Commit 19c2103b authored by Jason Frisvold's avatar Jason Frisvold
Browse files

- Add report for summary results per server/target/spawn

- Add report detailing min/max data for server/target/spawn (problematic)
- - SQL for this is not working as expected, needs work
- Update links in the header for new reports
- Some code cleanup
parent 007cb95f
......@@ -26,27 +26,33 @@
});
// Reports page
// Raw Reports page
$app->get('/resultlist', $isauthenticated(), function () use ($app) {
global $smarty_data;
// Pull all data from the timers table
$result = $app->db->table('results')
$results = $app->db->table('results')
->join('cloud', 'results.cloud_id', '=', 'cloud.id')
->join('target', 'results.target_id', '=', 'target.id')
->select('results.id', 'cloud.server_ip', 'target.address',
'target.cidr', 'results.xml_version', 'results.start_time',
'results.end_time', 'results.elapsed_time', 'results.exit_status',
'results.port_count', 'results.filename')
'results.end_time', 'results.elapsed_time',
'results.exit_status', 'results.port_count',
'results.filename')
->orderBy('start_time', 'ASC')
->get();
foreach ($result as $position => $item) {
$result[$position]['start_time'] = strftime('%D %T', $item['start_time']);
$result[$position]['end_time'] = strftime('%D %T', $item['end_time']);
foreach ($results as $position => $item) {
$results[$position]['server_ip'] = long2ip($item['server_ip']);
$results[$position]['address'] = long2ip($item['address']);
$results[$position]['start_time'] = strftime('%D %T',
$item['start_time']);
$results[$position]['end_time'] = strftime('%D %T', $item['end_time']);
$results[$position]['elapsed_time'] = sprintf('%.2f',
$item['elapsed_time']);
}
$smarty_data['results'] = $result;
$smarty_data['results'] = $results;
prep_smarty($app);
......@@ -63,11 +69,14 @@
->join('target', 'results.target_id', '=', 'target.id')
->select('results.id', 'cloud.server_ip', 'target.address',
'target.cidr', 'results.xml_version', 'results.start_time',
'results.end_time', 'results.elapsed_time', 'results.exit_status',
'results.port_count', 'results.filename')
'results.end_time', 'results.elapsed_time',
'results.exit_status', 'results.port_count',
'results.filename')
->where('results.id', $id)
->first();
$result['server_ip'] = long2ip($result['server_ip']);
$result['address'] = long2ip($result['address']);
$result['start_time'] = strftime('%D %T', $result['start_time']);
$result['end_time'] = strftime('%D %T', $result['end_time']);
......@@ -79,4 +88,120 @@
});
$app->get('/resultlist/:cid/:tid/:sid', $isauthenticated(),
function ($cid, $tid, $sid) use ($app) {
global $smarty_data;
// Pull all data from the timers table
$results = $app->db->table('results')
->join('cloud', 'results.cloud_id', '=', 'cloud.id')
->join('target', 'results.target_id', '=', 'target.id')
->select('results.id', 'cloud.server_ip', 'target.address',
'target.cidr', 'results.xml_version', 'results.start_time',
'results.end_time', 'results.elapsed_time',
'results.exit_status', 'results.port_count',
'results.filename')
->where('results.cloud_id', $cid)
->where('results.target_id', $tid)
->where('results.spawn_id', $sid)
//->orderBy('results.start_time')
->get();
foreach ($results as $position => $item) {
$results[$position]['server_ip'] = long2ip($item['server_ip']);
$results[$position]['address'] = long2ip($item['address']);
$results[$position]['start_time'] = strftime('%D %T',
$item['start_time']);
$results[$position]['end_time'] = strftime('%D %T', $item['end_time']);
$results[$position]['elapsed_time'] = sprintf('%.2f',
$item['elapsed_time']);
}
$smarty_data['results'] = $results;
prep_smarty($app);
$app->render('resultlist.tpl', $smarty_data);
});
// Min/Max Reports page
$app->get('/resultminmax', $isauthenticated(), function () use ($app) {
global $smarty_data;
// Pull min data from the results table
$minresult = $app->db->table('results')
->join('cloud', 'results.cloud_id', '=', 'cloud.id')
->join('target', 'results.target_id', '=', 'target.id')
->select($app->db
->connection()
->raw('results.id, cloud.server_ip, target.address,
target.cidr, results.start_time,
min(results.port_count) as port_count'))
->groupBy('results.cloud_id', 'results.target_id', 'results.spawn_id')
->get();
// Pull max data from the results table
$maxresult = $app->db->table('results')
->join('cloud', 'results.cloud_id', '=', 'cloud.id')
->join('target', 'results.target_id', '=', 'target.id')
->select($app->db
->connection()
->raw('results.id, cloud.server_ip, target.address,
target.cidr, results.start_time,
max(results.port_count) as port_count'))
->groupBy('results.cloud_id', 'results.target_id', 'results.spawn_id')
->get();
foreach ($minresult as $position => $item) {
$minresult[$position]['start_time'] = strftime('%D %T',
$item['start_time']);
}
foreach ($maxresult as $position => $item) {
$maxresult[$position]['start_time'] = strftime('%D %T',
$item['start_time']);
}
$smarty_data['minresults'] = $minresult;
$smarty_data['maxresults'] = $maxresult;
prep_smarty($app);
$app->render('resultminmax.tpl', $smarty_data);
});
// Results Summary Reports page
$app->get('/resultsum', $isauthenticated(), function () use ($app) {
global $smarty_data;
// select count(id), cloud_id, target_id, spawn_id, min(port_count),
// max(port_count) from results group by cloud_id, target_id, spawn_id;
// Pull summary data from the results table
$results = $app->db->table('results')
->join('cloud', 'results.cloud_id', '=', 'cloud.id')
->join('target', 'results.target_id', '=', 'target.id')
->select($app->db
->connection()
->raw('count(results.id) AS countid, cloud.server_ip,
results.cloud_id, results.target_id,
results.spawn_id, target.address, target.cidr,
min(results.port_count) AS minport,
max(results.port_count) AS maxport'))
->groupBy('cloud_id', 'target_id', 'spawn_id')
->get();
foreach ($results as $position => $item) {
$results[$position]['server_ip'] = long2ip($item['server_ip']);
$results[$position]['address'] = long2ip($item['address']);
}
$smarty_data['results'] = $results;
prep_smarty($app);
$app->render('resultsum.tpl', $smarty_data);
});
?>
\ No newline at end of file
......@@ -56,8 +56,8 @@
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Reports <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li><a href="/resultlist">Raw Results List</a></li>
<li><a href="/report2">Report 2</a></li>
<li><a href="/report3">Report 3</a></li>
<li><a href="/resultminmax">Min/Max Results</a></li>
<li><a href="/resultsum">Results Summary</a></li>
<li><a href="/report4">Report 4</a></li>
</ul>
</li>
......
......@@ -34,13 +34,13 @@
<h1>Results for scan of {long2ip($result.address)}/{$result.cidr}</h1>
</div>
<p>{long2ip($result.server_ip)}</p>
<p>{$result.start_time}</p>
<p>Originating Server : {long2ip($result.server_ip)}</p>
<p>Scan Time : {$result.start_time}</p>
<p>{$result.end_time}</p>
<p>{printf('%.1f', $result.elapsed_time)}</p>
<p>{$result.xml_version}</p>
<p>{$result.exit_status}</p>
<p>{$result.port_count}</p>
<p>Exit Status : {$result.exit_status}</p>
<p>Port Count : {$result.port_count}</p>
<p>{$result.filename}</p>
{include file='footer.tpl'}
......
......@@ -47,11 +47,11 @@
</tr>
{foreach from=$results item=row}
<tr>
<td><a href='/resultlist/{$row.id}'>{long2ip($row.server_ip)}</a></td>
<td>{long2ip($row.address)}/{$row.cidr}</td>
<td><a href='/resultlist/{$row.id}'>{$row.server_ip}</a></td>
<td>{$row.address}/{$row.cidr}</td>
<td>{$row.start_time}</td>
<td>{$row.end_time}</td>
<td>{printf('%.1f', $row.elapsed_time)}</td>
<td>{$row.elapsed_time}</td>
<td>{$row.exit_status}</td>
<td>{$row.port_count}</td>
</tr>
......
{--* Skynet - Automated "Cloud" Security Scanner *}
{--* Copyright (C) 2014-present Jason Frisvold <friz@godshell.com> *}
{--* *}
{--* This program is free software; you can redistribute it and/or modify *}
{--* it under the terms of the GNU General Public License as published by *}
{--* the Free Software Foundation; either version 2 of the License, or *}
{--* (at your option) any later version. *}
{--* *}
{--* This program is distributed in the hope that it will be useful, *}
{--* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
{--* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
{--* GNU General Public License for more details. *}
{--* *}
{--* You should have received a copy of the GNU General Public License *}
{--* along with this program; if not, write to the Free Software *}
{--* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA*}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel='shortcut icon' type='image/x-icon' href='{$skynet_favicon}'>
{include file='head-css.tpl'}
<title>Skynet Automated Security Scanner</title>
</head>
<body>
{assign var=page value='report'}
{include file='header.tpl'}
<div class='container'>
<div class='page-header'>
<h1>Results</h1>
</div>
<div>
<table class='table table-striped'>
<tr>
<th>Server</th>
<th>Target</th>
<th>Scan Time</th>
<th>Port Count</th>
</tr>
{foreach from=$minresults item=row}
<tr>
<td><a href='/resultlist/{$row.id}'>{long2ip($row.server_ip)}</a></td>
<td>{long2ip($row.address)}/{$row.cidr}</td>
<td>{$row.start_time}</td>
<td>{$row.port_count}</td>
</tr>
{/foreach}
<tr>
<th>Server</th>
<th>Target</th>
<th>Scan Time</th>
<th>Port Count</th>
</tr>
{foreach from=$maxresults item=row}
<tr>
<td><a href='/resultlist/{$row.id}'>{long2ip($row.server_ip)}</a></td>
<td>{long2ip($row.address)}/{$row.cidr}</td>
<td>{$row.start_time}</td>
<td>{$row.port_count}</td>
</tr>
{/foreach}
</table>
</div>
</div>
{include file='footer.tpl'}
</body>
</html>
{--* Skynet - Automated "Cloud" Security Scanner *}
{--* Copyright (C) 2014-present Jason Frisvold <friz@godshell.com> *}
{--* *}
{--* This program is free software; you can redistribute it and/or modify *}
{--* it under the terms of the GNU General Public License as published by *}
{--* the Free Software Foundation; either version 2 of the License, or *}
{--* (at your option) any later version. *}
{--* *}
{--* This program is distributed in the hope that it will be useful, *}
{--* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
{--* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
{--* GNU General Public License for more details. *}
{--* *}
{--* You should have received a copy of the GNU General Public License *}
{--* along with this program; if not, write to the Free Software *}
{--* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA*}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel='shortcut icon' type='image/x-icon' href='{$skynet_favicon}'>
{include file='head-css.tpl'}
<title>Skynet Automated Security Scanner</title>
</head>
<body>
{assign var=page value='report'}
{include file='header.tpl'}
<div class='container'>
<div class='page-header'>
<h1>Results</h1>
</div>
<div>
<table class='table table-striped'>
<tr>
<th>Server</th>
<th>Target</th>
<th>Result Count</th>
<th>Min Port Count</th>
<th>Max Port Count</th>
</tr>
{foreach from=$results item=row}
<tr>
<td><a href='/resultlist/{$row.cloud_id}/{$row.target_id}/{$row.spawn_id}'>{$row.server_ip}</a></td>
<td>{$row.address}/{$row.cidr}</td>
<td>{$row.countid}</td>
<td>{$row.minport}</td>
<td>{$row.maxport}</td>
</tr>
{/foreach}
</table>
</div>
</div>
{include file='footer.tpl'}
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment