Beispiel #1
0
function service_list($conn, $page, $search)
{
    $return['error'] = TRUE;
    $return['msg'] = '';
    $filters = array();
    $filters['limit'] = get_query_limits($page);
    $filters['order_by'] = 'port';
    if ($search != '') {
        $search = utf8_decode($search);
        $search = escape_sql($search, $conn);
        $filters['where'] = " (s.port LIKE '%{$search}%'  OR s.service LIKE '%{$search}%'";
        //Filter by protocol name
        $protocol_list = Protocol::get_list($search);
        $protocol_list = array_keys($protocol_list);
        $protocol_list = implode(',', $protocol_list);
        if (!empty($protocol_list)) {
            $filters['where'] .= " OR s.protocol IN ({$protocol_list})";
        }
        $filters['where'] .= ")";
    }
    try {
        list($services, $total) = Asset_host_services::get_services_available($conn, $filters, TRUE);
    } catch (Exception $e) {
        $return['error'] = TRUE;
        $return['msg'] = $e->getMessage();
        return $return;
    }
    if ($total > 0) {
        $selected = get_selected_values(10);
    }
    $list = array();
    //Going through the list to format the elements properly:
    foreach ($services as $service) {
        $_serv = array();
        $id = $service['port'] . ';' . $service['protocol'] . ';' . $service['service'];
        $md5 = md5($id);
        $name = $service['port'] . '/' . $service['prot_name'] . ' (' . $service['service'] . ')';
        $_chk = $selected[$md5] != '' ? TRUE : FALSE;
        $_serv = array('id' => $id, 'name' => Util::utf8_encode2($name), 'checked' => $_chk);
        $list[$md5] = $_serv;
    }
    $data['total'] = intval($total);
    $data['list'] = $list;
    $return['error'] = FALSE;
    $return['data'] = $data;
    return $return;
}
Beispiel #2
0
         $selection_filter = escape_sql($selection_filter, $conn);
         //Create asset object
         $asset_host = new Asset_host($conn, $asset_id);
         $filters = array('where' => 'AND service LIKE "%' . $selection_filter . '%"');
         list($s_list, ) = $asset_host->get_services($conn, $filters);
     }
 }
 $data['status'] = 'success';
 $data['data'] = _('Your changes have been saved');
 if ($toggle_all == TRUE) {
     if (!valid_hex32($asset_id)) {
         $db->close();
         Util::response_bad_request(_('Error! Asset ID not allowed. Your changes could not be saved'));
     } else {
         try {
             Asset_host_services::toggle_nagios($conn, $asset_id, $nagios);
         } catch (Exception $e) {
             $db->close();
             Util::response_bad_request($e->getMessage());
         }
     }
 } else {
     if (is_array($s_list) && !empty($s_list)) {
         foreach ($s_list as $s_values) {
             try {
                 //Clean last error
                 ossim_clean_error();
                 $validate = array('asset_id' => array('validation' => array(OSS_HEX), 'e_message' => 'illegal:' . _('Asset ID')), 'ip' => array('validation' => array(OSS_IP_ADDR), 'e_message' => 'illegal:' . _('Asset IP')), 'port' => array('validation' => array(OSS_PORT), 'e_message' => 'illegal:' . _('Port')), 'protocol' => array('validation' => array(OSS_PROTOCOL_SERVICE), 'e_message' => 'illegal:' . _('Protocol')));
                 //Initialize service data
                 $s_data = array();
                 //Asset ID
    throw new Exception(ossim_get_error_clean());
}
$db = new ossim_db();
$conn = $db->connect();
$filters = array('where' => "h.id = UNHEX('{$asset_id}') AND host_services.port = {$port} AND host_services.service = '" . escape_sql($service, $conn) . "'");
$_list_data = Asset_host_services::get_list($conn, $filters);
$services = $_list_data[0];
if (empty($services[$asset_id][0])) {
    $db->close();
    throw new Exception(_('Service not found'));
}
$service_data = $services[$asset_id][0];
$_host_aux = Asset_host::get_object($conn, $asset_id);
$_ips_aux = array_keys($_host_aux->get_ips()->get_ips());
$_ctx_aux = $_host_aux->get_ctx();
$vulns = Asset_host_services::get_vulns_by_service($conn, $_ips_aux, $_ctx_aux, $service, $port);
// Not matching with software_cpe, but cpe found in version field
if ($service_data['cpe'] == '' && preg_match('/cpe\\:/', $service_data['version'])) {
    $service_data['cpe'] = $service_data['version'];
    $service_data['version'] = '';
}
?>
<div id="tray_container">
    <div class="tray_triangle"></div>
    
    <div id="tray_table">
    
        <div>
        
            <div class='detail_header_left detail_2column'>
                <div class='tray_title'><?php 
             if ($e_counter == $n_size && $n_size == 1) {
                 $e_message = _('Host service could not be toggled');
             } elseif ($e_counter == $n_size && $n_size > 1) {
                 $e_message = _('Host services could not be toggled');
             } else {
                 $e_message = _('Some host services could not be toggled');
                 //At least, one service was toggled, we have to clear the cache
                 $data['reload_tree'] = TRUE;
             }
         }
         //Formatted message
         $data['data'] = '<div>' . _('We Found the following errors') . ":</div>\n\t\t\t\t\t         <div style='padding: 5px;'>" . $e_message . '</div>';
     }
     //Enable o disable Nagios in host
     $filters = array('where' => "h.id IN (UNHEX('" . $p_data['host_id'] . "')) AND nagios = 1");
     $_host_services = Asset_host_services::get_list($conn, $filters);
     $host_services = $_host_services[0];
     if (count($host_services) >= 1) {
         Asset_host_scan::save_plugin_in_db($conn, $p_data['host_id'], 2007);
     } else {
         Asset_host_scan::delete_plugin_from_db($conn, $p_data['host_id'], 2007);
     }
     $db->close();
     break;
 case 'delete_properties':
     //Error counter
     $e_counter = 0;
     //Properties
     $properties = base64_decode(POST('properties'));
     $properties = json_decode($properties, TRUE);
     $data['status'] = 'OK';
$conn = $db->connect();
$filters = array('limit' => "{$from}, {$maxrows}");
if ($search_str != '') {
    $search_str = escape_sql($search_str, $conn);
    $filters['where'] = 'host_services.service LIKE "%' . $search_str . '%"';
}
// DATA
list($services, $total) = $asset_object->get_services($conn, $filters);
$data = array();
//$status_values = array(_('Ok'), _('Warning'), _('Critical'));
foreach ($services as $host_id => $services_list) {
    $_host_aux = Asset_host::get_object($conn, $host_id);
    $_ips_aux = array_keys($_host_aux->get_ips()->get_ips());
    $_ctx_aux = $_host_aux->get_ctx();
    foreach ($services_list as $sw) {
        $vulns = Asset_host_services::get_vulns_by_service($conn, $_ips_aux, $_ctx_aux, $sw['service'], $sw['port']);
        $has_vulns = count($vulns) > 0 ? _('Yes') : _('No');
        if ($sw['nagios']['enabled']) {
            $has_nagios = _('Yes');
            if ($sw['nagios']['status'] == 0) {
                $nagios_status = _('OK');
            } elseif ($sw['nagios']['status'] == 1) {
                $nagios_status = _('WARNING');
            } elseif ($sw['nagios']['status'] == 2) {
                $nagios_status = _('CRITICAL');
            } else {
                $nagios_status = _('UNKNOWN');
            }
        } else {
            $has_nagios = _('No');
            $nagios_status = "-";
Beispiel #6
0
    Util::response_bad_request($e->getMessage());
}
//Distinct Host IDs with properties
$assets_with_services = array();
// Services data
$data = array();
foreach ($s_list as $s_id => $serv_data) {
    foreach ($serv_data as $_asset_id => $s_values) {
        if (array_key_exists($_asset_id, $assets_with_services)) {
            $ips_to_show = $assets_with_services[$_asset_id];
        } else {
            $_host = Asset_host::get_object($conn, $_asset_id);
            $ips_to_show = $_host->get_name() . ' (' . $_host->get_ips()->get_ips('string') . ')';
            $assets_with_services[$_asset_id] = $ips_to_show;
        }
        $r_key = strtolower($_asset_id . '_' . md5($s_id));
        $nagios_enabled = intval($s_values['nagios']['enabled']);
        $nagios_status = $nagios_enabled == 1 ? Asset_host_services::get_nagios_status_by_code($s_values['nagios']['status']) : '-';
        $ip_value = $_host->get_name() . ' (' . $s_values['ip'] . ')';
        $_s_data = array("DT_RowId" => $r_key, "DT_RowData" => array('p_id' => 40, 's_ip' => $s_values['ip'], 's_port' => $s_values['port'], 's_protocol' => $s_values['protocol']['id'], 's_name' => $s_values['service'], 'version' => $s_values['version'], 'nagios' => intval($s_values['nagios']['enabled']), 'source_id' => $s_values['source']['id']), "", $ip_value, $s_values['port'], $s_values['protocol']['name'], $s_values['service'], $nagios_status, $nagios_enabled, "");
        $data[] = $_s_data;
    }
}
$response['sEcho'] = $sec;
$response['iTotalRecords'] = $s_total;
$response['iTotalDisplayRecords'] = $s_total;
$response['aaData'] = $data;
echo json_encode($response);
$db->close();
/* End of file dt_services.php */
/* Location: /av_asset/common/providers/dt_services.php */