Example #1
0
$validate = array('sensor_id' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor ID')), 'asset_id' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Asset ID')), 'agent_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Agent ID')));
$validation_errors = validate_form_fields('POST', $validate);
//Database connection
$db = new ossim_db();
$conn = $db->connect();
if (empty($validation_errors)) {
    //Extra validations
    try {
        if (Asset_host::is_in_db($conn, $asset_id) == FALSE) {
            $e_msg = _('Unable to deploy HIDS agent. This asset no longer exists in the asset inventory. Please check with your system admin for more information');
            Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
        }
        $asset = new Asset_host($conn, $asset_id);
        $asset->load_from_db($conn);
        //Check asset context
        $ext_ctxs = Session::get_external_ctxs($conn);
        $ctx = $asset->get_ctx();
        if (!empty($ext_ctxs[$ctx])) {
            $e_msg = _('Asset can only be deployed at this USM');
            //Server related to CTX
            $server_obj = Server::get_server_by_ctx($conn, $ctx);
            if ($server_obj) {
                $s_name = $server_obj->get_name();
                $s_ip = $server_obj->get_ip();
                $server = $s_name . ' (' . $s_ip . ')';
                $e_msg = sprintf(_("Unable to deploy agent to assets on a child server. Please login to %s to deploy the HIDS agents"), $server);
            }
            Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
        }
    } catch (Exception $e) {
        $validation_errors['asset_id'] = $e->getMessage();
     $alarm_to_syslog = $role->get_alarms_to_syslog();
     $remoteadmin = $server->get_remoteadmin();
     $remotepass = Util::fake_pass($server->get_remotepass());
     $remoteurl = $server->get_remoteurl();
     $my_rservers = '';
     $rservers_list = Server::get_my_hierarchy($conn, $id);
     foreach ($rservers_list as $sid => $sdata) {
         $val = $sid . "@" . $sdata[2];
         $text = $sdata[0] . " (" . $sdata[2] . ")";
         $my_rservers .= "<option value='{$val}'>{$text}</option>\n";
         if (!$all_rservers[$sid]) {
             $error_forward = $sdata[0];
         }
     }
     // Check if you can edit it
     $external_ctxs = Session::get_external_ctxs($conn, $id);
     foreach ($external_ctxs as $e_id => $e_name) {
         if (!empty($external_ctxs[$e_id])) {
             $can_i_modify_elem = FALSE;
             $external_ctx = $e_name;
         }
     }
     $action = 'modifyserver.php';
     if (!$opensource) {
         $_engines = Acl::get_engines_by_server($conn, $id);
         if (count($_engines) < 1) {
             $mssp = FALSE;
         }
     }
 } elseif (!empty($server)) {
     $sname = $server->get_name();
Example #3
0
function scan2html($conn, $scan)
{
    $count = 0;
    $text_hostname = "<div>" . _('A valid hostname satisfy the following rules (according RFC 1123)') . ":</div>\n                    <div>\n                        <ul>\n                            <li>" . _("A hostname can start or end with a letter or a number [a-zA-z0-9]") . "</li>\n                            <li>" . _("A hostname <strong>MUST NOT</strong> contain any '.' (dot)") . "</li>\n                            <li>" . _("A hostname <strong>MUST NOT</strong> start or end with a '-' (dash)") . "</li>\n                            <li>" . _("A hostname can be up to 63 characters") . "</li>\n                        </ul>\n                    </div>";
    $text_fqdn = "<div>" . _('If FQDN contains any dot, only the first label will be used') . "</div>";
    $text_mac = "<div>" . _('Place the pointer over the MAC address to show MAC vendor') . "</div>";
    $text_services = "<div>" . _('Place the pointer over the service name to show more information') . "</div>";
    $text_os = "<div>" . _('Place the pointer over the OS to show more information') . "</div>";
    $html = '';
    $s_ctx = $scan['sensor']['ctx'];
    foreach ($scan['scanned_ips'] as $ip => $host) {
        $w_msg = '';
        $w_html = '';
        $external_ctxs = Session::get_external_ctxs($conn);
        //Checking forwarded hosts
        if (empty($external_ctxs[$s_ctx])) {
            $can_i_modify_elem = TRUE;
            $md_check = "<input id='icheckbox" . $count . "' type='checkbox' checked='checked' class='mc' value='" . $ip . "' name='ip_" . $count . "'/>";
        } else {
            $can_i_modify_elem = FALSE;
            $md_check = "<input id='icheckbox" . $count . "' type='checkbox' disabled='disabled' class='mc' name='ip_" . $count . "'/>";
        }
        $host_name = $host['hostname'];
        $fqdn = $host['fqdn'];
        $ids = Asset_host::get_id_by_ips($conn, $ip, $s_ctx);
        $id = key($ids);
        //Host already exists
        if (!empty($id)) {
            $host_object = Asset_host::get_object($conn, $id);
            if (is_object($host_object) && !empty($host_object)) {
                $host_name = $host_object->get_name();
                $h_fqdn = $host_object->get_fqdns();
                $fqdn = !empty($fqdn) ? $fqdn : $h_fqdn;
            }
        }
        //FQDN
        if (!empty($fqdn)) {
            $fqdn_check = "<input id='fcheckbox" . $count . "' type='checkbox' class='fqdn' value='" . $ip . "' name='fqdn_" . $count . "'/>";
        } else {
            $fqdn = '-';
            $fqdn_check = "<input id='fcheckbox" . $count . "' type='checkbox' disabled='disabled' class='fqdn' value='" . $ip . "' name='fqdn_" . $count . "'/>";
        }
        //Devices types
        $devices_types = count($host['device_types']) > 0 ? implode(', ', $host['device_types']) : '-';
        //MAC
        $mac = !empty($host['mac']) != '' ? "<a class='more_info' title='" . $host['mac_vendor'] . "'>" . $host['mac'] . "</a>" : '-';
        //Operating System
        $os = !empty($host['os']) != '' ? Properties::get_os_pixmap($host['os']) . ' ' . $host['os'] : '-';
        //Services
        $services = array();
        if (is_array($host['services'])) {
            foreach ($host['services'] as $port_and_proto => $s_data) {
                $service_name = $s_data['service'] != 'unknown' ? $s_data['service'] : $port_and_proto;
                $version = $s_data['version'];
                if (preg_match('/^cpe:\\/a/', $s_data['version'])) {
                    $version = Software::get_info($conn, $s_data['version']);
                }
                $version = !empty($version) && !preg_match("/^cpe/", $version) ? $version : $s_data['service'];
                $title = $port_and_proto . " (" . $version . ')';
                $html_data = "<a class='more_info' title='{$title}'>{$service_name}</a>";
                $services[] = $html_data;
            }
        }
        $services = implode(', ', $services);
        if ($can_i_modify_elem == FALSE) {
            $w_msg = _('The properties of this asset can only be modified at the USM') . ": <strong>" . $external_ctxs[$s_ctx] . '</strong>';
        }
        if (!empty($w_msg)) {
            $w_html = "<a class='more_info' title='" . $w_msg . "'>\n                            <img src='../pixmaps/warning.png' border='0'/>\n                       </a>";
        }
        $html .= "\n            <tr>\n                <td class='td_chk_hosts'>" . $md_check . "</td>\n\n                <td class='td_ip' id='ip" . $count . "'>{$w_html} " . $host['ip'] . "</td>\n\n                <td class='td_hostname' id='hostname" . $count . "'>" . $host_name . "</td>\n\n                <td class='td_fqdn' id='fqdn" . $count . "'>" . $fqdn . "</td>\n\n                <td class='td_device_types' id='device_types" . $count . "'>" . ucwords($devices_types) . "</td>\n\n                <td class='td_mac' id='mac" . $count . "'>" . $mac . "</td>\n\n                <td class='td_os' id='os" . $count . "'>" . $os . "</td>\n\n                <td class='td_services' id='services" . $count . "'>" . $services . "</td>\n\n                <td class='td_chk_fqdns'>" . $fqdn_check . "</td>\n\n            </tr>";
        $count++;
    }
    ?>
   	
	<form method="POST" action="scan_form.php" name="scan_form" id="scan_form">		
		<input type="hidden" name="ips" value='<?php 
    echo $count;
    ?>
'/>
		
		<div class='results_title'><?php 
    echo _('Scan Results');
    ?>
</div>
		
		<table class='table_data' id='t_sresults'>
		    <thead>
               
    			</tr>				
    				<th class="th_chk_hosts">    				    
    				    <input type='checkbox' name='chk_all_hosts' id='chk_all_hosts' checked="checked" value="1"/>    			
    				</th>
    				
    				<th class="th_ip"><?php 
    echo _('Host');
    ?>
</th>
    				<th class="th_hostname"><?php 
    echo _('Hostname');
    ?>
                        <a class="more_info" title="<?php 
    echo $text_hostname;
    ?>
">
                            <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/>
                        </a>
                    </th>
                    <th class="th_fqdn"><?php 
    echo _('FQDN');
    ?>
</th>
                    <th class="th_devices_types"><?php 
    echo _('Device types');
    ?>
</th>
    				<th class="th_mac"><?php 
    echo _('Mac');
    ?>
                        <a class="more_info" title="<?php 
    echo $text_mac;
    ?>
">
                            <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/>
                        </a>
                    </th>
    				<th class="th_os"><?php 
    echo _('OS');
    ?>
                        <a class="more_info" title="<?php 
    echo $text_os;
    ?>
">
                            <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/>
                        </a>
                    </th>
    				<th class="th_services"><?php 
    echo _('Services');
    ?>
                        <a class="more_info" title="<?php 
    echo $text_services;
    ?>
">
                            <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/>
                        </a>
                    </th>
    				
    			    <th class="th_chk_fqdns">                        
                        <input type='checkbox' name='chk_all_fqdns' id='chk_all_fqdns' value="1"/>                        
                        <span><?php 
    echo _('FQDN as Hostname');
    ?>
</span>
                        <a class="more_info" title="<?php 
    echo $text_fqdn;
    ?>
">
                            <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/>
                        </a>                
                    </th>
                </tr>
            </thead>
            <tbody>
    			<?php 
    echo $html;
    ?>
    	
            </tbody>
        </table> 
        
        <div style='text-align:center; padding: 10px 0px;'>
			<input type="button" style='margin-left: 10px;' class="av_b_secondary" onclick="document.location.href='index.php?clearscan=1'" value='<?php 
    echo _('Clear scan result');
    ?>
'/>
			<input type='submit' name='send' id='send' value="<?php 
    echo _('Update database values');
    ?>
"/>
        </div>            		
	</form>
	
	<script type='text/javascript'>	

		$(".more_info").tipTip({maxWidth: "auto"});
		
		$("#chk_all_hosts").click(function(){    	    		
    		if ($(this).prop("checked"))
    		{
        		$(".mc:not(:disabled)").prop("checked", true);
    		}
    		else
    		{
        		$(".mc:not(:disabled)").prop("checked", false);
    		}    		
		});	
		
		$(".mc:not(:disabled)").click(function(){     		
    		
    		if($('.mc:checked').length == 0) 
    		{
        		$("#chk_all_hosts").prop("checked", false);
    		}    			
		});	
		
				
		if ($(".fqdn:not(:disabled)").length > 0)
		{
    		$("#chk_all_fqdns").click(function(){    	    		
        		if ($(this).prop("checked"))
        		{
            		$(".fqdn:not(:disabled)").prop("checked", true);
        		}
        		else
        		{
            		$(".fqdn:not(:disabled)").prop("checked", false);
        		}    		
    		});	
		}
		else
		{
    		$("#chk_all_fqdns").prop("disabled", true);
		}
		
		
		$(".mc:not(:disabled)").click(function(){     		
    		
    		if($('.fqdn:checked').length == 0) 
    		{
        		$("#chk_all_fqdns").prop("checked", false);
    		}    			
		});	
		
		
		/***************************************************
        *********************** Token *********************
        ***************************************************/
        
        Token.add_to_forms();
	</script>
	<?php 
}