/**
* @param VulnerableElement $element
* @return string
*/
public function renderVulnerabilityTree(VulnerableElement $element)
{
$vulnerabilities = [];
$childrenVulns = '';
$conditions = [];
if ($element->hasChildren()) {
$childrenHtml = [];
foreach ($element->getChildrenArray() as $child) {
$childrenHtml[] = $this->renderVulnerabilityTree($child);
}
$childrenVulns = implode('', $childrenHtml);
}
if ($element instanceof ConditionalVulnerableElement) {
/** @var ICondition $condition */
foreach ($element->getConditions()->getConditions() as $condition) {
$conditions[$condition->getName()] = $condition->toArray();
}
}
/** @var Vulnerability $vuln */
foreach ($element->getVulnerabilitySet()->getVulnerabilities() as $vuln) {
$vulnerabilities[$vuln->getName()] = $vuln->asArray();
}
sort($vulnerabilities);
$vulnNames = VulnerabilityFactory::instance()->getAllVulnerabilityNames();
$computedVulnerabilities = [];
/** @var Vulnerability $vuln */
foreach ($vulnNames as $vulnName) {
$computedVulnerabilities[] = $element->getComputedVulnerability($vulnName)->asArray();
}
$view = $this->pixie->view('admin/context/vuln_element');
$view->vulnerabilities = $vulnerabilities;
$view->computedVulnerabilities = $computedVulnerabilities;
$view->childrenVulns = $childrenVulns;
$view->conditionList = $conditions;
return $view->render();
}
/**
* Builds vulnerability set from list of vulns
* @param $vulnList
* @return VulnerabilitySet
*/
protected function buildVulnerabilitySetFromArray($vulnList)
{
$resultSet = new VulnerabilitySet();
if (!is_array($vulnList) || empty($vulnList)) {
return $resultSet;
}
$factory = VulnerabilityFactory::instance();
foreach ($vulnList as $name => $data) {
if (!$factory->exists($name)) {
continue;
}
$vuln = $factory->create($name);
$vuln->fillFromArray($data);
$resultSet->set($vuln);
}
return $resultSet;
}
protected function buildAllVulnerabilitiesForm()
{
$allVulnsSet = new VulnerabilitySet();
$vulns = VulnerabilityFactory::instance()->getAllVulnerabilityNames();
foreach ($vulns as $vulnName) {
$vulnType = 'VulnModule\\Vulnerability\\' . $vulnName;
if (class_exists($vulnType)) {
$vuln = new $vulnType();
} else {
$vuln = new V();
}
$allVulnsSet->set($vuln);
}
$vulnBuilder = $this->getFormFactory()->createBuilder('form', ['__ALL_VULNS__' => $allVulnsSet])->add('__ALL_VULNS__', 'vulnerability_set');
return $vulnBuilder->getForm();
}
/**
* @param $vulnerabilities
* @return VulnerabilitySet
*/
protected function buildVulnerabilitySetFromArray($vulnerabilities)
{
$vulnerabilitySet = new VulnerabilitySet();
if (!is_array($vulnerabilities)) {
return $vulnerabilitySet;
}
$vulnNames = self::getVulnerabilityNames();
$factory = VulnerabilityFactory::instance();
// Vulnerabilities are set as array values
foreach ($vulnNames as $oldName => $newName) {
if (in_array($oldName, $vulnerabilities)) {
$vulnerabilitySet->set($factory->create($newName));
}
}
// Vulnerabilities are set as array keys
foreach ($vulnNames as $oldName => $newName) {
if (!array_key_exists($oldName, $vulnerabilities)) {
continue;
}
$vuln = $factory->create($newName);
if (is_array($vulnerabilities[$oldName])) {
if (array_key_exists('enabled', $vulnerabilities[$oldName])) {
$vuln->setEnabled(!!$vulnerabilities[$oldName]['enabled']);
}
if ($oldName === 'xss') {
if (array_key_exists('stored', $vulnerabilities[$oldName])) {
/** @var XSS $vuln */
$vuln->setStored($vulnerabilities[$oldName]['stored']);
}
}
if ($oldName === 'sql') {
if (array_key_exists('blind', $vulnerabilities[$oldName])) {
/** @var SQL $vuln */
$vuln->setBlind($vulnerabilities[$oldName]['blind']);
}
}
} else {
$vuln->setEnabled(!!$vulnerabilities[$oldName]);
// It's enabled or not
}
$vulnerabilitySet->set($vuln);
}
return $vulnerabilitySet;
}
/**
* Renders vulnerability tree and chain for matrix.
* @param $existingVulnsData
* @return string
*/
public function renderVulnCellVulns($existingVulnsData)
{
$vulnHtml = [];
$vulnNames = VulnerabilityFactory::instance()->getAllVulnerabilityNames();
$existingVulns = $existingVulnsData['vulns'] ?: [];
$existingConditions = $existingVulnsData['conditions'];
$children = $existingVulnsData['children'];
$condHtml = null;
$childrenHtml = null;
if (count($existingConditions)) {
$condHtml = '<strong>[' . trim(implode('; ', $existingConditions)) . ']</strong>';
}
foreach ($vulnNames as $vulnName) {
$isActiveVuln = array_key_exists($vulnName, $existingVulns);
$content = null;
if ($isActiveVuln) {
$content = [];
foreach ($existingVulns[$vulnName]['props'] as $propName => $propValue) {
if (in_array($propName, ['enabled', 'name'])) {
continue;
}
$content[] = $propName . ': ' . (is_bool($propValue) ? $propValue ? 'Yes' : 'No' : $propValue);
}
$content = '<span class="js-vulnerability vuln ' . ($existingVulns[$vulnName]['props']['enabled'] ? 'vuln-enabled' : 'vuln-disabled') . '">' . $vulnName . ($content ? ' (' . implode(', ', $content) . ')' : '') . ($existingVulns[$vulnName]['inherited'] ? ' <span class="js-vuln-tips vuln-tips">[inherit]</span>' : '') . '</span>';
}
$vulnHtml[] = $content;
}
$vulnHtml = array_filter($vulnHtml);
if (is_array($children) && count($children)) {
$childrenHtml = [];
foreach ($children as $child) {
$childrenHtml[] = $this->renderVulnCellVulns($child);
}
$childrenHtml = array_filter($childrenHtml);
if (count($childrenHtml)) {
$childrenHtml = trim(implode('<br>', $childrenHtml));
if ($childrenHtml && ($condHtml || count($vulnHtml))) {
$childrenHtml = '<div class="vuln-block">' . $childrenHtml . '</div>';
}
}
}
if (!$childrenHtml && !count($vulnHtml)) {
$condHtml = null;
}
if (empty($vulnHtml)) {
$vulnHtml = null;
}
$vulnHtml = $vulnHtml ? trim(implode('<br>', $vulnHtml)) : null;
return trim(implode('<br>', array_filter([$condHtml, $vulnHtml, $childrenHtml])));
}
/**
* @param int $flags
* @return array|ArrayObject <Vulnerability>|Vulnerability[]
*/
public function getComputedVulnerabilities($flags = 0)
{
$vulnNames = VulnerabilityFactory::instance()->getAllVulnerabilityNames();
$computedVulnerabilities = new ArrayObject();
/** @var Vulnerability $vuln */
foreach ($vulnNames as $vulnName) {
$computedVulnerabilities[$vulnName] = $this->getComputedVulnerability($vulnName, $flags);
}
return $computedVulnerabilities;
}
