class Prenus::Output::Htmlout

Public Class Methods

new(events, hosts, options) click to toggle source

Initialises the Htmlout class into an object

@return [Object]

Returns the Htmlout object

@input

events     - the hash object with all the vulnerability events within it - @see Nessusin#import_nessus_files
hosts   - the hash object with all the hosts within it - @see Nessusin#import_nessus_files
options - the hash object with the configuration objections within it. These options include the output folder etc, and are used within many of the methods below

@example

object = Prenus::Output::Htmlout(events,hosts,options)
Calls superclass method
# File lib/output/htmlout.rb, line 20
def initialize(events, hosts, options)
        super

        #prepare folder - copy js files
        FileUtils.cp(File.expand_path($root_dir + '/lib/js/jquery.min.js'), options[:output] + '/jquery.min.js')
        FileUtils.cp(File.expand_path($root_dir + '/lib/js/highcharts.js'), options[:output] + '/highcharts.js')
        FileUtils.cp(File.expand_path($root_dir + '/lib/js/jquery.dataTables.js'), options[:output] + '/jquery.dataTables.js')

        #prepare folder - copy css files
        FileUtils.cp(File.expand_path($root_dir + '/lib/css/table.css'), options[:output] + '/table.css')

        #prepare folder - copy image files
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/back_disabled.png'), options[:output] + '/back_disabled.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/back_enabled.png'), options[:output] + '/back_enabled.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/back_enabled_hover.png'), options[:output] + '/back_enabled_hover.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/forward_disabled.png'), options[:output] + '/forward_disabled.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/forward_enabled.png'), options[:output] + '/forward_enabled.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/forward_enabled_hover.png'), options[:output] + '/forward_enabled_hover.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/sort_asc.png'), options[:output] + '/sort_asc.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/sort_asc_disabled.png'), options[:output] + '/sort_asc_disabled.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/sort_both.png'), options[:output] + '/sort_both.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/sort_desc.png'), options[:output] + '/sort_desc.png')
        FileUtils.cp(File.expand_path($root_dir + '/lib/images/sort_desc_disabled.png'), options[:output] + '/sort_desc_disabled.png')

end

Public Instance Methods

bar_js(fp,renderto,title,data) click to toggle source

Prints the Highcharts javascript for a bar graph into the nominated output file

@return

Returns nothing

@input

fp       - the file pointer (which should be opened already by the calling method) which this method prints its output into
renderto - the highchart renderTo parameter (which is then referenced in the html's div id)
title    - the highchart's title
data     - a hash of hosts data @see Nessusin#import_nessus_files

@example

File.open(@options[:output] + "/file.html",'w') do |f|
   bar_js(f,"bargraph1","Some title",{0 => {:hostname => 'hostname',:ip => 'ip'}})

   body_text(f,"<div id='bargraph1'>")
end
# File lib/output/htmlout.rb, line 583
        def bar_js(fp,renderto,title,data)
                fp.puts <<-eos
                $(function () {
                    var chart;
                    $(document).ready(function() {
                        chart = new Highcharts.Chart({
                              credits: {
                                      enabled: false
                              },
                            chart: {
                                renderTo: '#{renderto}',
                                type: 'bar'
                            },
                            title: {
                                text: '#{title}'
                            },
                            xAxis: {
                                categories: [
                eos

                data.each_with_index do |entry,index|
                        tmpline = "'"
                        if entry[1][:hostname] == ""
                                tmpline += entry[1][:ip]
                        else
                                tmpline += entry[1][:hostname] + " (" + entry[1][:ip] + ")"
                        end
                        tmpline += "'"
                        tmpline += "," unless index == data.length - 1
                        fp.puts tmpline
                end
                fp.puts <<-eos
                ]
            },
            yAxis: {
                min: 0,
                allowDecimals: false,
                title: {
                    text: 'Findings'
                }
            },
            legend: {
                backgroundColor: '#FFFFFF',
                reversed: true
            },
            tooltip: {
                formatter: function() {
                    return ''+
                        this.series.name +': '+ this.y +'';
                }
            },
            plotOptions: {
                series: {
                    stacking: 'normal',
                    //threshold: 1,
                    dataLabels: {
                        enabled: true,
                        color: '#000000',
                        x: 0,
                        align: 'center',
                        formatter: function() {
                                if (this.y !=0) {
                                        return this.y;
                                }
                        }
                    },
                    events: {
                        click: function(event) {
                                //alert(target_lookup[event.point.category])
                                document.location.href = 'host_' + target_lookup[event.point.category] + '.html#' + event.currentTarget.name;
                                //console.log(event)
                        }
                    }
                }
            },
                series: [
                eos

                if @options[:severity] <= 4
                        fp.puts "{name: 'Critical',"
                        fp.puts "color: 'purple',"
                        tmpline = "data: ["

                        data.each_with_index do |entry,index|
                                tmpline += entry[1][:crit].to_s
                                tmpline += "," unless index == data.length - 1
                        end
                        tmpline += "]"
                        fp.puts tmpline
                        fp.puts "}"
                end

                if @options[:severity] <= 3
                        fp.puts ",{name: 'High',"
                        fp.puts "color: 'red',"
                        tmpline = "data: ["

                        data.each_with_index do |entry,index|
                                tmpline += entry[1][:high].to_s
                                tmpline += "," unless index == data.length - 1
                        end
                        tmpline += "]"
                        fp.puts tmpline
                        fp.puts "}"
                end

                if @options[:severity] <= 2
                        fp.puts ",{name: 'Medium',"
                        fp.puts "color: 'orange',"
                        tmpline = "data: ["

                        data.each_with_index do |entry,index|
                                tmpline += entry[1][:med].to_s
                                tmpline += "," unless index == data.length - 1
                        end
                        tmpline += "]"
                        fp.puts tmpline
                        fp.puts "}"
                end

                if @options[:severity] <= 1

                        fp.puts ",{name: 'Low',"
                        fp.puts "color: 'green',"
                        tmpline = "data: ["

                        data.each_with_index do |entry,index|
                                tmpline += entry[1][:low].to_s
                                tmpline += "," unless index == data.length - 1
                        end
                        tmpline += "]"
                        fp.puts tmpline
                        fp.puts "}"
                end

                fp.puts <<-eos
                                                
                            ]
                        });
                    });
                    
                });
                eos
        end
body_text(fp,text) click to toggle source

Prints out miscellanrous HTML text into the nominated output file

@return

Returns nothing

@input

fp   - the file pointer (which should be opened already by the calling method) which this method prints its output into
text - the text to print out to the output file

@example

File.open(@options[:output] + "/file.html",'w') do |f|
            tmpline = "Sometext<br />"
     tmpline += "Some more text here<br />"
     body_text(f,tmpline)
end
# File lib/output/htmlout.rb, line 541
def body_text(fp,text)
        fp.puts text
end
close_all(fp) click to toggle source

Closes out the HTML of the page in the nominated output file

@return

Returns nothing

@input

fp - the file pointer (which should be opened already by the calling method) which this method prints its output into

@example

@see html_header's @example
# File lib/output/htmlout.rb, line 557
        def close_all(fp)
                fp.puts <<-eos
                                </body>
                        </html>
                eos
        end
close_html_header(fp) click to toggle source

Prints out the closing statements for the universal HTML header into the nominated output file

@see def html_header(fp,title)

@return

Returns nothing

@input

fp - the file pointer (which should be opened already by the calling method) which this method prints its output into

@example

@see html_header's @example
# File lib/output/htmlout.rb, line 511
        def close_html_header(fp)
                fp.puts <<-eos
                </script>
                        </head>
                        <body>
                <script src="highcharts.js"></script>
                eos

                unless @options[:indexfile].nil?
                        IO.copy_stream(File.open(@options[:indexfile]),fp)
                end
        end
html_header(fp,title) click to toggle source

Prints the universal HTML header into the nominated output file

@return

Returns nothing

@input

fp    - the file pointer (which should be opened already by the calling method) which this method prints its output into
title - the title field which is printed as the HTML title

@example

File.open(@options[:output] + "/file.html", 'w') do |f|
                  html_header(f,"Title")
end
# File lib/output/htmlout.rb, line 442
        def html_header(fp,title)
                fp.puts <<-eos

                <!DOCTYPE HTML>
                <html>
                        <head>
                                <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
                                <title>#{title}</title>

                                <script type="text/javascript" src="jquery.min.js"></script>
                                <script type="text/javascript" src="jquery.dataTables.js"></script>
                                <style type="text/css" title="currentStyle">
                                        @import "table.css";
                                </style>
                                <script type="text/javascript">
                                jQuery.fn.dataTableExt.aTypes.unshift(
                                    function ( sData )
                                    {
                                        if (/^.*\\d{1,3}[\\.]\\d{1,3}[\\.]\\d{1,3}[\\.]\\d{1,3}.*$/.test(sData)) {
                                            return 'ip-address';
                                        }
                                        return null;
                                    }
                                );

                                jQuery.extend( jQuery.fn.dataTableExt.oSort, {
                                    "ip-address-pre": function ( a ) {
                                            var b = a.replace(/<.*?>/g,"");
                                        var m = b.split("."), x = "";
                                 
                                        for(var i = 0; i < m.length; i++) {
                                            var item = m[i];
                                            if(item.length == 1) {
                                                x += "00" + item;
                                            } else if(item.length == 2) {
                                                x += "0" + item;
                                            } else {
                                                x += item;
                                            }
                                        }
                                 
                                        return x;
                                    },
                                 
                                    "ip-address-asc": function ( a, b ) {
                                        return ((a < b) ? -1 : ((a > b) ? 1 : 0));
                                    },
                                 
                                    "ip-address-desc": function ( a, b ) {
                                        return ((a < b) ? 1 : ((a > b) ? -1 : 0));
                                    }
                                } );
                eos
        end
pie_js(fp,renderto,title,seriesname,series,clickfunction = nil) click to toggle source

Prints the Highcharts javascript for a pie graph into the nominated output file

@return

Returns nothing

@input

fp            - the file pointer (which should be opened already by the calling method) which this method prints its output into
renderto      - the highchart renderTo parameter (which is then referenced in the html's div id)
title         - the highchart's title
seriesname    - the highchart's series name
series        - an array of array's with pie piece names and values
clickfunction - an optional string which is then used as the click event for a pie piece

@example

File.open(@options[:output] + "/file.html",'w') do |f|
   pie_js(f,"pie_graph","Vuln Breakdown","Vuln Breakdown",[['Low',2],['Medium',5],['High',3]],"document.location.href = 'vuln_overview.html#' + event.point.name;")

   body_text(f,"<div id='pie_graph'>")
end
# File lib/output/htmlout.rb, line 749
        def pie_js(fp,renderto,title,seriesname,series,clickfunction = nil)
                fp.puts <<-eos
                $(function () {
                    var chart;
                    $(document).ready(function() {
                        chart = new Highcharts.Chart({
                              credits: {
                                      enabled: false
                              },
                            chart: {
                                renderTo: '#{renderto}',
                                plotBackgroundColor: null,
                                plotBorderWidth: null,
                                plotShadow: false
                            },
                            title: {
                                text: '#{title}'
                            },
                            tooltip: {
                                formatter: function() {
                                    return '<b>'+ this.point.name +'</b>: '+ Math.round(this.percentage) +' %';
                                }
                            },
                            plotOptions: {
                                pie: {
                                      size: '60%',
                                    allowPointSelect: true,
                                    cursor: 'pointer',
                                    dataLabels: {
                                        enabled: true,
                                        color: '#000000',
                                        connectorColor: '#000000',
                                        formatter: function() {
                                            return '<b>'+ this.point.name +'</b>: '+ this.y;
                                        },
                                        distance: 20
                                    }
                eos

                unless clickfunction.nil?
                        fp.puts ',events: { click: function(event) { ' + clickfunction + '} }'
                end 

                fp.puts <<-eos
                }
            },
            series: [{
                type: 'pie',
                name: '#{seriesname}',
                data: [
                eos
                series.each_with_index do |val,index|
                        tmpline =  "\t\t\t{name: '" + val[0] + "', y: " + val[1].to_s + ", color: '" + val[2] + "'}"
                        tmpline += "," unless index == series.length - 1
                        fp.puts tmpline
                end

                fp.puts <<-eos
                                ]
                            }]
                        });
                    });
                    
                });
                eos
                
        end
print_hosts() click to toggle source

Generates the various host_*.html files, outputting them to the nominated output directory

@see @options[:output]

@return

Returns nothing

@example

print_hosts
print_index() click to toggle source

Generate the index.html file, outputting it to the nominated output directory + /index.html

@see @options[:output]

@return

Returns nothing

@example

print_index
print_vuln_overview() click to toggle source

Generate the vuln_overview.html file, outputting it to the nominated output directory + /vuln_overview.html

@see @options[:output]

@return

Returns nothing

@example

print_vuln_overvire
print_vulns() click to toggle source

Generates the various vuln_*.html files, outputting them to the nominated output directory

@see @options[:output]

@return

Returns nothing

@example

print_vulns
run() click to toggle source

Run the Htmlout class - this will generate all the necessary HTML files and copy other dependencies (JS/CSS/PNGs) to the target folder

@return

Returns nothing

@example

object.run
# File lib/output/htmlout.rb, line 55
def run
        self.print_hosts # generate all the host_*.html files
        self.print_index # generate the index.html file
        self.print_vulns # generate all the vuln_*.html files
        self.print_vuln_overview # generate the vuln_overview.html file
end