* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * * @package ossim-framework\Assets * @autor AlienVault INC * @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyHosts'); // Close session write for real background loading session_write_close(); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0; $order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : ''; $torder = POST('sSortDir_0'); $search_str = POST('sSearch') != '' ? POST('sSearch') : ''; $sec = POST('sEcho'); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength'); ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart'); ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0'); ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0'); ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) {
* @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0; $order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : ''; $torder = POST('sSortDir_0'); $search_str = POST('sSearch') != '' ? POST('sSearch') : ''; $sec = POST('sEcho'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax('environment-menu', 'EventsVulnerabilities'); // Close session write for real background loading session_write_close(); ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID')); ossim_valid($asset_type, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal: ' . _('Asset Type')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength'); ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart'); ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0'); ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0'); ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) { Util::response_bad_request(ossim_get_error_clean()); } // Check Asset Type $asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group');
* * You should have received a copy of the GNU General Public License * along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; $m_perms = array('environment-menu', 'environment-menu'); $sm_perms = array('PolicyHosts', 'PolicyNetworks'); Session::logcheck_ajax($m_perms, $sm_perms); $data['status'] = 'success'; $data['data'] = _('Your changes have been saved'); $message_id = POST('message_id'); if (!valid_hex32($message_id, TRUE)) { Util::response_bad_request(_('Error! Message ID not allowed. Action could not be completed')); } try { $status = new System_notifications(); $flags = array('viewed' => 'true'); $status->set_status_message($message_id, $flags); } catch (Exception $e) { Util::response_bad_request($e->getMessage()); } echo json_encode($data);
* * You should have received a copy of the GNU General Public License * along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ //Config File require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyNetworks'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_network_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions'); Util::response_bad_request($error);
* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * * @package ossim-framework\Assets * @autor AlienVault INC * @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; Session::logcheck_ajax("analysis-menu", "ControlPanelAlarms"); // Close session write for real background loading session_write_close(); $backlog_id = POST('backlog_id'); $asset_ip = POST('asset_ip'); $source = POST('source'); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0; $order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : ''; $torder = POST('sSortDir_0'); $search_str = POST('sSearch') != '' ? POST('sSearch') : ''; $sec = intval(POST('sEcho')); ossim_valid($backlog_id, OSS_HEX, 'illegal: ' . _('Backlog ID')); ossim_valid($asset_ip, OSS_IP_ADDR_0, 'illegal: ' . _('Asset IP')); ossim_valid($source, 'src|dst', 'illegal: ' . _('Port Origin')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength');
* along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax('environment-menu', 'MonitorsAvailability'); session_write_close(); if (!valid_hex32($asset_id)) { Util::response_bad_request(_('Sorry, asset data was not loaded due to a validation error')); } // Check Asset Type $asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group'); try { $db = new Ossim_db(); $conn = $db->connect(); if ($asset_id && $asset_type) { if (!array_key_exists($asset_type, $asset_types)) { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Invalid Asset Type')); } $class_name = $asset_types[$asset_type]; // Check Asset Permission
* @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0; $order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : ''; $torder = POST('sSortDir_0'); $search_str = POST('sSearch') != '' ? POST('sSearch') : ''; $sec = POST('sEcho'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax('analysis-menu', 'ControlPanelAlarms'); // Close session write for real background loading session_write_close(); ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID')); ossim_valid($asset_type, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal: ' . _('Asset Type')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength'); ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart'); ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0'); ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0'); ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) { Util::response_bad_request(ossim_get_error_clean()); } // Check Asset Type $asset_types = array('asset' => 'asset_host', 'network' => 'asset_net', 'group' => 'asset_group');
* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * * @package ossim-framework\Assets * @autor AlienVault INC * @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; Session::logcheck_ajax("dashboard-menu", "IPReputation"); // Close session write for real background loading session_write_close(); function get_pulse_detail_from_id($conn) { $type = POST('type'); $pulse = POST('pulse'); $id = POST('id'); ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type')); ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse')); ossim_valid($id, OSS_HEX, 'illegal:' . _('ID')); if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } if ($type == 'alarm') { $pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE);
* along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax('analysis-menu', 'EventsForensics'); session_write_close(); if (!valid_hex32($asset_id)) { Util::response_bad_request(_('Sorry, asset data was not loaded due to a validation error')); } // Check Asset Type $asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group'); try { $db = new Ossim_db(); $conn = $db->connect(); if ($asset_id && $asset_type) { if (!array_key_exists($asset_type, $asset_types)) { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Invalid Asset Type')); } $class_name = $asset_types[$asset_type]; // Check Asset Permission
*/ require_once 'av_init.php'; $scan_types = array('nmap' => 5, 'ocs' => 3, 'wmi' => 4); $frequencies = array('3600' => 'Hourly', '86400' => 'Daily', '604800' => 'Weekly', '2419200' => 'Monthly'); $s_type = POST('s_type'); $s_type = empty($s_type) ? $_SESSION['av_inventory_type'] : $s_type; session_write_close(); if (!array_key_exists($s_type, $scan_types)) { $e_message = _('You do not have the correct permissions to see this page. Please contact system administrator with any questions'); Util::response_bad_request($e_message); } // Logcheck by s_type if ($s_type == 'ocs') { Session::logcheck_ajax('configuration-menu', 'AlienVaultInventory'); } else { Session::logcheck_ajax('environment-menu', 'AlienVaultInventory'); } $data = array(); try { $db = new ossim_db(); $conn = $db->connect(); $task_list = Inventory::get_list($conn, '', $scan_types[$s_type]); foreach ($task_list as $task) { $sensor_name = Av_sensor::get_name_by_id($conn, $task['task_sensor']); if ($sensor_name == '') { $sensor_name = _('Unknown'); } if ($s_type == 'wmi') { preg_match('/wmipass:(.*)/', $task['task_params'], $matches); if ($matches[1] != '') { $task['task_params'] = preg_replace('/wmipass:(.*)/', '', $task['task_params']);
* @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0; $order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : ''; $torder = POST('sSortDir_0'); $search_str = POST('sSearch') != '' ? POST('sSearch') : ''; $sec = POST('sEcho'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax("analysis-menu", "EventsForensics"); // Close session write for real background loading session_write_close(); ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID')); ossim_valid($asset_type, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal: ' . _('Asset Type')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength'); ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart'); ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0'); ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0'); ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) { Util::response_bad_request(ossim_get_error_clean()); } // Check Asset Type $asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group');
* @autor AlienVault INC * @license http://www.gnu.org/licenses/gpl-2.0.txt * @copyright 2003-2006 ossim.net * @copyright 2007-2013 AlienVault * @link https://www.alienvault.com/ */ require_once 'av_init.php'; function ReportLog() { } $asset_id = POST('asset_id'); $asset_type = POST('asset_type'); $maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8; $sec = POST('sEcho'); Session::logcheck_by_asset_type($asset_type); Session::logcheck_ajax('environment-menu', 'MonitorsNetflows'); require AV_MAIN_ROOT_PATH . '/nfsen/conf.php'; require_once AV_MAIN_ROOT_PATH . '/nfsen/nfsenutil.php'; require_once AV_MAIN_ROOT_PATH . '/sensor/nfsen_functions.php'; // Close session write for real background loading session_write_close(); ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID')); ossim_valid($asset_type, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal: ' . _('Asset Type')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) { Util::response_bad_request(ossim_get_error_clean()); } // Check Asset Type $asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group'); // NFSEN Options
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once dirname(__FILE__) . '/../../conf/config.inc'; Session::logcheck_ajax('environment-menu', 'EventsHidsConfig'); $db = new ossim_db(); $conn = $db->connect(); $permitted_actions = array('get_agentless_status' => '1', 'verify_monitoring_entry' => '1'); $action = POST('action'); $sensor_id = POST('sensor'); if (!array_key_exists($action, $permitted_actions)) { Util::response_bad_request(_('Action not allowed')); } switch ($action) { case 'verify_monitoring_entry': $validate = array('id_type' => array('validation' => 'OSS_NOECHARS, OSS_SCORE, OSS_LETTER', 'e_message' => 'illegal:' . _('Type')), 'frequency' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('frequency')), 'state' => array('validation' => 'OSS_NOECHARS, OSS_SCORE, OSS_LETTER', 'e_message' => 'illegal:' . _('State')), 'arguments' => array('validation' => "OSS_NOECHARS, OSS_TEXT, OSS_SPACE, OSS_AT, OSS_NULLABLE, OSS_PUNC_EXT, '\\`', '\\<', '\\>'", 'e_message' => 'illegal:' . _('Arguments'))); break; case 'get_agentless_status': $validate = array('sensor' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor'))); break;