-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathsetup.php
726 lines (624 loc) · 28.6 KB
/
setup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
<?php
/**
* File: setup.php
* Author: Ryan Prather <ryan.prather@cyberperspectives.com>
* Purpose: Allow setup process for new installations
* Created: Nov 28, 2017
*
* Copyright 2017: Cyber Perspective, LLC, All rights reserved
* Released under the Apache v2.0 License
*
* See license.txt for details
*
* Change Log:
* - Nov 28, 2017 - File created
* - Dec 27, 2017 - Added check for local mysql server and empty root password, updated include path to display root path
* - Apr 29, 2018 - Updated 3rd party libraries
* - May 10, 2018 - Added root confirmation password validation (bug #412)
*/
set_time_limit(0);
include_once 'helper.inc';
/**
* check for PHP settings
* 1. is openssl installed and running?
* 2. is mysqli installed and running?
* 3. is ZipArchive class installed?
* 4. is the request_order set correctly? GPCS?
* 5. is root, inc, and classes folders in include_path
*/
$fail = false;
$config = file_get_contents(dirname(__FILE__) . "/config.inc");
if (version_compare(PHP_VERSION, '7.1') < 0) {
print "The minimum version of PHP necessary is 7.1, please upgrade to continue<br />";
$fail = true;
}
if (!is_writable(dirname(__FILE__))) {
print <<<EOO
The Apache user requires write access to all directories in the document root, please make sure that all permissions are as follows:
Directories = rwx
Files = rw
On *nix: find ./ -type d -exec chmod 775 {} \; && find ./ -type f -exec chmod 665 {} \;
EOO;
die();
}
if (!is_writable(dirname(__FILE__) . "/config.inc")) {
die("Sagacity needs write access to the config.inc file in the document root");
}
if(!is_writable(dirname(__FILE__) . "/inc")) {
die("Sagacity needs write access to the /inc directory to create the encrypted password file");
}
if(!file_exists(dirname(__FILE__) . "/logs")) {
mkdir(dirname(__FILE__) . "/logs");
}
elseif(!is_writable(dirname(__FILE__) . "/logs")) {
die("Sagacity needs write access to the /logs directory to create system and scanner log files");
}
if (!function_exists('openssl_encrypt')) {
print <<<EOO
The PHP OpenSSL module is not install or enabled.<br />
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this. If you know it's installed, restart Apache and see if that works.<br /><br />
EOO;
$fail = true;
}
else {
$algorithms = ["aes-256-cbc-hmac-sha256", "aec-256-cbc-hmac-sha1", "aes-256-cbc"];
$ciphers = array_map('strtolower', openssl_get_cipher_methods());
if (in_array($algorithms[0], $ciphers)) {
$idx = 0;
}
elseif (in_array($algorithms[1], $ciphers)) {
$idx = 1;
}
elseif (in_array($algorithms[2], $ciphers)) {
$idx = 2;
}
else {
print <<<EOO
The needed encryption algorithm is not available please install one of the following:
EOO;
print implode("<br />", $algorithms);
$fail = true;
}
if (!$fail) {
my_str_replace("{ALGORITHM}", $algorithms[$idx], $config);
$salt = base64_encode(openssl_random_pseudo_bytes(32));
my_str_replace("{SALT}", $salt, $config);
file_put_contents(dirname(__FILE__) . "/config.inc", $config);
}
}
if (!class_exists('mysqli')) {
print <<<EOO
The PHP mysqli module is not installed or enabled.<br />
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this. If you know it's installed, retstart Apache and try again<br /><br />
EOO;
$fail = true;
}
if (!class_exists('ZipArchive')) {
print <<<EOO
The PHP ZipArchive module is not installed or enabled.<br />
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this.<br /><br />
EOO;
$fail = true;
}
if (strtolower(substr(PHP_OS, 0, 3)) == "win" && !class_exists("COM")) {
print <<<EOO
The Component Object Model (COM) class is not available. Please make sure it is installed and enabled<br />
Visit <a href='http://php.net/manual/en/book.com.php'>http://php.net/manual/en/book.com.php</a> for more info
EOO;
$fail = true;
}
elseif (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
try {
new COM("WScript.Shell");
}
catch (Exception $e) {
print <<<EOO
The Component Object Model (COM) class does not seem to be available
EOO;
$fail = true;
}
}
$ro = ini_get('request_order');
if ($ro != 'GPCS' && $ro != 'GPC') {
print <<<EOO
The request_order directive in php.ini is not set correctly. It needs to be either GPC or GPCS, it is currently $ro.<br />
Open the php.ini file, search for request_order, and change it to either GPC or GPCS. After it's saved, you'll need to restart Apache<br /><br />
EOO;
$fail = true;
}
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
$delim = ';';
}
else {
$delim = ':';
}
$inc_path = explode($delim, ini_get('include_path'));
$doc_root = realpath(dirname(__FILE__));
$classes = realpath("{$doc_root}/classes");
$inc = realpath("{$doc_root}/inc");
$root = realpath(dirname(__FILE__));
if (!in_array($inc, $inc_path) || !in_array($classes, $inc_path) || !in_array($root, $inc_path)) {
print <<<EOO
The include_path directive in php.ini does not include the required paths.<br />
Open the php.ini file, search for include_path (and make sure that the one for your OS) includes $root, $inc, & $classes<br />
Current include_path:
EOO;
print ini_get('include_path') . "<br />";
$fail = true;
}
$mem_limit = return_bytes(ini_get("memory_limit"));
$gig = return_bytes('1G');
if ($mem_limit < $gig) {
print <<<EOO
Sagacity does many data intensive actions, so we recommend a memory_limit of 1G. $mem_limit bytes is the current setting.<br />
To change this, open the php.ini file and look for 'memory_limit' and set to at least 1G<br />
EOO;
}
if (!ini_get("file_uploads")) {
print "File uploads are currently turned off by the file_uploads directive in php.ini. Please turn them back on if you wish to upload files through the user interfaces<br />";
}
else {
$upload_file_max = return_bytes(ini_get('upload_max_filesize'));
$post_max_size = return_bytes(ini_get('post_max_size'));
if ($upload_file_max != $post_max_size) {
print <<<EOO
Upload file max size ($upload_file_max bytes) and post max size ($post_max_size bytes) do not match. The smaller will be used to limit uploaded file sizes.<br />
To change this, open the php.ini file and change 'upload_max_filesize' and 'post_max_size'<br />
EOO;
}
}
if ($fail) {
die;
}
$is_online = ping("cyberperspectives.com");
$step = filter_input(INPUT_GET, 'step', FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
$blank_root = false;
$mysql_host = '';
mysqli_report(MYSQLI_REPORT_STRICT);
try {
$db = new mysqli("localhost", "root", "");
if (!$db->connect_errno) {
$blank_root = true;
$mysql_host = 'localhost';
}
}
catch (Exception $e) {
}
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
$mysql_host = 'localhost';
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Sagacity Setup</title>
<link href='/style/fonts/fonts.css' rel='stylesheet' type='text/css' />
<!--[if IE 9]><link rel="stylesheet" href="style/style-ie9.css" /><![endif]-->
<link href='/script/jquery-ui/jquery-ui.min.css' rel='stylesheet' type='text/css' />
<script src="/script/jquery-3.2.1.min.js"></script>
<script src="/style/5grid/jquery.browser.min.js"></script>
<script type="text/javascript" src="/script/jquery-ui/jquery-ui.min.js"></script>
<script
src="/style/5grid/init.js?use=mobile,desktop,1000px&mobileUI=1&mobileUI.theme=none"></script>
<script type="text/javascript" src="/script/default.js"></script>
<script type="text/javascript" src="/script/spin/spin.min.js"></script>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<link rel="apple-touch-icon" sizes="57x57" href="/apple-touch-icon-57x57.png">
<link rel="apple-touch-icon" sizes="114x114" href="/apple-touch-icon-114x114.png">
<link rel="apple-touch-icon" sizes="72x72" href="/apple-touch-icon-72x72.png">
<link rel="apple-touch-icon" sizes="144x144" href="/apple-touch-icon-144x144.png">
<link rel="apple-touch-icon" sizes="60x60" href="/apple-touch-icon-60x60.png">
<link rel="apple-touch-icon" sizes="120x120" href="/apple-touch-icon-120x120.png">
<link rel="apple-touch-icon" sizes="76x76" href="/apple-touch-icon-76x76.png">
<link rel="apple-touch-icon" sizes="152x152" href="/apple-touch-icon-152x152.png">
<link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="/favicon-192x192.png" sizes="192x192">
<link rel="icon" type="image/png" href="/favicon-160x160.png" sizes="160x160">
<link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96">
<link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16">
<link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32">
<meta name="msapplication-TileColor" content="#da532c">
<meta name="msapplication-TileImage" content="/mstile-144x144.png">
<style type='text/css'>
#msg {
display: none;
}
.err {
color: white;
background-color: red;
}
.msg {
color: white;
background-color: green;
}
#pwd-msg, #root-pwd-msg {
display: none;
width: 25px;
}
#root-conf {
display: none;
}
.buttons {
text-align: right;
}
.label {
width: 250px;
display: inline-block;
}
.left {
width: 49%;
display: inline-block;
vertical-align: top;
}
.right {
width: 49%;
display: inline-block;
}
.setup-header, .buttons {
width: 49%;
display: inline-block;
}
</style>
<script type="text/javascript">
var current_step = 0;
$(function () {
$('#tabs').tabs({
disabled: [1, 2]
});
$('#derived-on,#declassify-on').datepicker({dateFormat: "yy-mm-dd"});
$('.next').click(next_step);
$('.back').click(prev_step);
<?php
if ($blank_root) {
print "alert('System has detected your root MySQL password is blank. Please enter the password you want in the blank and the confirmation and we can set the password');";
print "$('#root-conf').show();";
}
if ($step !== null && $step > 0) {
switch ($step) {
case 2:
print <<<EOL
$('#tabs').tabs('enable', 2)
.tabs('option', 'active', 2);
current_step = 2;
EOL;
break;
case 1:
print <<<EOL
$('#tabs').tabs('enable', 1)
.tabs('option', 'active', 1);
current_step = 1;
EOL;
break;
}
switch ($step) {
case 2:
print "$('#tabs').tabs('disable', 1);" . PHP_EOL;
case 1:
print "$('#tabs').tabs('disable', 0);" . PHP_EOL;
print "setTimeout(function(){enable_next(current_step);}, 3000);" . PHP_EOL;
}
}
?>
});
function next_step() {
var params;
if (current_step == 0) {
if ($('#web-pwd').val() != $('#conf').val()) {
display_msg("Web passwords don't match");
$('#web-pwd').focus();
return;
}
if ($('#root-conf').is(":visible") && $('#root-pwd').val() != $('#root-conf').val()) {
display_msg("Root passwords don't match");
$('#root-pwd').focus();
return;
}
var action = null;
if ($('#do').is(":checked")) {
action = 'do';
}
else if ($('#po').is(":checked")) {
action = 'po';
}
params = {
'step': current_step,
'doc-root': $('#doc-root').val(),
'pwd-file': $('#pwd-file').val(),
'tmp-path': $('#tmp-path').val(),
'log-path': $('#log-path').val(),
'log-level': $('#log-level').val(),
'db-server': $('#db-server').val(),
'root-uname': $('#root-uname').val(),
'root-pwd': $('#root-pwd').val(),
'conf-root-pwd': $('#root-conf').val(),
'web-pwd': $('#web-pwd').val(),
'sample-data': ($('#sample-data').is(':checked') ? '1' : '0'),
'cpe': ($('#cpe').is(":checked") ? '1' : '0'),
'cve': ($('#cve').is(":checked") ? '1' : '0'),
'stig': ($('#stig').is(":checked") ? '1' : '0'),
'update-freq': $('#update-freq').val(),
'action': action
};
}
else if (current_step == 1) {
params = {
'step': current_step,
'company': $('#comp-name').val(),
'comp-add': $('#comp-add').val(),
'last-modified': $('#last-modified-by').val(),
'creator': $('#creator').val(),
'system-class': $('#sys-class').val(),
'classified-by': $('#classified-by').val(),
'scg': $('#derived-by').val(),
'derived-on': $('#derived-on').val(),
'declassify-on': $('#declassify-on').val()
};
}
else if (current_step == 2) {
params = {
'step': current_step,
'flatten': ($('#flatten').is(":checked") ? "1" : '0'),
'wrap-text': ($('#wrap-text').is(":checked") ? "1" : "0"),
'notifications': ($('#notifications').is(":checked") ? '1' : '0'),
'port-limit': $('#port-limit').val(),
'max-results': $('#max-results').val(),
'output-format': $('#output-format').val()
};
}
$.ajax('/exec/installer.php', {
data: params,
beforeSend: function () {
display_msg('Processing', 'msg');
},
success: function (data) {
if (data.error) {
display_msg(data.error + "<br />Go back to the previous step and fix the error", 'err');
}
else if (data.success) {
if (current_step > 2) {
location.href = '/ste/';
}
if (data.msg) {
display_msg(data.msg, 'msg', 10000);
}
else {
display_msg('Step Completed', 'msg');
}
}
},
error: function (xhr, status, error) {
console.error(error);
display_msg(error, 'err');
},
dataType: 'json',
method: 'post'
});
current_step++;
$('#tabs').tabs('enable', current_step)
.tabs('option', 'active', current_step)
.tabs('disable', current_step - 1);
setTimeout(function () {
enable_next(current_step);
}, 3000);
}
function display_msg(msg, err_class, delay = 3000) {
$('#msg').removeClass('msg err')
.addClass(err_class)
.html(msg)
.slideDown();
setTimeout(function () {
$('#msg').slideUp();
}, delay);
}
function enable_next(step) {
if (step == 1) {
$('#company').find('.next')
.removeClass('button-delete')
.addClass('button')
.prop('disabled', false);
}
else if (step == 2) {
$('#options').find('.next')
.removeClass('button-delete')
.addClass('button')
.prop('disabled', false);
}
}
function prev_step() {
current_step--;
$('#tabs').tabs('enable', current_step);
$('#tabs').tabs('option', 'active', current_step);
$('#tabs').tabs('disable', current_step + 1);
}
function chk_pwd() {
if ($('#web-pwd').val() != $('#conf').val()) {
$('#pwd-msg').attr('src', "/img/X.png");
}
else {
$('#pwd-msg').attr('src', "/img/ok.png");
}
$('#pwd-msg').show();
}
function chk_root_pwd() {
if ($('#root-conf').is(":visible")) {
if ($('#root-pwd').val() != $('#root-conf').val()) {
$('#root-pwd-msg').attr('src', '/img/X.png');
}
else {
$('#root-pwd-msg').attr('src', '/img/ok.png');
}
$('#root-pwd-msg').show();
}
}
</script>
</head>
<body>
<div id="header-wrapper" style="height:125px;">
<header id="header" class="5grid-layout">
<div class="row">
<div class="12u" style="text-align:center;">
<!-- Logo -->
<span class="mobileUI-site-name">
<img src='/img/Sagacity-Logo.png' style='width:365px;' />
</span>
</div>
</div>
</header>
</div>
<div style="width:1200px;margin:auto;">
<?php
print "Maximum file upload size is currently set to " . ini_get("upload_max_filesize") . "B<br />";
print "Your current timezone is set to " . ini_get("date.timezone") . "<br />";
?>
<div id='msg'></div>
<div id='tabs' style='height:450px;'>
<ul>
<li><a href='#database'>Database</a></li>
<li><a href='#company'>Company</a></li>
<li><a href='#options'>Options</a></li>
</ul>
<div id='database'>
<div class='setup-header'>
<h2>Database Configuration</h2>
</div>
<div class="buttons">
<input type='button' class='button' value='Adv Web Settings' onclick="$('#advanced').slideToggle();" />
<input type='button' class='button next' value='Next' />
</div>
<div class='left'>
<label class='label' for='db_server'>Database Server:</label>
<input type='text' id="db-server" placeholder="Hostname or IP" value='<?php print $mysql_host; ?>' title='Database server DNS name or IP' /><br />
<span class='label'>
<input type='text' id='root-uname' placeholder='Root username' value='root' />
</span>
<input type='password' id='root-pwd' placeholder='Root password' /><br />
<label class='label'> </label>
<input type='password' id='root-conf' onkeyup='javascript:chk_root_pwd();' placeholder='Confirm root password' /> <img id='root-pwd-msg' /><br />
<label class='label' for='pwd'>Web user password:</label>
<input type='password' id='web-pwd' /><br />
<label class='label' for='conf'>Confirm password:</label>
<input type='password' id='conf' onkeyup='javascript:chk_pwd();' /> <img id='pwd-msg'/><br />
<label class='label' for='sample-data'>Add Sample Data:</label>
<input type='checkbox' id='sample-data' title='Add sample data to database' /><br />
</div>
<div class='right'>
<label for='cpe' class='label'>Load CPE's:</label>
<input type='checkbox' id='cpe' checked title="Do you want to load CPE's upon completion?" /><br />
<label for='cve' class='label'>Load CVE's:</label>
<input type='checkbox' id='cve' checked title="Do you want to laod CVE's upon completion?" /><br />
<label for='stig' class='label'>Load STIG's:</label>
<input type='checkbox' id='stig' checked title="Do you want to load STIG's upon completion?" /><br />
<?php if ($is_online) { ?>
<label for='dp' class='label'>Online:</label>
<input type='radio' id='dp' name='action' value='dp' checked /><br />
<label for='do' class='label'>Download only:</label>
<input type='radio' id='do' name='action' value='do' /><br />
<?php } ?>
<label for='po' class='label'>Offline:</label>
<input type='radio' id='po' name='action' value='po' />
</div>
<div id='advanced' style='display:none;margin-top:15px;'>
<div class="left">
<label class='label'>Web Root:</label>
<input type='text' id='doc-root' value='<?php print realpath(getcwd()); ?>' title='Absolute path of the document root' /><br />
<label class='label'>Password File:</label>
<input type='text' id='pwd-file' value='inc/passwd' title='Relative path to the encrypted password file' /><br/>
<label class='label'>AJAX Refresh Freq:</label>
<input type='number' id='update-freq' value='3' title='Frequency that the AJAX calls refresh methods (in seconds)' />
</div>
<div class='right'>
<label class='label'>TMP Path:</label>
<input type='text' id='tmp-path' value='<?php print realpath(getcwd()) . DIRECTORY_SEPARATOR . "tmp"; ?>' title='Absolute path to the temporary storage folder' /><br />
<?php
$log_path = null;
if (strtolower(substr(PHP_OS, 0, 3)) == 'lin') {
$log_path = "/var/log/sagacity";
}
else {
$log_path = realpath(getcwd()) . DIRECTORY_SEPARATOR . "logs";
}
?>
<label class='label'>Log Path:</label>
<input type='text' id='log-path' value='<?php print $log_path; ?>' title='Absolute path to the log path' /><br />
<label class='label'>Log Level:</label>
<select id='log-level' title='The default log level'>
<option>ERROR</option>
<option>WARNING</option>
<option>NOTICE</option>
<option>DEBUG</option>
</select>
</div>
</div>
</div>
<div id='company'>
<div class='setup-header'>
<h2>Company Information</h2>
</div>
<div class='buttons'>
<input type='button' class='button back' value='Previous' />
<input type='button' class='button-delete next' value='Next' disabled="true" />
</div>
<div class='left'>
<label class='label'>Name:</label>
<input type='text' id='comp-name' placeholder='Company Name' title='The name of your company' /><br />
<label class='label'>Address:</label>
<input type='text' id='comp-add' placeholder='Company Address' title='The company address' /><br />
<label class='label'>Last Modified By:</label>
<input type='text' id='last-modified-by' placeholder='Last modified by?' title='The name of the person that last modified the eChecklist' /><br />
<label class='label'>Creator:</label>
<input type='text' id='creator' placeholder='Creator' title='Person who created the eChecklist' />
</div>
<div class='right'>
<label class='label'>System Classification:</label>
<select id='sys-class'>
<option>UNCLASSIFIED</option>
<option>U//FOUO</option>
<option>SECRET</option>
</select>
<br />
<label class='label'>Classified By:</label>
<input type='text' id='classified-by' /><br />
<label class='label'>Derived From:</label>
<input type='text' id='derived-by' /><br />
<label class='label'>SCG Date:</label>
<input type='text' id='derived-on' /><br />
<label class='label'>Declassify On:</label>
<input type='text' id='declassify-on' />
</div>
</div>
<div id='options'>
<div class='setup-header'>
<h2>System Options</h2>
</div>
<div class='buttons'>
<input type='button' class='button back' value='Previous' />
<input type='button' class='button-delete next' value='Done' disabled="true" />
</div>
<div class="left">
<label for='flatten' class='label'>Flatten eChecklist:</label>
<input type='checkbox' id='flatten' checked title='Do you want a high-water mark with the eChecklist exports by default (shows worst case/check)?' /><br />
<label for='wrap-text' class='label'>Wrap Text in eChecklist:</label>
<input type='checkbox' id='wrap-text' title='Do you want exported eChecklist files to have wrapped text for the check contents field?' /><br />
<label for='notifications' class='label'>Scan Notifications:</label>
<input type='checkbox' id='notifications' title='Do you want to hear audible notifications when result scans complete' /><br />
<label for='port-limit' class='label'>Port Ingestion Limit:</label>
<input type="number" id='port-limit' value="100" min="0" max="10000" title="The maximum number of open ports to import from a target (limit 10000)" /><br />
<label for='max-results' class='label'>Max # of Result Threads:</label>
<input type="number" id='max-results' value="5" min="1" max="20" title="The maximum number of scans to import at a given time (recommended limit of 20)" /><br />
<label for='output-format' class='label'>Output format</label>
<select id='output-format'>
<option value="xlsx">Microsoft Excel 2007+ (.xlsx)</option>
<option value="xls">Microsoft Excel 95-2003 (.xls)</option>
<option value="ods">OpenDocument Format (.ods)</option>
<?php /*
<option value="html">HTML (.html)</option>
<option value="pdf">Post-script Document (.pdf)</option>
<option value="csv">Comma-separated files (.csv)</option>
*/ ?>
</select>
</div>
</div>
</div>
</div>
</body>
</html>