Example #1
0
function server_get_servers($conn)
{
    $name = GET('name');
    ossim_valid($name, OSS_ALPHA, OSS_PUNC, OSS_SPACE, 'illegal:' . _("Server name"));
    require_once 'ossim_conf.inc';
    $ossim_conf = $GLOBALS["CONF"];
    /* get the port and IP address of the server */
    $address = $ossim_conf->get_conf("server_address");
    $port = $ossim_conf->get_conf("server_port");
    /* create socket */
    $socket = socket_create(AF_INET, SOCK_STREAM, 0);
    if ($socket < 0) {
        echo _("socket_create() failed: reason: ") . socket_strerror($socket) . "\n";
    }
    $list = array();
    $err = "";
    /* connect */
    $result = @socket_connect($socket, $address, $port);
    if (!$result) {
        $err = "<p><b>" . _("socket error") . "</b>: " . gettext("Is OSSIM server running at") . " {$address}:{$port}?</p>";
        return array($list, $err);
    }
    /* first send a connect message to server */
    $in = 'connect id="1" type="web"' . "\n";
    $out = '';
    socket_write($socket, $in, strlen($in));
    $out = @socket_read($socket, 2048, PHP_NORMAL_READ);
    if (strncmp($out, "ok id=", 4)) {
        $err = "<p><b>" . gettext("Bad response from server") . "</b></p>";
        $err .= "<p><b>" . _("socket error") . "</b>: " . gettext("Is OSSIM server running at") . " {$address}:{$port}?</p>";
        return array($list, $err);
    }
    /* get servers from server */
    if ($name != NULL) {
        $in = 'server-get-servers id="2" servername="' . $name . '"' . "\n";
    } else {
        $in = 'server-get-servers id="2"' . "\n";
    }
    $out = '';
    socket_write($socket, $in, strlen($in));
    $pattern = '/server host="([^"]*)" servername="([^"]*)"/ ';
    while ($out = socket_read($socket, 2048, PHP_NORMAL_READ)) {
        if (preg_match($pattern, $out, $regs)) {
            if (Session::hostAllowed($conn, $regs[1])) {
                $s["host"] = $regs[1];
                $s["servername"] = $regs[2];
                //# This should be checked in the server TODO FIXME
                if (!in_array($s, $list)) {
                    $list[] = $s;
                }
            }
        } elseif (!strncmp($out, "ok id=", 4)) {
            break;
        }
    }
    socket_close($socket);
    return array($list, $err);
}
Example #2
0
function help_invoke()
{
    list($action) = GET('action');
    if ($action == 'about') {
        help_invoke_about();
    } elseif ($action == 'code') {
        echo exec_tpl('help/cutecode');
    } else {
        help_invoke_main();
    }
}
function retrieve_groups($num)
{
    $g_list = array();
    for ($i = 1; $i <= $num; $i++) {
        $aux = explode("_", GET('group' . $i));
        if (ossim_valid($aux[0], OSS_HEX, 'illegal:' . _("Group ID"))) {
            $g_list[] = "'" . $aux[0] . "'";
        }
    }
    return implode(',', $g_list);
}
Example #4
0
 function termin($template)
 {
     $dbuser = new User();
     if (isREQUEST("logout")) {
         $dbuser->logout();
     }
     if (isREQUEST("user") && isREQUEST("password")) {
         $usr = $dbuser->logout()->login(REQUEST("user"), REQUEST("password"));
     }
     if (!($usr = $dbuser->logedin())) {
         $template->view("login");
         return;
     }
     $template->add("usr", $usr);
     // für die User Infos oben Rechts
     if (isREQUEST(array("name", "desc"))) {
         // Termin erstellen
         $t = new Termin();
         $id = $t->create(REQUEST("name"), REQUEST("desc"), $usr["id"]);
         //$template->add("termin",$t->byid($t));
         //$template->add("mitglieder",$t->mitglieder($t));
         //$template->view("termin");
         $template->redirect("?s=termin&id=" . $id);
         $template->view("termin_neu");
     } else {
         if (GET("id")) {
             // Termin aufrufen
             $t = new Termin();
             $tbid = $t->byid(GET("id"));
             if (!isset($tbid) || !isset($tbid["id"])) {
                 $template->redirect(".");
                 $template->view("termin_neu");
                 return;
             }
             $template->add("termin", $tbid);
             $template->add("zeiten", $t->zeiten($tbid["tid"]));
             $template->add("votes", $t->votes($tbid["tid"]));
             $template->add("mitglieder", $t->mitglieder($tbid["tid"]));
             $template->view("termin");
         } else {
             // Neuer Termin
             $template->view("termin_neu");
         }
     }
 }
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyServers');
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
$ip = GET('ip');
$sname = GET('name');
$update = intval(GET('update'));
$opensource = Session::is_pro() ? FALSE : TRUE;
$mssp = intval($conf->get_conf("alienvault_mssp"));
$local_id = $conf->get_conf("server_id");
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP'));
ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name'));
ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID'));
if (ossim_error()) {
    die(ossim_error());
}
$action = 'newserver.php';
$all_rservers = Server::get_server_hierarchy($conn, $id);
$error_forward = FALSE;
$can_i_modify_elem = TRUE;
if (!empty($id)) {
    $server = Server::get_object($conn, $id);
Example #6
0
function PrintGeneralStats($db, $compact, $show_stats, $join = "", $where = "", $show_total_events = false)
{
    global $events_report_type, $sensors_report_type, $unique_events_report_type, $unique_plugins_report_type;
    global $unique_addr_report_type, $src_port_report_type, $dst_port_report_type, $unique_iplinks_report_type;
    global $unique_country_events_report_type;
    global $siem_events_title, $cloud_instance;
    if ($show_stats == 1) {
        $sensor_cnt = SensorCnt($db, $join, $where);
        $sensor_total = SensorTotal($db);
        $unique_alert_cnt = UniqueAlertCnt($db, $join, $where);
        $event_cnt = EventCnt($db, $join, $where);
        $unique_ip_cnt = UniqueIPCnt($db, $join, $where);
        $unique_links_cnt = UniqueLinkCnt($db, $join, $where);
        $unique_port_cnt = UniquePortCnt($db, $join, $where);
        $unique_tcp_port_cnt = UniqueTCPPortCnt($db, $join, $where);
        $unique_udp_port_cnt = UniqueUDPPortCnt($db, $join, $where);
    }
    /*if ($db->baseGetDBversion() >= 103) {
          if ($show_stats == 1) {
              $result = $db->baseExecute("SELECT categories FROM event_stats ORDER BY timestamp DESC LIMIT 1");
              $myrow = $result->baseFetchRow();
              $class_cnt = $myrow[0];
              $result->baseFreeRows();
          }
          $class_cnt_info[0] = " <strong>" . gettext("Categories:") . " </strong>";
          $class_cnt_info[1] = "<a style='color:black;font-weight:bold' href=\"base_stat_class.php?sort_order=class_a\">";
          $class_cnt_info[2] = "</a><a style='color:black;font-weight:bold' href=\"base_stat_class_graph.php?sort_order=class_a\"> <img src=\"images/ico_graph.gif\" align=\"absmiddle\" border=0></a>";
      }*/
    $sensor_cnt_info[0] = "<strong>" . gettext("Sensors/Total:") . "</strong>\n";
    $sensor_cnt_info[1] = "<a style='color:black;font-weight:bold' href=\"base_stat_sensor.php?sort_order=occur_d\">";
    $sensor_cnt_info[2] = "</a>";
    $unique_alert_cnt_info[0] = "<strong>" . gettext("Unique Events") . ":</strong>\n";
    $unique_alert_cnt_info[1] = "<a style='color:black;font-weight:bold' href=\"base_stat_alerts.php?sort_order=occur_d\">";
    $unique_alert_cnt_info[2] = "</a>";
    $unique_plugin_cnt_info[0] = "<strong>" . _("Unique Data Sources") . "</strong>\n";
    $unique_plugin_cnt_info[1] = "<a style='color:black;font-weight:bold' href=\"base_stat_plugins.php?sort_order=occur_d\">";
    $unique_plugin_cnt_info[2] = "</a>";
    $event_cnt_info[0] = "<strong>" . gettext("Total Number of Events:") . "</strong>\n";
    $event_cnt_info[1] = '<a style=\'color:black;font-weight:bold\' href="base_qry_main.php?&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query+DB") . '&amp;current_view=-1">';
    $event_cnt_info[2] = "</a>";
    $unique_src_ip_cnt_info[0] = gettext("Src IP addrs:");
    $unique_src_ip_cnt_info[1] = " " . BuildUniqueAddressLink(1, "", "color:black;font-weight:bold");
    $unique_src_ip_cnt_info[2] = "</a>";
    $unique_dst_ip_cnt_info[0] = gettext("Dest. IP addrs:");
    $unique_dst_ip_cnt_info[1] = " " . BuildUniqueAddressLink(2, "", "color:black;font-weight:bold");
    $unique_dst_ip_cnt_info[2] = "</a>";
    $unique_ip_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_uaddress.php?sort_order=occur_d\">";
    $unique_ip_cnt_info[2] = "</a>";
    $unique_links_info[0] = gettext("Unique IP links");
    $unique_links_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_iplink.php?sort_order=events_d&fqdn=no\">";
    $unique_links_info[2] = "</a>";
    $unique_links_fqdn = " <a style='color:black;font-weight:bold' href=\"base_stat_iplink.php?sort_order=events_d&fqdn=yes\">[FQDN]</a>";
    $unique_src_port_cnt_info[0] = gettext("Source Ports: ");
    $unique_src_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=1&amp;proto=-1\">";
    $unique_src_port_cnt_info[2] = "</a>";
    $unique_dst_port_cnt_info[0] = gettext("Dest Ports: ");
    $unique_dst_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=2&amp;proto=-1\">";
    $unique_dst_port_cnt_info[2] = "</a>";
    $unique_tcp_src_port_cnt_info[0] = "TCP (";
    $unique_tcp_src_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=1&amp;proto=" . TCP . "\">";
    $unique_tcp_src_port_cnt_info[2] = "</a>)";
    $unique_tcp_dst_port_cnt_info[0] = "TCP (";
    $unique_tcp_dst_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=2&amp;proto=" . TCP . "\">";
    $unique_tcp_dst_port_cnt_info[2] = "</a>)";
    $unique_udp_src_port_cnt_info[0] = "UDP (";
    $unique_udp_src_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=1&amp;proto=" . UDP . "\">";
    $unique_udp_src_port_cnt_info[2] = "</a>)";
    $unique_udp_dst_port_cnt_info[0] = "UDP (";
    $unique_udp_dst_port_cnt_info[1] = " <a style='color:black;font-weight:bold' href=\"base_stat_ports.php?sort_order=occur_d&port_type=2&amp;proto=" . UDP . "\">";
    $unique_udp_dst_port_cnt_info[2] = "</a>)";
    if ($show_stats == 1) {
        echo $unique_alert_cnt_info[0] . $unique_alert_cnt_info[1] . $unique_alert_cnt . $unique_alert_cnt_info[2] . "\n<br />";
        echo $sensor_cnt_info[0] . $sensor_cnt_info[1] . $sensor_cnt . $sensor_cnt_info[2] . $sensor_total . "\n<br />";
        if ($db->baseGetDBversion() >= 103) {
            echo "<br />" . $class_cnt_info[0] . $class_cnt_info[1] . $class_cnt . $class_cnt_info[2];
        }
        echo "<br />";
        echo $event_cnt_info[0] . $event_cnt_info[1] . $event_cnt . $event_cnt_info[2];
        echo "<ul>";
        echo "<li>" . $unique_src_ip_cnt_info[0] . $unique_src_ip_cnt_info[1] . $unique_ip_cnt[0] . $unique_src_ip_cnt_info[2] . "</li>";
        echo "<li>" . $unique_dst_ip_cnt_info[0] . $unique_dst_ip_cnt_info[1] . $unique_ip_cnt[1] . $unique_dst_ip_cnt_info[2] . "</li>";
        echo "<li>" . $unique_links_info[0] . $unique_links_info[1] . $unique_links_cnt . $unique_links_info[2] . " (" . $unique_links_fqdn . ")</li>";
        echo "<li>";
        if ($compact == 0) {
            echo "<p>";
        }
        echo $unique_src_port_cnt_info[0] . $unique_src_port_cnt_info[1] . $unique_port_cnt[0] . $unique_src_port_cnt_info[2] . "</li>";
        if ($compact == 0) {
            echo "<li><ul><li>";
        } else {
            echo "<li>&nbsp;&nbsp;--&nbsp;&nbsp;";
        }
        echo $unique_tcp_src_port_cnt_info[0] . $unique_tcp_src_port_cnt_info[1] . $unique_tcp_port_cnt[0] . $unique_tcp_src_port_cnt_info[2] . "&nbsp;&nbsp;" . $unique_udp_src_port_cnt_info[0] . $unique_udp_src_port_cnt_info[1] . $unique_udp_port_cnt[0] . $unique_udp_src_port_cnt_info[2];
        if ($compact == 0) {
            echo "</li></ul></li>";
        }
        echo "<li>" . $unique_dst_port_cnt_info[0] . $unique_dst_port_cnt_info[1] . $unique_port_cnt[1] . $unique_dst_port_cnt_info[2] . "</li>";
        if ($compact == 0) {
            echo "<li><ul><li>";
        } else {
            echo "<li>&nbsp;&nbsp;--&nbsp;&nbsp;";
        }
        echo $unique_tcp_dst_port_cnt_info[0] . $unique_tcp_dst_port_cnt_info[1] . $unique_tcp_port_cnt[1] . $unique_tcp_dst_port_cnt_info[2] . "&nbsp;&nbsp;" . $unique_udp_dst_port_cnt_info[0] . $unique_udp_dst_port_cnt_info[1] . $unique_udp_port_cnt[1] . $unique_udp_dst_port_cnt_info[2];
        if ($compact == 0) {
            echo "</li></ul>";
        }
        echo "</li></ul>";
    } else {
        echo "<table width='100%' cellpadding=0 cellspacing=0 border=0><tr><td valign='top'>";
        if ($show_total_events) {
            $event_cnt = EventCnt($db, $join, $where);
            echo "<li>" . $event_cnt_info[0] . $event_cnt_info[1] . $event_cnt . $event_cnt_info[2] . "</li><li><p>";
        }
        //echo "<ul style='padding-left:20px'>";
        ?>
	  <table cellpadding=2 style="border-left:1px solid #CACACA;border-bottom:1px solid #CACACA;border-right:1px solid #CACACA" cellspacing=0 border=0 width="100%">
		<tr>
	  <?php 
        //$li_style = (preg_match("/base_stat_sensor\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_qry_main\\.php/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
        $fontcolor = preg_match("/base_qry_main\\.php/", $_SERVER['SCRIPT_NAME']) ? "white" : "black";
        ?>
		<td nowrap align="center" style="border-right:1px solid #CACACA" bgcolor="<?php 
        echo $color;
        ?>
">
			<a style="color:<?php 
        echo $fontcolor;
        ?>
;font-weight:bold" href='base_qry_main.php?num_result_rows=-1&submit=Query+DB&current_view=-1'>
			<?php 
        echo _("Events");
        ?>
</a>
                <?php 
        if ($fontcolor == "white" && !$cloud_instance) {
            ?>
                <a href="javascript:;" onclick="javascript:report_launcher('Events_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Launch PDF Report");
            ?>
"></a>
                <a href="javascript:;" onclick="javascript:report_launcher('Events_Report','<?php 
            echo $events_report_type;
            ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Download data in csv format");
            ?>
"></a>
                <?php 
        }
        ?>
		</td>
	  <?php 
        //$li_style = (preg_match("/base_stat_alerts\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_stat_alerts\\.php|base_stat_alerts_graph\\.php/", $_SERVER['SCRIPT_NAME']) || preg_match("/base_stat_class\\.php|base_stat_class_graph\\.php/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $unique_alert_cnt_info[1] = str_replace(":black", ":white", $unique_alert_cnt_info[1]);
            $class_cnt_info[1] = str_replace(":black", ":white", $class_cnt_info[1]);
        }
        //echo "  <li$li_style>".$unique_alert_cnt_info[1].gettext("Unique Events").$unique_alert_cnt_info[2] . "</li>";
        ?>
			<td nowrap align="center" style="border-right:1px solid #CACACA" bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $unique_alert_cnt_info[1] . gettext("Unique Events") . $unique_alert_cnt_info[2];
        ?>
 <a href="base_stat_alerts_graph.php?sort_order=occur_d"><img src="images/ico_graph.gif" align="absmiddle" border=0></a>
                <?php 
        if ($color == "#28BC04" && !$cloud_instance && preg_match("/base_stat_alerts\\.php/", $_SERVER['SCRIPT_NAME'])) {
            ?>
                <a href="javascript:;" onclick="javascript:report_launcher('UniqueEvents_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Launch PDF Report");
            ?>
"></a>
                <a href="javascript:;" onclick="javascript:report_launcher('UniqueEvents_Report','<?php 
            echo $unique_events_report_type;
            ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Download data in csv format");
            ?>
"></a>
                <?php 
        }
        ?>
				<!--<br>
				(<?php 
        echo $class_cnt_info[1] . gettext("classifications") . $class_cnt_info[2];
        ?>
)-->
			</td>

	  <?php 
        //$li_style = (preg_match("/base_stat_sensor\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_stat_sensor\\.php/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $sensor_cnt_info[1] = str_replace(":black", ":white", $sensor_cnt_info[1]);
        }
        //echo "  <li$li_style>".$sensor_cnt_info[1]. gettext("Sensors") . "</a></li>";
        ?>
			<td nowrap align="center" style="border-right:1px solid #CACACA" bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $sensor_cnt_info[1] . gettext("Sensors") . $sensor_cnt_info[2];
        ?>
            <?php 
        if ($color == "#28BC04" && !$cloud_instance) {
            ?>
            <a href="javascript:;" onclick="javascript:report_launcher('Sensors_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Launch PDF Report");
            ?>
"></a>
            <a  href="javascript:;" onclick="javascript:report_launcher('Sensors_Report','<?php 
            echo $sensors_report_type;
            ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Download data in csv format");
            ?>
"></a>
            <?php 
        }
        ?>
        </td>


	  <?php 
        if ($db->baseGetDBversion() >= 103) {
            //$li_style = (preg_match("/base_stat_class\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
            $color = preg_match("/base_stat_plugins\\.php/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
            if ($color == "#28BC04") {
                $unique_plugin_cnt_info[1] = str_replace(":black", ":white", $unique_plugin_cnt_info[1]);
            }
            //echo "<li$li_style>&nbsp;&nbsp;&nbsp;( ".$class_cnt_info[1].gettext("classifications")."</a> )</li>";
            ?>
			<td nowrap align="center" bgcolor="<?php 
            echo $color;
            ?>
"><?php 
            echo $unique_plugin_cnt_info[1] . gettext("Unique Data Sources") . $unique_plugin_cnt_info[2];
            ?>
                <?php 
            if ($color == "#28BC04" && !$cloud_instance) {
                ?>
                <a href="javascript:;" onclick="javascript:report_launcher('UniquePlugin_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
                echo _("Launch PDF Report");
                ?>
"></a>
                <a href="javascript:;" onclick="javascript:report_launcher('UniquePlugin_Report','<?php 
                echo $unique_plugins_report_type;
                ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
                echo _("Download data in csv format");
                ?>
"></a>
                <?php 
            }
            ?>
            </td>
	  <?php 
        }
        ?>
		</tr>
		<tr>
	  <?php 
        //$src_lnk = "<a href='base_stat_uaddr.php?addr_type=".$_GET['addr_type']."&addhomeips=src' title='Add home networks IPs to current search criteria'><img src='images/homelan.png' border=0 align='absmiddle'></a>";
        //$dst_lnk = "<a href='base_stat_uaddr.php?addr_type=".$_GET['addr_type']."&addhomeips=dst' title='Add home networks IPs to current search criteria'><img src='images/homelan.png' border=0 align='absmiddle'></a>";
        //$li_style = (preg_match("/base_stat_uaddr\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_stat_uaddr/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $unique_src_ip_cnt_info[1] = str_replace(":black", ":white", $unique_src_ip_cnt_info[1]);
            $unique_dst_ip_cnt_info[1] = str_replace(":black", ":white", $unique_dst_ip_cnt_info[1]);
            $unique_ip_cnt_info[1] = str_replace(":black", ":white", $unique_ip_cnt_info[1]);
            if (!$cloud_instance) {
                $pdf = "&nbsp;<a href=\"javascript:;\" onclick=\"javascript:report_launcher('UniqueAddress_Report" . intval($_GET['addr_type']) . "','pdf');return false\"><img src=\"images/pdf-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Launch PDF Report") . "\">&nbsp;";
                $csv = "<a href=\"javascript:;\" onclick=\"javascript:report_launcher('UniqueAddress_Report" . intval($_GET['addr_type']) . "','{$unique_addr_report_type}');return false\"><img src=\"images/csv-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Download data in csv format") . "\"></a>&nbsp;";
            } else {
                $pdf = "";
                $csv = "";
            }
            if ($_GET['addr_type'] == '1') {
                $unique_src_ip_cnt_info[2] .= $pdf . $csv;
            }
            if ($_GET['addr_type'] == '2') {
                $unique_dst_ip_cnt_info[2] .= $pdf . $csv;
            }
        } else {
            $pdf = "<br>";
            $csv = "";
        }
        // echo "  <li$li_style>".gettext("Unique addresses: ").
        //       $unique_src_ip_cnt_info[1].gettext("Source").' | '.$unique_src_ip_cnt_info[2].
        //       $unique_dst_ip_cnt_info[1].gettext("Destination").$unique_dst_ip_cnt_info[2]."</li>";
        //echo "</td><td valign='top' style='padding-left:10px'>";
        $addrtype1 = $_GET['addr_type'] == '1' ? "underline" : "none";
        $addrtype2 = $_GET['addr_type'] == '2' ? "underline" : "none";
        $report_type = $_GET['proto'] == '6' ? 1 : ($_GET['proto'] == '17' ? 2 : 0);
        ?>
			<td align="center" style='border-right:1px solid #CACACA;border-top:1px solid #CACACA;<?php 
        if ($color == "#28BC04") {
            echo "color:white";
        }
        ?>
' bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $unique_ip_cnt_info[1] . gettext("Unique addresses") . $unique_ip_cnt_info[2] . ":<br>" . $unique_src_ip_cnt_info[1] . "<font style='text-decoration:{$addrtype1}'>" . gettext("Source") . "</font>" . $unique_src_ip_cnt_info[2] . " | " . $unique_dst_ip_cnt_info[1] . "<font style='text-decoration:{$addrtype2}'>" . gettext("Destination") . "</font>" . $unique_dst_ip_cnt_info[2];
        ?>
</td>
	  <?php 
        //$li_style = (preg_match("/base_stat_ports\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_stat_ports\\.php/", $_SERVER['SCRIPT_NAME']) && $_GET['port_type'] == 1 ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $unique_src_port_cnt_info[1] = str_replace(":black", ":white", $unique_src_port_cnt_info[1]);
            $unique_tcp_src_port_cnt_info[1] = str_replace(":black", ":white", $unique_tcp_src_port_cnt_info[1]);
            $unique_udp_src_port_cnt_info[1] = str_replace(":black", ":white", $unique_udp_src_port_cnt_info[1]);
            if (!$cloud_instance) {
                $pdf = "<a href=\"javascript:;\" onclick=\"javascript:report_launcher('SourcePort_Report{$report_type}','pdf');return false\"><img src=\"images/pdf-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Launch PDF Report") . "\">";
                $csv = "<a href=\"javascript:;\" onclick=\"javascript:report_launcher('SourcePort_Report{$report_type}','{$src_port_report_type}');return false\"><img src=\"images/csv-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Download data in csv format") . "\"></a><br>";
            } else {
                $pdf = "<br>";
                $csv = "";
            }
        } else {
            $pdf = "<br>";
            $csv = "";
        }
        //echo "<li$li_style>".$unique_src_port_cnt_info[1].gettext("Source")." ".$unique_src_port_cnt_info[2].gettext("Port").": ".
        //       $unique_tcp_src_port_cnt_info[1]." TCP</a> | ".
        //       $unique_tcp_src_port_cnt_info[1]." TCP</a> | ".
        //       $unique_udp_src_port_cnt_info[1]." UDP</a>".
        //     "</li><li$li_style>".
        //       $unique_dst_port_cnt_info[1].gettext("Destination")." ".$unique_dst_port_cnt_info[2].gettext("Port").": ".
        //       $unique_tcp_dst_port_cnt_info[1]." TCP</a> | ".
        //       $unique_udp_dst_port_cnt_info[1]." UDP</a>" .
        //     "</li>";
        $sprototcp = $_GET['proto'] == '6' && $_GET['port_type'] == '1' ? "underline" : "none";
        $sprotoudp = $_GET['proto'] == '17' && $_GET['port_type'] == '1' ? "underline" : "none";
        $dprototcp = $_GET['proto'] == '6' && $_GET['port_type'] == '2' ? "underline" : "none";
        $dprotoudp = $_GET['proto'] == '17' && $_GET['port_type'] == '2' ? "underline" : "none";
        ?>
			<td align="center" style='border-right:1px solid #CACACA;border-top:1px solid #CACACA;<?php 
        if ($color == "#28BC04") {
            echo "color:white";
        }
        ?>
' bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $unique_src_port_cnt_info[1] . gettext("Source Port") . $unique_src_port_cnt_info[2] . ": {$pdf} {$csv}" . $unique_tcp_src_port_cnt_info[1] . " <font style='text-decoration:{$sprototcp}'>TCP</font></a> | " . $unique_udp_src_port_cnt_info[1] . " <font style='text-decoration:{$sprotoudp}'>UDP</font></a>";
        ?>
</td>
      <?php 
        $color = preg_match("/base_stat_ports\\.php/", $_SERVER['SCRIPT_NAME']) && $_GET['port_type'] == 2 ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $unique_dst_port_cnt_info[1] = str_replace(":black", ":white", $unique_dst_port_cnt_info[1]);
            $unique_tcp_dst_port_cnt_info[1] = str_replace(":black", ":white", $unique_tcp_dst_port_cnt_info[1]);
            $unique_udp_dst_port_cnt_info[1] = str_replace(":black", ":white", $unique_udp_dst_port_cnt_info[1]);
            if (!$cloud_instance) {
                $pdf = "<a href=\"javascript:;\" onclick=\"javascript:report_launcher('DestinationPort_Report{$report_type}','pdf');return false\"><img src=\"images/pdf-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Launch PDF Report") . "\">";
                $csv = "<a href=\"javascript:;\" onclick=\"javascript:report_launcher('DestinationPort_Report{$report_type}','{$dst_port_report_type}');return false\"><img src=\"images/csv-icon.png\" border=\"0\" align=\"absmiddle\" title=\"" . _("Download data in csv format") . "\"></a><br>";
            } else {
                $pdf = "<br>";
                $csv = "";
            }
        } else {
            $pdf = "<br>";
            $csv = "";
        }
        ?>
			<td align="center" style='border-right:1px solid #CACACA;border-top:1px solid #CACACA;<?php 
        if ($color == "#28BC04") {
            echo "color:white";
        }
        ?>
' bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $unique_dst_port_cnt_info[1] . gettext("Destination Port") . $unique_dst_port_cnt_info[2] . ": {$pdf} {$csv}" . $unique_tcp_dst_port_cnt_info[1] . " <font style='text-decoration:{$dprototcp}'>TCP</font></a> | " . $unique_udp_dst_port_cnt_info[1] . " <font style='text-decoration:{$dprotoudp}'>UDP</font></a>";
        ?>
</td> 
	  <?php 
        //$li_style = (preg_match("/base_stat_iplink\.php/",$_SERVER['SCRIPT_NAME'])) ? " style='color:#F37914'" : "";
        $color = preg_match("/base_stat_iplink\\.php|base_stat_country\\.php/", $_SERVER['SCRIPT_NAME']) ? "#28BC04" : "#FFFFFF";
        if ($color == "#28BC04") {
            $unique_links_info[1] = str_replace(":black", ":white", $unique_links_info[1]);
            $unique_links_fqdn = str_replace(":black", ":white", $unique_links_fqdn);
        }
        //echo "<li$li_style>".$unique_links_info[1].$unique_links_info[0].$unique_links_info[2]."</li>";
        ?>
			<td nowrap align="center" style='border-top:1px solid #CACACA;' bgcolor="<?php 
        echo $color;
        ?>
"><?php 
        echo $unique_links_info[1] . $unique_links_info[0] . $unique_links_info[2] . $unique_links_fqdn;
        ?>
            <?php 
        if ($color == "#28BC04" && !$cloud_instance && preg_match("/base_stat_iplink\\.php/", $_SERVER['SCRIPT_NAME']) && GET('fqdn') == 'no') {
            ?>
            <a href="javascript:;" onclick="javascript:report_launcher('UniqueIPLinks_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Launch PDF Report");
            ?>
"></a>
            <a href="javascript:;" onclick="javascript:report_launcher('UniqueIPLinks_Report','<?php 
            echo $unique_iplinks_report_type;
            ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Download data in csv format");
            ?>
"></a>
            <?php 
        }
        ?>
<br><a style='color:<?php 
        echo $color == "#28BC04" ? "white" : "black";
        ?>
;font-weight:bold' href="base_stat_country.php"><?php 
        echo _("Unique Country Events");
        ?>
</a>
            <?php 
        if ($color == "#28BC04" && !$cloud_instance && preg_match("/base_stat_country\\.php/", $_SERVER['SCRIPT_NAME'])) {
            ?>
            <a href="javascript:;" onclick="javascript:report_launcher('UniqueCountryEvents_Report','pdf');return false"><img src="images/pdf-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Launch PDF Report");
            ?>
"></a>
            <a href="javascript:;" onclick="javascript:report_launcher('UniqueCountryEvents_Report','<?php 
            echo $unique_country_events_report_type;
            ?>
');return false"><img src="images/csv-icon.png" border="0" align="absmiddle" title="<?php 
            echo _("Download data in csv format");
            ?>
"></a>
            <?php 
        }
        ?>
</td>
<?php 
        //echo "</td></tr></table>";
        ?>
	  </tr>
	 </table>
	  <?php 
        echo "</td></tr></table>";
    }
}
Example #7
0
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('environment-menu', 'PolicyHosts');
//CPE Types
$_cpe_types = array('os' => 'o', 'hardware' => 'h', 'software' => 'a');
$_cpe = GET('q');
$_cpe_type = GET('cpe_type');
ossim_valid($_cpe, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, 'illegal:' . _('CPE'));
ossim_valid($_cpe_type, 'os | software | hardware', 'illegal:' . _('CPE Type'));
if (ossim_error() || !array_key_exists($_cpe_type, $_cpe_types)) {
    exit;
}
$db = new Ossim_db();
$conn = $db->connect();
$_cpe = escape_sql($_cpe, $conn);
$filters = array('where' => "`cpe` LIKE 'cpe:/" . $_cpe_types[$_cpe_type] . "%' AND `line` LIKE '%{$_cpe}%'", 'limit' => 20);
$software = new Software($conn, $filters);
$db->close();
foreach ($software->get_software() as $cpe_info) {
    echo $cpe_info['cpe'] . '###' . $cpe_info['line'] . "\n";
}
/* End of file search_cpe.php */
Example #8
0
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 2 dated June, 1991.
* You may not use, modify or distribute this program under any other version
* of the GNU General Public License.
*
* This package is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "EventsForensics");
$rname = GET('name');
ossim_valid($rname, OSS_ALPHA, OSS_SPACE, 'illegal:' . _("Report Name"));
if (ossim_error()) {
    die(ossim_error());
}
$pdfReport = new Pdf_report($rname, "P");
$pdfReport->getPdf();
Example #9
0
*   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
*   MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
****************************************************************************/
/**
* Class and Function List:
* Function list:
* Classes list:
*/
include "classes/Security.inc";
$param = GET('param');
ossim_valid($plugin_id, OSS_ALPHA, OSS_NULLABLE);
if (ossim_error()) {
    die(ossim_error());
}
?>
		
    <div style="
      background-color:#17457c;
      width:100%;
      position:fixed;
      height:2px;
      left:0px;"></div>
		<center>
			<button style="width: 80px; margin-top:8px; cursor:pointer;"
				id="cancel"
Example #10
0
    exit;
}
$data = array('status' => 'success', 'data' => '');
$db = new ossim_db();
$conn = $db->connect();
$map = GET('map');
$ri_positions = GET('data');
$name = GET('alarm_name');
$icon = GET('icon');
$url = GET('url');
$ri_id = GET('id');
$type = GET('type');
$type_name = GET('elem');
$iconbg = GET('iconbg');
$iconsize = GET('iconsize') != '' ? GET('iconsize') : 0;
$noname = GET('noname') != '' ? '#NONAME' : '';
if (!empty($name)) {
    $name = $name . $noname;
}
$icon = str_replace("url_slash", "/", $icon);
$icon = str_replace("url_quest", "?", $icon);
$icon = str_replace("url_equal", "=", $icon);
$url = str_replace("url_slash", "/", $url);
$url = str_replace("url_quest", "?", $url);
$url = str_replace("url_equal", "=", $url);
ossim_valid($map, OSS_HEX, 'illegal:' . _('Map'));
ossim_valid($ri_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('ID'));
ossim_valid($risk_positions, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, ";,.", 'illegal:' . _('Risk Indicator Positions'));
ossim_valid($url, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('URL'));
ossim_valid($name, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&#", 'illegal:' . _('Name'));
ossim_valid($icon, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Icon'));
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'classes/Security.inc';
Session::logcheck("report-menu", "ReportsReportServer");
$date_from = GET('date_from') != "" ? GET('date_from') : strftime("%Y-%m-%d", time() - 24 * 60 * 60 * 30);
$date_to = GET('date_to') != "" ? GET('date_to') : strftime("%Y-%m-%d", time());
ossim_valid($date_from, OSS_DATE, 'illegal:' . _('Date From'));
ossim_valid($date_to, OSS_DATE, 'illegal:' . _('Date To'));
if (ossim_error()) {
    die(ossim_error());
}
$sql_year = "STR_TO_DATE( CONCAT( a.year, '-', a.month, '-', a.day ) , '%Y-%m-%d' ) >= '{$date_from}' AND STR_TO_DATE( CONCAT( a.year, '-', a.month, '-', a.day ) , '%Y-%m-%d' ) <= '{$date_to}'";
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
$user = Session::get_session_user();
$conn->Execute('use datawarehouse');
$sql = "SELECT * FROM ( SELECT * FROM\n(select s.service as service, 'Availability' as category, sum(c.D) as volume from datawarehouse.ssi_user a,\ndatawarehouse.category c, datawarehouse.ip2service s\nwhere c.D <> '0' and a.sid=c.sid and a.destination=s.dest_ip and " . $sql_year . " AND a.user='******' GROUP BY\n2) as imp_D\nUNION SELECT * FROM\n(select s.service as service, 'Integrity' as category, sum(c.I) as volume from datawarehouse.ssi_user a,\ndatawarehouse.category c, datawarehouse.ip2service s\nwhere c.I <> '0' and a.sid=c.sid and a.destination=s.dest_ip and " . $sql_year . " AND a.user='******' GROUP BY 2)\nas imp_I\nUNION SELECT * FROM\n(select s.service as service, 'Confidentiality' as category, sum(c.C) as volume from datawarehouse.ssi_user a,\ndatawarehouse.category c, datawarehouse.ip2service s\nwhere c.C <> '0' and a.sid=c.sid and a.destination=s.dest_ip and " . $sql_year . " AND a.user='******' GROUP BY\n2) as imp_C\n) AS allalarms;";
if (!($rs =& $conn->Execute($sql))) {
    print $conn->ErrorMsg();
    return;
Example #12
0
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "PolicyServers");
$validate = array("id" => array("validation" => "OSS_HEX", "e_message" => 'illegal:' . _("ID")), "sname" => array("validation" => "OSS_ALPHA, OSS_PUNC", "e_message" => 'illegal:' . _("Name")), "ip" => array("validation" => "OSS_IP_ADDR", "e_message" => 'illegal:' . _("Ip")), "port" => array("validation" => "OSS_PORT", "e_message" => 'illegal:' . _("Port number")), "descr" => array("validation" => "OSS_ALL, OSS_NULLABLE", "e_message" => 'illegal:' . _("Description")), "correlate" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Correlation")), "cross_correlate" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Cross Correlation")), "store" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Store")), "reputation" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Reputation")), "qualify" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Qualify")), "resend_alarms" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Resend Alarms")), "resend_events" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Resend Events")), "sign" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Sign")), "multi" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Multilevel")), "sem" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Log")), "sim" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Security Events")), "alarm_to_syslog" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Alarm to Syslog")), "remoteadmin" => array("validation" => "OSS_ALPHA, OSS_PUNC, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote Admin")), "remotepass" => array("validation" => "OSS_PASSWORD, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote Password")), "remoteurl" => array("validation" => "OSS_ALPHA, OSS_PUNC, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote URL")), "setssh" => array("validation" => "OSS_DIGIT, OSS_NULLABLE", "e_message" => 'illegal:' . _("setssh")));
if (GET('ajax_validation') == TRUE) {
    $data['status'] = 'OK';
    $validation_errors = array();
    if (GET('name') == 'rservers[]' && !empty($_GET['rservers'])) {
        $rservers = $_GET['rservers'];
        foreach ($rservers as $rserver) {
            $rserver = explode('@', $rserver);
            $fwr_ser = $rserver[0];
            $fwr_prio = $rserver[1];
            ossim_valid($fwr_ser, OSS_HEX, 'illegal:' . _("Forward Servers"));
            ossim_valid($fwr_prio, OSS_DIGIT, 'illegal:' . _("Forward Priority"));
            if (ossim_error()) {
                $validation_errors['rservers[]'] = ossim_get_error_clean();
                ossim_clean_error();
            }
        }
    } else {
        $validation_errors = validate_form_fields('GET', $validate);
    }
    echo ossim_error(_("You don't have permission to see this page"));
    exit;
}
$db = new ossim_db();
$conn = $db->connect();
$plugin_list = Plugin::get_list($conn, "ORDER BY name", 0);
require 'base_conf.php';
include_once $BASE_path . "includes/base_db.inc.php";
include_once "{$BASE_path}/includes/base_state_query.inc.php";
include_once "{$BASE_path}/includes/base_state_common.inc.php";
/* Connect to the Alert database */
$db_snort = NewBASEDBConnection($DBlib_path, $DBtype);
$db_snort->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, 1);
$qs = new QueryState();
$newref = GET('newref');
$delete = GET('deleteref');
$error_msg = null;
if ($newref != "") {
    ossim_valid($newref, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("New Reference"));
    if (!ossim_error()) {
        $sql = "INSERT INTO reference_system (ref_system_name) VALUES (\"{$newref}\")";
        $qs->ExecuteOutputQueryNoCanned($sql, $db_snort);
    } else {
        $error_msg = ossim_get_error();
        ossim_clean_error();
    }
}
if (preg_match("/^\\d+\$/", $delete)) {
    ossim_valid($delete, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Reference ID"));
    if (!ossim_error()) {
        $sql = "SELECT sig_reference.ref_id FROM sig_reference,reference WHERE reference.ref_system_id={$delete} AND reference.ref_id=sig_reference.ref_id";
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsReport");
$by = GET('by');
ossim_valid($by, OSS_ALPHA, OSS_SPACE, OSS_SCORE, 'illegal:' . _("Target"));
if (ossim_error()) {
    die(ossim_error());
}
// Define colors
$color_list = array('#D6302C', '#3933FC', 'green', 'yellow', 'pink', '#40E0D0', '#00008B', '#800080', '#FFA500', '#A52A2A', '#228B22', '#D3D3D3');
$conf = $GLOBALS["CONF"];
$jpgraph = $conf->get_conf("jpgraph_path");
require "{$jpgraph}/jpgraph.php";
require "{$jpgraph}/jpgraph_bar.php";
$db = new ossim_db();
$conn = $db->connect();
$shared = new DBA_shared(GET('shared'));
if ($by == "ticketsByTypePerMonth") {
    $titley = _("Month") . '-' . _("Year");
    $titlex = _("Num. Tickets");
    $title = '';
    $width = 650;
    $user = $shared->get("TicketsStatus4_user");
    $assets = $shared->get("TicketsStatus4_assets");
    $final_values = array();
    $ticket_by_type_per_month = Incident::incidents_by_type_per_month($conn, $assets, $user);
    if (is_array($ticket_by_type_per_month) && !empty($ticket_by_type_per_month)) {
        foreach ($ticket_by_type_per_month as $event_type => $months) {
            $final_values[$event_type] = implode(",", $months);
        }
        $event_types = array_keys($ticket_by_type_per_month);
    }
Example #15
0
<html>
<head>
  <title> <?php 
echo gettext("OSSIM Framework");
?>
 </title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
  <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
  <link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>
<body>

<?php 
require_once "classes/Security.inc";
$sensor = GET('sensor');
ossim_valid($sensor, OSS_ALPHA, OSS_PUNC, OSS_SPACE, 'illegal:' . _("Sensor"));
if (ossim_error()) {
    die(ossim_error());
}
require_once 'ossim_conf.inc';
$conf = $GLOBALS["CONF"];
//
// get ntop proto and port from default ntop entry at
// /etc/ossim/framework/ossim.conf
// a better solution ??
//
require_once 'ossim_db.inc';
require_once 'classes/Sensor.inc';
require_once 'classes/Net.inc';
$db = new ossim_db();
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsIncidents");
$id = GET('id');
$incident_id = GET('incident_id');
ossim_valid($id, OSS_DIGIT, 'illegal:' . _("Id"));
ossim_valid($incident_id, OSS_DIGIT, 'illegal:' . _("Incident Id"));
if (ossim_error()) {
    die(ossim_error());
}
/* database connect */
$db = new ossim_db();
$conn = $db->connect();
list($output_name, $content) = Incident::get_custom_content($conn, $id, $incident_id);
$conn->disconnect();
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
header("Content-Type: application/octet-stream");
Example #17
0
    die(ossim_error());
}
//End of validation
//Array that contains the widget's general info
$winfo = array();
//Array that contains the info about the widget's representation, this is: chart info, tag cloud info, etc.
$chart_info = array();
//If the ID is empty it means that we are in the wizard previsualization. We get all the info from the GET parameters.
if (!isset($id) || empty($id)) {
    $winfo['height'] = GET("height");
    //Height of the widget
    $winfo['wtype'] = GET("wtype");
    //Type of widget: chart, tag_cloud, etc.
    $winfo['asset'] = GET("asset");
    //Assets implicated in the widget
    $chart_info = unserialize(GET("value"));
    //Params of the widget representation, this is: type of chart, legend params, etc.
} else {
    //Getting the widget's info from DB
    $winfo = get_widget_data($conn, $id);
    //Check it out in widget_common.php
    $chart_info = $winfo['params'];
    //Params of the widget representation, this is: type of chart, legend params, etc.
}
//Validation
ossim_valid($winfo['wtype'], OSS_TEXT, 'illegal:' . _("Type"));
ossim_valid($winfo['height'], OSS_DIGIT, 'illegal:' . _("Widget ID"));
ossim_valid($winfo['asset'], OSS_HEX, OSS_SCORE, OSS_ALPHA, OSS_USER, 'illegal:' . _("Asset/User/Entity"));
if (is_array($chart_info) && !empty($chart_info)) {
    $validation = get_array_validation();
    foreach ($chart_info as $key => $val) {
Example #18
0
    $icon = empty($icons[$property]) ? "folder" : $icons[$property];
    $icon .= ".png";
    if (preg_match("/^OS\\=/i", $property)) {
        $os_icon = Host_os::get_os_pixmap_nodb($property, "..", true);
        if ($os_icon != "") {
            $icon = $os_icon;
        }
    }
    return $icon;
}
$db = new ossim_db();
$conn = $db->connect();
$ip = GET('ip');
$tree = GET('tree');
ossim_valid($ip, OSS_IP_ADDR, 'illegal:' . _("Ip Address"));
$length_name = !empty($_GET['length_name']) ? GET('length_name') : 40;
if (ossim_error()) {
    $ossim_error = true;
}
$image_url = "../../pixmaps/theme/";
$icon1 = $image_url . 'any.png';
$icon2 = $image_url . 'ltError.gif';
$empty_tree = "[{title: '<span class=\\'size12n\\'>" . _("Properties") . "</span>', key:'0', isFolder:true, icon:'{$icon1}', hideCheckbox: true, \n\t\tchildren:[{title: '<span>" . _("No data found") . "</span>', addClass:'bold_red', key:'load_error', isFolder:false, hideCheckbox: true, icon:'{$icon2}'}]}]";
switch ($tree) {
    case "tree_container_1":
        $properties_types = Host::get_properties_types($conn);
        $properties = Host::get_host_properties($conn, $ip, '', 'ord, date DESC');
        $grouped_properties = array();
        $services_list = Host_services::get_ip_data($conn, $ip, '1');
        if (count($properties_types) == 0 || $ossim_error) {
            echo $empty_tree;
Example #19
0
} elseif (GET("type") == "siemweek") {
    $js = "analytics";
    $data = SIEM_trends_week();
    $max = 7;
    for ($i = $max - 1; $i >= 0; $i--) {
        $d = gmdate("j M", $timetz - 86400 * $i);
        $hours[] = $d;
        $trend[] = $data[$d] != "" ? $data[$d] : 0;
    }
    /*foreach ($data as $h => $v) {
      	$hours[] = $h;
      	$trend[] = ($v!="") ? $v : 0;
      }
      $max = count($hours);*/
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=DD&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=DD&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
} elseif (GET("type") == "hids") {
    $js = "analytics";
    list($data, $plugins) = SIEM_trends_week("ossec%");
    $max = 7;
    for ($i = $max - 1; $i >= 0; $i--) {
        $d = gmdate("j M", $timetz - 86400 * $i);
        $hours[] = $d;
        $trend[] = $data[$d] != "" ? $data[$d] : 0;
    }
    /*foreach ($data as $h => $v) {
      	$hours[] = $h;
      	$trend[] = ($v!="") ? $v : 0;
      }
      $max = count($hours);*/
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=DD&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=DD&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics&plugin=" . $plugins;
} else {
Example #20
0
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
	<meta http-equiv="Pragma" CONTENT="no-cache"/>
	<link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>

<body>

  <h1> <?php 
echo gettext("Delete host");
?>
 </h1>

<?php 
require_once 'classes/Security.inc';
$ip = GET('ip');
$confirm = GET('confirm');
ossim_valid($ip, OSS_IP_ADDR, 'illegal:' . _("ip"));
ossim_valid($confirm, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("confirm"));
if (ossim_error()) {
    die(ossim_error());
}
if (empty($confirm)) {
    ?>
    <p> <?php 
    echo gettext("Are you sure");
    ?>
 ?</p>
    <p>
		<a href="<?php 
    echo $_SERVER["SCRIPT_NAME"] . "?ip={$ip}&confirm=yes";
    ?>
Example #21
0
     $direct = $directive_editor->getDirectiveFromXML($dom, $directive_id);
     $tab_rules = $direct->rules;
     list($id_dir, $id_rule, $id_father) = explode("-", $rule);
     $old_rule = $tab_rules[$id_rule];
     $new_rule = $old_rule->rule->cloneNode(true);
     // deep = true
     $new_rule->setAttribute("name", "Copy of " . $new_rule->getAttribute("name"));
     // Can not copy the root rule at same level => copy as a child (Button disabled for the moment)
     $parent = $old_rule->rule->parentNode;
     $parent->appendChild($new_rule);
     $directive_editor->save_xml($filepath, $dom, "DOMXML");
 } elseif (GET('mode') == "move") {
     $dom = $directive_editor->get_xml($filepath, "DOMXML");
     $direct = $directive_editor->getDirectiveFromXML($dom, $directive_id);
     $tab_rules = $direct->rules;
     switch (GET('direction')) {
         case 'left':
             $directive_editor->left($dom, $rule, &$tab_rules, $direct);
             break;
         case 'right':
             $directive_editor->right($dom, $rule, &$tab_rules, $direct);
             break;
         case 'up':
             $directive_editor->up($dom, $rule, &$tab_rules, $direct);
             break;
         case 'down':
             $directive_editor->down($dom, $rule, &$tab_rules, $direct);
             break;
     }
     $directive_editor->save_xml($filepath, $dom, "DOMXML");
 }
Example #22
0
//Data related to the action.
ossim_valid($action, OSS_INPUT, 'illegal:' . _("Action"));
if (ossim_error()) {
    $response['error'] = TRUE;
    $response['msg'] = ossim_get_error();
    ossim_clean_error();
    echo json_encode($response);
    die;
}
//Default values for the response.
$response['error'] = TRUE;
$response['msg'] = _('Unknown Error');
//checking if it is an ajax request
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    //Checking token
    if (!Token::verify('tk_plugin_select', GET('token'))) {
        $response['error'] = TRUE;
        $response['msg'] = _('Invalid Action');
    } else {
        //List of all the possibles functions
        $function_list = array('set_plugins' => array('name' => 'set_plugins', 'params' => array('conn', 'data')), 'vendor_list' => array('name' => 'get_vendor_list', 'params' => array('conn')), 'model_list' => array('name' => 'get_model_list', 'params' => array('conn', 'data')), 'version_list' => array('name' => 'get_version_list', 'params' => array('conn', 'data')), 'plugin_activity' => array('name' => 'plugin_activity', 'params' => array('conn', 'data')));
        $_function = $function_list[$action];
        //Checking we have a function associated to the action given
        if (is_array($_function) && function_exists($_function['name'])) {
            $db = new ossim_db();
            $conn = $db->connect();
            //Now we translate the params list to a real array with the real parameters
            $params = array();
            foreach ($_function['params'] as $p) {
                $params[] = ${$p};
            }
Example #23
0
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("environment-menu", "ReportsWireless");
require_once 'Wireless.inc';
$sensor = GET('sensor');
$file = str_replace("../", "", GET('file'));
ossim_valid($sensor, OSS_IP_ADDR, 'illegal: sensor');
ossim_valid($file, OSS_TEXT, 'illegal: file');
if (ossim_error()) {
    die(ossim_error());
}
# sensor list with perms
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
if (!validate_sensor_perms($conn, $sensor, ", sensor_properties WHERE sensor.id=sensor_properties.sensor_id AND sensor_properties.has_kismet=1")) {
    echo ossim_error($_SESSION["_user"] . " have not privileges for {$sensor}");
    $db->close();
    exit;
}
$db->close();
Example #24
0
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
require_once 'av_init.php';
$m_perms = array('analysis-menu', 'analysis-menu');
$sm_perms = array('EventsForensics', 'ControlPanelAlarms');
Session::logcheck($m_perms, $sm_perms);
list($ip, $ctx) = explode('-', GET('ip'));
ossim_valid($ip, OSS_IP_ADDR_0, 'illegal:' . _('Ip'));
ossim_valid($ctx, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Ctx'));
// Maybe nullable from Logger resolves
if (ossim_error()) {
    die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
$net = array_shift(Asset_host::get_closest_net($conn, $ip, $ctx));
if (is_array($net)) {
    if ($net['icon'] != '') {
        echo "<img class='asset_icon w16' src='data:image/png;base64," . base64_encode($net['icon']) . "' border='0'/> ";
    }
    echo '<strong>' . $net['name'] . '</strong> (' . $net['ips'] . ')';
} else {
Example #25
0
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("report-menu", "ReportsReportServer");
$year = GET('year') != "" ? intval(GET('year')) : date("Y");
$user = Session::get_session_user();
// define colors
define('COLOR1', '#D6302C');
define('COLOR2', '#3933FC');
define('COLOR3', 'green');
define('COLOR4', 'yellow');
define('COLOR5', 'pink');
define('COLOR6', '#40E0D0');
define('COLOR7', '#00008B');
define('COLOR8', '#800080');
define('COLOR9', '#FFA500');
define('COLOR10', '#A52A2A');
define('COLOR11', '#228B22');
define('COLOR12', '#D3D3D3');
//
Example #26
0
 *
 * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
 *
 * @package    ossim-framework\Assets
 * @autor      AlienVault INC
 * @license    http://www.gnu.org/licenses/gpl-2.0.txt
 * @copyright  2003-2006 ossim.net
 * @copyright  2007-2013 AlienVault
 * @link       https://www.alienvault.com/
 */
require_once 'av_init.php';
Session::logcheck("environment-menu", "PolicyHosts");
// Close session write for real background loading
session_write_close();
$group_id = GET('group_id');
$asset_type = GET('asset_type');
$maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 15;
$search_str = POST('sSearch') != '' ? POST('sSearch') : '';
$from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0;
$order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : '';
$torder = POST('sSortDir_0');
$sec = POST('sEcho');
switch ($order) {
    case 0:
        $order = 'hostname';
        break;
        /*
        case 1:
        	$order = 'ip';
        	break;
        */
Example #27
0
function clean_tmp()
{
    global $tmpfile;
    @unlink($tmpfile);
}
$db = new ossim_db();
$conn = $db->connect();
$conf = $GLOBALS['CONF'];
$rrdtool_bin = $conf->get_conf('rrdtool_path') . '/rrdtool';
set_error_handler('mydie');
$id = GET('id');
$what = GET('what');
$type = GET('type');
$start = GET('start');
$end = GET('end');
$zoom = GET('zoom') ? GET('zoom') : 1;
ossim_valid($id, OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_SCORE, 'illegal:' . _('ID'));
ossim_valid($start, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('Start param'));
ossim_valid($end, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('End param'));
ossim_valid($zoom, OSS_DIGIT, OSS_DOT, 'illegal:' . _('Zoom parameter'));
ossim_valid($what, OSS_ALPHA, OSS_SCORE, 'illegal:' . _('What'));
ossim_valid($type, OSS_ALPHA, 'illegal:' . _('Type'));
if (ossim_error()) {
    mydie(strip_tags(ossim_get_error_clean()));
}
//
// params validations
//
if ($what != 'eps') {
    mydie(sprintf(_("Invalid param '%s' with value '%s'"), 'what', $what));
}
Example #28
0
require_once 'inc/collectd.inc.php';
# use width/height from config if nothing is given
if (empty($_GET['x'])) {
    $_GET['x'] = $CONFIG['detail-width'];
}
if (empty($_GET['y'])) {
    $_GET['y'] = $CONFIG['detail-heigth'];
}
$host = validate_get(GET('h'), 'host');
$plugin = validate_get(GET('p'), 'plugin');
$pinstance = validate_get(GET('pi'), 'pinstance');
$type = validate_get(GET('t'), 'type');
$tinstance = validate_get(GET('ti'), 'tinstance');
$width = GET('x');
$heigth = GET('y');
$seconds = GET('s');
$requesthash = sha1(serialize($_GET));
$rediskey = "cache:grapher:detail:{$host}:{$plugin}:{$type}:{$tinstance}:{$seconds}";
$content = $redis->get($rediskey);
if ($content) {
    http_cache_etag();
    http_send_data($content);
    exit;
}
ob_start();
html_start();
if (isset($_GET["tz"])) {
    $tz = $_GET["tz"];
} else {
    $tz = "EEST";
}
Example #29
0
//Data related to the action.
ossim_valid($action, OSS_INPUT, 'illegal:' . _("Action"));
if (ossim_error()) {
    $response['error'] = TRUE;
    $response['msg'] = ossim_get_error();
    ossim_clean_error();
    echo json_encode($response);
    die;
}
//Default values for the response.
$response['error'] = TRUE;
$response['msg'] = _('Error when processing the request');
//checking if it is an ajax request
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    //Checking token
    if (!Token::verify('tk_welcome_wizard', GET('token'))) {
        $response['error'] = TRUE;
        $response['msg'] = _('Invalid Action');
    } else {
        //Getting the object with the filters. Unserialize needed.
        $wizard = Welcome_wizard::get_instance();
        //List of all the possibles functions
        $function_list = array('start_wizard' => array('name' => 'initialize_wizard', 'params' => array()), 'change_step' => array('name' => 'change_step', 'params' => array('wizard', 'data')), 'exit_wizard' => array('name' => 'exit_wizard', 'params' => array('data')));
        $_function = $function_list[$action];
        //Checking we have a function associated to the action given
        if (is_array($_function) && function_exists($_function['name'])) {
            //Now we translate the params list to a real array with the real parameters
            $params = array();
            foreach ($_function['params'] as $p) {
                $params[] = ${$p};
            }
Example #30
0
            fclose($active_news_file);
            $approved_articles++;
        }
    }
    flock($new_db, LOCK_UN);
    fclose($new_db);
    if (count($selected_news) == $approved_articles) {
        msg("info", lang("News Approved"), str_replace('%1', $approved_articles, "All articles that you selected (%1) were approved and are now active"));
    } else {
        msg("error", lang("News Approved (with errors)"), str_replace(array('%1', '%2'), array($approved_articles, count($selected_news)), lang("%1 of %2 articles that you selected were approved")));
    }
} elseif ($action == "mass_unapprove") {
    if ($member_db[UDB_ACL] != ACL_LEVEL_JOURNALIST and $member_db[UDB_ACL] != ACL_LEVEL_ADMIN) {
        msg("error", lang('Error!'), lang("You do not have permissions for this action"), "#GOBACK");
    }
    list($id, $source, $selected_news, $returnto) = GET('id,source,selected_news,returnto', 'GET');
    if (!is_array($selected_news)) {
        $selected_news = array();
    }
    // detect source for unapprove
    if (is_integer($source)) {
        $news_file = SERVDIR . "/cdata/archives/{$source}.news.arch";
    } else {
        $news_file = SERVDIR . "/cdata/news.txt";
    }
    $old_db = file($news_file);
    $new_db = fopen($news_file, 'w');
    flock($new_db, LOCK_EX);
    $unapproved_count = 0;
    foreach ($old_db as $old_db_line) {
        $old_db_arr = explode("|", $old_db_line);