Skip to content

Commit 9acf772

Browse files
author
dreizehnutters
committed
added more QoL features
1 parent 4de417c commit 9acf772

8 files changed

Lines changed: 1354 additions & 19397 deletions

File tree

tests/nmap-scan.xml

Lines changed: 110 additions & 19279 deletions
Large diffs are not rendered by default.

xsl/helpers.xsl

Lines changed: 76 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -282,6 +282,75 @@
282282
</a>
283283
</xsl:template>
284284

285+
<xsl:template name="render-endpoint-host">
286+
<xsl:param name="host"/>
287+
<xsl:variable name="normalized-host" select="normalize-space($host)"/>
288+
<xsl:choose>
289+
<xsl:when test="contains($normalized-host, ':') and not(starts-with($normalized-host, '[')) and not(contains($normalized-host, ']'))">
290+
<xsl:text>[</xsl:text>
291+
<xsl:value-of select="$normalized-host"/>
292+
<xsl:text>]</xsl:text>
293+
</xsl:when>
294+
<xsl:otherwise>
295+
<xsl:value-of select="$normalized-host"/>
296+
</xsl:otherwise>
297+
</xsl:choose>
298+
</xsl:template>
299+
300+
<xsl:template name="render-endpoint-link">
301+
<xsl:param name="address"/>
302+
<xsl:param name="port"/>
303+
<xsl:param name="protocol" select="'tcp'"/>
304+
<xsl:param name="service-name" select="''"/>
305+
<xsl:param name="tunnel" select="''"/>
306+
<xsl:param name="text" select="''"/>
307+
<xsl:param name="class" select="'endpoint-link'"/>
308+
<xsl:variable name="normalized-address" select="normalize-space($address)"/>
309+
<xsl:variable name="normalized-port" select="normalize-space($port)"/>
310+
<xsl:variable name="normalized-text" select="normalize-space($text)"/>
311+
<xsl:variable name="normalized-service" select="translate(normalize-space($service-name), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz')"/>
312+
<xsl:variable name="normalized-protocol" select="translate(normalize-space($protocol), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz')"/>
313+
<xsl:variable name="scheme">
314+
<xsl:choose>
315+
<xsl:when test="$tunnel = 'ssl' or starts-with($normalized-service, 'ssl/') or contains($normalized-service, 'https')">https</xsl:when>
316+
<xsl:otherwise>http</xsl:otherwise>
317+
</xsl:choose>
318+
</xsl:variable>
319+
<xsl:variable name="formatted-host">
320+
<xsl:call-template name="render-endpoint-host">
321+
<xsl:with-param name="host" select="$normalized-address"/>
322+
</xsl:call-template>
323+
</xsl:variable>
324+
<xsl:choose>
325+
<xsl:when test="string($normalized-address) != '' and string($normalized-port) != ''">
326+
<a target="_blank" rel="noopener noreferrer">
327+
<xsl:if test="string(normalize-space($class)) != ''">
328+
<xsl:attribute name="class">
329+
<xsl:value-of select="$class"/>
330+
</xsl:attribute>
331+
</xsl:if>
332+
<xsl:attribute name="href">
333+
<xsl:value-of select="concat($scheme, '://', $formatted-host, ':', $normalized-port)"/>
334+
</xsl:attribute>
335+
<xsl:choose>
336+
<xsl:when test="string($normalized-text) != ''">
337+
<xsl:value-of select="$normalized-text"/>
338+
</xsl:when>
339+
<xsl:otherwise>
340+
<xsl:value-of select="$normalized-port"/>
341+
</xsl:otherwise>
342+
</xsl:choose>
343+
</a>
344+
</xsl:when>
345+
<xsl:when test="string($normalized-text) != ''">
346+
<xsl:value-of select="$normalized-text"/>
347+
</xsl:when>
348+
<xsl:otherwise>
349+
<xsl:value-of select="$normalized-port"/>
350+
</xsl:otherwise>
351+
</xsl:choose>
352+
</xsl:template>
353+
285354
<xsl:template name="render-nvd-cpe-link">
286355
<xsl:param name="cpe"/>
287356
<a class="cpe-copy" title="Click to copy CPE">
@@ -458,9 +527,14 @@
458527
<xsl:param name="scheme"/>
459528
<xsl:param name="host"/>
460529
<xsl:param name="port"/>
530+
<xsl:variable name="formatted-host">
531+
<xsl:call-template name="render-endpoint-host">
532+
<xsl:with-param name="host" select="$host"/>
533+
</xsl:call-template>
534+
</xsl:variable>
461535
<xsl:call-template name="render-external-link">
462-
<xsl:with-param name="href" select="concat($scheme, '://', $host, ':', $port)"/>
463-
<xsl:with-param name="text" select="concat($scheme, '://', $host, ':', $port)"/>
536+
<xsl:with-param name="href" select="concat($scheme, '://', $formatted-host, ':', $port)"/>
537+
<xsl:with-param name="text" select="concat($scheme, '://', $formatted-host, ':', $port)"/>
464538
</xsl:call-template>
465539
</xsl:template>
466540

xsl/hosts.xsl

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -448,7 +448,14 @@
448448
<xsl:for-each select="ports/port">
449449
<tr>
450450
<td>
451-
<xsl:value-of select="@portid"/>
451+
<xsl:call-template name="render-endpoint-link">
452+
<xsl:with-param name="address" select="ancestor::host[1]/address[not(@addrtype='mac')][1]/@addr"/>
453+
<xsl:with-param name="port" select="@portid"/>
454+
<xsl:with-param name="protocol" select="@protocol"/>
455+
<xsl:with-param name="service-name" select="service/@name"/>
456+
<xsl:with-param name="tunnel" select="service/@tunnel"/>
457+
<xsl:with-param name="text" select="@portid"/>
458+
</xsl:call-template>
452459
</td>
453460
<td>
454461
<xsl:value-of select="@protocol"/>
@@ -495,10 +502,10 @@
495502
(<xsl:value-of select="@accuracy"/>%)
496503
</h5>
497504
<xsl:for-each select="osclass">
498-
<p><strong>Device Type:</strong><xsl:value-of select="@type"/><br/><strong>Running:</strong><xsl:value-of select="@vendor"/><xsl:value-of select="@osfamily"/><xsl:value-of select="@osgen"/>
499-
(<xsl:value-of select="@accuracy"/>%)<br/>
505+
<p><strong>Device Type:</strong><xsl:text> </xsl:text><xsl:value-of select="@type"/><br/><strong>Running:</strong><xsl:text> </xsl:text><xsl:value-of select="normalize-space(concat(@vendor, ' ', @osfamily, ' ', @osgen))"/>
506+
<xsl:text> (</xsl:text><xsl:value-of select="@accuracy"/><xsl:text>%)</xsl:text><br/>
500507
<strong>OS CPE:</strong>
501-
<xsl:if test="count(cpe) &gt; 0"><xsl:call-template name="render-nvd-cpe-link"><xsl:with-param name="cpe" select="cpe"/></xsl:call-template></xsl:if>
508+
<xsl:text> </xsl:text><xsl:if test="count(cpe) &gt; 0"><xsl:call-template name="render-nvd-cpe-link"><xsl:with-param name="cpe" select="cpe"/></xsl:call-template></xsl:if>
502509
</p>
503510
</xsl:for-each>
504511
</xsl:for-each>

xsl/inventory.xsl

Lines changed: 132 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,6 @@
99
<table id="service-inventory" class="table table-striped table-hover table-bordered align-middle dataTable" role="grid">
1010
<thead class="table-light">
1111
<tr>
12-
<th scope="col" class="service-inventory-name-column">Service Name</th>
13-
<th scope="col" class="service-inventory-count-column">Host Count</th>
1412
<th scope="col">Host Details</th>
1513
</tr>
1614
</thead>
@@ -22,6 +20,94 @@
2220
<xsl:variable name="effective-hostname">
2321
<xsl:call-template name="resolve-effective-hostname"/>
2422
</xsl:variable>
23+
<xsl:variable name="http-headers-output" select="script[@id='http-headers']/@output"/>
24+
<xsl:variable name="http-fingerprint-output" select="script[@id='fingerprint-strings']/elem[@key='GetRequest']"/>
25+
<xsl:variable name="http-title">
26+
<xsl:choose>
27+
<xsl:when test="count(script[@id='http-title']/elem[@key='title']) &gt; 0">
28+
<xsl:value-of select="script[@id='http-title']/elem[@key='title']"/>
29+
</xsl:when>
30+
<xsl:otherwise>
31+
<xsl:value-of select="script[@id='http-title']/@output"/>
32+
</xsl:otherwise>
33+
</xsl:choose>
34+
</xsl:variable>
35+
<xsl:variable name="http-location">
36+
<xsl:choose>
37+
<xsl:when test="count(script[@id='http-title']/elem[@key='redirect_url']) &gt; 0">
38+
<xsl:value-of select="script[@id='http-title']/elem[@key='redirect_url']"/>
39+
</xsl:when>
40+
<xsl:when test="contains($http-headers-output, 'Location:')">
41+
<xsl:call-template name="extract-header-value">
42+
<xsl:with-param name="text" select="$http-headers-output"/>
43+
<xsl:with-param name="label" select="'Location'"/>
44+
</xsl:call-template>
45+
</xsl:when>
46+
<xsl:otherwise>
47+
<xsl:call-template name="extract-header-value">
48+
<xsl:with-param name="text" select="$http-fingerprint-output"/>
49+
<xsl:with-param name="label" select="'Location'"/>
50+
</xsl:call-template>
51+
</xsl:otherwise>
52+
</xsl:choose>
53+
</xsl:variable>
54+
<xsl:variable name="http-server">
55+
<xsl:choose>
56+
<xsl:when test="count(script[@id='http-server-header']/elem) &gt; 0">
57+
<xsl:value-of select="script[@id='http-server-header']/elem[1]"/>
58+
</xsl:when>
59+
<xsl:when test="string(script[@id='http-server-header']/@output) != ''">
60+
<xsl:value-of select="script[@id='http-server-header']/@output"/>
61+
</xsl:when>
62+
<xsl:when test="contains($http-headers-output, 'Server:')">
63+
<xsl:call-template name="extract-header-value">
64+
<xsl:with-param name="text" select="$http-headers-output"/>
65+
<xsl:with-param name="label" select="'Server'"/>
66+
</xsl:call-template>
67+
</xsl:when>
68+
<xsl:otherwise>
69+
<xsl:call-template name="extract-header-value">
70+
<xsl:with-param name="text" select="$http-fingerprint-output"/>
71+
<xsl:with-param name="label" select="'Server'"/>
72+
</xsl:call-template>
73+
</xsl:otherwise>
74+
</xsl:choose>
75+
</xsl:variable>
76+
<xsl:variable name="http-powered-by">
77+
<xsl:choose>
78+
<xsl:when test="contains(translate($http-headers-output, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'powered-by:')">
79+
<xsl:call-template name="extract-powered-by-value">
80+
<xsl:with-param name="text" select="$http-headers-output"/>
81+
</xsl:call-template>
82+
</xsl:when>
83+
<xsl:otherwise>
84+
<xsl:call-template name="extract-powered-by-value">
85+
<xsl:with-param name="text" select="$http-fingerprint-output"/>
86+
</xsl:call-template>
87+
</xsl:otherwise>
88+
</xsl:choose>
89+
</xsl:variable>
90+
<xsl:variable name="http-stack-source" select="concat($http-headers-output, '&#xA;', $http-fingerprint-output)"/>
91+
<xsl:variable name="http-stack-hint">
92+
<xsl:call-template name="extract-stack-hint-line">
93+
<xsl:with-param name="text" select="$http-stack-source"/>
94+
</xsl:call-template>
95+
</xsl:variable>
96+
<xsl:variable name="http-powered-by-evidence">
97+
<xsl:choose>
98+
<xsl:when test="string($http-powered-by) != ''">
99+
<xsl:value-of select="$http-powered-by"/>
100+
</xsl:when>
101+
<xsl:otherwise>
102+
<xsl:value-of select="$http-stack-hint"/>
103+
</xsl:otherwise>
104+
</xsl:choose>
105+
</xsl:variable>
106+
<xsl:variable name="http-powered-by-stack">
107+
<xsl:call-template name="normalize-powered-by-stack">
108+
<xsl:with-param name="value" select="$http-stack-source"/>
109+
</xsl:call-template>
110+
</xsl:variable>
25111
<span class="service-inventory-entry">
26112
<xsl:attribute name="data-service">
27113
<xsl:call-template name="render-service-name"/>
@@ -44,6 +130,50 @@
44130
<xsl:attribute name="data-protocol">
45131
<xsl:value-of select="@protocol"/>
46132
</xsl:attribute>
133+
<xsl:attribute name="data-http-title">
134+
<xsl:value-of select="$http-title"/>
135+
</xsl:attribute>
136+
<xsl:attribute name="data-http-location">
137+
<xsl:value-of select="$http-location"/>
138+
</xsl:attribute>
139+
<xsl:attribute name="data-http-server">
140+
<xsl:value-of select="$http-server"/>
141+
</xsl:attribute>
142+
<xsl:attribute name="data-http-stack">
143+
<xsl:value-of select="$http-powered-by-stack"/>
144+
</xsl:attribute>
145+
<xsl:attribute name="data-http-powered-by">
146+
<xsl:value-of select="$http-powered-by-evidence"/>
147+
</xsl:attribute>
148+
<xsl:attribute name="data-vulners">
149+
<xsl:value-of select=".//script[@id='vulners']/@output"/>
150+
</xsl:attribute>
151+
<xsl:for-each select="script[string(@output) != '' and not(contains(@output, 'ERROR: '))]">
152+
<span class="service-inventory-script">
153+
<xsl:attribute name="data-id">
154+
<xsl:value-of select="@id"/>
155+
</xsl:attribute>
156+
<xsl:attribute name="data-port">
157+
<xsl:value-of select="../@portid"/>
158+
</xsl:attribute>
159+
<xsl:attribute name="data-protocol">
160+
<xsl:value-of select="../@protocol"/>
161+
</xsl:attribute>
162+
<xsl:attribute name="data-valid-from">
163+
<xsl:value-of select="table[@key='validity']/elem[@key='notBefore']"/>
164+
</xsl:attribute>
165+
<xsl:attribute name="data-valid-to">
166+
<xsl:value-of select="table[@key='validity']/elem[@key='notAfter']"/>
167+
</xsl:attribute>
168+
<xsl:attribute name="data-self-signed">
169+
<xsl:choose>
170+
<xsl:when test="@id = 'ssl-cert' and normalize-space(concat(table[@key='subject']/elem[@key='commonName'], '|', table[@key='subject']/elem[@key='organizationName'])) != '' and normalize-space(concat(table[@key='subject']/elem[@key='commonName'], '|', table[@key='subject']/elem[@key='organizationName'])) = normalize-space(concat(table[@key='issuer']/elem[@key='commonName'], '|', table[@key='issuer']/elem[@key='organizationName']))">true</xsl:when>
171+
<xsl:otherwise>false</xsl:otherwise>
172+
</xsl:choose>
173+
</xsl:attribute>
174+
<xsl:value-of select="@output"/>
175+
</span>
176+
</xsl:for-each>
47177
</span>
48178
</xsl:for-each>
49179
</div>

0 commit comments

Comments
 (0)