Skip to content

F
fact_pdf_report
Commit 741b260b by lwilms
Options

working, still some to dos

parent 32e185a3
Showing with 76 additions and 225 deletions
docker_entry.py
...@@ -26,15 +26,47 @@ from pdf_generator.generator import compile_pdf, create_templates ...@@ -26,15 +26,47 @@ from pdf_generator.generator import compile_pdf, create_templates
def get_data(): def get_data():
return json.loads(Path('/tmp', 'interface', 'data', 'analysis.json').read_text()), json.loads(Path('/tmp', 'interface', 'data', 'meta.json').read_text()) return json.loads(Path('/tmp', 'interface', 'data', 'analysis.json').read_text()), json.loads(
Path('/tmp', 'interface', 'data', 'meta.json').read_text())
def move_pdf_report(pdf_path): def move_pdf_report(pdf_path):
shutil.move(str(pdf_path.absolute()), str(Path('/tmp', 'interface', 'pdf', pdf_path.name))) shutil.move(str(pdf_path.absolute()), str(Path('/tmp', 'interface', 'pdf', pdf_path.name)))
def count_mitigations(summary):
count = 0
testing = True
for selected_summary in summary:
if 'Canary' in selected_summary:
count += len(summary[selected_summary])
for selected_summary in summary:
if 'NX' in selected_summary:
if testing:
if count != 0:
return count
testing = False
count += len(summary[selected_summary])
testing = True
for selected_summary in summary:
if 'RELRO' in selected_summary:
count += len(summary[selected_summary])
if testing:
if count != 0:
return count
testing = False
for selected_summary in summary:
if 'PIE' in selected_summary:
count += len(summary[selected_summary])
return count
def main(template_style): def main(template_style):
analysis, meta_data = get_data() analysis, meta_data = get_data()
try:
analysis['exploit_mitigations']['count'] = count_mitigations(analysis['exploit_mitigations']['summary'])
except KeyError:
pass
with TemporaryDirectory() as tmp_dir: with TemporaryDirectory() as tmp_dir:
create_templates(analysis, meta_data, tmp_dir, template_style) create_templates(analysis, meta_data, tmp_dir, template_style)
...@@ -46,3 +78,11 @@ def main(template_style): ...@@ -46,3 +78,11 @@ def main(template_style):
if __name__ == '__main__': if __name__ == '__main__':
exit(main('new_template')) exit(main('new_template'))
# TODO
# file_hashes
# elf_analysis
# cpu_architecture
# users_and_passwords
# software_components
# unpacker
pdf_generator/templates/new_template/.main.tex.swp deleted 100644 → 0
% % % % % % % %
% Twenty Seconds Resume/CV
% LaTeX Template
% Version 1.1 (8/1/17)
%
% This template has been downloaded from:
% http://www.LaTeXTemplates.com
%
% Original author:
% Carmine Spagnuolo (cspagnuolo@unisa.it) with major modifications by
% Vel (vel@LaTeXTemplates.com)
%
% License:
% The MIT License (see included LICENSE file)
%
% %
%----------------------------------------------------------------------------------------
% PACKAGES AND OTHER DOCUMENT CONFIGURATIONS
%----------------------------------------------------------------------------------------
\documentclass[letterpaper]{twentysecondcv} % a4paper for A4
%----------------------------------------------------------------------------------------
% PERSONAL INFORMATION
%----------------------------------------------------------------------------------------
% If you don't need one or more of the below, just remove the content leaving the command, e.g. \cvnumberphone{}
\profilepic{fact.png} % Profile picture
\input{meta.tex}
%----------------------------------------------------------------------------------------
\begin{document}
%----------------------------------------------------------------------------------------
% ABOUT ME
%----------------------------------------------------------------------------------------
\aboutme{
PKCS8 Private Key \\
SSL Certificate \\
SSH-RSA Private Key Block \\
Generic Public Key
} % To have no About Me section, just remove all the text and leave \aboutme{}
%----------------------------------------------------------------------------------------
% SKILLS
%----------------------------------------------------------------------------------------
% Skill bar section, each skill must have a value between 0 an 6 (float)
\skills{{NX/5.96},{Canary/0.01},{PIE/3.82},{RELRO/0.13}}
%------------------------------------------------
% Skill text section, each skill must have a value between 0 an 6
% \skillstext{{lovely/4},{narcissistic/3}}
% \skillstext{{lovely/4},{narcissistic/3}}
%----------------------------------------------------------------------------------------
\makeprofile % Print the sidebar
%----------------------------------------------------------------------------------------
% EDUCATION
%----------------------------------------------------------------------------------------
\section{Binwalk}
\subsection{Entropy Graph}
\includegraphics[width = \textwidth]{current/entropy_analysis_graph.png}
%\begin{twenty} % Environment for a list with descriptions
% \twentyitem{since 1865}{Ph.D. {\normalfont candidate in Computer Science}}{Wonderland}{\emph{A Quantified Theory of Social Cohesion.}}
% \twentyitem{1863-1865}{M.Sc. magna cum laude}{Wonderland}{Majoring in Computer Science}
% \twentyitem{1861-1863}{B.Sc. magna cum laude}{Wonderland}{Majoring in Computer Science}
% \twentyitem{1856-1861}{High school}{Wonderland}{Specializing in mathematics and physics.}
%\twentyitem{<dates>}{<title>}{<location>}{<description>}
%\end{twenty}
\section{Executables}
\begin{twentyshort} % Environment for a short list with no descriptions
\twentyitemshort{521}{ARM, 32-bit, little endian}
\twentyitemshort{3}{x86, 32-bit, little endian}
%\twentyitemshort{<dates>}{<title/description>}
\end{twentyshort}
\section{Included Files}
Top 5 occurring file types
\begin{twentyshort}
\twentyitemshort{2035}{application/octet-stream}
\twentyitemshort{1562}{application/x-terminfo}
\twentyitemshort{1265}{text/plain}
\twentyitemshort{1125}{image/png}
\twentyitemshort{767}{inode/symlink}
\end{twentyshort}
\section{Vulnerabilities}
\begin{twentyshort} % Environment for a short list with no descriptions
\twentyitemshort{Heartbleed}{\href{https://nvd.nist.gov/vuln/detail/CVE-2014-0160}{The SSL Hearbleed bug allowing buffer overread}}
\end{twentyshort}
\section{Software}
\begin{twentyshort}
\twentyitemshort{1.17.4}{BusyBox}
\twentyitemshort{2.76}{Dnsmasq}
\twentyitemshort{2.6.36}{Linux Kernel}
\twentyitemshort{1.0.0q}{OpenSSL}
\twentyitemshort{1.0.2j}{OpenSSL}
\twentyitemshort{1.10}{jQuery}
\twentyitemshort{1.11}{jQuery}
\twentyitemshort{1.7}{jQuery}
\twentyitemshort{0.6.10}{wpa\_supplicant}
\end{twentyshort}
% \section{IPs and URIs}
% \subsection{IPs}
% Total: 140
% \begin{itemize}
% \item 192.168.1.1
% \end{itemize}
% \subsection{URIs}
% Total: 12
% \begin{itemize}
% \item www.bud.de
% \end{itemize}
%\section{Experience}
%\begin{twenty} % Environment for a list with descriptions
%\twentyitem{1900}{Alice in Wonderland-The Circra (1900's) Silent Film.}{Film}{The first Alice on film was over a hundred years ago.}
%\twentyitem{<dates>}{<title>}{<location>}{<description>}
%\end{twenty}
%----------------------------------------------------------------------------------------
% SECOND PAGE EXAMPLE
%----------------------------------------------------------------------------------------
% \newpage % Start a new page
% \makeprofile % Print the sidebar
% \section{Other information}
% \subsection{Review}
% Alice approaches Wonderland as an anthropologist, but maintains a strong sense of noblesse oblige that comes with her class status. She has confidence in her social position, education, and the Victorian virtue of good manners. Alice has a feeling of entitlement, particularly when comparing herself to Mabel, whom she declares has a ``poky little house," and no toys. Additionally, she flaunts her limited information base with anyone who will listen and becomes increasingly obsessed with the importance of good manners as she deals with the rude creatures of Wonderland. Alice maintains a superior attitude and behaves with solicitous indulgence toward those she believes are less privileged.
% \section{Other information}
% \subsection{Review}
% Alice approaches Wonderland as an anthropologist, but maintains a strong sense of noblesse oblige that comes with her class status. She has confidence in her social position, education, and the Victorian virtue of good manners. Alice has a feeling of entitlement, particularly when comparing herself to Mabel, whom she declares has a ``poky little house," and no toys. Additionally, she flaunts her limited information base with anyone who will listen and becomes increasingly obsessed with the importance of good manners as she deals with the rude creatures of Wonderland. Alice maintains a superior attitude and behaves with solicitous indulgence toward those she believes are less privileged.
%----------------------------------------------------------------------------------------
\end{document}
pdf_generator/templates/new_template/main.tex
...@@ -40,7 +40,7 @@ ...@@ -40,7 +40,7 @@
%---------------------------------------------------------------------------------------- %----------------------------------------------------------------------------------------
\aboutme{ \aboutme{
\BLOCK{if 'crypto_material' in analysis} \BLOCK{if analysis | contains('crypto_material')}
\BLOCK{for selected_summary in analysis['crypto_material']['summary']} \BLOCK{for selected_summary in analysis['crypto_material']['summary']}
\VAR{selected_summary | filter_chars} \\ \VAR{selected_summary | filter_chars} \\
\BLOCK{endfor} \BLOCK{endfor}
...@@ -52,11 +52,7 @@ ...@@ -52,11 +52,7 @@
%---------------------------------------------------------------------------------------- %----------------------------------------------------------------------------------------
% Skill bar section, each skill must have a value between 0 an 6 (float) % Skill bar section, each skill must have a value between 0 an 6 (float)
\skills{ \skills{\BLOCK{for selected_summary in analysis['exploit_mitigations']['summary']}{\VAR{selected_summary | filter_chars }/\VAR{analysis['exploit_mitigations']['summary'][selected_summary]|elements_count *6/analysis['exploit_mitigations']['count']}},\BLOCK{endfor}{}
\BLOCK{for selected_summary in analysis['exploit_mitigations']['summary']}
{\VAR{ selected_summary | filter_chars}/6},
\BLOCK{endfor}
{}
} }
%------------------------------------------------ %------------------------------------------------
...@@ -74,7 +70,6 @@ ...@@ -74,7 +70,6 @@
\section{Binwalk} \section{Binwalk}
\BLOCK{if analysis['entropy_analysis_graph']} \BLOCK{if analysis['entropy_analysis_graph']}
\subsection{Entropy Graph} \subsection{Entropy Graph}
%\includegraphics[width = \textwidth]{/tmp/interface/data/entropy_analysis_graph.png} %\includegraphics[width = \textwidth]{/tmp/interface/data/entropy_analysis_graph.png}
\includegraphics[width = \textwidth]{\VAR{analysis['entropy_analysis_graph'] | base64_to_png('entropy_analysis_graph', tmp_dir)}} \includegraphics[width = \textwidth]{\VAR{analysis['entropy_analysis_graph'] | base64_to_png('entropy_analysis_graph', tmp_dir)}}
...@@ -87,6 +82,9 @@ ...@@ -87,6 +82,9 @@
% \twentyitem{1856-1861}{High school}{Wonderland}{Specializing in mathematics and physics.} % \twentyitem{1856-1861}{High school}{Wonderland}{Specializing in mathematics and physics.}
%\twentyitem{<dates>}{<title>}{<location>}{<description>} %\twentyitem{<dates>}{<title>}{<location>}{<description>}
%\end{twenty} %\end{twenty}
%\BLOCK{for current_analysis in analysis}
% \input{\VAR{current_analysis}.tex}
%\BLOCK{endfor}
\section{Executables} \section{Executables}
...@@ -98,38 +96,31 @@ ...@@ -98,38 +96,31 @@
\end{twentyshort} \end{twentyshort}
\section{Included Files} \section{Top five occuring file types}\\
Top 5 occurring file types
\begin{twentyshort} \begin{twentyshort}
\twentyitemshort{2035}{application/octet-stream} \BLOCK{for selected_summary in analysis['file_type']['summary'] | top_five}
\twentyitemshort{1562}{application/x-terminfo} \twentyitemshort{\VAR{analysis['file_type']['summary'][selected_summary] | elements_count}}{\VAR{selected_summary | filter_chars}}
\twentyitemshort{1265}{text/plain} \BLOCK{endfor}
\twentyitemshort{1125}{image/png}
\twentyitemshort{767}{inode/symlink}
\end{twentyshort} \end{twentyshort}
\BLOCK{if analysis['known_vulnerabilities']}
\section{Known Vulnerabilities}\\
\section{Vulnerabilities} \begin{twentyshort} % Environment for a short list with no descriptions
\BLOCK{for known_vullies in analysis['known_vulnerabilities']['summary']}
\begin{twentyshort} % Environment for a short list with no descriptions \twentyitemshort{\VAR{known_vullies | filter_chars}}{}
\twentyitemshort{Heartbleed}{\href{https://nvd.nist.gov/vuln/detail/CVE-2014-0160}{The SSL Hearbleed bug allowing buffer overread}} \BLOCK{endfor}
\end{twentyshort} \end{twentyshort}
\BLOCK{endif}
% \href{https://nvd.nist.gov/vuln/detail/CVE-2014-0160}{The SSL Hearbleed bug allowing buffer overread
\section{Software} \section{Software}\\
\begin{twentyshort} \begin{twentyshort}
\twentyitemshort{1.17.4}{BusyBox} \BLOCK{for software in analysis['software_components']['summary']}
\twentyitemshort{2.76}{Dnsmasq} \twentyitemshort{\VAR{software | filter_chars}}{}
\twentyitemshort{2.6.36}{Linux Kernel} \BLOCK{endfor}
\twentyitemshort{1.0.0q}{OpenSSL} %\twentyitemshort{0.6.10}{wpa\_supplicant}
\twentyitemshort{1.0.2j}{OpenSSL}
\twentyitemshort{1.10}{jQuery}
\twentyitemshort{1.11}{jQuery}
\twentyitemshort{1.7}{jQuery}
\twentyitemshort{0.6.10}{wpa\_supplicant}
\end{twentyshort} \end{twentyshort}
......
pdf_generator/tex_generation/template_engine.py
...@@ -102,21 +102,7 @@ def item_contains_string(item, string): ...@@ -102,21 +102,7 @@ def item_contains_string(item, string):
return string in item return string in item
def count_mitigations(exploit_mitigations): # X-Executable in summary
count = 0
if 'Canary' in exploit_mitigations['summary']:
for selected_summary in exploit_mitigations:
if 'Canary' in selected_summary:
count += len(selected_summary)
elif 'NX' in exploit_mitigations['summary']:
pass
elif 'RELRO' in exploit_mitigations['summary']:
pass
elif 'PIE' in exploit_mitigations['summary']:
pass
return count
def create_jinja_environment(templates_to_use='default'): def create_jinja_environment(templates_to_use='default'):
template_directory = Path(Path(__file__).parent.parent, 'templates', templates_to_use) template_directory = Path(Path(__file__).parent.parent, 'templates', templates_to_use)
environment = jinja2.Environment( environment = jinja2.Environment(
...@@ -140,6 +126,16 @@ def plugin_name(name): ...@@ -140,6 +126,16 @@ def plugin_name(name):
return ' '.join((part.title() for part in name.split('_'))) return ' '.join((part.title() for part in name.split('_')))
def get_five_longest_entries(summary, top=5):
sorted_summary = dict()
if len(summary) < 6:
return summary
for key in sorted(summary, key=lambda key: len(summary[key]), reverse=True):
sorted_summary.update({key: summary[key]})
if len(sorted_summary) == top:
return sorted_summary
def _add_filters_to_jinja(environment): def _add_filters_to_jinja(environment):
environment.filters['number_format'] = render_number_as_size environment.filters['number_format'] = render_number_as_size
environment.filters['nice_unix_time'] = render_unix_time environment.filters['nice_unix_time'] = render_unix_time
...@@ -153,6 +149,7 @@ def _add_filters_to_jinja(environment): ...@@ -153,6 +149,7 @@ def _add_filters_to_jinja(environment):
environment.filters['split_hash'] = split_hash_string environment.filters['split_hash'] = split_hash_string
environment.filters['split_output_lines'] = split_long_lines environment.filters['split_output_lines'] = split_long_lines
environment.filters['contains'] = item_contains_string environment.filters['contains'] = item_contains_string
environment.filters['top_five'] = get_five_longest_entries
class TemplateEngine: class TemplateEngine:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment