Beispiel #1
0
function main_page($job_id, $op)
{
    global $editdata, $scheduler, $defaultVSet, $credAudit, $enComplianceChecks, $profileid, $isvm, $sen, $hostlist, $pluginlist, $timeout, $uroles, $username, $useremail, $dbconn, $disp, $enDetailedScanRequest, $enScanRequestImmediate, $enScanRequestRecur, $smethod;
    $query = "SELECT pn_email, defProfile \n               FROM vuln_users \n\t       WHERE pn_uname='{$username}' LIMIT 1";
    $result = $dbconn->execute($query);
    list($useremail, $user_defsid) = $result->fields;
    $request = "";
    if ($isvm != "" && $hostlist != "") {
        $editdata['name'] = "ISVM SCAN - {$isvm}";
        $editdata['meth_TARGET'] = str_replace("<br>", "\n", $hostlist);
        $editdata['meth_CPLUGINS'] = str_replace("<br>", "\n", $pluginlist);
    }
    if ($sen != "" && $hostlist != "") {
        $editdata['name'] = "INVESTIGATE SCAN - {$sen}";
        $editdata['meth_TARGET'] = str_replace("<br>", "\n", $hostlist);
        $editdata['meth_CPLUGINS'] = str_replace("<br>", "\n", $pluginlist);
    }
    if ($op == "reoccuring") {
        $scheduler = "1";
        $title = "Create Recurring Job";
        $txt_submit = _("New Job");
    } elseif ($op == "editreocurring") {
        $scheduler = "1";
        $title = "Edit Recurring Job";
        $txt_submit = _("Save Changes");
    } else {
        $scheduler = "0";
        if (!$uroles['nessus']) {
            #Users without nessus role can only submit scan request
            $request = " Request";
        }
        /*if ( $op != "rerun" ) { #ADD SOME CONTROLS AROUND SETTING/SELECTING SOME IMPORTANT DEFAULTS
             if ( is_numeric($user_defsid) && $user_defsid > 0 ) {
             	   $editdata['meth_VSET'] = "$user_defsid";
             }
             if ( is_numeric($credAudit) && $credAudit > 0 ) {
                $editdata['meth_CRED'] = "$credAudit";
             }
          }*/
        if ($disp == "edit_sched") {
            $title = _("Modify Scan Job{$request}");
        } else {
            $title = _("Create Scan Job{$request}");
        }
        $txt_submit = _("New Job");
    }
    #java_validation ();
    $profileid = $defaultVSet;
    #DEFAULT PROFILE
    #include ('navbar.php');
    if ($timeout == "") {
        $timeout = "28800";
        // 8 horas
    }
    //<center><table cellspacing="0" cellpadding="0" border="0" width="80%"><tr><td class="headerpr" style="border:0;">$title</td></tr></table></center>
    echo "<center><table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"80%\" class=\"noborder\">";
    echo "<tr class=\"noborder\" style=\"background-color:white\"><td class=\"headerpr\">";
    echo "    <table width=\"100%\" class=\"noborder\" style=\"background-color:transparent\">";
    echo "        <tr class=\"noborder\" style=\"background-color:transparent\"><td width=\"5%\" class=\"noborder\">";
    echo "        <a href=\"manage_jobs.php?hmenu=Vulnerabilities&smenu=Jobs\"><img src=\"./images/back.png\" border=\"0\" alt=\"Back\" title=\"Back\"></a>";
    echo "        </td><td width=\"95%\">";
    echo "             {$title}</font>";
    echo "        </td></tr>";
    echo "    </table>";
    echo "</td></tr></table></center>";
    echo <<<EOT
<div>
     <form method="post" action="sched.php" name="msgform">
     <input type="hidden" name="disp" value="create">
EOT;
    if ($op == "editrecurring") {
        $sched_id = $editdata['id'];
        echo <<<EOT
     <input type="hidden" name="op" value="editrecurring">
     <input type="hidden" name="sched_id" value="{$sched_id}">
EOT;
    }
    $tabs = array("discovery" => "Target");
    if ($uroles['nessus'] || $enDetailedScanRequest) {
        $tabs['settings'] = "Scan";
        $tabs['credentials'] = "Credentials";
        if ($enComplianceChecks) {
            $tabs['compliance'] = "Compliance";
        }
    }
    // nothing here now, so no need to include the code
    //$tabs['reporting'] = "Reporting";
    /*     $i = 0;
         $numTabs = count($tabs) - 1;
         foreach($tabs as $tkey=>$tname) {
            $func = "tab_" . $tkey;
            echo $func;
            if($schedTabs != "") { $schedTabs .= " &nbsp;&nbsp;&nbsp; "; }
            $schedTabs .= "<input type=\"button\" onClick=\"showDiv($i, 'section', $numTabs);return false;\" value=\"" . $tname . "\" class=\"button\">";
            $schedContent .= createHiddenDiv($tkey,$i,$func());
            
            $i++;
         }*/
    echo "<center>" . tab_discovery() . "</center>";
    //     foreach($tabs as $tkey=>$tname) {
    //        $func = "tab_" . $tkey;
    //        if($schedTabs != "") { $schedTabs .= " | "; }
    //        $schedTabs .= "<a href=\"javascript:\" onClick=\"showDiv($i, 'section', $numTabs);return false;\">" . $tname . "</a>";
    //        $schedContent .= createHiddenDiv($tkey,$i,$func());
    //        $i++;
    //     }
    if ($disp == "edit_sched") {
        echo "<br><center><input type=\"submit\" name=\"submit\" value=\"" . _("Update Job") . "\" onClick=\"return checkForm();\" class=\"button\">";
    } else {
        if ($smethod == "inmediately") {
            echo "<br><center><input type=\"submit\" name=\"submit\" value=\"" . _("Run Now") . "\" onClick=\"return checkForm();\" class=\"button\">";
        } else {
            echo "<br><center><input type=\"submit\" name=\"submit\" value=\"{$txt_submit}\" onClick=\"return checkForm();\" class=\"button\">";
        }
    }
    echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href=\"javascript:;\" onclick=\"simulation();\"><img src=\"../pixmaps/arrow_green.gif\" align=\"absmiddle\" border=\"0\"> " . _("Configuration Check") . "</a>";
    // echo "&nbsp;&nbsp;<input type=\"button\" name=\"simulate\" value=\""._("Simulate")."\" onClick=\"simulation();\" class=\"button\">&nbsp;<span id='ld'></span>";
    echo "<br><br><span id='sresult'></span></center></form></div>";
    require_once "footer.php";
}
Beispiel #2
0
function main_page($job_id, $vuln_op)
{
    global $editdata, $scheduler, $defaultVSet, $credAudit, $enComplianceChecks, $profileid, $isvm, $sen, $hostlist, $pluginlist, $timeout, $uroles, $username, $useremail, $dbconn, $disp, $enDetailedScanRequest, $enScanRequestImmediate, $enScanRequestRecur, $smethod, $back_url;
    $query = "SELECT pn_email, defProfile \n               FROM vuln_users \n\t       WHERE pn_uname='{$username}' LIMIT 1";
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $result = $dbconn->execute($query);
    list($useremail, $user_defsid) = $result->fields;
    $request = "";
    if ($isvm != "" && $hostlist != "") {
        $editdata['name'] = "ISVM SCAN - {$isvm}";
        $editdata['meth_TARGET'] = str_replace("&lt;br&gt;", "\n", $hostlist);
        $editdata['meth_CPLUGINS'] = str_replace("&lt;br&gt;", "\n", $pluginlist);
    }
    if ($sen != "" && $hostlist != "") {
        $editdata['name'] = "INVESTIGATE SCAN - {$sen}";
        $editdata['meth_TARGET'] = str_replace("&lt;br&gt;", "\n", $hostlist);
        $editdata['meth_CPLUGINS'] = str_replace("&lt;br&gt;", "\n", $pluginlist);
    }
    if ($vuln_op == "reoccuring") {
        $scheduler = "1";
        $title = "Create Recurring Job";
        $txt_submit = _("New Job");
    } elseif ($vuln_op == "editreocurring") {
        $scheduler = "1";
        $title = "Edit Recurring Job";
        $txt_submit = _("Save Changes");
    } else {
        $scheduler = "0";
        if (!$uroles['nessus']) {
            #Users without nessus role can only submit scan request
            $request = " Request";
        }
        /*if ( $op != "rerun" ) { #ADD SOME CONTROLS AROUND SETTING/SELECTING SOME IMPORTANT DEFAULTS
             if ( is_numeric($user_defsid) && $user_defsid > 0 ) {
             	   $editdata['meth_VSET'] = "$user_defsid";
             }
             if ( is_numeric($credAudit) && $credAudit > 0 ) {
                $editdata['meth_CRED'] = "$credAudit";
             }
          }*/
        if ($disp == "edit_sched") {
            $title = _("Modify Scan Job{$request}");
        } else {
            $title = _("Create Scan Job{$request}");
        }
        $txt_submit = _("New Job");
    }
    $profileid = $defaultVSet;
    #DEFAULT PROFILE
    if ($timeout == "") {
        $timeout = "28800";
        // 8 horas
    }
    echo "<center><table style=\"margin-top:10px;\" class=\"transparent\" width=\"80%\" cellspacing=\"0\" cellpadding=\"0\">";
    echo "<tr><td class=\"headerpr_no_bborder\">";
    echo "        <div class='c_back_button'>";
    echo "\t          <input type='button' class='av_b_back' onclick=\"document.location.href='{$back_url}';return false;\"/>";
    echo "\t      </div>";
    echo "        {$title}";
    echo "</td></tr></table></center>";
    echo <<<EOT
<div>
     <form method="post" action="sched.php" name="msgform" id='msgform'>
\t <input type="hidden" name="disp" value="create">
EOT;
    if ($vuln_op == "editrecurring") {
        $sched_id = $editdata['id'];
        echo <<<EOT
     <input type="hidden" name="vuln_op" value="editrecurring">
     <input type="hidden" name="sched_id" value="{$sched_id}">
EOT;
    }
    $tabs = array("discovery" => "Target");
    if ($uroles['nessus'] || $enDetailedScanRequest) {
        $tabs['settings'] = "Scan";
        $tabs['credentials'] = "Credentials";
        if ($enComplianceChecks) {
            $tabs['compliance'] = "Compliance";
        }
    }
    echo "<center>" . tab_discovery() . "</center>";
    ?>
    <center>
    <br />
    
    <?php 
    if ($disp == "edit_sched") {
        echo "<input type=\"button\" id=\"mjob\" value=\"" . _("Update Job") . "\" disabled=\"disabled\" />";
    } else {
        if ($smethod == "inmediately") {
            echo "<input type=\"button\" id=\"mjob\" value=\"" . _("Run Now") . "\" disabled=\"disabled\" />";
        } else {
            echo "<input type=\"button\" id=\"mjob\" value=\"{$txt_submit}\" disabled=\"disabled\" />";
        }
    }
    ?>
    
        <span id="loading" style="display:none;margin:0px 0px 0px 10px;" ><?php 
    echo _("Checking Job...");
    ?>
</span>
<?php 
    // echo "&nbsp;&nbsp;<input type=\"button\" name=\"simulate\" value=\""._("Simulate")."\" onClick=\"simulation();\" class=\"button\">&nbsp;<span id='ld'></span>";
    echo "<br><br><div id='sresult'></div></center></form></div>";
    require_once 'footer.php';
}