function get_indicators_from_map($conn, $map) { Ossim_db::check_connection($conn); $indicators = array(); $query = "SELECT * FROM risk_indicators WHERE map = UNHEX(?)"; $params = array($map); $rs = $conn->Execute($query, $params); if (!$rs) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } while (!$rs->EOF) { if (is_indicator_allowed($conn, $rs->fields['type'], $rs->fields['type_name'])) { $id = $rs->fields['id']; $indicators[$id] = format_indicator($conn, $rs->fields); } $rs->MoveNext(); } return $indicators; }
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck('environment-menu', 'PolicyHosts'); //CPE Types $_cpe_types = array('os' => 'o', 'hardware' => 'h', 'software' => 'a'); $_cpe = GET('q'); $_cpe_type = GET('cpe_type'); ossim_valid($_cpe, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, 'illegal:' . _('CPE')); ossim_valid($_cpe_type, 'os | software | hardware', 'illegal:' . _('CPE Type')); if (ossim_error() || !array_key_exists($_cpe_type, $_cpe_types)) { exit; } $db = new Ossim_db(); $conn = $db->connect(); $_cpe = escape_sql($_cpe, $conn); $filters = array('where' => "`cpe` LIKE 'cpe:/" . $_cpe_types[$_cpe_type] . "%' AND `line` LIKE '%{$_cpe}%'", 'limit' => 20); $software = new Software($conn, $filters); $db->close(); foreach ($software->get_software() as $cpe_info) { echo $cpe_info['cpe'] . '###' . $cpe_info['line'] . "\n"; } /* End of file search_cpe.php */
$name = $_SESSION['_actions']['name']; $cond = $_SESSION['_actions']['cond']; $on_risk = $_SESSION['_actions']['on_risk']; $email_from = $_SESSION['_actions']['email_from']; $email_to = $_SESSION['_actions']['email_to']; $email_subject = $_SESSION['_actions']['email_subject']; $email_message = $_SESSION['_actions']['email_message']; $exec_command = $_SESSION['_actions']['exec_command']; unset($_SESSION['_actions']); } else { $action_id = REQUEST('id'); ossim_valid($action_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Action ID')); if (ossim_error()) { die(ossim_error()); } list($db, $conn) = Ossim_db::get_conn_db(); $action_list = Action::get_list($conn, " AND id = UNHEX('{$action_id}')"); if (is_array($action_list)) { $action = $action_list[0]; } if (!is_null($action)) { $action_type = $action->get_action_type(); $ctx = $action->get_ctx(); $cond = Util::htmlentities($action->get_cond()); $on_risk = $action->is_on_risk(); $name = $action->get_name(); if (REQUEST('descr')) { $description = $descr; } else { $description = $action->get_descr(); }
} else { document.location.href = '/ossim/legal/download.php'; } }); <?php $pro = Session::is_pro(); $am_i_admin = Session::am_i_admin(); /* Remote Interfaces */ if ($pro && $am_i_admin) { $db = new Ossim_db(); $conn = $db->connect(); $aux_ri_interfaces = Remote_interface::get_list($conn, "WHERE status=1"); $ri_total = $aux_ri_interfaces[1]; if ($ri_total > 0) { ?> av_menu.add_ri_link(); <?php } } ?> $('#c_help img').click(function(event){ var width = 1024; var height = 768;
// Order by column switch ($order) { case 0: $order = 'port'; //Order by hostname break; case 1: $order = 'service'; //Order by IP break; default: $order = 'port'; } $torder = strtoupper($torder) == 'ASC' ? 'ASC' : 'DESC'; try { $db = new Ossim_db(); $conn = $db->connect(TRUE); $params = array('backlog_id' => $backlog_id, 'ip' => $asset_ip, 'source' => $source, 'limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}"); list($port_total, $port_list) = Alarm::get_alarm_port_by_ip($conn, $params); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $data = array(); foreach ($port_list as $p_data) { $service = empty($p_data['service']) ? '-' : $p_data['service']; $data[] = array($p_data['port'], $service); } $response['sEcho'] = $sec; $response['iTotalRecords'] = $port_total; $response['iTotalDisplayRecords'] = $port_total;
/** * This function gets the first allowed map available * * @param object $conn Database access object * * @return string */ function get_first_map_available($conn) { $map = NULL; Ossim_db::check_connection($conn); $query = "SELECT HEX(map) AS map, perm, name FROM risk_maps"; $rs = $conn->Execute($query); while (!$rs->EOF) { if (file_exists("maps/map" . $rs->fields['map'] . ".jpg") && is_map_allowed($rs->fields['perm'])) { $map = $rs->fields['map']; break; } $rs->MoveNext(); } return $map; }
* * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ ini_set('include_path', '/usr/share/ossim/include/'); error_reporting(0); ini_set("display_errors", "0"); ini_set('memory_limit', '2048M'); set_time_limit(0); require_once 'av_handlers.php'; function write_log($exp_type, $log_message = '') { echo '[' . gmdate('D M d h:i:s Y') . '] [' . $exp_type . '] ' . $log_message . "\n"; } // $db = new Ossim_db(); if (!@$db->test_connect()) { echo "[ERROR] Updating Software CPE: Unable to connect to DB"; exit - 1; } $conn = $db->connect(); $conn->Execute('DROP TABLE IF EXISTS `alienvault`.`software_cpe_aux`'); $query = "CREATE TABLE `alienvault`.`software_cpe_aux` (\n\t\t\t`cpe` VARCHAR( 255 ) NOT NULL,\n\t\t\t`name` VARCHAR( 255 ) NOT NULL,\n\t\t\t`version` VARCHAR( 255 ) NOT NULL,\n\t\t\t`line` VARCHAR( 255 ) NOT NULL,\n\t\t\t`vendor` VARCHAR( 255 ) NOT NULL,\n\t\t `plugin` VARCHAR(255) NOT NULL,\n\t\t\tPRIMARY KEY ( `cpe` ),\n\t\t\tINDEX `line` (`line` ASC),\n\t\t\tINDEX `search` (`vendor` ASC, `name` ASC, `version` ASC)\n\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8;"; $conn->Execute($query); $file = "/usr/share/ossim-cd-tools/cpe/official-cpe-dictionary.xml"; if (file_exists($file)) { write_log('INFO', "Reading XML data from {$file}"); $cpe_list = @simplexml_load_file($file); if (!$cpe_list) { write_log('ERROR', 'Unable to open ' . $file . ' or invalid XML format'); $db->close();
$params = array($tag_type, session_id()); $rs = $conn->Execute($query, $params); if (!$rs) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } $tag_with_selected_components = array(); while (!$rs->EOF) { $tag_with_selected_components[$rs->fields['id']] = $rs->fields['total']; $rs->MoveNext(); } // Get total selected components by tag $query = 'SELECT * from user_component_filter WHERE asset_type = ? AND session_id = ?'; $params = array($tag_type, session_id()); $rs = $conn->Execute($query, $params); if (!$rs) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } $total_selected_components = Ossim_db::get_found_rows($conn, $query); foreach ($tag_with_selected_components as $tag_id => $tag_total) { $results[$tag_id]['mark_state'] = $tag_total < $total_selected_components ? 2 : 1; } } $response['status'] = 'OK'; $response['data'] = $results; } catch (Exception $e) { $response['status'] = 'error'; $response['data'] = $e->getMessage(); } $db->close(); echo json_encode($response); exit;