diff --git a/documentation/report/report_fields.txt b/documentation/report/report_fields.txt index 486dd02..96e0f45 100644 --- a/documentation/report/report_fields.txt +++ b/documentation/report/report_fields.txt @@ -64,6 +64,12 @@ 8. functions {function_name} 8.1 format_date +9. notes {note_id} + 9.1 name + 9.2 host_id (or '') + 9.3 html + 9.4 markdown + Functions latex_escape(s: str) -> str # escape string to insert it inside latex template diff --git a/requirements.txt b/requirements.txt index 1adc070..58a6293 100644 --- a/requirements.txt +++ b/requirements.txt @@ -31,6 +31,8 @@ psycopg2-binary==2.9.1 git+https://gitlab.com/invuls/pentest-projects/pcf_tools/qmarkpg_fork Flask-Caching==1.10.1 secure==0.3.0 +markdownify==0.10.1 + #tools python-libnmap==0.7.2 git+https://github.com/bmx0r/python-libnessus/ diff --git a/requirements_unix.txt b/requirements_unix.txt index 62a1f53..6ef11dd 100644 --- a/requirements_unix.txt +++ b/requirements_unix.txt @@ -24,6 +24,8 @@ psycopg2-binary==2.9.1 git+https://gitlab.com/invuls/pentest-projects/pcf_tools/qmarkpg_fork Flask-Caching==1.10.1 secure==0.3.0 +markdownify==0.10.1 + #tools python-libnmap==0.7.2 git+https://github.com/bmx0r/python-libnessus/ diff --git a/requirements_windows.txt b/requirements_windows.txt index 3b628e3..f7c6f5e 100644 --- a/requirements_windows.txt +++ b/requirements_windows.txt @@ -22,6 +22,8 @@ psycopg2-binary==2.9.1 qmarkpg==0.2 Flask-Caching==1.10.1 secure==0.3.0 +markdownify==0.10.1 + #tools python-libnmap==0.7.2 git+https://github.com/bmx0r/python-libnessus/ diff --git a/routes/ui/project.py b/routes/ui/project.py index 3018caa..99463e0 100644 --- a/routes/ui/project.py +++ b/routes/ui/project.py @@ -2628,6 +2628,7 @@ def docx_image(image_id, width=None, height=None): "hostnames": project_dict['hostnames'], "grouped_issues": project_dict['grouped_issues'], "docx_image": docx_image, + "notes": project_dict['notes'], "functions": { "format_date": lambda unix_time, str_format: datetime.datetime.fromtimestamp(int(unix_time)).strftime(str_format), @@ -2721,8 +2722,8 @@ def docx_image(image_id, width=None, height=None): pocs=project_dict['pocs'], ports=project_dict['ports'], hostnames=project_dict['hostnames'], - grouped_issues=project_dict[ - 'grouped_issues'], + grouped_issues=project_dict['grouped_issues'], + notes=project_dict['notes'], latex_escape=latex_str_escape, functions={ "format_date": lambda unix_time, @@ -2808,6 +2809,7 @@ def docx_image(image_id, width=None, height=None): ports=project_dict['ports'], hostnames=project_dict['hostnames'], grouped_issues=project_dict['grouped_issues'], + notes=project_dict['notes'], latex_escape=latex_str_escape, functions={ "format_date": lambda unix_time, diff --git a/system/db.py b/system/db.py index ab742ce..201e39c 100644 --- a/system/db.py +++ b/system/db.py @@ -11,6 +11,7 @@ import psycopg2 from base64 import b64encode import qmarkpg +from markdownify import markdownify class Database: @@ -1115,6 +1116,13 @@ def select_project_notes(self, project_id, host_id=''): result = self.return_arr_dict() return result + def select_all_project_notes(self, project_id): + self.execute( + '''SELECT * FROM Notes WHERE project_id=?''', + (project_id,)) + result = self.return_arr_dict() + return result + def select_project_note(self, project_id, note_id): self.execute( '''SELECT * FROM Notes WHERE project_id=? and id = ? ''', @@ -2430,6 +2438,22 @@ def select_report_info_sorted(self, project_id): result['grouped_issues'][ result['issues'][issue_id]['name']].append(issue_id) + # notes + result['notes'] = {} + notes = self.select_all_project_notes(project_id) + for note in notes: + result['notes'][note['id']] = { + 'name': note['name'], + 'host_id': note['host_id'], + 'html': note['text'], + 'markdown': '', + 'base64': base64.b64encode(note['text'].encode('charmap')).decode('charmap') + } + try: + result['notes'][note['id']]['markdown'] = markdownify(note['text']) + except Exception as e: + pass + print(result['notes']) return result def insert_token(self, user_id, name='', create_date=0,