diff --git a/webui/report.php b/webui/report.php
index 528bed1..87cff6a 100644
--- a/webui/report.php
+++ b/webui/report.php
@@ -1,8 +1,8 @@
$name,
'created' => date('Y-m-d H:i:s', filectime($workspaceDir)),
'modified' => date('Y-m-d H:i:s', filemtime($workspaceDir)),
- 'hosts' => [],
- 'ports' => [],
- 'vulnerabilities' => [],
- 'screenshots' => [],
- 'files' => []
+ 'sections' => []
];
-// Get all files in workspace
-function scanWorkspace($dir, $prefix = '')
+// Helper function to read file safely
+function readFileContent($path, $maxLines = 500)
+{
+ if (!file_exists($path) || !is_readable($path)) return null;
+ $content = file_get_contents($path);
+ if ($content === false) return null;
+ // Limit very long files
+ $lines = explode("\n", $content);
+ if (count($lines) > $maxLines) {
+ $content = implode("\n", array_slice($lines, 0, $maxLines));
+ $content .= "\n\n... [Truncated - " . (count($lines) - $maxLines) . " more lines]";
+ }
+ return $content;
+}
+
+// Helper to determine file category
+function categorizeFile($filename)
+{
+ $lower = strtolower($filename);
+ if (strpos($lower, 'nmap') !== false) return 'Port Scans';
+ if (strpos($lower, 'nuclei') !== false) return 'Vulnerability Findings';
+ if (strpos($lower, 'nikto') !== false) return 'Web Server Analysis';
+ if (strpos($lower, 'whatweb') !== false) return 'Technology Detection';
+ if (strpos($lower, 'dns') !== false || strpos($lower, 'subdomain') !== false) return 'DNS & Subdomains';
+ if (strpos($lower, 'whois') !== false) return 'WHOIS Information';
+ if (strpos($lower, 'ssl') !== false || strpos($lower, 'cert') !== false) return 'SSL/TLS Analysis';
+ if (strpos($lower, 'dir') !== false || strpos($lower, 'brute') !== false) return 'Directory Discovery';
+ if (strpos($lower, 'host') !== false) return 'Host Information';
+ if (strpos($lower, 'osint') !== false) return 'OSINT Data';
+ if (strpos($lower, 'screenshot') !== false) return 'Screenshots';
+ return 'Other Findings';
+}
+
+// Recursively scan workspace
+function scanWorkspaceFiles($dir, $prefix = '')
{
$files = [];
- if (is_dir($dir)) {
- $items = scandir($dir);
- foreach ($items as $item) {
- if ($item === '.' || $item === '..') continue;
- $path = $dir . '/' . $item;
- if (is_dir($path)) {
- $files = array_merge($files, scanWorkspace($path, $prefix . $item . '/'));
- } else {
- $files[] = [
- 'name' => $item,
- 'path' => $prefix . $item,
- 'size' => filesize($path),
- 'modified' => filemtime($path)
- ];
- }
+ if (!is_dir($dir)) return $files;
+
+ $items = scandir($dir);
+ foreach ($items as $item) {
+ if ($item === '.' || $item === '..') continue;
+ $path = $dir . '/' . $item;
+ $relativePath = $prefix . $item;
+
+ if (is_dir($path)) {
+ $files = array_merge($files, scanWorkspaceFiles($path, $relativePath . '/'));
+ } else {
+ $ext = strtolower(pathinfo($item, PATHINFO_EXTENSION));
+ // Skip binary and image files for content reading
+ $skipExtensions = ['png', 'jpg', 'jpeg', 'gif', 'pdf', 'zip', 'tar', 'gz', 'exe', 'bin'];
+
+ $files[] = [
+ 'path' => $relativePath,
+ 'fullPath' => $path,
+ 'name' => $item,
+ 'size' => filesize($path),
+ 'category' => categorizeFile($relativePath),
+ 'extension' => $ext,
+ 'isImage' => in_array($ext, ['png', 'jpg', 'jpeg', 'gif']),
+ 'isBinary' => in_array($ext, $skipExtensions)
+ ];
}
}
return $files;
}
-$data['files'] = scanWorkspace($workspaceDir);
+$allFiles = scanWorkspaceFiles($workspaceDir);
-// Parse hosts from nmap directory
-$nmapDir = $workspaceDir . '/nmap';
-if (is_dir($nmapDir)) {
- $nmapFiles = glob($nmapDir . '/*.nmap');
- foreach ($nmapFiles as $file) {
- $content = file_get_contents($file);
- // Extract host info
- if (preg_match('/Nmap scan report for (.+)/', $content, $matches)) {
- $host = trim($matches[1]);
- if (!in_array($host, $data['hosts'])) {
- $data['hosts'][] = $host;
- }
- }
- // Extract ports
- if (preg_match_all('/(\d+)\/(tcp|udp)\s+open\s+(\S+)/', $content, $matches, PREG_SET_ORDER)) {
- foreach ($matches as $match) {
- $data['ports'][] = [
- 'port' => $match[1],
- 'protocol' => $match[2],
- 'service' => $match[3]
- ];
- }
- }
+// Group files by category
+$categorized = [];
+foreach ($allFiles as $file) {
+ $cat = $file['category'];
+ if (!isset($categorized[$cat])) {
+ $categorized[$cat] = [];
}
+ $categorized[$cat][] = $file;
}
-// Get screenshots
-$screenshotDir = $workspaceDir . '/screenshots';
-if (is_dir($screenshotDir)) {
- $screenshots = glob($screenshotDir . '/*.{png,jpg,jpeg,gif}', GLOB_BRACE);
- foreach ($screenshots as $ss) {
- $data['screenshots'][] = basename($ss);
- }
-}
-
-// Parse vulnerabilities from output files
-$outputDir = $workspaceDir . '/output';
-if (is_dir($outputDir)) {
- $vulnFiles = glob($outputDir . '/*nuclei*.txt');
- foreach ($vulnFiles as $file) {
- $lines = file($file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
- foreach ($lines as $line) {
- if (strpos($line, '[') !== false && strpos($line, ']') !== false) {
- $data['vulnerabilities'][] = trim($line);
- }
- }
- }
-}
-
-// Unique ports
-$data['ports'] = array_unique($data['ports'], SORT_REGULAR);
-$data['vulnerabilities'] = array_unique($data['vulnerabilities']);
+// Priority order for sections
+$sectionOrder = [
+ 'Host Information',
+ 'Port Scans',
+ 'Vulnerability Findings',
+ 'Web Server Analysis',
+ 'Technology Detection',
+ 'SSL/TLS Analysis',
+ 'DNS & Subdomains',
+ 'Directory Discovery',
+ 'WHOIS Information',
+ 'OSINT Data',
+ 'Screenshots',
+ 'Other Findings'
+];
+// Generate unique ID for TOC
+$sectionId = 0;
?>
@@ -122,20 +128,24 @@ $data['vulnerabilities'] = array_unique($data['vulnerabilities']);
UltyScan Report - <?php echo htmlspecialchars($name); ?>
-
+
-
+
+