entropy graph, fortify & software

docker_entry.py

@@ -34,26 +34,10 @@ def move_pdf_report(pdf_path):
     shutil.move(str(pdf_path.absolute()), str(Path('/tmp', 'interface', 'pdf', pdf_path.name)))
 
 
-def count_mitigations(summary):
-    for mitigation in ['Canary', 'NX', 'RELRO', 'PIE']:
-        count = count_this_mitigation(summary, mitigation)
-        if count != 0:
-            return count
-    return count
-
-
-def count_this_mitigation(summary, mitigation):
-    count = 0
-    for selected_summary in summary:
-        if mitigation in selected_summary:
-            count += len(summary[selected_summary])
-    return count
-
-
 def main(template_style):
     analysis, meta_data = get_data()
-    if 'exploit_mitigations' in analysis:
-        analysis['exploit_mitigations']['count'] = count_mitigations(analysis['exploit_mitigations']['summary'])
+#    if 'exploit_mitigations' in analysis:
+#        analysis['exploit_mitigations']['count'] = count_mitigations(analysis['exploit_mitigations']['summary'])
 
     with TemporaryDirectory() as tmp_dir:
         create_templates(analysis, meta_data, tmp_dir, template_style)
@@ -68,7 +52,4 @@ if __name__ == '__main__':
 
 # TODO
 #  ips_and_uris NOT TESTED
-#  file_hashes
-#  users_and_passwords
-#  software_components
-#  unpacker
+#  icons

pdf_generator/templates/new_template/main.tex

@@ -19,15 +19,9 @@
 %	PACKAGES AND OTHER DOCUMENT CONFIGURATIONS
 %----------------------------------------------------------------------------------------
 
-\documentclass[letterpaper]{twentysecondcv} % a4paper for A4
+\documentclass[letterpaper, icon]{twentysecondcv}
 
-%----------------------------------------------------------------------------------------
-%	 PERSONAL INFORMATION
-%----------------------------------------------------------------------------------------
-
-% If you don't need one or more of the below, just remove the content leaving the command, e.g. \cvnumberphone{}
-
-\profilepic{fact.png} % Profile picture
+\profilepic{fact.png}
 
 \input{meta.tex}
 
@@ -43,17 +37,14 @@
 
 \skills{\VAR{ analysis | call_for_mitigations}}
 
-%#\skills{\BLOCK{for selected_summary in analysis['exploit_mitigations']['summary'] | sort},{\VAR{selected_summary | filter_chars }/\VAR{analysis['exploit_mitigations']['summary'][selected_summary]|elements_count *6/analysis['exploit_mitigations']['count']}}\BLOCK{endfor}}
-
 \makeprofile
 % ----------------------------------------------------------------------------------------------------------------------
 %  Binwalk & Entropy Graph
 % ----------------------------------------------------------------------------------------------------------------------
-\BLOCK{if analysis | contains('entropy_analysis_graph')}
-	\section{Binwalk}
-	\subsection{Entropy Graph}
-	%\includegraphics[width = \textwidth]{/tmp/interface/data/entropy_analysis_graph.png}
-	\includegraphics[width = \textwidth]{\VAR{analysis['entropy_analysis_graph'] | base64_to_png('entropy_analysis_graph', tmp_dir)}}
+\BLOCK{if 'binwalk' in analysis}
+	\section{Entropy Graph}
+
+	\includegraphics[width = \textwidth]{\VAR{analysis['binwalk']['entropy_analysis_graph'] | base64_to_png('entropy_analysis_graph', tmp_dir)}}
 \BLOCK{endif}
 % ----------------------------------------------------------------------------------------------------------------------
 %  Executables
@@ -81,8 +72,7 @@
 \BLOCK{if 'known_vulnerabilities' in analysis}
 	\section{Known Vulnerabilities}
 
-	% \href{https://nvd.nist.gov/vuln/detail/CVE-2014-0160}{The SSL Hearbleed bug allowing buffer overread
-	\begin{twentyshort} % Environment for a short list with no descriptions
+	\begin{twentyshort}
 		\BLOCK{for known_vullies in analysis['known_vulnerabilities']['summary']}
 			\twentyitemshort{\VAR{known_vullies | filter_chars}}{}
 		\BLOCK{endfor}
@@ -95,8 +85,8 @@
 	\section{Software}
 
 	\begin{twentyshort}
-		\BLOCK{for software in analysis['software_components']['summary'] | sort}
-		\twentyitemshort{\VAR{software | filter_chars}}{}
+		\BLOCK{for summary in analysis['software_components']['summary'] | sort}
+		\twentyitemshort{\VAR{summary | split_space}}
 		\BLOCK{endfor}
 	\end{twentyshort}
 \BLOCK{endif}
@@ -116,6 +106,8 @@
 %  IP & URI
 % ----------------------------------------------------------------------------------------------------------------------
 \BLOCK{if ('ips_v4' in analysis or 'ips_v6' in analysis or 'uris' in analysis)}
+\section{IPs \& URIs}
+
 {\begin{longtable}{|p{3cm}|p{11.5cm}|}
         \BLOCK{if 'ips_v4' in analysis}
 			\hline
@@ -147,9 +139,9 @@
 %	 SECOND PAGE EXAMPLE
 %----------------------------------------------------------------------------------------
 
-% \newpage % Start a new page
+%\newpage % Start a new page
 
-% \makeprofile % Print the sidebar
+%\makeprofile % Print the sidebar
 
 % \section{Other information}
 

pdf_generator/tex_generation/template_engine.py

@@ -139,28 +139,29 @@ def get_five_longest_entries(summary, top=5):
 
 def exploit_mitigation(summary):
     summary = summary['exploit_mitigations']['summary']
-    max_count = count_mitigations(summary) * 6  # skillsbar is maxed out at 6
+    max_count = count_mitigations(summary)  # skillsbar is maxed out at 6
     pie_num, canary_num, relro_num, nx_num, fortify_num = 0, 0, 0, 0, 0
     for selected_summary in summary:
-        if 'PIE' in selected_summary and ('disabled' in selected_summary or 'invalid' in selected_summary):
+        if 'PIE' in selected_summary and 'present' in selected_summary:
             pie_num += len(summary[selected_summary])
-        if 'RELRO' in selected_summary and 'disabled' in selected_summary:
+        if 'RELRO' in selected_summary and 'enabled' in selected_summary:
             relro_num += len(summary[selected_summary])
-        if 'CANARY' in selected_summary and 'disabled' in selected_summary:
+        if 'Canary' in selected_summary and 'enabled' in selected_summary:
             canary_num += len(summary[selected_summary])
-        if 'NX' in selected_summary and 'disabled' in selected_summary:
+        if 'NX' in selected_summary and 'enabled' in selected_summary:
             nx_num += len(summary[selected_summary])
-        if 'FORTIFY' in selected_summary and 'disabled' in selected_summary:
+        if 'FORTIFY' in selected_summary and 'enabled' in selected_summary:
             fortify_num += len(summary[selected_summary])
-    return '{0}{2}/{3}{1},{0}{4}/{5}{1},{0}{6}/{7}{1},{0}{8}/{9}{1}'.format('{', '}', 'CANARY', canary_num / max_count,
-                                                                    'PIE', pie_num / max_count,
-                                                                    'RELRO', relro_num / max_count,
-                                                                    'NX', nx_num / max_count,
-                                                                    'FORTIFY_SOURCE', fortify_num / max_count)
-
-
-#  exp mitigation: PIE disabled + invalid
-#                  RELRO partially + fully
+    return '{0}{2}/{3}{1},' \
+           '{0}{4}/{5}{1},' \
+           '{0}{6}/{7}{1},' \
+           '{0}{8}/{9}{1},' \
+           '{0}{10}/{11}{1}'.format('{', '}',
+                                    'CANARY', canary_num * 6 / max_count,
+                                    'PIE', pie_num * 6 / max_count,
+                                    'RELRO', relro_num * 6 / max_count,
+                                    'NX', nx_num * 6 / max_count,
+                                    'FORTIFY\_SOURCE', fortify_num * 6 / max_count)
 
 
 def count_mitigations(summary):
@@ -179,6 +180,29 @@ def count_this_mitigation(summary, mitigation):
     return count
 
 
+def software_components(software_string):
+    # analysis['software_components']['summary']
+    if ' ' in software_string:
+        if len(software_string.split(' ')) > 2:
+            software = ''.join(software_string.split(' ')[:-1])
+            ver_number = software_string.split(' ')[-1]
+            try:
+                int(ver_number[0])
+            except ValueError:
+                ver_number, software = software, ver_number
+        elif isinstance(software_string.split(' '), list) and len(software_string.split(' ')[1]) > 0:
+            software, ver_number = software_string.split(' ')
+            try:
+                int(ver_number[0])
+            except ValueError:
+                ver_number, software = software, ver_number
+        else:
+            software = software_string
+            ver_number = ''
+
+    return '{}{}{}{}'.format(ver_number, '}', '{', software)
+
+
 def _add_filters_to_jinja(environment):
     environment.filters['number_format'] = render_number_as_size
     environment.filters['nice_unix_time'] = render_unix_time
@@ -195,6 +219,7 @@ def _add_filters_to_jinja(environment):
     environment.filters['top_five'] = get_five_longest_entries
     environment.filters['sort'] = sorted
     environment.filters['call_for_mitigations'] = exploit_mitigation
+    environment.filters['split_space'] = software_components
 
 
 class TemplateEngine:
@@ -204,7 +229,7 @@ class TemplateEngine:
 
     def render_main_template(self, analysis, meta_data):
         template = self._environment.get_template(MAIN_TEMPLATE)
-        return template.render(analysis=analysis, meta_data=meta_data)
+        return template.render(analysis=analysis, meta_data=meta_data, tmp_dir=self._tmp_dir)
 
     def render_meta_template(self, meta_data):
         template = self._environment.get_template(META_TEMPLATE)