Example #1
0
     $select_targets = get_targets($conn, $database['meth_TARGET']);
 } else {
     if ($action == 'delete_scan') {
         $query = 'SELECT username, name, id, scan_SERVER, report_id, status FROM vuln_jobs WHERE id=?';
         $params = array($job_id);
         $result = $conn->execute($query, $params);
         $username = $result->fields['username'];
         $job_name = $result->fields['name'];
         $kill_id = $result->fields['id'];
         $nserver_id = $result->fields['scan_SERVER'];
         $report_id = $result->fields['report_id'];
         $can_i_delete = FALSE;
         if (Session::am_i_admin() || Session::get_session_user() == $username) {
             $can_i_delete = TRUE;
         } else {
             if (Session::is_pro() && Acl::am_i_proadmin()) {
                 $user_vision = !isset($_SESSION['_user_vision']) ? Acl::get_user_vision($conn) : $_SESSION['_user_vision'];
                 $my_entities_admin = array_keys($user_vision['entity_admin']);
                 if (in_array($username, $my_entities_admin)) {
                     $can_i_delete = TRUE;
                 }
             }
         }
         if ($can_i_delete) {
             $query = 'DELETE FROM vuln_jobs WHERE id=?';
             $params = array($kill_id);
             $result = $conn->execute($query, $params);
             $query = 'DELETE FROM vuln_nessus_reports WHERE report_id=?';
             $params = array($report_id);
             $result = $conn->execute($query, $params);
             $query = 'DELETE FROM vuln_nessus_report_stats WHERE report_id=?';
Example #2
0
            
        </div>
        
        <div id='otx_config_section' class='section otx_admin'>
            
            <div id='otx_loading'>
                <img src='<?php 
echo AV_PIXMAPS_DIR;
?>
/loading.gif'/>
            </div>
        
            <div id='token_text' data-otx='text-token'>
                <?php 
$msg = _('Connect your OTX account to %s by adding your OTX key in the space below. If you do not have an OTX key, <a href="javascript:;" data-otx="get-token">sign up</a> for an OTX account now!');
echo sprintf($msg, Session::is_pro() ? 'USM' : 'OSSIM');
?>

            </div>
        
            <div class='col_60'>
                <div class='field'>
                    <label class='field_label col_25'><?php 
echo _('OTX Key:');
?>
</label>
                    <div class='field_edit col_75' data-otx="token"></div>
                </div>
                    
                <div class='field'>
                    <label class='field_label col_25'><?php 
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
    //Process status
    $summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array());
    $db = new ossim_db();
    $conn = $db->connect();
    $str_data = file_get_contents($filename);
    if ($str_data === FALSE) {
        $summary['general']['status'] = 'error';
        $summary['general']['data']['errors'] = _('Failed to read data from CSV file');
        $summary['general']['statistics']['errors'] = 1;
        return $summary;
    }
    $array_data = preg_split('/\\n|\\r/', $str_data);
    foreach ($array_data as $k => $v) {
        if (trim($v) != '') {
            $data[] = explode('";"', trim($v));
        }
    }
    set_time_limit(360);
    /*********************************************************************************************************************
     * From net section:
     *  - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"
     *  - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*
     *
     * From welcome wizard:
     *  - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"   
     *
     *********************************************************************************************************************/
    //Check file size
    if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) {
        $summary['general']['status'] = 'error';
        $summary['general']['data'] = _('CSV file is empty');
        $summary['general']['statistics']['errors'] = 1;
        return $summary;
    }
    //Check importation type and headers
    $csv_headers = array();
    if ($import_type == 'networks') {
        if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) {
            $csv_headers = array_shift($data);
        } else {
            $summary['general']['status'] = 'error';
            $summary['general']['data'] = _('Headers not found');
            $summary['general']['statistics']['errors'] = 1;
            return $summary;
        }
    }
    //Setting total nets to import
    $summary['general']['statistics']['total'] = count($data);
    //Allowed sensors
    $filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
    $a_sensors = Av_sensor::get_basic_list($conn, $filters);
    $sensor_ids = array_keys($a_sensors);
    if (count($sensor_ids) == 0) {
        $summary['general']['status'] = 'error';
        $s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net');
        $summary['general']['data'] = $s_error_msg;
        $summary['general']['statistics']['errors'] = 1;
        return $summary;
    }
    Util::disable_perm_triggers($conn, TRUE);
    foreach ($data as $k => $v) {
        //Clean previous errors
        ossim_clean_error();
        $num_line = $k + 1;
        //Set default status
        $summary['by_nets'][$num_line]['status'] = 'error';
        //Check file format
        $cnd_1 = $import_type == 'networks' && count($v) < 5;
        $cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3;
        if ($cnd_1 || $cnd_2) {
            $summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
            $summary['general']['statistics']['errors']++;
            continue;
        }
        //Clean values
        $param = array();
        foreach ($v as $field) {
            $parameter = trim($field);
            $pattern = '/^\\"|\\"$|^\'|\'$/';
            $param[] = preg_replace($pattern, '', $parameter);
        }
        //Values
        $is_in_db = FALSE;
        $net_id = '';
        $name = $param[0];
        $cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]);
        $descr = $param[2];
        $asset_value = $param[3] == '' ? 2 : intval($param[3]);
        $sensors = $sensor_ids;
        //Permissions
        $can_i_create_assets = Session::can_i_create_assets();
        $can_i_modify_ips = TRUE;
        //CIDRs
        if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) {
            $summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean();
            $summary['general']['statistics']['errors']++;
            continue;
        }
        //Check Net ID �Is there a net registered in the System?
        $net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx);
        $net_id = key($net_ids);
        if (!empty($net_id)) {
            $is_in_db = TRUE;
        } else {
            $net_id = Util::uuid();
        }
        // Special case: Forced Net ID [Version 4.x.x]
        if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) {
            $csv_net_id = strtoupper($param[4]);
            if ($is_in_db == TRUE && $csv_net_id != $net_id) {
                $id_error_msg = _('Net is already registered in the System with another Net ID');
                $summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg;
                $summary['general']['statistics']['errors']++;
                continue;
            }
        }
        //Netname
        if (!empty($iic)) {
            $name = clean_iic($name);
        }
        if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
            ossim_clean_error();
            $name = clean_iic($name);
            $name = clean_echars($name);
            $warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>";
            $summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg;
            $summary['by_nets'][$num_line]['status'] = 'warning';
            $summary['general']['statistics']['warnings']++;
            if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
                unset($summary['by_nets'][$num_line]['warnings']);
                $summary['general']['statistics']['warnings']--;
                $summary['by_nets'][$num_line]['status'] = 'error';
                $summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean();
                $summary['general']['statistics']['errors']++;
                continue;
            }
        }
        //Description
        if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) {
            $summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean();
            $summary['general']['statistics']['errors']++;
            continue;
        } else {
            if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
                $descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
            }
        }
        //Sensor
        if ($is_in_db == FALSE) {
            //Only update net sensors with unregistered nets
            if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) {
                //Special case: Sensors in CSV file //[Version 3.x.x]
                $sensors = array();
                $_sensors = explode(',', $param[4]);
                if (is_array($_sensors) && !empty($_sensors)) {
                    $_sensors = array_flip($_sensors);
                    if (is_array($a_sensors) && !empty($a_sensors)) {
                        foreach ($a_sensors as $s_id => $s_data) {
                            if (array_key_exists($s_data['ip'], $_sensors)) {
                                $sensors[] = $s_id;
                            }
                        }
                    }
                }
                if (!is_array($sensors) || empty($sensors)) {
                    $s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP');
                    $summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg;
                    $summary['general']['statistics']['errors']++;
                    continue;
                }
            }
        }
        /***********************************************************
         ********** Only for importation from net section **********
         ***********************************************************/
        if ($import_type == 'networks') {
            //Asset
            if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
                $summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
                $summary['general']['statistics']['errors']++;
                continue;
            }
        }
        //Insert/Update net in database
        if (count($summary['by_nets'][$num_line]['errors']) == 0) {
            try {
                $net = new Asset_net($net_id);
                if ($is_in_db == TRUE) {
                    $net->load_from_db($conn, $net_id);
                    $can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
                } else {
                    if ($can_i_create_assets == FALSE) {
                        $n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net");
                        $summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg;
                        $summary['general']['statistics']['errors']++;
                        continue;
                    }
                }
                //Check CIDRs
                if ($can_i_modify_ips == TRUE) {
                    $aux_cidr = explode(',', $cidrs);
                    foreach ($aux_cidr as $cidr) {
                        $net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx);
                        unset($net_ids[$net_id]);
                        if (!empty($net_ids)) {
                            $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity");
                            $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
                            $summary['general']['statistics']['errors']++;
                            break;
                        } else {
                            if (Session::get_net_where() != '') {
                                if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) {
                                    $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter");
                                    $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
                                    $summary['general']['statistics']['errors']++;
                                    break;
                                }
                            }
                        }
                    }
                } else {
                    $c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified");
                    $summary['by_nets'][$num_line]['status'] = 'warning';
                    $summary['general']['warnings']['errors']++;
                    $summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg;
                }
                //Setting new values
                if (count($summary['by_nets'][$num_line]['errors']) == 0) {
                    $net->set_ctx($ctx);
                    $net->set_name($name);
                    $net->set_descr($descr);
                    if ($is_in_db == FALSE) {
                        if ($can_i_modify_ips == TRUE) {
                            $net->set_ips($cidrs);
                        }
                        $net->set_sensors($sensors);
                    }
                    $net->set_asset_value($asset_value);
                    $net->save_in_db($conn, FALSE);
                    $summary['general']['statistics']['saved']++;
                    $summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted');
                    //Keep warnings
                    if ($summary['by_nets'][$num_line]['status'] != 'warning') {
                        $summary['by_nets'][$num_line]['status'] = 'success';
                    }
                }
            } catch (Exception $e) {
                $summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage();
                $summary['general']['statistics']['errors']++;
            }
        }
    }
    if ($summary['general']['statistics']['saved'] > 0) {
        if ($summary['general']['statistics']['errors'] == 0) {
            $summary['general']['status'] = 'success';
            $summary['general']['data'] = _('All nets have been imported successfully');
        } else {
            $summary['general']['status'] = 'warning';
            $summary['general']['data'] = _('Some nets could not be imported successfully');
        }
        Util::disable_perm_triggers($conn, FALSE);
        try {
            Asset_net::report_changes($conn, 'nets');
        } catch (Exception $e) {
            error_log($e->getMessage(), 0);
        }
    } else {
        $summary['general']['statistics']['errors'] = count($data);
        //CSV file is not empty, but all lines are wrong
        if (empty($summary['general']['status'])) {
            $summary['general']['status'] = 'error';
            $summary['general']['data'] = _('Nets could not be imported');
        }
    }
    $db->close();
    return $summary;
}
Example #4
0
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('analysis-menu', 'EventsForensics');
if (!Session::is_pro()) {
    Session::unallowed_section(NULL, 'noback');
}
// load column layout
require_once '../conf/layout.php';
$category = "policy";
$name_layout = "databases_layout";
$layout = load_layout($name_layout, $category);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title> <?php 
echo gettext("OSSIM Framework");
?>
 </title>
Example #5
0
function server_get_sensor_plugins($sensor_ip = "")
{
    $ossim_conf = $GLOBALS['CONF'];
    if (!$ossim_conf) {
        $ossim_conf = new Ossim_conf();
        $GLOBALS['CONF'] = $ossim_conf;
    }
    /* get the port and IP address of the server */
    $address = $ossim_conf->get_conf('server_address');
    $port = $ossim_conf->get_conf('server_port');
    /* create socket */
    $socket = socket_create(AF_INET, SOCK_STREAM, 0);
    if ($socket < 0) {
        echo _("socket_create() failed: reason: ") . socket_strerror($socket) . "\n";
    }
    $list = array();
    /* connect */
    socket_set_block($socket);
    socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array('sec' => 5, 'usec' => 0));
    socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 5, 'usec' => 0));
    $result = @socket_connect($socket, $address, $port);
    if (!$result) {
        echo sprintf(_("Unable to connect to %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
        return $list;
    }
    /* first send a connect message to server */
    $in = 'connect id="1" type="web"' . "\n";
    $out = '';
    socket_write($socket, $in, strlen($in));
    $out = @socket_read($socket, 2048, PHP_BINARY_READ);
    if (strncmp($out, "ok id=", 4)) {
        echo sprintf(_("Bad response from %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
        return $list;
    }
    /* get sensor plugins from server */
    $in = 'server-get-sensor-plugins id="2"' . "\n";
    $out = '';
    socket_write($socket, $in, strlen($in));
    $pattern = '/sensor="(' . str_replace(".", "\\.", $sensor_ip) . ')" plugin_id="([^"]*)" ' . 'state="([^"]*)" enabled="([^"]*)"/';
    while ($output = socket_read($socket, 2048, PHP_BINARY_READ)) {
        $lines = explode("\n", $output);
        foreach ($lines as $out) {
            if (preg_match($pattern, $out, $regs)) {
                $s['sensor'] = $regs[1];
                $s['plugin_id'] = $regs[2];
                $s['state'] = $regs[3];
                $s['enabled'] = $regs[4];
                if (!in_array($s, $list)) {
                    $list[] = $s;
                }
            } elseif (!strncmp($out, "ok id=", 4)) {
                break;
            }
        }
    }
    socket_close($socket);
    return $list;
}
');
	</script>
	<?php 
    exit;
}
if (!isset($_POST['ctx']) || empty($_POST['ctx'])) {
    ?>
	<script type='text/javascript'>
		parent.show_error('<?php 
    echo _('You must select an entity');
    ?>
');
	</script>
	<?php 
}
if (Session::is_pro()) {
    if (!valid_hex32($ctx) || Acl::entityAllowed($ctx) < 1) {
        $msg_error = empty($ctx) ? _('You must select an entity') : _('Entity not allowed');
        ?>
        
        <script type='text/javascript'>
            parent.show_error('<?php 
        echo $msg_error;
        ?>
');
        </script>
        <?php 
        exit;
    }
} else {
    $ctx = Session::get_default_ctx();
Example #7
0
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
    <head>
        <title> <?php 
echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM"));
?>
 </title>
        <link rel="Shortcut Icon" type="image/x-icon" href="/ossim/favicon.ico">
        <meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1"/>
        <meta http-equiv="Pragma" content="no-cache"/>
    
        <?php 
//CSS Files
$_files = array(array('src' => 'av_common.css?only_common=1', 'def_path' => TRUE), array('src' => '/wizard/wizard.css', 'def_path' => TRUE));
Util::print_include_files($_files, 'css');
//JS Files
$_files = array(array('src' => 'jquery.min.js', 'def_path' => TRUE));
Util::print_include_files($_files, 'js');
?>
    
function PrintPredefinedViews()
{
    global $opensource;
    $current_str = $_SESSION['current_cview'] != "default" && $_SESSION['current_cview'] != "" ? Util::htmlentities($_SESSION['current_cview']) : _("Default");
    // Get default view
    require_once "ossim_conf.inc";
    $conf = $GLOBALS["CONF"];
    $idm_enabled = $conf->get_conf("enable_idm") == 1 && Session::is_pro() ? true : false;
    $login = Session::get_session_user();
    $db_aux = new ossim_db(true);
    $conn_aux = $db_aux->connect();
    $config = new User_config($conn_aux);
    $default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
    $db_aux->close($conn_aux);
    ?>
    <button id="views_link" class="button av_b_secondary">
        <?php 
    echo _('Change View');
    ?>
 &nbsp;&#x25be;
    </button>

    <div id="custom_views" class="dropdown dropdown-secondary dropdown-close dropdown-tip dropdown-anchor-right dropdown-scrolling" style='display:none'>
        <ul id="custom_views_ul" class="dropdown-menu">
            <?php 
    if (Session::am_i_admin()) {
        ?>
            <li><a href="#" onclick="GB_show('<?php 
        echo _("Edit Current View");
        ?>
','/forensics/custom_view_edit.php?edit=1',480,700);$('#custom_views').hide();return false"><?php 
        echo _("Edit Current View");
        ?>
&nbsp;</a></li>
            <li><a href="#" onclick="GB_show('<?php 
        echo _("Create new custom view");
        ?>
','/forensics/custom_view_edit.php',480,700);$('#custom_views').hide();return false"><?php 
        echo _("Create New View");
        ?>
&nbsp;</a></li>
            <?php 
    }
    foreach ($_SESSION['views'] as $name => $attr) {
        $dname = $name == "default" ? "Default" : $name;
        $selected = $_SESSION['current_cview'] == $name ? "&#x25BA;&nbsp;" : "";
        ?>
                <li><a href="#" onclick="change_view('<?php 
        echo Util::htmlentities($name);
        ?>
');$('#custom_views').hide()"><?php 
        echo $selected . Util::htmlentities($dname);
        ?>
&nbsp;</a></li>
            <?php 
    }
    ?>
        </ul>
    </div>

    <?php 
}
Example #9
0
						<div class='fbutton'><input type="button" value="<?php 
    echo _("Clean");
    ?>
" class="small" id="clean_button" onclick="document.location.href='index.php?engine_id=<?php 
    echo $engine_id;
    ?>
'"/></div>
						<?php 
}
?>
    						</form>
    						
						
					</td>
					<?php 
if (Session::is_pro() && count($available_engines = $directive_editor->get_available_engines()) > 1) {
    ?>
    					<td>
    						<table align="right" class="transparent">
    							<tr>
    								<td style="font-size:12px"><?php 
    echo _("Select Engine");
    ?>
:</td>
    								<td class="center nobborder" style="padding-left:5px">
    								<select name="engine_param" onchange="document.location.href='index.php?engine_id='+this.value" style="font-size:12px">
    								<?php 
    foreach ($available_engines as $e_id => $e_name) {
        ?>
    								<option value="<?php 
        echo $e_id;
Example #10
0
		<td colspan="3"></td>
	</tr>
	<tr>
		<td colspan="3" align="center"><input type="button" value="<?php 
echo _('Close');
?>
" onclick="parent.GB_close()"/></td>
	</tr>
</table>

</body>
</html>
<?php 
$directive_editor = new Directive_editor($engine_id);
$conf = $GLOBALS["CONF"];
if (Session::is_pro() && $conf->get_conf("alienvault_mssp", false) == "1" && count($available_engines = $directive_editor->get_available_engines()) > 1) {
    $engines = $available_engines;
} else {
    $engines = array(_MAIN_PATH . "/{$engine_id}" => "Default");
}
$errors = array();
foreach ($engines as $engine_dir => $engine_name) {
    $engine_id = preg_replace("/.*\\/([a-f0-9\\-]+)/", "\\1", $engine_dir);
    if (count($engines) > 1) {
        echo "<script type='text/javascript'>\$('#msg').html('{$engine_name}');</script>";
    }
    $_errors = $directive_editor->test($engine_id);
    foreach ($_errors as $error) {
        $errors[] = $error;
    }
}
Example #11
0
/**
 * Returns remaining days to trial expiration or FALSE
 *
 * @return bool|int
 */
function calc_days_to_expire()
{
    $trial_days = FALSE;
    if (Session::is_pro()) {
        $days_to_expire = Session::trial_days_to_expire();
        if ($days_to_expire <= 30) {
            $trial_days = intval($days_to_expire) <= 0 ? 0 : intval($days_to_expire);
        }
    }
    return $trial_days;
}
Example #12
0
/***  This file is includen in step_loader.php hence the wizard object is defined in $wizard  ***/
/***                         database connection is stored in $conn                           ***/
/************************************************************************************************/
/************************************************************************************************/
if (!$wizard instanceof Welcome_wizard) {
    throw new Exception("There was an error, the Welcome_wizard object doesn't exist");
}
$interfaces = array();
try {
    $interfaces = Welcome_wizard::get_interfaces();
} catch (Exception $e) {
    $config_nt = array('content' => $e->getMessage(), 'options' => array('type' => 'nf_error', 'cancel_button' => true), 'style' => 'margin:10px auto;width:50%;text-align:center;padding:0 10px;z-index:999');
    $nt = new Notification('nt_notif', $config_nt);
    $nt->show();
}
$v_short = Session::is_pro() ? "USM" : "OSSIM";
$text_descr = _("The network interfaces in AlienVault %s can be configured to run Network Monitoring or as Log Collection & Scanning. Once you've configured the interfaces you'll need to ensure that the networking is configured appropriately for each interface so that AlienVault %s is either receiving data passively or has the ability to reach out to the desired network.");
$text_descr = sprintf($text_descr, $v_short, $v_short);
?>

<script type='text/javascript'>
    
    var __nic ,__n_role ,__n_ip, __n_mask = null;
    var __nic_state = false;
    
    function load_js_step()
    {
        load_handler_step_interfaces();   
        
        <?php 
if (count($interfaces) > 0) {
Example #13
0
    }
    // Reset main indicator if no more policy reload need
    if (!Web_indicator::is_on('Reload_policies') && !Web_indicator::is_on('Reload_sensors') && !Web_indicator::is_on('Reload_plugins') && !Web_indicator::is_on('Reload_directives') && !Web_indicator::is_on('Reload_servers')) {
        Web_indicator::set_off('ReloadPolicy');
    }
    $error = sprintf(_("Unable to connect to %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
    echo ossim_error($error);
    exit;
}
if ($what != 'tasks') {
    $in = 'reload-' . $what . ' id="2"' . "\n";
    $out = '';
    @socket_write($socket, $in, strlen($in));
    $out = @socket_read($socket, 2048);
    if (strncmp($out, 'ok id="2"', 9) != 0) {
        $error = sprintf(_("Bad response from %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
        echo ossim_error($error);
        exit;
    }
    @socket_close($socket);
}
// Switch off web indicator
if ($what == 'all') {
    Web_indicator::set_off('Reload_policies');
    Web_indicator::set_off('Reload_sensors');
    Web_indicator::set_off('Reload_plugins');
    Web_indicator::set_off('Reload_directives');
    Web_indicator::set_off('Reload_servers');
} else {
    Web_indicator::set_off('Reload_' . $what);
}
Example #14
0
if (!Session::am_i_admin()) {
    echo _('You do not have permissions to see this section');
    die;
}
/************************************************************************************************/
/************************************************************************************************/
/***  This file is includen in step_loader.php hence the wizard object is defined in $wizard  ***/
/***                         database connection is stored in $conn                           ***/
/************************************************************************************************/
/************************************************************************************************/
if (!$wizard instanceof Welcome_wizard) {
    throw new Exception('There was an unexpected error');
}
$config = new Config();
$otx_key = $config->get_conf("open_threat_exchange_key");
$v_tag = Session::is_pro() ? "USM" : "OSSIM";
?>

<script type='text/javascript'>

    function load_js_step()
    {
    
        load_handler_step_otx();        

    }

</script>

<div id='step_6' class='step_container'>
    {
        if($(this).val() != '')
        {
            $('#w_otx_next').prop('disabled', false);
        }
        else
        {
            $('#w_otx_next').prop('disabled', true);
        }

    });

    $('#b_get_otx_token').on('click', function()
    {
        var url = "https://www.alienvault.com/my-account/customer/signup-or-thanks/?ctype=<?php 
echo Session::is_pro() ? 'usm' : 'ossim';
?>
";

        av_window_open(url,
        {
            width: 800,
            height: 750,
            title: 'otxwindow'
        })
    });
    
    $('#otx_data_link').on('click', function()
    {
        LB_show("<?php 
echo _('Open Threat Exchange Sample Data');
Example #16
0
		function checkall() 
		{
			if (checks) 
			{
				$("#fuser").unCheckCheckboxes(".i_perms", true);
				checks = 0;
			} 
			else 
			{
				$("#fuser").checkCheckboxes(".i_perms", true);
				checks = 1;
			}
		}
		
		<?php 
if (Session::am_i_admin() && Session::is_pro()) {
    ?>
	
			function save_inputs() 
			{
				var data = new Array();
				
				data[0] = $('#login').val();
				data[1] = $('#user_name').val();
				data[2] = $('#email').val();
				data[3] = $('#language').val();
				data[4] = $('#tzone').val();
					
				if ($('#fl_yes').length >= 1)
				{
					data[5] = ($('#fl_yes:checked').length == 1) ? 'fl_yes' : 'fl_no';
Example #17
0
 }
 Session::logcheck('report-menu', 'ReportsReportServer');
 $TBackground = "#7B7B7B";
 $TForeground = "#FFFFFF";
 $SBackground = "#8CC221";
 $SForeground = "#FFFFFF";
 // Load css
 $styleCss = array('Title' => array('Background' => $TBackground, 'Foreground' => $TForeground), 'Subtitle' => array('Background' => $SBackground, 'Foreground' => $SForeground));
 // Make header - footer with replacements
 $footerContent = array('left' => 'User: '******' / [[date_y]]-[[date_m]]-[[date_d]] [[date_h]]:[[date_i]]:[[date_s]]', 'right' => 'Page [[page_cu]] / [[page_nb]]');
 $report_data = $section == 'forensics' ? get_freport_data($report_id) : get_report_data($report_id);
 // Init PDF Report
 $pdfReport = new Pdf_report($report_id, 'P', 'A4', NULL, FALSE);
 // Init html2pdf document
 //$header = ucwords(str_replace('_',' ',$pdfReport->getName()));
 $htmlPdfReport = new Pdf_html($report_id, $report_data['report_name'], Session::is_pro() ? 'default.png' : 'ossim.png', '', $styleCss, $footerContent);
 // Include php per each sub-report
 $runorder = 1;
 // Close session to stop() feature
 $dDB['_shared'] = new DBA_shared($report_id);
 $dDB['_shared']->truncate();
 session_write_close();
 foreach ($report_data['subreports'] as $r_key => $r_data) {
     //PDF Report with hidden modules
     if (!isset($_POST['sr_' . $r_data['id']]) && $report_id == $r_data["id"] && file_exists($r_data['report_file'])) {
         $subreport_id = $r_data['id'];
         if ($_DEBUG) {
             echo $subreport_id . '=' . $r_data['report_file'] . "<br>\n";
         }
         include $r_data['report_file'];
     } elseif (POST('sr_' . $r_data['id']) == 'on' && file_exists($r_data['report_file'])) {
$query = GET('query') != "" ? GET('query') : "";
$directive_id = GET('directive_id');
$intent = intval(GET('intent'));
$sensor_query = GET('sensor_query');
$tag = GET('tag');
$num_events = GET('num_events');
$num_events_op = GET('num_events_op');
$date_from = GET('date_from');
$date_to = GET('date_to');
$ds_id = GET('ds_id');
$ds_name = GET('ds_name');
$beep = intval(GET('beep'));
$sec = POST('sEcho');
//$tags            = Tags::get_list($conn);
$tags_html = Tags::get_list_html($conn);
if (Session::is_pro() && Session::show_entities()) {
    list($entities, $_children, $_num_ent) = Acl::get_entities($conn, '', '', true, false);
}
ossim_valid($order, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Order"));
ossim_valid($torder, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Order Direction"));
ossim_valid($delete, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Delete"));
ossim_valid($close, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Close"));
ossim_valid($open, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Open"));
ossim_valid($delete_day, OSS_ALPHA, OSS_SPACE, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Delete_day"));
ossim_valid($query, OSS_ALPHA, OSS_PUNC_EXT, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("Query"));
ossim_valid($autorefresh, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Autorefresh"));
ossim_valid($refresh_time, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Refresh_time"));
ossim_valid($directive_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Directive_id"));
ossim_valid($intent, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Intent"));
ossim_valid($src_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Src_ip"));
ossim_valid($dst_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Dst_ip"));
Example #19
0
require_once 'av_init.php';
require_once 'classes/asset_host.inc';
Session::logcheck("analysis-menu", "EventsForensics");
if (!isset($_SESSION["_user"])) {
    $ossim_link = $conf->get_conf("ossim_link", FALSE);
    $login_location = $ossim_link . '/session/login.php';
    header("Location: {$login_location}");
    exit;
}
// Timezone correction
$tz = Util::get_timezone();
$timetz = gmdate("U") + 3600 * $tz;
// time to generate dates with timezone correction
// IDM Mode?
$idm_enabled = $conf->get_conf("enable_idm", FALSE) == 1 && Session::is_pro() ? true : false;
$cloud_instance = $conf->get_conf("cloud_instance", FALSE) == 1 && Session::is_pro() ? true : false;
$_SESSION['_idm'] = $idm_enabled;
// Custom Views
$login = Session::get_session_user();
$db_aux = new ossim_db();
$conn_aux = $db_aux->connect();
$config = new User_config($conn_aux);
$_SESSION['views'] = $config->get($login, 'custom_views', 'php', "siem");
$default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
// First create default views if not exists (important!)
$session_data = $_SESSION;
foreach ($_SESSION as $k => $v) {
    if (preg_match("/^(_|alarms_|back_list|current_cview|views|ports_cache|acid_|report_|graph_radar|siem_event|siem_current_query|siem_current_query_graph|deletetask|mdspw).*/", $k)) {
        unset($session_data[$k]);
    }
}
"><?php 
        echo $s_alarm_name . $events_count;
        ?>
</a>
                    <?php 
        echo $tooltip;
        ?>
                </td>
        		<td class="nobborder center">
        			<?php 
        echo Util::number_format_locale($event_ocurrences, 0);
        ?>
        		</td>
                <?php 
        echo $risk_field;
        if (Session::is_pro() && $mssp) {
            ?>
                    
        			<!-- entity -->
        			<td class="nobborder" style="text-align:center;">
        				<?php 
            foreach ($ctxs as $_ctx) {
                if (count($ctxs) < 2 || $entity_types[$_ctx] != 'engine') {
                    echo (!empty($entities[$_ctx]) ? $entities[$_ctx] : _("Unknown")) . "<br/>";
                }
            }
            ?>
        			</td>
        			<!-- end entity -->
        			<?php 
        }
Example #21
0
		});
	
	</script>
	
</head>

<body id='body_scroll' style="background-color:#fafafa">

<div id='container'>
	<table width="95%" class='transparent'  align='center'>

	<?php 
foreach ($notes as $note) {
    if (Session::is_admin($conn, $note->get_user()) || $note->get_user() == AV_DEFAULT_ADMIN) {
        $icon = '/ossim/pixmaps/user-business.png';
    } elseif (Session::is_pro() && Acl::is_proadmin($conn, $note->get_user())) {
        $icon = '/ossim/pixmaps/user-gadmin.png';
    } else {
        $icon = '/ossim/pixmaps/user-green.png';
    }
    ?>
	
		<tr>
			<td class="nobborder" width='25%' height="100px">

				<div class='note_info'>
					<table class="noborder" align="center">
    					<tr>
    					  <td><img align="absmiddle" alt="Entity admin" src="<?php 
    echo $icon;
    ?>
Example #22
0
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive("../session/login.php");
//Support contact
$v = Session::is_pro();
$s_c = NULL;
$t_d = Session::trial_days_to_expire();
$license = Session::get_system_license();
if ($v) {
    if ($license !== FALSE) {
        $s_email = '*****@*****.**';
        if ($t_d > 31) {
            $s_email = '*****@*****.**';
        }
        $s_c = md5($s_email);
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
Example #23
0
        $data['status'] = 'OK';
        echo json_encode($data);
    }
    exit;
} else {
    if (is_array($validation_errors) && !empty($validation_errors)) {
        $data['status'] = 'error';
        $data['data'] = $validation_errors;
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
    <head>
        <title> <?php 
echo _('AlienVault ' . (Session::is_pro() ? 'USM' : 'OSSIM'));
?>
 </title>
        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
        <meta http-equiv="Pragma" content="no-cache"/>
        <?php 
//CSS Files
$_files = array(array('src' => 'av_common.css', 'def_path' => TRUE));
Util::print_include_files($_files, 'css');
?>
    </head>

    <body>
    <?php 
if (POST('insert') && empty($data['data']['id'])) {
    if ($data['status'] == 'error') {
Example #24
0
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
    $error = Token::create_error_message();
    Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
    $perm_add = Session::can_i_create_assets();
    if (!$perm_add) {
        $error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
        Util::response_bad_request($error);
    }
    $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
    $num_assets = Filter_list::get_total_selection($conn, 'network');
    //Delete all filtered nets
    Asset_net::bulk_delete($conn);
    $data['status'] = 'OK';
    $data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
    $db->close();
    Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
Example #25
0
  <link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php 
echo Util::get_css_id();
?>
"/>
  
</head>
<body>
                                                                                
  <h1> <?php 
echo _("New policy");
?>
 </h1>

	<?php 
//Version
$pro = Session::is_pro();
$action = POST('action');
//Time range
//range_type
$tr_type = POST('date_type');
//timezone
$tzone = POST('tzone');
//begin
$b_month = POST('begin_month');
$b_month_day = POST('begin_day_month');
$b_week_day = POST('begin_day_week');
$b_hour = POST('begin_hour');
$b_minute = POST('begin_minute');
//end
$e_month = POST('end_month');
$e_month_day = POST('end_day_month');
Example #26
0
function get_asset_filters($conn, $asset)
{
    if (!Session::is_pro() || preg_match("/ALL_ASSETS/", $asset)) {
        $return['ctx'] = array();
        $return['assets']['host'] = array();
        $return['assets']['net'] = array();
        $return['assets']['sensor'] = array();
        return $return;
    } else {
        include_once AV_MAIN_ROOT_PATH . '/report/asset_type_functions.php';
        $filters = getAssetFilter(array('assets' => $asset), $conn);
        return $filters;
    }
}
Example #27
0
function ticket_form($action)
{
    global $conn;
    $users = Session::get_users_to_assign($conn);
    if (Session::is_pro()) {
        $entities = Acl::get_entities_to_assign($conn);
    }
    ?>
	<tr class="tticket">
	   <td colspan="2" class="nobborder">&nbsp;</td>
	</tr>
	<tr class="tticket">
		<th><label for="in_charge"><?php 
    echo _('In Charge:') . required();
    ?>
</label></th>
		<td class="nobborder left">
			<table cellspacing="0" cellpadding="0" class="transparent">
                <tr>
                    <td class="nobborder">
                        <label for="transferred_user"><?php 
    echo _('User:'******'set_focus(this);' name="transferred_user" id="transferred_user" class="vfield" onchange="switch_user('user');return false;">
                        <?php 
    $num_users = 0;
    foreach ($users as $k => $v) {
        $login = $v->get_login();
        $options .= "<option value='{$login}'" . ($action == $login ? " selected" : "") . ">{$login}</option>\n";
        $num_users++;
    }
    if ($num_users == 0) {
        echo "<option value='' style='text-align:center !important;'>- " . _("No users found") . "- </option>";
    } else {
        echo "<option value='' style='text-align:center !important;' selected='selected'>- " . _("Select one user") . " -</option>\n";
        echo $options;
    }
    ?>
                        </select>
                    </td>
                
                <?php 
    if (!empty($entities)) {
        ?>
                    <td class="nobborder" nowrap='nowrap'>
                        <label for="transferred_entity" style='margin-right: 3px;'><?php 
        echo _('OR') . ' ' . _('Entity:');
        ?>
</label>
                    </td>
                    <td class="nobborder">
                        <select onfocus='set_focus(this);' name="transferred_entity" id="transferred_entity" class="vfield" onchange="switch_user('entity');return false;">
                        <?php 
        if (count($entities) == 0) {
            echo "<option value='' style='text-align:center !important;'>- " . _('No entities found') . " -</option>";
        } else {
            echo "<option value='' style='text-align:center !important;'>- " . _('Select one entity') . " -</option>\n";
        }
        foreach ($entities as $k => $v) {
            echo "<option value='{$k}'" . ($action == $k ? " selected" : "") . ">{$v}</option>";
        }
        ?>
                        </select>
                    </td>
                <?php 
    }
    ?>
                </tr>
			</table>
		</td>
	</tr>
    <?php 
}
Example #28
0
					<li id='litem_tab3'><a href="#tab3" id='link_tab3'><?php 
echo ucfirst(basename(Ossec_agent::CONF_PATH));
?>
</a></li>
				</ul>
			</td>
		</tr>
	</table>
	
	<table id='tab_container'>
		<tr>
			<td>							
				<div id='tabs'>	    
					
					<?php 
$s_class = Session::is_pro() && count($s_data['sensors']) > 1 ? 's_show' : 's_hide';
?>
		      
        			<div class='c_filter_and_actions'>						
                        <div class='c_filter'>
                            <label for='sensors'><?php 
echo _("Select sensor");
?>
:</label>
                            <select id='sensors' name='sensors' class='vfield <?php 
echo $s_class;
?>
' disabled='disabled'>
                            	<?php 
echo $sensor_opt;
?>
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyServers');
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
$ip = GET('ip');
$sname = GET('name');
$update = intval(GET('update'));
$opensource = Session::is_pro() ? FALSE : TRUE;
$mssp = intval($conf->get_conf("alienvault_mssp"));
$local_id = $conf->get_conf("server_id");
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP'));
ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name'));
ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID'));
if (ossim_error()) {
    die(ossim_error());
}
$action = 'newserver.php';
$all_rservers = Server::get_server_hierarchy($conn, $id);
$error_forward = FALSE;
$can_i_modify_elem = TRUE;
if (!empty($id)) {
    $server = Server::get_object($conn, $id);
    $role_list = Role::get_list($conn, $id);
Example #30
0
     $new->set_descr($descr);
     $new->set_rpass($rpass);
     foreach ($entities as $ctx) {
         $new->add_new_ctx($ctx, $ctx);
     }
     // try to attach a component
     // Only when modifying a remote sensor
     if ($cproperties['version'] != '' && !empty($_POST['rpass'])) {
         $new->set_component($conn);
     }
     $new->save_in_db($conn);
     if ($location != '') {
         Locations::insert_related_sensor($conn, $location, $sensor_id);
     }
 } catch (Exception $e) {
     if (Session::is_pro() && $new_context_uuid != '' && preg_match("/password/", $e->getMessage())) {
         Acl::delete_entities($conn, $new_context_uuid);
         // Refresh current permissions
         $_SESSION['_user_vision'] = Acl::get_user_vision($conn);
     }
     $config_nt = array('content' => $e->getMessage(), 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;');
     $nt = new Notification('nt_1', $config_nt);
     $nt->show();
     $db->close();
     // Detected sensor not inserted yet, back to rpass mode
     if (!empty($_POST['rpass'])) {
         Util::make_form("POST", "newsensorform.php?ip={$ip}");
     } else {
         Util::make_form("POST", "newsensorform.php?id={$sensor_id}&ip={$ip}&sname={$sname}");
     }
     exit;