$cell_format); 348 | $tmp_worksheet->write($vuln_type_ctr, 5, $tmp[6],$cell_format); 349 | $tmp_worksheet->write($vuln_type_ctr, 6, $tmp[7],$cell_format); 350 | $tmp_worksheet->write($vuln_type_ctr, 7, $tmp[8],$wrap_text_format); 351 | $tmp_worksheet->write($vuln_type_ctr, 8, $tmp[19],$cell_format); 352 | $tmp_worksheet->write($vuln_type_ctr, 9, $tmp[18],$cell_format); 353 | $tmp_worksheet->write($vuln_type_ctr, 10, $tmp[20],$cell_format); 354 | $tmp_worksheet->write($vuln_type_ctr, 11, $tmp[9],$wrap_text_format); 355 | $tmp_worksheet->write($vuln_type_ctr, 12, $tmp[10],$cell_format); 356 | $tmp_worksheet->write($vuln_type_ctr, 13, $tmp[11],$cell_format); 357 | $tmp_worksheet->write($vuln_type_ctr, 14, $tmp[12],$cell_format); 358 | $tmp_worksheet->write($vuln_type_ctr, 15, $tmp[13],$cell_format); 359 | $tmp_worksheet->write($vuln_type_ctr, 16, $tmp[14],$cell_format); 360 | $tmp_worksheet->write($vuln_type_ctr, 17, $tmp[15],$cell_format); 361 | $tmp_worksheet->write($vuln_type_ctr, 18, $tmp[16],$cell_format); 362 | $tmp_worksheet->write($vuln_type_ctr, 19, $tmp[17],$wrap_text_format); 363 | $tmp_worksheet->write($vuln_type_ctr, 20, $tmp[21],$cell_format); 364 | $tmp_worksheet->write($vuln_type_ctr, 21, $tmp[22],$cell_format); 365 | $tmp_worksheet->write($vuln_type_ctr, 22, $tmp[23],$cell_format); 366 | $tmp_worksheet->write($vuln_type_ctr, 23, $tmp[24],$cell_format); 367 | $tmp_worksheet->write($vuln_type_ctr, 24, $tmp[25],$cell_format); 368 | $tmp_worksheet->write($vuln_type_ctr, 25, $tmp[26],$cell_format); 369 | ++$vuln_type_ctr; 370 | } 371 | # end foreach (@criticalvuln) 372 | return $tmp_worksheet; 373 | } 374 | # end of sub vulnerability_plugin_worksheet 375 | 376 | sub compliance_worksheet { 377 | my $complaince_type = $_[0]; 378 | 379 | my $complaince_name = $complaince_type; 380 | $complaince_name =~ s/Compliance Checks//; 381 | $complaince_name =~ s/\s//g; 382 | $complaince_name =~ s/[[:punct:]]//g; 383 | 384 | my $complaince_name1 = substr ($complaince_name, 0, 23); 385 | $complaince_name = "$complaince_name1 Policy"; 386 | my $Compliance_ctr = 2; 387 | my $Compliance_worksheet = $workbook->add_worksheet($complaince_name); 388 | $Compliance_worksheet->write_url( 'A1', $home_url, $url_format, $_); 389 | $Compliance_worksheet->keep_leading_zeros(); 390 | $Compliance_worksheet->write(1, 0, 'File',$center_border6_format); 391 | $Compliance_worksheet->write(1, 1, 'IP Address',$center_border6_format); 392 | $Compliance_worksheet->write(1, 2, 'FQDN',$center_border6_format); 393 | $Compliance_worksheet->write(1, 3, 'PluginID',$center_border6_format); 394 | #$Compliance_worksheet->write(1, 4, 'protocol',$center_border6_format); 395 | $Compliance_worksheet->write(1, 4, 'Severity',$center_border6_format); 396 | #$Compliance_worksheet->write(1, 5, 'pluginFamily',$center_border6_format); 397 | $Compliance_worksheet->write(1, 5, 'Audit File',$center_border6_format); 398 | #$Compliance_worksheet->write(1, 6, 'Policy Type',$center_border6_format); 399 | $Compliance_worksheet->write(1, 6, 'Policy Setting',$center_border6_format); 400 | $Compliance_worksheet->write(1, 7, 'Result',$center_border6_format); 401 | $Compliance_worksheet->write(1, 8, 'System Value/Error Messages',$center_border6_format); 402 | $Compliance_worksheet->write(1, 9, 'Compliance Requirement',$center_border6_format); 403 | $Compliance_worksheet->write(1, 10, 'Description of Requirement',$center_border6_format); 404 | 405 | # JB Init Changes 406 | # add column for solution 407 | $Compliance_worksheet->write(1, 11, 'Solution',$center_border6_format); 408 | $Compliance_worksheet->write(1, 12, 'Authority Document',$center_border6_format); 409 | $Compliance_worksheet->write(1, 13, 'Cross References',$center_border6_format); 410 | ## End Init Changes 411 | 412 | $Compliance_worksheet->freeze_panes('C3'); 413 | $Compliance_worksheet->autofilter('A2:N2'); 414 | $Compliance_worksheet->set_column('A:N', 20); 415 | 416 | foreach (@{$complaince{$complaince_type}}){ 417 | my @tmp; 418 | my $remote_value; 419 | my @compliance_check_name = split / - /,$_->{vuln}->{'cm:compliance-check-name'}; 420 | #foreach my $k (keys %{$_->{vuln}}){$_->{vuln}->{"$k"} =~ s/\n/\|/g;} 421 | #if ($compliance_check_name[1] eq "") { 422 | # my @tmp = split /: /,$_->{vuln}->{'cm:compliance-check-name'}; 423 | # $compliance_check_name[0] = "$tmp[0] $tmp[1]"; 424 | # $compliance_check_name[1] = "$tmp[2]"; 425 | #} 426 | my $compliance_value; 427 | if ($_->{vuln}->{description} =~ /(?<=Remote value:).+?(?=^Policy value:)/ism){$remote_value = substr($_->{vuln}->{description},$-[0],$+[0]-$-[0]);} 428 | if ($_->{vuln}->{description} =~ /(?<=Policy value:).+?\Z/ism){$compliance_value = substr($_->{vuln}->{description},$-[0],$+[0]-$-[0]);} 429 | $remote_value =~ s/ {2,}\|\-|\r\n|\r|\n/ /g; 430 | $compliance_value =~ s/ {2,}\|\-|\r\n|\r|\n/ /g; 431 | $remote_value =~ s/ {2,}/ /g; 432 | $compliance_value =~ s/ {2,}/ /g; 433 | my $description = $_->{vuln}->{description}; 434 | $description =~ s/ {2,}\|\-|\r\n|\r|\n/ /g; 435 | $description =~ s/ {2,}/ /g; 436 | $_->{vuln}->{plugin_type} = $compliance_check_name[0]; 437 | $Compliance_worksheet->write($Compliance_ctr, 0, $_->{'file'},$cell_format); 438 | $Compliance_worksheet->write($Compliance_ctr, 1, $_->{'name'},$cell_format); 439 | $Compliance_worksheet->write($Compliance_ctr, 2, $_->{'fqdn'},$cell_format); 440 | $Compliance_worksheet->write($Compliance_ctr, 3, $_->{vuln}->{-pluginID},$cell_format);#PluginID 441 | #$Compliance_worksheet->write($Compliance_ctr, 4, $_->{vuln}->{-protocol},$cell_format);#protocol 442 | $Compliance_worksheet->write($Compliance_ctr, 4, $_->{vuln}->{-severity},$cell_format);#severity 443 | #$Compliance_worksheet->write($Compliance_ctr, 5, $_->{vuln}->{-pluginFamily},$cell_format);#pluginFamily 444 | $Compliance_worksheet->write($Compliance_ctr, 5, $_->{vuln}->{"cm:compliance-audit-file"},$cell_format); 445 | #$Compliance_worksheet->write($Compliance_ctr, 6, $compliance_check_name[0],$cell_format); #'Policy Type' 446 | $Compliance_worksheet->write($Compliance_ctr, 6, $_->{vuln}->{"cm:compliance-check-name"},$cell_format);#Check Name 447 | $Compliance_worksheet->write($Compliance_ctr, 7, $_->{vuln}->{'cm:compliance-result'},$wrap_text_format);#Result 448 | if ($_->{vuln}->{'cm:compliance-actual-value'} =~ /\=/) {$Compliance_worksheet->write($Compliance_ctr, 8, "\'$_->{vuln}->{'cm:compliance-actual-value'}",$wrap_text_format);} #System Value 449 | else{$Compliance_worksheet->write($Compliance_ctr, 8, $_->{vuln}->{'cm:compliance-actual-value'},$wrap_text_format);}#System Value 450 | $Compliance_worksheet->write($Compliance_ctr, 9, $_->{vuln}->{"cm:compliance-policy-value"},$cell_format);#Compliance Requirement 451 | $Compliance_worksheet->write($Compliance_ctr, 10, $_->{vuln}->{"cm:compliance-info"},$cell_format);#description of test 452 | 453 | ## JB Init Changes 454 | # Add write for soluton data 455 | $Compliance_worksheet->write($Compliance_ctr, 11, $_->{vuln}->{'cm:compliance-solution'},$wrap_text_format);#Solution 456 | $Compliance_worksheet->write($Compliance_ctr, 12, $_->{vuln}->{'cm:compliance-see-also'},$wrap_text_format);#See Also 457 | my $references = $_->{vuln}->{'cm:compliance-reference'}; 458 | $references =~ s/,/, /g; 459 | $Compliance_worksheet->write($Compliance_ctr, 13, $references,$wrap_text_format);#XRef 460 | ## End Init Changes 461 | 462 | ++$Compliance_ctr; 463 | $_->{vuln}->{'oringnal description'} = $_->{vuln}->{description}; 464 | $_->{vuln}->{'Result'} = $_->{vuln}->{'cm:compliance-result'}; 465 | $_->{vuln}->{'Policy Setting'} = $compliance_check_name[1]; 466 | $_->{vuln}->{'plugin_type'} = $compliance_check_name[0]; 467 | $_->{vuln}->{'remote_value'} = $_->{vuln}->{'cm:compliance-actual-value'}; 468 | $_->{vuln}->{'compliance_value'} = $compliance_value; 469 | $_->{vuln}->{'description'} = $description; 470 | if ($_->{vuln}->{description} =~ /(?<=^\").+?(?=\")/ism){$_->{vuln}->{'short description'} = substr($_->{vuln}->{description},$-[0],$+[0]-$-[0]);} 471 | $compliance_summary{$_->{vuln}->{-pluginName}}->{$_->{vuln}->{'cm:compliance-check-name'}}->{$_->{vuln}->{"cm:compliance-result"}}++; 472 | $audit_result_type{$_->{vuln}->{"cm:compliance-result"}}++; 473 | } 474 | # end foreach (@Compliance) 475 | return $Compliance_worksheet; 476 | } 477 | # end of sub compliance_worksheet 478 | 479 | sub host_summary_data { 480 | my @host_data = @{$_[0]}; 481 | my $search_item = $_[1]; 482 | my %host_seen_cnt; 483 | my @Host_uniq_cnt; 484 | foreach my $item (@host_data){ 485 | if ($search_item =~ /sev/){$host_seen_cnt{$item->{vuln_cnt}->{$search_item}}++} 486 | else{$host_seen_cnt{$item->{$search_item}}++} 487 | } 488 | return %host_seen_cnt; 489 | } 490 | # end of sub host_summary_data 491 | 492 | sub get_vuln_cnt{ 493 | my @vuln_array = @{$_[0]}; 494 | my %vuln_cnt = %{$_[1]}; 495 | my $plugin_family = $vuln_array[0]->{-pluginFamily}; 496 | if ($plugin_family eq ""){$plugin_family = "PortScan";} 497 | my $sev0 = grep {$_->{-severity} == 0} @vuln_array; 498 | my $sev1 = grep {$_->{-severity} == 1} @vuln_array; 499 | my $sev2 = grep {$_->{-severity} == 2} @vuln_array; 500 | my $sev3 = grep {$_->{-severity} == 3} @vuln_array; 501 | my $sev4 = grep {$_->{-severity} == 4} @vuln_array; 502 | $vuln_cnt{sev0} = $vuln_cnt{sev0} + $sev0; 503 | $vuln_cnt{sev1} = $vuln_cnt{sev1} + $sev1; 504 | $vuln_cnt{sev2} = $vuln_cnt{sev2} + $sev2; 505 | $vuln_cnt{sev3} = $vuln_cnt{sev3} + $sev3; 506 | $vuln_cnt{sev4} = $vuln_cnt{sev4} + $sev4; 507 | my %hash = ( 508 | sev0 => $sev0, 509 | sev1 => $sev1, 510 | sev2 => $sev2, 511 | sev3 => $sev3, 512 | sev4 => $sev4 513 | ); 514 | my %h2 = %hash; 515 | $vuln_cnt{$plugin_family} = \%h2; 516 | return %vuln_cnt; 517 | } 518 | # end of sub get_vuln_cnt 519 | 520 | sub vuln_seperate_by_plugin { 521 | my @plugin_data = @{$_[0]}; 522 | my @return_data; 523 | my %seen; 524 | my @uniq; 525 | foreach my $item (@plugin_data){my @tmp = split /\,/, $item;$seen{$tmp[5]}++} 526 | @return_data = keys %seen; 527 | foreach my $e (@return_data){ 528 | my %hash; 529 | $hash{$e} = grep {$_ =~ /,$e,/} @plugin_data; 530 | my @temp = grep {$_ =~ /,$e,/} @plugin_data; 531 | my $header = ["plugin id0","Severity1","count2","plugin Name3","File4","plugin Family5","Bid6","CVE7","OSVDB8","Solution9","Description10"]; 532 | my $pivot_data = \@temp; 533 | foreach my $p (@{$pivot_data}){ 534 | my @tmp = split /\,/,$p; 535 | $p = ["$tmp[0]","$tmp[1]","$tmp[2]","$tmp[3]","$tmp[4]","$tmp[5]","$tmp[6]","$tmp[7]","$tmp[8]","$tmp[9]","$tmp[10]"]; 536 | } 537 | my $t = new Data::Table($pivot_data, $header, 0); 538 | $t->sort("count2",0,1,"CVE7",1,0,"OSVDB8",1,0); 539 | my @t = @{$t->{data}}; 540 | undef @temp; 541 | @temp = splice @t,0,10; 542 | $hash{'entries'} = \@temp; 543 | $e = \%hash; 544 | } 545 | return @return_data, 546 | } 547 | # end of the seperate_by_plugin 548 | 549 | sub store_ad_users{ 550 | my $user_list = $_[0]; 551 | $user_list =~ s/ {2,}- |\)//g; 552 | $user_list =~ s/ \(/\|/g; 553 | $user_list =~ s/\, /\|/g; 554 | @ADUsers = split /\r\n|\r|\n/, $user_list; 555 | if($ADUsers[0] eq ""){shift @ADUsers} 556 | my $user_list_cnt = @ADUsers; 557 | my $splice_cnt = 0; 558 | if($ADUsers[0] eq ""){shift @ADUsers} 559 | foreach (@ADUsers){if ($_ eq ""){last;}++$splice_cnt;} 560 | splice @ADUsers,$splice_cnt; 561 | foreach (@ADUsers){ 562 | my @tmp = split /\|/, $_; 563 | my %hash; 564 | $hash{'name'} = $tmp[0]; 565 | $hash{'sid'} = $tmp[1]; 566 | if ($tmp[2] eq "Administrator account"){$hash{'type'} = "Domain Administrator account";} 567 | elsif ($tmp[2] eq "Guest account"){$hash{'type'} = "Domain Guest account";} 568 | elsif ($tmp[0] =~ /\$$/){$hash{'type'} = "Computer Account";} 569 | else{$hash{'type'} = "Domain User";} 570 | $_ = \%hash; 571 | } 572 | } 573 | # end of store_ad_users 574 | 575 | sub check_if_vuln_present{ 576 | my $vuln = $_[0]; 577 | my $file = $_[1]; 578 | my $plugin = $vuln->{-pluginID}; 579 | my $severity = $vuln->{-severity}; 580 | my $key = "$plugin\_$file"; 581 | my $pluginName = $vuln->{-pluginName}; 582 | $pluginName =~ s/\,//g; 583 | $vuln->{solution} =~ s/\,/\|/g; 584 | $vuln->{solution} =~ s/\n|\r/\ /g; 585 | $vuln->{description} =~ s/\,/\|/g; 586 | $vuln->{description} =~ s/\n|\r/\ /g; 587 | my $bid; 588 | if (ref $vuln->{bid} eq "ARRAY"){$bid = join "|", @{$vuln->{bid}}} 589 | elsif (ref $vuln->{bid} eq ""){$bid = $vuln->{bid}} 590 | my $cve; 591 | if (ref $vuln->{cve} eq "ARRAY"){$cve = join "|", @{$vuln->{cve}}} 592 | elsif (ref $vuln->{cve} eq ""){$cve = $vuln->{cve}} 593 | my $xref; 594 | if (ref $vuln->{xref} eq "ARRAY"){$xref = join "|", @{$vuln->{xref}}} 595 | elsif (ref $vuln->{xref} eq ""){$xref = $vuln->{xref}} 596 | 597 | my $plugin_cnt = 0; 598 | 599 | if ($severity == 0){ 600 | # @{$vulnerability_data{nonevuln}} 601 | my $plugin_test = grep /$vuln->{-pluginID}/, @{$vulnerability_data{nonevuln}}; 602 | my @found_plugin = grep /$vuln->{-pluginID}/, @{$vulnerability_data{nonevuln}}; 603 | 604 | if ($plugin_test == 0){ 605 | ++$plugin_cnt; 606 | $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 607 | push @{$vulnerability_data{nonevuln}}, $plugin 608 | } 609 | else{ 610 | my $found = 0; 611 | foreach (@{$vulnerability_data{nonevuln}}){ 612 | my @tmp = split /\,/, $_; 613 | my $entry = "$tmp[0]\_$tmp[4]"; 614 | if ($entry eq $key){++$tmp[2];$_ = join(",",@tmp);$found = 1;last;} 615 | } 616 | # end foreach 617 | if ($found == 0){ 618 | $plugin = "$plugin\,$severity\,1\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 619 | push @{$vulnerability_data{nonevuln}}, $plugin; 620 | } 621 | # end of if 622 | } 623 | #end else for test 624 | } 625 | elsif ($severity == 1){ 626 | # @{$vulnerability_data{lowvuln}} 627 | my $plugin_test = grep /$vuln->{-pluginID}/, @{$vulnerability_data{lowvuln}}; 628 | my @found_plugin = grep /$vuln->{-pluginID}/, @{$vulnerability_data{lowvuln}}; 629 | if ($plugin_test == 0){ 630 | ++$plugin_cnt; 631 | $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 632 | push @{$vulnerability_data{lowvuln}}, $plugin 633 | } 634 | else{ 635 | my $found = 0; 636 | foreach (@{$vulnerability_data{lowvuln}}){ 637 | my @tmp = split /\,/, $_; 638 | my $entry = "$tmp[0]\_$tmp[4]"; 639 | if ($entry eq $key){++$tmp[2];$_ = join(",",@tmp);$found = 1;last;} 640 | } 641 | # end foreach 642 | if ($found == 0){ 643 | $plugin = "$plugin\,$severity\,1\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 644 | push @{$vulnerability_data{lowvuln}}, $plugin; 645 | } 646 | # end if 647 | } #end else for test 648 | } 649 | elsif ($severity == 2){ 650 | my $plugin_test = grep /$vuln->{-pluginID}/, @{$vulnerability_data{medvuln}}; 651 | my @found_plugin = grep /$vuln->{-pluginID}/, @{$vulnerability_data{medvuln}}; 652 | if ($plugin_test == 0){ 653 | ++$plugin_cnt; 654 | $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 655 | push @{$vulnerability_data{medvuln}}, $plugin 656 | } 657 | else{ 658 | my $found = 0; 659 | foreach (@{$vulnerability_data{medvuln}}){ 660 | my @tmp = split /\,/, $_; 661 | my $entry = "$tmp[0]\_$tmp[4]"; 662 | if ($entry eq $key){++$tmp[2];$_ = join(",",@tmp);$found = 1;last;} 663 | } 664 | # end foreach 665 | if ($found == 0){ 666 | $plugin = "$plugin\,$severity\,1\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 667 | push @{$vulnerability_data{medvuln}}, $plugin; 668 | } 669 | # end if 670 | } 671 | #end else for test 672 | } 673 | elsif ($severity == 3){ 674 | my $plugin_test = grep /$vuln->{-pluginID}/, @{$vulnerability_data{highvuln}}; 675 | my @found_plugin = grep /$vuln->{-pluginID}/, @{$vulnerability_data{highvuln}}; 676 | if ($plugin_test == 0){ 677 | ++$plugin_cnt; 678 | $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 679 | push @{$vulnerability_data{highvuln}}, $plugin 680 | } 681 | else{ 682 | my $found = 0; 683 | foreach (@{$vulnerability_data{highvuln}}){ 684 | my @tmp = split /\,/, $_; 685 | my $entry = "$tmp[0]\_$tmp[4]"; 686 | if ($entry eq $key){++$tmp[2];$_ = join(",",@tmp);$found = 1;last;} 687 | } 688 | # end foreach 689 | if ($found == 0){ 690 | $plugin = "$plugin\,$severity\,1\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 691 | push @{$vulnerability_data{highvuln}}, $plugin; 692 | } 693 | # end if 694 | } 695 | #end else for test 696 | } 697 | elsif ($severity == 4){ 698 | my $plugin_test = grep /$vuln->{-pluginID}/, @{$vulnerability_data{criticalvuln}}; 699 | my @found_plugin = grep /$vuln->{-pluginID}/, @{$vulnerability_data{criticalvuln}}; 700 | if ($plugin_test == 0){ 701 | ++$plugin_cnt; 702 | $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 703 | push @{$vulnerability_data{criticalvuln}}, $plugin 704 | } 705 | else{ 706 | my $found = 0; 707 | foreach (@{$vulnerability_data{criticalvuln}}){ 708 | my @tmp = split /\,/, $_; 709 | my $entry = "$tmp[0]\_$tmp[4]"; 710 | if ($entry eq $key){++$tmp[2];$_ = join(",",@tmp);$found = 1;last;} 711 | } 712 | # end foreach 713 | if ($found == 0){ 714 | $plugin = "$plugin\,$severity\,1\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description},$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{solution},$vuln->{synopsis},$vuln->{plugin_publication_date},$vuln->{plugin_modification_date},$vuln->{patch_publication_date},$vuln->{vuln_publication_date}"; 715 | push @{$vulnerability_data{criticalvuln}}, $plugin; 716 | } 717 | # the if found statement 718 | } 719 | #end else for test 720 | } 721 | # end Sev 4 722 | # END of Vuln level checks 723 | } 724 | # END OF SUBROUTINE 725 | 726 | sub store_vuln{ 727 | my @vuln_array = @{$_[0]}; 728 | my $file = $_[1]; 729 | my $name = $_[2]; 730 | my $host_fqdn = $_[3]; 731 | my $netbios_name = $_[4]; 732 | my $operating_system = $_[5]; 733 | my %hash; 734 | $hash{'file'} = $file; 735 | $hash{'name'} = $name; 736 | $hash{'fqdn'} = $host_fqdn; 737 | $hash{'netbios_name'} = $netbios_name; 738 | $hash{'operating_system'} = $operating_system; 739 | print "Storing Vulnerability Data for $name\n"; 740 | 741 | foreach my $vuln (@vuln_array){ 742 | if ($vuln->{-pluginID} == 33929){print "Removing plugin 33929 from High Vulns calculation\n"} 743 | elsif ($vuln->{"cm:compliance-result"}) {"removing from the high vulns calculator\n"} 744 | else {$vuln_totals{$vuln->{-severity}}->{$vuln->{-pluginID}}++;} 745 | 746 | if ($vuln->{exploitability_ease} eq ""){$vuln->{exploitability_ease} = "N/A"} 747 | if ($vuln->{exploit_available} eq ""){$vuln->{exploit_available} = "N/A"} 748 | if ($vuln->{exploit_framework_canvas} eq ""){$vuln->{exploit_framework_canvas} = "N/A"} 749 | if ($vuln->{exploit_framework_metasploit} eq ""){$vuln->{exploit_framework_metasploit} = "N/A"} 750 | if ($vuln->{exploit_framework_core} eq ""){$vuln->{exploit_framework_core} = "N/A"} 751 | if ($vuln->{metasploit_name} eq ""){$vuln->{metasploit_name} = "N/A"} 752 | if ($vuln->{canvas_package} eq ""){$vuln->{canvas_package} = "N/A"} 753 | if ($vuln->{cvss_base_score} eq ""){$vuln->{cvss_base_score} = "N/A"} 754 | if ($vuln->{cvss_vector} eq ""){$vuln->{cvss_vector} = "N/A"} 755 | if ($vuln->{cvss_temporal_score} eq ""){$vuln->{cvss_temporal_score} = "N/A"} 756 | 757 | if($vuln->{-pluginID} =~ /$port_scan_plugin/){ 758 | $hash{'vuln'} = $vuln; 759 | my %h2 = %hash; 760 | push @portScanner,\%h2; 761 | } 762 | elsif($vuln->{-pluginID} =~ /$installed_software_plugin/){ 763 | $hash{'vuln'} = $vuln; 764 | my %h2 = %hash; 765 | push @installedSoftware,\%h2; 766 | } 767 | elsif ($vuln->{-pluginID} =~ /(33931)|(33930)|(33929)|(57581)|(56209)|(56208)/) { 768 | #33931 - PCI DSS Compliance: Tests Requirements 769 | #33929 - PCI DSS compliance 770 | #33930 - PCI DSS Compliance: Passed 771 | #57581 - PCI DSS Compliance : Database Reachable from the Internet 772 | #56209 - PCI DSS Compliance : Remote Access Software Has Been Detected 773 | #56208 - PCI DSS Compliance : Insecure Communication Has Been Detected 774 | $hash{'vuln'} = $vuln; 775 | my %h2 = %hash; 776 | push @PCIDSS,\%h2; 777 | #print "33929,33930,33931 - PCI DSS Compliance\n"; 778 | } 779 | elsif($vuln->{-pluginFamily} eq "Policy Compliance"){ 780 | # REMOVE 21156 - Windows Compliance Checks 781 | # Audit Checks 782 | if($vuln->{-pluginID} !~ /(66759)|(66757)|(66756)|(66758)|(33931)|(60020)|(33929)|(56209)|(56208)/){ 783 | $hash{'vuln'} = $vuln; 784 | my %h2 = %hash; 785 | push @{$complaince{$vuln->{-pluginName}}},\%h2; 786 | #print "$vuln->{-pluginID} - $vuln->{-pluginName}\n"; 787 | #print ""; 788 | } 789 | # end of if($vuln->{-pluginID} !~ /(66759)|(66757)|(66756)|(66758)/) 790 | } 791 | else{ 792 | if($vuln->{-pluginFamily} eq "" && $vuln->{-pluginName} eq ""){ 793 | $vuln->{-pluginFamily} = "PortScan"; 794 | $vuln->{-pluginName} = "$vuln->{-svc_name}"; 795 | $vuln->{-pluginID} = "$vuln->{-protocol}\-$vuln->{-port}"; 796 | } 797 | check_if_vuln_present($vuln,$file); 798 | } 799 | # end else statement 800 | 801 | if ($vuln->{-pluginName} eq "OS Identification"){ 802 | my @t1 = split /\n/, $vuln->{description}; 803 | my @t2 = split /\:/, $t1[1]; 804 | $vuln->{-pluginName} ="$vuln->{-pluginName} - $t2[1]"; 805 | } 806 | # end of if ($vuln->{-pluginName} eq "OS Identification") 807 | 808 | my $plugin_name = $vuln->{'-pluginName'}; 809 | 810 | if ($vuln->{plugin_output}) { 811 | $vuln->{plugin_output} =~ s/\n/\|/g; 812 | $vuln->{plugin_output} =~ s/\,/ /g; 813 | } 814 | # end of if ($vuln->{plugin_output}) 815 | 816 | if($vuln->{-pluginFamily} ne "Policy Compliance"){ 817 | if($vuln->{'-pluginID'} eq '33929'){ 818 | print ""; 819 | } 820 | 821 | my $r = "$file,$name,$host_fqdn,$vuln->{'-pluginID'},$vuln->{'-protocol'},$vuln->{'-port'},$vuln->{'-severity'},$vuln->{'-pluginFamily'},$plugin_name,$vuln->{exploitability_ease},$vuln->{exploit_available},$vuln->{exploit_framework_canvas},$vuln->{exploit_framework_metasploit},$vuln->{exploit_framework_core},$vuln->{metasploit_name},$vuln->{canvas_package},$vuln->{cvss_base_score},$vuln->{cvss_vector},$vuln->{cvss_temporal_score},$vuln->{plugin_output}"; 822 | push @host_scan_data,$r; 823 | } 824 | # end of if($vuln->{-pluginFamily} ne "Policy Compliance") 825 | } 826 | # end foreach 827 | } 828 | # end of subrooutine 829 | 830 | sub normalizeHostData { 831 | my @report_data = @{$_[0]}; 832 | 833 | foreach my $host (@report_data){ 834 | my @HostReport; 835 | my $is_domain_controller = 0; 836 | my $temp_domain_list; 837 | $host->{"DomainController"} = "N"; 838 | #### NEW ARRAYS 839 | my @aix_local_security_checks; 840 | my @amazon_linux_local_security_checks; 841 | my @backdoors; 842 | my @centos_local_security_checks; 843 | my @cgi_abuses; 844 | my @cgi_abuses_xss; 845 | my @cisco; 846 | my @databases; 847 | my @debian_local_security_checks; 848 | my @default_unix_accounts; 849 | my @denial_of_service; 850 | my @dns; 851 | my @F5_Networks_Local_Security_Checks; 852 | my @fedora_local_security_checks; 853 | my @finger_abuses; 854 | my @firewalls; 855 | my @freebsd_local_security_checks; 856 | my @ftp; 857 | my @gain_a_shell_remotely; 858 | my @general; 859 | my @gentoo_local_security_checks; 860 | my @hp_ux_local_security_checks; 861 | my @Huawei_Local_Security_Checks; 862 | my @junos_local_security_checks; 863 | my @macos_x_local_security_checks; 864 | my @mandriva_local_security_checks; 865 | my @misc; 866 | my @mobile_devices; 867 | my @netware; 868 | my @oracle_linux_local_security_checks; 869 | my @OracleVM_Local_Security_Checks; 870 | my @peer_to_peer_file_sharing; 871 | my @Palo_Alto_Local_Security_Checks; 872 | my @policy_compliance; 873 | my @port_scanners; 874 | my @red_hat_local_security_checks; 875 | my @rpc; 876 | my @scada; 877 | my @scientific_linux_local_security_checks; 878 | my @service_detection; 879 | my @settings; 880 | my @slackware_local_security_checks; 881 | my @smtp_problems; 882 | my @snmp; 883 | my @solaris_local_security_checks; 884 | my @suse_local_security_checks; 885 | my @ubuntu_local_security_checks; 886 | my @vmware_esx_local_security_checks; 887 | my @web_servers; 888 | my @windows; 889 | my @windows_microsoft_bulletins; 890 | my @windows_user_management; 891 | my @port_scan; 892 | my @WindowsUserManagement; 893 | my @IncidentResponse; 894 | #### END OF NEW ARRAYS 895 | 896 | if(ref ($host->{host_report}) eq "ARRAY"){@HostReport = @{$host->{host_report}};} 897 | elsif(ref ($host->{host_report}) eq "HASH"){push @HostReport,$host->{host_report};} 898 | 899 | foreach my $h_report (@HostReport){ 900 | ### Find the Domain Controller 901 | my $is_domain_controller = 0; 902 | #print "$h_report->{'-pluginID'} \n"; 903 | 904 | # store data in the %ip_vuln_data hash 905 | $ip_vuln_data{$host->{file}}->{$h_report->{-severity}}->{$h_report->{-pluginID}}->{pluginName} = $h_report->{-pluginName}; 906 | if ($host->{'host-ip'} eq "") {$ip_vuln_data{$host->{file}}->{$h_report->{-severity}}->{$h_report->{-pluginID}}->{ip}->{$host->{'name'}}++;} 907 | else{$ip_vuln_data{$host->{file}}->{$h_report->{-severity}}->{$h_report->{-pluginID}}->{ip}->{$host->{'host-ip'}}++;} 908 | 909 | # 70329 - process info 910 | if ($h_report->{-pluginID} == 70329){ 911 | my %process_info = ( 912 | 'fqdn' => $host->{"host-fqdn"}, 913 | 'host-ip' => $host->{"host-ip"}, 914 | 'file' => $host->{file}, 915 | 'name' => $host->{name}, 916 | 'netbios-name' => $host->{"netbios-name"}, 917 | ); 918 | my $process_info = $h_report->{plugin_output}; 919 | $process_info =~ s/^Process Overview : \n//; 920 | $process_info =~ s/^SID: Process \(PID\)\n//; 921 | $process_info =~ s/Process_Information.+process.$//; 922 | $process_info =~ s/\n\n\n$//; 923 | my @tmp_process = split /\n/,$process_info; 924 | foreach my $tp (@tmp_process){ 925 | my $tp1 = $tp; 926 | $tp1 =~ s/^\s\d\s:\s+(((\||)((\-\s)|))|)//; 927 | $tp1 =~ s/\s\(\d+\)//; 928 | $ms_process_cnt{$tp1}->{$host->{"host-ip"}}++; 929 | } 930 | # end of foreach my $tp (@tmp_process) 931 | $process_info{processes} = \@tmp_process; 932 | push @MS_Process_Info, \%process_info; 933 | } 934 | # end of 70329 - process info 935 | 936 | #Device Type 937 | if ($h_report->{-pluginID} == 54615) { 938 | my %device_hash = ( 939 | 'fqdn' => $host->{"host-fqdn"}, 940 | 'host-ip' => $host->{"host-ip"}, 941 | 'file' => $host->{file}, 942 | 'name' => $host->{name}, 943 | 'netbios-name' => $host->{"netbios-name"}, 944 | ); 945 | 946 | my $deviceData = $h_report->{plugin_output}; 947 | $deviceData =~ s/\n/ /g; 948 | if ($deviceData =~ /(?<=type : ).*(?=Confidence )/) {$device_hash{type} = substr($deviceData,$-[0],$+[0]-$-[0])} 949 | if ($deviceData =~ /Confidence level : \d+/) { 950 | $device_hash{confidenceLevel} = substr($deviceData,$-[0],$+[0]-$-[0]); 951 | $device_hash{confidenceLevel} =~ s/Confidence level : //; 952 | } 953 | push @DeviceType, \%device_hash; 954 | } 955 | #End of Device Type 956 | 957 | # Enumerate Local Group Memberships 958 | if ($h_report->{-pluginID} == 71246){ 959 | my %EnumLocalGrp = ( 960 | 'fqdn' => $host->{"host-fqdn"}, 961 | 'host-ip' => $host->{"host-ip"}, 962 | 'file' => $host->{file}, 963 | 'name' => $host->{name}, 964 | 'netbios-name' => $host->{"netbios-name"}, 965 | ); 966 | 967 | my $EnumLocalGrp = $h_report->{plugin_output}; 968 | $EnumLocalGrp =~ s/\n/;/g; 969 | my @tmp_grp = split ";;",$EnumLocalGrp; 970 | foreach my $g (@tmp_grp){ 971 | my $grp = {}; 972 | my ($grp_attrib,$members) = split /\;Members/,$g; 973 | my @t2 = split /;/,$grp_attrib; 974 | foreach my $t3 (@t2){ 975 | my @t3 = split /\s+:\s/,$t3; 976 | $grp->{$t3[0]} = $t3[1]; 977 | } 978 | # end of foreach my $t3 (@t2){ 979 | if ($members =~ /^\s+:\s$/) { 980 | my @t3; 981 | push @t3, 'none'; 982 | $grp->{members} = \@t3; 983 | } 984 | else{ 985 | my @t3 = split /;\s+Name\s+:\s+/,$members; 986 | if ($t3[0] =~ /\s+\:\s/) {shift @t3} 987 | foreach my $t4 (@t3){ 988 | my $member = {}; 989 | $t4 = "; Name : $t4"; 990 | my @t4 = split /;\s+/,$t4; 991 | if ($t4[0] eq '') {shift @t4} 992 | foreach my $t5 (@t4){ 993 | my ($k,$v) = split /\s+:\s+/,$t5; 994 | $member->{$k} = $v; 995 | } 996 | # end of foreach my $t5 (@t4) 997 | push @{$grp->{members}},$member 998 | } 999 | # end of foreach my $t4 (@t3) 1000 | print ""; 1001 | } 1002 | # end of if $members 1003 | print ""; 1004 | $g = $grp; 1005 | } 1006 | # end of foreach my $g (@tmp_grp) 1007 | $EnumLocalGrp{groups} = \@tmp_grp; 1008 | push @EnumLocalGrp, \%EnumLocalGrp; 1009 | } 1010 | # end of if ($h_report->{-pluginID} == 71246) 1011 | 1012 | # CPE info 1013 | if ($h_report->{cpe}) { 1014 | my %cpe_hash = ( 1015 | 'pluginID' => $h_report->{'-pluginID'}, 1016 | 'cpe' => $h_report->{cpe}, 1017 | 'fqdn' => $host->{"host-fqdn"}, 1018 | 'host-ip' => $host->{"host-ip"}, 1019 | 'file' => $host->{file}, 1020 | 'name' => $host->{name}, 1021 | 'netbios-name' => $host->{"netbios-name"}, 1022 | 'pluginFamily' => $h_report->{-pluginFamily}, 1023 | 'pluginName' => $h_report->{-pluginName}, 1024 | 'cpe-source' => 'vuln' 1025 | ); 1026 | push @cpe_data, \%cpe_hash; 1027 | } 1028 | # end of CPE info 1029 | 1030 | if($h_report->{'-pluginID'} == 45590){ 1031 | my @cpe_tmp = split /\n/,$h_report->{plugin_output}; 1032 | foreach my $cpe_tmp_e (@cpe_tmp){ 1033 | if ($cpe_tmp_e =~ /cpe\:\/(o|a|h)/) { 1034 | $cpe_tmp_e =~ s/\s//g; 1035 | my %cpe_hash = ( 1036 | 'pluginID' => $h_report->{'-pluginID'}, 1037 | 'cpe' => $cpe_tmp_e, 1038 | 'fqdn' => $host->{"host-fqdn"}, 1039 | 'host-ip' => $host->{"host-ip"}, 1040 | 'file' => $host->{file}, 1041 | 'name' => $host->{name}, 1042 | 'netbios-name' => $host->{"netbios-name"}, 1043 | 'pluginFamily' => $h_report->{-pluginFamily}, 1044 | 'pluginName' => $h_report->{-pluginName}, 1045 | 'cpe-source' => 'cpe' 1046 | ); 1047 | push @cpe_data, \%cpe_hash; 1048 | } 1049 | # end of if ($cpe_tmp_e =~ /cpe\:\/(o|a)/) 1050 | } 1051 | # foreach my $cpe_tmp_e (@cpe_tmp) 1052 | } 1053 | # if($h_report->{'-pluginID'} == 45590) 1054 | 1055 | # @ScanInfo 1056 | if($h_report->{'-pluginID'} == 19506){ 1057 | my $scan_info = $h_report; 1058 | $scan_info->{"host-ip"} = $host->{"host-ip"}; 1059 | $scan_info->{file} = $host->{file}; 1060 | $scan_info->{name} = $host->{name}; 1061 | $scan_info->{"operating-system"} = $host->{"operating-system"}; 1062 | $scan_info->{"system-type"} = $host->{"system-type"}; 1063 | $scan_info->{HOST_END} = $host->{HOST_END}; 1064 | $scan_info->{HOST_START} = $host->{HOST_START}; 1065 | push @ScanInfo, $scan_info; 1066 | } 1067 | # end of if($h_report->{'-pluginID'} == 19506) 1068 | 1069 | if($opt{r} ne "" && $recast_plugin{$h_report->{'-pluginID'}}->{old} eq $h_report->{-severity}){ 1070 | $h_report->{-severity} = $recast_plugin{$h_report->{'-pluginID'}}->{new} 1071 | } 1072 | # end of if($opt{r} ne "" && $recast_plugin{$h_report->{'-pluginID'}}->{old} eq $h_report->{-severity}) 1073 | 1074 | if($h_report->{'-pluginID'} =~ /11026/){ 1075 | my %wap_host; 1076 | $wap_host{'host-fqdn'} = $host->{'host-fqdn'}; 1077 | $wap_host{"host-ip"} = $host->{"host-ip"}; 1078 | $wap_host{"mac-address"} = $host->{"mac-address"}; 1079 | $wap_host{name} = $host->{name}; 1080 | $wap_host{"operating-system"} = $host->{"operating-system"}; 1081 | $wap_host{"system-type"} = $host->{"system-type"}; 1082 | $wap_host{"plugin-output"} = $h_report->{plugin_output}; 1083 | $wap_host{"plugin-output"} =~ s/\n/ /g; 1084 | push @WirelessAccessPointDetection,\%wap_host; 1085 | } 1086 | # end of if($h_report->{'-pluginID'} =~ /11026/) 1087 | 1088 | if($h_report->{'-pluginID'} =~ /25197/){ 1089 | my %ssid_host; 1090 | $ssid_host{'host-fqdn'} = $host->{'host-fqdn'}; 1091 | $ssid_host{"host-ip"} = $host->{"host-ip"}; 1092 | $ssid_host{"mac-address"} = $host->{"mac-address"}; 1093 | $ssid_host{name} = $host->{name}; 1094 | $ssid_host{"operating-system"} = $host->{"operating-system"}; 1095 | $ssid_host{"system-type"} = $host->{"system-type"}; 1096 | my $regex_net_card = '(?<=Network card type : ).*($)'; 1097 | my $regex_ssid = '(?<=Network SSID : ).*($)'; 1098 | if($h_report->{plugin_output} =~ /$regex_net_card/m){$ssid_host{"nic"} = substr($h_report->{plugin_output},$-[0],$+[0]-$-[0])} 1099 | if($h_report->{plugin_output} =~ /$regex_ssid/m){$ssid_host{"ssid"} = substr($h_report->{plugin_output},$-[0],$+[0]-$-[0])} 1100 | push @WinWirelessSSID, \%ssid_host; 1101 | } 1102 | # end of if($h_report->{'-pluginID'} =~ /25197/) 1103 | 1104 | if($h_report->{'-pluginID'} =~ /10413/ && $ADUsers[0] eq "" && $temp_domain_list eq ""){ 1105 | $is_domain_controller = 1; 1106 | $host->{"DomainController"} = "Y"; 1107 | } 1108 | elsif($h_report->{'-pluginID'} =~ /10413/ && $ADUsers[0] eq "" && $temp_domain_list ne ""){ 1109 | store_ad_users($temp_domain_list); 1110 | $host->{"DomainController"} = "Y"; 1111 | } 1112 | elsif($h_report->{'-pluginID'} =~ /10860/ && $ADUsers[0] eq "" && $is_domain_controller == 0){ 1113 | $temp_domain_list = $h_report->{plugin_output}; 1114 | } 1115 | elsif($h_report->{'-pluginID'} =~ /10860/ && $ADUsers[0] eq "" && $is_domain_controller == 1){ 1116 | print "\n\n";print '$h_report->{\'-pluginID\'} =~ /10860/ && $ADUsers[0] eq "" && $is_domain_controller == 1'; 1117 | } 1118 | elsif($h_report->{'-pluginID'} =~ /10860/ && $ADUsers[0] ne "" && $is_domain_controller == 0){ 1119 | $temp_domain_list = $h_report->{plugin_output}; 1120 | } 1121 | elsif($h_report->{'-pluginID'} =~ /10413/ && $ADUsers[0] ne "" && $temp_domain_list ne ""){ 1122 | store_ad_users($temp_domain_list); 1123 | $host->{"DomainController"} = "Y"; 1124 | } 1125 | # end of if..elsif 1126 | 1127 | if($h_report->{-pluginID} =~ /(10413)|(17651)|(10916)|(10915)|(10914)|(10913)|(10912)|(10911)|(10910)|(10908)|(10907)|(10906)|(10905)|(10904)|(10903)|(10902)|(10901)|(10900)|(10899)|(10898)|(10897)|(10896)|(10895)|(10894)|(10893)|(10892)|(10860)|(10399)/){ 1128 | #10413 - Microsoft Windows SMB Registry : Remote PDC/BDC Detection 1129 | #17651 - Microsoft Windows SMB : Obtains the Password Policy 1130 | #10916 - Microsoft Windows - Local Users Information : Passwords never expire 1131 | #10915 - Microsoft Windows - Local Users Information : User has never logged on 1132 | #10914 - Microsoft Windows - Local Users Information : Never changed passwords 1133 | #10913 - Microsoft Windows - Local Users Information : Disabled accounts 1134 | #10912 - Microsoft Windows - Local Users Information : Can't change password 1135 | #10911 - Microsoft Windows - Local Users Information : Automatically disabled accounts 1136 | #10910 - Microsoft Windows Local User Information 1137 | #10908 - Microsoft Windows 'Domain Administrators' Group User List 1138 | #10907 - Microsoft Windows Guest Account Belongs to a Group 1139 | #10906 - Microsoft Windows 'Replicator' Group User List 1140 | #10905 - Microsoft Windows 'Print Operators' Group User List 1141 | #10904 - Microsoft Windows 'Backup Operators' Group User List 1142 | #10903 - Microsoft Windows 'Server Operators' Group User List 1143 | #10902 - Microsoft Windows 'Administrators' Group User List 1144 | #10901 - Microsoft Windows 'Account Operators' Group User List 1145 | #10900 - Microsoft Windows - Users Information : Passwords never expires 1146 | #10899 - Microsoft Windows - Users Information : User has never logged in 1147 | #10898 - Microsoft WIndows - Users Information : Never changed password 1148 | #10897 - Microsoft Windows - Users Information : disabled accounts 1149 | #10896 - Microsoft Windows - Users Information : Can't change password 1150 | #10895 - Microsoft Windows - Users Information : automatically disabled accounts 1151 | #10894 - Microsoft Windows User Groups List 1152 | #10893 - Microsoft Windows User Aliases List 1153 | #10892 - Microsoft Windows Domain User Information 1154 | #10860 - SMB Use Host SID to Enumerate Local Users 1155 | #10399 - SMB Use Domain SID to Enumerate Users 1156 | push @WindowsUserManagement,$h_report; 1157 | } 1158 | # end of if($h_report->{-pluginID} =~ /10413|17651|10916|10915|10914|10913|10912|10911|10910|10908|10907|10906|10905|10904|10903|10902|10901|10900|10899|10898|10897|10896|10895|10894|10893|10892|10860|10399/) 1159 | 1160 | if($h_report->{-pluginID} =~ /10150/){ 1161 | if ($h_report->{plugin_output} =~ /(?<=Computer name\s ).+?(?= {2,}\= Workgroup)/){ 1162 | $host->{'AD Domain Name'} = substr($h_report->{plugin_output},$-[0],$+[0]-$-[0]); 1163 | } 1164 | # end of if 1165 | } 1166 | # end of ifif($h_report->{-pluginID} =~ /10150/) 1167 | if($h_report->{'-pluginFamily'} =~ /AIX Local Security Checks/){push @aix_local_security_checks, $h_report;} 1168 | elsif($h_report->{'-pluginFamily'} =~ /Amazon Linux Local Security Checks/){push @amazon_linux_local_security_checks, $h_report;} 1169 | elsif($h_report->{'-pluginFamily'} =~ /Backdoors/){push @backdoors, $h_report;} 1170 | elsif($h_report->{'-pluginFamily'} =~ /CentOS Local Security Checks/){push @centos_local_security_checks, $h_report;} 1171 | elsif($h_report->{'-pluginFamily'} =~ /CGI abuses/){push @cgi_abuses, $h_report;} 1172 | elsif($h_report->{'-pluginFamily'} =~ /CGI abuses : XSS/){push @cgi_abuses_xss, $h_report;} 1173 | elsif($h_report->{'-pluginFamily'} =~ /CISCO/){push @cisco, $h_report;} 1174 | elsif($h_report->{'-pluginFamily'} =~ /Databases/){push @databases, $h_report;} 1175 | elsif($h_report->{'-pluginFamily'} =~ /Debian Local Security Checks/){push @debian_local_security_checks, $h_report;} 1176 | elsif($h_report->{'-pluginFamily'} =~ /Default Unix Accounts/){push @default_unix_accounts, $h_report;} 1177 | elsif($h_report->{'-pluginFamily'} =~ /Denial of Service/){push @denial_of_service, $h_report;} 1178 | elsif($h_report->{'-pluginFamily'} =~ /DNS/){push @dns, $h_report;} 1179 | elsif($h_report->{'-pluginFamily'} =~ /F5 Networks Local Security Checks/){push @F5_Networks_Local_Security_Checks, $h_report;} 1180 | elsif($h_report->{'-pluginFamily'} =~ /Fedora Local Security Checks/){push @fedora_local_security_checks, $h_report;} 1181 | elsif($h_report->{'-pluginFamily'} =~ /Finger abuses/){push @finger_abuses, $h_report;} 1182 | elsif($h_report->{'-pluginFamily'} =~ /Firewalls/){push @firewalls, $h_report;} 1183 | elsif($h_report->{'-pluginFamily'} =~ /FreeBSD Local Security Checks/){push @freebsd_local_security_checks, $h_report;} 1184 | elsif($h_report->{'-pluginFamily'} =~ /FTP/){push @ftp, $h_report;} 1185 | elsif($h_report->{'-pluginFamily'} =~ /Gain a shell remotely/){push @gain_a_shell_remotely, $h_report;} 1186 | elsif($h_report->{'-pluginFamily'} =~ /General/){push @general, $h_report;} 1187 | elsif($h_report->{'-pluginFamily'} =~ /Gentoo Local Security Checks/){push @gentoo_local_security_checks, $h_report;} 1188 | elsif($h_report->{'-pluginFamily'} =~ /HP-UX Local Security Checks/){push @hp_ux_local_security_checks, $h_report;} 1189 | elsif($h_report->{'-pluginFamily'} =~ /Huawei Local Security Checks/){push @Huawei_Local_Security_Checks, $h_report;} 1190 | elsif($h_report->{'-pluginFamily'} =~ /Junos Local Security Checks/){push @junos_local_security_checks, $h_report;} 1191 | elsif($h_report->{'-pluginFamily'} =~ /MacOS X Local Security Checks/){push @macos_x_local_security_checks, $h_report;} 1192 | elsif($h_report->{'-pluginFamily'} =~ /Mandriva Local Security Checks/){push @mandriva_local_security_checks, $h_report;} 1193 | elsif($h_report->{'-pluginFamily'} =~ /Misc./){push @misc, $h_report;} 1194 | elsif($h_report->{'-pluginFamily'} =~ /Mobile Devices/){push @mobile_devices, $h_report;} 1195 | elsif($h_report->{'-pluginFamily'} =~ /Netware/){push @netware, $h_report;} 1196 | elsif($h_report->{'-pluginFamily'} =~ /OracleVM Local Security Checks/){push @OracleVM_Local_Security_Checks, $h_report;} 1197 | elsif($h_report->{'-pluginFamily'} =~ /Oracle Linux Local Security/){push @oracle_linux_local_security_checks, $h_report;} 1198 | elsif($h_report->{'-pluginFamily'} =~ /Palo Alto Local Security Checks/){push @Palo_Alto_Local_Security_Checks, $h_report;} 1199 | elsif($h_report->{'-pluginFamily'} =~ /Peer-To-Peer File Sharing/){push @peer_to_peer_file_sharing, $h_report;} 1200 | elsif($h_report->{'-pluginFamily'} =~ /Policy Compliance/){push @policy_compliance, $h_report;} 1201 | elsif($h_report->{'-pluginFamily'} =~ /Port scanners/){push @port_scanners, $h_report;} 1202 | elsif($h_report->{'-pluginFamily'} =~ /Red Hat Local Security Checks/){push @red_hat_local_security_checks, $h_report;} 1203 | elsif($h_report->{'-pluginFamily'} =~ /RPC/){push @rpc, $h_report;} 1204 | elsif($h_report->{'-pluginFamily'} =~ /SCADA/){push @scada, $h_report;} 1205 | elsif($h_report->{'-pluginFamily'} =~ /Scientific Linux Local Security Checks/){push @scientific_linux_local_security_checks, $h_report;} 1206 | elsif($h_report->{'-pluginFamily'} =~ /Service detection/){push @service_detection, $h_report;} 1207 | elsif($h_report->{'-pluginFamily'} =~ /Settings/){push @settings, $h_report;} 1208 | elsif($h_report->{'-pluginFamily'} =~ /Slackware Local Security Checks/){push @slackware_local_security_checks, $h_report;} 1209 | elsif($h_report->{'-pluginFamily'} =~ /SMTP problems/){push @smtp_problems, $h_report;} 1210 | elsif($h_report->{'-pluginFamily'} =~ /SNMP/){push @snmp, $h_report;} 1211 | elsif($h_report->{'-pluginFamily'} =~ /Solaris Local Security Checks/){push @solaris_local_security_checks, $h_report;} 1212 | elsif($h_report->{'-pluginFamily'} =~ /SuSE Local Security Checks/){push @suse_local_security_checks, $h_report;} 1213 | elsif($h_report->{'-pluginFamily'} =~ /Ubuntu Local Security Checks/){push @ubuntu_local_security_checks, $h_report;} 1214 | elsif($h_report->{'-pluginFamily'} =~ /VMware ESX Local Security Checks/){push @vmware_esx_local_security_checks, $h_report;} 1215 | elsif($h_report->{'-pluginFamily'} =~ /Web Servers/){push @web_servers, $h_report;} 1216 | elsif($h_report->{'-pluginFamily'} =~ /Windows : Microsoft Bulletins/){push @windows_microsoft_bulletins, $h_report;} 1217 | elsif($h_report->{'-pluginFamily'} =~ /Windows : User management/){push @windows_user_management, $h_report;} 1218 | elsif($h_report->{'-pluginFamily'} =~ /Windows/){push @windows, $h_report;} 1219 | elsif($h_report->{'-pluginFamily'} =~ /Incident Response/){push @IncidentResponse, $h_report;} 1220 | elsif($h_report->{'-pluginFamily'} eq ""){push @port_scan, $h_report;} 1221 | else{ print "\nThere is a new plugin family added, it is $h_report->{'-pluginFamily'}\n";exit;} 1222 | 1223 | if ($h_report->{cvss_base_score} || $h_report->{cvss_vector} || $h_report->{cvss_temporal_score}) { 1224 | if (not defined $cvss_score{$host->{"host-ip"}}) { 1225 | $cvss_score{$host->{"host-ip"}}->{critical_base_score} = 0; 1226 | $cvss_score{$host->{"host-ip"}}->{high_base_score} = 0; 1227 | $cvss_score{$host->{"host-ip"}}->{med_base_score} = 0; 1228 | $cvss_score{$host->{"host-ip"}}->{critical_temporal_score} = 0; 1229 | $cvss_score{$host->{"host-ip"}}->{high_temporal_score} = 0; 1230 | $cvss_score{$host->{"host-ip"}}->{med_temporal_score} = 0; 1231 | } 1232 | # end of if (not defined $cvss_score{$host->{"host-ip"}}) 1233 | if ($h_report->{-severity} == 4) { 1234 | if ($h_report->{cvss_base_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{critical_base_score} = $cvss_score{$host->{"host-ip"}}->{critical_base_score} + $h_report->{cvss_base_score}} 1235 | if ($h_report->{cvss_temporal_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{critical_temporal_score} = $cvss_score{$host->{"host-ip"}}->{critical_temporal_score} + $h_report->{cvss_temporal_score}} 1236 | } 1237 | elsif ($h_report->{-severity} == 3) { 1238 | 1239 | if ($h_report->{cvss_base_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{high_base_score} = $cvss_score{$host->{"host-ip"}}->{high_base_score} + $h_report->{cvss_base_score}} 1240 | if ($h_report->{cvss_temporal_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{high_temporal_score} = $cvss_score{$host->{"host-ip"}}->{high_temporal_score} + $h_report->{cvss_temporal_score}} 1241 | } 1242 | elsif ($h_report->{-severity} == 2) { 1243 | if ($h_report->{cvss_base_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{med_base_score} = $cvss_score{$host->{"host-ip"}}->{med_base_score} + $h_report->{cvss_base_score}} 1244 | if ($h_report->{cvss_temporal_score} ne "N/A") {$cvss_score{$host->{"host-ip"}}->{med_temporal_score} = $cvss_score{$host->{"host-ip"}}->{med_temporal_score} + $h_report->{cvss_temporal_score}} 1245 | } 1246 | } 1247 | # end of if ($h_report->{cvss_base_score} || $h_report->{cvss_vector} || $h_report->{cvss_temporal_score}) 1248 | } 1249 | # end of foreach my $h_report (@HostReport) 1250 | 1251 | my @u = @WindowsUserManagement; 1252 | $host->{"WindowsUserManagement"} = \@u; 1253 | my %vuln_cnt; 1254 | $vuln_cnt{sev0} = 0; 1255 | $vuln_cnt{sev1} = 0; 1256 | $vuln_cnt{sev2} = 0; 1257 | $vuln_cnt{sev3} = 0; 1258 | $vuln_cnt{sev4} = 0; 1259 | if($aix_local_security_checks[0] ne ""){$host->{'aix_local_security_checks'} = \@aix_local_security_checks;%vuln_cnt = get_vuln_cnt(\@aix_local_security_checks,\%vuln_cnt)} 1260 | if($amazon_linux_local_security_checks[0] ne ""){$host->{'amazon_linux_local_security_checks'} = \@amazon_linux_local_security_checks;%vuln_cnt = get_vuln_cnt(\@amazon_linux_local_security_checks,\%vuln_cnt)} 1261 | if($backdoors[0] ne ""){$host->{'backdoors'} = \@backdoors;%vuln_cnt = get_vuln_cnt(\@backdoors,\%vuln_cnt)} 1262 | if($centos_local_security_checks[0] ne ""){$host->{'centos_local_security_checks'} = \@centos_local_security_checks;%vuln_cnt = get_vuln_cnt(\@centos_local_security_checks,\%vuln_cnt)} 1263 | if($cgi_abuses[0] ne ""){$host->{'cgi_abuses'} = \@cgi_abuses;%vuln_cnt = get_vuln_cnt(\@cgi_abuses,\%vuln_cnt)} 1264 | if($cgi_abuses_xss[0] ne ""){$host->{'cgi_abuses_xss'} = \@cgi_abuses_xss;%vuln_cnt = get_vuln_cnt(\@cgi_abuses_xss,\%vuln_cnt)} 1265 | if($cisco[0] ne ""){$host->{'cisco'} = \@cisco;%vuln_cnt = get_vuln_cnt(\@cisco,\%vuln_cnt)} 1266 | if($databases[0] ne ""){$host->{'databases'} = \@databases;%vuln_cnt = get_vuln_cnt(\@databases,\%vuln_cnt)} 1267 | if($debian_local_security_checks[0] ne ""){$host->{'debian_local_security_checks'} = \@debian_local_security_checks;%vuln_cnt = get_vuln_cnt(\@debian_local_security_checks,\%vuln_cnt)} 1268 | if($default_unix_accounts[0] ne ""){$host->{'default_unix_accounts'} = \@default_unix_accounts;%vuln_cnt = get_vuln_cnt(\@default_unix_accounts,\%vuln_cnt)} 1269 | if($denial_of_service[0] ne ""){$host->{'denial_of_service'} = \@denial_of_service;%vuln_cnt = get_vuln_cnt(\@denial_of_service,\%vuln_cnt)} 1270 | if($dns[0] ne ""){$host->{'dns'} = \@dns;%vuln_cnt = get_vuln_cnt(\@dns,\%vuln_cnt)} 1271 | if($F5_Networks_Local_Security_Checks[0] ne ""){$host->{'F5_Networks_Local_Security_Checks'} = \@F5_Networks_Local_Security_Checks;%vuln_cnt = get_vuln_cnt(\@F5_Networks_Local_Security_Checks,\%vuln_cnt)} 1272 | if($fedora_local_security_checks[0] ne ""){$host->{'fedora_local_security_checks'} = \@fedora_local_security_checks;%vuln_cnt = get_vuln_cnt(\@fedora_local_security_checks,\%vuln_cnt)} 1273 | if($finger_abuses[0] ne ""){$host->{'finger_abuses'} = \@finger_abuses;%vuln_cnt = get_vuln_cnt(\@finger_abuses,\%vuln_cnt)} 1274 | if($firewalls[0] ne ""){$host->{'firewalls'} = \@firewalls;%vuln_cnt = get_vuln_cnt(\@firewalls,\%vuln_cnt)} 1275 | if($freebsd_local_security_checks[0] ne ""){$host->{'freebsd_local_security_checks'} = \@freebsd_local_security_checks;%vuln_cnt = get_vuln_cnt(\@freebsd_local_security_checks,\%vuln_cnt)} 1276 | if($ftp[0] ne ""){$host->{'ftp'} = \@ftp;%vuln_cnt = get_vuln_cnt(\@ftp,\%vuln_cnt)} 1277 | if($gain_a_shell_remotely[0] ne ""){$host->{'gain_a_shell_remotely'} = \@gain_a_shell_remotely;%vuln_cnt = get_vuln_cnt(\@gain_a_shell_remotely,\%vuln_cnt)} 1278 | if($general[0] ne ""){$host->{'general'} = \@general;%vuln_cnt = get_vuln_cnt(\@general,\%vuln_cnt)} 1279 | if($gentoo_local_security_checks[0] ne ""){$host->{'gentoo_local_security_checks'} = \@gentoo_local_security_checks;%vuln_cnt = get_vuln_cnt(\@gentoo_local_security_checks,\%vuln_cnt)} 1280 | if($hp_ux_local_security_checks[0] ne ""){$host->{'hp_ux_local_security_checks'} = \@hp_ux_local_security_checks;%vuln_cnt = get_vuln_cnt(\@hp_ux_local_security_checks,\%vuln_cnt)} 1281 | if($Huawei_Local_Security_Checks[0] ne ""){$host->{'Huawei_Local_Security_Checks'} = \@Huawei_Local_Security_Checks;%vuln_cnt = get_vuln_cnt(\@Huawei_Local_Security_Checks,\%vuln_cnt)} 1282 | if($junos_local_security_checks[0] ne ""){$host->{'junos_local_security_checks'} = \@junos_local_security_checks;%vuln_cnt = get_vuln_cnt(\@junos_local_security_checks,\%vuln_cnt)} 1283 | if($macos_x_local_security_checks[0] ne ""){$host->{'macos_x_local_security_checks'} = \@macos_x_local_security_checks;%vuln_cnt = get_vuln_cnt(\@macos_x_local_security_checks,\%vuln_cnt)} 1284 | if($mandriva_local_security_checks[0] ne ""){$host->{'mandriva_local_security_checks'} = \@mandriva_local_security_checks;%vuln_cnt = get_vuln_cnt(\@mandriva_local_security_checks,\%vuln_cnt)} 1285 | if($misc[0] ne ""){$host->{'misc'} = \@misc;%vuln_cnt = get_vuln_cnt(\@misc,\%vuln_cnt)} 1286 | if($mobile_devices[0] ne ""){$host->{'mobile_devices'} = \@mobile_devices;%vuln_cnt = get_vuln_cnt(\@mobile_devices,\%vuln_cnt)} 1287 | if($netware[0] ne ""){$host->{'netware'} = \@netware;%vuln_cnt = get_vuln_cnt(\@netware,\%vuln_cnt)} 1288 | if($OracleVM_Local_Security_Checks[0] ne ""){$host->{'OracleVM_Local_Security_Checks'} = \@OracleVM_Local_Security_Checks;%vuln_cnt = get_vuln_cnt(\@OracleVM_Local_Security_Checks,\%vuln_cnt)} 1289 | if($oracle_linux_local_security_checks[0] ne ""){$host->{'oracle_linux_local_security_checks'} = \@oracle_linux_local_security_checks;%vuln_cnt = get_vuln_cnt(\@oracle_linux_local_security_checks,\%vuln_cnt)} 1290 | if($Palo_Alto_Local_Security_Checks[0] ne ""){$host->{'Palo_Alto_Local_Security_Checks'} = \@Palo_Alto_Local_Security_Checks;%vuln_cnt = get_vuln_cnt(\@Palo_Alto_Local_Security_Checks,\%vuln_cnt)} 1291 | if($peer_to_peer_file_sharing[0] ne ""){$host->{'peer_to_peer_file_sharing'} = \@peer_to_peer_file_sharing;%vuln_cnt = get_vuln_cnt(\@peer_to_peer_file_sharing,\%vuln_cnt)} 1292 | if($policy_compliance[0] ne ""){$host->{'policy_compliance'} = \@policy_compliance;} 1293 | if($port_scanners[0] ne ""){$host->{'port_scanners'} = \@port_scanners;%vuln_cnt = get_vuln_cnt(\@port_scanners,\%vuln_cnt)} 1294 | if($red_hat_local_security_checks[0] ne ""){$host->{'red_hat_local_security_checks'} = \@red_hat_local_security_checks;%vuln_cnt = get_vuln_cnt(\@red_hat_local_security_checks,\%vuln_cnt)} 1295 | if($rpc[0] ne ""){$host->{'rpc'} = \@rpc;%vuln_cnt = get_vuln_cnt(\@rpc,\%vuln_cnt)} 1296 | if($scada[0] ne ""){$host->{'scada'} = \@scada;%vuln_cnt = get_vuln_cnt(\@scada,\%vuln_cnt)} 1297 | if($scientific_linux_local_security_checks[0] ne ""){$host->{'scientific_linux_local_security_checks'} = \@scientific_linux_local_security_checks;%vuln_cnt = get_vuln_cnt(\@scientific_linux_local_security_checks,\%vuln_cnt)} 1298 | if($service_detection[0] ne ""){$host->{'service_detection'} = \@service_detection;%vuln_cnt = get_vuln_cnt(\@service_detection,\%vuln_cnt)} 1299 | if($settings[0] ne ""){$host->{'settings'} = \@settings;%vuln_cnt = get_vuln_cnt(\@settings,\%vuln_cnt)} 1300 | if($slackware_local_security_checks[0] ne ""){$host->{'slackware_local_security_checks'} = \@slackware_local_security_checks;%vuln_cnt = get_vuln_cnt(\@slackware_local_security_checks,\%vuln_cnt)} 1301 | if($smtp_problems[0] ne ""){$host->{'smtp_problems'} = \@smtp_problems;%vuln_cnt = get_vuln_cnt(\@smtp_problems,\%vuln_cnt)} 1302 | if($snmp[0] ne ""){$host->{'snmp'} = \@snmp;%vuln_cnt = get_vuln_cnt(\@snmp,\%vuln_cnt)} 1303 | if($solaris_local_security_checks[0] ne ""){$host->{'solaris_local_security_checks'} = \@solaris_local_security_checks;%vuln_cnt = get_vuln_cnt(\@solaris_local_security_checks,\%vuln_cnt)} 1304 | if($suse_local_security_checks[0] ne ""){$host->{'suse_local_security_checks'} = \@suse_local_security_checks;%vuln_cnt = get_vuln_cnt(\@suse_local_security_checks,\%vuln_cnt)} 1305 | if($ubuntu_local_security_checks[0] ne ""){$host->{'ubuntu_local_security_checks'} = \@ubuntu_local_security_checks;%vuln_cnt = get_vuln_cnt(\@ubuntu_local_security_checks,\%vuln_cnt)} 1306 | if($vmware_esx_local_security_checks[0] ne ""){$host->{'vmware_esx_local_security_checks'} = \@vmware_esx_local_security_checks;%vuln_cnt = get_vuln_cnt(\@vmware_esx_local_security_checks,\%vuln_cnt)} 1307 | if($web_servers[0] ne ""){$host->{'web_servers'} = \@web_servers;%vuln_cnt = get_vuln_cnt(\@web_servers,\%vuln_cnt)} 1308 | if($windows_microsoft_bulletins[0] ne ""){$host->{'windows_microsoft_bulletins'} = \@windows_microsoft_bulletins;%vuln_cnt = get_vuln_cnt(\@windows_microsoft_bulletins,\%vuln_cnt)} 1309 | if($windows_user_management[0] ne ""){$host->{'windows_user_management'} = \@windows_user_management;%vuln_cnt = get_vuln_cnt(\@windows_user_management,\%vuln_cnt)} 1310 | if($windows[0] ne ""){$host->{'windows'} = \@windows;%vuln_cnt = get_vuln_cnt(\@windows,\%vuln_cnt)} 1311 | if($port_scan[0] ne ""){$host->{'port_scan'} = \@port_scan;%vuln_cnt = get_vuln_cnt(\@port_scan,\%vuln_cnt)} 1312 | if($IncidentResponse[0] ne ""){$host->{'IncidentResponse'} = \@IncidentResponse;%vuln_cnt = get_vuln_cnt(\@IncidentResponse,\%vuln_cnt);} 1313 | 1314 | $host->{'vuln_cnt'} = \%vuln_cnt; 1315 | } 1316 | # end the Policy Compliance foreach loop 1317 | print "\nFinished Parsing XML Data\n\n"; 1318 | 1319 | # General Vulnerability Report 1320 | print "Create General Vulnerability Data\n"; 1321 | foreach my $host (@report_data){ 1322 | my @report_data; 1323 | if (ref $host->{host_report} eq "HASH"){push @report_data, $host->{host_report};} 1324 | else{@report_data = @{$host->{host_report}};} 1325 | my $name = $host->{name}; 1326 | if (not defined $host->{'host-fqdn'}){$host->{'host-fqdn'} = "N/A";} 1327 | if($host->{'aix_local_security_checks'}->[0] ne ""){store_vuln($host->{'aix_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1328 | if($host->{'amazon_linux_local_security_checks'}->[0] ne ""){store_vuln($host->{'amazon_linux_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1329 | if($host->{'backdoors'}->[0] ne ""){store_vuln($host->{'backdoors'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1330 | if($host->{'centos_local_security_checks'}->[0] ne ""){store_vuln($host->{'centos_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1331 | if($host->{'cgi_abuses'}->[0] ne ""){store_vuln($host->{'cgi_abuses'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1332 | if($host->{'cgi_abuses_xss'}->[0] ne ""){store_vuln($host->{'cgi_abuses_xss'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1333 | if($host->{'cisco'}->[0] ne ""){store_vuln($host->{'cisco'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1334 | if($host->{'databases'}->[0] ne ""){store_vuln($host->{'databases'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1335 | if($host->{'debian_local_security_checks'}->[0] ne ""){store_vuln($host->{'debian_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1336 | if($host->{'default_unix_accounts'}->[0] ne ""){store_vuln($host->{'default_unix_accounts'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1337 | if($host->{'denial_of_service'}->[0] ne ""){store_vuln($host->{'denial_of_service'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1338 | if($host->{'dns'}->[0] ne ""){store_vuln($host->{'dns'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1339 | if($host->{'F5_Networks_Local_Security_Checks'}->[0] ne ""){store_vuln($host->{'F5_Networks_Local_Security_Checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1340 | if($host->{'fedora_local_security_checks'}->[0] ne ""){store_vuln($host->{'fedora_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1341 | if($host->{'finger_abuses'}->[0] ne ""){store_vuln($host->{'finger_abuses'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1342 | if($host->{'firewalls'}->[0] ne ""){store_vuln($host->{'firewalls'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1343 | if($host->{'freebsd_local_security_checks'}->[0] ne ""){store_vuln($host->{'freebsd_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1344 | if($host->{'ftp'}->[0] ne ""){store_vuln($host->{'ftp'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1345 | if($host->{'gain_a_shell_remotely'}->[0] ne ""){store_vuln($host->{'gain_a_shell_remotely'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1346 | if($host->{'general'}->[0] ne ""){store_vuln($host->{'general'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1347 | if($host->{'gentoo_local_security_checks'}->[0] ne ""){store_vuln($host->{'gentoo_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1348 | if($host->{'hp_ux_local_security_checks'}->[0] ne ""){store_vuln($host->{'hp_ux_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1349 | if($host->{'Huawei_Local_Security_Checks'}->[0] ne ""){store_vuln($host->{'Huawei_Local_Security_Checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1350 | if($host->{'IncidentResponse'}->[0] ne ""){store_vuln($host->{'IncidentResponse'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1351 | if($host->{'junos_local_security_checks'}->[0] ne ""){store_vuln($host->{'junos_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1352 | if($host->{'macos_x_local_security_checks'}->[0] ne ""){store_vuln($host->{'macos_x_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1353 | if($host->{'mandriva_local_security_checks'}->[0] ne ""){store_vuln($host->{'mandriva_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1354 | if($host->{'misc'}->[0] ne ""){store_vuln($host->{'misc'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1355 | if($host->{'mobile_devices'}->[0] ne ""){store_vuln($host->{'mobile_devices'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1356 | if($host->{'netware'}->[0] ne ""){store_vuln($host->{'netware'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1357 | if($host->{'OracleVM_Local_Security_Checks'}->[0] ne ""){store_vuln($host->{'OracleVM_Local_Security_Checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1358 | if($host->{'oracle_linux_local_security_checks'}->[0] ne ""){store_vuln($host->{'oracle_linux_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1359 | if($host->{'Palo_Alto_Local_Security_Checks'}->[0] ne ""){store_vuln($host->{'Palo_Alto_Local_Security_Checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1360 | if($host->{'peer_to_peer_file_sharing'}->[0] ne ""){store_vuln($host->{'peer_to_peer_file_sharing'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1361 | if($host->{'policy_compliance'}->[0] ne ""){store_vuln($host->{'policy_compliance'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1362 | if($host->{'port_scanners'}->[0] ne ""){store_vuln($host->{'port_scanners'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1363 | if($host->{'red_hat_local_security_checks'}->[0] ne ""){store_vuln($host->{'red_hat_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1364 | if($host->{'rpc'}->[0] ne ""){store_vuln($host->{'rpc'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1365 | if($host->{'scada'}->[0] ne ""){store_vuln($host->{'scada'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1366 | if($host->{'scientific_linux_local_security_checks'}->[0] ne ""){store_vuln($host->{'scientific_linux_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1367 | if($host->{'service_detection'}->[0] ne ""){store_vuln($host->{'service_detection'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1368 | if($host->{'settings'}->[0] ne ""){store_vuln($host->{'settings'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1369 | if($host->{'slackware_local_security_checks'}->[0] ne ""){store_vuln($host->{'slackware_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1370 | if($host->{'smtp_problems'}->[0] ne ""){store_vuln($host->{'smtp_problems'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1371 | if($host->{'snmp'}->[0] ne ""){store_vuln($host->{'snmp'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1372 | if($host->{'solaris_local_security_checks'}->[0] ne ""){store_vuln($host->{'solaris_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1373 | if($host->{'suse_local_security_checks'}->[0] ne ""){store_vuln($host->{'suse_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1374 | if($host->{'ubuntu_local_security_checks'}->[0] ne ""){store_vuln($host->{'ubuntu_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1375 | if($host->{'vmware_esx_local_security_checks'}->[0] ne ""){store_vuln($host->{'vmware_esx_local_security_checks'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1376 | if($host->{'web_servers'}->[0] ne ""){store_vuln($host->{'web_servers'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1377 | if($host->{'windows_microsoft_bulletins'}->[0] ne ""){store_vuln($host->{'windows_microsoft_bulletins'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"});print "";} 1378 | if($host->{'windows_user_management'}->[0] ne ""){store_vuln($host->{'windows_user_management'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"})} 1379 | if($host->{'windows'}->[0] ne ""){store_vuln($host->{'windows'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"})} 1380 | if($host->{'port_scan'}->[0] ne ""){store_vuln($host->{'port_scan'},$host->{'file'},$host->{name},$host->{'host-fqdn'},$host->{"netbios-name"},$host->{"operating-system"})} 1381 | my @MSWinAccounts; 1382 | my $domain_user_list; 1383 | my $local_user_list; 1384 | my $password_policy; 1385 | my @user_list; 1386 | foreach (@{$host->{'WindowsUserManagement'}}){ 1387 | if($_->{-pluginID} =~ /10399|10413/){print "";} 1388 | elsif($_->{-pluginID} =~ /10860/){ 1389 | $local_user_list = $_;} 1390 | elsif($_->{-pluginID} =~ /17651/){$password_policy = $_;} 1391 | else{push @MSWinAccounts, $_;} 1392 | } 1393 | #end foreach (@WindowsUserManagement) 1394 | 1395 | if($host->{DomainController} eq "N" && ref $local_user_list eq "HASH"){ 1396 | #$local_user_list->{plugin_output} =~ s/ {2,}- |\)//g; 1397 | $local_user_list->{plugin_output} =~ s/( {2,}- )|(\))//g; 1398 | $local_user_list->{plugin_output} =~ s/ \(/\|/g; 1399 | $local_user_list->{plugin_output} =~ s/\, /\|/g; 1400 | $local_user_list->{plugin_output} =~ s/Note that.*$//; 1401 | $local_user_list->{plugin_output} =~ s/\|id/ id/g; 1402 | $local_user_list->{plugin_output} =~ s/^\|//; 1403 | $local_user_list->{plugin_output} =~ s/(\|)+$//; 1404 | $local_user_list->{plugin_output} =~ s/ id /;/g; 1405 | $local_user_list->{plugin_output} =~ s/\s{2,}/;/g; 1406 | 1407 | @user_list = split /\|/, $local_user_list->{plugin_output}; 1408 | my $user_list_cnt = @user_list; 1409 | my $splice_cnt = 0; 1410 | if($user_list[0] eq ""){shift @user_list} 1411 | foreach (@user_list){if ($_ eq ""){last;}++$splice_cnt;} 1412 | splice @user_list,$splice_cnt; 1413 | foreach (@user_list){ 1414 | my @tmp = split /\;/, $_; 1415 | my %hash; 1416 | $hash{'name'} = $tmp[0]; 1417 | $hash{'sid'} = $tmp[1]; 1418 | $hash{'type'} = $tmp[2]; 1419 | $_ = \%hash; 1420 | } 1421 | # end of foreach (@user_list) 1422 | print ""; 1423 | } 1424 | 1425 | foreach my $acnt_entry (@MSWinAccounts){ 1426 | my @plugin_data; 1427 | my $act_type; 1428 | if($acnt_entry->{-pluginID} =~ /10895/){$act_type = "Automatic Account Disabled";} 1429 | elsif($acnt_entry->{-pluginID} =~ /10896/){$act_type = "Can't Change Password";} 1430 | elsif($acnt_entry->{-pluginID} =~ /10897/){$act_type = "Account Disabled";} 1431 | elsif($acnt_entry->{-pluginID} =~ /10898/){$act_type = "Never Changed Password";} 1432 | elsif($acnt_entry->{-pluginID} =~ /10899/){$act_type = "Never Logged In";} 1433 | elsif($acnt_entry->{-pluginID} =~ /10900/){$act_type = "Account Disabled";} 1434 | elsif($acnt_entry->{-pluginID} =~ /10911/){$act_type = "Automatic Account Disabled";} 1435 | elsif($acnt_entry->{-pluginID} =~ /10912/){$act_type = "Can't Change Password";} 1436 | elsif($acnt_entry->{-pluginID} =~ /10913/){$act_type = "Account Disabled";} 1437 | elsif($acnt_entry->{-pluginID} =~ /10914/){$act_type = "Never Changed Password";} 1438 | elsif($acnt_entry->{-pluginID} =~ /10915/){$act_type = "Never Logged In";} 1439 | elsif($acnt_entry->{-pluginID} =~ /10916/){$act_type = "Account Disabled";} 1440 | elsif($acnt_entry->{-pluginID} =~ /10901/){$act_type = "Account Operators";} 1441 | elsif($acnt_entry->{-pluginID} =~ /10902/){$act_type = "Administrators";} 1442 | elsif($acnt_entry->{-pluginID} =~ /10903/){$act_type = "Server Operators";} 1443 | elsif($acnt_entry->{-pluginID} =~ /10904/){$act_type = "Backup Operators";} 1444 | elsif($acnt_entry->{-pluginID} =~ /10905/){$act_type = "Print Operators";} 1445 | elsif($acnt_entry->{-pluginID} =~ /10906/){$act_type = "Replicator";} 1446 | elsif($acnt_entry->{-pluginID} =~ /10907/){$act_type = "Guest Account Belongs to a Group";} 1447 | elsif($acnt_entry->{-pluginID} =~ /10908/){$act_type = "Domain Administrators";} 1448 | 1449 | if ($host->{DomainController} eq "N" && $act_type ne ""){ 1450 | my $a = $acnt_entry->{plugin_output}; 1451 | foreach (@user_list){ 1452 | my $usr_name = $_->{name}; 1453 | if ($usr_name =~ /\\/){$usr_name =~ s/\\/\\\\/g;} 1454 | my $usr_sid = $_->{sid}; 1455 | if ($acnt_entry->{-pluginID} =~ /(10916)|(10915)|(10914)|(10913)|(10912)|(10911)|(10910)|(10900)|(10899)|(10898)|(10897)|(10896)|(10895)/){ 1456 | my $b = "\(\\s\\s\\-\\s\)$usr_name"; 1457 | if ($a =~ /$b/sm){$_->{$act_type} = "Y"} 1458 | else{$_->{$act_type} = "N"} 1459 | } 1460 | elsif ($acnt_entry->{-pluginID} =~ /(10908)|(10907)|(10906)|(10905)|(10904)|(10903)|(10902)|(10901)/){ 1461 | $usr_name = "$host->{\"netbios-name\"}.$usr_name"; 1462 | if ($a =~ /\Q$usr_name\E/ism){$_->{$act_type} = "Y"} 1463 | else{$_->{$act_type} = "N"} 1464 | } 1465 | } 1466 | # end of foreach (@user_list) 1467 | if ($acnt_entry->{-pluginID} =~ /(10908)|(10907)|(10906)|(10905)|(10904)|(10903)|(10902)|(10901)/){ 1468 | my $netbios_name = $host->{"netbios-name"}; 1469 | if($a =~ /(?=\Q$netbios_name\E).+?(\Z)/ism){ 1470 | my $d = substr($a,$-[0],$+[0]-$-[0]); 1471 | $d =~ s/ {2,}- |\)//g; 1472 | $d =~ s/ \(/\|/g; 1473 | $d =~ s/\, /\|/g; 1474 | my @d_list = split /\r\n|\r|\n/, $d; 1475 | foreach (@d_list){ 1476 | if ($_ !~ /$netbios_name/){ 1477 | my @d1 = split /\|/, $_; 1478 | my %hash; 1479 | $hash{'name'} = $d1[0]; 1480 | $hash{'type'} = $d1[1]; 1481 | $hash{$act_type} = "Y"; 1482 | my $not_in_list = 1; 1483 | foreach my $usr (@user_list){ 1484 | if($usr->{name} eq $hash{name}){$usr->{$act_type} = "Y";$not_in_list = 0;last;} 1485 | } 1486 | if($not_in_list == 1){push @user_list, \%hash;} 1487 | } 1488 | # end of if ($_ !~ /$netbios_name/) 1489 | } 1490 | # end of foreach (@d_list) 1491 | } 1492 | # end of if($a =~ /(?=$netbios_name).+?(\Z)/ism) 1493 | } 1494 | # end of if ($acnt_entry->{-pluginID} =~ /10908|10907|10906|10905|10904|10903|10902|10901/) 1495 | } 1496 | # end of if ($host->{DomainController} eq "N" && $act_type ne "") 1497 | 1498 | if ($host->{DomainController} eq "Y" && $is_domain_controller_users_checked == 0){ 1499 | my $a = $acnt_entry->{plugin_output}; 1500 | foreach (@ADUsers){ 1501 | my $usr_name = $_->{name}; 1502 | my $usr_sid = $_->{sid}; 1503 | if ($a =~ /$usr_name/ism){$_->{$act_type} = "Y"} 1504 | else{$_->{$act_type} = "N"} 1505 | } 1506 | #end of foreach (@ADUsers) 1507 | } 1508 | # end of if ($host->{DomainController} eq "Y" && $is_domain_controller_users_checked == 0) 1509 | } 1510 | # end of foreach my $acnt_entry (@MSWinAccounts) 1511 | if ($host->{DomainController} eq "Y" && $is_domain_controller_users_checked == 0){$is_domain_controller_users_checked = 1;} 1512 | if ($host->{DomainController} eq "N"){ 1513 | foreach (@user_list){if ($_->{type} eq ""){$_->{type} = "Local User"}} 1514 | my @new_user_list = @user_list; 1515 | $host->{'account_info'} = \@new_user_list; 1516 | } 1517 | # end of if ($host->{DomainController} eq "N") 1518 | if ($password_policy ne ""){ 1519 | my $p = $password_policy->{plugin_output}; 1520 | if($p =~ /(?=Minimum).+?(?=\Z)/ism){$p = substr($p,$-[0],$+[0]-$-[0]);} 1521 | my @p_tmp = split /\|/, $p; 1522 | foreach (@p_tmp){ 1523 | my @tmp = split /\:/, $_; 1524 | $tmp[1] =~ s/\s//g; 1525 | $host->{$tmp[0]} = $tmp[1]; 1526 | } 1527 | # end of foreach (@p_tmp) 1528 | $host->{'password policy'} = $password_policy; 1529 | } 1530 | # end of if ($password_policy ne "") 1531 | 1532 | ###### testing to remove the plugin Family Data 1533 | 1534 | delete $host->{'aix_local_security_checks'}; 1535 | delete $host->{'amazon_linux_local_security_checks'}; 1536 | delete $host->{'backdoors'}; 1537 | delete $host->{'centos_local_security_checks'}; 1538 | delete $host->{'cgi_abuses'}; 1539 | delete $host->{'cgi_abuses_xss'}; 1540 | delete $host->{'cisco'}; 1541 | delete $host->{'databases'}; 1542 | delete $host->{'debian_local_security_checks'}; 1543 | delete $host->{'default_unix_accounts'}; 1544 | delete $host->{'denial_of_service'}; 1545 | delete $host->{'dns'}; 1546 | delete $host->{'F5_Networks_Local_Security_Checks'}; 1547 | delete $host->{'fedora_local_security_checks'}; 1548 | delete $host->{'finger_abuses'}; 1549 | delete $host->{'firewalls'}; 1550 | delete $host->{'freebsd_local_security_checks'}; 1551 | delete $host->{'ftp'}; 1552 | delete $host->{'gain_a_shell_remotely'}; 1553 | delete $host->{'general'}; 1554 | delete $host->{'gentoo_local_security_checks'}; 1555 | delete $host->{'hp_ux_local_security_checks'}; 1556 | delete $host->{'Huawei_Local_Security_Checks'}; 1557 | delete $host->{'IncidentResponse'}; 1558 | delete $host->{'junos_local_security_checks'}; 1559 | delete $host->{'macos_x_local_security_checks'}; 1560 | delete $host->{'mandriva_local_security_checks'}; 1561 | delete $host->{'misc'}; 1562 | delete $host->{'mobile_devices'}; 1563 | delete $host->{'netware'}; 1564 | delete $host->{'OracleVM_Local_Security_Checks'}; 1565 | delete $host->{'oracle_linux_local_security_checks'}; 1566 | delete $host->{'Palo_Alto_Local_Security_Checks'}; 1567 | delete $host->{'peer_to_peer_file_sharing'}; 1568 | delete $host->{'policy_compliance'}; 1569 | delete $host->{'port_scanners'}; 1570 | delete $host->{'red_hat_local_security_checks'}; 1571 | delete $host->{'rpc'}; 1572 | delete $host->{'scada'}; 1573 | delete $host->{'scientific_linux_local_security_checks'}; 1574 | delete $host->{'service_detection'}; 1575 | delete $host->{'settings'}; 1576 | delete $host->{'slackware_local_security_checks'}; 1577 | delete $host->{'smtp_problems'}; 1578 | delete $host->{'snmp'}; 1579 | delete $host->{'solaris_local_security_checks'}; 1580 | delete $host->{'suse_local_security_checks'}; 1581 | delete $host->{'ubuntu_local_security_checks'}; 1582 | delete $host->{'vmware_esx_local_security_checks'}; 1583 | delete $host->{'web_servers'}; 1584 | delete $host->{'windows_microsoft_bulletins'}; 1585 | delete $host->{'windows_user_management'}; 1586 | delete $host->{'windows'}; 1587 | delete $host->{'port_scan'}; 1588 | ###### end removeing plugin data 1589 | } 1590 | # end foreach my $host (@host_data) 1591 | push @host_data, @report_data; 1592 | } 1593 | # end of sub normalizeHostData 1594 | 1595 | print "\n\n\n Pause for Testing before reading data\n\n"; 1596 | ############################## END SUBROUTINES 1597 | 1598 | 1599 | foreach my $file (@xml_files){ 1600 | print "--------- Parsing $file\n\n"; 1601 | my $tpp = XML::TreePP->new(); 1602 | my $tree = $tpp->parsefile( $file ); 1603 | if($tree->{NessusClientData_v2}){print "Parsing File $file \n\n";} 1604 | else{print "This file \"$file\" is not using the Nessus version 2 format, please choose the nessus v2 format.\n\n";exit;} 1605 | my @report_data; 1606 | my @t_policy = grep {$_->{name} =~ /targ/i} @{$tree->{NessusClientData_v2}->{Policy}->{Preferences}->{ServerPreferences}->{preference}}; 1607 | push @targets, @t_policy; 1608 | if (ref($tree->{NessusClientData_v2}->{Report}->{ReportHost}) eq "HASH"){push @report_data, $tree->{NessusClientData_v2}->{Report}->{ReportHost};} 1609 | elsif (ref($tree->{NessusClientData_v2}->{Report}->{ReportHost}) eq "ARRAY"){@report_data = @{$tree->{NessusClientData_v2}->{Report}->{ReportHost}};} 1610 | foreach my $hostproperties (@report_data){ 1611 | my %hash; 1612 | $hash{file} = $file; 1613 | $hash{name} = $hostproperties->{-name}; 1614 | my @host; 1615 | if (ref ($hostproperties->{HostProperties}) ne "ARRAY" && ref($hostproperties->{HostProperties}) ne "HASH") { 1616 | ++$total_discovered{$hostproperties->{-name}}; 1617 | } 1618 | elsif (ref($hostproperties->{HostProperties}->{tag}) eq "HASH"){ 1619 | #++$total_discovered{$hostproperties->{-name}}; 1620 | push @host, $hostproperties->{HostProperties}->{tag}; 1621 | } 1622 | elsif (ref($hostproperties->{HostProperties}->{tag}) eq "ARRAY"){ 1623 | #++$total_discovered{$hostproperties->{-name}}; 1624 | @host = @{$hostproperties->{HostProperties}->{tag}}; 1625 | } 1626 | $hash{host_report} = $hostproperties->{ReportItem}; 1627 | foreach my $host (@host){$hash{$host->{-name}} = $host->{"#text"};} 1628 | # end - foreach my $host_data (@host_data) 1629 | if ($hash{"host-ip"}) {++$total_discovered{$hash{"host-ip"}}} 1630 | 1631 | $hostproperties = \%hash; 1632 | } 1633 | # end foreach my $hostproperties (@host_data) 1634 | 1635 | normalizeHostData (\@report_data); 1636 | 1637 | #push @host_data, @report_data; 1638 | print "Finished Parsing File $file \n\n"; 1639 | } 1640 | # end xml file foreach loop 1641 | 1642 | #my $sizeTest = total_size(\@host_data); 1643 | 1644 | #print "the \@host_data is $sizeTest\n\n"; 1645 | 1646 | print "Creating Spreadsheet Data\n"; 1647 | 1648 | # Extract Policy Compliance 1649 | 1650 | print "--------------- MOVE THE POLICY ARRAYS TO THE TOP\n\n\n\n"; sleep 3; 1651 | 1652 | 1653 | 1654 | print "Creating Nessus Report Spreadsheet\n"; 1655 | ####################################################### start spreadsheet 1656 | $workbook = Excel::Writer::XLSX->new("$dir/$report_prefix\_$report_file.xlsx"); 1657 | my $Home_worksheet = $workbook->add_worksheet('Home Worksheet'); 1658 | $home_url = "internal\:\'Home Worksheet\'\!A1"; 1659 | 1660 | #### Begin formating entries 1661 | $center_format = $workbook->add_format( 1662 | valign => 'vcenter', 1663 | align => 'center', 1664 | ); 1665 | 1666 | $center_border6_format = $workbook->add_format( 1667 | valign => 'vleft', 1668 | align => 'left', 1669 | bold => 1, 1670 | bg_color => 'black', 1671 | color => 9, 1672 | border => 2, 1673 | border_color => 'black', 1674 | ); 1675 | 1676 | $wrap_text_format = $workbook->add_format( 1677 | valign => 'vleft', 1678 | align => 'left', 1679 | #text_wrap => 1, 1680 | border => 1, 1681 | border_color => 'black', 1682 | ); 1683 | 1684 | $cell_format = $workbook->add_format( 1685 | valign => 'vleft', 1686 | align => 'left', 1687 | border => 1, 1688 | border_color => 'black', 1689 | ); 1690 | 1691 | $url_format = $workbook->add_format( color => 'blue', underline => 1 ); 1692 | ### End formating entries 1693 | 1694 | #$worksheet->write_url( 'A1', $home_url, $url_format, $_); 1695 | 1696 | print "Storing Host Scan Data Table\n"; 1697 | my $host_scan_data_ctr = 2; 1698 | my $host_scan_data_worksheet = $workbook->add_worksheet('host_scan_data'); 1699 | $host_scan_data_worksheet->write_url( 'A1', $home_url, $url_format, $_); 1700 | $host_scan_data_worksheet->keep_leading_zeros(); 1701 | $host_scan_data_worksheet->write(1, 0, 'File',$center_border6_format); 1702 | $host_scan_data_worksheet->write(1, 1, 'IP Address',$center_border6_format); 1703 | $host_scan_data_worksheet->write(1, 2, 'FQDN',$center_border6_format); 1704 | $host_scan_data_worksheet->write(1, 3, 'Plugin ID',$center_border6_format); 1705 | $host_scan_data_worksheet->write(1, 4, 'Protocol',$center_border6_format); 1706 | $host_scan_data_worksheet->write(1, 5, 'Port',$center_border6_format); 1707 | $host_scan_data_worksheet->write(1, 6, 'Severity',$center_border6_format); 1708 | $host_scan_data_worksheet->write(1, 7, 'Plugin Family',$center_border6_format); 1709 | $host_scan_data_worksheet->write(1, 8, 'Plugin Name',$center_border6_format); 1710 | $host_scan_data_worksheet->write(1, 9, 'CVSS Vector',$center_border6_format); 1711 | $host_scan_data_worksheet->write(1, 10, 'CVSS Base Score',$center_border6_format); 1712 | $host_scan_data_worksheet->write(1, 11, 'CVSS Temporal Score',$center_border6_format); 1713 | $host_scan_data_worksheet->write(1, 12, 'Exploitability Ease',$center_border6_format); 1714 | $host_scan_data_worksheet->write(1, 13, 'Exploit Available',$center_border6_format); 1715 | $host_scan_data_worksheet->write(1, 14, 'Exploit Framework Canvas',$center_border6_format); 1716 | $host_scan_data_worksheet->write(1, 15, 'Exploit Framework Metasploit',$center_border6_format); 1717 | $host_scan_data_worksheet->write(1, 16, 'Exploit Framework Core',$center_border6_format); 1718 | $host_scan_data_worksheet->write(1, 17, 'Metasploit Name',$center_border6_format); 1719 | $host_scan_data_worksheet->write(1, 18, 'Canvas Package',$center_border6_format); 1720 | $host_scan_data_worksheet->write(1, 19, 'Plugin Output',$center_border6_format); 1721 | $host_scan_data_worksheet->freeze_panes('C3'); 1722 | $host_scan_data_worksheet->autofilter('A2:T2'); 1723 | $host_scan_data_worksheet->set_tab_color('black'); 1724 | $host_scan_data_worksheet->set_column('A:A', 20); 1725 | $host_scan_data_worksheet->set_column('B:B', 15); 1726 | $host_scan_data_worksheet->set_column('C:C', 25); 1727 | $host_scan_data_worksheet->set_column('D:G', 10); 1728 | $host_scan_data_worksheet->set_column('G:G', 10); 1729 | $host_scan_data_worksheet->set_column('H:H', 30); 1730 | $host_scan_data_worksheet->set_column('I:I', 60); 1731 | $host_scan_data_worksheet->set_column('J:P', 30); 1732 | $host_scan_data_worksheet->set_column('R:R', 60); 1733 | $host_scan_data_worksheet->set_column('S:S', 15); 1734 | $host_scan_data_worksheet->set_column('T:T', 60); 1735 | 1736 | my $h_tmp = @host_scan_data; 1737 | my $h_tmp2 = $h_tmp; 1738 | my $table_cnt = 2; 1739 | if($h_tmp > 100000){ 1740 | my $array_cnt = $h_tmp/100000; 1741 | my @dec = split /\./, $array_cnt; 1742 | if ($dec[1] > 0){++$dec[0]} 1743 | $table_cnt = $dec[0]; 1744 | $h_tmp = 100000; 1745 | } 1746 | # end of if($h_tmp > 100000) 1747 | 1748 | foreach (@host_scan_data){ 1749 | if ($host_scan_data_ctr == $h_tmp && $h_tmp2 < $host_scan_data_ctr){ 1750 | my $table = $table_cnt - 1; 1751 | $host_scan_data_ctr = 1; 1752 | $host_scan_data_worksheet = $workbook->add_worksheet("host_scan_data_$table"); 1753 | $host_scan_data_worksheet->write(1, 0, 'File',$center_border6_format); 1754 | $host_scan_data_worksheet->write(1, 1, 'IP Address',$center_border6_format); 1755 | $host_scan_data_worksheet->write(1, 2, 'FQDN',$center_border6_format); 1756 | $host_scan_data_worksheet->write(1, 3, 'Plugin ID',$center_border6_format); 1757 | $host_scan_data_worksheet->write(1, 4, 'Protocol',$center_border6_format); 1758 | $host_scan_data_worksheet->write(1, 5, 'Port',$center_border6_format); 1759 | $host_scan_data_worksheet->write(1, 6, 'Severity',$center_border6_format); 1760 | $host_scan_data_worksheet->write(1, 7, 'Plugin Family',$center_border6_format); 1761 | $host_scan_data_worksheet->write(1, 8, 'Plugin Name',$center_border6_format); 1762 | $host_scan_data_worksheet->write(1, 9, 'CVSS Vector',$center_border6_format); 1763 | $host_scan_data_worksheet->write(1, 10, 'CVSS Base Score',$center_border6_format); 1764 | $host_scan_data_worksheet->write(1, 11, 'CVSS Temporal Score',$center_border6_format); 1765 | $host_scan_data_worksheet->write(1, 12, 'Exploitability Ease',$center_border6_format); 1766 | $host_scan_data_worksheet->write(1, 13, 'Exploit Available',$center_border6_format); 1767 | $host_scan_data_worksheet->write(1, 14, 'Exploit Framework Canvas',$center_border6_format); 1768 | $host_scan_data_worksheet->write(1, 15, 'Exploit Framework Metasploit',$center_border6_format); 1769 | $host_scan_data_worksheet->write(1, 16, 'Exploit Framework Core',$center_border6_format); 1770 | $host_scan_data_worksheet->write(1, 17, 'Metasploit Name',$center_border6_format); 1771 | $host_scan_data_worksheet->write(1, 18, 'Canvas Package',$center_border6_format); 1772 | $host_scan_data_worksheet->write(1, 19, 'Plugin Output',$center_border6_format); 1773 | $host_scan_data_worksheet->freeze_panes('C3'); 1774 | } 1775 | # end of if ($host_scan_data_ctr == $h_tmp) 1776 | my @tmp = split /\,/, $_; 1777 | $host_scan_data_worksheet->write($host_scan_data_ctr, 0, $tmp[0],$cell_format); 1778 | $host_scan_data_worksheet->write($host_scan_data_ctr, 1, $tmp[1],$cell_format); 1779 | $host_scan_data_worksheet->write($host_scan_data_ctr, 2, $tmp[2],$cell_format); 1780 | $host_scan_data_worksheet->write($host_scan_data_ctr, 3, $tmp[3],$cell_format); 1781 | $host_scan_data_worksheet->write($host_scan_data_ctr, 4, $tmp[4],$cell_format); 1782 | $host_scan_data_worksheet->write($host_scan_data_ctr, 5, $tmp[5],$cell_format); 1783 | $host_scan_data_worksheet->write($host_scan_data_ctr, 6, $tmp[6],$cell_format); 1784 | $host_scan_data_worksheet->write($host_scan_data_ctr, 7, $tmp[7],$cell_format); 1785 | $host_scan_data_worksheet->write($host_scan_data_ctr, 8, $tmp[8],$cell_format); 1786 | $host_scan_data_worksheet->write($host_scan_data_ctr, 9, $tmp[17],$cell_format); 1787 | $host_scan_data_worksheet->write($host_scan_data_ctr, 10, $tmp[16],$cell_format); 1788 | $host_scan_data_worksheet->write($host_scan_data_ctr, 11, $tmp[18],$cell_format); 1789 | $host_scan_data_worksheet->write($host_scan_data_ctr, 12, $tmp[9],$cell_format); 1790 | $host_scan_data_worksheet->write($host_scan_data_ctr, 13, $tmp[10],$cell_format); 1791 | $host_scan_data_worksheet->write($host_scan_data_ctr, 14, $tmp[11],$cell_format); 1792 | $host_scan_data_worksheet->write($host_scan_data_ctr, 15, $tmp[12],$cell_format); 1793 | $host_scan_data_worksheet->write($host_scan_data_ctr, 16, $tmp[13],$cell_format); 1794 | $host_scan_data_worksheet->write($host_scan_data_ctr, 17, $tmp[14],$cell_format); 1795 | $host_scan_data_worksheet->write($host_scan_data_ctr, 18, $tmp[15],$cell_format); 1796 | $host_scan_data_worksheet->write($host_scan_data_ctr, 19, $tmp[19],$cell_format); 1797 | ++$host_scan_data_ctr; 1798 | } 1799 | # end foreach (@host_scan_data) 1800 | 1801 | if($ScanInfo[0] ne ""){ 1802 | my $ScanInfo_ctr = 2; 1803 | print "Storing Scan Info Data Table\n"; 1804 | my $ScanInfo_worksheet = $workbook->add_worksheet('ScanInfo'); 1805 | $ScanInfo_worksheet->write_url( 'A1', $home_url, $url_format, $_); 1806 | $ScanInfo_worksheet->keep_leading_zeros(); 1807 | $ScanInfo_worksheet->write(1, 0, 'File',$center_border6_format); 1808 | $ScanInfo_worksheet->write(1, 1, 'IP Address',$center_border6_format); 1809 | $ScanInfo_worksheet->write(1, 2, 'FQDN',$center_border6_format); 1810 | $ScanInfo_worksheet->write(1, 3, 'Operating System',$center_border6_format); 1811 | $ScanInfo_worksheet->write(1, 4, 'System Type',$center_border6_format); 1812 | $ScanInfo_worksheet->write(1, 5, 'Scan Start',$center_border6_format); 1813 | $ScanInfo_worksheet->write(1, 6, 'Scan End',$center_border6_format); 1814 | $ScanInfo_worksheet->write(1, 7, 'Scan Duration',$center_border6_format); 1815 | $ScanInfo_worksheet->write(1, 8, 'Experimental Tests',$center_border6_format); 1816 | $ScanInfo_worksheet->write(1, 9, 'Credentialed Checks',$center_border6_format); 1817 | $ScanInfo_worksheet->write(1, 10, 'Patch Management Checks',$center_border6_format); 1818 | $ScanInfo_worksheet->write(1, 11, 'Safe Checks',$center_border6_format); 1819 | $ScanInfo_worksheet->write(1, 12, 'CGI Scanning',$center_border6_format); 1820 | $ScanInfo_worksheet->write(1, 13, 'We Application Tests',$center_border6_format); 1821 | $ScanInfo_worksheet->write(1, 14, 'Paranoia level',$center_border6_format); 1822 | $ScanInfo_worksheet->write(1, 15, 'Thorough tests',$center_border6_format); 1823 | $ScanInfo_worksheet->freeze_panes('C3'); 1824 | $ScanInfo_worksheet->autofilter('A2:Q2'); 1825 | $ScanInfo_worksheet->set_column('A:A', 20); 1826 | $ScanInfo_worksheet->set_column('B:C', 15); 1827 | $ScanInfo_worksheet->set_column('D:G', 25); 1828 | $ScanInfo_worksheet->set_column('H:J', 20); 1829 | $ScanInfo_worksheet->set_column('K:O', 20); 1830 | $ScanInfo_worksheet->set_column('P:P', 20); 1831 | $ScanInfo_worksheet->set_column('Q:Q', 20); 1832 | 1833 | foreach my $e (@ScanInfo){ 1834 | my @tmp = split /\|/, $e->{plugin_output}; 1835 | shift @tmp; 1836 | shift @tmp; 1837 | foreach (@tmp){my ($k,$v) = split ":",$_;$k = "po-$k";$k =~ s/ $//;$k =~ s/ /\-/g;$e->{$k} = $v;} 1838 | $ScanInfo_worksheet->write($ScanInfo_ctr, 0, $e->{file},$cell_format); 1839 | $ScanInfo_worksheet->write($ScanInfo_ctr, 1, $e->{"host-ip"},$cell_format); 1840 | $ScanInfo_worksheet->write($ScanInfo_ctr, 2, $e->{name},$cell_format); 1841 | $ScanInfo_worksheet->write($ScanInfo_ctr, 3, $e->{"operating-system"},$cell_format); 1842 | $ScanInfo_worksheet->write($ScanInfo_ctr, 4, $e->{"system-type"},$cell_format); 1843 | $ScanInfo_worksheet->write($ScanInfo_ctr, 5, $e->{HOST_START},$cell_format); 1844 | $ScanInfo_worksheet->write($ScanInfo_ctr, 6, $e->{HOST_END},$cell_format); 1845 | $ScanInfo_worksheet->write($ScanInfo_ctr, 7, $e->{'po-Scan-duration'},$cell_format); 1846 | $ScanInfo_worksheet->write($ScanInfo_ctr, 8, $e->{'po-Experimental-tests'},$cell_format); 1847 | $ScanInfo_worksheet->write($ScanInfo_ctr, 9, $e->{'po-Credentialed-checks'},$cell_format); 1848 | $ScanInfo_worksheet->write($ScanInfo_ctr, 10, $e->{'po-Patch-management-checks'},$cell_format); 1849 | $ScanInfo_worksheet->write($ScanInfo_ctr, 11, $e->{'po-Safe-checks'},$cell_format); 1850 | $ScanInfo_worksheet->write($ScanInfo_ctr, 12, $e->{'po-CGI-scanning'},$cell_format); 1851 | $ScanInfo_worksheet->write($ScanInfo_ctr, 13, $e->{'po-Web-application-tests'},$cell_format); 1852 | $ScanInfo_worksheet->write($ScanInfo_ctr, 14, $e->{'po-Paranoia-level'},$cell_format); 1853 | $ScanInfo_worksheet->write($ScanInfo_ctr, 15, $e->{'po-Thorough-tests'},$cell_format); 1854 | ++$ScanInfo_ctr; 1855 | } 1856 | ## end of foreach my $e (@ScanInfo) 1857 | } 1858 | ### end of ScanInfo 1859 | 1860 | my $cvss_total_score_ctr = 5; 1861 | print "Storing CVSS Total Score Data Table\n"; 1862 | my $cvss_total_score_worksheet = $workbook->add_worksheet('CVSS Score Total'); 1863 | $cvss_total_score_worksheet->write_url( 'A1', $home_url, $url_format, $_); 1864 | $cvss_total_score_worksheet->keep_leading_zeros(); 1865 | $cvss_total_score_worksheet->write(4, 0, 'Host IP Address',$center_border6_format); 1866 | $cvss_total_score_worksheet->write(4, 1, 'Total',$center_border6_format); 1867 | $cvss_total_score_worksheet->write(4, 2, 'Base Total',$center_border6_format); 1868 | $cvss_total_score_worksheet->write(4, 3, 'Temporal Total',$center_border6_format); 1869 | $cvss_total_score_worksheet->write(4, 4, 'Base Critical Severity (4)',$center_border6_format); 1870 | $cvss_total_score_worksheet->write(4, 5, 'Temporal Critical Severity (4)',$center_border6_format); 1871 | $cvss_total_score_worksheet->write(4, 6, 'Base High Severity (3)',$center_border6_format); 1872 | $cvss_total_score_worksheet->write(4, 7, 'Temporal High Severity (3)',$center_border6_format); 1873 | $cvss_total_score_worksheet->write(4, 8, 'Base Medium Severity (2)',$center_border6_format); 1874 | $cvss_total_score_worksheet->write(4, 9, 'Temporal Medium Severity (2)',$center_border6_format); 1875 | $cvss_total_score_worksheet->write(1, 1, 'Critical',$center_border6_format); 1876 | $cvss_total_score_worksheet->write(1, 2, 'High',$center_border6_format); 1877 | $cvss_total_score_worksheet->write(1, 3, 'Medium',$center_border6_format); 1878 | $cvss_total_score_worksheet->write(2, 0, 'Multiplier',$center_border6_format); 1879 | $cvss_total_score_worksheet->write(2, 1, '1',$cell_format); 1880 | $cvss_total_score_worksheet->write(2, 2, '1',$cell_format); 1881 | $cvss_total_score_worksheet->write(2, 3, '1',$cell_format); 1882 | $cvss_total_score_worksheet->freeze_panes('E6'); 1883 | $cvss_total_score_worksheet->autofilter('A5:T5'); 1884 | $cvss_total_score_worksheet->set_column('A:J', 20); 1885 | 1886 | foreach (keys %cvss_score){ 1887 | my $formulia_cnt = $cvss_total_score_ctr + 1; 1888 | my $total_sum = "\=C$formulia_cnt\+D$formulia_cnt"; 1889 | my $base_sum = "\=\(\$B\$3\*E$formulia_cnt\)\+\(\$C\$3\*G$formulia_cnt\)\+\(\$D\$3\*I$formulia_cnt\)"; 1890 | my $temporal_sum ="\=\(\$B\$3\*F$formulia_cnt\)\+\(\$C\$3\*H$formulia_cnt\)\+\(\$D\$3\*J$formulia_cnt\)"; 1891 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 0, $_,$cell_format); 1892 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 1, $total_sum,$cell_format); 1893 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 2, $base_sum,$cell_format); 1894 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 3, $temporal_sum,$cell_format); 1895 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 4, $cvss_score{$_}->{critical_base_score},$cell_format); 1896 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 5, $cvss_score{$_}->{critical_temporal_score},$cell_format); 1897 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 6, $cvss_score{$_}->{high_base_score},$cell_format); 1898 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 7, $cvss_score{$_}->{high_temporal_score},$cell_format); 1899 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 8, $cvss_score{$_}->{med_base_score},$cell_format); 1900 | $cvss_total_score_worksheet->write($cvss_total_score_ctr, 9, $cvss_score{$_}->{med_temporal_score},$cell_format); 1901 | ++$cvss_total_score_ctr; 1902 | } 1903 | # end foreach (keys %cvss_score) 1904 | 1905 | if($vulnerability_data{criticalvuln}->[0] ne ""){ 1906 | my $vuln_type = "criticalvuln"; 1907 | my $criticalvulns_worksheet = $workbook->add_worksheet('Critical'); 1908 | $criticalvulns_worksheet->set_tab_color('red'); 1909 | print "Storing $vuln_type Vulnerabilities Table\n"; 1910 | $criticalvulns_worksheet = vulnerability_plugin_worksheet($vuln_type,$criticalvulns_worksheet); 1911 | } 1912 | ## end of Critical 1913 | 1914 | if($vulnerability_data{highvuln}->[0] ne ""){ 1915 | my $vuln_type = "highvuln"; 1916 | my $highvulns_worksheet = $workbook->add_worksheet('High'); 1917 | $highvulns_worksheet->set_tab_color('orange'); 1918 | print "Storing $vuln_type Vulnerabilities Table\n"; 1919 | $highvulns_worksheet = vulnerability_plugin_worksheet($vuln_type,$highvulns_worksheet); 1920 | } 1921 | ## end of Critical 1922 | 1923 | if($vulnerability_data{medvuln}->[0] ne ""){ 1924 | my $vuln_type = "medvuln"; 1925 | my $medvulns_worksheet = $workbook->add_worksheet('Medium'); 1926 | $medvulns_worksheet->set_tab_color('yellow'); 1927 | print "Storing $vuln_type Vulnerabilities Table\n"; 1928 | $medvulns_worksheet = vulnerability_plugin_worksheet($vuln_type,$medvulns_worksheet); 1929 | } 1930 | ## end of Critical 1931 | 1932 | if($vulnerability_data{lowvuln}->[0] ne ""){ 1933 | my $vuln_type = "lowvuln"; 1934 | my $lowvulns_worksheet = $workbook->add_worksheet('low'); 1935 | $lowvulns_worksheet->set_tab_color('green'); 1936 | print "Storing $vuln_type Vulnerabilities Table\n"; 1937 | $lowvulns_worksheet = vulnerability_plugin_worksheet($vuln_type,$lowvulns_worksheet); 1938 | } 1939 | ## end of Critical 1940 | 1941 | if($vulnerability_data{nonevuln}->[0] ne ""){ 1942 | my $vuln_type = "nonevuln"; 1943 | my $nonevulns_worksheet = $workbook->add_worksheet('Information'); 1944 | $nonevulns_worksheet->set_tab_color('blue'); 1945 | print "Storing $vuln_type Vulnerabilities Table\n"; 1946 | $nonevulns_worksheet = vulnerability_plugin_worksheet($vuln_type,$nonevulns_worksheet); 1947 | } 1948 | ## end of Critical 1949 | 1950 | my $CPE_ReportData_ctr = 2; 1951 | print "Storing CPE_ReportData Table\n"; 1952 | my $CPE_ReportData_worksheet = $workbook->add_worksheet('CPE Report Data'); 1953 | $CPE_ReportData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 1954 | $CPE_ReportData_worksheet->keep_leading_zeros(); 1955 | $CPE_ReportData_worksheet->write(1, 0, 'File',$center_border6_format); 1956 | $CPE_ReportData_worksheet->write(1, 1, 'IP Address',$center_border6_format); 1957 | $CPE_ReportData_worksheet->write(1, 2, 'FQDN',$center_border6_format); 1958 | $CPE_ReportData_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 1959 | $CPE_ReportData_worksheet->write(1, 4, 'Name',$center_border6_format); 1960 | $CPE_ReportData_worksheet->write(1, 5, 'Plugin Family',$center_border6_format); 1961 | $CPE_ReportData_worksheet->write(1, 6, 'Plugin ID',$center_border6_format); 1962 | $CPE_ReportData_worksheet->write(1, 7, 'Plugin Name',$center_border6_format); 1963 | $CPE_ReportData_worksheet->write(1, 8, 'CPE',$center_border6_format); 1964 | $CPE_ReportData_worksheet->write(1, 9, 'CPE Source',$center_border6_format); 1965 | 1966 | $CPE_ReportData_worksheet->freeze_panes('C3'); 1967 | $CPE_ReportData_worksheet->autofilter('A2:Z2'); 1968 | $CPE_ReportData_worksheet->set_column('A:Z',20); 1969 | $CPE_ReportData_worksheet->set_column('B:B',15); 1970 | $CPE_ReportData_worksheet->set_column('C:C',25); 1971 | $CPE_ReportData_worksheet->set_column('D:G',15); 1972 | $CPE_ReportData_worksheet->set_column('H:I',35); 1973 | 1974 | foreach my $host (@cpe_data){ 1975 | my @tmp_cpe; 1976 | if ($host->{cpe} =~ /\n/) {@tmp_cpe = split /\n/,$host->{cpe};} 1977 | else{push @tmp_cpe, $host->{cpe}} 1978 | 1979 | foreach my $e (@tmp_cpe){ 1980 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 0, $host->{"file"},$cell_format); 1981 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 1, $host->{"host-ip"},$cell_format); 1982 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 2, $host->{"fqdn"},$cell_format); 1983 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 3, $host->{"netbios-name"},$cell_format); 1984 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 4, $host->{"name"},$cell_format); 1985 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 5, $host->{"pluginFamily"},$cell_format); 1986 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 6, $host->{"pluginID"},$cell_format); 1987 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 7, $host->{"pluginName"},$cell_format); 1988 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 8, $e,$cell_format); 1989 | $CPE_ReportData_worksheet->write($CPE_ReportData_ctr, 9, $host->{'cpe-source'},$cell_format); 1990 | ++$CPE_ReportData_ctr; 1991 | } 1992 | # end of foreach my $e (@tmp_cpe) 1993 | } 1994 | # end foreach (@cpe_data) 1995 | 1996 | my $DeviceType_Datactr = 2; 1997 | print "Storing Device Type Data Table\n"; 1998 | my $DeviceType_Data_worksheet = $workbook->add_worksheet('Device Type'); 1999 | $DeviceType_Data_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2000 | $DeviceType_Data_worksheet->keep_leading_zeros(); 2001 | $DeviceType_Data_worksheet->write(1, 0, 'File',$center_border6_format); 2002 | $DeviceType_Data_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2003 | $DeviceType_Data_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2004 | $DeviceType_Data_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 2005 | $DeviceType_Data_worksheet->write(1, 4, 'Name',$center_border6_format); 2006 | $DeviceType_Data_worksheet->write(1, 5, 'Device Type',$center_border6_format); 2007 | $DeviceType_Data_worksheet->write(1, 6, 'Confidence Level',$center_border6_format); 2008 | 2009 | $DeviceType_Data_worksheet->freeze_panes('C3'); 2010 | $DeviceType_Data_worksheet->autofilter('A2:Z2'); 2011 | $DeviceType_Data_worksheet->set_column('A:Z',20); 2012 | $DeviceType_Data_worksheet->set_column('B:B',15); 2013 | $DeviceType_Data_worksheet->set_column('C:C',25); 2014 | $DeviceType_Data_worksheet->set_column('D:G',15); 2015 | $DeviceType_Data_worksheet->set_column('H:I',35); 2016 | 2017 | foreach my $host (@DeviceType){ 2018 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 0, $host->{"file"},$cell_format); 2019 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 1, $host->{"host-ip"},$cell_format); 2020 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 2, $host->{"fqdn"},$cell_format); 2021 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 3, $host->{"netbios-name"},$cell_format); 2022 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 4, $host->{"name"},$cell_format); 2023 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 5, $host->{type},$cell_format); 2024 | $DeviceType_Data_worksheet->write($DeviceType_Datactr, 6, $host->{confidenceLevel},$cell_format); 2025 | ++$DeviceType_Datactr; 2026 | } 2027 | # end foreach (@ DeviceType) 2028 | 2029 | my $HostConfigData_ctr = 2; 2030 | print "Storing HostConfigData Table\n"; 2031 | my $HostConfigData_worksheet = $workbook->add_worksheet('HostConfigData'); 2032 | $HostConfigData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2033 | $HostConfigData_worksheet->keep_leading_zeros(); 2034 | $HostConfigData_worksheet->write(1, 0, 'File',$center_border6_format); 2035 | $HostConfigData_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2036 | $HostConfigData_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2037 | $HostConfigData_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 2038 | $HostConfigData_worksheet->write(1, 4, 'OS',$center_border6_format); 2039 | $HostConfigData_worksheet->write(1, 5, 'Local Check Protocol',$center_border6_format); 2040 | $HostConfigData_worksheet->write(1, 6, 'MAC Address',$center_border6_format); 2041 | $HostConfigData_worksheet->write(1, 7, 'IP / Name',$center_border6_format); 2042 | $HostConfigData_worksheet->write(1, 8, 'Severity None (0)',$center_border6_format); 2043 | $HostConfigData_worksheet->write(1, 9, 'Severity Low (1)',$center_border6_format); 2044 | $HostConfigData_worksheet->write(1, 10, 'Severity Medium (2)',$center_border6_format); 2045 | $HostConfigData_worksheet->write(1, 11, 'Severity High (3)',$center_border6_format); 2046 | $HostConfigData_worksheet->write(1, 12, 'Severity Critical (4)',$center_border6_format); 2047 | $HostConfigData_worksheet->write(1, 13, 'Minimum password len',$center_border6_format); 2048 | $HostConfigData_worksheet->write(1, 14, 'Password history len',$center_border6_format); 2049 | $HostConfigData_worksheet->write(1, 15, 'Maximum password age days',$center_border6_format); 2050 | $HostConfigData_worksheet->write(1, 16, 'Password must meet complexity requirements',$center_border6_format); 2051 | $HostConfigData_worksheet->write(1, 17, 'Minimum password age days',$center_border6_format); 2052 | $HostConfigData_worksheet->write(1, 18, 'Forced logoff time Seconds',$center_border6_format); 2053 | $HostConfigData_worksheet->write(1, 19, 'Locked account time seconds',$center_border6_format); 2054 | $HostConfigData_worksheet->write(1, 20, 'Time between failed logon seconds',$center_border6_format); 2055 | $HostConfigData_worksheet->write(1, 21, 'Number of invalid logon before locked out seconds',$center_border6_format); 2056 | $HostConfigData_worksheet->freeze_panes('C3'); 2057 | $HostConfigData_worksheet->autofilter('A2:Z2'); 2058 | $HostConfigData_worksheet->set_column('A:Z',20); 2059 | $HostConfigData_worksheet->set_column('B:B',15); 2060 | $HostConfigData_worksheet->set_column('C:C',25); 2061 | $HostConfigData_worksheet->set_column('D:D',15); 2062 | $HostConfigData_worksheet->set_column('E:H',15); 2063 | 2064 | foreach my $host (@host_data){ 2065 | $HostConfigData_worksheet->write($HostConfigData_ctr, 0, $host->{"file"},$cell_format); 2066 | $HostConfigData_worksheet->write($HostConfigData_ctr, 1, $host->{"host-ip"},$cell_format); 2067 | $HostConfigData_worksheet->write($HostConfigData_ctr, 2, $host->{"host-fqdn"},$cell_format); 2068 | $HostConfigData_worksheet->write($HostConfigData_ctr, 3, $host->{"netbios-name"},$cell_format); 2069 | $HostConfigData_worksheet->write($HostConfigData_ctr, 4, $host->{"operating-system"},$cell_format); 2070 | $HostConfigData_worksheet->write($HostConfigData_ctr, 5, $host->{"local-checks-proto"},$cell_format); 2071 | $HostConfigData_worksheet->write($HostConfigData_ctr, 6, $host->{"mac-address"},$cell_format); 2072 | $HostConfigData_worksheet->write($HostConfigData_ctr, 7, $host->{"name"},$cell_format); 2073 | $HostConfigData_worksheet->write($HostConfigData_ctr, 8, $host->{vuln_cnt}->{sev0},$cell_format); 2074 | $HostConfigData_worksheet->write($HostConfigData_ctr, 9, $host->{vuln_cnt}->{sev1},$cell_format); 2075 | $HostConfigData_worksheet->write($HostConfigData_ctr, 10, $host->{vuln_cnt}->{sev2},$cell_format); 2076 | $HostConfigData_worksheet->write($HostConfigData_ctr, 11, $host->{vuln_cnt}->{sev3},$cell_format); 2077 | $HostConfigData_worksheet->write($HostConfigData_ctr, 12, $host->{vuln_cnt}->{sev4},$cell_format); 2078 | $HostConfigData_worksheet->write($HostConfigData_ctr, 13, $host->{'Minimum password len'},$cell_format); 2079 | $HostConfigData_worksheet->write($HostConfigData_ctr, 14, $host->{'Password history len'},$cell_format); 2080 | $HostConfigData_worksheet->write($HostConfigData_ctr, 15, $host->{'Maximum password age (d)'},$cell_format); 2081 | $HostConfigData_worksheet->write($HostConfigData_ctr, 16, $host->{'Password must meet complexity requirements'},$cell_format); 2082 | $HostConfigData_worksheet->write($HostConfigData_ctr, 17, $host->{'Minimum password age (d)'},$cell_format); 2083 | $HostConfigData_worksheet->write($HostConfigData_ctr, 18, $host->{'Forced logoff time (s)'},$cell_format); 2084 | $HostConfigData_worksheet->write($HostConfigData_ctr, 19, $host->{'Locked account time (s)'},$cell_format); 2085 | $HostConfigData_worksheet->write($HostConfigData_ctr, 20, $host->{'Time between failed logon (s)'},$cell_format); 2086 | $HostConfigData_worksheet->write($HostConfigData_ctr, 21, $host->{'Number of invalid logon before locked out (s)'},$cell_format); 2087 | ++$HostConfigData_ctr; 2088 | } 2089 | # end foreach (@HostConfigData) 2090 | 2091 | if ($portScanner[0] ne "") { 2092 | my $portScanData_ctr = 2; 2093 | print "Storing portScanData Table\n"; 2094 | my $portScanData_worksheet = $workbook->add_worksheet('portScanData'); 2095 | $portScanData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2096 | $portScanData_worksheet->keep_leading_zeros(); 2097 | $portScanData_worksheet->write(1, 0, 'File',$center_border6_format); 2098 | $portScanData_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2099 | $portScanData_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2100 | $portScanData_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 2101 | $portScanData_worksheet->write(1, 4, 'OS',$center_border6_format); 2102 | $portScanData_worksheet->write(1, 5, 'Plugin Name',$center_border6_format); 2103 | $portScanData_worksheet->write(1, 6, 'Protocol',$center_border6_format); 2104 | $portScanData_worksheet->write(1, 7, 'Port',$center_border6_format); 2105 | $portScanData_worksheet->write(1, 8, 'Sevice Name',$center_border6_format); 2106 | $portScanData_worksheet->write(1, 9, 'Plugin Output',$center_border6_format); 2107 | $portScanData_worksheet->write(1, 10, 'DELETE',$center_border6_format); 2108 | $portScanData_worksheet->freeze_panes('C3'); 2109 | $portScanData_worksheet->autofilter('A2:K2'); 2110 | $portScanData_worksheet->set_column('A:Z',20); 2111 | 2112 | foreach my $host (@portScanner){ 2113 | $portScanData_worksheet->write($portScanData_ctr, 0, $host->{"file"},$cell_format); 2114 | $portScanData_worksheet->write($portScanData_ctr, 1, $host->{"name"},$cell_format); 2115 | $portScanData_worksheet->write($portScanData_ctr, 2, $host->{"fqdn"},$cell_format); 2116 | $portScanData_worksheet->write($portScanData_ctr, 3, $host->{"netbios_name"},$cell_format); 2117 | $portScanData_worksheet->write($portScanData_ctr, 4, $host->{"operating_system"},$cell_format); 2118 | $portScanData_worksheet->write($portScanData_ctr, 5, $host->{vuln}->{-pluginName},$cell_format); 2119 | $portScanData_worksheet->write($portScanData_ctr, 6, $host->{vuln}->{-protocol},$cell_format); 2120 | $portScanData_worksheet->write($portScanData_ctr, 7, $host->{vuln}->{-port},$cell_format); 2121 | $portScanData_worksheet->write($portScanData_ctr, 8, $host->{vuln}->{-svc_name},$cell_format); 2122 | $portScanData_worksheet->write($portScanData_ctr, 9, $host->{vuln}->{plugin_output},$cell_format); 2123 | $portScanData_worksheet->write($portScanData_ctr, 10, $host->{vuln}->{-pluginFamily},$cell_format); 2124 | ++$portScanData_ctr; 2125 | } 2126 | # end foreach (@portScanData) 2127 | } 2128 | # end of if ($portScanner[0] ne "") 2129 | 2130 | if ($installedSoftware[0] ne "") { 2131 | my $InstalledSoftwareData_ctr = 2; 2132 | print "Storing InstalledSoftwareData Table\n"; 2133 | my $InstalledSoftwareData_worksheet = $workbook->add_worksheet('InstalledSoftwareData'); 2134 | $InstalledSoftwareData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2135 | $InstalledSoftwareData_worksheet->keep_leading_zeros(); 2136 | $InstalledSoftwareData_worksheet->write(1, 0, 'File',$center_border6_format); 2137 | $InstalledSoftwareData_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2138 | $InstalledSoftwareData_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2139 | $InstalledSoftwareData_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 2140 | $InstalledSoftwareData_worksheet->write(1, 4, 'Operating System',$center_border6_format); 2141 | $InstalledSoftwareData_worksheet->write(1, 5, 'Plugin ID',$center_border6_format); 2142 | $InstalledSoftwareData_worksheet->write(1, 6, 'Plugin Name',$center_border6_format); 2143 | $InstalledSoftwareData_worksheet->write(1, 7, 'Software',$center_border6_format); 2144 | $InstalledSoftwareData_worksheet->freeze_panes('C3'); 2145 | $InstalledSoftwareData_worksheet->autofilter('A2:H2'); 2146 | $InstalledSoftwareData_worksheet->set_column('A:Z',20); 2147 | $InstalledSoftwareData_worksheet->set_column('B:B',15); 2148 | $InstalledSoftwareData_worksheet->set_column('C:C',25); 2149 | $InstalledSoftwareData_worksheet->set_column('D:D',15); 2150 | $InstalledSoftwareData_worksheet->set_column('E:E',15); 2151 | $InstalledSoftwareData_worksheet->set_column('H:H',60); 2152 | 2153 | foreach my $host (@installedSoftware){ 2154 | my $software; 2155 | my @t1 = split /\|\|/, $host->{vuln}->{plugin_output}; 2156 | my @t3; 2157 | my @t2 = split /\|/, $t1[1]; 2158 | foreach (@t2){$_ =~ s/^\s+//} 2159 | my $cnt = @t2; 2160 | --$cnt; 2161 | while ($cnt > 0) { 2162 | my $s = "$t2[$cnt-1] $t2[$cnt]"; 2163 | push @t3, $s; 2164 | $cnt = $cnt-2; 2165 | } 2166 | $software = join ";", @t3; 2167 | 2168 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 0, $host->{file},$cell_format); 2169 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 1, $host->{name},$cell_format); 2170 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 2, $host->{fqdn},$cell_format); 2171 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 3, $host->{netbios_name},$cell_format); 2172 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 4, $host->{operating_system},$cell_format); 2173 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 5, $host->{vuln}->{-pluginID},$cell_format); 2174 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 6, $host->{vuln}->{-pluginName},$cell_format); 2175 | $InstalledSoftwareData_worksheet->write($InstalledSoftwareData_ctr, 7, $software,$cell_format); 2176 | ++$InstalledSoftwareData_ctr; 2177 | } 2178 | # end foreach (@InstalledSoftwareData) 2179 | } 2180 | 2181 | 2182 | ##################################### BEGIN OF COMPLIANCE TESTING 2183 | 2184 | foreach my $c (keys %complaince){ 2185 | print "Storing $c Table\n"; 2186 | my $result = compliance_worksheet($c); 2187 | } 2188 | # end of foreach my $keys (%complaince) 2189 | 2190 | ##################################### END OF COMPLIANCE TESTING 2191 | 2192 | if($PCIDSS[0] ne "") { 2193 | print "Storing PCI DSS Table\n"; 2194 | my $PCIDSS_ctr = 2; 2195 | our $PCIDSS_worksheet = $workbook->add_worksheet('PCIDSSPolicy'); 2196 | $PCIDSS_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2197 | $PCIDSS_worksheet->keep_leading_zeros(); 2198 | $PCIDSS_worksheet->write(1, 0, 'File',$center_border6_format); 2199 | $PCIDSS_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2200 | $PCIDSS_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2201 | $PCIDSS_worksheet->write(1, 3, 'PluginID',$center_border6_format); 2202 | $PCIDSS_worksheet->write(1, 4, 'protocol',$center_border6_format); 2203 | $PCIDSS_worksheet->write(1, 5, 'severity',$center_border6_format); 2204 | $PCIDSS_worksheet->write(1, 6, 'pluginFamily',$center_border6_format); 2205 | $PCIDSS_worksheet->write(1, 7, 'plugin Type',$center_border6_format); 2206 | $PCIDSS_worksheet->write(1, 8, 'Synopsis',$center_border6_format); 2207 | $PCIDSS_worksheet->write(1, 9, 'Plugin Output',$center_border6_format); 2208 | $PCIDSS_worksheet->write(1, 10, 'See Also',$center_border6_format); 2209 | $PCIDSS_worksheet->set_tab_color('blue'); 2210 | $PCIDSS_worksheet->freeze_panes('C3'); 2211 | $PCIDSS_worksheet->autofilter('A2:K2'); 2212 | $PCIDSS_worksheet->set_column('A:K', 20); 2213 | foreach (@PCIDSS){ 2214 | $PCIDSS_worksheet->write($PCIDSS_ctr, 0, $_->{'file'},$cell_format); 2215 | $PCIDSS_worksheet->write($PCIDSS_ctr, 1, $_->{'name'},$cell_format); 2216 | $PCIDSS_worksheet->write($PCIDSS_ctr, 2, $_->{'fqdn'},$cell_format); 2217 | $PCIDSS_worksheet->write($PCIDSS_ctr, 3, $_->{vuln}->{-pluginID},$cell_format);#PluginID 2218 | $PCIDSS_worksheet->write($PCIDSS_ctr, 4, $_->{vuln}->{-protocol},$cell_format);#protocol 2219 | $PCIDSS_worksheet->write($PCIDSS_ctr, 5, $_->{vuln}->{-severity},$cell_format);#severity 2220 | $PCIDSS_worksheet->write($PCIDSS_ctr, 6, $_->{vuln}->{-pluginFamily},$cell_format);#pluginFamily 2221 | $PCIDSS_worksheet->write($PCIDSS_ctr, 7, $_->{vuln}->{plugin_type},$cell_format); 2222 | $PCIDSS_worksheet->write($PCIDSS_ctr, 8, $_->{vuln}->{synopsis},$cell_format); 2223 | $PCIDSS_worksheet->write($PCIDSS_ctr, 9, $_->{vuln}->{plugin_output},$cell_format); 2224 | $PCIDSS_worksheet->write($PCIDSS_ctr, 10, " $_->{vuln}->{see_also}",$cell_format); 2225 | ++$PCIDSS_ctr; 2226 | } 2227 | # end foreach (@PCIDSS) 2228 | } 2229 | # end of @PCIDSS 2230 | 2231 | if($WirelessAccessPointDetection[0] ne ""){ 2232 | print "Storing WirelessAccessPointDetection Table\n"; 2233 | my $WirelessAccessPointDetection_ctr = 2; 2234 | our $WirelessAccessPointDetection_worksheet = $workbook->add_worksheet('WAP Detection Policy'); 2235 | $WirelessAccessPointDetection_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2236 | $WirelessAccessPointDetection_worksheet->keep_leading_zeros(); 2237 | $WirelessAccessPointDetection_worksheet->write(1, 0, 'Name',$center_border6_format); 2238 | $WirelessAccessPointDetection_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2239 | $WirelessAccessPointDetection_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2240 | $WirelessAccessPointDetection_worksheet->write(1, 3, 'Operating System',$center_border6_format); 2241 | $WirelessAccessPointDetection_worksheet->write(1, 4, 'MAC Address',$center_border6_format); 2242 | $WirelessAccessPointDetection_worksheet->write(1, 5, 'System Type',$center_border6_format); 2243 | $WirelessAccessPointDetection_worksheet->write(1, 6, 'Plugin Output',$center_border6_format); 2244 | $WirelessAccessPointDetection_worksheet->freeze_panes('C3'); 2245 | $WirelessAccessPointDetection_worksheet->autofilter('A2:K2'); 2246 | $WirelessAccessPointDetection_worksheet->set_column('A:M', 20); 2247 | foreach (@WirelessAccessPointDetection){ 2248 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 0, $_->{'name'},$cell_format); 2249 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 1, $_->{'host-ip'},$cell_format); 2250 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 2, $_->{'host-fqdn'},$cell_format); 2251 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 3, $_->{'operating-system'},$cell_format); 2252 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 4, $_->{"mac-address"},$cell_format); 2253 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 5, $_->{'system-type'},$cell_format); 2254 | $WirelessAccessPointDetection_worksheet->write($WirelessAccessPointDetection_ctr, 6, $_->{"plugin-output"},$cell_format); 2255 | ++$WirelessAccessPointDetection_ctr; 2256 | } 2257 | # end foreach (@WirelessAccessPointDetection) 2258 | } 2259 | # end of @WirelessAccessPointDetection 2260 | 2261 | if($WinWirelessSSID[0] ne ""){ 2262 | print "Storing WinWirelessSSID Table\n"; 2263 | my $WinWirelessSSID_ctr = 2; 2264 | my $WinWirelessSSID_worksheet = $workbook->add_worksheet('Wireless SSID Detection Policy'); 2265 | $WinWirelessSSID_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2266 | $WinWirelessSSID_worksheet->keep_leading_zeros(); 2267 | $WinWirelessSSID_worksheet->write(1, 0, 'Name',$center_border6_format); 2268 | $WinWirelessSSID_worksheet->write(1, 1, 'IP Address',$center_border6_format); 2269 | $WinWirelessSSID_worksheet->write(1, 2, 'FQDN',$center_border6_format); 2270 | $WinWirelessSSID_worksheet->write(1, 3, 'Operating System',$center_border6_format); 2271 | $WinWirelessSSID_worksheet->write(1, 4, 'MAC Address',$center_border6_format); 2272 | $WinWirelessSSID_worksheet->write(1, 5, 'System Type',$center_border6_format); 2273 | $WinWirelessSSID_worksheet->write(1, 6, 'Network Interface Card',$center_border6_format); 2274 | $WinWirelessSSID_worksheet->write(1, 7, 'Network SSID',$center_border6_format); 2275 | $WinWirelessSSID_worksheet->freeze_panes('C3'); 2276 | $WinWirelessSSID_worksheet->autofilter('A2:K2'); 2277 | $WinWirelessSSID_worksheet->set_column('A:M', 20); 2278 | foreach (@WinWirelessSSID){ 2279 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 0, $_->{'name'},$cell_format); 2280 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 1, $_->{'host-ip'},$cell_format); 2281 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 2, $_->{'host-fqdn'},$cell_format); 2282 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 3, $_->{'operating-system'},$cell_format); 2283 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 4, $_->{"mac-address"},$cell_format); 2284 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 5, $_->{'system-type'},$cell_format); 2285 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 6, $_->{"nic"},$cell_format); 2286 | $WinWirelessSSID_worksheet->write($WinWirelessSSID_ctr, 7, $_->{"ssid"},$cell_format); 2287 | ++$WinWirelessSSID_ctr; 2288 | } 2289 | # end foreach (@WinWirelessSSID) 2290 | } 2291 | # end of @WinWirelessSSID 2292 | 2293 | if($EnumLocalGrp[0] ne "") { 2294 | my $EnumLocalGrpctr = 2; 2295 | print "Storing EnumLocalGrp Data Table\n"; 2296 | my $EnumLocalGrpworksheet = $workbook->add_worksheet('EnumLocalGrp'); 2297 | $EnumLocalGrpworksheet->write_url( 'A1', $home_url, $url_format, $_); 2298 | $EnumLocalGrpworksheet->keep_leading_zeros(); 2299 | $EnumLocalGrpworksheet->write(1, 0, 'File',$center_border6_format); 2300 | $EnumLocalGrpworksheet->write(1, 1, 'IP Address',$center_border6_format); 2301 | $EnumLocalGrpworksheet->write(1, 2, 'FQDN',$center_border6_format); 2302 | $EnumLocalGrpworksheet->write(1, 3, 'Netbios Name',$center_border6_format); 2303 | $EnumLocalGrpworksheet->write(1, 4, "Group Name",$center_border6_format); 2304 | $EnumLocalGrpworksheet->write(1, 5, "Group SID",$center_border6_format); 2305 | $EnumLocalGrpworksheet->write(1, 6, "Member Count",$center_border6_format); 2306 | $EnumLocalGrpworksheet->write(1, 7, "Class",$center_border6_format); 2307 | $EnumLocalGrpworksheet->write(1, 8, "Domain",$center_border6_format); 2308 | $EnumLocalGrpworksheet->write(1, 9, "Username",$center_border6_format); 2309 | $EnumLocalGrpworksheet->write(1, 10, "User SID",$center_border6_format); 2310 | $EnumLocalGrpworksheet->freeze_panes('C3'); 2311 | $EnumLocalGrpworksheet->autofilter('A2:J2'); 2312 | $EnumLocalGrpworksheet->set_column('A:Z',20); 2313 | $EnumLocalGrpworksheet->set_column('B:B',15); 2314 | $EnumLocalGrpworksheet->set_column('C:J',25); 2315 | 2316 | foreach my $host (@EnumLocalGrp){ 2317 | foreach my $grp (@{$host->{groups}}){ 2318 | if (ref $grp->{members}->[0] eq "HASH") { 2319 | my $member_cnt = @{$grp->{members}}; 2320 | foreach my $m (@{$grp->{members}}){ 2321 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 0, $host->{"file"},$cell_format); 2322 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 1, $host->{"host-ip"},$cell_format); 2323 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 2, $host->{"fqdn"},$cell_format); 2324 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 3, $host->{"netbios-name"},$cell_format); 2325 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 4, $grp->{'Group Name'},$cell_format); 2326 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 5, $grp->{'Group SID'},$cell_format); 2327 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 6, $member_cnt,$cell_format); 2328 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 7, $m->{Class},$cell_format); 2329 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 8, $m->{Domain},$cell_format); 2330 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 9, $m->{Name},$cell_format); 2331 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 10, $m->{SID},$cell_format); 2332 | ++$EnumLocalGrpctr; 2333 | } 2334 | # end of foreach my $m (@{$grp->{members}}) 2335 | } 2336 | else{ 2337 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 0, $host->{"file"},$cell_format); 2338 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 1, $host->{"host-ip"},$cell_format); 2339 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 2, $host->{"fqdn"},$cell_format); 2340 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 3, $host->{"netbios-name"},$cell_format); 2341 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 4, $grp->{'Group Name'},$cell_format); 2342 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 5, $grp->{'Group SID'},$cell_format); 2343 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 6, '0',$cell_format); 2344 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 7, '',$cell_format); 2345 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 8, '',$cell_format); 2346 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 9, '',$cell_format); 2347 | $EnumLocalGrpworksheet->write($EnumLocalGrpctr, 10, '',$cell_format); 2348 | ++$EnumLocalGrpctr; 2349 | } 2350 | # end if..else 2351 | } 2352 | # end of foreach my $grp (@{$host->{groups}}) 2353 | } 2354 | # end foreach (@EnumLocalGrp) 2355 | } 2356 | # end @EnumLocalGrp 2357 | 2358 | if($MS_Process_Info[0] ne ""){ 2359 | my $MS_Process_Info_ctr = 2; 2360 | print "Storing MS Running Process Info Table\n"; 2361 | my $MS_Process_Info_worksheet = $workbook->add_worksheet('MS Running Process Info'); 2362 | $MS_Process_Info_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2363 | $MS_Process_Info_worksheet->keep_leading_zeros(); 2364 | $MS_Process_Info_worksheet->write(1, 0, "Index",$center_border6_format); 2365 | $MS_Process_Info_worksheet->write(1, 1, 'File',$center_border6_format); 2366 | $MS_Process_Info_worksheet->write(1, 2, 'IP Address',$center_border6_format); 2367 | $MS_Process_Info_worksheet->write(1, 3, 'FQDN',$center_border6_format); 2368 | $MS_Process_Info_worksheet->write(1, 4, 'Netbios Name',$center_border6_format); 2369 | $MS_Process_Info_worksheet->write(1, 5, "Process Name & Level",$center_border6_format); 2370 | $MS_Process_Info_worksheet->freeze_panes('C3'); 2371 | $MS_Process_Info_worksheet->autofilter('A2:E2'); 2372 | $MS_Process_Info_worksheet->set_column('A:A',10); 2373 | $MS_Process_Info_worksheet->set_column('B:B',25); 2374 | $MS_Process_Info_worksheet->set_column('D:D',25); 2375 | $MS_Process_Info_worksheet->set_column('E:E',15); 2376 | $MS_Process_Info_worksheet->set_column('F:F',80); 2377 | 2378 | foreach my $host (@MS_Process_Info){ 2379 | foreach my $p (@{$host->{processes}}){ 2380 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 0, $MS_Process_Info_ctr - 2,$cell_format); 2381 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 1, $host->{"file"},$cell_format); 2382 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 2, $host->{"host-ip"},$cell_format); 2383 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 3, $host->{"fqdn"},$cell_format); 2384 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 4, $host->{"netbios-name"},$cell_format); 2385 | $MS_Process_Info_worksheet->write($MS_Process_Info_ctr, 5, $p,$cell_format); 2386 | ++$MS_Process_Info_ctr; 2387 | } 2388 | # end of foreach my $p (@{$host->{processes}}) 2389 | } 2390 | # end foreach (@MS_Process_Info) 2391 | } 2392 | # end of @MS_Process_Info 2393 | 2394 | if(keys %ms_process_cnt > 0){ 2395 | my $ms_process_cnt_ctr = 2; 2396 | print "Storing MS Process Count Table\n"; 2397 | my $ms_process_cnt_worksheet = $workbook->add_worksheet('MS Process Count'); 2398 | $ms_process_cnt_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2399 | $ms_process_cnt_worksheet->keep_leading_zeros(); 2400 | $ms_process_cnt_worksheet->write(1, 0, 'Process Name',$center_border6_format); 2401 | $ms_process_cnt_worksheet->write(1, 1, 'Total Count',$center_border6_format); 2402 | $ms_process_cnt_worksheet->write(1, 2, 'IP address',$center_border6_format); 2403 | $ms_process_cnt_worksheet->write(1, 3, 'Count Per IP',$center_border6_format); 2404 | $ms_process_cnt_worksheet->freeze_panes('C3'); 2405 | $ms_process_cnt_worksheet->autofilter('A2:D2'); 2406 | $ms_process_cnt_worksheet->set_column('A:Z',20); 2407 | $ms_process_cnt_worksheet->set_column('B:B',15); 2408 | $ms_process_cnt_worksheet->set_column('C:C',25); 2409 | $ms_process_cnt_worksheet->set_column('D:D',15); 2410 | 2411 | foreach my $process (keys %ms_process_cnt){ 2412 | my $total_process_cnt = 0; 2413 | foreach my $ip (values %{$ms_process_cnt{$process}}){$total_process_cnt = $total_process_cnt + $ip;} 2414 | foreach my $ip (keys %{$ms_process_cnt{$process}}){ 2415 | $ms_process_cnt_worksheet->write($ms_process_cnt_ctr, 0, $process,$cell_format); 2416 | $ms_process_cnt_worksheet->write($ms_process_cnt_ctr, 1, $total_process_cnt,$cell_format); 2417 | $ms_process_cnt_worksheet->write($ms_process_cnt_ctr, 2, $ip,$cell_format); 2418 | $ms_process_cnt_worksheet->write($ms_process_cnt_ctr, 3, $ms_process_cnt{$process}->{$ip},$cell_format); 2419 | ++$ms_process_cnt_ctr; 2420 | } 2421 | # end of foreach my $ip (keys %{$ms_process_cnt{$process}}) 2422 | } 2423 | # end foreach (@ms_process_cnt) 2424 | } 2425 | # end of %ms_process_cnt 2426 | 2427 | my $UserAccountData_ctr = 2; 2428 | print "Storing UserAccountData Table\n"; 2429 | my $UserAccountData_worksheet = $workbook->add_worksheet('UserAccountData'); 2430 | $UserAccountData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2431 | $UserAccountData_worksheet->keep_leading_zeros(); 2432 | $UserAccountData_worksheet->write(1, 0, 'User Location',$center_border6_format); 2433 | $UserAccountData_worksheet->write(1, 1, 'Name',$center_border6_format); 2434 | $UserAccountData_worksheet->write(1, 2, 'SID',$center_border6_format); 2435 | $UserAccountData_worksheet->write(1, 3, 'type',$center_border6_format); 2436 | $UserAccountData_worksheet->write(1, 4, 'Never Changed Password',$center_border6_format); 2437 | $UserAccountData_worksheet->write(1, 5, 'Automatic Account Disabled',$center_border6_format); 2438 | $UserAccountData_worksheet->write(1, 6, 'Account Disabled',$center_border6_format); 2439 | $UserAccountData_worksheet->write(1, 7, 'Never Changed Password',$center_border6_format); 2440 | $UserAccountData_worksheet->write(1, 8, 'Never Logged In',$center_border6_format); 2441 | $UserAccountData_worksheet->write(1, 9, 'Guest Account Belongs to a Group',$center_border6_format); 2442 | $UserAccountData_worksheet->write(1, 10, 'Administrators',$center_border6_format); 2443 | $UserAccountData_worksheet->write(1, 11, 'Domain Administrators',$center_border6_format); 2444 | $UserAccountData_worksheet->write(1, 12, 'Account Operators',$center_border6_format); 2445 | $UserAccountData_worksheet->write(1, 13, 'Server Operators',$center_border6_format); 2446 | $UserAccountData_worksheet->write(1, 14, 'Backup Operators',$center_border6_format); 2447 | $UserAccountData_worksheet->write(1, 15, 'Print Operators',$center_border6_format); 2448 | $UserAccountData_worksheet->write(1, 16, 'Replicator',$center_border6_format); 2449 | $UserAccountData_worksheet->freeze_panes('C3'); 2450 | $UserAccountData_worksheet->autofilter('A2:S2'); 2451 | $UserAccountData_worksheet->set_column('A:S',20); 2452 | my $host_data_cnt = 2; 2453 | foreach my $user (@ADUsers){ 2454 | $UserAccountData_worksheet->write($UserAccountData_ctr, 0, "Active Directory"); 2455 | $UserAccountData_worksheet->write($UserAccountData_ctr, 1, $user->{'name'},$cell_format); 2456 | $UserAccountData_worksheet->write($UserAccountData_ctr, 2, $user->{'sid'},$cell_format); 2457 | $UserAccountData_worksheet->write($UserAccountData_ctr, 3, $user->{'type'},$cell_format); 2458 | $UserAccountData_worksheet->write($UserAccountData_ctr, 4, $user->{'Never Changed Password'},$cell_format); 2459 | $UserAccountData_worksheet->write($UserAccountData_ctr, 5, $user->{'Automatic Account Disabled'},$cell_format); 2460 | $UserAccountData_worksheet->write($UserAccountData_ctr, 6, $user->{'Account Disabled'},$cell_format); 2461 | $UserAccountData_worksheet->write($UserAccountData_ctr, 7, $user->{'Never Changed Password'},$cell_format); 2462 | $UserAccountData_worksheet->write($UserAccountData_ctr, 8, $user->{'Never Logged In'},$cell_format); 2463 | $UserAccountData_worksheet->write($UserAccountData_ctr, 9, $user->{'Guest Account Belongs to a Group'},$cell_format); 2464 | $UserAccountData_worksheet->write($UserAccountData_ctr, 10, $user->{'Administrators'},$cell_format); 2465 | $UserAccountData_worksheet->write($UserAccountData_ctr, 11, $user->{'Domain Administrators'},$cell_format); 2466 | $UserAccountData_worksheet->write($UserAccountData_ctr, 12, $user->{'Account Operators'},$cell_format); 2467 | $UserAccountData_worksheet->write($UserAccountData_ctr, 13, $user->{'Server Operators'},$cell_format); 2468 | $UserAccountData_worksheet->write($UserAccountData_ctr, 14, $user->{'Backup Operators'},$cell_format); 2469 | $UserAccountData_worksheet->write($UserAccountData_ctr, 15, $user->{'Print Operators'},$cell_format); 2470 | $UserAccountData_worksheet->write($UserAccountData_ctr, 16, $user->{'Replicator'},$cell_format); 2471 | ++$UserAccountData_ctr; 2472 | ++$host_data_cnt; 2473 | } 2474 | # end of foreach my $user (@ADUsers) 2475 | 2476 | foreach my $host (@host_data){ 2477 | my $location = $host->{"netbios-name"}; 2478 | foreach my $user (@{$host->{account_info}}){ 2479 | $UserAccountData_worksheet->write($UserAccountData_ctr, 0, "$location",$cell_format); 2480 | $UserAccountData_worksheet->write($UserAccountData_ctr, 1, $user->{'name'},$cell_format); 2481 | $UserAccountData_worksheet->write($UserAccountData_ctr, 2, $user->{'sid'},$cell_format); 2482 | $UserAccountData_worksheet->write($UserAccountData_ctr, 3, $user->{'type'},$cell_format); 2483 | $UserAccountData_worksheet->write($UserAccountData_ctr, 4, $user->{'Never Changed Password'},$cell_format); 2484 | $UserAccountData_worksheet->write($UserAccountData_ctr, 5, $user->{'Automatic Account Disabled'},$cell_format); 2485 | $UserAccountData_worksheet->write($UserAccountData_ctr, 6, $user->{'Account Disabled'},$cell_format); 2486 | $UserAccountData_worksheet->write($UserAccountData_ctr, 7, $user->{'Never Changed Password'},$cell_format); 2487 | $UserAccountData_worksheet->write($UserAccountData_ctr, 8, $user->{'Never Logged In'},$cell_format); 2488 | $UserAccountData_worksheet->write($UserAccountData_ctr, 9, $user->{'Guest Account Belongs to a Group'},$cell_format); 2489 | $UserAccountData_worksheet->write($UserAccountData_ctr, 10, $user->{'Administrators'},$cell_format); 2490 | $UserAccountData_worksheet->write($UserAccountData_ctr, 11, $user->{'Domain Administrators'},$cell_format); 2491 | $UserAccountData_worksheet->write($UserAccountData_ctr, 12, $user->{'Account Operators'},$cell_format); 2492 | $UserAccountData_worksheet->write($UserAccountData_ctr, 13, $user->{'Server Operators'},$cell_format); 2493 | $UserAccountData_worksheet->write($UserAccountData_ctr, 14, $user->{'Backup Operators'},$cell_format); 2494 | $UserAccountData_worksheet->write($UserAccountData_ctr, 15, $user->{'Print Operators'},$cell_format); 2495 | $UserAccountData_worksheet->write($UserAccountData_ctr, 16, $user->{'Replicator'},$cell_format); 2496 | ++$UserAccountData_ctr; 2497 | ++$host_data_cnt; 2498 | } 2499 | #foreach my $user (@{$host->{account_info}}) 2500 | } 2501 | # end foreach (@host_data) 2502 | 2503 | print "Storing SummaryReport Table\n"; 2504 | my $SummaryReport_worksheet = $workbook->add_worksheet('Summary Report Data'); 2505 | $SummaryReport_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2506 | $SummaryReport_worksheet->keep_leading_zeros(); 2507 | $SummaryReport_worksheet->merge_range( 1, 0, 1, 3, 'User Account Sumamry', $center_border6_format ); 2508 | $SummaryReport_worksheet->write(2, 1, 'User Type Count',$center_border6_format); 2509 | $SummaryReport_worksheet->write(2, 2, 'Never Changed Password',$center_border6_format); 2510 | $SummaryReport_worksheet->write(2, 3, 'Automatic Account Disabled',$center_border6_format); 2511 | $SummaryReport_worksheet->write(2, 4, 'Account Disabled',$center_border6_format); 2512 | $SummaryReport_worksheet->write(2, 5, 'Never Changed Password',$center_border6_format); 2513 | $SummaryReport_worksheet->write(2, 6, 'Never Logged In',$center_border6_format); 2514 | $SummaryReport_worksheet->write(2, 7, 'Guest Account Belongs to a Group',$center_border6_format); 2515 | $SummaryReport_worksheet->write(2, 8, 'Administrators',$center_border6_format); 2516 | $SummaryReport_worksheet->write(2, 9, 'Domain Administrators',$center_border6_format); 2517 | $SummaryReport_worksheet->write(2, 10, 'Account Operators',$center_border6_format); 2518 | $SummaryReport_worksheet->write(2, 11, 'Server Operators',$center_border6_format); 2519 | $SummaryReport_worksheet->write(2, 12, 'Backup Operators',$center_border6_format); 2520 | $SummaryReport_worksheet->write(2, 13, 'Print Operators',$center_border6_format); 2521 | $SummaryReport_worksheet->write(2, 14, 'Replicator',$center_border6_format); 2522 | $SummaryReport_worksheet->write(2, 0, '',$center_border6_format); 2523 | 2524 | my $SummaryReport_cnt = 0; 2525 | $SummaryReport_worksheet->write(3, $SummaryReport_cnt, 'Domain Administrator account',$cell_format); 2526 | $SummaryReport_worksheet->write(4, $SummaryReport_cnt, 'Domain Guest account',$cell_format); 2527 | $SummaryReport_worksheet->write(5, $SummaryReport_cnt, 'Domain User',$cell_format); 2528 | $SummaryReport_worksheet->write(6, $SummaryReport_cnt, 'Administrator account',$cell_format); 2529 | $SummaryReport_worksheet->write(7, $SummaryReport_cnt, 'Guest account',$cell_format); 2530 | $SummaryReport_worksheet->write(8, $SummaryReport_cnt, 'Local User',$cell_format); 2531 | $SummaryReport_worksheet->write(9, $SummaryReport_cnt, 'Unknown',$cell_format); 2532 | $SummaryReport_worksheet->write(10, $SummaryReport_cnt, 'User',$cell_format); 2533 | $SummaryReport_worksheet->write(11, $SummaryReport_cnt, 'Group',$cell_format); 2534 | $SummaryReport_worksheet->write(12, $SummaryReport_cnt, 'Computer Account',$cell_format); 2535 | ++$SummaryReport_cnt; 2536 | 2537 | my $user_type = "UserAccountData!\$D\$3\:\$D\$$host_data_cnt"; 2538 | $SummaryReport_worksheet->write(3, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A4\)",$cell_format);#=COUNTIF(user_type,a3)'); 2539 | $SummaryReport_worksheet->write(4, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A5\)",$cell_format); 2540 | $SummaryReport_worksheet->write(5, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A6\)",$cell_format); 2541 | $SummaryReport_worksheet->write(6, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A7\)",$cell_format); 2542 | $SummaryReport_worksheet->write(7, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A8\)",$cell_format); 2543 | $SummaryReport_worksheet->write(8, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A9\)",$cell_format); 2544 | $SummaryReport_worksheet->write(9, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A10\)",$cell_format); 2545 | $SummaryReport_worksheet->write(10, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A11\)",$cell_format); 2546 | $SummaryReport_worksheet->write(11, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A12\)",$cell_format); 2547 | $SummaryReport_worksheet->write(12, $SummaryReport_cnt, "\=COUNTIF\($user_type\,A13\)",$cell_format); 2548 | ++$SummaryReport_cnt; 2549 | 2550 | while ($SummaryReport_cnt < 15){ 2551 | my $name_array; 2552 | if($SummaryReport_cnt == 2){$name_array = "UserAccountData!\$E\$3\:\$E\$$host_data_cnt"}# ,$cell_format} 2553 | elsif($SummaryReport_cnt == 3){$name_array = "UserAccountData!\$F\$3\:\$F\$$host_data_cnt"}# ,$cell_format} 2554 | elsif($SummaryReport_cnt == 4){$name_array = "UserAccountData!\$G\$3\:\$G\$$host_data_cnt"}# ,$cell_format} 2555 | elsif($SummaryReport_cnt == 5){$name_array = "UserAccountData!\$H\$3\:\$H\$$host_data_cnt"}# ,$cell_format} 2556 | elsif($SummaryReport_cnt == 6){$name_array = "UserAccountData!\$I\$3\:\$I\$$host_data_cnt"}# ,$cell_format} 2557 | elsif($SummaryReport_cnt == 7){$name_array = "UserAccountData!\$J\$3\:\$J\$$host_data_cnt"}# ,$cell_format} 2558 | elsif($SummaryReport_cnt == 8){$name_array = "UserAccountData!\$K\$3\:\$K\$$host_data_cnt"}# ,$cell_format} 2559 | elsif($SummaryReport_cnt == 9){$name_array = "UserAccountData!\$L\$3\:\$L\$$host_data_cnt"}# ,$cell_format} 2560 | elsif($SummaryReport_cnt == 10){$name_array = "UserAccountData!\$M\$3\:\$M\$$host_data_cnt"}# ,$cell_format} 2561 | elsif($SummaryReport_cnt == 11){$name_array = "UserAccountData!\$N\$3\:\$N\$$host_data_cnt"}# ,$cell_format} 2562 | elsif($SummaryReport_cnt == 12){$name_array = "UserAccountData!\$O\$3\:\$O\$$host_data_cnt"}# ,$cell_format} 2563 | elsif($SummaryReport_cnt == 13){$name_array = "UserAccountData!\$P\$3\:\$P\$$host_data_cnt"}# ,$cell_format} 2564 | elsif($SummaryReport_cnt == 14){$name_array = "UserAccountData!\$Q\$3\:\$Q\$$host_data_cnt"}# ,$cell_format} 2565 | $SummaryReport_worksheet->write(3, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A4\)\*\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2566 | $SummaryReport_worksheet->write(4, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A5\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2567 | $SummaryReport_worksheet->write(5, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A6\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2568 | $SummaryReport_worksheet->write(6, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A7\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2569 | $SummaryReport_worksheet->write(7, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A8\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2570 | $SummaryReport_worksheet->write(8, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A9\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2571 | $SummaryReport_worksheet->write(9, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A10\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2572 | $SummaryReport_worksheet->write(10, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A11\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2573 | $SummaryReport_worksheet->write(11, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A12\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2574 | $SummaryReport_worksheet->write(12, $SummaryReport_cnt, "\=SUMPRODUCT\(\-\-\($user_type \= A13\)\,\-\-\($name_array \=\"Y\"\)\)",$cell_format); 2575 | ++$SummaryReport_cnt; 2576 | } 2577 | # end of while ($SummaryReport_cnt < 15) 2578 | 2579 | $SummaryReport_cnt = 16; 2580 | $SummaryReport_worksheet->merge_range( $SummaryReport_cnt,0, $SummaryReport_cnt, 3, 'Critical Severity Vulnerability Top 10 By Plugin Family', $center_border6_format ); 2581 | ++$SummaryReport_cnt; 2582 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, 'plugin Family',$center_border6_format); 2583 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, 'plugin id',$center_border6_format); 2584 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, 'plugin Name',$center_border6_format); 2585 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, 'count',$center_border6_format); 2586 | $SummaryReport_worksheet->set_column('A:M', 20); 2587 | ++$SummaryReport_cnt; 2588 | 2589 | # $vulnerability_data{medvuln} 2590 | my @criticalvuln_uniq_plugin_family = vuln_seperate_by_plugin(\@{$vulnerability_data{criticalvuln}}); 2591 | foreach my $entry (@criticalvuln_uniq_plugin_family){ 2592 | my @tmp = @{$entry->{entries}}; 2593 | foreach my $t (@tmp){ 2594 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, $t->[5],$cell_format); 2595 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, $t->[0],$cell_format); 2596 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, $t->[3],$cell_format); 2597 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, $t->[2],$cell_format); 2598 | ++$SummaryReport_cnt; 2599 | } 2600 | # end of foreach my $t (@tmp) 2601 | } 2602 | # end of foreach my $entry (@criticalvuln_uniq_plugin_family) 2603 | 2604 | $SummaryReport_cnt = $SummaryReport_cnt + 3; 2605 | $SummaryReport_worksheet->merge_range( $SummaryReport_cnt,0, $SummaryReport_cnt, 3, 'High Severity Vulnerability Top 10 By Plugin Family', $center_border6_format ); 2606 | ++$SummaryReport_cnt; 2607 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, 'plugin Family',$center_border6_format); 2608 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, 'plugin id',$center_border6_format); 2609 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, 'plugin Name',$center_border6_format); 2610 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, 'count',$center_border6_format); 2611 | $SummaryReport_worksheet->set_column('A:M', 20); 2612 | ++$SummaryReport_cnt; 2613 | my @highvuln_uniq_plugin_family = vuln_seperate_by_plugin(\@{$vulnerability_data{highvuln}}); 2614 | foreach my $entry (@highvuln_uniq_plugin_family){ 2615 | my @tmp = @{$entry->{entries}}; 2616 | foreach my $t (@tmp){ 2617 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, $t->[5],$cell_format); 2618 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, $t->[0],$cell_format); 2619 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, $t->[3],$cell_format); 2620 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, $t->[2],$cell_format); 2621 | ++$SummaryReport_cnt; 2622 | } 2623 | # end of @foreach my $t (@tmp) 2624 | } 2625 | # end of foreach my $entry (@highvuln_uniq_plugin_family) 2626 | 2627 | $SummaryReport_cnt = $SummaryReport_cnt + 3; 2628 | $SummaryReport_worksheet->merge_range( $SummaryReport_cnt,0, $SummaryReport_cnt, 3, 'Medium Severity Vulnerability Top 10 By Plugin Family', $center_border6_format ); 2629 | ++$SummaryReport_cnt; 2630 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, 'plugin Family',$center_border6_format); 2631 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, 'plugin id',$center_border6_format); 2632 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, 'plugin Name',$center_border6_format); 2633 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, 'count',$center_border6_format); 2634 | $SummaryReport_worksheet->set_column('A:M', 20); 2635 | ++$SummaryReport_cnt; 2636 | 2637 | my @medvuln_uniq_plugin_family = vuln_seperate_by_plugin(\@{$vulnerability_data{medvuln}}); 2638 | foreach my $entry (@medvuln_uniq_plugin_family){ 2639 | my @tmp = @{$entry->{entries}}; 2640 | foreach my $t (@tmp){ 2641 | $SummaryReport_worksheet->write($SummaryReport_cnt, 0, $t->[5],$cell_format); 2642 | $SummaryReport_worksheet->write($SummaryReport_cnt, 1, $t->[0],$cell_format); 2643 | $SummaryReport_worksheet->write($SummaryReport_cnt, 2, $t->[3],$cell_format); 2644 | $SummaryReport_worksheet->write($SummaryReport_cnt, 3, $t->[2],$cell_format); 2645 | ++$SummaryReport_cnt; 2646 | } 2647 | # end of foreach my $t (@tmp) 2648 | } 2649 | # end of foreach my $entry (@medvuln_uniq_plugin_family) 2650 | 2651 | my $isCompliancePresent = 0; 2652 | foreach my $k (keys %complaince){ 2653 | if ($complaince{"$k"}->[0] ne "") { 2654 | $isCompliancePresent = 1; 2655 | last; 2656 | } 2657 | } 2658 | # end of foreach my $k (keys %complaince) 2659 | 2660 | if ($isCompliancePresent == 1) { 2661 | foreach my $k (keys %complaince){ 2662 | if ($complaince{"$k"}->[0] ne "") { 2663 | $PolicySummaryReport_worksheet = $workbook->add_worksheet('PolicySummary Report Data'); 2664 | $PolicySummaryReport_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2665 | $PolicySummaryReport_worksheet->set_column('A:G', 20); 2666 | $PolicySummaryReport_worksheet->autofilter('A3:F3'); 2667 | $PolicySummaryReport_worksheet->freeze_panes('G4'); 2668 | $PolicySummaryReport_cnt = 2; 2669 | last; 2670 | } 2671 | # end of if ($complaince{"$k"}->[0] ne "") 2672 | } 2673 | # end foreach my $k (keys %complaince) 2674 | 2675 | foreach my $k (keys %compliance_summary){ 2676 | if ($k !~ /SCAP/) { 2677 | foreach my $k2 (keys %{$compliance_summary{$k}}){ 2678 | foreach my $k4 (keys %audit_result_type){ 2679 | if (not $compliance_summary{$k}->{$k2}->{$k4}) {$compliance_summary{$k}->{$k2}->{$k4} = 0;} 2680 | } 2681 | # end of foreach my $k4 (keys %audit_result_type) 2682 | } 2683 | #end of foreach my $k2 (keys %{$compliance_summary{$k}}) 2684 | } 2685 | # end of if ($k !~ /SCAP/) 2686 | } 2687 | # end of foreach my $k (keys %compliance_summary) 2688 | 2689 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, 0, 'Complaince Family',$center_border6_format); 2690 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, 1, 'Compliance Check',$center_border6_format); 2691 | my %result_type = %audit_result_type; 2692 | 2693 | my $PolicySummaryReport_row = 2; 2694 | foreach my $k (keys %result_type){ 2695 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, $PolicySummaryReport_row, $k,$center_border6_format); 2696 | $result_type{$k} = $PolicySummaryReport_row; 2697 | ++$PolicySummaryReport_row; 2698 | } 2699 | # end of foreach my $k (keys %result_type) 2700 | ++$PolicySummaryReport_cnt; 2701 | foreach my $k (keys %compliance_summary){ 2702 | foreach my $k2 (keys %{$compliance_summary{$k}}){ 2703 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, 0, $k,$cell_format); 2704 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, 1, $k2,$cell_format); 2705 | 2706 | foreach my $k3 (keys %result_type){ 2707 | $PolicySummaryReport_worksheet->write($PolicySummaryReport_cnt, $result_type{$k3}, $compliance_summary{$k}->{$k2}->{$k3},$cell_format); 2708 | } 2709 | # end of foreach my $k4 (keys %audit_result_type) 2710 | ++$PolicySummaryReport_cnt; 2711 | } 2712 | #end of foreach my $k2 (keys %{$compliance_summary{$k}}) 2713 | } 2714 | # end of foreach my $k (keys %compliance_summary) 2715 | } 2716 | # end of if ($isCompliancePresent == 1) 2717 | 2718 | print "Storing Plugin to IP Table\n"; 2719 | 2720 | if(keys %ip_vuln_data > 0){ 2721 | my $ip_vuln_data_ctr = 2; 2722 | print "Storing Vulnerability to IP Summary Table\n"; 2723 | my $ip_vuln_data_worksheet = $workbook->add_worksheet('Vulnerability to IP Summary'); 2724 | $ip_vuln_data_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2725 | $ip_vuln_data_worksheet->keep_leading_zeros(); 2726 | $ip_vuln_data_worksheet->write(1, 0, 'File',$center_border6_format); 2727 | $ip_vuln_data_worksheet->write(1, 1, 'Severity',$center_border6_format); 2728 | $ip_vuln_data_worksheet->write(1, 2, 'Plugin ID',$center_border6_format); 2729 | $ip_vuln_data_worksheet->write(1, 3, 'Plugin Name',$center_border6_format); 2730 | $ip_vuln_data_worksheet->write(1, 4, 'IP Count',$center_border6_format); 2731 | $ip_vuln_data_worksheet->write(1, 5, 'IP Addresses',$center_border6_format); 2732 | $ip_vuln_data_worksheet->freeze_panes('C3'); 2733 | $ip_vuln_data_worksheet->autofilter('A2:F2'); 2734 | $ip_vuln_data_worksheet->set_column('A:C',20); 2735 | $ip_vuln_data_worksheet->set_column('D:D',50); 2736 | $ip_vuln_data_worksheet->set_column('E:E',10); 2737 | $ip_vuln_data_worksheet->set_column('F:F',50); 2738 | 2739 | foreach my $file (keys %ip_vuln_data){ 2740 | foreach my $sev (keys %{$ip_vuln_data{$file}}){ 2741 | foreach my $plugin (keys %{$ip_vuln_data{$file}->{$sev}}){ 2742 | my $severity; 2743 | if ($sev eq 4) {$severity = "Critical (4)"} 2744 | elsif ($sev eq 3) {$severity = "High (3)"} 2745 | elsif ($sev eq 2) {$severity = "Medium (2)"} 2746 | elsif ($sev eq 1) {$severity = "Low (1)"} 2747 | else {$severity = "Informational (0)"} 2748 | 2749 | my $ip = join ";", keys %{$ip_vuln_data{$file}->{$sev}->{$plugin}->{ip}}; 2750 | my $ip_cnt = keys %{$ip_vuln_data{$file}->{$sev}->{$plugin}->{ip}}; 2751 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 0, $file,$cell_format); 2752 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 1, $severity,$cell_format); 2753 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 2, $plugin,$cell_format); 2754 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 3, $ip_vuln_data{$file}->{$sev}->{$plugin}->{pluginName},$cell_format); 2755 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 4, $ip_cnt,$cell_format); 2756 | $ip_vuln_data_worksheet->write($ip_vuln_data_ctr, 5, $ip,$cell_format); 2757 | ++$ip_vuln_data_ctr; 2758 | } 2759 | # end of foreach my $plugin (keys %{$ip_vuln_data{$file}->{$sev}}) 2760 | } 2761 | # end of foreach my $sev (keys %{$ip_vuln_data{$file}}) 2762 | print ""; 2763 | } 2764 | # end of foreach my $file (keys %ip_vuln_data) 2765 | 2766 | print ""; 2767 | } 2768 | # end of if(keys %ip_vuln_data > 0) 2769 | 2770 | print "Storing Host Summary Report Table\n"; 2771 | my $HostSummaryReport_worksheet = $workbook->add_worksheet('HostSummary Report Data'); 2772 | $HostSummaryReport_worksheet->write_url( 'A1', $home_url, $url_format, $_); 2773 | $HostSummaryReport_worksheet->set_column('A:A', 60); 2774 | $HostSummaryReport_worksheet->set_column('B:B', 20); 2775 | my $HostSummaryReport_cnt = 1; 2776 | 2777 | my @host_sum_array = ('operating-system','local-checks-proto','name','sev0','sev1','sev2','sev3','sev4','Minimum password len','Password history len','Maximum password age (d)', 2778 | 'Password must meet complexity requirements','Minimum password age (d)','Forced logoff time (s)','Locked account time (s)','Time between failed logon (s)', 2779 | 'Number of invalid logon before locked out (s)' 2780 | ); 2781 | # 2782 | 2783 | foreach my $entry (@host_sum_array){ 2784 | my %hash; 2785 | %hash = host_summary_data (\@host_data,$entry); 2786 | $HostSummaryReport_worksheet->merge_range( $HostSummaryReport_cnt,0, $HostSummaryReport_cnt, 1, "Host Summary Table $entry", $center_border6_format ); 2787 | ++$HostSummaryReport_cnt; 2788 | if($entry =~ /sev/){$HostSummaryReport_worksheet->write($HostSummaryReport_cnt, 0, "The number of Hosts with $entry discovered",$center_border6_format)} 2789 | else{$HostSummaryReport_worksheet->write($HostSummaryReport_cnt, 0, "$entry Values",$center_border6_format)} 2790 | $HostSummaryReport_worksheet->write($HostSummaryReport_cnt, 1, 'Count',$center_border6_format); 2791 | ++$HostSummaryReport_cnt; 2792 | if ($hash{""} > 0){$hash{'Unknown'} = $hash{""};delete $hash{""};} 2793 | my $row_start = $HostSummaryReport_cnt; 2794 | my @temp; 2795 | foreach my $entry (keys %hash){push @temp, [$entry , $hash{$entry}]} 2796 | my $header = ['Values', 'Count']; 2797 | my $pivot_data = \@temp; 2798 | my $t = new Data::Table($pivot_data, $header, 0); 2799 | if ($entry =~ /sev/){$t->sort("Values",0,1);} 2800 | else{$t->sort("Count",0,1);} 2801 | 2802 | foreach my $entry (@{$t->{data}}){ 2803 | $HostSummaryReport_worksheet->write($HostSummaryReport_cnt, 0, $entry->[0],$cell_format); 2804 | $HostSummaryReport_worksheet->write($HostSummaryReport_cnt, 1, $entry->[1],$cell_format); 2805 | ++$HostSummaryReport_cnt; 2806 | } 2807 | my $row_end = $HostSummaryReport_cnt; 2808 | my $chart = $workbook->add_chart( type => 'pie', embedded => 1 ); 2809 | my $chart_title = "Host Summary Table $entry"; 2810 | my $chart_sheet_name = 'HostSummary Report Data'; 2811 | $chart->add_series( 2812 | name => $chart_title, 2813 | categories => [$chart_sheet_name, $row_start, $row_end-1, 0, 0], 2814 | values => [$chart_sheet_name, $row_start, $row_end-1, 1, 1] 2815 | ); 2816 | # Add a title. 2817 | $chart->set_title( name => $chart_title); 2818 | # Set an Excel chart style. Colors with white outline and shadow. 2819 | $chart->set_style( 10 ); 2820 | # Insert the chart into the worksheet (with an offset). 2821 | $HostSummaryReport_worksheet->insert_chart( $row_start, 3, $chart, 1, 40 ); 2822 | $HostSummaryReport_cnt = $HostSummaryReport_cnt+10; 2823 | } 2824 | # end of foreach my $entry (@host_sum_array) 2825 | 2826 | $Home_worksheet->set_first_sheet(); 2827 | $Home_worksheet->activate(); 2828 | my @worksheet_names; 2829 | for my $sheet($workbook->sheets()){push @worksheet_names, $sheet->get_name();} 2830 | $Home_worksheet->merge_range( 'A1:B1', "Home Page for Nessus Report_$report_file", $center_border6_format ); 2831 | my $Home_cnt = 1; 2832 | $Home_worksheet->set_column('A:A', 70); 2833 | $Home_worksheet->write($Home_cnt, 0, "Worksheets"); 2834 | 2835 | foreach (@worksheet_names){ 2836 | if ($_ ne "Home Worksheet"){ 2837 | my $url = "internal\:\'$_\'\!A1"; 2838 | $Home_worksheet->write_url( $Home_cnt, 0, $url, $url_format, $_); 2839 | ++$Home_cnt; 2840 | } 2841 | } 2842 | # end of foreach (@worksheet_names) 2843 | 2844 | my @target_list; 2845 | foreach my $t1 (@targets){ 2846 | my @tmp = split /\,/, $t1->{value}; 2847 | foreach my $t2 (@tmp){ 2848 | if($t2 =~ /\/32/){$target_cnt = $target_cnt + 1;} 2849 | elsif($t2 =~ /\/31/){$target_cnt = $target_cnt + 2;} 2850 | elsif($t2 =~ /\/30/){$target_cnt = $target_cnt + 4;} 2851 | elsif($t2 =~ /\/29/){$target_cnt = $target_cnt + 8;} 2852 | elsif($t2 =~ /\/28/){$target_cnt = $target_cnt + 16;} 2853 | elsif($t2 =~ /\/27/){$target_cnt = $target_cnt + 32;} 2854 | elsif($t2 =~ /\/26/){$target_cnt = $target_cnt + 64;} 2855 | elsif($t2 =~ /\/25/){$target_cnt = $target_cnt + 128;} 2856 | elsif($t2 =~ /\/24/){$target_cnt = $target_cnt + 256;} 2857 | elsif($t2 =~ /\/23/){$target_cnt = $target_cnt + 512;} 2858 | elsif($t2 =~ /\/22/){$target_cnt = $target_cnt + 1024;} 2859 | elsif($t2 =~ /\/21/){$target_cnt = $target_cnt + 2048;} 2860 | elsif($t2 =~ /\/20/){$target_cnt = $target_cnt + 4096;} 2861 | elsif($t2 =~ /\/19/){$target_cnt = $target_cnt + 8192;} 2862 | elsif($t2 =~ /\/18/){$target_cnt = $target_cnt + 16384;} 2863 | elsif($t2 =~ /\/17/){$target_cnt = $target_cnt + 32768;} 2864 | elsif($t2 =~ /\/16/){$target_cnt = $target_cnt + 65536;} 2865 | elsif($t2 =~ /\/15/){$target_cnt = $target_cnt + 131072;} 2866 | elsif($t2 =~ /\/14/){$target_cnt = $target_cnt + 262144;} 2867 | elsif($t2 =~ /\/13/){$target_cnt = $target_cnt + 524288;} 2868 | elsif($t2 =~ /\/12/){$target_cnt = $target_cnt + 1048576;} 2869 | elsif($t2 =~ /\/11/){$target_cnt = $target_cnt + 2097152;} 2870 | elsif($t2 =~ /\/10/){$target_cnt = $target_cnt + 4194304;} 2871 | elsif($t2 =~ /\/9/){$target_cnt = $target_cnt + 8388608;} 2872 | elsif($t2 =~ /\/8/){$target_cnt = $target_cnt + 16777216;} 2873 | elsif($t2 =~ /\/7/){$target_cnt = $target_cnt + 33554432;} 2874 | elsif($t2 =~ /\/6/){$target_cnt = $target_cnt + 67108864;} 2875 | elsif($t2 =~ /\/5/){$target_cnt = $target_cnt + 134217728;} 2876 | elsif($t2 =~ /\/4/){$target_cnt = $target_cnt + 268435456;} 2877 | elsif($t2 =~ /\/3/){$target_cnt = $target_cnt + 536870912;} 2878 | elsif($t2 =~ /\/2/){$target_cnt = $target_cnt + 1073741824;} 2879 | elsif($t2 =~ /\/1/){$target_cnt = $target_cnt + 2147483648;} 2880 | elsif($t2 =~ /\/0/){$target_cnt = $target_cnt + 4294967296;} 2881 | elsif($t2 =~ /($ip_add_regex)(-)($ip_add_regex)/){ 2882 | my @tmp_nets = split /\-/,$t2; 2883 | my @net1 = split /\./,$tmp_nets[0]; 2884 | my @net2 = split /\./,$tmp_nets[1]; 2885 | my $net1_ip_number = 0; 2886 | foreach my $octet (@net1) {$net1_ip_number <<= 8;$net1_ip_number |= $octet;} 2887 | my $net2_ip_number = 0; 2888 | foreach my $octet (@net2) {$net2_ip_number <<= 8;$net2_ip_number |= $octet;} 2889 | my $net_cnt_tmp = $net2_ip_number - $net1_ip_number + 1; 2890 | $target_cnt = $target_cnt + $net_cnt_tmp; 2891 | } 2892 | else{++$target_cnt;} 2893 | push @target_list, $t2; 2894 | } 2895 | # end of foreach my $t2 (@tmp) 2896 | } 2897 | # end of foreach my $t1 (@targets) 2898 | 2899 | my $most_high_common_vuln = ""; 2900 | if($vulnerability_data{highvuln}->[0] ne ""){ 2901 | my $header = ["plugin id0","Severity1","count2","plugin Name3","File4","plugin Family5","Bid6","CVE7","OSVDB8","Solution9","Description10"]; 2902 | my $pivot_data = \@{$vulnerability_data{highvuln}}; 2903 | foreach my $p (@{$pivot_data}){ 2904 | my @tmp = split /\,/,$p; 2905 | $p = ["$tmp[0]","$tmp[1]","$tmp[2]","$tmp[3]","$tmp[4]","$tmp[5]","$tmp[6]","$tmp[7]","$tmp[8]","$tmp[9]","$tmp[10]"]; 2906 | } 2907 | my $t = new Data::Table($pivot_data, $header, 0); 2908 | $t->sort("count2",0,1,"CVE7",1,0,"OSVDB8",1,0); 2909 | my @t = @{$t->{data}}; 2910 | 2911 | my %sorted_keys = %{$vuln_totals{3}}; 2912 | my @sorted_keys2 = sort { $sorted_keys{$a} <=> $sorted_keys{$b} } keys %sorted_keys; 2913 | $most_high_common_vuln = pop @sorted_keys2; 2914 | foreach my $m (@{$vulnerability_data{highvuln}}){ 2915 | if($most_high_common_vuln eq $m->[0]){$most_high_common_vuln = $m;last;} 2916 | } 2917 | # end of foreach my $m (@{$vulnerability_data{highvuln}}) 2918 | 2919 | 2920 | print ""; 2921 | } 2922 | # end of if($highvuln[0] ne "") 2923 | 2924 | my $most_critical_common_vuln = ""; 2925 | if($vulnerability_data{criticalvuln}->[0] ne ""){ 2926 | my $header = ["plugin id0","Severity1","count2","plugin Name3","File4","plugin Family5","Bid6","CVE7","OSVDB8","Solution9","Description10"]; 2927 | my $pivot_data = \@{$vulnerability_data{criticalvuln}}; 2928 | foreach my $p (@{$pivot_data}){ 2929 | my @tmp = split /\,/,$p; 2930 | $p = ["$tmp[0]","$tmp[1]","$tmp[2]","$tmp[3]","$tmp[4]","$tmp[5]","$tmp[6]","$tmp[7]","$tmp[8]","$tmp[9]","$tmp[10]"]; 2931 | } 2932 | my $t = new Data::Table($pivot_data, $header, 0); 2933 | $t->sort("count2",0,1,"CVE7",1,0,"OSVDB8",1,0); 2934 | my @t = @{$t->{data}}; 2935 | 2936 | my %sorted_keys = %{$vuln_totals{4}}; 2937 | my @sorted_keys2 = sort { $sorted_keys{$a} <=> $sorted_keys{$b} } keys %sorted_keys; 2938 | $most_critical_common_vuln = pop @sorted_keys2; 2939 | foreach my $m (@{$vulnerability_data{criticalvuln}}){ 2940 | if($most_critical_common_vuln eq $m->[0]){$most_critical_common_vuln = $m;last;} 2941 | } 2942 | # end of foreach my $m (@{$vulnerability_data{criticalvuln}}) 2943 | } 2944 | # end of if($criticalvuln[0] ne "") 2945 | 2946 | my $total_discovered = keys (%total_discovered); 2947 | my $total_critical = @{$vulnerability_data{criticalvuln}}; 2948 | my $total_critical2 = keys %{$vuln_totals{4}}; 2949 | 2950 | my $total_high = @{$vulnerability_data{highvuln}}; 2951 | my $total_high2 = keys %{$vuln_totals{3}}; 2952 | 2953 | my $total_med = @{$vulnerability_data{medvuln}}; 2954 | my $total_med2 = keys %{$vuln_totals{2}}; 2955 | 2956 | my $total_low = @{$vulnerability_data{lowvuln}}; 2957 | my $total_low2 = keys %{$vuln_totals{1}}; 2958 | 2959 | my $total_none = @{$vulnerability_data{nonevuln}}; 2960 | my $total_none2 = keys %{$vuln_totals{0}}; 2961 | 2962 | my $total_discovered_row = $total_discovered +2; 2963 | 2964 | ++$Home_cnt;++$Home_cnt; 2965 | $Home_worksheet->merge_range( $Home_cnt, 0, $Home_cnt, 1, "Overall Summary Data", $center_border6_format ); 2966 | ++$Home_cnt; 2967 | $Home_worksheet->write($Home_cnt, 0, "Number of IP's Scanned"); 2968 | $Home_worksheet->write($Home_cnt, 1, $target_cnt); 2969 | ++$Home_cnt; 2970 | $Home_worksheet->write($Home_cnt, 0, "Number of Discovered Systems"); 2971 | $Home_worksheet->write($Home_cnt, 1, "$total_discovered"); 2972 | ++$Home_cnt; 2973 | ++$Home_cnt; 2974 | $Home_worksheet->write($Home_cnt, 0, "Total Unique Critical Severity Vulnerability"); 2975 | $Home_worksheet->write($Home_cnt, 1, $total_critical2); 2976 | ++$Home_cnt; 2977 | $Home_worksheet->write($Home_cnt, 0, "Total Unique High Severity Vulnerability"); 2978 | $Home_worksheet->write($Home_cnt, 1, $total_high2); 2979 | ++$Home_cnt; 2980 | $Home_worksheet->write($Home_cnt, 0, "Total Unique Medium Severity Vulnerability"); 2981 | $Home_worksheet->write($Home_cnt, 1, $total_med2); 2982 | ++$Home_cnt; 2983 | $Home_worksheet->write($Home_cnt, 0, "Total Unique Low Severity Vulnerability"); 2984 | $Home_worksheet->write($Home_cnt, 1, $total_low2); 2985 | ++$Home_cnt; 2986 | $Home_worksheet->write($Home_cnt, 0, "Total Unique Informational Severity Vulnerability"); 2987 | $Home_worksheet->write($Home_cnt, 1, $total_none2); 2988 | ++$Home_cnt; 2989 | ++$Home_cnt; 2990 | $total_critical = $total_critical+2; 2991 | $Home_worksheet->write($Home_cnt, 0, "Total Count of Critical Severity Vulnerability"); 2992 | if ($total_critical == 2) {$Home_worksheet->write($Home_cnt, 1, "N/A")} 2993 | else{$Home_worksheet->write($Home_cnt, 1, "\=SUM\(critical\!E3\:E$total_critical\)")} 2994 | ++$Home_cnt; 2995 | $total_high = $total_high+2; 2996 | $Home_worksheet->write($Home_cnt, 0, "Total Count of High Severity Vulnerability"); 2997 | if ($total_high == 2) {$Home_worksheet->write($Home_cnt, 1, "N/A")} 2998 | else{$Home_worksheet->write($Home_cnt, 1, "\=SUM\(high\!E3\:E$total_high\)");} 2999 | ++$Home_cnt; 3000 | $total_med =$total_med+2; 3001 | $Home_worksheet->write($Home_cnt, 0, "Total Count of Medium Severity Vulnerability"); 3002 | if ($total_med == 2) {$Home_worksheet->write($Home_cnt, 1, "N/A")} 3003 | else{$Home_worksheet->write($Home_cnt, 1, "\=SUM\(medium\!E3\:E$total_med\)");} 3004 | ++$Home_cnt; 3005 | $total_low = $total_low+2; 3006 | $Home_worksheet->write($Home_cnt, 0, "Total Count of Low Severity Vulnerability"); 3007 | if ($total_low == 2) {$Home_worksheet->write($Home_cnt, 1, "N/A")} 3008 | else{$Home_worksheet->write($Home_cnt, 1, "\=SUM\(low\!E3\:E$total_low\)");} 3009 | ++$Home_cnt; 3010 | ++$Home_cnt; 3011 | $Home_worksheet->write($Home_cnt, 0, "The most common Critical Severity vulnerability"); 3012 | if($most_critical_common_vuln){$Home_worksheet->write($Home_cnt, 1, $most_critical_common_vuln->[3]);} 3013 | ++$Home_cnt; 3014 | $Home_worksheet->write($Home_cnt, 0, "The most common high Severity vulnerability"); 3015 | 3016 | ####### PUT IN TESTING IS $most_high_common_vuln is a string or hash 3017 | 3018 | if($most_high_common_vuln){$Home_worksheet->write($Home_cnt, 1, $most_high_common_vuln->[3]);} 3019 | ++$Home_cnt; 3020 | $Home_worksheet->write($Home_cnt, 0, "Number of System with a critical(4) Severity Vulnerability"); 3021 | $Home_worksheet->write($Home_cnt, 1, "\=COUNTIF\(HostConfigData\!M3\:M$total_discovered_row\,\"\>0\"\)"); 3022 | ++$Home_cnt; 3023 | $Home_worksheet->write($Home_cnt, 0, "Number of System with a High(3) Severity Vulnerability"); 3024 | $Home_worksheet->write($Home_cnt, 1, "\=COUNTIF\(HostConfigData\!L3\:L$total_discovered_row\,\"\>0\"\)"); 3025 | ++$Home_cnt; 3026 | $Home_worksheet->write($Home_cnt, 0, "Number of System with a Medium(2) Severity Vulnerability"); 3027 | $Home_worksheet->write($Home_cnt, 1, "\=COUNTIF\(HostConfigData\!K3\:K$total_discovered_row\,\"\>0\"\)"); 3028 | ++$Home_cnt; 3029 | $Home_worksheet->write($Home_cnt, 0, "Number of System with a Low(1) Severity Vulnerability"); 3030 | $Home_worksheet->write($Home_cnt, 1, "\=COUNTIF\(HostConfigData\!J3\:J$total_discovered_row\,\"\>0\"\)"); 3031 | ++$Home_cnt; 3032 | $Home_worksheet->write($Home_cnt, 0, "Number of System with a Informational(NONE-0) Severity Vulnerability"); 3033 | $Home_worksheet->write($Home_cnt, 1, "\=COUNTIF\(HostConfigData\!I3\:I$total_discovered_row\,\"\>0\"\)"); 3034 | ++$Home_cnt; 3035 | ++$Home_cnt; 3036 | 3037 | $workbook->close(); 3038 | print $new_stuff; 3039 | print "\n\ncompleted\n\nThe Data is stored in $dir/$report_prefix\_$report_file.xlsx"; 3040 | print "\nEND OF VERSION 0.24\n"; 3041 | 3042 | __END__ 3043 | 3044 | ##################################################################################### BEGIN SAMPLE NEW WORKSHEET 3045 | my $SampleData_ctr = 2; 3046 | print "Storing SampleData Table\n"; 3047 | my $SampleData_worksheet = $workbook->add_worksheet('SampleData'); 3048 | $SampleData_worksheet->write_url( 'A1', $home_url, $url_format, $_); 3049 | $SampleData_worksheet->keep_leading_zeros(); 3050 | $SampleData_worksheet->write(1, 0, 'File',$center_border6_format); 3051 | $SampleData_worksheet->write(1, 1, 'IP Address',$center_border6_format); 3052 | $SampleData_worksheet->write(1, 2, 'FQDN',$center_border6_format); 3053 | $SampleData_worksheet->write(1, 3, 'Netbios Name',$center_border6_format); 3054 | $SampleData_worksheet->write(1, 4, "ROW4",$center_border6_format); 3055 | $SampleData_worksheet->write(1, 5, "ROW5",$center_border6_format); 3056 | $SampleData_worksheet->write(1, 6, "ROW6",$center_border6_format); 3057 | $SampleData_worksheet->write(1, 7, "ROW7",$center_border6_format); 3058 | $SampleData_worksheet->write(1, 8, "ROW8",$center_border6_format); 3059 | $SampleData_worksheet->write(1, 9, "ROW9",$center_border6_format); 3060 | $SampleData_worksheet->write(1, 10, "ROW10",$center_border6_format); 3061 | $SampleData_worksheet->write(1, 11, "ROW11",$center_border6_format); 3062 | $SampleData_worksheet->write(1, 12, "ROW12",$center_border6_format); 3063 | $SampleData_worksheet->write(1, 13, "ROW13",$center_border6_format); 3064 | $SampleData_worksheet->write(1, 14, "ROW14",$center_border6_format); 3065 | $SampleData_worksheet->write(1, 15, "ROW15",$center_border6_format); 3066 | $SampleData_worksheet->write(1, 16, "ROW16",$center_border6_format); 3067 | $SampleData_worksheet->write(1, 17, "ROW17",$center_border6_format); 3068 | $SampleData_worksheet->write(1, 18, "ROW18",$center_border6_format); 3069 | $SampleData_worksheet->write(1, 19, "ROW19",$center_border6_format); 3070 | $SampleData_worksheet->write(1, 20, "ROW20",$center_border6_format); 3071 | $SampleData_worksheet->write(1, 21, "ROW21",$center_border6_format); 3072 | $SampleData_worksheet->freeze_panes('C3'); 3073 | $SampleData_worksheet->autofilter('A2:Z2'); 3074 | $SampleData_worksheet->set_column('A:Z',20); 3075 | $SampleData_worksheet->set_column('B:B',15); 3076 | $SampleData_worksheet->set_column('C:C',25); 3077 | $SampleData_worksheet->set_column('D:D',15); 3078 | $SampleData_worksheet->set_column('E:H',15); 3079 | 3080 | foreach my $host (@host_data){ 3081 | $SampleData_worksheet->write($SampleData_ctr, 0, $host->{"file"},$cell_format); 3082 | $SampleData_worksheet->write($SampleData_ctr, 1, $host->{"host-ip"},$cell_format); 3083 | $SampleData_worksheet->write($SampleData_ctr, 2, $host->{"host-fqdn"},$cell_format); 3084 | $SampleData_worksheet->write($SampleData_ctr, 3, $host->{"netbios-name"},$cell_format); 3085 | $SampleData_worksheet->write($SampleData_ctr, 4, $host->{VAR1},$cell_format); 3086 | $SampleData_worksheet->write($SampleData_ctr, 5, $host->{VAR1},$cell_format); 3087 | $SampleData_worksheet->write($SampleData_ctr, 6, $host->{VAR1},$cell_format); 3088 | $SampleData_worksheet->write($SampleData_ctr, 7, $host->{VAR1},$cell_format); 3089 | $SampleData_worksheet->write($SampleData_ctr, 8, $host->{vuln_cnt}->{VAR1},$cell_format); 3090 | $SampleData_worksheet->write($SampleData_ctr, 9, $host->{vuln_cnt}->{VAR1},$cell_format); 3091 | $SampleData_worksheet->write($SampleData_ctr, 10, $host->{vuln_cnt}->{VAR1},$cell_format); 3092 | $SampleData_worksheet->write($SampleData_ctr, 11, $host->{vuln_cnt}->{VAR1},$cell_format); 3093 | $SampleData_worksheet->write($SampleData_ctr, 12, $host->{vuln_cnt}->{VAR1},$cell_format); 3094 | $SampleData_worksheet->write($SampleData_ctr, 13, $host->{VAR1},$cell_format); 3095 | $SampleData_worksheet->write($SampleData_ctr, 14, $host->{VAR1},$cell_format); 3096 | $SampleData_worksheet->write($SampleData_ctr, 15, $host->{VAR1},$cell_format); 3097 | $SampleData_worksheet->write($SampleData_ctr, 16, $host->{VAR1},$cell_format); 3098 | $SampleData_worksheet->write($SampleData_ctr, 17, $host->{VAR1},$cell_format); 3099 | $SampleData_worksheet->write($SampleData_ctr, 18, $host->{VAR1},$cell_format); 3100 | $SampleData_worksheet->write($SampleData_ctr, 19, $host->{VAR1},$cell_format); 3101 | $SampleData_worksheet->write($SampleData_ctr, 20, $host->{VAR1},$cell_format); 3102 | $SampleData_worksheet->write($SampleData_ctr, 21, $host->{VAR1},$cell_format); 3103 | ++$SampleData_ctr; 3104 | } 3105 | # end foreach (@SampleData) 3106 | 3107 | ##################################################################################### END SAMPLE NEW WORKSHEET 3108 | --------------------------------------------------------------------------------