Solved

Rendering XML in HTML

Posted on 2009-04-09
9
2,532 Views
Last Modified: 2012-05-06
OK...So I have an XML document that I would like to parse and represent in simple HTML format via AJAX.  I have the structure already in place however I am having difficulty showing all sub-elements.  

Basically, I have a Vulnerability scan output generated in XML from a Vulnerability scanner called Retina.  The XML structure is fine and is structured such as:

- <scanJob>
- <hosts>
+ <host>
  <ip>192.168.1.101</ip>
  <netBIOSName>N/A</netBIOSName>
  <dnsName>LAB-Quack1</dnsName>
  <mac>N/A</mac>
  <os>Windows Server 2003</os>
- <audit>
  <rthID>1226</rthID>
  <cve>N/A</cve>
  <name>No Remote Registry Access Available</name>
  <description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed.<BR><BR>By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
  </audit>
- <audit>
  <rthID>6799</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Password Complexity</name>
  <description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
  </audit>
- <audit>
  <rthID>6798</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
  <description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
  </audit>
  </host>
- <host>
  <ip>192.168.1.102</ip>
  <netBIOSName>N/A</netBIOSName>
  <dnsName>LAB-Quack2</dnsName>
  <mac>N/A</mac>
  <os>Windows Server 2003</os>
- <audit>
  <rthID>1226</rthID>
  <cve>N/A</cve>
  <name>No Remote Registry Access Available</name>
  <description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed.<BR><BR>By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
  </audit>
- <audit>
  <rthID>6799</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Password Complexity</name>
  <description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
  </audit>
- <audit>
  <rthID>6798</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
  <description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
  </audit>
  </host>
- <host>
  <ip>192.168.1.103</ip>
  <netBIOSName>N/A</netBIOSName>
  <dnsName>LAB-Quack3</dnsName>
  <mac>N/A</mac>
  <os>Windows Server 2003</os>
- <audit>
  <rthID>1226</rthID>
  <cve>N/A</cve>
  <name>No Remote Registry Access Available</name>
  <description>This alert is only to notify you that Retina was not able to access the remote system's registry. Without registry access, Retina will still be able to remotely audit for vulnerabilities, although having access to the remote registry does provide Retina with the ability to verify if specific security patches are installed.<BR><BR>By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>Ensure that the system has remote registry capabilities enabled, and that you have administrative rights on the system.</fixInformation>
  </audit>
- <audit>
  <rthID>6799</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Password Complexity</name>
  <description>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that password complexity requirements are enforced.</fixInformation>
  </audit>
- <audit>
  <rthID>6798</rthID>
  <cve>N/A</cve>
  <name>Verify Microsoft Windows Anonymous SID/Name Translation</name>
  <description>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</description>
  <date>03/18/2009</date>
  <risk>Information</risk>
  <pciLevel>1 (Low)</pciLevel>
  <cvssScore>N/A</cvssScore>
  <fixInformation>This is an informational check. Manually check to ensure that Anonymous SID/Name Translation is disabled.</fixInformation>
  </audit>
  </host>
  </hosts>
  </scanJob>


What I have for the current method of rendering is in the code block below.  The problem is that when it renders the HTML, only the first Audit Node(branch, whatever, I am really not sure what its called) is shown and not the additional "Audit" findings under that particular IP address.  I am assuming that I need to add another Array, but since I got help with the code in the first place I am not really sure how to implement it.  In the future though I would like the generated HTML to list by Vulnerability and group the individual IPs under that particular vulnerability.

Any help would be greatly appreciated.  Also, please try not to make too many changes that are a drastic departure from what I already have and if you do can you describe it as much detail as possible.  I sincerely appreciate it.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

	<title>Untitled Document</title>

	<script type="text/javascript">

	    function _xml_loadDocument(path) {

	    	var xmlDoc;

			try { // IE

				xmlDoc = new ActiveXObject("Microsoft.XMLDOM");

			}

			catch (ex) {

				try { // Gecko

					xmlDoc = document.implementation.createDocument("","",null);

				}

				catch (ex) {

					alert('Your browser cannot handle this script');

				}

			}

			xmlDoc.async = false;

			xmlDoc.load(path);

			return xmlDoc;

		}

 

		

		//make the table
 

		function renderTableBody(parentElement) {

			var tableEl = parentElement.appendChild(document.createElement('TABLE'));

			tableEl.cellPadding = '10';

			tableEl.style.width = '100%';

 

			var tableBody = tableEl.appendChild(document.createElement('TBODY'));

 

			// Render header cells.

			var headerRow = tableBody.appendChild(document.createElement('TR'));

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'IP';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'DNS Name';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Operating System';			

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'CVE';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Vulnerability Name';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Description';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Risk';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Solution';

			

 

			return tableBody;

		}

		function renderColumn(hostRow, host, name) {

			var lookupNode = host.getElementsByTagName(name)[0];

			if (lookupNode && lookupNode.childNodes[0]) {

				var nodeValue = lookupNode.childNodes[0].nodeValue;

				hostRow.appendChild(document.createElement('TD')).innerHTML = nodeValue;

			}

		}

		function renderhost(tableBody, host) {

			var hostRow = tableBody.appendChild(document.createElement('TR'));

			
 
 

			renderColumn(hostRow, host, 'ip');

			renderColumn(hostRow, host, 'dnsName');

			renderColumn(hostRow, host, 'os');

			renderColumn(hostRow, host, 'cve');

			renderColumn(hostRow, host, 'name');

			renderColumn(hostRow, host, 'description');

			renderColumn(hostRow, host, 'risk');

			renderColumn(hostRow, host, 'fixInformation');

			

		}

 

		function renderXML(path, parentElement) {

			try {

				var xmlDoc = _xml_loadDocument(path);

				var tableBody = renderTableBody(parentElement || document.body);

 

				var xmlhosts = xmlDoc.getElementsByTagName("host");

				for (var i = 0; i < xmlhosts.length; ++i) {

					renderhost(tableBody, xmlhosts[i]);

				}

			}

			catch (ex) {

				alert('Your browser cannot handle this script');

			}

		}

	</script>

</head>

<body onload="renderXML('sampleRetina.xml');">

	

</body>

</html>

Open in new window

0
Comment
Question by:shark1998
  • 4
  • 3
9 Comments
 
LVL 4

Expert Comment

by:webopius
Comment Utility
Hi,

Try changing your renderhost() function to match the code snippet I've included. Sorry, had to change the code only a small bit!

I've formatting the host information with '..' to stop the same information being repeated for each <audit> line but you can easily remove this if you don't like it.

Best of luck with your project.
Adam
function renderhost(tableBody, host) {

		var xmlaudit = host.getElementsByTagName("audit");

		for (var i = 0; i < xmlaudit.length; ++i) {

					   

			var hostRow = tableBody.appendChild(document.createElement('TR'));

		

			if (i==0) {

				renderColumn(hostRow, host, 'ip');

				renderColumn(hostRow, host, 'dnsName');

				renderColumn(hostRow, host, 'os');

			} else {

			

				hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

				hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

				hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

			}

			

			renderColumn(hostRow, xmlaudit[i], 'cve');

			renderColumn(hostRow, xmlaudit[i], 'name');

			renderColumn(hostRow, xmlaudit[i], 'description');

			renderColumn(hostRow, xmlaudit[i], 'risk');

			renderColumn(hostRow, xmlaudit[i], 'fixInformation');

			

		}

}

Open in new window

0
 
LVL 28

Expert Comment

by:sybe
Comment Utility
You could also display it in an iframe with contenttype="text/xml". The browser wil do the rendering then. Makes things a lot easier for you.
0
 

Author Comment

by:shark1998
Comment Utility
Webopius,

I liked your solution.  Now, is there a way to filter only the "Audits" with a "risk" rating of "High" and "Medium"?

I tried my hand at it but am missing something.  I added a variable for the riskRating and an "if" statement of "if (host.riskRating=='Medium' || 'High') {" but it doesn't seem to do the trick.  

Keep it up.  I am learning something here and am excited as hell.

function renderhost(tableBody, host) {
            var xmlaudit = host.getElementsByTagName('audit');
            var riskRating = host.getElementsByTagName('risk');
            if (host.riskRating=='Medium' || 'High') {
            for (var i = 0; i < xmlaudit.length; ++i) {
                                
                  var hostRow = tableBody.appendChild(document.createElement('TR'));
            
                  if (i==0) {
                        renderColumn(hostRow, host, 'ip');
                        renderColumn(hostRow, host, 'dnsName');
                        renderColumn(hostRow, host, 'os');
                        renderColumn(hostRow, host, 'cve');
                        renderColumn(hostRow, host, 'name');
                        renderColumn(hostRow, host, 'description');
                        renderColumn(hostRow, host, 'risk');
                        renderColumn(hostRow, host, 'fixInformation');
                  } else {
                  
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                        hostRow.appendChild(document.createElement('TD')).innerHTML = ' ';
                  }
                  
                  
                  
            }
            }
             }
0
 
LVL 4

Accepted Solution

by:
webopius earned 500 total points
Comment Utility
Here you go [code snippet included]. The original xml file you didn't have any 'Medium' or 'High' audits so I've assumed that these values appear in the <risk> element. You can change this if needed.

This time, I've added some comment lines as pointers to what is going on.


function renderhost(tableBody, host) {

	// Get all the 'audit' elements within the host

	var xmlaudit = host.getElementsByTagName("audit");

	// Go through each one

	var heading = false;

	for (var i = 0; i < xmlaudit.length; ++i) {

				 

	   // Determine the risk level of this audit item   

	   var risklevel = xmlaudit[i].getElementsByTagName('risk')[0].childNodes[0].nodeValue;

	   // We only care about Medium or High

	   if ((risklevel == 'Medium') || (risklevel == 'High')) {

		var hostRow = tableBody.appendChild(document.createElement('TR'));

			

		// If we haven't shown the host details already, show them

		if (heading==false) {

			heading = true;

			renderColumn(hostRow, host, 'ip');

			renderColumn(hostRow, host, 'dnsName');

			renderColumn(hostRow, host, 'os');

		} else {

		// Otherwise, show blank fields for host details as they are shown above this row

					hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

					hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

					hostRow.appendChild(document.createElement('TD')).innerHTML = '..';

				}

				

			// Now show the audit results...

				

			renderColumn(hostRow, xmlaudit[i], 'cve');

			renderColumn(hostRow, xmlaudit[i], 'name');

			renderColumn(hostRow, xmlaudit[i], 'description');

			renderColumn(hostRow, xmlaudit[i], 'risk');

			renderColumn(hostRow, xmlaudit[i], 'fixInformation');

		}

	}

}

 

Open in new window

0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:shark1998
Comment Utility
Friggin awesome.  I will try it out later.  

P.S.  Do you recommend any books or lessons on AJAX from which I can learn to do stuff like this?
0
 
LVL 4

Expert Comment

by:webopius
Comment Utility
I think in the main, the best technical books, including Ajax are from O'Reilly.
Adam
Webopius.com
0
 
LVL 4

Expert Comment

by:webopius
Comment Utility
I think in the main, the best technical books, including Ajax are from O'Reilly.

0
 

Author Comment

by:shark1998
Comment Utility
What I have for the current method of rendering is in the code block below.  It works great however I would like to add a few other options such as:

1)  Have the "ReportHostRow.appendChild(document.createElement('TD')).innerHTML = 'Nessus #';" row auto increment to look like "Nessus-1", "Nessus-2", etc.  I tried a for loop and it worked but only showed the selected rows with a severity level of "2" or "3".  I just want it to list 1, 2, 3, etc before it is filtered according to the severity level.  Is that possible?

2)  I would like to combine the 'pluginName' and 'data' elements of the XML into one cell for each row under the ReportHostRow. So that it would look so the titel (in XML document its 'pluginName') is bold and a space is below it for the Detailed Data (in XML document its 'data')

      <b>Windows Remote Desktop was found</b></br>      
       It may be possible to get access to the remote host. \n\nDescription :\n\nThe remote version of Remote Desktop  
       Protocol Server (Terminal\nService) is vulnerable to a man in the middle attack.


I got help with the code in the first place I am not really sure how to implement it.  Any help would be greatly appreciated.  Also, please try not to make too many changes that are a drastic departure from what I already have and if you do can you describe it as much detail as possible.  I sincerely appreciate it.


<NessusClientData>
<Report>
<ReportName>09/03/18 08:14:55 AM - Default scan policy</ReportName>
<ReportHost>
<HostName>192.168.1.101</HostName>
<startTime>Wed Mar 18 08:14:55 2009</startTime>
<stopTime>Wed Mar 18 10:23:47 2009</stopTime>
<netbios_name>Server1</netbios_name>
<mac_addr>(unknown)</mac_addr>
<dns_name>SERVER1.</dns_name>
<os_name>Microsoft Windows Server 2003, Enterprise Edition (English)</os_name>
<num_ports>16</num_ports>
<num_lo>57</num_lo>
<num_med>1</num_med>
<num_hi>0</num_hi>

<ReportItem>
<port>general/tcp</port>
<severity>1</severity>
<pluginID>10180</pluginID>
<pluginName>Ping the remote host</pluginName>
<data>The remote host is up\n</data>
</ReportItem>

<ReportItem>
<port>ms-wbt-server (3389/tcp)</port>
<severity>2</severity>
<pluginID>18405</pluginID>
<pluginName>Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability</pluginName>
<data>Synopsis :\n\nIt may be possible to get access to the remote host. \n\nDescription :\n\nThe remote version of Remote Desktop Protocol Server (Terminal\nService) is vulnerable to a man

in the middle attack. \n\nAn attacker may exploit this flaw to decrypt communications between\nclient and server and obtain sensitive information (passwords, ...). \n\nSolution :\n\nForce the use

of SSL as a transport layer for this service.\n\nSee also :\n\nhttp://www.oxid.it/downloads/rdp-gbu.pdf\nhttp://technet.microsoft.com/en-us/library/cc782610.aspx\n\nRisk factor :\n\nMedium /

CVSS Base Score : 5.1\n(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)\nCVE : CVE-2005-1794, CVE-2005-1794\nBID : 13818, 13818\n</data>
</ReportItem>

<ReportItem>
<port>ms-wbt-server (3389/tcp)</port>
<severity>3</severity>
<pluginID>30218</pluginID>
<pluginName>Terminal Services Encryption Level is not FIPS-140 compliant</pluginName>
<data>\nSynopsis :\n\nThe remote host is

not FIPS-140 compliant.\n\nDescription :\n\nThe remote host is running Terminal Services Server. The encryption settings\nused by the remote service is not FIPS-140 compliant.\n\nSolution

:\n\nChange RDP encryption level to :\n 4. FIPS Compliant\n\nRisk factor :\n\nLow / CVSS Base Score : 2.6 \n(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\nPlugin output :\nThe terminal services

encryption level is set to:\n2. Medium (Client Compatbile)\n</data>
</ReportItem>
<ReportItem>
<port>general/tcp</port>
<severity>1</severity>
<pluginID>10899</pluginID>
<pluginName>Users information : User has never logged in</pluginName>
<data>Synopsis :\n\nAt least one user has never logged in to his / her account. \n\nDescription :\n\nUsing the

supplied credentials, it is possible to list users who have\nnever logged into their accounts. \n\nSolution :\n\nDelete accounts that are not needed.\n\nRisk factor :\n\nNone\n\nPlugin output

:\n\nThe following user has never logged in :\n\n  - Guest\n\n</data>
</ReportItem>
<ReportItem>
<port>general/tcp</port>
<severity>1</severity>
<pluginID>10900</pluginID>
<pluginName>Users information : Passwords never expires</pluginName>
<data>Synopsis :\n\nAt least one user has a password that never expires. \n\nDescription :\n\nUsing the supplied

credentials, it is possible to list users whose\npasswords never expire. \n\nSolution :\n\nAllow / require users to change their passwords regularly. \n\nRisk factor :\n\nNone\n\nPlugin output

:\n\nThe following user has a password that never expires :\n\n  - Guest\n\n</data>
</ReportItem>
<ReportItem>
<port>general/tcp</port>
<severity>1</severity>
<pluginID>10897</pluginID>
<pluginName>Users information : disabled accounts</pluginName>
<data>Synopsis :\n\nAt least one user account has been disabled.\n\nDescription :\n\nUsing

the supplied credentials, it is possible to list user accounts\nthat have been disabled. \n\nSolution :\n\nDelete accounts that are no longer needed.\n\nRisk factor :\n\nNone\n\nPlugin output

:\n\nThe following user account has been disabled :\n\n  - Guest\n\n</data>
</ReportItem>
<ReportItem>
<port>prismiq-plugin (3650/tcp)</port>
<severity>1</severity>
<pluginID>22319</pluginID>
<pluginName>MSRPC Service Detection</pluginName>
<data>Synopsis :\n\nA DCE/RPC server is listening on the remote host. \n\nDescription :\n\nThe remote

host is running a Windows RPC service. This service\nreplies to the RPC Bind Request with a Bind Ack response.\n\nHowever it is not possible to determine the uuid of this service.\n\nRisk factor

:\n\nNone\n</data>
</ReportItem>
<ReportItem>
<port>microsoft-ds (445/tcp)</port>
<severity>1</severity>
<pluginID>17662</pluginID>
<pluginName>SMB Registry : Windows

2003 Server SP2</pluginName>
<data>\nSynopsis :\n\nThe remote system has the latest service pack installed.\n\nDescription :\n\nBy reading the registry key

HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\CSDVersion\nit was possible to determine the Service Pack version of the Windows 2003\nsystem.\n\nRisk factor

:\n\nNone\n\nPlugin output :\n\nThe remote Windows 2003 system has Service Pack 2 applied.\n\nCVE : CVE-1999-0662, CVE-2007-1537\nBID : 12969, 12972, 13008, 23025\n</data>
</ReportItem>
<ReportItem>
<port>microsoft-ds (445/tcp)</port>
<severity>1</severity>
<pluginID>20811</pluginID>
<pluginName>Software Enumeration (via

SMB)</pluginName>
<data>\nSynopsis :\n\nIt is possible to enumerate installed software.\n\nDescription :\n\nThis plugin lists software installed on the remote host by crawling\nthe registry

entries in :\nHKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\n\nSolution : \n\nRemove software that are not compliant with your company policy.\n\nRisk factor :

\n\nNone\n\nPlugin output :\n\nThe following software are installed on the remote host :\n\nHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  [version 1]\nHotfix for Microsoft .NET

Framework 3.5 SP1 (KB958484)  [version 1]\nHotfix for Windows Server 2003 (KB915800-v9)  [version 9]\nHotfix for Windows Server 2003 (KB961118)  [version 1]\nHotfix for Windows XP

(KB954550-v5)  [version 5]\nIBM 32-bit Runtime Environment for Java 2, v5.0  [version 5.0]\nIBM Tivoli Monitoring  [version 621]\nIBM WebSphere Eclipse Platform V3.0  [version 3.0.1]\nIBM

WebSphere MQ  [version 6.0]\nMSXML 4.0 SP2 (KB954430)  [version 4.20.9870.0]\nMSXML 6 Service Pack 2 (KB954459)  [version 6.20.1099.0]\nMcAfee Agent  [version 4.0.0.1180]\nMcAfee

AntiSpyware Enterprise Module  [version 8.5.0.163]\nMcAfee VirusScan Enterprise  [version 8.6.0]\nMicrosoft .NET Framework 2.0 Service Pack 2  [version 2.2.30729]\nMicrosoft .NET Framework

3.0 Service Pack 2  [version 3.2.30729]\nMicrosoft .NET Framework 3.5 SP1  [version 3.5.30729]\nMicrosoft Internationalized Domain Names Mitigation APIs\nMicrosoft National Language Support

Downlevel APIs\nMicrosoft Silverlight  [version 2.0.31005.0]\nSecurity Update for Windows Internet Explorer 7 (KB938127)  [version 1]\nSecurity Update for Windows Internet Explorer 7

(KB958215)  [version 1]\nSecurity Update for Windows Internet Explorer 7 (KB960714)  [version 1]\nSecurity Update for Windows Internet Explorer 7 (KB961260)  [version 1]\nSecurity Update for

Windows Media Player 6.4 (KB925398)\nSecurity Update for Windows Server 2003 (KB924667-v2)  [version 2]\nSecurity Update for Windows Server 2003 (KB925902-v2)  [version 2]\nSecurity

Update for Windows Server 2003 (KB926122)  [version 1]\nSecurity Update for Windows Server 2003 (KB929123)  [version 1]\nSecurity Update for Windows Server 2003 (KB930178)  [version

1]\nSecurity Update for Windows Server 2003 (KB932168)  [version 1]\nSecurity Update for Windows Server 2003 (KB933729)  [version 1]\nSecurity Update for Windows Server 2003 (KB933854)  

[version 1]\nSecurity Update for Windows Server 2003 (KB935839)  [version 1]\nSecurity Update for Windows Server 2003 (KB935840)  [version 1]\nSecurity Update for Windows Server 2003

(KB936782)  [version 1]\nSecurity Update for Windows Server 2003 (KB938127)  [version 1]\nSecurity Update for Windows Server 2003 (KB938464)  [version 1]\nSecurity Update for Windows

Server 2003 (KB941569)  [version 1]\nSecurity Update for Windows Server 2003 (KB943055)  [version 1]\nSecurity Update for Windows Server 2003 (KB943460)  [version 1]\nSecurity Update for

Windows Server 2003 (KB943485)  [version 1]\nSecurity Update for Windows Server 2003 (KB944338-v2)  [version 2]\nSecurity Update for Windows Server 2003 (KB944653)  [version

1]\nSecurity Update for Windows Server 2003 (KB945553)  [version 1]\nSecurity Update for Windows Server 2003 (KB946026)  [version 1]\nSecurity Update for Windows Server 2003 (KB950762)  

[version 1]\nSecurity Update for Windows Server 2003 (KB950974)  [version 1]\nSecurity Update for Windows Server 2003 (KB951066)  [version 1]\nSecurity Update for Windows Server 2003

(KB951698)  [version 1]\nSecurity Update for Windows Server 2003 (KB951748)  [version 1]\nSecurity Update for Windows Server 2003 (KB952069)  [version 1]\nSecurity Update for Windows

Server 2003 (KB952954)  [version 1]\nSecurity Update for Windows Server 2003 (KB954211)  [version 1]\nSecurity Update for Windows Server 2003 (KB954600)  [version 1]\nSecurity Update for

Windows Server 2003 (KB955069)  [version 1]\nSecurity Update for Windows Server 2003 (KB956391)  [version 1]\nSecurity Update for Windows Server 2003 (KB956802)  [version 1]\nSecurity

Update for Windows Server 2003 (KB956803)  [version 1]\nSecurity Update for Windows Server 2003 (KB956841)  [version 1]\nSecurity Update for Windows Server 2003 (KB957095)  [version

1]\nSecurity Update for Windows Server 2003 (KB957097)  [version 1]\nSecurity Update for Windows Server 2003 (KB958215)  [version 1]\nSecurity Update for Windows Server 2003 (KB958644)  

[version 1]\nSecurity Update for Windows Server 2003 (KB958687)  [version 1]\nSecurity Update for Windows Server 2003 (KB958690)  [version 1]\nSecurity Update for Windows Server 2003

(KB960225)  [version 1]\nSecurity Update for Windows Server 2003 (KB960715)  [version 1]\nUpdate for Windows Server 2003 (KB925876)  [version 2]\nUpdate for Windows Server 2003

(KB927891)  [version 5]\nUpdate for Windows Server 2003 (KB936357)  [version 1]\nUpdate for Windows Server 2003 (KB943729)\nUpdate for Windows Server 2003 (KB948496)  [version

1]\nUpdate for Windows Server 2003 (KB955839)  [version 1]\nUpdate for Windows Server 2003 (KB967715)  [version 1]\nVMware Tools  [version 3.1.2.7966]\nVeritas NetBackup Client  [version

6.5.0]\nWindows Imaging Component  [version 3.0.0.0]\nWindows Internet Explorer 7  [version 20070813.185237]\nWindows Presentation Foundation  [version 3.0.6920.0]\nWindows Resource

Kit Tools - SubInAcl.exe  [version 5.2.3790.1164]\nWindows Search 4.0  [version 04.00.6001.503]\nXML Paper Specification Shared Components Pack 1.0\n\n</data>
</ReportItem>
<ReportItem>
<port>microsoft-ds (445/tcp)</port>
<severity>3</severity>
<pluginID>11777</pluginID>
<pluginName>SMB share hosting copyrighted material</pluginName>
<data>\n\nSynopsis :\n\nThe remote host seems to contain material (movies/audio) infringing \ncopyright.\n\nDescription :\n\nThis plugin displays a list of files which have been found on the

\nremote SMB shares.\n\nSome of these files may contain copyrighted materials, such as commercial\nmovies or music files. \n\nIf any of this file actually contains copyrighted material and

if\nthey are freely swapped around, your organization might be held liable\nfor copyright infringement by associations such as the RIAA or the MPAA.\n\nSolution :\n\nDelete the files infringing

copyright.\n\nRisk factor :\n\nNone\n\nPlugin output : \n\nHere is a list of files which have been found on the remote SMB shares.\nSome of these files may contain copyrighted materials, such as

commercial\nmovies or music files.\n\nIf any of this file actually contains copyrighted material and if\nthey are freely swapped around, your organization might be held liable\nfor copyright

infringement by associations such as the RIAA or the MPAA.\n\n + C$

:\n\n\\ibm\\webspheremq\\bin\\amqpdf2b.avi\n\\ibm\\webspheremq\\bin\\amqpdb2f.avi\n\\ibm\\webspheremq\\bin\\amqpcfrn.avi\n\\ibm\\webspheremq\\bin\\amqpcf2b.avi\n\\ibm\\websphere

mq\\bin\\amqpcb2f.avi\n\\esbsoftware\\ibm\\wmqv6.0\\server\\msi\\bin\\amqpdf2b.avi\n\\esbsoftware\\ibm\\wmqv6.0\\server\\msi\\bin\\amqpdb2f.avi\n\\esbsoftware\\ibm\\wmqv6.0\\server\\

msi\\bin\\amqpcfrn.avi\n\\esbsoftware\\ibm\\wmqv6.0\\server\\msi\\bin\\amqpcf2b.avi\n\\esbsoftware\\ibm\\wmqv6.0\\server\\msi\\bin\\amqpcb2f.avi\n\n\n\n</data>

</ReportItem>

</ReportHost>
<ReportHost>
<HostName>192.168.1.100</HostName>
<startTime>Wed Mar 18 11:34:26 2009</startTime>
<stopTime></stopTime>
<netbios_name>SERVER3</netbios_name>
<mac_addr>(unknown)</mac_addr>
<dns_name>(unknown)</dns_name>
<os_name>(unknown)</os_name>
<num_ports>0</num_ports>
<num_lo>0</num_lo>
<num_med>0</num_med>
<num_hi>0</num_hi>
</ReportHost>

<ReportHost>
<HostName>192.168.1.103</HostName>
<startTime>Wed Mar 18 09:58:08 2009</startTime>
<stopTime></stopTime>
<netbios_name>Server2</netbios_name>
<mac_addr>(unknown)</mac_addr>
<dns_name>(unknown)</dns_name>
<os_name>(unknown)</os_name>
<num_ports>14</num_ports>
<num_lo>18</num_lo>
<num_med>1</num_med>
<num_hi>0</num_hi>
<ReportItem>
<port>general/tcp</port>
<severity>3</severity>
<pluginID>10180</pluginID>
<pluginName>Ping the remote host</pluginName>
<data>The remote host is up\n</data>
</ReportItem>
<ReportItem>
<port>netbios-ssn (139/tcp)</port>
<severity>1</severity>
<pluginID>11011</pluginID>
<pluginName>SMB Detection</pluginName>
<data>\nSynopsis :\n\nA file / print sharing service is listening on the remote host. \n\nDescription :\n\nThe remote service understands the CIFS (Common Internet File System)\nor Server

Message Block (SMB) protocol, used to provide shared access\nto files, printers, etc between nodes on a network. \n\nRisk factor : \n\nNone\n\nPlugin output :\n\nAn SMB server is running on

this port.\n\n</data>
</ReportItem>
</ReportHost>
</Report>
</NessusClientData>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

	<title>Untitled Document</title>

	<script type="text/javascript">

	    function _xml_loadDocument(path) {

	    	var xmlDoc;

			try { // IE

				xmlDoc = new ActiveXObject("Microsoft.XMLDOM");

			}

			catch (ex) {

				try { // Gecko

					xmlDoc = document.implementation.createDocument("","",null);

				}

				catch (ex) {

					alert('Your browser cannot handle this scrHostNamet');

				}

			}

			xmlDoc.async = false;

			xmlDoc.load(path);

			return xmlDoc;

		}

 

		//make the table
 

		function renderTableBody(parentElement) {

			var tableEl = parentElement.appendChild(document.createElement('TABLE'));

			tableEl.cellPadding = '5';

			tableEl.style.textAlign = "left";

 

			var tableBody = tableEl.appendChild(document.createElement('TBODY'));

 

			// Render header cells.

					

			var headerRow = tableBody.appendChild(document.createElement('TR'));

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Finding Number';

			headerRow.appendChild(document.createElement('TD')).innerHTML  = 'NIST 800-53 / DHS Control Severity';

			headerRow.appendChild(document.createElement('TD')).innerHTML  = 'Machine Name';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'IP Address';		

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Severity';			

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Finding (pluginname + Data)';

			headerRow.appendChild(document.createElement('TD')).innerHTML = 'Details';

			//headerRow.appendChild(document.createElement('TD')).innerHTML = 'Details\n'.replace(/\n/g,'TEST');

			//headerRow.appendChild(td).style.color='red').innerHTML= 'Details';

 			//redColor.style.color = "red";		
 
 

			return tableBody;

		}

		

		function renderColumn(ReportHostRow, ReportHost, name) {

			var lookupNode = ReportHost.getElementsByTagName(name)[0];

			if (lookupNode && lookupNode.childNodes[0]) {

				var nodeValue = lookupNode.childNodes[0].nodeValue;

				ReportHostRow.appendChild(document.createElement('TD')).innerHTML = nodeValue;

			}

		}

		

	

	

	function renderReportHost(tableBody, ReportHost) {

		// Get all the 'ReportItem' elements within the ReportHost

		var xmlReportItem = ReportHost.getElementsByTagName("ReportItem");

		

		// Go through each one

		var heading = false;

		for (var i = 0; i < xmlReportItem.length; ++i) {

			 

	   	// Determine the severity level of this ReportItem item   

	   	var severitylevel = xmlReportItem[i].getElementsByTagName('severity')[0].childNodes[0].nodeValue;

	  	

		 // We only care about Medium or High

	  	 if ((severitylevel == '2') || (severitylevel == '3')) {

		var ReportHostRow = tableBody.appendChild(document.createElement('TR'));

			

		// If we haven't shown the ReportHost details already, show them

		if (heading==false) {

			heading = true;

			ReportHostRow.appendChild(document.createElement('TD')).innerHTML = 'Nessus #';	

			ReportHostRow.appendChild(document.createElement('TD')).innerHTML = 'SI-2';

			//DNS Name

			renderColumn(ReportHostRow, ReportHost, 'netbios_name');

			//IP Address

			renderColumn(ReportHostRow, ReportHost, 'HostName');
 

			

		} else {

		// Otherwise, show blank fields for ReportHost details as they are shown above this row

					ReportHostRow.appendChild(document.createElement('TD')).innerHTML = ' ';

					ReportHostRow.appendChild(document.createElement('TD')).innerHTML = ' ';

					ReportHostRow.appendChild(document.createElement('TD')).innerHTML = ' ';

					ReportHostRow.appendChild(document.createElement('TD')).innerHTML = ' ';

					

				}

				

			// Now show the ReportItem results...

			renderColumn(ReportHostRow, xmlReportItem[i], 'severity');

			renderColumn(ReportHostRow, xmlReportItem[i], 'pluginName');

			renderColumn(ReportHostRow, xmlReportItem[i], 'data');

			

			

				}

			}

		}
 

		function renderXML(path, parentElement) {

			try {

				var xmlDoc = _xml_loadDocument(path);

				var tableBody = renderTableBody(parentElement || document.body);

 				var xmlReportHosts = xmlDoc.getElementsByTagName("ReportHost");

				for (var i = 0; i < xmlReportHosts.length; ++i) {

					renderReportHost(tableBody, xmlReportHosts[i]);

				}

			}

			catch (ex) {

				alert('Your browser cannot handle this scrHostNamet');

			}

		}

	</script>

</head>

<body onload="renderXML('NessusSmall.xml');">

	

</body>

</html>

Open in new window

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Introduction A frequently asked question goes something like this:  "I am running a long process in the background and I want to alert my client when the process finishes.  How can I send a message to the browser?"  Unfortunately, the short answer …
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now