/** * @return VulnerabilityHost|Context|Field|null */ public function getTreeHost() { if ($this->host) { return $this->host; } if ($this->parent) { return $this->parent->getTreeHost(); } return null; }
/** * @param VulnerableElement $element * @return string */ public function vulnerabilityTreeAsArray(VulnerableElement $element) { $result = []; $vulnerabilities = []; $children = []; $conditions = []; if ($element->hasChildren()) { $childrenArr = []; foreach ($element->getChildrenArray() as $child) { $childrenArr[] = $this->vulnerabilityTreeAsArray($child); } $children = $childrenArr; } if ($element instanceof ConditionalVulnerableElement) { /** @var ICondition $condition */ foreach ($element->getConditions()->getConditions() as $condition) { $conditions[$condition->getName()] = $condition->toArray(); } } /** @var Vulnerability $vuln */ foreach ($element->getVulnerabilitySet()->getVulnerabilities() as $vuln) { $vulnerabilities[$vuln->getName()] = $vuln->asArray(); unset($vulnerabilities[$vuln->getName()]['name']); } ksort($vulnerabilities); if ($element->getName()) { $result['name'] = $element->getName(); } if (count($conditions)) { $result['conditions'] = $conditions; } if (count($vulnerabilities)) { $result['vuln_list'] = $vulnerabilities; } if (count($children)) { $result['children'] = $children; } return $result; }
/** * @param VulnerableElement $element * @return string */ public function renderVulnerabilityTree(VulnerableElement $element) { $vulnerabilities = []; $childrenVulns = ''; $conditions = []; if ($element->hasChildren()) { $childrenHtml = []; foreach ($element->getChildrenArray() as $child) { $childrenHtml[] = $this->renderVulnerabilityTree($child); } $childrenVulns = implode('', $childrenHtml); } if ($element instanceof ConditionalVulnerableElement) { /** @var ICondition $condition */ foreach ($element->getConditions()->getConditions() as $condition) { $conditions[$condition->getName()] = $condition->toArray(); } } /** @var Vulnerability $vuln */ foreach ($element->getVulnerabilitySet()->getVulnerabilities() as $vuln) { $vulnerabilities[$vuln->getName()] = $vuln->asArray(); } sort($vulnerabilities); $vulnNames = VulnerabilityFactory::instance()->getAllVulnerabilityNames(); $computedVulnerabilities = []; /** @var Vulnerability $vuln */ foreach ($vulnNames as $vulnName) { $computedVulnerabilities[] = $element->getComputedVulnerability($vulnName)->asArray(); } $view = $this->pixie->view('admin/context/vuln_element'); $view->vulnerabilities = $vulnerabilities; $view->computedVulnerabilities = $computedVulnerabilities; $view->childrenVulns = $childrenVulns; $view->conditionList = $conditions; return $view->render(); }
/** * @param VulnerableElement $vulnTree */ public function setVulnTree(VulnerableElement $vulnTree) { $vulnTree->setHost($this); $this->vulnTree = $vulnTree; $this->clearCache(); }
protected function buildVulnerabilityElementFromArray($data, $conditional = false) { $vulnerabilities = $this->buildVulnerabilitySetFromArray($data['vuln_list']); if ($conditional) { $vulnElement = new ConditionalVulnerableElement($vulnerabilities); if (is_array($data['conditions'])) { $factory = ConditionFactory::instance(); $conditionSet = new ConditionSet(); foreach ($data['conditions'] as $name => $conditionData) { $condition = $factory->create($name); $condition->fillFromArray($conditionData); $conditionSet->addCondition($condition); } $vulnElement->setConditions($conditionSet); } } else { $vulnElement = new VulnerableElement($vulnerabilities); } if ($data['name']) { $vulnElement->setName($data['name']); } if (is_array($data['children'])) { foreach ($data['children'] as $childData) { $child = $this->buildVulnerabilityElementFromArray($childData, true); $vulnElement->addChild($child); } } return $vulnElement; }
public function getDefaultElement() { $default = parent::getDefaultElement(); return $default === $this ? $default->hasConditions() ? null : $default : $default; }
/** * @param VulnerableElement $elem * @param null|\VulnModule\Vulnerability[] $parentVulns * @param bool $onlyChildren * @param bool $inherits * @return array */ protected function calcVulnerableElementVulns(VulnerableElement $elem, $parentVulns = null, $onlyChildren = false, $inherits = false) { $vulns = []; /** @var \VulnModule\Vulnerability[] $computedVulns */ $computedVulns = $elem->getComputedVulnerabilities(VulnerableElement::COMPUTE_ONLY_ROOT); if (!$onlyChildren) { // Show disabled for any context except default and for conditional elements $showDisabledVulns = (bool) (!$elem->getHost() || $elem->getHost()->getParent()); $customVulns = []; $vulnList = !!$parentVulns ? $elem->getVulnerabilitySet()->getVulnerabilities() : $computedVulns; foreach ($vulnList as $vuln) { if (!$vuln) { continue; } $hasOwnVuln = $elem->hasOwnVulnerability($vuln->getName()); if ($vuln->isEnabled() || $showDisabledVulns && $hasOwnVuln) { if (!$parentVulns || !$parentVulns[$vuln->getName()]->equalsTo($vuln)) { $customVulns[$vuln->getName()]['props'] = $vuln->asArray(); $customVulns[$vuln->getName()]['inherited'] = $inherits || !$hasOwnVuln; $customVulns[$vuln->getName()]['vuln'] = $vuln; } } } if (count($customVulns)) { $vulns['vulns'] = $customVulns; } } if ($elem->hasChildren()) { $childVulns = []; foreach ($elem->getChildren() as $child) { if ($childVuln = $this->calcVulnerableElementVulns($child, $computedVulns, false, $inherits)) { $childVulns[] = $childVuln; } } if (count($childVulns)) { $vulns['children'] = $childVulns; } } if ($elem instanceof ConditionalVulnerableElement) { $conditions = []; if ($elem->hasConditions()) { foreach ($elem->getConditions()->getConditions() as $condition) { $conditions[$condition->getName()] = $condition->__toString(); } } if (count($conditions)) { $vulns['conditions'] = $conditions; } } if (count($vulns)) { if ($inherits) { $vulns['inherited_block'] = true; } } return $vulns; }