//echo '<td>'.$_SESSION['testcases'][$k].".php</td>"; } echo "<td>N/A</td>"; echo "</tr>"; } } ?> </tbody> </table> <br/> <br/> <?php } else { $scans = listScans(); $bots = loadBotsList(); $descEntries = loadLinksDesc(); //html_print_r($scans, '$scans'); echo "<br/><br/>"; //rsort($scans); //$brCount = 0; foreach ($scans as $scan) { // get a user agent, maybe I shouldn't store user agent in values //$scanEntries = saveScan($tokens[0]); $score = '%' . intval(100 * count($scan['pageVisits']) / count($descEntries)); $scan['score'] = $score; //html_print_r($scan, '$scan'); // is this scan performed by a bot listed in our list $isBot = false; foreach ($bots as $aBot) {
function _listScans($option) { $gala = param_num("gala"); $pos = param_num("pos"); #scandetails if ($gala && $pos) { $this->scan_details($gala, $pos); } #scanlist $page = param_num("page", 1); $rows = 20; $link_options = array(); if ($option == "targets") { $scanlistfilter =& $_SESSION['targetlistfilter']; $this->template->assign("showtargets", 1); $this->template->assign("scantitle", "Ziele suchen"); #zielsuche if ($_REQUEST['subaction'] == 'newsearch' && $scanlistfilter) { unset($_SESSION['targetlistfilter']); unset($scanlistfilter); } /* if ($_REQUEST['subaction'] == "search") { $scanlistfilter['exen'] = param_num("exen"); $scanlistfilter['punkte'] = param_num("punkte"); } */ if (!$scanlistfilter || $_POST['subaction'] == "search") { $form = new formContainer(); $form->add(new formInput("exen", "Exenmindestanzahl", "numeric", true, 10, true)); $form->add(new formInput("macht", "Machtmindestwert", "numeric", true, 10, true)); $form->add(new formCheckbox("hideold", "Alte Scans nicht berücksichtigen", "numeric", array(1), false)); if ($_POST['send']) { $form->submit(); if (!$form->hasErrors()) { if ($form->get("macht")) { $scanlistfilter['macht'] = $form->get("macht"); } if ($form->get("exen")) { $scanlistfilter['exen'] = $form->get("exen"); } $scanlistfilter['sort'] = "exen"; $scanlistfilter['order'] = "desc"; $scanlistfilter['hassektor'] = "1"; $scanlistfilter['hideold'] = $form->get("hideold"); $scanlistfilter['except_galas'] = getGalaList(true); $this->_header("scans.php?action=targets&send"); } } else { $form->select("hideold", 1); } $form->registerVars($this->template); $this->show('scan_target_form', 'Ziele suchen'); } #sortierung if ($_REQUEST['sort'] && $_REQUEST['order'] && $scanlistfilter) { $sort = trim($_REQUEST['sort']); $order = trim($_REQUEST['order']); if ($sort != 'koords' && $sort != 'exen') { $sort = 'koords'; } if ($order != "asc" && $order != "desc") { $order = "asc"; } $scanlistfilter['sort'] = $sort; $scanlistfilter['order'] = $order; } $link_options[] = "action=targets"; $link2 = "?action=targets"; #normale Scananzeige, galaweise } else { $scanlistfilter =& $_SESSION['scanlistfilter']; $this->template->assign("scantitle", "Scans"); if (!$scanlistfilter) { $scanlistfilter['gala'] = 1; $scanlistfilter['sort'] = "koords"; $scanlistfilter['order'] = "asc"; $scanlistfilter['hideold'] = 1; } #alte einblenden/ausblenden if (isset($_REQUEST["hideold"]) && is_numeric($_REQUEST["hideold"])) { $scanlistfilter['hideold'] = $_REQUEST["hideold"]; } $hideold = $scanlistfilter["hideold"]; if ($hideold) { $title = "Alle Anzeigen"; $subtitle = "Zeigt alle Scans an"; $param = 0; } else { $title = "Alte Ausblenden"; $subtitle = "Scans die älter als 1 Tag sind werden nicht angezeigt"; $param = 1; } $this->template->assign("hideoldtitle", $title); $this->template->assign("hideoldparam", $param); $this->template->assign("hideoldsubtitle", $subtitle); #neue gala anzeigen if ($gala = param_num("gala")) { $scanlistfilter['gala'] = $gala; } else { $gala = $scanlistfilter["gala"]; } if ($this->userdata["gid"] == 1) { $hideblock = false; } else { $hideblock = true; } $next = getNextGala($gala, $hideold, $hideblock); $prev = getPrevGala($gala, $hideold, $hideblock); if ($next && $prev) { #gala suche anzeigen $this->template->assign("showform", 1); } #zeigen beide auf die selbe, -> die aktuelle if ($next == $prev && $next == $gala) { unset($prev); unset($next); } $this->template->assign("prev", $prev); $this->template->assign("next", $next); #sortierung if ($_REQUEST['sort'] && $_REQUEST['order'] && $scanlistfilter) { $sort = trim($_REQUEST['sort']); $order = trim($_REQUEST['order']); if ($sort != 'koords' && $sort != 'exen') { $sort = 'koords'; } if ($order != "asc" && $order != "desc") { $order = "asc"; } $scanlistfilter['sort'] = $sort; $scanlistfilter['order'] = $order; } $link_options[] = "gala=" . $scanlistfilter['gala']; } #mili & news ausklappen $expand = param_num("expand"); #scans holen $this->forms['scanlist'][$scanlistfilter['sort']][$scanlistfilter['order']] = '_active'; $scanlist = listScans($scanlistfilter, &$pages, &$page, $rows); for ($i = 0; $i < count($scanlist); $i++) { $scanlist[$i]['backlink'] = "&backlink=" . urlencode("scans.php?" . join("&", $link_options) . "#" . $scanlist[$i]['sid']); $scanlist[$i]['expand_backlink'] = "&backlink=" . urlencode("scans.php?" . join("&", $link_options) . "&expand=" . $scanlist[$i]['sid'] . "#" . $scanlist[$i]['sid']); #mili oder news ausklappen if ($scanlist[$i]['sid'] == $expand) { $scanlist[$i]['expand'] = 1; } if ($scanlist[$i]['uid']) { if ($scanlist[$i]['uid'] == $this->userdata['uid']) { $scanlist[$i]['atter_class'] = "green"; } else { $scanlist[$i]['atter_class'] = "red"; } } $scanlist[$i] = scan_format($scanlist[$i]); } $this->forms['scanlist']['pages'] = showPageBar($page, $pages, "scans.php" . $link2, "page", "menu"); $this->forms['scanlist']['gala'] = $scanlistfilter['gala']; $this->template->assign('scanlist', $scanlist); $this->template->assign('page', $page); $this->show('scan_list', 'Scans'); }
/** * Scanansicht von einem Att **/ function Attack_view() { if (!($attid = param_num("id")) || !($attplan = attack_get($attid))) { $this->_header(); } $form = new formContainer(); $attplan['isadmin'] = $this->userdata['uid'] == $attplan['owner'] || $this->_checkUserRights("attorga"); if (!$attplan['isopen'] && !$attplan['isadmin']) { $this->_header(); } $galalist = attack_gala_list($attid); // ziele vorhanden ? if ($galalist) { $list = array(); foreach ($galalist as $item) { $list[] = array("value" => $item['gala'], "title" => $item['gala']); } $form->add(new formSelectBox("gala", "Galaxie", "numeric", $list, false)); if ($_POST['send'] && $_POST['subaction'] == "changegala") { $form->submit(); if (!$form->hasErrors()) { $_SESSION['attplanfilter'][$attid]['gala'] = $form->get("gala"); } $gala = $form->get("gala"); } else { if ($_SESSION['attplanfilter'][$attid]['gala']) { $form->select("gala", $_SESSION['attplanfilter'][$attid]['gala']); $gala = $_SESSION['attplanfilter'][$attid]['gala']; } else { $gala = $galalist[0]['gala']; } } $sids = target_list(array("gala" => $gala), "sid"); $scanlist = listScans(array("sids" => $sids, "order" => "asc", "sort" => "koords", "hassektor" => true, "showattackscans" => true), &$pages, 1, 15); for ($i = 0; $i < count($scanlist); $i++) { $scanlist[$i]['backlink'] = "&backlink=" . urlencode("attplan.php?action=view&id=" . $attid . "#" . $scanlist[$i]['sid']); $scanlist[$i]['expand_backlink'] = "&backlink=" . urlencode("attplan.php?action=view&id=" . $attid . "&expand=" . $scanlist[$i]['sid'] . "#" . $scanlist[$i]['sid']); #mili oder news ausklappen if ($scanlist[$i]['sid'] == $expand) { $scanlist[$i]['expand'] = 1; } if ($scanlist[$i]['uid']) { if ($this->userdata['uid'] == $scanlist[$i]['uid'] || $this->_checkUserRights("attorga")) { $scanlist[$i]['candelete'] = true; } if ($this->userdata['uid'] == $scanlist[$i]['uid']) { $scanlist[$i]['reserveclass'] = "green"; } else { $scanlist[$i]['reserveclass'] = "red"; } } else { $scanlist[$i]['canreserve'] = true; } $scanlist[$i] = scan_format($scanlist[$i]); } $this->template->assign("scanlist", $scanlist); $this->template->assign("hastargets", true); $this->template->assign("selectedgala", $gala); } $form->registerVars($this->template); $this->template->assign("attplan", $attplan); $this->template->assign("type", "ziele"); $this->show("attplan_view", "Angriffsplan"); }
function saveScan($data, $record = '') { global $db; if ($record == '') { $record = $_SESSION['scan']['record']; } else { $record = str_replace('/', '', $record); $record = str_replace('\\', '', $record); $record = str_replace('.', '', $record); } /* $scan is an array. it's keys are URIs and values are arrays in those arrays, individual items are stored as key/value pairs */ //html_print_r($_SESSION, '$_SESSION'); if (DATASTORE == 'db') { // add database version loaddb(); $sql = "INSERT INTO scans (record, ipaddress, starttime) VALUES ('" . mysql_escape_string($record) . "'," . mysql_escape_string(ip2long($_SESSION['scan']['ipaddress'])) . "," . mysql_escape_string($_SESSION['scan']['starttime']) . ")"; //html_print_r($sql, '$sql'); $rs = mysql_query($sql, $db); //mysql_free_result($rs); } else { // using temp files // a little bit of a check!!! $scans = listScans(); if (count($scans) > 3000) { echo "<b>ERROR: Too many statistics collected on the system. Please contact the author: bedirhanurgun at gmail dot com</b>"; return; } $filename = $_SESSION['statisticsdir'] . $record . ".dat"; if (file_put_contents($filename, serialize($data))) { } else { echo "Could not save record"; //"cant open file : " . $_SESSION['statisticsdir'] . $filename . ".dat"; } } }