/**
*
* Script to export the Qualys Knowledge Base into a CSV file
*
*
* Usage: ( from the main vulnDB directory )
* php bin/util/kb_to_csv_converter.php /path/to/output/file/to.csv
*
*
*
**/
if (!isset($argv[1])) {
Usage();
}
$output_file = $argv[1];
if (!is_file($init_file = realpath(dirname(__FILE__)) . "/../../init.php")) {
echo "Could not find init.php, this file is requied for vulnDB to operate\n";
exit(1);
}
require $init_file;
$kb_results = DB::query(Database::SELECT, "select * from qualys_kb")->execute();
$write = CSV::factory()->set_output_file($output_file)->write($kb_results);
echo "KB successfully exported to {$output_file}\n";
function Usage()
{
echo "\n\n";
echo "Please specify the output file\n";
echo "Usage: php /bin/util/kb_to_csv_converter.php /path/to/output/file/to.csv\n";
echo "\n\n";
die;
}
$report_path = REPORTPATH . DIRECTORY_SEPARATOR . $account_name;
if (!is_dir($report_path)) {
Logger::msg("info", array('message' => 'creating directory', 'directory' => $report_path));
mkdir($report_path, 0700);
}
$output_path = $report_path . DIRECTORY_SEPARATOR . $filename;
// Download the scan and store it in our $output_path defined above
Logger::msg('info', array('message' => 'downloading scan', 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_date' => $scandate, 'scan_status' => $scanstatus, 'api_call' => 'downloadscan', 'api_version' => 2));
$download_scan = $api2->downloadscan($scanid, 'extended', 'csv', array('return_stream' => true, 'return_file' => true, 'output_filename' => $output_path));
if ($download_scan) {
Logger::msg('info', array('account' => $account_name, 'message' => "scan successfully downloaded", 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_date' => $scandate));
} else {
Logger::msg('info', array('account' => $account_name, 'message' => "scan was unable to be downloaded", 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_date' => $scandate));
}
// Lets parse the scan and put it into the database
$insert = CSV::factory()->insert($output_path, array('vulndb_insert', 'scan'), array("SCAN_ID" => $scanid, "SCAN_DATE" => $scandate, "DATE_ENTERED" => $now, "ACCOUNT" => $account_name));
if ($insert) {
Logger::msg('info', array('account' => $account_name, 'message' => 'scan successfully inserted in vulnDB', 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_status' => $scanstatus, 'rows_inserted' => $insert));
// Write the scan details into vulnDB
$insert_details = $insert_model->scan_details($scan_to_get, array('ACCOUNT' => $account_name, "DATE_ENTERED" => $now));
} else {
Logger::msg('info', array('account' => $account_name, 'message' => 'unable to insert scan into vulnDB', 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_status', $scanstatus));
}
} elseif ($scanstatus = 'RUNNING') {
// We can't pull in running scans, nor do we want to put that entry into the db
continue;
} else {
Logger::msg('info', array('account' => $account_name, 'message' => 'scan status did not match $scantypestoget and will not be pulled in', 'scan_id' => $scanid, 'scan_title' => $scantitle, 'scan_status' => $scanstatus));
$insert_details = $insert_model->scan_details($scan_to_get, array("ACCOUNT" => $account_name, "DATE_ENTERED" => $now));
}
}
