!282 完成Docx报告功能

Merge pull request !282 from a-alpha/alpha-dev
2023-11-16 02:31:53 +00:00 · 2023-11-16 02:31:53 +00:00 · 317c0d54c1
parent 29f93c9333 1e70a464b7
commit 317c0d54c1
1 changed files with 313 additions and 0 deletions
--- a/src/genmai/ReportSummationDocx.go
+++ b/src/genmai/ReportSummationDocx.go
@ -0,0 +1,313 @@
+////////////////////////////////////////////////////////////////
+//
+//       Filename:  ReportSummationDocx.go
+//
+//        Version:  1.0
+//        Created:  2023年11月06日 10时13分01秒
+//       Revision:  none
+//       Compiler:  go
+//
+//         Author:  alpha
+//   Organization:  alpha
+//       Contacts:  a-alpha
+//
+////////////////////////////////////////////////////////////////
+
+////////////////////////////////////////////////////////////////
+// Description:
+////////////////////////////////////////////////////////////////
+
+////////////////////////////////////////////////////////////////
+// Log:
+////////////////////////////////////////////////////////////////
+
+////////////////////////////////////////////////////////////////
+// Todo:
+//
+////////////////////////////////////////////////////////////////
+
+package genmai
+
+import (
+    "os"
+    "os/user"
+    "fmt"
+    "strconv"
+    "log"
+    "time"
+    "github.com/nguyenthenguyen/docx"
+)
+
+// 构建docx文档
+func Createdocx_fun(fileName string,start_time string,Host string,
+              ScanResultKernel *ReportKernel,
+              ScanResultSystem *ReportSystem,
+              ScanResultBaseline *ReportBaseLine,
+              FastScanResult          map[string]interface {},
+              FastScanNotInResult     map[string]interface {},
+              IsoResult               map[string]interface {},
+              IsoNotInResult          map[string]interface {}) {
+
+    path:="../data/Report/"+fileName+".docx"
+    Bool ,err:=PathExists(path)
+    if err != nil {
+        fmt.Println(err)
+        return
+    }
+    if Bool==true {
+        err := os.Remove(path)
+        if err != nil {
+            log.Println("File overwritten successfully")
+        } else {
+            log.Println("File overwrite failed")
+        }
+    }
+
+    r, err := docx.ReadDocxFile("../data/static/zh.docx")
+    docx1 := r.Editable()
+
+    // 替换报告数据
+
+    // 报告日期
+    todaystr := time.Now().Format("2006-01-02")
+    docx1.Replace("report_date", todaystr, -1)
+
+    // 报告编号
+    RandStr:=RandStr()
+    docx1.Replace("report_number", RandStr, -1)
+
+    // 被扫描地址
+    Host_target:=Host
+    docx1.Replace("target_host", Host_target, -1)
+
+    // 用户名
+    currentUser,_:=user.Current()
+    UserName:=currentUser.Username
+    docx1.Replace("usernamefvsrgsrgs", UserName, -1)
+
+    // 计算机名
+    Hostname,_:= os.Hostname()
+    docx1.Replace("hostnamefsrsrgsg", Hostname, -1)
+
+    // 操作系统名
+    OpName:=GetdOpUInfo("cat /etc/os-release | awk 'NR==1{print $1}'")
+    docx1.Replace("osnameaddadafekafl", OpName, -1)
+
+    // 操作系统版本
+    GetdOpInfo:=GetdOpInfo()
+    docx1.Replace("osversionfsetgrsg", GetdOpInfo, -1)
+
+    // 系统架构
+    _,arch := GetCurrentFw()
+    docx1.Replace("osarch", arch, -1)
+
+    // 内核版本
+    kernelRelease:=GetdOpUInfo("uname -r")
+    docx1.Replace("hostversiongdfgdgd", kernelRelease, -1)
+
+    // 加载数量
+    var system_exec_nums int = 0
+    var kernel_exec_nums int = 0
+    var baseline_exec_nums int = 0
+    if nil != ScanResultSystem {
+        system_exec_nums =ScanResultSystem.ReportCommon.RCExecPocNums
+    }
+    if nil != ScanResultKernel {
+        kernel_exec_nums=ScanResultKernel.ReportCommon.RCExecPocNums
+    }
+    if nil != ScanResultBaseline {
+        baseline_exec_nums=ScanResultBaseline.ReportCommon.RCExecPocNums
+    }
+    exec_nums:=system_exec_nums+kernel_exec_nums+baseline_exec_nums
+    exec_nums_str:=strconv.Itoa(exec_nums)
+    docx1.Replace("pocnumhhccxx", exec_nums_str, -1)
+
+    // 发起扫描时间
+    docx1.Replace("start_time", start_time, -1)
+
+    // 扫描完成时间
+    end_time:= time.Now().Format("15:04:05")
+    docx1.Replace("end_time", end_time, -1)
+
+    // 危险基线数
+    var baseline_nums int = 0
+    if nil != ScanResultBaseline {
+        baseline_nums=ScanResultBaseline.ReportCommon.RCNotFixedNums
+    }
+    baseline_nums_str:=strconv.Itoa(baseline_nums)
+    docx1.Replace("baseline_num", baseline_nums_str, -1)
+
+    // 发现漏洞数
+    var system_not_Fixed_nums int = 0
+    var kernel_not_Fixed_nums int = 0
+
+    if nil != ScanResultSystem {
+        system_not_Fixed_nums =ScanResultSystem.ReportCommon.RCNotFixedNums
+    }
+    if nil != ScanResultKernel {
+        kernel_not_Fixed_nums=ScanResultKernel.ReportCommon.RCNotFixedNums
+    }
+    vuln_num:=system_not_Fixed_nums+kernel_not_Fixed_nums
+    vuln_num_str:=strconv.Itoa(vuln_num)
+    docx1.Replace("vuln_num", vuln_num_str, -1)
+
+    // 高中低危漏洞数统计
+    var risk_h_nums int = 0
+    var risk_m_nums int = 0
+    var risk_l_nums int = 0
+    var system_h_nums int = 0
+    var system_m_nums int = 0
+    var system_l_nums int = 0
+    var kernel_h_nums int = 0
+    var kernel_m_nums int = 0
+    var kernel_l_nums int = 0
+    if nil != ScanResultSystem {
+        system_h_nums =ScanResultSystem.ReportCommon.RCRisk_system_h_nums
+        system_m_nums =ScanResultSystem.ReportCommon.RCRisk_system_m_nums
+        system_l_nums =ScanResultSystem.ReportCommon.RCRisk_system_l_nums
+    }
+    if nil != ScanResultKernel {
+        kernel_h_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_h_nums
+        kernel_m_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_m_nums
+        kernel_l_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_l_nums
+    }
+    risk_h_nums = system_h_nums + kernel_h_nums
+    risk_m_nums = system_m_nums + kernel_m_nums
+    risk_l_nums = system_l_nums + kernel_l_nums
+    risk_h_nums_str:=strconv.Itoa(risk_h_nums)
+    risk_m_nums_str:=strconv.Itoa(risk_m_nums)
+    risk_l_nums_str:=strconv.Itoa(risk_l_nums)
+    docx1.Replace("vuln_h_num", risk_h_nums_str, -1)
+    docx1.Replace("vuln_m_num", risk_m_nums_str, -1)
+    docx1.Replace("vuln_L_num", risk_l_nums_str, -1)
+
+    // 未执行个数统计
+    var system_not_exec_nums int = 0
+    var kernel_not_exec_nums int = 0
+    var baseline_not_exec_nums int = 0
+    if nil != ScanResultSystem {
+        system_not_exec_nums =ScanResultSystem.ReportCommon.RCNotExecPocNums
+        system_not_exec_nums_str:=strconv.Itoa(system_not_exec_nums)
+        docx1.Replace("systemnotexec", system_not_exec_nums_str, -1)
+    }
+    if nil != ScanResultKernel {
+        kernel_not_exec_nums =ScanResultKernel.ReportCommon.RCNotExecPocNums
+        kernel_not_exec_nums_str:=strconv.Itoa(kernel_not_exec_nums)
+        docx1.Replace("kernelnotexec", kernel_not_exec_nums_str, -1)
+    }
+    if nil != ScanResultBaseline {
+        baseline_not_exec_nums =ScanResultBaseline.ReportCommon.RCNotExecPocNums
+        baseline_not_exec_nums_str:=strconv.Itoa(baseline_not_exec_nums)
+        docx1.Replace("baselinenotexec", baseline_not_exec_nums_str, -1)
+    }
+    // -------------FastScan数据生成-----------------
+    // 发起扫描时间
+    docx1.Replace("vmstattime", start_time, -1)
+
+    // 扫描完成时间
+    docx1.Replace("vmendtime", end_time, -1)
+
+    // 漏洞数量
+    if len(FastScanResult) !=0 {
+        var VbNums int = 0
+        var vul_fastscan_data string
+        var vuln_date_fastscan_list_in string
+        var vmfnums int = 0
+        var vmhnums int = 0
+        var vmmnums int = 0
+        var vmlnums int = 0
+        var vmunums int = 0
+        VbNums=FastScanResult["VbNums"].(int)
+        vmfnums=FastScanResult["VbLevel_fatal"].(int)
+        vmhnums=FastScanResult["VbLevel_hight"].(int)
+        vmmnums=FastScanResult["VbLevel_mid"].(int)
+        vmlnums=FastScanResult["VbLevel_low"].(int)
+        vmunums=FastScanResult["VbLevel_unknown"].(int)
+        VbNums_str:=strconv.Itoa(VbNums)
+        vmfnums_str:=strconv.Itoa(vmfnums)
+        vmhnums_str:=strconv.Itoa(vmhnums)
+        vmmnums_str:=strconv.Itoa(vmmnums)
+        vmlnums_str:=strconv.Itoa(vmlnums)
+        vminums_str:=strconv.Itoa(vmunums)
+        // 版本匹配详情添加
+        packagesList:=FastScanResult["package_info"].(map[string]interface{})["packages"].(map[string]interface{})["packagesList"].(map[string]map[string]interface{})
+        for key := range packagesList{
+            cve_id:=packagesList[key]["cve_id"].([]string)
+            cve_name:=packagesList[key]["cve_name"].([]string)
+            cve_risk:=packagesList[key]["cve_risk"].([]string)
+            cve_type:=packagesList[key]["cve_type"].([]string)
+            cve_introduction:=packagesList[key]["cve_introduction"].([]string)
+            cve_status:=packagesList[key]["cve_status"].([]string)
+            cve_currentVersion:=packagesList[key]["cve_currentVersion"].([]string)
+            cve_secureVersion:=packagesList[key]["cve_secureVersion"].([]string)
+            for i:=0;i<len(cve_id);i++{
+                vul_fastscan_data=vul_fastscan_data+"漏洞编号："+cve_id[i]+"\n"+"危害等级："+cve_risk[i]+"\n"+"漏洞名称:"+cve_name[i]+"\n"+"漏洞类型:"+cve_type[i]+"\n"+"漏洞状态:"+cve_status[i]+"\n"+"漏洞组件介绍:"+cve_introduction[i]+"\n"+"当前包版本:"+cve_currentVersion[i]+"\n"+"修复版本:"+cve_secureVersion[i]+"\n\n"
+                vuln_date_fastscan_list_in=vuln_date_fastscan_list_in+"漏洞名称:"+cve_name[i]+"("+cve_id[i]+")\n"+"漏洞状态:"+cve_status[i]+"\n"+"当前包版本:"+cve_currentVersion[i]+"\n"+"修复版本:"+cve_secureVersion[i]+"\n\n"
+            }
+        }
+        docx1.Replace("{vuln_date_fastscan}", vul_fastscan_data, -1)
+        docx1.Replace("{vuln}", vuln_date_fastscan_list_in, -1)
+        docx1.Replace("vmvulnnums", VbNums_str, -1)
+        docx1.Replace("vm_f_nums", vmfnums_str, -1)
+        docx1.Replace("vm_h_nums", vmhnums_str, -1)
+        docx1.Replace("vm_m_nums", vmmnums_str, -1)
+        docx1.Replace("vm_l_nums", vmlnums_str, -1)
+        docx1.Replace("vm_u_nums", vminums_str, -1)
+    }
+
+    if len(FastScanNotInResult) != 0{
+        var vuln_date_fastscan_list_notin string
+        packagesList_notin:=FastScanNotInResult["packagesList"].(map[string]map[string]interface{})
+        for key := range packagesList_notin {
+            cve_n_id:=packagesList_notin[key]["cve_n_id"].([]string)
+            cve_n_name:=packagesList_notin[key]["cve_n_name"].([]string)
+            cve_n_status:=packagesList_notin[key]["cve_n_status"].([]string)
+            cve_n_currentVersion:=packagesList_notin[key]["cve_n_currentVersion"].([]string)
+            cve_n_secureVersion:=packagesList_notin[key]["cve_n_secureVersion"].([]string)
+            for i:=0;i<len(cve_n_id);i++{
+                vuln_date_fastscan_list_notin=vuln_date_fastscan_list_notin+"漏洞名称:"+cve_n_name[i]+"("+cve_n_id[i]+")\n"+"漏洞状态:"+cve_n_status[i]+"\n"+"当前包版本:"+cve_n_currentVersion[i]+"\n"+"修复版本:"+cve_n_secureVersion[i]+"\n\n"
+            }
+        }
+        docx1.Replace("{vuln_date}", vuln_date_fastscan_list_notin, -1)
+    }
+
+
+    // -------------FastScan数据生成-----------------
+
+    // 漏洞详情添加
+    var vul_system_data string
+    var vul_kernel_data string
+    var vul_baseline_data string
+
+    // 系统漏洞详情添加
+    if nil != ScanResultSystem {
+        system_config:=ScanResultSystem.ReportCommon.RCExploredVulns
+        for i:=0;i<len(system_config);i++{
+            vul_system_data=vul_system_data+"漏洞编号："+system_config[i].VICId+"\n"+"危害等级："+system_config[i].VICSiteInfo.Severity+"\n"+"漏洞详情："+system_config[i].VICSiteInfo.Description+"\n\n"
+        }
+        docx1.Replace("{vuln_date_system}", vul_system_data, -1)
+    }
+    // 内核漏洞详情添加
+    if nil != ScanResultKernel {
+        kernel_config:=ScanResultKernel.ReportCommon.RCExploredVulns
+        for i:=0;i<len(kernel_config);i++{
+            vul_kernel_data=vul_kernel_data+"漏洞编号："+kernel_config[i].VICId+"\n"+"危害等级："+kernel_config[i].VICSiteInfo.Severity+"\n"+"漏洞详情："+kernel_config[i].VICSiteInfo.Description+"\n\n"
+        }
+        docx1.Replace("{vuln_date_kernel}", vul_kernel_data, -1)
+    }
+
+    // 基线详情添加
+    if nil != ScanResultBaseline {
+        baseline_config:=ScanResultBaseline.ReportCommon.RCExploredVulns
+        for i:=0;i<len(baseline_config);i++{
+            vul_baseline_data=vul_baseline_data+"基线编号："+baseline_config[i].VICId+"\n"+"基线名称："+baseline_config[i].VICSiteInfo.Name+"\n\n"
+        }
+        docx1.Replace("{vuln_date_baseline}", vul_baseline_data, -1)
+    }
+
+
+
+    docx1.WriteToFile(path)
+} // createdocx_fun
+
+