-
Notifications
You must be signed in to change notification settings - Fork 0
/
classes.php
117 lines (94 loc) · 3.21 KB
/
classes.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
/*******************************************
* WhiteHat Sentinel Vulnerability Tracker *
* Created by Josh Sokol 2010-11-09 *
* Requires a MySQL database specified in *
* the config.php file with a table named *
* "vulnerabilities" with the following *
* fields: *
* id - int(10) *
* class - varchar(100) *
* status - varchar(8) *
* severity - int(2) *
* threat - int(2) *
* score - int(2) *
* found - timestamp *
* opened - timestamp *
* closed - timestamp *
* url - varchar(100) *
* href - varchar(100) *
* site - varchar(100) *
* retest_state - varchar(50) *
*******************************************/
// Include required template file
require_once('includes/templates.php');
// Include required functions file
require_once('includes/functions.php');
// Include required sessions file
require_once('includes/Session.class.php');
// Start session
session_start('SentinelPlus', 0, '/', 'sentinelplus.net', true);
//SessionManager::sessionStart('SentinelPlus', 0, '/', 'sentinelplus.net', true);
// If we don't have a session key
if (!isset($_SESSION['key']))
{
// Redirect to the index
header( 'Location: index.php' );
}
// Decrypt the session key
$key = trim(decrypt($_SESSION['key']));
// Get the list of vulnerability classes
$classes = get_classes($key);
// Set the site value if we have one
if (isset($_POST['site']))
{
$selected_site = $_POST['site'];
}
?>
<HTML>
<HEAD>
<TITLE>SentinelPlus: Advanced Reporting for WhiteHat Sentinel Vulnerabilities</TITLE>
<link rel="stylesheet" type="text/css" href="css/style.css" media="all" />
</HEAD>
<BODY>
<? display_header(); ?>
<form action="" method="POST">
Site:
<select name="site" onChange="this.form.submit();">
<option value="ALL SITES"<? if (!isset($_POST['site'])) echo " selected" ?>>ALL SITES</option>
<option value="PRODUCTION"<? if ($_POST['site'] == "PRODUCTION") echo " selected" ?>>PRODUCTION</option>
<option value="TEST"<? if ($_POST['site'] == "TEST") echo " selected" ?>>TEST</option>
<?
// If no site was posted, default is ALL SITES
if (!isset($_POST['site'])) $selected_site = "ALL SITES";
// Get the list of sites
$sites = get_sites($key);
// For each site in the list
foreach ($sites as $site)
{
echo "<option value=\"" . $site['siteid'] . "\"";
if ($_POST['site'] == $site['siteid']) echo " selected";
echo ">" . $site['sitelabel'] . "</option>\n";
}
?>
</select>
</form>
<!-- FOUND VULNERABILITIES -->
<?
// Print the found vulnerabilities summary table
$found_summary_table = print_summary_table($key, $selected_site, "found");
?>
<!-- CLOSED VULNERABILITIES -->
<?
// Print the closed vulnerabilities summary table
$closed_summary_table = print_summary_table($key, $selected_site, "closed");
?>
<!-- OPENED VULNERABILITIES -->
<?
// Print the opened vulnerabilities summary table
//print_summary_table($key, $selected_site, "open");
?>
</tfoot>
</table>
</BODY>
</HTML>