openkylin
/
genmai
mirror of https://gitee.com/openkylin/genmai.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

!283 完成pdf报告功能 

Merge pull request !283 from a-alpha/alpha-dev
This commit is contained in:
a-alpha 2023-11-16 02:33:18 +00:00 committed by Gitee
parent 317c0d54c1 065f4d5869
commit 3c8fc34af5
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 853 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

853
src/genmai/ReportSummationPdf.go Normal file
View File

@ -0,0 +1,853 @@
////////////////////////////////////////////////////////////////
//
// Filename: ReportSummationPdf.go
//
// Version: 1.0
// Created: 2023年11月05日 09时48分53秒
// Revision: none
// Compiler: go
//
// Author: alpha
// Organization: alpha
// Contacts: a-alpha
//
////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////
// Description:
////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////
// Log:
////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////
// Todo:
//
////////////////////////////////////////////////////////////////
package genmai
import (
"os"
"os/user"
"fmt"
"strconv"
"log"
"time"
"github.com/jung-kurt/gofpdf/v2"
)
func
Createpdf_fun(fileName string, start_time string,Host string,
ScanResultKernel *ReportKernel,
ScanResultSystem *ReportSystem,
ScanResultBaseline *ReportBaseLine,
FastScanResult map[string]interface {},
FastScanNotInResult map[string]interface {},
IsoScanResult map[string]interface {},
IsoScanNotInResult map[string]interface {}) {
////////////////////////////////
// 用户名
currentUser,_:=user.Current()
UserName:=currentUser.Username
// 计算机名
Hostname,_:= os.Hostname()
// 操作系统名
OpName:=GetdOpUInfo("cat /etc/os-release | awk 'NR==1{print $1}'")
// 操作系统版本
GetdOpInfo:=GetdOpInfo()
// 系统架构
_,arch := GetCurrentFw()
// 内核版本
kernelRelease:=GetdOpUInfo("uname -r")
// 加载数量
var system_exec_nums int = 0
var kernel_exec_nums int = 0
var baseline_exec_nums int = 0
if nil != ScanResultSystem {
system_exec_nums =ScanResultSystem.ReportCommon.RCExecPocNums
}
if nil != ScanResultKernel {
kernel_exec_nums=ScanResultKernel.ReportCommon.RCExecPocNums
}
if nil != ScanResultBaseline {
baseline_exec_nums=ScanResultBaseline.ReportCommon.RCExecPocNums
}
exec_nums:=system_exec_nums+kernel_exec_nums+baseline_exec_nums
exec_nums_str:=strconv.Itoa(exec_nums)
//docx1.Replace("pocnumhhccxx", exec_nums_str, -1)
// 发起扫描时间
//docx1.Replace("start_time", start_time, -1)
// 扫描完成时间
end_time:= time.Now().Format("15:04:05")
//docx1.Replace("end_time", end_time, -1)
// 危险基线数
var baseline_nums int = 0
if nil != ScanResultBaseline {
baseline_nums=ScanResultBaseline.ReportCommon.RCNotFixedNums
}
baseline_nums_str:=strconv.Itoa(baseline_nums)
//docx1.Replace("baseline_num", baseline_nums_str, -1)
// 发现漏洞数
var system_not_Fixed_nums int = 0
var kernel_not_Fixed_nums int = 0
if nil != ScanResultSystem {
system_not_Fixed_nums =ScanResultSystem.ReportCommon.RCNotFixedNums
}
if nil != ScanResultKernel {
kernel_not_Fixed_nums=ScanResultKernel.ReportCommon.RCNotFixedNums
}
vuln_num:=system_not_Fixed_nums+kernel_not_Fixed_nums
vuln_num_str:=strconv.Itoa(vuln_num)
//docx1.Replace("vuln_num", vuln_num_str, -1)
// 高中低危漏洞数统计
var risk_h_nums int = 0
var risk_m_nums int = 0
var risk_l_nums int = 0
var system_h_nums int = 0
var system_m_nums int = 0
var system_l_nums int = 0
var kernel_h_nums int = 0
var kernel_m_nums int = 0
var kernel_l_nums int = 0
if nil != ScanResultSystem {
system_h_nums =ScanResultSystem.ReportCommon.RCRisk_system_h_nums
system_m_nums =ScanResultSystem.ReportCommon.RCRisk_system_m_nums
system_l_nums =ScanResultSystem.ReportCommon.RCRisk_system_l_nums
}
if nil != ScanResultKernel {
kernel_h_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_h_nums
kernel_m_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_m_nums
kernel_l_nums=ScanResultKernel.ReportCommon.RCRisk_kernel_l_nums
}
risk_h_nums = system_h_nums + kernel_h_nums
risk_m_nums = system_m_nums + kernel_m_nums
risk_l_nums = system_l_nums + kernel_l_nums
risk_h_nums_str:=strconv.Itoa(risk_h_nums)
risk_m_nums_str:=strconv.Itoa(risk_m_nums)
risk_l_nums_str:=strconv.Itoa(risk_l_nums)
//docx1.Replace("vuln_h_num", risk_h_nums_str, -1)
//docx1.Replace("vuln_m_num", risk_m_nums_str, -1)
//docx1.Replace("vuln_L_num", risk_l_nums_str, -1)
// 未执行个数统计
var system_not_exec_nums int = 0
var kernel_not_exec_nums int = 0
var baseline_not_exec_nums int = 0
system_not_exec_nums_str := "0"
if nil != ScanResultSystem {
system_not_exec_nums =ScanResultSystem.ReportCommon.RCNotExecPocNums
system_not_exec_nums_str=strconv.Itoa(system_not_exec_nums)
//docx1.Replace("systemnotexec", system_not_exec_nums_str, -1)
}
kernel_not_exec_nums_str := "0"
if nil != ScanResultKernel {
kernel_not_exec_nums =ScanResultKernel.ReportCommon.RCNotExecPocNums
kernel_not_exec_nums_str=strconv.Itoa(kernel_not_exec_nums)
//docx1.Replace("kernelnotexec", kernel_not_exec_nums_str, -1)
}
baseline_not_exec_nums_str := "0"
if nil != ScanResultBaseline {
baseline_not_exec_nums =ScanResultBaseline.ReportCommon.RCNotExecPocNums
baseline_not_exec_nums_str=strconv.Itoa(baseline_not_exec_nums)
//docx1.Replace("baselinenotexec", baseline_not_exec_nums_str, -1)
}
// -------------FastScan数据生成-----------------
// 发起扫描时间
//docx1.Replace("vmstattime", start_time, -1)
// 扫描完成时间
//docx1.Replace("vmendtime", end_time, -1)
// 漏洞数量
fastscan_vulnum_str:= "0"
fastscan_vulnum_f_str:= "0"
fastscan_vulnum_h_str:= "0"
fastscan_vulnum_m_str:= "0"
fastscan_vulnum_l_str:= "0"
fastscan_vulnum_i_str:= "0"
//
isoscan_vulnum_str:= "0"
isoscan_vulnum_f_str:= "0"
isoscan_vulnum_h_str:= "0"
isoscan_vulnum_m_str:= "0"
isoscan_vulnum_l_str:= "0"
isoscan_vulnum_i_str:= "0"
var vul_fastscan_data_in []map[string]string
var vul_fastscan_data_notin []map[string]string
//
var vul_isoscan_data_in []map[string]string
var vul_isoscan_data_notin []map[string]string
if len(FastScanResult) !=0 {
fastscan_vulnum_str = strconv.Itoa(FastScanResult["VbNums"].(int))
fastscan_vulnum_f_str = strconv.Itoa(FastScanResult["VbLevel_fatal"].(int))
fastscan_vulnum_h_str = strconv.Itoa(FastScanResult["VbLevel_hight"].(int))
fastscan_vulnum_m_str = strconv.Itoa(FastScanResult["VbLevel_mid"].(int))
fastscan_vulnum_l_str = strconv.Itoa(FastScanResult["VbLevel_low"].(int))
fastscan_vulnum_i_str = strconv.Itoa(FastScanResult["VbLevel_unknown"].(int))
// 版本匹配详情添加
vul_fastscan_data_in = transferVersionScanResultToStringMap_IN(FastScanResult)
}
//
if len(IsoScanResult) !=0 {
isoscan_vulnum_str = strconv.Itoa(IsoScanResult["VbNums"].(int))
isoscan_vulnum_f_str = strconv.Itoa(IsoScanResult["VbLevel_fatal"].(int))
isoscan_vulnum_h_str = strconv.Itoa(IsoScanResult["VbLevel_hight"].(int))
isoscan_vulnum_m_str = strconv.Itoa(IsoScanResult["VbLevel_mid"].(int))
isoscan_vulnum_l_str = strconv.Itoa(IsoScanResult["VbLevel_low"].(int))
isoscan_vulnum_i_str = strconv.Itoa(IsoScanResult["VbLevel_unknown"].(int))
// Iso匹配详情添加
vul_isoscan_data_in = transferVersionScanResultToStringMap_IN(IsoScanResult)
}
vul_fastscan_data_notin = transferVersionScanResultToStringMap_NOTIN(FastScanNotInResult)
vul_isoscan_data_notin = transferVersionScanResultToStringMap_NOTIN(IsoScanNotInResult)
// -------------FastScan数据生成-----------------
// // 漏洞详情添加
// var vul_system_data string
// var vul_kernel_data string
// var vul_baseline_data string
//
// // 系统漏洞详情添加
// if nil != ScanResultSystem {
// system_config:=ScanResultSystem.ReportCommon.RCExploredVulns
// for i:=0;i<len(system_config);i++{
// vul_system_data=vul_system_data+"漏洞编号:"+system_config[i].VICId+"\n"+"危害等级:"+system_config[i].VICSiteInfo.Severity+"\n"+"漏洞详情:"+system_config[i].VICSiteInfo.Description+"\n\n"
// }
// //docx1.Replace("{vuln_date_system}", vul_system_data, -1)
// }
// // 内核漏洞详情添加
// if nil != ScanResultKernel {
// kernel_config:=ScanResultKernel.ReportCommon.RCExploredVulns
// for i:=0;i<len(kernel_config);i++{
// vul_kernel_data=vul_kernel_data+"漏洞编号:"+kernel_config[i].VICId+"\n"+"危害等级:"+kernel_config[i].VICSiteInfo.Severity+"\n"+"漏洞详情:"+kernel_config[i].VICSiteInfo.Description+"\n\n"
// }
// //docx1.Replace("{vuln_date_kernel}", vul_kernel_data, -1)
// }
//
// // 基线详情添加
// if nil != ScanResultBaseline {
// baseline_config:=ScanResultBaseline.ReportCommon.RCExploredVulns
// for i:=0;i<len(baseline_config);i++{
// vul_baseline_data=vul_baseline_data+"基线编号:"+baseline_config[i].VICId+"\n"+"基线名称:"+baseline_config[i].VICSiteInfo.Name+"\n\n"
// }
// //docx1.Replace("{vuln_date_baseline}", vul_baseline_data, -1)
// }
////////////////////////////////
path := "../data/Report/"+fileName+".pdf"
//path := fileName+"a.pdf"
Bool ,err := PathExists(path)
if err != nil {
fmt.Println(err)
} // if err ...
if Bool==true {
err := os.Remove(path)
if err != nil {
log.Println("File overwritten successfully")
} else {
log.Println("File overwrite failed")
}
} // if Bool ...
// 创建一个新的PDF实例
pdf := gofpdf.New("P", "mm", "A4", "")
////////////////////////////////
// 全局属性
pdf.AddUTF8Font("NotoSansSC-Regular", "", "../data/static/NotoSansSC-Regular.ttf")
page_w, page_h := pdf.GetPageSize()
page_margin_t := 10.0
page_margin_b := 10.0
page_margin_l := 10.0
page_margin_r := 10.0
page_style_n_font_name := "NotoSansSC-Regular" // Normal
page_style_n_font_size := 16.0
page_style_l1_font_name := "NotoSansSC-Regular"
page_style_l1_font_size := 32.0
page_style_l2_font_name := "NotoSansSC-Regular"
page_style_l2_font_size := 28.0
//page_style_l3_font_name := "NotoSansSC-Regular"
//page_style_l3_font_size := 62.0
//page_style_l4_font_name := "NotoSansSC-Regular"
//page_style_l4_font_size := 8.0
//
page_style_table_font_name := "NotoSansSC-Regular"
page_style_table_font_size := 16.0
page_style_table_mini_font_name := "NotoSansSC-Regular"
page_style_table_mini_font_size := 16.0 / 2
page_style_table_tiny_font_name := "NotoSansSC-Regular"
page_style_table_tiny_font_size := 16.0 / 2 - 2
////////////////////////////////
// 首页 (mainpage)
mainpage_info_table_w := 80.0
mainpage_info_table_h := 30.0
mainpage_info_table_margin_t := 30.0 // top
mainpage_info_table_margin_r := page_margin_r // right
pdf.AddPage()
pdf.SetFont("NotoSansSC-Regular", "", 32)
pdf.Image("../data/static/kylin.png",10,10,100,0,false,"",0,"")
pdf.CellFormat(190, 250, "Genmai本地安全检测报告", "", 1, "C", false, 0, "")
pdf.SetXY(page_w - mainpage_info_table_w - mainpage_info_table_margin_r,
mainpage_info_table_margin_t )
pdf.SetFont("NotoSansSC-Regular", "", 20)
pdf.SetFillColor(240, 240, 240)
//
mainpage_info := [][]string{{"编号", RandStr()},
{"日期", time.Now().Format("2006-01-02") }}
for _, row := range mainpage_info {
pdf.SetX(page_w - mainpage_info_table_w - mainpage_info_table_margin_r)
for _, cell_ := range row {
pdf.CellFormat(mainpage_info_table_w / 2,
mainpage_info_table_h / 2,
cell_, "1", 0, "C", true, 0, "")
} // for _, ...
pdf.Ln(-1)
} // for _, ...
// 输出错误
if pdf.Err() {
fmt.Print(pdf.Error())
}
////////////////////////////////
// 声明页面 (statement)
// statementpage_header_w, _ := pdf.GetPageSize()
statementpage_line_h := 8.0
//
statementpage_sign_w := 100.0
statementpage_sign_h := 32.0
pdf.AddPage()
statement_contain := [][]string {
{"■ 版权声明", " 本地安全漏洞检测工具genmai为麒麟软件产品安全应急响应团队编写仅供麒麟软件内部人员使用。在修改工具及工具默认模板时应保留相应版权声明。未经团队授权不得以任何方式将工具用于麒麟软件产品安全测试之外的其他目的。\n\r" },
{"■ 适用声明", " 本地安全漏洞检测工具genmai可用于测试Linux系操作系统中是否存在可利用的中高风险漏洞。本工具支持通过原理扫描发现漏洞、支持通过版本匹配的方式发现CVE漏洞以及支持安全基线检测。\n\r"},
{"■ 免责声明", " 本报告为本工具根据使用者检测结果自动生成的报告,报告内容不代表本团队的立场及观点。由于传播、利用此工具提供的检测功能而造成的任何直接或者间接的后果及损失,均由使用者本人负责,本团队不为此承担任何责任。\n\r"},
{"■ 开发团队",
"\n\r以下贡献者排名不分先后\n\r POC贡献者\n\r 宋帮诚晋、陈心全、潘振华、李文杰、杨继鹏\n\r"} }
for _, row := range statement_contain {
pdf.SetFont(page_style_n_font_name, "", page_style_n_font_size + 4)
for _, cell := range row {
pdf.Write(statementpage_line_h, cell)
pdf.SetFont(page_style_n_font_name, "", page_style_n_font_size)
} // for _ ..
} // for _ ..
pdf.SetXY(page_w - statementpage_sign_w - page_margin_r,
page_h - statementpage_sign_h - page_margin_b )
//pdf.CellFormat(mainpage_info_table_w / 2,
// mainpage_info_table_h / 2,
// "alpha", "1", 0, "C", true, 0, "")
pdf.SetFont(page_style_n_font_name, "", page_style_n_font_size + 4)
//pdf.Write(statementpage_line_h, "© 2022 麒麟软件应急响应团队\r\n")
pdf.CellFormat(statementpage_sign_w, 10,
"© 2022 麒麟软件应急响应团队",
"", 1, "R", false, 0, "")
pdf.SetX(page_w - statementpage_sign_w - page_margin_r)
pdf.SetFont(page_style_n_font_name, "", page_style_n_font_size - 4)
pdf.CellFormat(statementpage_sign_w, 10,
"宋帮诚晋、陈心全",
"", 1, "R", false, 0, "")
////////////////////////////////
// 摘要页面 (summary)
pdf.AddPage()
pdf.SetY(page_margin_t)
pdf.SetFont(page_style_l1_font_name, "", page_style_l1_font_size)
pdf.Write(page_style_l1_font_size / 2, "一、报告摘要\r\n")
//pdf.Line(page_margin_l, pdf.GetY(),
// page_w - page_margin_r, pdf.GetY())
////////////////
// 被扫描平台
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n被扫描平台: " + Host + "\r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表1. 目标信息", "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size )
pdf.SetFillColor(240, 240, 240)
summary_target_info := [][]string { {"用户名", UserName},
{"计算机名", Hostname},
{"操作系统名", OpName},
{"操作系统版本", GetdOpInfo},
{"系统架构", arch},
{"内核版本", kernelRelease} }
for _, row := range summary_target_info {
for _, cell := range row {
pdf.CellFormat((page_w - page_margin_l - page_margin_r) / 2,
page_style_table_font_size / 2 + 4,
cell, "1", 0, "C", true, 0, "")
} // for _, ...
pdf.Ln(-1)
} // for _, ...
////////////////
// 任务模式:原理扫描
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n任务模式原理扫描\r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表 2 扫描任务信息", "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size )
pdf.SetFillColor(240, 240, 240)
summary_task_info := [][]string { {"加载数", exec_nums_str+"个"},
{"发起扫描时间", start_time},
{"扫描完成时间", end_time},
{"危险基线数", baseline_nums_str + "个"},
{"发现漏洞数", vuln_num_str + "个"},
{"漏洞级别分布", "高危" + risk_h_nums_str + "个\r\n" +
"中危" + risk_m_nums_str + "个\r\n" +
"低危" + risk_l_nums_str + "个\r\n" } }
for _, row := range summary_task_info {
for _, cell := range row {
pdf.CellFormat((page_w - page_margin_l - page_margin_r) / 2,
page_style_table_font_size / 2 + 4,
cell, "1", 0, "C", true, 0, "")
} // for _, ...
pdf.Ln(-1)
} // for _, ...
////////////////
// 未执行成功表:
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n未执行成功表:\r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表3 未执行表", "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size )
pdf.SetFillColor(240, 240, 240)
summary_notexec_info := [][]string { {"系统未执行数", system_not_exec_nums_str},
{"内核未执行数", kernel_not_exec_nums_str},
{"安全基线未执行数", baseline_not_exec_nums_str} }
for _, row := range summary_notexec_info {
for _, cell := range row {
pdf.CellFormat((page_w - page_margin_l - page_margin_r) / 2,
page_style_table_font_size / 2 + 4,
cell, "1", 0, "C", true, 0, "")
} // for _, ...
pdf.Ln(-1)
} // for _, ...
////////////////
// 任务模式:版本匹配
////////
// lambda
reportVersionScanSummation := func (sectionname string,
start_time string,
end_time string,
fastscan_vulnum_str string,
fastscan_vulnum_f_str string,
fastscan_vulnum_h_str string,
fastscan_vulnum_m_str string,
fastscan_vulnum_l_str string,
fastscan_vulnum_i_str string ) {
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n任务模式"+sectionname+"\r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表 "+sectionname, "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size )
pdf.SetFillColor(240, 240, 240)
summary_vmaching_info := [][]string { {"检测数量", "TODO没有找到变量"},
{"发起扫描时间", start_time},
{"结束时间", end_time},
{"漏洞数量", fastscan_vulnum_str},
{"漏洞级别分布: 严重", fastscan_vulnum_f_str + "个\r\n"},
{"漏洞级别分布: 高危", fastscan_vulnum_h_str + "个\r\n"},
{"漏洞级别分布: 中危", fastscan_vulnum_m_str + "个\r\n"},
{"漏洞级别分布: 低危", fastscan_vulnum_l_str + "个\r\n"},
{"漏洞级别分布: 忽略", fastscan_vulnum_i_str + "个\r\n" } }
for _, row := range summary_vmaching_info {
for _, cell := range row {
pdf.CellFormat((page_w - page_margin_l - page_margin_r) / 2,
page_style_table_font_size / 2 + 4,
cell, "1", 0, "C", true, 0, "")
} // for _, ...
pdf.Ln(-1)
} // for _, ...
} // reportVersionScanSummation := func ...
// lambda
////////
////////////////
// 任务模式:快速扫描
reportVersionScanSummation("快速扫描", start_time, end_time,
fastscan_vulnum_str,
fastscan_vulnum_f_str,
fastscan_vulnum_h_str,
fastscan_vulnum_m_str,
fastscan_vulnum_l_str,
fastscan_vulnum_i_str)
////////////////
// 任务模式ISO扫描
reportVersionScanSummation("ISO扫描", start_time, end_time,
isoscan_vulnum_str,
isoscan_vulnum_f_str,
isoscan_vulnum_h_str,
isoscan_vulnum_m_str,
isoscan_vulnum_l_str,
isoscan_vulnum_i_str)
////////////////////////////////
// 漏洞列表(listinfo)
pdf.AddPage()
pdf.SetY(page_margin_t)
pdf.SetFont(page_style_l1_font_name, "", page_style_l1_font_size)
pdf.Write(page_style_l1_font_size / 2, "二.漏洞列表\r\n")
//pdf.Line(page_margin_l, pdf.GetY(),
// page_w - page_margin_r, pdf.GetY())
///
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表 漏洞列表", "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_tiny_font_name, "", page_style_table_tiny_font_size)
_idx_w := 10.0
_row_h := 6.0
//vicid_w := 20
pdf.CellFormat(_idx_w, _row_h, "索引", "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 15/100, _row_h,
"漏洞编号", "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 10/100, _row_h,
"漏洞状态", "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 35/100, _row_h,
"漏洞名称", "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
"当前包版本", "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
"修复版本", "1", 0, "C", true, 0, "")
//
pdf.Ln(-1)
for i, row := range (append(vul_fastscan_data_notin, vul_isoscan_data_notin...)){
pdf.CellFormat(_idx_w, _row_h, strconv.Itoa(i+1), "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 15/100, _row_h,
row["漏洞编号"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 10/100, _row_h,
row["漏洞状态"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 35/100, _row_h,
row["漏洞名称"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
row["当前包版本"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
row["修复版本"], "1", 0, "C", true, 0, "")
//
pdf.Ln(-1)
}
_vul_fastscan_data_notin_len := len(vul_fastscan_data_notin) + len(vul_isoscan_data_notin)
pdf.SetDrawColor(255, 0, 0)
pdf.SetTextColor(255, 0, 0)
pdf.SetFillColor(200, 255, 200)
for i, row := range (append (vul_fastscan_data_in, vul_isoscan_data_in...)) {
pdf.CellFormat(_idx_w,
_row_h, strconv.Itoa(i+1 + _vul_fastscan_data_notin_len),
"1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 15/100, _row_h,
row["漏洞编号"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 10/100, _row_h,
row["漏洞状态"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 35/100, _row_h,
row["漏洞名称"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
row["当前包版本"], "1", 0, "C", true, 0, "")
pdf.CellFormat((page_w - _idx_w - page_margin_l - page_margin_r) * 20/100, _row_h,
row["修复版本"], "1", 0, "C", true, 0, "")
//
pdf.Ln(-1)
}
pdf.SetDrawColor(0, 0, 0)
pdf.SetTextColor(0, 0, 0)
pdf.SetFillColor(240, 240, 240)
////////////////////////////////
// 漏洞详情 (vulinfo)
_header_w := 40.0
_row_h = 5.0
////////////////
// lambda
reportVulnsInfo := func (sectionname string, vulns []VulnInfoCommon ) {
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n\r\n" + sectionname + " \r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表. " + sectionname , "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_mini_font_name, "",
page_style_table_mini_font_size )
pdf.SetFillColor(240, 240, 240)
//if nil != ScanResultSystem {
//system_config:=ScanResultSystem.ReportCommon.RCExploredVulns
for i:=0;i<len(vulns);i++{
pdf.CellFormat(_header_w, _row_h, "索引", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
strconv.Itoa(i+1),
"1", "L", true)
pdf.CellFormat(_header_w, _row_h, "漏洞编号", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICId,
"1", "L", true)
if len(vulns[i].VICSiteInfo.Name) > 150{
pdf.CellFormat(_header_w, _row_h+_row_h, "名称", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.Name,
"1", "L", true)
}else{
pdf.CellFormat(_header_w, _row_h, "名称", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.Name,
"1", "L", true)
}
pdf.CellFormat(_header_w, _row_h, "包名", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICPackages,
"1", "L", true)
pdf.CellFormat(_header_w, _row_h, "禅道ID", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICBugID,
"1", "L", true)
pdf.CellFormat(_header_w, _row_h, "危害等级", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.Severity,
"1", "L", true)
if len(vulns[i].VICSiteInfo.Description) > 150 {
pdf.CellFormat(_header_w, _row_h+_row_h, "漏洞详情", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.Description,
"1", "L", true)
}else{
pdf.CellFormat(_header_w, _row_h, "漏洞详情", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.Description,
"1", "L", true)
}
pdf.CellFormat(_header_w, _row_h, "影响包范围", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
vulns[i].VICSiteInfo.ScopeOfInfluence,
"1", "L", true)
pdf.CellFormat((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
"", "", 1, "L", false, 0, "")
} // for i := ...
//} // if nill
} // reportVulnsInfo := func
reportVersionScanVulnsInfo := func (sectionname string, vul_versionscan_data_in []map[string]string) {
pdf.SetFont(page_style_l2_font_name, "", page_style_l2_font_size)
pdf.Write(page_style_l2_font_size / 2, "\r\n\r\n" + sectionname+ "检测详情\r\n")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size + 4 )
pdf.CellFormat(page_w, 20,
"表. " + sectionname+ "检测详情", "", 1, "C", false, 0, "")
pdf.SetFont(page_style_table_font_name, "",
page_style_table_font_size )
pdf.SetFillColor(240, 240, 240)
// m := map[string]string { "漏洞编号":"string", "危害等级":"string", "漏洞名称":"string", "漏洞类型":"string", "漏洞状态":"string", "漏洞组件介绍":"string", "当前包版本":"string", "修复版本":"string"}
// vul_versionscan_data_in=append(vul_versionscan_data_in, m)
// vul_versionscan_data_in=append(vul_versionscan_data_in, m)
// vul_versionscan_data_in=append(vul_versionscan_data_in, m)
// vul_versionscan_data_in=append(vul_versionscan_data_in, m)
// fmt.Print(vul_versionscan_data_in)
pdf.SetFont(page_style_table_mini_font_name, "", page_style_table_mini_font_size)
for i, row := range vul_versionscan_data_in {
pdf.CellFormat(_header_w, _row_h, "索引", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
strconv.Itoa(i+1), "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "漏洞编号", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["漏洞编号"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "危害等级", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["危害等级"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "漏洞名称", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["漏洞名称"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "漏洞类型", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["漏洞类型"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "漏洞状态", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["漏洞状态"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "当前包版本", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["当前包版本"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "修复版本", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["修复版本"], "1", "L", true)
pdf.CellFormat(_header_w, _row_h, "修复建议", "1", 0, "L", true, 0, "")
pdf.MultiCell((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row["修复建议"], "1", "L", true)
pdf.CellFormat((page_w - page_margin_l - page_margin_r) - _header_w, _row_h,
row[""], "", 1, "L", false, 0, "")
} // for i, row ...
} // report_fastscan_vulns := func ...
// lambda
////////////////
pdf.AddPage()
pdf.SetY(page_margin_t)
pdf.SetFont(page_style_l1_font_name, "", page_style_l1_font_size)
pdf.Write(page_style_l1_font_size / 2, "三.漏洞详情\r\n")
//pdf.Line(page_margin_l, pdf.GetY(),
// page_w - page_margin_r, pdf.GetY())
// 系统漏洞详情
if nil != ScanResultSystem {
reportVulnsInfo("系统漏洞检测详情", ScanResultSystem.ReportCommon.RCExploredVulns)
} // if nil ...
// 内核漏洞详情
if nil != ScanResultKernel {
reportVulnsInfo("内核漏洞检测详情", ScanResultKernel.ReportCommon.RCExploredVulns)
} // if nil ...
// 基线详情
if nil != ScanResultBaseline {
reportVulnsInfo("安全基线检测详情", ScanResultBaseline.ReportCommon.RCExploredVulns)
} // if nil ...
reportVersionScanVulnsInfo("快速扫描", vul_fastscan_data_in)
reportVersionScanVulnsInfo("ISO扫描", vul_isoscan_data_in)
////////////////////////////////
// 保存报表文件
pdf.OutputFileAndClose(path)
// 输出错误
if pdf.Err() {
fmt.Print(pdf.Error())
}
}
func transferVersionScanResultToStringMap_IN(IsoScanResult map[string]interface {}) []map[string]string {
var vul_isoscan_data_in []map[string]string
packagesList := IsoScanResult["package_info"].(map[string]interface{})["packages"].(map[string]interface{})["packagesList"].(map[string]map[string]interface{})
for key := range packagesList {
cve_id:=packagesList[key]["cve_id"].([]string)
cve_name:=packagesList[key]["cve_name"].([]string)
cve_risk:=packagesList[key]["cve_risk"].([]string)
cve_type:=packagesList[key]["cve_type"].([]string)
cve_introduction:=packagesList[key]["cve_introduction"].([]string)
cve_status:=packagesList[key]["cve_status"].([]string)
cve_currentVersion:=packagesList[key]["cve_currentVersion"].([]string)
cve_secureVersion:=packagesList[key]["cve_secureVersion"].([]string)
cve_repairSuggestions:=packagesList[key]["cve_repairSuggestions"].([]string)
for i:=0;i<len(cve_id);i++{
//vul_isoscan_data_in=vul_isoscan_data_in+"漏洞编号:"+cve_id[i]+"\n"+"危害等级:"+cve_risk[i]+"\n"+"漏洞名称:"+cve_name[i]+"\n"+"漏洞类型:"+cve_type[i]+"\n"+"漏洞状态:"+cve_status[i]+"\n"+"漏洞组件介绍:"+cve_introduction[i]+"\n"+"当前包版本:"+cve_currentVersion[i]+"\n"+"修复版本:"+cve_secureVersion[i]+"\n\n"
m := map[string]string { "漏洞编号":cve_id[i], "危害等级":cve_risk[i], "漏洞名称":cve_name[i], "漏洞类型":cve_type[i], "漏洞状态":cve_status[i], "漏洞组件介绍":cve_introduction[i], "当前包版本":cve_currentVersion[i], "修复版本":cve_secureVersion[i], "修复建议":cve_repairSuggestions[i]}
//, cve_risk[i], cve_name[i], cve_type[i], cve_status[i], cve_introduction[i], cve_currentVersion[i], cve_secureVersion[i]}
vul_isoscan_data_in=append(vul_isoscan_data_in, m)
//vuln_date_isoscan_list_in=vuln_date_isoscan_list_in+"漏洞名称:"+cve_name[i]+"("+cve_id[i]+")\n"+"漏洞状态:"+cve_status[i]+"\n"+"当前包版本:"+cve_currentVersion[i]+"\n"+"修复版本:"+cve_secureVersion[i]+"\n\n"
}
}
return vul_isoscan_data_in
}
func transferVersionScanResultToStringMap_NOTIN(FastScanNotInResult map[string]interface {}) []map[string]string {
var vul_fastscan_data_notin []map[string]string
if len(FastScanNotInResult) != 0{
packagesList_notin:=FastScanNotInResult["packagesList"].(map[string]map[string]interface{})
for key := range packagesList_notin {
cve_n_id:=packagesList_notin[key]["cve_n_id"].([]string)
cve_n_name:=packagesList_notin[key]["cve_n_name"].([]string)
cve_n_status:=packagesList_notin[key]["cve_n_status"].([]string)
cve_n_currentVersion:=packagesList_notin[key]["cve_n_currentVersion"].([]string)
cve_n_secureVersion:=packagesList_notin[key]["cve_n_secureVersion"].([]string)
for i:=0;i<len(cve_n_id);i++{
m := map[string]string { "漏洞编号":cve_n_id[i], "漏洞名称":cve_n_name[i], "漏洞状态":cve_n_status[i], "当前包版本":cve_n_currentVersion[i], "修复版本":cve_n_secureVersion[i]}
vul_fastscan_data_notin=append(vul_fastscan_data_notin, m)
//vuln_date_fastscan_list_notin=vuln_date_fastscan_list_notin+"漏洞名称:"+cve_n_name[i]+"("+cve_n_id[i]+")\n"+"漏洞状态:"+cve_n_status[i]+"\n"+"当前包版本:"+cve_n_currentVersion[i]+"\n"+"修复版本:"+cve_n_secureVersion[i]+"\n\n"
}
}
//docx1.Replace("{vuln_date}", vuln_date_fastscan_list_notin, -1)
}
return vul_fastscan_data_notin
}