Beispiel #1
0
    exit;
}
switch ($action) {
    case 'delete_netgroup':
        $name = explode(";", POST('name'));
        foreach ($name as $netgroup_id) {
            ossim_valid($netgroup_id, OSS_HEX, 'illegal:' . _('Network group'));
            if (ossim_error()) {
                $data['status'] = 'error';
                $data['data'] = ossim_get_error_clean();
                echo json_encode($data);
                exit;
            }
        }
        $db = new ossim_db();
        $conn = $db->connect();
        $data['status'] = 'OK';
        $data['data'] = _('Network group removed successfully');
        foreach ($name as $netgroup_id) {
            if (Net_group::can_delete($conn, $netgroup_id)) {
                Net_group::delete($conn, $netgroup_id);
                Net_group_scan::delete($conn, $netgroup_id, 3001);
            } else {
                $data['status'] = 'error';
                $data['data'] = _('Error! Network group could not be removed. This network group belongs to a policy');
            }
        }
        $db->close();
        break;
}
echo json_encode($data);
Beispiel #2
0
		<?php 
    echo gettext("No");
    ?>
 </a>
    </p>
<?php 
    exit;
}
require_once 'ossim_db.inc';
require_once 'classes/Net_group.inc';
require_once 'classes/Net_group_scan.inc';
$db = new ossim_db();
$conn = $db->connect();
if (Net_group::can_delete($conn, $name)) {
    Net_group::delete($conn, $name);
    Net_group_scan::delete($conn, $name, 3001);
} else {
    echo "ERROR_CANNOT";
}
$db->close($conn);
?>

    <p> <?php 
echo gettext("Network group deleted");
?>
 </p>
    <p><a href="netgroup.php"><?php 
echo gettext("Back");
?>
 </a></p>
    <?php 
Beispiel #3
0
function show_form()
{
    global $sensor_list;
    global $net_group_list;
    global $host_group_list;
    global $hosts_list;
    global $nets_list;
    global $conn;
    global $sensor_index;
    global $net_group_index;
    global $host_group_index;
    global $hosts_index;
    global $nets_index;
    $global_i = 0;
    $num = count($sensor_list);
    if ($num > 20) {
        $cols = 5;
    } else {
        $cols = 3;
    }
    $rows = intval($num / $cols) + 1;
    $num_ng = count($net_group_list);
    if ($num_ng > 20) {
        $cols = 5;
    } else {
        $cols = 3;
    }
    $rows_ng = intval($num_ng / $cols) + 1;
    $num_hg = count($host_group_list);
    if ($num_hg > 20) {
        $cols = 5;
    } else {
        $cols = 3;
    }
    $rows_hg = intval($num_hg / $cols) + 1;
    $num_hs = count($hosts_list);
    if ($num_hs > 20) {
        $cols = 5;
    } else {
        $cols = 3;
    }
    $rows_hs = intval($num_hs / $cols) + 1;
    $num_ns = count($nets_list);
    if ($num_ns > 20) {
        $cols = 5;
    } else {
        $cols = 3;
    }
    $rows_ns = intval($num_ns / $cols) + 1;
    if ($num_ns + $num_hs + $num_hg + $num_ng > 20) {
        $cols_full = 5;
    } else {
        $cols_full = 3;
    }
    ?>
	<h3><center> <?php 
    echo _("Select sensors for this scan");
    ?>
 </center></h3>
<ul>
<?php 
    $group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
    foreach ($group_scan_list as $group_scan) {
        $net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name());
        echo "\n<script>\n";
        echo "var " . $group_scan->get_net_group_name() . " = true;\n";
        echo "</script>\n";
        $sensor_string = "";
        foreach ($net_group_sensors as $ng_sensor => $name) {
            if ($sensor_string == "") {
                $sensor_string .= $sensor_index[$name];
            } else {
                $sensor_string .= "," . $sensor_index[$name];
            }
        }
        $nets_string = "";
        $nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS);
        foreach ($nets as $net) {
            $name = $net->get_net_name();
            if ($nets_string == "") {
                $nets_string .= $nets_index[$name];
            } else {
                $nets_string .= "," . $nets_index[$name];
            }
        }
        print "<li><a href=\"#\" onClick=\"return selectSomeNets('" . $group_scan->get_net_group_name() . "','" . $sensor_string . "','" . $nets_string . "');\">" . $group_scan->get_net_group_name() . "</a>";
    }
    $group_scan_list = Host_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
    foreach ($group_scan_list as $group_scan) {
        $host_group_sensors = Host_group::get_sensors($conn, $group_scan->get_host_group_name());
        echo "\n<script>\n";
        echo "var " . $group_scan->get_host_group_name() . " = true;\n";
        echo "</script>\n";
        $sensor_string = "";
        foreach ($host_group_sensors as $hg_sensor) {
            $name = $hg_sensor->get_sensor_name();
            if ($sensor_string == "") {
                $sensor_string .= $sensor_index[$name];
            } else {
                $sensor_string .= "," . $sensor_index[$name];
            }
        }
        $hosts_string = "";
        $hosts = Host_group::get_hosts($conn, $group_scan->get_host_group_name(), NESSUS);
        foreach ($hosts as $host) {
            $name = $host->get_host_name($conn);
            if ($hosts_string == "") {
                $hosts_string .= $hosts_index[$name];
            } else {
                $hosts_string .= "," . $hosts_index[$name];
            }
        }
        print "<li><a href=\"#\" onClick=\"return selectSomeHosts('" . $group_scan->get_host_group_name() . "','" . $sensor_string . "','" . $hosts_string . "');\">" . $group_scan->get_host_group_name() . "</a>";
    }
    ?>
</ul>
	<form action="<?php 
    echo $_SERVER["SCRIPT_NAME"];
    ?>
" method="POST">
<p>
<?php 
    echo _("Please adjust incident creation threshold, incidents will only be created for vulnerabilities whose risk level exceeds the threshold.");
    ?>
<br/>
<?php 
    echo _("It is recommended to set a high level at the beginning in order to concentrate on more critical vulnerabilities first, lowering it after having solved/tagged them as false positivies.");
    ?>
<br/>
<?php 
    echo _("Threshold configuration can be found at Configuration->Main, \"vulnerability_incident_threshold\".");
    ?>
&nbsp;
<?php 
    echo _("Current risk threshold is:");
    ?>
<b>
<?php 
    require_once 'ossim_conf.inc';
    $conf = $GLOBALS["CONF"];
    print $conf->get_conf("vulnerability_incident_threshold");
    ?>
</b>
</p>
	<h4><center> (<?php 
    echo _("Empty means all");
    ?>
) </center></h4>
	<center><a href="#" onClick="return selectAll();"><?php 
    echo _("Select / Unselect all");
    ?>
</a></center>
<br/>

<table width="100%" border="0" align="center"><tr><td>
	<input type="radio" name="groupType" value="sensor" checked onClick="selectGroup('sensor');"> Sensor &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
	<input type="radio" name="groupType" value="host" onClick="selectGroup('host');"> NetGroup / Nets / HostGroup / Hosts
</td></tr>
<tr><td>
        <div id="rowSensor">
        <table width="100%" align="left" border="0"><tr>
	<?php 
    for ($i = 1; $i <= $rows; $i++) {
        ?>
	<?php 
        for ($a = 0; $a < $cols && $global_i < $num; $a++) {
            $sensor = $sensor_list[$global_i];
            echo "<td width=\"" . intval(100 / $cols) . "%\">";
            $all['sensors'][] = "sensor" . $global_i;
            ?>
		<div align="left">
	        <input align="left" type="checkbox" id="<?php 
            echo "sensor" . $global_i;
            ?>
" name="<?php 
            echo "sensor" . $global_i;
            ?>
"
		               value="<?php 
            echo $sensor->get_ip();
            ?>
" /><?php 
            echo $sensor->get_name();
            ?>
</div></td>
	        <?php 
            $global_i++;
        }
        echo "</tr>\n";
        ?>
	    <?php 
    }
    echo "</table>\n";
    ?>
        </div>

	<div id="rowHost" style="display: none">
        <table width="100%" align="left" border="0">
        <tr>
	<th colspan="3">NetGroups</th></tr><tr>
	<?php 
    $global_ng = 0;
    for ($i = 1; $i <= $rows_ng; $i++) {
        ?>
        <?php 
        for ($a = 0; $a < $cols_full && $global_ng < $num_ng; $a++) {
            $netgroup = $net_group_list[$global_ng];
            echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
            $all['netgroups'][] = "netgroup" . $global_ng;
            ?>
            <div align="left">
            <input align="left" type="checkbox" id="<?php 
            echo "netgroup" . $global_ng;
            ?>
" name="netgroupList[]"
                   value="<?php 
            echo $netgroup->get_name();
            ?>
" /><?php 
            echo $netgroup->get_name($conn);
            ?>
</div></td>
		 <?php 
            $global_ng++;
        }
        echo "</tr>\n";
        ?>
            <tr>
    <?php 
    }
    ?>

	<th colspan="3">HostGroups</th></tr><tr>

        <?php 
    $global_hg = 0;
    for ($i = 1; $i <= $rows_hg; $i++) {
        for ($a = 0; $a < $cols_full && $global_hg < $num_hg; $a++) {
            $hostgroup = $host_group_list[$global_hg];
            echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
            $all['hostgroups'][] = "hostgroup" . $global_hg;
            ?>
                <div align="left">
                <input align="left" type="checkbox" id="<?php 
            echo "hostgroup" . $global_hg;
            ?>
" name="hostgroupList[]"
                               value="<?php 
            echo $hostgroup->get_name();
            ?>
" /><?php 
            echo $hostgroup->get_name($conn);
            ?>
</div></td>
                 <?php 
            $global_hg++;
        }
        echo "</tr>\n";
        ?>
           <tr>
	   <?php 
    }
    ?>

	<th colspan="3">Nets</th></tr><tr>
        
        <?php 
    $global_ns = 0;
    for ($i = 1; $i <= $rows_ns; $i++) {
        ?>
        <?php 
        for ($a = 0; $a < $cols_full && $global_ns < $num_ns; $a++) {
            $nets = $nets_list[$global_ns];
            echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
            $all['nets'][] = "net" . $global_ns;
            ?>
                <div align="left">
                <input align="left" type="checkbox" id="<?php 
            echo "net" . $global_ns;
            ?>
" name="netList[]"
                               value="<?php 
            echo $nets->get_name();
            ?>
" /><?php 
            echo $nets->get_name($conn);
            ?>
</div></td>
                 <?php 
            $global_ns++;
        }
        echo "</tr>\n";
        ?>
           <tr>
	     <?php 
    }
    ?>

	<th colspan="3">Hosts</th></tr><tr>

        <?php 
    $global_hs = 0;
    for ($i = 1; $i <= $rows_hs; $i++) {
        ?>
        <?php 
        for ($a = 0; $a < $cols_full && $global_hs < $num_hs; $a++) {
            $hosts = $hosts_list[$global_hs];
            echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
            $all['hosts'][] = "host" . $global_hs;
            ?>
                <div align="left">
                <input align="left" type="checkbox" id="<?php 
            echo "host" . $global_hs;
            ?>
" name="hostList[]"
                               value="<?php 
            echo $hosts->get_host_ip();
            ?>
" /><?php 
            echo $hosts->get_name($conn);
            ?>
</div></td>
                 <?php 
            $global_hs++;
        }
        echo "</tr>\n";
        ?>
            <?php 
    }
    echo "</table>\n";
    ?>
        </div>	

</td></tr></table>
<br>
<center>
<input type="hidden" name="nsensors" value="<?php 
    echo $global_i;
    ?>
" />
<input type="Submit" class="button" value="<?php 
    echo _("Submit");
    ?>
">
</center>
</form>
<center><a href="index.php"> <?php 
    echo gettext("Back");
    ?>
 </a></center>
<script>
var check_sensors = true;
var check_nethost = true;
var scanType = 'sensor';

function selectAll()
{

if (scanType  == 'sensor') {
    <?php 
    if (count($all['sensors']) != 0) {
        foreach ($all['sensors'] as $id) {
            ?>
        document.getElementById('<?php 
            echo $id;
            ?>
').checked = check_sensors;
    <?php 
        }
    }
    ?>
        check_sensors = check_sensors == false ? true : false;
    }
else {
    <?php 
    if (count($all['netgroups']) != 0) {
        foreach ($all['netgroups'] as $id) {
            ?>
        document.getElementById('<?php 
            echo $id;
            ?>
').checked = check_nethost;
    <?php 
        }
    }
    ?>
    <?php 
    if (count($all['hostgroups']) != 0) {
        foreach ($all['hostgroups'] as $id) {
            ?>
        document.getElementById('<?php 
            echo $id;
            ?>
').checked = check_nethost;
    <?php 
        }
    }
    ?>
    <?php 
    if (count($all['nets']) != 0) {
        foreach ($all['nets'] as $id) {
            ?>
        document.getElementById('<?php 
            echo $id;
            ?>
').checked = check_nethost;
    <?php 
        }
    }
    ?>
    <?php 
    if (count($all['hosts']) != 0) {
        foreach ($all['hosts'] as $id) {
            ?>
        document.getElementById('<?php 
            echo $id;
            ?>
').checked = check_nethost;
    <?php 
        }
    }
    ?>
        check_nethost = check_nethost == false ? true : false;
     }
return false;
}

function selectSomeNets(name, identifiersSensors, identifiersNets)
{

if (identifiersSensors.length != 0) {
	arrayOfStringsSensor = identifiersSensors.split(",");
	for (var i=0; i < arrayOfStringsSensor.length; i++) {
	document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name];
	}
}

if (identifiersNets.length != 0) {
	arrayOfStringsNets = identifiersNets.split(",");
	for (var i=0; i < arrayOfStringsNets.length; i++) {
	document.getElementById("net" + arrayOfStringsNets[i]).checked = window[name];
	}
}

window[name] = window[name] == false ? true : false;
return false;

} 

function selectSomeHosts(name, identifiersSensors, identifiersHosts)
{

if (identifiersSensors.length != 0) {
	arrayOfStringsSensor = identifiersSensors.split(",");
	for (var i=0; i < arrayOfStringsSensor.length; i++) {
	document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name];
	}	
}

if (identifiersHosts.length != 0) {
	arrayOfStringsHosts = identifiersHosts.split(",");
	for (var i=0; i < arrayOfStringsHosts.length; i++) {
	document.getElementById("host" + arrayOfStringsHosts[i]).checked = window[name];
	}
}

window[name] = window[name] == false ? true : false;
return false;

}

function selectGroup(category)

{
    if (category == 'sensor') {
	document.getElementById("rowHost").style.display = 'none';
        document.getElementById("rowSensor").style.display = 'block';
    } else {
        document.getElementById("rowHost").style.display = 'block';
        document.getElementById("rowSensor").style.display = 'none';
    }

scanType = category;
}
 
</script>
</body>
</html>
<?php 
}
Beispiel #4
0
     $cols = 3;
 }
 $rows_hs = intval($num_hs / $cols) + 1;
 $num_ns = count($nets_list);
 if ($num_ns > 20) {
     $cols = 5;
 } else {
     $cols = 3;
 }
 $rows_ns = intval($num_ns / $cols) + 1;
 if ($num_ns + $num_hs + $num_hg + $num_ng > 20) {
     $cols_full = 5;
 } else {
     $cols_full = 3;
 }
 $group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
 foreach ($group_scan_list as $group_scan) {
     $net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name());
     echo "\n<script>\n";
     echo "var " . $group_scan->get_net_group_name() . " = true;\n";
     echo "</script>\n";
     $sensor_string = "";
     foreach ($net_group_sensors as $ng_sensor => $name) {
         if ($sensor_string == "") {
             $sensor_string .= $sensor_index[$name];
         } else {
             $sensor_string .= "," . $sensor_index[$name];
         }
     }
     $nets_string = "";
     $nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS);
Beispiel #5
0
}
ossim_valid($nessus_action, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Nessus action"));
ossim_valid($net_group_name, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Net group name"));
ossim_valid($order, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Order"));
ossim_valid($page, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("page"));
ossim_valid($rp, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("rp"));
ossim_valid($search, OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("search"));
ossim_valid($field, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("field"));
if (ossim_error()) {
    die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
if (!empty($nessus_action) and !empty($net_group_name)) {
    if ($nessus_action == "toggle") {
        $nessus_action = ($scan_list = Net_group_scan::get_list($conn, "WHERE net_group_name = '{$net_group_name}' AND plugin_id = 3001")) ? "disable" : "enable";
    }
    if ($nessus_action == "enable") {
        Net_group::enable_nessus($conn, $net_group_name);
    } elseif ($nessus_action = "disable") {
        Net_group::disable_nessus($conn, $net_group_name);
    }
}
if (empty($order)) {
    $order = "name";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$where = "";
if (!empty($search) && !empty($field)) {
    $where = "name LIKE '%{$search}%'";
Beispiel #6
0
</head>

<body>
    <?php 
if (POST('insert') && empty($data['data']['id'])) {
    if ($data['status'] == 'error') {
        $txt_error = "<div>" . _("The following errors occurred") . ":</div>\n    \t\t\t\t\t  <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $validation_errors) . "</div>";
        $config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
        $nt = new Notification('nt_1', $config_nt);
        $nt->show();
        exit;
    }
    $db = new ossim_db();
    $conn = $db->connect();
    Net_group::update($conn, $id, $ctx, $ngname, $rrd_profile, $networks, $descr);
    Net_group_scan::delete($conn, $id, 3001);
    $db->close();
    Util::memcacheFlush();
    ?>
    	
    	<script type='text/javascript'>
            if (!parent.is_lightbox_loaded(window.name))
            {
                document.location.href="netgroup.php?msg=created";
            }
            else
            {
                document.location.href="netgroup_form.php?id=<?php 
    echo $id;
    ?>
&msg=saved";