-
Notifications
You must be signed in to change notification settings - Fork 0
/
dashboard.php
221 lines (169 loc) · 5.85 KB
/
dashboard.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
<?php
// Include required template file
require_once('includes/templates.php');
// Include required functions file
require_once('includes/functions.php');
// Include required sessions file
require_once('includes/Session.class.php');
// Start session
session_start('SentinelPlus', 0, '/', 'sentinelplus.net', true);
//SessionManager::sessionStart('SentinelPlus', 0, '/', 'sentinelplus.net', true);
// If we don't have a session key
if (!isset($_SESSION['key']))
{
// Redirect to the index
header( 'Location: index.php' );
}
// Decrypt the session key
$key = trim(decrypt($_SESSION['key']));
// Get the list of vulnerability classes
$classes = get_classes($key);
// Set the site value if we have one
if (isset($_POST['site']))
{
$selected_site = $_POST['site'];
}
?>
<HTML>
<HEAD>
<TITLE>SentinelPlus: Advanced Reporting for WhiteHat Sentinel Vulnerabilities</TITLE>
<link rel="stylesheet" type="text/css" href="css/style.css" media="all" />
</HEAD>
<BODY>
<? display_header(); ?>
<form action="" method="POST">
Site:
<select name="site" onChange="this.form.submit();">
<option value="ALL SITES"<? if (!isset($_POST['site'])) echo " selected" ?>>ALL SITES</option>
<option value="PRODUCTION"<? if ($_POST['site'] == "PRODUCTION") echo " selected" ?>>PRODUCTION</option>
<option value="TEST"<? if ($_POST['site'] == "TEST") echo " selected" ?>>TEST</option>
<?
// If no site was posted, default is ALL SITES
if (!isset($_POST['site'])) $selected_site = "ALL SITES";
// Get the list of sites
$sites = get_sites($key);
// For each site in the list
foreach ($sites as $site)
{
echo "<option value=\"" . $site['siteid'] . "\"";
if ($_POST['site'] == $site['siteid']) echo " selected";
echo ">" . $site['sitelabel'] . "</option>\n";
}
?>
</select>
</form>
<!-- BEGIN VULNERABILITY TRENDS -->
<?
// Get the vulnerability trend array
$vulnerability_trend_array = get_vulnerability_trend_array($key, $selected_site);
// Create table to hold trend information
echo "<table>\n";
echo "<tr>\n";
echo "<td>\n";
// Print the vulnerability trend table without a footer
display_array_results("Open Vulnerabilities Over Time", false, $vulnerability_trend_array);
// Pop the first element off the trend array
array_shift($vulnerability_trend_array[4]);
// Get the trend array
$trends = $vulnerability_trend_array[4];
// Create table to hold trend information
echo "</td>\n";
echo "<td>\n";
// Print the trend summary
display_trend_summary("Cumulative Vulnerability Trend", $trends);
// Create table to hold trend information
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
// Pop the first element off the arrays
array_shift($vulnerability_trend_array[0]);
array_shift($vulnerability_trend_array[3]);
// Get the date and total arrays
$dates = $vulnerability_trend_array[0];
$totals = $vulnerability_trend_array[3];
// Graph the open vulnerabilities over time
graph_data("Open Vulnerabilities Over Time on NI.com", "trend-vulnerabilities.png", $dates, $totals);
?>
<!-- END VULNERABILITY TRENDS -->
<!-- BEGIN VULNERABILITY CLASSES -->
<?
// Get the classes array
$vulnerability_classes_array = get_vulnerability_class_array($key, $selected_site);
// Create table to hold class information
echo "<table>\n";
echo "<tr>\n";
echo "<td>\n";
// Print the classes summary
display_array_results("Current Top Vulnerability Classes", false, $vulnerability_classes_array);
// Pop the first element off the array
array_shift($vulnerability_classes_array);
// Create the trend array
foreach ($vulnerability_classes_array as $row)
{
$class_trends[] = $row[2];
}
// Create table to hold trend information
echo "</td>\n";
echo "<td>\n";
// Print the trend summary
display_trend_summary("Vulnerability Trend Since Last Release", $class_trends);
// Create table to hold trend information
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
// Create the legend array
foreach ($vulnerability_classes_array as $row)
{
$legend[] = $row[0];
}
// Create the data array
foreach ($vulnerability_classes_array as $row)
{
$data[] = $row[1];
}
// Place a pie chart of the current top vulnerability classes
pie_data("Current Top Vulnerability Classes", "class-vulnerabilities.png", $legend, $data);
?>
<!-- END VULNERABILITY CLASSES -->
<!-- BEGIN VULNERABILITIES BY SITE -->
<?
// Get the sites array
$vulnerability_sites_array = get_vulnerability_sites_array($key, $selected_site);
// Create table to hold class information
echo "<table>\n";
echo "<tr>\n";
echo "<td>\n";
// Print the sites summary
display_array_results("Current Vulnerabilities by Site", false, $vulnerability_sites_array);
// Pop the first element off the array
array_shift($vulnerability_sites_array);
// Create the trend array
foreach ($vulnerability_sites_array as $row)
{
$site_trends[] = $row[2];
}
// Create table to hold trend information
echo "</td>\n";
echo "<td>\n";
// Print the trend summary
display_trend_summary("Vulnerability Trend Since Last Release", $site_trends);
// Create table to hold trend information
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
// Create the legend array
foreach ($vulnerability_sites_array as $row)
{
$site_legend[] = $row[0];
}
// Create the data array
foreach ($vulnerability_sites_array as $row)
{
$site_data[] = $row[1];
}
// Place a pie chart of the current top vulnerability classes
pie_data("Current Top Vulnerability Sites", "site-vulnerabilities.png", $site_legend, $site_data);
?>
<!-- END VULNERABILITIES BY SITE -->
</BODY>
</HTML>