//echo '<td>'.$_SESSION['testcases'][$k].".php</td>";
}
echo "<td>N/A</td>";
echo "</tr>";
}
}
?>
</tbody>
</table>
<br/>
<br/>
<?php
} else {
$scans = listScans();
$bots = loadBotsList();
$descEntries = loadLinksDesc();
//html_print_r($scans, '$scans');
echo "<br/><br/>";
//rsort($scans);
//$brCount = 0;
foreach ($scans as $scan) {
// get a user agent, maybe I shouldn't store user agent in values
//$scanEntries = saveScan($tokens[0]);
$score = '%' . intval(100 * count($scan['pageVisits']) / count($descEntries));
$scan['score'] = $score;
//html_print_r($scan, '$scan');
// is this scan performed by a bot listed in our list
$isBot = false;
foreach ($bots as $aBot) {
function _listScans($option)
{
$gala = param_num("gala");
$pos = param_num("pos");
#scandetails
if ($gala && $pos) {
$this->scan_details($gala, $pos);
}
#scanlist
$page = param_num("page", 1);
$rows = 20;
$link_options = array();
if ($option == "targets") {
$scanlistfilter =& $_SESSION['targetlistfilter'];
$this->template->assign("showtargets", 1);
$this->template->assign("scantitle", "Ziele suchen");
#zielsuche
if ($_REQUEST['subaction'] == 'newsearch' && $scanlistfilter) {
unset($_SESSION['targetlistfilter']);
unset($scanlistfilter);
}
/* if ($_REQUEST['subaction'] == "search") {
$scanlistfilter['exen'] = param_num("exen");
$scanlistfilter['punkte'] = param_num("punkte");
}
*/
if (!$scanlistfilter || $_POST['subaction'] == "search") {
$form = new formContainer();
$form->add(new formInput("exen", "Exenmindestanzahl", "numeric", true, 10, true));
$form->add(new formInput("macht", "Machtmindestwert", "numeric", true, 10, true));
$form->add(new formCheckbox("hideold", "Alte Scans nicht berücksichtigen", "numeric", array(1), false));
if ($_POST['send']) {
$form->submit();
if (!$form->hasErrors()) {
if ($form->get("macht")) {
$scanlistfilter['macht'] = $form->get("macht");
}
if ($form->get("exen")) {
$scanlistfilter['exen'] = $form->get("exen");
}
$scanlistfilter['sort'] = "exen";
$scanlistfilter['order'] = "desc";
$scanlistfilter['hassektor'] = "1";
$scanlistfilter['hideold'] = $form->get("hideold");
$scanlistfilter['except_galas'] = getGalaList(true);
$this->_header("scans.php?action=targets&send");
}
} else {
$form->select("hideold", 1);
}
$form->registerVars($this->template);
$this->show('scan_target_form', 'Ziele suchen');
}
#sortierung
if ($_REQUEST['sort'] && $_REQUEST['order'] && $scanlistfilter) {
$sort = trim($_REQUEST['sort']);
$order = trim($_REQUEST['order']);
if ($sort != 'koords' && $sort != 'exen') {
$sort = 'koords';
}
if ($order != "asc" && $order != "desc") {
$order = "asc";
}
$scanlistfilter['sort'] = $sort;
$scanlistfilter['order'] = $order;
}
$link_options[] = "action=targets";
$link2 = "?action=targets";
#normale Scananzeige, galaweise
} else {
$scanlistfilter =& $_SESSION['scanlistfilter'];
$this->template->assign("scantitle", "Scans");
if (!$scanlistfilter) {
$scanlistfilter['gala'] = 1;
$scanlistfilter['sort'] = "koords";
$scanlistfilter['order'] = "asc";
$scanlistfilter['hideold'] = 1;
}
#alte einblenden/ausblenden
if (isset($_REQUEST["hideold"]) && is_numeric($_REQUEST["hideold"])) {
$scanlistfilter['hideold'] = $_REQUEST["hideold"];
}
$hideold = $scanlistfilter["hideold"];
if ($hideold) {
$title = "Alle Anzeigen";
$subtitle = "Zeigt alle Scans an";
$param = 0;
} else {
$title = "Alte Ausblenden";
$subtitle = "Scans die älter als 1 Tag sind werden nicht angezeigt";
$param = 1;
}
$this->template->assign("hideoldtitle", $title);
$this->template->assign("hideoldparam", $param);
$this->template->assign("hideoldsubtitle", $subtitle);
#neue gala anzeigen
if ($gala = param_num("gala")) {
$scanlistfilter['gala'] = $gala;
} else {
$gala = $scanlistfilter["gala"];
}
if ($this->userdata["gid"] == 1) {
$hideblock = false;
} else {
$hideblock = true;
}
$next = getNextGala($gala, $hideold, $hideblock);
$prev = getPrevGala($gala, $hideold, $hideblock);
if ($next && $prev) {
#gala suche anzeigen
$this->template->assign("showform", 1);
}
#zeigen beide auf die selbe, -> die aktuelle
if ($next == $prev && $next == $gala) {
unset($prev);
unset($next);
}
$this->template->assign("prev", $prev);
$this->template->assign("next", $next);
#sortierung
if ($_REQUEST['sort'] && $_REQUEST['order'] && $scanlistfilter) {
$sort = trim($_REQUEST['sort']);
$order = trim($_REQUEST['order']);
if ($sort != 'koords' && $sort != 'exen') {
$sort = 'koords';
}
if ($order != "asc" && $order != "desc") {
$order = "asc";
}
$scanlistfilter['sort'] = $sort;
$scanlistfilter['order'] = $order;
}
$link_options[] = "gala=" . $scanlistfilter['gala'];
}
#mili & news ausklappen
$expand = param_num("expand");
#scans holen
$this->forms['scanlist'][$scanlistfilter['sort']][$scanlistfilter['order']] = '_active';
$scanlist = listScans($scanlistfilter, &$pages, &$page, $rows);
for ($i = 0; $i < count($scanlist); $i++) {
$scanlist[$i]['backlink'] = "&backlink=" . urlencode("scans.php?" . join("&", $link_options) . "#" . $scanlist[$i]['sid']);
$scanlist[$i]['expand_backlink'] = "&backlink=" . urlencode("scans.php?" . join("&", $link_options) . "&expand=" . $scanlist[$i]['sid'] . "#" . $scanlist[$i]['sid']);
#mili oder news ausklappen
if ($scanlist[$i]['sid'] == $expand) {
$scanlist[$i]['expand'] = 1;
}
if ($scanlist[$i]['uid']) {
if ($scanlist[$i]['uid'] == $this->userdata['uid']) {
$scanlist[$i]['atter_class'] = "green";
} else {
$scanlist[$i]['atter_class'] = "red";
}
}
$scanlist[$i] = scan_format($scanlist[$i]);
}
$this->forms['scanlist']['pages'] = showPageBar($page, $pages, "scans.php" . $link2, "page", "menu");
$this->forms['scanlist']['gala'] = $scanlistfilter['gala'];
$this->template->assign('scanlist', $scanlist);
$this->template->assign('page', $page);
$this->show('scan_list', 'Scans');
}
/**
* Scanansicht von einem Att
**/
function Attack_view()
{
if (!($attid = param_num("id")) || !($attplan = attack_get($attid))) {
$this->_header();
}
$form = new formContainer();
$attplan['isadmin'] = $this->userdata['uid'] == $attplan['owner'] || $this->_checkUserRights("attorga");
if (!$attplan['isopen'] && !$attplan['isadmin']) {
$this->_header();
}
$galalist = attack_gala_list($attid);
// ziele vorhanden ?
if ($galalist) {
$list = array();
foreach ($galalist as $item) {
$list[] = array("value" => $item['gala'], "title" => $item['gala']);
}
$form->add(new formSelectBox("gala", "Galaxie", "numeric", $list, false));
if ($_POST['send'] && $_POST['subaction'] == "changegala") {
$form->submit();
if (!$form->hasErrors()) {
$_SESSION['attplanfilter'][$attid]['gala'] = $form->get("gala");
}
$gala = $form->get("gala");
} else {
if ($_SESSION['attplanfilter'][$attid]['gala']) {
$form->select("gala", $_SESSION['attplanfilter'][$attid]['gala']);
$gala = $_SESSION['attplanfilter'][$attid]['gala'];
} else {
$gala = $galalist[0]['gala'];
}
}
$sids = target_list(array("gala" => $gala), "sid");
$scanlist = listScans(array("sids" => $sids, "order" => "asc", "sort" => "koords", "hassektor" => true, "showattackscans" => true), &$pages, 1, 15);
for ($i = 0; $i < count($scanlist); $i++) {
$scanlist[$i]['backlink'] = "&backlink=" . urlencode("attplan.php?action=view&id=" . $attid . "#" . $scanlist[$i]['sid']);
$scanlist[$i]['expand_backlink'] = "&backlink=" . urlencode("attplan.php?action=view&id=" . $attid . "&expand=" . $scanlist[$i]['sid'] . "#" . $scanlist[$i]['sid']);
#mili oder news ausklappen
if ($scanlist[$i]['sid'] == $expand) {
$scanlist[$i]['expand'] = 1;
}
if ($scanlist[$i]['uid']) {
if ($this->userdata['uid'] == $scanlist[$i]['uid'] || $this->_checkUserRights("attorga")) {
$scanlist[$i]['candelete'] = true;
}
if ($this->userdata['uid'] == $scanlist[$i]['uid']) {
$scanlist[$i]['reserveclass'] = "green";
} else {
$scanlist[$i]['reserveclass'] = "red";
}
} else {
$scanlist[$i]['canreserve'] = true;
}
$scanlist[$i] = scan_format($scanlist[$i]);
}
$this->template->assign("scanlist", $scanlist);
$this->template->assign("hastargets", true);
$this->template->assign("selectedgala", $gala);
}
$form->registerVars($this->template);
$this->template->assign("attplan", $attplan);
$this->template->assign("type", "ziele");
$this->show("attplan_view", "Angriffsplan");
}
function saveScan($data, $record = '')
{
global $db;
if ($record == '') {
$record = $_SESSION['scan']['record'];
} else {
$record = str_replace('/', '', $record);
$record = str_replace('\\', '', $record);
$record = str_replace('.', '', $record);
}
/*
$scan is an array. it's keys are URIs and values are arrays
in those arrays, individual items are stored as key/value pairs
*/
//html_print_r($_SESSION, '$_SESSION');
if (DATASTORE == 'db') {
// add database version
loaddb();
$sql = "INSERT INTO scans (record, ipaddress, starttime) VALUES ('" . mysql_escape_string($record) . "'," . mysql_escape_string(ip2long($_SESSION['scan']['ipaddress'])) . "," . mysql_escape_string($_SESSION['scan']['starttime']) . ")";
//html_print_r($sql, '$sql');
$rs = mysql_query($sql, $db);
//mysql_free_result($rs);
} else {
// using temp files
// a little bit of a check!!!
$scans = listScans();
if (count($scans) > 3000) {
echo "<b>ERROR: Too many statistics collected on the system. Please contact the author: bedirhanurgun at gmail dot com</b>";
return;
}
$filename = $_SESSION['statisticsdir'] . $record . ".dat";
if (file_put_contents($filename, serialize($data))) {
} else {
echo "Could not save record";
//"cant open file : " . $_SESSION['statisticsdir'] . $filename . ".dat";
}
}
}
