Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/opt/local/bin/perl
- ## Copyright (C) 2011 Cody Dumont (NWN Corp)
- ##
- ## This program is free software; you can redistribute it and/or
- ## modify it under the terms of the GNU General Public License
- ## as published by the Free Software Foundation; either version 2
- ## of the License, or (at your option) any later version.
- ##
- ## This program is distributed in the hope that it will be useful,
- ## but WITHOUT ANY WARRANTY; without even the implied warranty of
- ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- ## GNU General Public License for more details.
- ##
- ## You should have received a copy of the GNU General Public License
- ## along with this program; if not, write to the Free Software
- ## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- ## This script will parse a Nessus XMLv2 file and put into a spreadsheet
- ##
- ## Version 0.8
- use strict;
- use XML::TreePP;
- use Data::Dumper;
- use Spreadsheet::WriteExcel::Big;
- use Math::Round;
- our (@vlun_entries,@highvlun,@medvlun,@lowvlun,@nonevlun,@host_scan_data);
- our (@WinUserData,@WinUsers,@WinGuestUserData,@PasswordPolicyData);
- ###### Code contributed by Whinston Antion <Whinston.Antion AT mail.wvu.edu>
- my $random_number = rand();
- my $now_string = localtime;
- my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
- my $report_file = sprintf("%4d%02d%02d%02d%02d%02d",($year + 1900),($mon+1),$mday,$hour,$min,$sec);
- ###### end contribution
- sub parse_windows_mgnt
- {
- my @WinUserDataSheet;
- my (@policy_entries,@policy_data_entries);
- my @user_data_entries;
- my @guest_data_entries;
- foreach my $WinUserData_entry (@WinUserData)
- {
- $WinUserData_entry->{'operating-system'} =~ s/\,//g;
- if ($WinUserData_entry->{'host-ip'} eq "")
- {
- $WinUserData_entry->{'host-ip'} = $WinUserData_entry->{'name'}
- }
- my $header = "$WinUserData_entry->{file}|$WinUserData_entry->{'host-ip'}|$WinUserData_entry->{'host-fqdn'}|$WinUserData_entry->{'netbios-name'}|$WinUserData_entry->{'operating-system'}";
- my @tmp;
- foreach my $entry (@{$WinUserData_entry->{user_report}})
- {
- $entry->{description} =~ s/\r\n|\n|\r|\f/ /g;
- $entry->{plugin_output} =~ s/\r\n|\n|\r|\f/+/g;
- $entry->{plugin_output} =~ s/ - //g;
- $entry->{synopsis} =~ s/\r\n|\n|\r|\f/ /g;
- my $a = "$header|$entry->{-pluginName}|$entry->{description}|$entry->{plugin_output}|$entry->{synopsis}";
- push @WinUserDataSheet, $a;
- }
- }
- foreach my $entry (@WinUserDataSheet)
- {
- my @tmp = split /\|/, $entry;
- if($tmp[5] =~ /[P|p]olicy/)
- {
- push @policy_data_entries, $entry
- }
- elsif($tmp[5] =~ /[U|u]ser/)
- {
- push @user_data_entries, $entry
- }
- elsif($tmp[5] =~ /[G|g]uest/)
- {
- push @guest_data_entries, $entry
- }
- else
- {
- print "\n\nWinUserDataSheet is something other that Guest, User, Policiy\n\nHere is the data that was found \"$tmp[5]\"\n\n";
- exit;
- }
- }
- foreach my $e (@user_data_entries)
- {
- my @entry = split /\|/, $e;
- if( $entry[7] =~ /\+/)
- {
- my $plugin;
- $entry[7] =~ s/\+\+\+/\+/g;
- $entry[7] =~ s/\+\+/\+/g;
- my @list = split /\+/,$entry[7];
- shift @list;
- shift @list;
- my $cnt = @list;
- $cnt = $cnt - 5;
- if ($entry[5] !~ /group$/)
- {
- splice @list,$cnt,5;
- }
- if ($entry[5] =~ /group$/)
- {
- $entry[5] =~ s/\'//g;
- my @tmp = split / /, $entry[5];
- my $c = @tmp;
- $c = $c - 2;
- my @tmp1 = splice @tmp,$c,2;
- $plugin = join " ",@tmp1;
- $plugin = "members of $plugin";
- }
- else
- {
- my @tmp = split / : /, $entry[5];
- $plugin = $tmp[1];
- }
- foreach my $name (@list)
- {
- my $type = "Local User";
- if ($name =~ /\(/)
- {
- my @tmp = split / /, $name;
- $type = pop @tmp;
- $type =~ s/\(|\)//g;
- $name = join " ", @tmp;
- }
- my $record = "$entry[0],$entry[1],$entry[2],$entry[3],$entry[4],$plugin,$name,$type";
- push @WinUsers,$record;
- } # end foreach my name
- }# end if + statement
- } # end foreach my $e (@user_data_entries)
- foreach my $e (@guest_data_entries)
- {
- my @entry = split /\|/, $e;
- $entry[6] =~ s/\,//g;
- my $record = "$entry[0],$entry[1],$entry[2],$entry[3],$entry[4],$entry[8],$entry[5],$entry[7],$entry[6]";
- push @WinGuestUserData, $record;
- }# end foreach my $e (@guest_data_entries)
- foreach my $e (@policy_data_entries)
- {
- my @entry = split /\|/, $e;
- if( $entry[7] =~ /\+/)
- {
- my $plugin;
- $entry[7] =~ s/\+\+\+/\+/g;
- $entry[7] =~ s/\+\+/\+/g;
- my @list = split /\+/,$entry[7];
- my $record = "$entry[0],$entry[1],$entry[2],$entry[3],$entry[4]";
- foreach (@list)
- {
- my @tmp = split /: /,$_;
- if($tmp[1] ne "")
- {
- $record ="$record,$tmp[1]";
- }
- }
- push @PasswordPolicyData,$record;
- }
- } # foreach my $e (@policy_data_entries)
- } # end SUB ROUTINE
- sub check_if_vuln_present
- {
- my $vuln = $_[0];
- my $plugin = $vuln->{-pluginID};
- my $severity = $vuln->{-severity};
- my $pluginName = $vuln->{-pluginName};
- $pluginName =~ s/\,//g;
- $vuln->{solution} =~ s/\,/\|/g;
- $vuln->{solution} =~ s/\n|\r/\ /g;
- $vuln->{description} =~ s/\,/\|/g;
- $vuln->{description} =~ s/\n|\r/\ /g;
- my $bid;
- if (ref $vuln->{bid} eq "ARRAY")
- {
- $bid = join "|", @{$vuln->{bid}}
- }
- elsif (ref $vuln->{bid} eq "")
- {
- $bid = $vuln->{bid}
- }
- my $cve;
- if (ref $vuln->{cve} eq "ARRAY")
- {
- $cve = join "|", @{$vuln->{cve}}
- }
- elsif (ref $vuln->{cve} eq "")
- {
- $cve = $vuln->{cve}
- }
- my $xref;
- if (ref $vuln->{xref} eq "ARRAY")
- {
- $xref = join "|", @{$vuln->{xref}}
- }
- elsif (ref $vuln->{xref} eq "")
- {
- $xref = $vuln->{xref}
- }
- my $file = $_[1];
- my $plugin_cnt = 0;
- if ($severity == 0)
- {
- my $plugin_test = grep /$vuln->{-pluginID}/, @nonevlun;
- my @found_plugin = grep /$vuln->{-pluginID}/, @nonevlun;
- print "";
- if ($plugin_test == 0)
- {
- ++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @nonevlun, $plugin
- }
- else
- {
- foreach (@nonevlun)
- {
- my @tmp = split /\,/, $_;
- if ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] ne $file && $plugin_test == 1)
- {
- print "";
- #++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @nonevlun, $plugin
- }
- elsif ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] eq $file)
- {
- ++$tmp[2];
- $_ = join(",",@tmp);
- last;
- }
- } # end foreach
- } #end else for test
- }
- elsif ($severity == 1)
- {
- my $plugin_test = grep /$vuln->{-pluginID}/, @lowvlun;
- my @found_plugin = grep /$vuln->{-pluginID}/, @lowvlun;
- print "";
- if ($plugin_test == 0)
- {
- ++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @lowvlun, $plugin
- }
- else
- {
- foreach (@lowvlun)
- {
- my @tmp = split /\,/, $_;
- if ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] ne $file && $plugin_test == 1)
- {
- print "";
- #++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @lowvlun, $plugin
- }
- elsif ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] eq $file)
- {
- ++$tmp[2];
- $_ = join(",",@tmp);
- last;
- }
- } # end foreach
- } #end else for test
- }
- elsif ($severity == 2)
- {
- my $plugin_test = grep /$vuln->{-pluginID}/, @medvlun;
- my @found_plugin = grep /$vuln->{-pluginID}/, @medvlun;
- print "";
- if ($plugin_test == 0)
- {
- ++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @medvlun, $plugin
- }
- else
- {
- foreach (@medvlun)
- {
- my @tmp = split /\,/, $_;
- if ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] ne $file && $plugin_test == 1)
- {
- print "";
- #++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @medvlun, $plugin
- }
- elsif ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] eq $file)
- {
- ++$tmp[2];
- $_ = join(",",@tmp);
- last;
- }
- } # end foreach
- } #end else for test
- }
- elsif ($severity == 3)
- {
- my $plugin_test = grep /$vuln->{-pluginID}/, @highvlun;
- my @found_plugin = grep /$vuln->{-pluginID}/, @highvlun;
- print "";
- if ($plugin_test == 0)
- {
- ++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @highvlun, $plugin
- }
- else
- {
- foreach (@highvlun)
- {
- my @tmp = split /\,/, $_;
- if ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] ne $file && $plugin_test == 1)
- {
- print "";
- #++$plugin_cnt;
- $plugin = "$plugin\,$severity\,$plugin_cnt\,$pluginName\,$file\,$vuln->{-pluginFamily},$bid,$cve,$xref,$vuln->{solution},$vuln->{description}";
- push @highvlun, $plugin
- }
- elsif ($tmp[0] eq $vuln->{-pluginID} && $tmp[4] eq $file)
- {
- ++$tmp[2];
- $_ = join(",",@tmp);
- last;
- }
- } # end foreach
- } #end else for test
- }
- }
- my $dir = shift or die print "Please put the direcroty where NESSUS NBE files are located.\n";
- opendir DIR, $dir;
- our @files = readdir(DIR);
- closedir DIR;
- my @xml_files = grep {$_ =~ /\.xml|\.XML/} @files;
- @xml_files = grep {$_ !~ /^\./} @xml_files;
- my @host_data;
- foreach my $file (@xml_files)
- {
- my $tpp = XML::TreePP->new();
- my $tree = $tpp->parsefile( $file );
- print "Parsing File $file \n\n";
- my @report_data;
- if (ref($tree->{NessusClientData_v2}->{Report}->{ReportHost}) eq "HASH")
- {
- push @report_data, $tree->{NessusClientData_v2}->{Report}->{ReportHost};
- }
- elsif (ref($tree->{NessusClientData_v2}->{Report}->{ReportHost}) eq "ARRAY")
- {
- @report_data = @{$tree->{NessusClientData_v2}->{Report}->{ReportHost}};
- }
- foreach my $hostproperties (@report_data)
- {
- my %hash;
- $hash{file} = $file;
- $hash{name} = $hostproperties->{-name};
- my @host;
- if (ref($hostproperties->{HostProperties}->{tag}) eq "HASH")
- {
- push @host, $hostproperties->{HostProperties}->{tag};
- }
- elsif (ref($hostproperties->{HostProperties}->{tag}) eq "ARRAY")
- {
- @host = @{$hostproperties->{HostProperties}->{tag}};
- }
- $hash{host_report} = $hostproperties->{ReportItem};
- foreach my $host (@host)
- {
- $hash{$host->{-name}} = $host->{"#text"};
- } # end - foreach my $host_data (@host_data)
- $hostproperties = \%hash;
- } # end foreach my $hostproperties (@host_data)
- push @host_data, @report_data;
- print "Finished Parsing File $file \n\n";
- } # end xml file foreach loop
- print "\nPrinting the Main Report\n";
- open FILE, ">Nessus_data_report_$report_file.txt";
- foreach my $host (@host_data)
- {
- my @HostReport;
- print FILE "##############################################################\nHEADER 2 - $host->{name} ";
- if ($host->{'host-fqdn'} ne "")
- {
- print FILE " - $host->{'host-fqdn'}"
- }
- print FILE "\nFILE -> $host->{file} - Place Holder for now I will remove soon\n\n";
- print FILE "OS Guess is $host->{'operating-system'}\n";
- if(ref ($host->{host_report}) eq "ARRAY")
- {
- @HostReport = @{$host->{host_report}};
- }
- elsif(ref ($host->{host_report}) eq "HASH")
- {
- push @HostReport,$host->{host_report};
- }
- foreach my $entry (@HostReport)
- {
- if ($entry->{'-pluginID'} > 0) # || $entry->{'-pluginID'} ne "")
- {
- print FILE "HEADER 3 - $entry->{-pluginName} - $entry->{-port}\/$entry->{-svc_name}\n\nSynopsis\n$entry->{synopsis}\n\nRisk Factor\n$entry->{risk_factor}\n\nSolution\n$entry->{solution}\n\nPlugin Output\n$entry->{plugin_output}\n\n";
- }
- } #End foreach report entry
- print FILE "----------------- END - $host->{'host-ip'}\n\n\n";
- }
- close FILE;
- print "Creating Spreadsheet Data\n";
- my $highvuln_cnt = 0;
- my $medvuln_cnt = 0;
- my $lowvuln_cnt = 0;
- my $nonevuln_cnt = 0;
- # Extract Policy Compliance
- my @PolicyCompliance;
- my @policy_data;
- print "Preparing Hosts Data\n";
- foreach my $host (@host_data)
- {
- my @HostReport;
- my @ComplianceData;
- my @VulnData;
- my @HostWinUserData;
- if(ref ($host->{host_report}) eq "ARRAY")
- {
- @HostReport = @{$host->{host_report}};
- }
- elsif(ref ($host->{host_report}) eq "HASH")
- {
- push @HostReport,$host->{host_report};
- }
- foreach my $h_report (@HostReport)
- {
- if($h_report->{'-pluginFamily'} =~ /Compliance/)
- {
- push @ComplianceData, $h_report;
- }
- elsif($h_report->{'-pluginFamily'} =~ 'Windows : User management')
- {
- push @HostWinUserData, $h_report;
- }
- else
- {
- push @VulnData, $h_report;
- }
- }
- delete $host->{host_report};
- my %t1_hash = %{$host};
- my %t2_hash = %{$host};
- my $policy_host = \%t1_hash;
- my $win_user_host = \%t2_hash;;
- if($ComplianceData[0] != "")
- {
- @{$policy_host->{host_report}} = @ComplianceData;
- push @PolicyCompliance, $policy_host;
- }
- @{$host->{host_report}} = @VulnData;
- if($HostWinUserData[0] != "")
- {
- @{$win_user_host->{user_report}} = @HostWinUserData;
- push @WinUserData, $win_user_host;
- }
- } # end the Policy Compliance foreach loop
- # General Vulnerability Report
- print "Create General Vulnerability Data\n";
- foreach my $host (@host_data)
- {
- my @report_data = @{$host->{host_report}};
- my $name = $host->{name};
- if (not defined $host->{'host-fqdn'})
- {
- $host->{'host-fqdn'} = "N/A";
- }
- foreach my $vuln (@report_data)
- {
- if ($vuln->{-severity} == 0)
- {
- ++$nonevuln_cnt;
- if($vuln->{-pluginFamily} eq "" && $vuln->{-pluginName} eq "")
- {
- $vuln->{-pluginFamily} = "PortScan";
- $vuln->{-pluginName} = "$vuln->{-svc_name}";
- $vuln->{-pluginID} = "$vuln->{-protocol}\-$vuln->{-port}";
- }
- print "";
- }
- elsif ($vuln->{-severity} == 1){++$lowvuln_cnt}
- elsif ($vuln->{-severity} == 2){++$medvuln_cnt}
- elsif ($vuln->{-severity} == 3){++$highvuln_cnt}
- else
- {
- print "There is an unknown value in the Severity feild \"$vuln->{-severity}\", The script will exit.";
- exit;
- }
- if ($vuln->{-pluginName} eq "OS Identification")
- {
- #$vuln->{description} = s/\n/ /;
- my @t1 = split /\n/, $vuln->{description};
- my @t2 = split /\:/, $t1[1];
- $vuln->{-pluginName} ="$vuln->{-pluginName} - $t2[1]";
- }
- check_if_vuln_present($vuln,$host->{file}); # ->{-pluginID},$vuln->{-severity},$vuln->{-pluginName}
- my $plugin_name;
- if($vuln->{'-pluginName'} eq "Windows Compliance Checks")
- {
- $plugin_name = $vuln->{description};
- }
- else
- {
- $plugin_name = $vuln->{'-pluginName'};
- }
- my $r = "$host->{file},$host->{name},$host->{'host-fqdn'},$vuln->{'-pluginID'},$vuln->{'-protocol'},$vuln->{'-port'},$vuln->{'-severity'},$vuln->{'-pluginFamily'},$plugin_name";
- push @host_scan_data,$r;
- } # end foreach my $vuln (@report_data)
- } # end foreach my $host (@host_data)
- print "Creating Policy Compliance Data\n";
- foreach my $host (@PolicyCompliance)
- {
- my @report_data = @{$host->{host_report}};
- foreach my $vuln (@report_data)
- {
- my %setting;
- if($vuln->{-pluginID} eq "33929")
- {
- $setting{'Name'} = "PCI - $vuln->{-svc_name}";
- $vuln->{description} =~ s/\n/ /g;
- $setting{'Result'} = $vuln->{description};
- $setting{'RemoteValue'} = $vuln->{plugin_output};
- $setting{'ComplianceRequirement'} = $vuln->{synopsis};
- }
- elsif($vuln->{-pluginID} eq "33931")
- {
- $setting{'Name'} = "PCI - $vuln->{-svc_name}";
- $vuln->{description} =~ s/\n/ /g;
- $setting{'Result'} = $vuln->{description};
- $setting{'RemoteValue'} = $vuln->{plugin_output};
- $setting{'ComplianceRequirement'} = $vuln->{synopsis};
- }
- elsif($vuln->{description} =~ /SNMP\\Parameters|SeCEdit|ProtectedRoots|Enum|CurrentVersion\\Policies|CurrentVersion\\Installer|\%SystemRoot\%/)
- {
- my @desc = split /\n/, $vuln->{description};
- $setting{'Name'} = shift @desc;
- my @tmp = split /\:/, $setting{'Name'};
- $setting{'Name'} = $tmp[0];
- $setting{'Result'} = $tmp[1];
- $setting{'Name'} =~ s/\"//g;
- $setting{'Result'} =~ s/\[//g;
- $setting{'Result'} =~ s/\]//g;
- $setting{'Result'} =~ s/ //;
- $setting{'Name'} =~ s/ //;
- undef @tmp;
- $setting{'RemoteValue'} = "Too Many Permissions";
- $setting{'ComplianceRequirement'} = "See Nessus Report";
- }
- elsif($vuln->{-pluginID} =~ /21156|33930|33814|24760/)
- {
- my @desc = split /\n/, $vuln->{description};
- $setting{'Name'} = shift @desc;
- my @tmp = split /\:/, $setting{'Name'};
- $setting{'Name'} = $tmp[0];
- $setting{'Result'} = $tmp[1];
- $setting{'Name'} =~ s/\"//g;
- $setting{'Result'} =~ s/\[//g;
- $setting{'Result'} =~ s/\]//g;
- $setting{'Result'} =~ s/ //;
- $setting{'Name'} =~ s/ //;
- undef @tmp;
- my $should_be_nothing = shift @desc;
- $setting{'RemoteValue'} = shift @desc;
- @tmp = split /\:/, $setting{'RemoteValue'};
- $setting{'RemoteValue'} = $tmp[1];
- $setting{'RemoteValue'} =~ s/\, /\|/g;
- $setting{'RemoteValue'} =~ s/\"//g;
- $setting{'RemoteValue'} =~ s/ //;
- undef @tmp;
- $setting{'ComplianceRequirement'} = shift @desc;
- @tmp = split /\:/, $setting{'ComplianceRequirement'};
- $setting{'ComplianceRequirement'} = $tmp[1];
- $setting{'ComplianceRequirement'} =~ s/\, /\|/g;
- $setting{'ComplianceRequirement'} =~ s/\"//g;
- $setting{'ComplianceRequirement'} =~ s/\]//g;
- $setting{'ComplianceRequirement'} =~ s/\[//g;
- $setting{'ComplianceRequirement'} =~ s/ //;
- undef @tmp;
- }
- else
- {
- print "\n\nNew Policy Plugin - Please FIX Cody\n\n";
- exit;
- }
- my $a = "$host->{file},$host->{name},$host->{'host-fqdn'},$vuln->{'-pluginID'},$vuln->{'-protocol'},$vuln->{'-severity'},$vuln->{'-pluginFamily'},$setting{'Name'},$setting{'Result'},$setting{'RemoteValue'},$setting{'ComplianceRequirement'}";
- push @policy_data, $a;
- } # foreach my $vuln (@report_data)
- } # end foreach my $host (@PolicyCompliance)
- print "Creating Windows Management Data\n";
- parse_windows_mgnt();
- print "Creating Nessus Report Spreadsheet\n";
- ###################################################### start spreadsheet
- my $workbook = Spreadsheet::WriteExcel::Big->new("$dir/nessus_report_$report_file.xls");
- my $nonevulns_ctr = 1;
- my $lowvulns_ctr = 1;
- my $medvulns_ctr = 1;
- my $highvulns_ctr = 1;
- my $host_scan_data_ctr = 1;
- my $policy_data_ctr = 1;
- my $WinUsers_ctr = 1;
- my $PasswordPolicyData_ctr = 1;
- my $WinGuestUserData_ctr = 1;
- my $nonevlun_worksheet_ctr = 1;
- my $host_scan_data_worksheet = $workbook->add_worksheet('host_scan_data');
- $host_scan_data_worksheet->write(0, 0, 'File');
- $host_scan_data_worksheet->write(0, 1, 'IP Address');
- $host_scan_data_worksheet->write(0, 2, 'FQDN');
- $host_scan_data_worksheet->write(0, 3, 'Plugin ID');
- $host_scan_data_worksheet->write(0, 4, 'Protocol');
- $host_scan_data_worksheet->write(0, 5, 'Port');
- $host_scan_data_worksheet->write(0, 6, 'Severity');
- $host_scan_data_worksheet->write(0, 7, 'Plugin Family');
- $host_scan_data_worksheet->write(0, 8, 'Plugin Name');
- $host_scan_data_worksheet->freeze_panes('C2');
- $host_scan_data_worksheet->autofilter('A1:I1');
- $host_scan_data_worksheet->set_column('A:M', 20);
- my $highvulns_worksheet = $workbook->add_worksheet('highvulns');
- $highvulns_worksheet->write(0, 0, 'File');
- $highvulns_worksheet->write(0, 1, 'plugin Family');
- $highvulns_worksheet->write(0, 2, 'plugin id');
- $highvulns_worksheet->write(0, 3, 'plugin Name');
- $highvulns_worksheet->write(0, 4, 'count');
- $highvulns_worksheet->write(0, 5, 'Bid');
- $highvulns_worksheet->write(0, 6, 'CVE');
- $highvulns_worksheet->write(0, 7, 'OSVDB');
- $highvulns_worksheet->write(0, 8, 'Solution');
- $highvulns_worksheet->write(0, 9, 'Description');
- $highvulns_worksheet->freeze_panes('C2');
- $highvulns_worksheet->autofilter('A1:J1');
- $highvulns_worksheet->set_column('A:M', 20);
- my $nonevlun_worksheet = $workbook->add_worksheet('PortScan');
- $nonevlun_worksheet->write(0, 0, 'File');
- $nonevlun_worksheet->write(0, 1, 'plugin Family');
- $nonevlun_worksheet->write(0, 2, 'plugin id');
- $nonevlun_worksheet->write(0, 3, 'plugin Name');
- $nonevlun_worksheet->write(0, 4, 'count');
- $nonevlun_worksheet->freeze_panes('C2');
- $nonevlun_worksheet->autofilter('A1:E1');
- $nonevlun_worksheet->set_column('A:M', 20);
- my $medvulns_worksheet = $workbook->add_worksheet('medvulns');
- $medvulns_worksheet->write(0, 0, 'File');
- $medvulns_worksheet->write(0, 1, 'plugin Family');
- $medvulns_worksheet->write(0, 2, 'plugin id');
- $medvulns_worksheet->write(0, 3, 'plugin Name');
- $medvulns_worksheet->write(0, 4, 'count');
- $medvulns_worksheet->write(0, 5, 'Bid');
- $medvulns_worksheet->write(0, 6, 'CVE');
- $medvulns_worksheet->write(0, 7, 'OSVDB');
- $medvulns_worksheet->write(0, 8, 'Solution');
- $medvulns_worksheet->write(0, 9, 'Description');
- $medvulns_worksheet->freeze_panes('C2');
- $medvulns_worksheet->autofilter('A1:J1');
- $medvulns_worksheet->set_column('A:M', 20);
- my $lowvulns_worksheet = $workbook->add_worksheet('lowvulns');
- $lowvulns_worksheet->write(0, 0, 'File');
- $lowvulns_worksheet->write(0, 1, 'plugin Family');
- $lowvulns_worksheet->write(0, 2, 'plugin id');
- $lowvulns_worksheet->write(0, 3, 'plugin Name');
- $lowvulns_worksheet->write(0, 4, 'count');
- $lowvulns_worksheet->write(0, 5, 'Bid');
- $lowvulns_worksheet->write(0, 6, 'CVE');
- $lowvulns_worksheet->write(0, 7, 'OSVDB');
- $lowvulns_worksheet->write(0, 8, 'Solution');
- $lowvulns_worksheet->write(0, 9, 'Description');
- $lowvulns_worksheet->freeze_panes('C2');
- $lowvulns_worksheet->autofilter('A1:J1');
- $lowvulns_worksheet->set_column('A:M', 20);
- my $policy_worksheet = $workbook->add_worksheet('Policy Compliance');
- $policy_worksheet->write(0, 0, 'File');
- $policy_worksheet->write(0, 1, 'IP Address');
- $policy_worksheet->write(0, 2, 'FQDN');
- $policy_worksheet->write(0, 3, 'PluginID');
- $policy_worksheet->write(0, 4, 'protocol');
- $policy_worksheet->write(0, 5, 'severity');
- $policy_worksheet->write(0, 6, 'pluginFamily');
- $policy_worksheet->write(0, 7, 'Policy Setting');
- $policy_worksheet->write(0, 8, 'Result');
- $policy_worksheet->write(0, 9, 'System Value');
- $policy_worksheet->write(0, 10, 'Compliance Requirement');
- $policy_worksheet->freeze_panes('C2');
- $policy_worksheet->autofilter('A1:J1');
- $policy_worksheet->set_column('A:M', 20);
- my $WinUsers_worksheet = $workbook->add_worksheet('WinUsers');
- $WinUsers_worksheet->write(0, 0, 'File');
- $WinUsers_worksheet->write(0, 1, 'IP Address');
- $WinUsers_worksheet->write(0, 2, 'FQDN');
- $WinUsers_worksheet->write(0, 3, 'Netbios Name');
- $WinUsers_worksheet->write(0, 4, 'OS');
- $WinUsers_worksheet->write(0, 5, 'Plugin Name');
- $WinUsers_worksheet->write(0, 6, 'Username');
- $WinUsers_worksheet->write(0, 7, 'Account type');
- $WinUsers_worksheet->freeze_panes('C2');
- $WinUsers_worksheet->autofilter('A1:H1');
- $WinUsers_worksheet->set_column('A:M', 20);
- my $WinGuestUserData_worksheet = $workbook->add_worksheet('WinGuestUserData');
- $WinGuestUserData_worksheet->write(0, 0, 'File');
- $WinGuestUserData_worksheet->write(0, 1, 'IP Address');
- $WinGuestUserData_worksheet->write(0, 2, 'FQDN');
- $WinGuestUserData_worksheet->write(0, 3, 'Netbios Name');
- $WinGuestUserData_worksheet->write(0, 4, 'OS');
- $WinGuestUserData_worksheet->write(0, 5, 'Plugin Name');
- $WinGuestUserData_worksheet->write(0, 6, 'Description');
- $WinGuestUserData_worksheet->write(0, 7, 'Plugin Output');
- $WinGuestUserData_worksheet->write(0, 8, 'Synopsis');
- $WinGuestUserData_worksheet->freeze_panes('C2');
- $WinGuestUserData_worksheet->autofilter('A1:I1');
- $WinGuestUserData_worksheet->set_column('A:M', 20);
- my $PasswordPolicyData_worksheet = $workbook->add_worksheet('PasswordPolicyData');
- $PasswordPolicyData_worksheet->write(0, 0, 'File');
- $PasswordPolicyData_worksheet->write(0, 1, 'IP Address');
- $PasswordPolicyData_worksheet->write(0, 2, 'FQDN');
- $PasswordPolicyData_worksheet->write(0, 3, 'Netbios Name');
- $PasswordPolicyData_worksheet->write(0, 4, 'OS');
- $PasswordPolicyData_worksheet->write(0, 5, 'Minimum password length');
- $PasswordPolicyData_worksheet->write(0, 6, 'Password history length');
- $PasswordPolicyData_worksheet->write(0, 7, 'Maximum password age (d)');
- $PasswordPolicyData_worksheet->write(0, 8, 'Password must meet complexity requirements');
- $PasswordPolicyData_worksheet->write(0, 9, 'Minimum password age (d)');
- $PasswordPolicyData_worksheet->write(0, 10, 'Forced logoff time (s)');
- $PasswordPolicyData_worksheet->write(0, 11, 'Locked account time (s)');
- $PasswordPolicyData_worksheet->write(0, 12, 'Time between failed logon (s)');
- $PasswordPolicyData_worksheet->write(0, 13, 'Number of invalid logon before locked out (s)');
- $PasswordPolicyData_worksheet->freeze_panes('C2');
- $PasswordPolicyData_worksheet->autofilter('A1:M1');
- $PasswordPolicyData_worksheet->set_column('A:M', 20);
- my $h_tmp = @host_scan_data;
- my $table_cnt = 1;
- if($h_tmp > 60000)
- {
- my $array_cnt = $h_tmp/60000;
- my @dec = split /\./, $array_cnt;
- if ($dec[1] > 0)
- {
- ++$dec[0]
- }
- $table_cnt = $dec[0];
- $h_tmp = 60000;
- }
- foreach (@host_scan_data)
- {
- if ($host_scan_data_ctr == $h_tmp)
- {
- my $table = $table_cnt - 1;
- $host_scan_data_ctr = 1;
- $host_scan_data_worksheet = $workbook->add_worksheet("host_scan_data_$table");
- $host_scan_data_worksheet->write(0, 0, 'File');
- $host_scan_data_worksheet->write(0, 1, 'IP Address');
- $host_scan_data_worksheet->write(0, 2, 'FQDN');
- $host_scan_data_worksheet->write(0, 3, 'Plugin ID');
- $host_scan_data_worksheet->write(0, 4, 'Protocol');
- $host_scan_data_worksheet->write(0, 5, 'Port');
- $host_scan_data_worksheet->write(0, 6, 'Severity');
- $host_scan_data_worksheet->write(0, 7, 'Plugin Family');
- $host_scan_data_worksheet->write(0, 8, 'Plugin Name');
- $host_scan_data_worksheet->freeze_panes('C2');
- }
- my @tmp = split /\,/, $_;
- $host_scan_data_worksheet->write($host_scan_data_ctr, 0, $tmp[0]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 1, $tmp[1]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 2, $tmp[2]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 3, $tmp[3]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 4, $tmp[4]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 5, $tmp[5]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 6, $tmp[6]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 7, $tmp[7]);
- $host_scan_data_worksheet->write($host_scan_data_ctr, 8, $tmp[8]);
- ++$host_scan_data_ctr;
- } # end foreach (@host_scan_data)
- foreach (@lowvlun)
- {
- my @tmp = split /\,/, $_;
- $lowvulns_worksheet->write($lowvulns_ctr, 0, $tmp[4]);
- $lowvulns_worksheet->write($lowvulns_ctr, 1, $tmp[5]);
- $lowvulns_worksheet->write($lowvulns_ctr, 2, $tmp[0]);
- $lowvulns_worksheet->write($lowvulns_ctr, 3, $tmp[3]);
- $lowvulns_worksheet->write($lowvulns_ctr, 4, $tmp[2]);
- $lowvulns_worksheet->write($lowvulns_ctr, 5, $tmp[6]);
- $lowvulns_worksheet->write($lowvulns_ctr, 6, $tmp[7]);
- $lowvulns_worksheet->write($lowvulns_ctr, 7, $tmp[8]);
- $lowvulns_worksheet->write($lowvulns_ctr, 8, $tmp[9]);
- $lowvulns_worksheet->write($lowvulns_ctr, 9, $tmp[10]);
- ++$lowvulns_ctr;
- } # end foreach (@lowvlun)
- foreach (@medvlun)
- {
- my @tmp = split /\,/, $_;
- $medvulns_worksheet->write($medvulns_ctr, 0, $tmp[4]);
- $medvulns_worksheet->write($medvulns_ctr, 1, $tmp[5]);
- $medvulns_worksheet->write($medvulns_ctr, 2, $tmp[0]);
- $medvulns_worksheet->write($medvulns_ctr, 3, $tmp[3]);
- $medvulns_worksheet->write($medvulns_ctr, 4, $tmp[2]);
- $medvulns_worksheet->write($medvulns_ctr, 5, $tmp[6]);
- $medvulns_worksheet->write($medvulns_ctr, 6, $tmp[7]);
- $medvulns_worksheet->write($medvulns_ctr, 7, $tmp[8]);
- $medvulns_worksheet->write($medvulns_ctr, 8, $tmp[9]);
- $medvulns_worksheet->write($medvulns_ctr, 9, $tmp[10]);
- ++$medvulns_ctr;
- } # end foreach (@medvlun)
- foreach (@highvlun)
- {
- my @tmp = split /\,/, $_;
- $highvulns_worksheet->write($highvulns_ctr, 0, $tmp[4]);
- $highvulns_worksheet->write($highvulns_ctr, 1, $tmp[5]);
- $highvulns_worksheet->write($highvulns_ctr, 2, $tmp[0]);
- $highvulns_worksheet->write($highvulns_ctr, 3, $tmp[3]);
- $highvulns_worksheet->write($highvulns_ctr, 4, $tmp[2]);
- $highvulns_worksheet->write($highvulns_ctr, 5, $tmp[6]);
- $highvulns_worksheet->write($highvulns_ctr, 6, $tmp[7]);
- $highvulns_worksheet->write($highvulns_ctr, 7, $tmp[8]);
- $highvulns_worksheet->write($highvulns_ctr, 8, $tmp[9]);
- $highvulns_worksheet->write($highvulns_ctr, 9, $tmp[10]);
- ++$highvulns_ctr;
- } # end foreach (@highvlun)
- foreach (@nonevlun)
- {
- my @tmp = split /\,/, $_;
- $nonevlun_worksheet->write($nonevlun_worksheet_ctr, 0, $tmp[4]);
- $nonevlun_worksheet->write($nonevlun_worksheet_ctr, 1, $tmp[5]);
- $nonevlun_worksheet->write($nonevlun_worksheet_ctr, 2, $tmp[0]);
- $nonevlun_worksheet->write($nonevlun_worksheet_ctr, 3, $tmp[3]);
- $nonevlun_worksheet->write($nonevlun_worksheet_ctr, 4, $tmp[2]);
- ++$nonevlun_worksheet_ctr;
- } # end foreach (@highvlun)
- foreach (@policy_data)
- {
- my @tmp = split /\,/, $_;
- $policy_worksheet->write($policy_data_ctr, 0, $tmp[0]);
- $policy_worksheet->write($policy_data_ctr, 1, $tmp[1]);
- $policy_worksheet->write($policy_data_ctr, 2, $tmp[2]);
- $policy_worksheet->write($policy_data_ctr, 3, $tmp[3]);
- $policy_worksheet->write($policy_data_ctr, 4, $tmp[4]);
- $policy_worksheet->write($policy_data_ctr, 5, $tmp[5]);
- $policy_worksheet->write($policy_data_ctr, 6, $tmp[6]);
- $policy_worksheet->write($policy_data_ctr, 7, $tmp[7]);
- $policy_worksheet->write($policy_data_ctr, 8, $tmp[8]);
- $policy_worksheet->write($policy_data_ctr, 9, $tmp[9]);
- $policy_worksheet->write($policy_data_ctr, 10, $tmp[10]);
- ++$policy_data_ctr;
- } # end foreach (@policy_data)
- foreach (@WinUsers)
- {
- my @tmp = split /\,/, $_;
- $WinUsers_worksheet->write($WinUsers_ctr, 0, $tmp[0]);
- $WinUsers_worksheet->write($WinUsers_ctr, 1, $tmp[1]);
- $WinUsers_worksheet->write($WinUsers_ctr, 2, $tmp[2]);
- $WinUsers_worksheet->write($WinUsers_ctr, 3, $tmp[3]);
- $WinUsers_worksheet->write($WinUsers_ctr, 4, $tmp[4]);
- $WinUsers_worksheet->write($WinUsers_ctr, 5, $tmp[5]);
- $WinUsers_worksheet->write($WinUsers_ctr, 6, $tmp[6]);
- $WinUsers_worksheet->write($WinUsers_ctr, 7, $tmp[7]);
- ++$WinUsers_ctr;
- } # end foreach (@WinUsers)
- foreach (@WinGuestUserData)
- {
- my @tmp = split /\,/, $_;
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 0, $tmp[0]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 1, $tmp[1]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 2, $tmp[2]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 3, $tmp[3]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 4, $tmp[4]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 5, $tmp[5]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 6, $tmp[6]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 7, $tmp[7]);
- $WinGuestUserData_worksheet->write($WinGuestUserData_ctr, 8, $tmp[8]);
- ++$WinGuestUserData_ctr;
- } # foreach (@WinGuestUserData)
- foreach (@PasswordPolicyData)
- {
- my @tmp = split /\,/, $_;
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 0, $tmp[0]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 1, $tmp[1]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 2, $tmp[2]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 3, $tmp[3]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 4, $tmp[4]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 5, $tmp[5]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 6, $tmp[6]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 7, $tmp[7]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 8, $tmp[8]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 9, $tmp[9]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 10, $tmp[10]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 11, $tmp[11]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 12, $tmp[12]);
- $PasswordPolicyData_worksheet->write($PasswordPolicyData_ctr, 13, $tmp[13]);
- ++$PasswordPolicyData_ctr;
- } # end foreach (@PasswordPolicyData)
- $workbook->close();
- print "\n\ncompleted\n\n";
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement