function list_results($type, $value, $ctx_filter, $sortby, $sortdir)
{
global $allres, $offset, $pageSize, $dbconn;
global $user, $arruser;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$filteredView = FALSE;
$selRadio = array("", "", "", "");
$query_onlyuser = "";
$url_filter = "";
// Deprecated filter
//if(!empty($arruser)) {$query_onlyuser = "******";}
$sortby = "t1.results_sent DESC, t1.hostIP DESC";
$sortdir = "";
$queryw = "";
$queryl = "";
$querys = "SELECT distinct t1.hostIP, HEX(t1.ctx) as ctx, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid, t3.name as profile\n FROM vuln_nessus_latest_reports AS t1 LEFT JOIN vuln_nessus_settings AS t3 ON t1.sid = t3.id, vuln_nessus_latest_results AS t5\n WHERE\n t1.hostIP = t5.hostIP\n AND t1.ctx = t5.ctx\n AND t1.deleted = '0' ";
// set up the SQL query based on the search form input (if any)
if ($type == "scantime" && $value != "") {
$selRadio[0] = "CHECKED";
$q = $value;
$queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "service" && $value != "") {
$selRadio[5] = "CHECKED";
$q = $value;
$queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "freetext" && $value != "") {
$selRadio[6] = "CHECKED";
$q = $value;
$queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "hostip" && $value != "") {
$selRadio[1] = "CHECKED";
$q = strtolower($value);
$queryw = " t1.hostIP LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "fk_name" && $value != "") {
$selRadio[2] = "CHECKED";
$q = strtolower($value);
$queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = _("Search for Subnet/CIDR") . " = '*{$q}*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "username" && $value != "") {
$selRadio[3] = "CHECKED";
$q = strtolower($value);
$queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'";
$url_filter = "&type={$type}&value={$value}";
} else {
if ($type == "hn" && $value != "") {
if (!empty($ctx_filter)) {
$queryw = " AND t1.ctx=UNHEX('{$ctx_filter}')";
}
$selRadio[4] = "CHECKED";
if (preg_match("/\\//", $value)) {
$ip_range = array();
$ip_range = Cidr::expand_CIDR($value, "SHORT");
$queryw .= " AND (inet_aton(t1.hostIP) >= '" . $ip_range[0] . "' AND inet_aton(t1.hostIP) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}";
} elseif (preg_match("/\\,/", $value)) {
$q = implode("','", explode(",", $value));
$queryw .= " AND t1.hostIP in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}";
$q = "Others";
} else {
$q = $value;
$queryw .= " AND t1.hostIP LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}";
}
$queryl = " limit {$offset},{$pageSize}";
if (!preg_match("/\\//", $value)) {
$stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'";
} else {
$stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'";
}
$url_filter = "&type={$type}&value={$value}";
} else {
$selRadio[4] = "CHECKED";
$viewAll = FALSE;
$queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}";
$queryl = " limit {$offset},{$pageSize}";
$stext = "";
}
}
}
}
}
}
}
// set up the pager and search fields if viewing all hosts
$reportCount = 0;
if (!$filteredView) {
$dbconn->Execute(str_replace("SELECT distinct", "SELECT SQL_CALC_FOUND_ROWS distinct", $querys) . $queryw);
$reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total");
$previous = $offset - $pageSize;
if ($previous < 0) {
$previous = 0;
}
$last = intval($reportCount / $pageSize) * $pageSize;
if ($last < 0) {
$last = 0;
}
$next = $offset + $pageSize;
$pageEnd = $offset + $pageSize;
$value = html_entity_decode($value);
//echo "<center><table cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td class='headerpr' style='border:0;'>"._("Current Vulnerablities")."</td></tr></table>";
// output the search form
echo "<table class='w100 transparent'>";
echo "<tr><td class='sec_title'>" . _("Asset Vulnerability Details") . "</td></tr>";
echo "<tr><td style='padding:12px 0px 0px 0px;' class='transparent'>";
?>
<div id='cvleftdiv'>
<a id="new_scan_button" class="button" href="<?php
echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs');
?>
" style="text-decoration:none;">
<?php
echo _("New Scan Job");
?>
</a>
</div>
<div id='cvrightdiv'>
<?php
echo '<form name="hostSearch" id="hostSearch" action="index.php" method="GET">
<input type="text" length="25" name="value" id="assets" class="assets" style="margin:0px !important;" value="' . Util::htmlentities($value) . '">';
// cvfiltertype -> current vulnerabilities filter type
echo "\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n";
echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" id=\"current_vulns_find_button\" class=\"av_b_secondary small\" style=\"margin-left:15px;\">";
echo <<<EOT
</form>
</p>
EOT;
} else {
// get the search result count
$queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' ";
$scount = $dbconn->GetOne($queryc . $queryw);
echo "<p>{$scount} report";
if ($scount != 1) {
echo "s";
} else {
}
echo " " . _("found matching search criteria") . " | ";
echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>";
}
echo "<p>";
echo $stext;
echo "</p>";
echo "</div></td></tr></table>";
$result = array();
// get the hosts to display
$result = $dbconn->GetArray($querys . $queryw . $queryl);
// main query
//echo $querys.$queryw.$queryl;
$delete_ids = array();
if (count($result) > 0) {
foreach ($result as $rpt) {
$delete_ids[] = $dreport_id = $rpt["report_id"];
}
}
$_SESSION["_dreport_ids"] = implode(",", $delete_ids);
//echo "$querys$queryw$queryl";
if ($result === false) {
$errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg();
$error++;
dispSQLError($errMsg, $error);
} else {
$data['vInfo'] = 0;
$data['vLow'] = 0;
$data['vMed'] = 0;
$data['vHigh'] = 0;
$data['vSerious'] = 0;
$perms_where = Asset_host::get_perms_where('host.', TRUE);
if (!empty($perms_where)) {
$queryt = "SELECT count(lr.result_id) AS total, lr.risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr, host, host_ip hi\n WHERE host.id=hi.host_id AND inet6_ntoa(hi.ip)=lr.hostIP {$perms_where} AND falsepositive='N'\n GROUP BY risk, hostIP, ctx";
} else {
$queryt = "SELECT count(lr.result_id) AS total, risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr\n WHERE falsepositive='N'\n GROUP BY risk, hostIP, ctx";
}
//echo "$queryt<br>";
$resultt = $dbconn->Execute($queryt);
while (!$resultt->EOF) {
$riskcount = $resultt->fields['total'];
$risk = $resultt->fields['risk'];
if ($risk == 7) {
$data['vInfo'] += $riskcount;
} else {
if ($risk == 6) {
$data['vLow'] += $riskcount;
} else {
if ($risk == 3) {
$data['vMed'] += $riskcount;
} else {
if ($risk == 2) {
$data['vHigh'] += $riskcount;
} else {
if ($risk == 1) {
$data['vSerious'] += $riskcount;
}
}
}
}
}
$resultt->MoveNext();
}
if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) {
$tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
} else {
$tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "lr_reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "lr_respdf.php?ipl=all&scantype=M", "xlink" => "lr_rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
}
foreach ($result as $data) {
if (!Session::hostAllowed_by_ip_ctx($dbconn, $data["hostIP"], $data["ctx"])) {
continue;
}
$host_id = key(Asset_host::get_id_by_ips($dbconn, $data["hostIP"], $data["ctx"]));
if (valid_hex32($host_id)) {
$data['host_name'] = Asset_host::get_name_by_id($dbconn, $host_id);
}
$data['vSerious'] = 0;
$data['vHigh'] = 0;
$data['vMed'] = 0;
$data['vLow'] = 0;
$data['vInfo'] = 0;
// query for reports for each IP
$query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE hostIP = '" . $data['hostIP'];
$query_risk .= "' AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND ctx = UNHEX('" . $data['ctx'] . "') AND falsepositive='N'";
$result_risk = $dbconn->Execute($query_risk);
while (!$result_risk->EOF) {
if ($result_risk->fields["risk"] == 7) {
$data['vInfo']++;
} else {
if ($result_risk->fields["risk"] == 6) {
$data['vLow']++;
} else {
if ($result_risk->fields["risk"] == 3) {
$data['vMed']++;
} else {
if ($result_risk->fields["risk"] == 2) {
$data['vHigh']++;
} else {
if ($result_risk->fields["risk"] == 1) {
$data['vSerious']++;
}
}
}
}
}
$result_risk->MoveNext();
}
$data['plink'] = "lr_respdf.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
$data['hlink'] = "lr_reshtml.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
$data['xlink'] = "lr_rescsv.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
if (Session::am_i_admin()) {
$data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime'];
}
$list = explode("\n", trim($data['meth_target']));
if (count($list) == 1) {
$list[0] = trim($list[0]);
$data['target'] = resolve_asset($dbconn, $list[0]);
} elseif (count($list) == 2) {
$list[0] = trim($list[0]);
$list[0] = resolve_asset($dbconn, $list[0]);
$list[1] = trim($list[1]);
$list[1] = resolve_asset($dbconn, $list[1]);
$data['target'] = $list[0] . ' ' . $list[1];
} else {
$list[0] = trim($list[0]);
$list[0] = resolve_asset($dbconn, $list[0]);
$list[count($list) - 1] = trim($list[count($list) - 1]);
$list[count($list) - 1] = resolve_asset($dbconn, $list[count($list) - 1]);
$data['target'] = $list[0] . " ... " . $list[count($list) - 1];
}
$tdata[] = $data;
}
if ($sortdir == "ASC") {
$sortdir = "DESC";
} else {
$sortdir = "ASC";
}
$url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_filter;
$fieldMapLinks = array();
$fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png'));
if (Session::am_i_admin()) {
$fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif');
}
$fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks);
// echo "<pre>";
// var_dump($tdata);
// echo "</pre>";
if (count($tdata) > 1) {
drawTableLatest($fieldMap, $tdata, "Hosts");
} elseif (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
echo "<br><span class='gray'>" . _("No results found: ") . "</span><a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs') . "'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br>";
}
}
// draw the pager again, if viewing all hosts
if (!$filteredView && $reportCount > 10) {
?>
<div class="fright tmargin">
<?php
if ($next > $pageSize) {
?>
<a href="index.php?<?php
echo "offset={$previous}{$url_filter}";
?>
" class="pager">< <?php
echo _("PREVIOUS");
?>
</a>
<?php
} else {
?>
<a class='link_paginate_disabled' href="" onclick='return false'>< <?php
echo _("PREVIOUS");
?>
</a>
<?php
}
if ($next <= $last) {
?>
<a class='lmargin' href="index.php?<?php
echo "offset={$next}{$url_filter}";
?>
"> <?php
echo _("NEXT");
?>
></a>
<?php
} else {
?>
<a class='link_paginate_disabled lmargin' href="" onclick='return false'><?php
echo _("NEXT");
?>
></a>
<?php
}
?>
</div>
<?php
} else {
echo "<p> </p>";
}
}
$objPHPExcel->setActiveSheetIndex(0)->setCellValue('J6', 'Remedation')->getStyle('J6')->applyFromArray($titles)->getAlignment()->setHorizontal(PHPExcel_Style_Alignment::HORIZONTAL_CENTER);
$objPHPExcel->setActiveSheetIndex(0)->getColumnDimension('J')->setWidth(35);
$objPHPExcel->setActiveSheetIndex(0)->setCellValue('K6', 'Consequences')->getStyle('K6')->applyFromArray($titles)->getAlignment()->setHorizontal(PHPExcel_Style_Alignment::HORIZONTAL_CENTER);
$objPHPExcel->setActiveSheetIndex(0)->getColumnDimension('K')->setWidth(25);
$objPHPExcel->setActiveSheetIndex(0)->setCellValue('L6', 'Test Output')->getStyle('L6')->applyFromArray($titles)->getAlignment()->setHorizontal(PHPExcel_Style_Alignment::HORIZONTAL_CENTER);
$objPHPExcel->setActiveSheetIndex(0)->setCellValue('M6', 'Operating System/Software')->getStyle('M6')->applyFromArray($titles)->getAlignment()->setHorizontal(PHPExcel_Style_Alignment::HORIZONTAL_CENTER);
$objPHPExcel->setActiveSheetIndex(0)->getColumnDimension('M')->setWidth(25);
$query = "select distinct hostip, HEX(ctx) as ctx from vuln_nessus_results where report_id in ({$report_id}) {$query_host} and falsepositive='N' {$perms_where} order by INET_ATON(hostip) ASC";
$result = $dbconn->execute($query);
while (list($hostip, $ctx) = $result->fields) {
$query1 = "select distinct t1.hostIP, HEX(t1.ctx) AS ctx, t1.service, t1.risk, t1.falsepositive, t1.scriptid, v.name, t1.msg, v.cve_id FROM vuln_nessus_results t1\n LEFT JOIN vuln_nessus_plugins{$feed} as v ON v.id=t1.scriptid\n WHERE 1=1 AND report_id in ({$report_id}) and t1.hostip='{$hostip}' and t1.ctx=UNHEX('{$ctx}') {$perms_where} and t1.msg<>'' and t1.falsepositive<>'Y'\n order by t1.risk ASC, t1.risk ASC";
$result1 = $dbconn->execute($query1);
$arrResults = "";
while (list($hostip, $hostctx, $service, $risk, $falsepositive, $scriptid, $pname, $msg, $cve_id) = $result1->fields) {
$row = array();
if (Session::hostAllowed_by_ip_ctx($dbconn, $hostip, $hostctx)) {
$host_id = key(Asset_host::get_id_by_ips($dbconn, $hostip, $hostctx));
if (valid_hex32($host_id)) {
$hostname = Asset_host::get_name_by_id($dbconn, $host_id);
} else {
$hostname = _('unknown');
}
// get CVSS
if (preg_match("/cvss base score\\s*:\\s(\\d+\\.?\\d*)/i", $msg, $found)) {
$cvss = $found[1];
} else {
$cvss = "-";
}
// get CVEs
if ($cve_id != '') {
$cves = $cve_id;
unlink($dest);
}
// write data into file
$fh = fopen($dest, "w");
if ($fh == false) {
echo _("Unable to create file") . "<br />";
}
fputs($fh, "timestamps|||scan_start|" . date("D M d H:i:s Y", strtotime($scan_start)) . "|\n");
$sql = "SELECT *, HEX(ctx) as hctx from vuln_nessus_results WHERE report_id = " . $rs->fields["report_id"] . " ORDER BY hostIP DESC";
if (!($rs =& $dbconn->Execute($sql))) {
print _('error reading vuln_nessus_results information') . ' ' . $dbconn->ErrorMsg() . '<BR>';
exit;
}
$hostIP = "";
while (!$rs->EOF) {
if (Session::hostAllowed_by_ip_ctx($dbconn, $rs->fields["hostIP"], $rs->fields["hctx"])) {
// get oid
if ($oids[$rs->fields["scriptid"]] == "") {
$oid = $dbconn->GetOne("SELECT oid FROM vuln_nessus_plugins WHERE id=" . $rs->fields["scriptid"]);
if ($oid == "") {
$oid = $rs->fields["scriptid"];
}
$oids[$rs->fields["scriptid"]] = $oid;
// save to cache
} else {
$oid = $oids[$rs->fields["scriptid"]];
}
// to display host_start y host_end for each host
if ($rs->fields["hostIP"] != $hostIP) {
fputs($fh, "timestamps||" . $rs->fields["hostIP"] . "|host_start|" . date("D M d H:i:s Y", strtotime($scan_start)) . "|\n");
if ($hostIP != "") {
"/>
</head>
<body>
<?php
if (POST('insert')) {
if ($data['status'] == 'error') {
$txt_error = "<div>" . _("We Found the following errors") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $data['data']) . "</div>";
$config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
}
if (!Session::hostAllowed_by_ip_ctx($conn, $ip, Session::get_default_ctx())) {
$db->close();
die(ossim_error(_("You don't have permission to create a new server with this IP Address")));
}
// Try to attach a new server
$client = new Alienvault_client();
$response = $client->system()->set_component($ip, $rpass);
$return = @json_decode($response, TRUE);
if (!$return || $return['status'] == 'error') {
$config_nt = array('content' => $return['message'], 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
} else {
function hostsummary()
{
global $user, $border, $report_id, $scantime, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn;
global $treport, $sid, $ipl, $query_byuser, $arruser, $ips_inrange, $pag, $ctx, $key;
$htmldetails = '';
$query_host = '';
if ($filterip) {
$query_host = " AND hostip='{$filterip}'";
}
$htmldetails .= "<br><br><font color=\"red\">\n <table cellspacing=\"0\" cellpadding=\"0\" width=\"900\"><tr><td class=\"headerpr_no_bborder\" style=\"border:0;\"><b>" . _("Summary of Scanned Hosts") . "</b></td></tr></table>\n <table class=\"stats\" summary=\"" . _("Summary of scanned hosts") . "\" width=\"900\">";
$htmldetails .= "<form>";
$htmldetails .= "<tr><th width=\"128\"><b>" . _("Host") . " </b></th>\n <th width=\"128\"><b>" . _("Hostname") . " </b></th>\n <td width=\"128\" style='background-color:#FFCDFF;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #C835ED;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Serious") . " </b>\n </td>\n <td class=\"checkinfo nobborder\" width=\"20%\">\n <input id=\"checkboxS\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxS')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFDBDB;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FF0000;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("High") . " </b>\n </td>\n <td class=\"checkinfo nobborder\" width=\"20%\">\n <input id=\"checkboxH\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxH')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFF283;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FFA500;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Medium") . " </b>\n </td> \n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxM\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxM')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFFFC0;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FFD700;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Low") . " </b>\n </td> \n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxL\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxL')\" checked></td>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"132\" style='background-color:#FFFFE3;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #F0E68C;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Info") . " </b>\n </td>\n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxI\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxI')\" checked>\n </td>\n </tr>\n </table>\n </td></tr>";
$htmldetails .= "</form>";
/*$query = "SELECT distinct hostip, hostname
FROM vuln_nessus_results
WHERE report_id = '$report_id' $query_host
ORDER BY INET_ATON(hostip) ASC";*/
$perms_where = Session::get_ctx_where() != "" ? " AND res.ctx in (" . Session::get_ctx_where() . ")" : "";
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
if ($ipl == "all") {
$query = "select distinct res.hostIP, HEX(res.ctx) as ctx\n from vuln_nessus_latest_results res \n where falsepositive='N' \n {$perms_where}\n {$query_byuser}";
} else {
if (!empty($ipl) && !empty($ctx)) {
$query = "select distinct res.hostIP, HEX(res.ctx) as ctx\n from vuln_nessus_latest_results res\n where falsepositive='N' \n and res.hostIP='{$ipl}'\n and res.ctx=UNHEX('{$ctx}')\n {$perms_where}\n {$query_byuser}";
} else {
if (!empty($scantime) && !empty($key)) {
$query = "select distinct res.hostIP, HEX(res.ctx) as ctx\n from vuln_nessus_latest_results res, vuln_nessus_latest_reports rep\n where res.falsepositive='N'\n and res.scantime='{$scantime}' \n and res.hostIP=rep.hostIP\n and res.ctx=rep.ctx\n and res.username=rep.username\n and res.sid=rep.sid\n {$perms_where}\n and rep.report_key='{$key}' {$query_byuser}";
}
}
}
$result = $dbconn->execute($query);
$maxpag = 20;
$hasta = $pag * $maxpag;
$desde = $hasta - $maxpag;
$hi = 0;
while (list($hostip, $hostctx) = $result->fields) {
if (Session::hostAllowed_by_ip_ctx($dbconn, $hostip, $hostctx)) {
$host_id = key(Asset_host::get_id_by_ips($dbconn, $hostip, $hostctx));
if (valid_hex32($host_id)) {
$hostname = Asset_host::get_name_by_id($dbconn, $host_id);
} else {
$hostname = _('unknown');
}
if ($desde <= $hi && $hi < $hasta) {
$ips_inrange[$hostip . ";" . $hostctx] = $hostname;
}
$hi++;
}
$result->MoveNext();
}
foreach ($ips_inrange as $host_ip_ctx => $hostname) {
list($h_ip, $h_ctx) = explode(";", $host_ip_ctx);
if ($output == "full") {
$tmp_host = "<a href='#{$host_ip_ctx}' id='{$h_ip};{$hostname}' ctx='{$h_ctx}' class='anchor_link HostReportMenu'>{$h_ip}</a>";
} else {
$tmp_host = $h_ip;
}
$htmldetails .= "<tr>\n <td> {$tmp_host}</td><td>{$hostname} </td>";
$prevrisk = 0;
if (!empty($scantime) && !empty($key)) {
$query2 = "select count(*) as count,risk from (select distinct res.port, res.protocol, res.app, res.scriptid, res.risk, res.msg, res.hostIP\n from vuln_nessus_latest_results res, vuln_nessus_latest_reports rep\n where res.falsepositive='N'\n and res.scantime='{$scantime}' \n and res.hostIP=rep.hostIP\n and res.ctx=rep.ctx\n and res.username=rep.username\n and res.sid=rep.sid\n and res.hostIP='{$h_ip}'\n and res.ctx=UNHEX('{$h_ctx}')\n {$perms_where}\n and rep.report_key='{$key}' {$query_byuser}) as t group by risk";
} else {
$query2 = "select count(*) as count,risk from (select distinct port, protocol, app, scriptid, risk, msg, hostIP\n from vuln_nessus_latest_results res where falsepositive='N' and hostIP='{$h_ip}' and ctx=UNHEX('{$h_ctx}') {$query_byuser}) as t group by risk";
}
$drawtable = 0;
$result2 = $dbconn->execute($query2);
$arisk = array();
while (list($riskcount, $risk) = $result2->fields) {
if ($risk == 4) {
$arisk[3] += $riskcount;
} else {
if ($risk == 5) {
$arisk[6] += $riskcount;
} else {
$arisk[$risk] = $riskcount;
}
}
$result2->MoveNext();
}
$lsrisk = array('1', '2', '3', '6', '7');
foreach ($lsrisk as $lrisk) {
if ($arisk[$lrisk] != '') {
$drawtable = 1;
$htmldetails .= "<td><a href=\"#" . $h_ip . "_" . $h_ctx . "_" . $lrisk . "\" class='anchor_link'>{$arisk[$lrisk]}</a></td>";
} else {
$htmldetails .= "<td>-</td>";
}
}
if ($drawtable == 0) {
$htmldetails .= "<td>-</td><td>-</td><td>-</td><td>-</td><td>-</td>";
}
$htmldetails .= "</tr>";
}
if ($hi >= $maxpag) {
// pagination
$first = "<font color=\"#626262\"><< " . _("First") . "</font>";
$previous = "<font color=\"#626262\">< " . _("Previous") . " </font>";
$url = str_replace("&", "&", Util::htmlentities(preg_replace("/\\&pag=\\d+|\\&chks=[tf]+/", "", $_SERVER["QUERY_STRING"])));
if ($pag > 1) {
$first = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=1')\" style='padding:0px 5px 0px 5px'>" . _("<< First") . "</a>";
$previous = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . ($pag - 1) . "')\" style='padding:0px 5px 0px 5px'>" . _("< Previous") . "</a>";
}
$htmldetails .= "<tr><td colspan=11 class='nobborder' style='text-align:center'>";
$tp = intval($hi / $maxpag);
$tp += $hi % $maxpag == 0 ? 0 : 1;
$htmldetails .= $first . " " . $previous;
$pbr = 1;
for ($p = 1; $p <= $tp; $p++) {
$pg = $p == $pag ? "<b>{$p}</b>" : $p;
$htmldetails .= "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag={$p}')\" style='padding:0px 5px 0px 5px'>{$pg}</a>";
if ($pbr++ % 30 == 0) {
$htmldetails .= "<br>";
}
}
$next = "<font color=\"#626262\"> " . _("Next") . " ></font>";
$last = "<font color=\"#626262\"> " . _("Last") . " >></font>";
if ($pag < $tp) {
$next = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . ($pag + 1) . "')\" style='padding:0px 5px 0px 5px'>" . _("Next >") . "</a>";
$last = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . $tp . "')\" style='padding:0px 5px 0px 5px'>" . _("Last >>") . "</a>";
}
$htmldetails .= $next . " " . $last;
$htmldetails .= "</td></tr>";
}
$htmldetails .= "</table><br>";
return "<center>" . $htmldetails . "</center>";
}
function get_vulns($dbconn, $freport, $sreport, $perms_where)
{
// first report
$vulns = array();
$query = "SELECT count(risk) as count, risk, hostIP, HEX(ctx) as ctx\n FROM (SELECT DISTINCT risk, hostIP, ctx, port, protocol, app, scriptid, msg FROM vuln_nessus_results\n WHERE report_id={$freport} and falsepositive='N' {$perms_where}) as t GROUP BY risk, hostIP";
$dbconn->SetFetchMode(ADODB_FETCH_ASSOC);
$result = $dbconn->Execute($query);
while (!$result->EOF) {
if (Session::hostAllowed_by_ip_ctx($dbconn, $result->fields["hostIP"], $result->fields["ctx"])) {
$asset_key = $result->fields["ctx"] . "#" . $result->fields["hostIP"];
$vulns[$asset_key][$result->fields["risk"]] = $result->fields["count"] . "/0";
}
$result->MoveNext();
}
// second report
$query = "SELECT count(risk) as count, risk, hostIP, HEX(ctx) as ctx\n FROM (SELECT DISTINCT risk, hostIP, ctx, port, protocol, app, scriptid, msg FROM vuln_nessus_results\n WHERE report_id={$sreport} and falsepositive='N' {$perms_where}) as t GROUP BY risk, hostIP";
$result = $dbconn->Execute($query);
while (!$result->EOF) {
if (Session::hostAllowed_by_ip_ctx($dbconn, $result->fields["hostIP"], $result->fields["ctx"])) {
$asset_key = $result->fields["ctx"] . "#" . $result->fields["hostIP"];
if ($vulns[$asset_key][$result->fields["risk"]] != "") {
$vulns[$asset_key][$result->fields["risk"]] = $vulns[$asset_key][$result->fields["risk"]] . "/" . $result->fields["count"];
$vulns[$asset_key][$result->fields["risk"]] = preg_replace('/(\\d+)\\/0\\/(\\d+)/i', '$1/$2', $vulns[$asset_key][$result->fields["risk"]]);
} else {
$vulns[$asset_key][$result->fields["risk"]] = "0/" . $result->fields["count"];
}
}
$result->MoveNext();
}
asort($vulns, SORT_NUMERIC);
return $vulns;
}
function hostsummary()
{
global $user, $border, $report_id, $scantime, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn;
global $treport, $sid, $ipl, $ips_inrange, $pag;
$htmldetails = '';
$query_host = '';
if ($filterip) {
$query_host = " AND hostip='{$filterip}'";
}
$htmldetails .= "<br><br><font color=\"red\">\n <table cellspacing=\"0\" cellpadding=\"0\" width=\"900\"><tr><td class=\"headerpr_no_bborder\"><b>" . _("Summary of Scanned Hosts") . "</b></td></tr></table>\n <table class=\"stats\" summary=\"" . _("Summary of scanned hosts") . "\" width=\"900\">";
$htmldetails .= "<form>";
$htmldetails .= "<tr><th width=\"128\"><b>" . _("Host") . " </b></th>\n <th width=\"128\"><b>" . _("Hostname") . " </b></th>\n <td width=\"128\" style='background-color:#FFCDFF;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #C835ED;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Serious") . " </b>\n </td>\n <td class=\"checkinfo nobborder\" width=\"20%\">\n <input id=\"checkboxS\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxS')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFDBDB;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FF0000;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("High") . " </b>\n </td>\n <td class=\"checkinfo nobborder\" width=\"20%\">\n <input id=\"checkboxH\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxH')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFF283;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FFA500;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Medium") . " </b>\n </td> \n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxM\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxM')\" checked>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"128\" style='background-color:#FFFFC0;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #FFD700;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Low") . " </b>\n </td> \n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxL\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxL')\" checked></td>\n </td>\n </tr>\n </table>\n </td>\n <td width=\"132\" style='background-color:#FFFFE3;border-radius: 3px; -moz-border-radius: 3px; -webkit-border-radius: 3px;border: 1px solid #F0E68C;'>\n <table width=\"100%\" class=\"noborder\" style=\"background:transparent\">\n <tr>\n <td width=\"80%\" class=\"nobborder\" style=\"text-align:center;\">\n <b>" . _("Info") . " </b>\n </td>\n <td width=\"20%\" class=\"checkinfo nobborder\">\n <input id=\"checkboxI\" type=\"checkbox\" onclick=\"toggle_vulns('checkboxI')\" checked>\n </td>\n </tr>\n </table>\n </td></tr>";
$htmldetails .= "</form>";
$query = "SELECT distinct t1.hostip, HEX(t1.ctx) as ctx \n FROM vuln_nessus_results t1 \n WHERE report_id in ({$report_id}) {$query_host} and falsepositive='N'" . ($scantime != '' ? " and scantime = {$scantime}" : "") . " ORDER BY INET_ATON(hostip) ASC";
$result = $dbconn->execute($query);
$maxpag = 20;
$hasta = $pag * $maxpag;
$desde = $hasta - $maxpag;
$hi = 0;
while ($result->fields) {
$hostip = $result->fields['hostip'];
$hostctx = $result->fields['ctx'];
if (Session::hostAllowed_by_ip_ctx($dbconn, $hostip, $hostctx)) {
$host_id = key(Asset_host::get_id_by_ips($dbconn, $hostip, $hostctx));
if (valid_hex32($host_id)) {
$hostname = Asset_host::get_name_by_id($dbconn, $host_id);
} else {
$hostname = _('unknown');
}
if ($desde <= $hi && $hi < $hasta) {
$ips_inrange[$hostip . ";" . $hostctx] = $hostname;
}
$hi++;
}
$result->MoveNext();
}
foreach ($ips_inrange as $host_ip_ctx => $hostname) {
list($h_ip, $h_ctx) = explode(";", $host_ip_ctx);
if ($output == "full") {
$tmp_host = "<a href='#{$host_ip_ctx}' id='{$h_ip};{$hostname}' ctx='{$h_ctx}' class='anchor_link HostReportMenu'>{$h_ip}</a>";
} else {
$tmp_host = $h_ip;
}
$htmldetails .= "<tr><td>{$tmp_host} </td><td>{$hostname} </td>";
$prevrisk = 0;
$query2 = "SELECT count(risk) as count, risk\n FROM (SELECT DISTINCT risk, port, protocol, app, scriptid, msg FROM vuln_nessus_results\n WHERE report_id in ({$report_id}) AND hostip='{$h_ip}' AND ctx=UNHEX('{$h_ctx}')\n AND falsepositive='N'" . ($scantime != '' ? "and scantime = {$scantime}" : "") . ")as t GROUP BY risk";
$drawtable = 0;
$result2 = $dbconn->execute($query2);
$arisk = array();
while ($result2->fields) {
$riskcount = $result2->fields['count'];
$risk = $result2->fields['risk'];
if ($risk == 4) {
$arisk[3] += $riskcount;
} else {
if ($risk == 5) {
$arisk[6] += $riskcount;
} else {
$arisk[$risk] = $riskcount;
}
}
$result2->MoveNext();
}
$lsrisk = array('1', '2', '3', '6', '7');
foreach ($lsrisk as $lrisk) {
if ($arisk[$lrisk] != '') {
$drawtable = 1;
$htmldetails .= "<td><a class='anchor_link' href=\"#" . $h_ip . "_" . $h_ctx . "_" . $lrisk . "\">{$arisk[$lrisk]}</a></td>";
} else {
$htmldetails .= "<td>-</td>";
}
}
if ($drawtable == 0) {
$htmldetails .= "<td>-</td><td>-</td><td>-</td><td>-</td><td>-</td>";
}
$htmldetails .= "</tr>";
}
if ($hi >= $maxpag) {
// pagination
$first = "<font color=\"#626262\"><< " . _("First") . "</font>";
$previous = "<font color=\"#626262\">< " . _("Previous") . " </font>";
$url = preg_replace("/\\&pag=\\d+|\\&chks=[tf]+/", "", $_SERVER["QUERY_STRING"]);
// Prevent XSS
$url = str_replace("'", "", $url);
if ($pag > 1) {
$first = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=1')\" style='padding:0px 5px 0px 5px'>" . _("<< First") . "</a>";
$previous = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . ($pag - 1) . "')\" style='padding:0px 5px 0px 5px'>" . _("< Previous") . "</a>";
}
$htmldetails .= "<tr><td colspan=11 class='nobborder' style='text-align:center'>";
$tp = intval($hi / $maxpag);
$tp += $hi % $maxpag == 0 ? 0 : 1;
$htmldetails .= $first . " " . $previous;
$pbr = 1;
for ($p = 1; $p <= $tp; $p++) {
$pg = $p == $pag ? "<b>{$p}</b>" : $p;
$htmldetails .= "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag={$p}')\" style='padding:0px 5px 0px 5px'>{$pg}</a>";
if ($pbr++ % 30 == 0) {
$htmldetails .= "<br>";
}
}
$next = "<font color=\"#626262\"> " . _("Next") . " ></font>";
$last = "<font color=\"#626262\"> " . _("Last") . " >></font>";
if ($pag < $tp) {
$next = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . ($pag + 1) . "')\" style='padding:0px 5px 0px 5px'>" . _("Next >") . "</a>";
$last = "<a href='javascript:;' onclick=\"jumptopage('?{$url}&pag=" . $tp . "')\" style='padding:0px 5px 0px 5px'>" . _("Last >>") . "</a>";
}
$htmldetails .= $next . " " . $last;
$htmldetails .= "</td></tr>";
}
$htmldetails .= "</table><br>";
return "<center>" . $htmldetails . "</center>";
}
function hosts_fqdns_to_insert($conn, $report_id, $plugins)
{
$in_assets = array();
$ips = array();
$conn->SetFetchMode(ADODB_FETCH_ASSOC);
$result = $conn->Execute("SELECT distinct v.hostIP, HEX(v.ctx) AS ctx\n FROM vuln_nessus_results v\n WHERE v.report_id='{$report_id}' AND v.hostIP NOT IN (SELECT distinct inet6_ntoa(ip) FROM host_ip,host WHERE host_ip.host_id=host.id AND host.ctx=v.ctx)");
while (!$result->EOF) {
if (Session::hostAllowed_by_ip_ctx($conn, $result->fields['hostIP'], $result->fields['ctx'])) {
$tmp = array();
if (count($plugins) > 0) {
$resultf = $conn->Execute("SELECT distinct msg, scriptid\n FROM vuln_nessus_results v,host h \n WHERE v.report_id='{$report_id}'\n AND v.ctx=UNHEX('" . $result->fields['ctx'] . "')\n AND v.hostIP LIKE '" . $result->fields["hostIP"] . "'\n AND v.scriptid IN ('" . implode("','", $plugins) . "')");
while (!$resultf->EOF) {
if ($resultf->fields["scriptid"] == "46180") {
/*
Plugin output:
- www.liquidity-analyzer.com <--- FQDN
Info Mark as false positive i Family name: General
*/
$resultf->fields['msg'] = preg_replace("/\n/", "#", $resultf->fields["msg"]);
$resultf->fields['msg'] = preg_replace("/#\\s*#/", "##", $resultf->fields["msg"]);
$tokens = explode('##', $resultf->fields['msg']);
$save_fqdn = FALSE;
foreach ($tokens as $data) {
if ($save_fqdn) {
$fqdns = explode("#", $data);
foreach ($fqdns as $fqdn) {
$fqdn = preg_replace("/^-/", "", $fqdn);
$tmp[] = trim($fqdn);
}
$save_fqdn = FALSE;
}
if (preg_match("/.*plugin output:.*/i", $data)) {
$save_fqdn = TRUE;
}
}
} else {
if ($resultf->fields["scriptid"] == "12053") {
/*
Plugin output:
194.174.175.47 resolves as p-1-48-047.proxy.bdc-services.net.
Info Mark as false positive i Family name: General
*/
$resultf->fields["msg"] = preg_replace("/\n/", "#", $resultf->fields["msg"]);
$resultf->fields["msg"] = preg_replace("/#\\s*#/", "##", $resultf->fields["msg"]);
$tokens = explode("##", $resultf->fields["msg"]);
$save_fqdn = FALSE;
foreach ($tokens as $data) {
if ($save_fqdn) {
$fqdns = explode("#", $data);
foreach ($fqdns as $fqdn) {
if (preg_match("/resolves as (.*)/", $fqdn, $found)) {
$found[1] = preg_replace("/\\.\$/", "", trim($found[1]));
$tmp[] = $found[1];
}
}
$save_fqdn = FALSE;
}
if (preg_match("/.*plugin output:.*/i", $data)) {
$save_fqdn = TRUE;
}
}
}
}
$resultf->MoveNext();
}
}
$ips[$result->fields["ctx"] . "#" . $result->fields["hostIP"]] = implode(",", $tmp);
}
$result->MoveNext();
}
return $ips;
}
