Example #1
0
function delete_nfsen_source($data)
{
    if (!Session::am_i_admin()) {
        $return['error'] = TRUE;
        $return['msg'] = _('Action not authorized');
        return $return;
    }
    require_once '../sensor/nfsen_functions.php';
    $sensor = $data['sensor'];
    ossim_valid($sensor, OSS_ALPHA, 'illegal:' . _('Nfsen Source'));
    if (ossim_error()) {
        $info_error = _('Error') . ': ' . ossim_get_error();
        ossim_clean_error();
        $return['error'] = TRUE;
        $return['msg'] = $info_error;
        return $return;
    }
    $res = delete_nfsen($sensor);
    if ($res['status'] == 'success') {
        $return['error'] = FALSE;
        $return['msg'] = _('Source deleted successfully');
        //To forcer load variables in session again
        unset($_SESSION['tab']);
    } else {
        $return['error'] = TRUE;
        $return['msg'] = $res['data'];
    }
    return $return;
}
function validate_post_params($conn, $name, $descr, $sids, $imported_sids)
{
    $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description")));
    ossim_valid($name, $vals['name']);
    ossim_valid($descr, $vals['descr']);
    $plugins = array();
    $sids = is_array($sids) ? $sids : array();
    if (intval(POST('pluginid')) > 0) {
        $sids[POST('pluginid')] = "0";
    }
    foreach ($sids as $plugin => $sids_str) {
        if ($sids_str !== '') {
            list($valid, $data) = Plugin_sid::validate_sids_str($sids_str);
            if (!$valid) {
                ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data);
                break;
            }
            if ($sids_str == "ANY") {
                $sids_str = "0";
            } else {
                $aux = count(explode(',', $sids_str));
                $total = Plugin_sid::get_sidscount_by_id($conn, $plugin);
                $sids_str = $aux == $total ? "0" : $sids_str;
            }
            $plugins[$plugin] = $sids_str;
        }
    }
    if (!count($plugins) && !count($imported_sids)) {
        ossim_set_error(_("No Data Sources or Event Types selected"));
    }
    if (ossim_error()) {
        die(ossim_error());
    }
    return array($name, $descr, $plugins);
}
Example #3
0
function die_error($msg = null, $append = null)
{
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html>
    <head>
        <title> <?php 
    echo gettext("OSSIM Framework");
    ?>
 </title>
        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
        <meta http-equiv="Pragma" content="no-cache"/>
        <link rel="stylesheet" type="text/css" href="../style/style.css"/>
    </head>
    <body>
    <?php 
    if ($msg) {
        ossim_set_error($msg);
    }
    echo ossim_error();
    echo '<table class="noborder transparent" align="center">
				<tr>
					<td class="nobborder"><input type="button" value="' . _("Back") . '" class="button" onclick="javascript:history.back()"/></td>
				</tr>
			  </table>';
    echo $append;
    ?>
    </body>
    </html>
    <?php 
    exit;
}
Example #4
0
function check_ossim_error()
{
    if (ossim_error()) {
        $error = ossim_get_error();
        ossim_clean_error();
        Av_exception::throw_error(Av_exception::USER_ERROR, $error);
    }
}
function draw_error($error)
{
    global $config, $login;
    $resp = new xajaxResponse();
    //return xajax_debug($error, $resp);
    $html = ossim_error($error);
    $resp->addAssign("errors", "innerHTML", $html);
    return $resp;
}
Example #6
0
function check_ossim_error($throw_excep = TRUE)
{
    if (ossim_error()) {
        $error = ossim_get_error();
        ossim_clean_error();
        if ($throw_excep) {
            Av_exception::throw_error(Av_exception::USER_ERROR, $error);
        } else {
            Util::response_bad_request($error);
        }
    }
}
Example #7
0
function get_pulse_detail()
{
    $data = POST('data');
    ossim_valid($data['pulse_id'], OSS_HEX, 'illegal: Pulse ID');
    if (ossim_error()) {
        return array();
    }
    $otx = new Otx();
    $pulse = $otx->get_pulse_detail($data['pulse_id']);
    //Converting indicator hash to array to use it in the datatables.
    $pulse['indicators'] = array_values($pulse['indicators']);
    return $pulse;
}
Example #8
0
function get_pulse_detail_from_id($conn)
{
    $type = POST('type');
    $pulse = POST('pulse');
    $id = POST('id');
    ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type'));
    ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse'));
    ossim_valid($id, OSS_HEX, 'illegal:' . _('ID'));
    if (ossim_error()) {
        Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
    }
    if ($type == 'alarm') {
        $pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE);
    } elseif ($type == 'event') {
        $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE);
    } elseif ($type == 'alarm_event') {
        $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE);
    }
    return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs']));
}
Example #9
0
function modify_plugingroup_plugin($conn, $data)
{
    $plugin_group = $data['plugin_group'];
    $plugin_id = $data['plugin_id'];
    $sids_str = $data['plugin_sids'];
    ossim_valid($plugin_id, OSS_DIGIT, 'illegal:' . _("Plugin ID"));
    ossim_valid($plugin_group, OSS_HEX, 'illegal:' . _("Plugin GroupID"));
    if (ossim_error()) {
        $info_error = "Error: " . ossim_get_error();
        ossim_clean_error();
        $return['error'] = true;
        $return['msg'] = $info_error;
        return $return;
    }
    $total_sel = 1;
    if (is_array($sids_str)) {
        $total_sel = count($sids_str);
        $sids_str = implode(',', $sids_str);
    }
    if ($sids_str !== '') {
        list($valid, $data) = Plugin_sid::validate_sids_str($sids_str);
        if (!$valid) {
            $return['error'] = true;
            $return['msg'] = _("Error for data source ") . $plugin_id . ': ' . $data;
            return $return;
        }
        if ($sids_str == "ANY") {
            $sids_str = "0";
        } else {
            $total = Plugin_sid::get_sidscount_by_id($conn, $plugin_id);
            $sids_str = $total_sel == $total ? "0" : $sids_str;
        }
        Plugin_group::edit_plugin($conn, $plugin_group, $plugin_id, $sids_str);
    }
    $return['error'] = false;
    $return['output'] = '';
    return $return;
}
Example #10
0
function modify_deploy_hosts($wizard, $data)
{
    $os = $data['os'];
    $hosts = $data['hosts'];
    $username = $data['username'];
    $password = $data['password'];
    $domain = $data['domain'];
    ossim_valid($os, "windows|linux", 'illegal:' . _('Deploy Option'));
    ossim_valid($hosts, OSS_HEX, 'illegal:' . _('Host'));
    ossim_valid($username, OSS_USER_2, 'illegal:' . _('Username'));
    ossim_valid($password, OSS_PASSWORD, 'illegal:' . _('Password'));
    ossim_valid($domain, OSS_NOECHARS, OSS_ALPHA, OSS_PUNC_EXT, OSS_NULLABLE, 'illegal:' . _('Domain'));
    if (ossim_error()) {
        $response['error'] = TRUE;
        $response['msg'] = ossim_get_error();
        ossim_clean_error();
        return $response;
    }
    $domain = $os == 'windows' ? $domain : '';
    //Encrypting password to save it in the object
    $pass_c = Util::encrypt($password, Util::get_system_uuid());
    //First we clean the deploy info stored in the object
    $wizard->clean_step_data();
    //Saving the info to achieve the deploy
    $wizard->set_step_data('deploy_os', $os);
    $wizard->set_step_data('deploy_username', $username);
    $wizard->set_step_data('deploy_password', $pass_c);
    $wizard->set_step_data('deploy_domain', $domain);
    $wizard->set_step_data('deploy_hosts', $hosts);
    //Setting the deploy step to 1 (Inicialized)
    $wizard->set_step_data('deploy_step', 1);
    //Saving wizard status
    $wizard->save_status();
    $response['error'] = FALSE;
    return $response;
}
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyServers');
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
$ip = GET('ip');
$sname = GET('name');
$update = intval(GET('update'));
$opensource = Session::is_pro() ? FALSE : TRUE;
$mssp = intval($conf->get_conf("alienvault_mssp"));
$local_id = $conf->get_conf("server_id");
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP'));
ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name'));
ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID'));
if (ossim_error()) {
    die(ossim_error());
}
$action = 'newserver.php';
$all_rservers = Server::get_server_hierarchy($conn, $id);
$error_forward = FALSE;
$can_i_modify_elem = TRUE;
if (!empty($id)) {
    $server = Server::get_object($conn, $id);
    $role_list = Role::get_list($conn, $id);
    if (!empty($server) && !empty($role_list)) {
        $role = $role_list[0];
        $sname = $server->get_name();
        $ip = $server->get_ip();
        $port = $server->get_port();
        $descr = $server->get_descr();
        $correlate = $role->get_correlate();
Example #12
0
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('environment-menu', 'PolicyHosts');
//CPE Types
$_cpe_types = array('os' => 'o', 'hardware' => 'h', 'software' => 'a');
$_cpe = GET('q');
$_cpe_type = GET('cpe_type');
ossim_valid($_cpe, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, 'illegal:' . _('CPE'));
ossim_valid($_cpe_type, 'os | software | hardware', 'illegal:' . _('CPE Type'));
if (ossim_error() || !array_key_exists($_cpe_type, $_cpe_types)) {
    exit;
}
$db = new Ossim_db();
$conn = $db->connect();
$_cpe = escape_sql($_cpe, $conn);
$filters = array('where' => "`cpe` LIKE 'cpe:/" . $_cpe_types[$_cpe_type] . "%' AND `line` LIKE '%{$_cpe}%'", 'limit' => 20);
$software = new Software($conn, $filters);
$db->close();
foreach ($software->get_software() as $cpe_info) {
    echo $cpe_info['cpe'] . '###' . $cpe_info['line'] . "\n";
}
/* End of file search_cpe.php */
Example #13
0
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("environment-menu", "ReportsWireless");
require_once 'Wireless.inc';
$sensor = GET('sensor');
$file = str_replace("../", "", GET('file'));
ossim_valid($sensor, OSS_IP_ADDR, 'illegal: sensor');
ossim_valid($file, OSS_TEXT, 'illegal: file');
if (ossim_error()) {
    die(ossim_error());
}
# sensor list with perms
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
if (!validate_sensor_perms($conn, $sensor, ", sensor_properties WHERE sensor.id=sensor_properties.sensor_id AND sensor_properties.has_kismet=1")) {
    echo ossim_error($_SESSION["_user"] . " have not privileges for {$sensor}");
    $db->close();
    exit;
}
$db->close();
#
$path = "/var/ossim/kismet/parsed/{$sensor}/{$file}";
if (file_exists($path)) {
    header('Content-Type: application/xml');
    echo file_get_contents($path);
}
			width: 90%;
		}
		
	</style>
</head>

<body>

<div class='c_back_button'>
    <input type='button' class="av_b_back"/>
</div>

<div id='av_info'>
	<?php 
if (!empty($error_msg)) {
    echo ossim_error($error_msg);
}
?>
</div>

<table id='t_ref'>
	
	<tr>
		<td class='sec_title'><?php 
echo _("Reference Types");
?>
</td>
		<td class='sec_title'><?php 
echo _("New Reference");
?>
</td>
Example #15
0
 * @autor      AlienVault INC
 * @license    http://www.gnu.org/licenses/gpl-2.0.txt
 * @copyright  2003-2006 ossim.net
 * @copyright  2007-2013 AlienVault
 * @link       https://www.alienvault.com/
 */
require_once dirname(__FILE__) . '/../../conf/config.inc';
session_write_close();
Session::logcheck('environment-menu', 'EventsHidsConfig');
$events_hids_config = Session::menu_perms('environment-menu', 'EventsHidsConfig');
try {
    $db = new ossim_db();
    $conn = $db->connect();
    $sensor_id = POST('sensor_id');
    ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
    if (!ossim_error()) {
        if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
            $e_msg = _('Error! Sensor not allowed');
            Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
        }
    } else {
        $e_msg = ossim_get_error_clean();
        Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
    }
    $agents = Ossec_agent::get_list($sensor_id);
    $data = array();
    if (is_array($agents) && !empty($agents)) {
        foreach ($agents as $agent_id => $a_data) {
            if (empty($a_data)) {
                continue;
            }
Example #16
0
}
$hide_others = 1;
ossim_valid($map, OSS_DIGIT, 'illegal:' . _("type"));
if (ossim_error()) {
    die(ossim_error());
}
$perms = array();
$query = "SELECT map,perm FROM risk_maps";
if ($result = $conn->Execute($query)) {
    while (!$result->EOF) {
        $perms[$result->fields['map']][$result->fields['perm']]++;
        $result->MoveNext();
    }
}
if (is_array($perms[$map]) && !mapAllowed($perms[$map], $version)) {
    echo ossim_error(_("You don't have permission to see Map {$map}."), "NOTICE");
    exit;
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title><?php 
echo _("Alarms");
?>
 - <?php 
echo _("View");
?>
</title>
Example #17
0
if (ossim_error()) {
    die(ossim_error());
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
	<head>
		<title> <?php 
echo gettext("OSSIM Framework");
?>
 </title>
		<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
		<meta http-equiv="Pragma" content="no-cache"/>
		<link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php 
echo Util::get_css_id();
?>
"/>
	</head>

	<body style="overflow:hidden">
		<?php 
if ($msgcode == 1) {
    echo ossim_error(_("Sensor not available, the user has no perms."), AV_WARNING);
} else {
    echo ossim_error(_("Sensor not available, please select from the above dropdown."), AV_WARNING);
}
?>
	</body>
</html>
Example #18
0
require_once 'classes/Util.inc';
require_once 'ossim_db.inc';
require_once 'classes/Backup.inc';
$conf = $GLOBALS["CONF"];
$data_dir = $conf->get_conf("data_dir");
$backup_dir = $conf->get_conf("backup_dir");
$version = $conf->get_conf("ossim_server_version", FALSE);
$pro = preg_match("/pro|demo/i", $version) ? true : false;
//$backup_dir = "/root/pruebas_backup";
$db = new ossim_db();
$conn = $db->snort_connect();
$conn_ossim = $db->connect();
$insert = array();
$delete = array();
if (!is_dir($backup_dir)) {
    die(ossim_error(_("Could not access backup dir") . ": <b>{$backup_dir}</b>"));
}
$dir = dir($backup_dir);
$query = OssimQuery("SELECT DISTINCT DATE_FORMAT(timestamp, '%Y%m%d') as day FROM acid_event ORDER BY timestamp DESC");
if (!($rs = $conn->Execute($query))) {
    print 'error: ' . $conn->ErrorMsg() . '<BR>';
    exit;
}
// Delete
while (!$rs->EOF) {
    if (file_exists($backup_dir . "/delete-" . $rs->fields["day"] . ".sql.gz")) {
        $delete[] = $rs->fields["day"];
    }
    $rs->MoveNext();
}
// Insert
Example #19
0
function check_security($value, $match, $value2 = NULL, $userfriendly = false)
{
    require_once "classes/Security.inc";
    switch ($match) {
        case "text":
            ossim_valid($value, OSS_SPACE, OSS_ALPHA, OSS_SCORE, OSS_SLASH, OSS_DOT, 'illegal:' . _("{$match} value"));
            break;
        case "ip":
            // "LIKE" patch
            if (preg_match("/^\\d+\\.\\d+\\.\\d+\$/", $value)) {
                $value .= ".0";
            } elseif (preg_match("/^\\d+\\.\\d+\$/", $value)) {
                $value .= ".0.0";
            } elseif (preg_match("/^\\d+\$/", $value)) {
                $value .= ".0.0.0";
            }
            ossim_valid($value, OSS_IP_ADDR, 'illegal:' . _("{$match} value"));
            break;
        case "network":
            ossim_valid($value, OSS_IP_CIDR, 'illegal:' . _("{$match} value"));
            break;
        case "number":
            ossim_valid($value, OSS_DIGIT, 'illegal:' . _("{$match} value"));
            break;
        case "fixed":
            ossim_valid($value, OSS_SPACE, OSS_ALPHA, OSS_SCORE, OSS_SLASH, OSS_DOT, 'illegal:' . _("{$match} value"));
            //ossim_valid($value, OSS_ALPHA, OSS_SCORE, OSS_SLASH, 'illegal:' . _("$match value"));
            break;
        case "concat":
            ossim_valid($value, OSS_ALPHA, '-', 'illegal:' . _("{$match} value"));
            break;
        case "fixedText":
            ossim_valid($value2, OSS_SPACE, OSS_ALPHA, OSS_SCORE, OSS_SLASH, 'illegal:' . _("{$match} value"));
            ossim_valid($value, OSS_ALPHA, OSS_SCORE, OSS_SLASH, 'illegal:' . _("{$match} value"));
            break;
    }
    if (ossim_error()) {
        ?>
		<table class="noborder transparent" align="center" width="94%">
			<tr><td class='nobborder'><div class='ossim_error'><?php 
        echo ossim_get_error();
        ?>
</div></td></tr>
			<tr>
				<td class="nobborder" style="padding:10px 0;text-align:center">
					<?php 
        $location = $userfriendly ? "/ossim/inventorysearch/userfriendly.php" : "/ossim/inventorysearch/inventory_search.php";
        ?>
					<input type="button" value="Back" onclick="document.location.href='<?php 
        echo $location;
        ?>
'" class="button"/>
				</td>
			</tr>
		</table>
	<?php 
        exit;
    }
}
Example #20
0
    $msg = "<table class='t_sensor_nc'>\n                    <tr>\n                        <td>\n                            <strong>" . _("Warning") . "</strong>: " . _("The following sensor(s) are being reported as enabled by the server but aren't configured") . ".\n                        </td>\n                    </tr>\n                </table>\n                \n                <table class='t_sensor_nc'>";
    foreach ($unregistered_sensors as $s_data) {
        $sensor_ip = $s_data['ip'];
        $sensor_id = $s_data['id'];
        $msg .= "\n                    <tr class='tr_sensor_nc' id='us_" . $sensor_id . "'>\n                        <td class='td_ip_sensor'/>\n                            <img src='../pixmaps/theme/server.png' align='absmiddle' border='0' align='top'/>\n                            <a href='newsensorform.php?ip=" . $sensor_ip . "'><strong>" . $sensor_ip . "</strong></a>\n                        </td>\n                        <td class='td_i_sensor'/>\n                            <a href='newsensorform.php?ip=" . $sensor_ip . "'>\n                            <img src='../pixmaps/tables/table_row_insert.png' align='absmiddle' border='0' align='top'/>" . _("Insert") . "</a>\n                        </td>\n                                            \n                        <td class='td_d_sensor'/>\n                            <a class='discard_sensor' href=\"javascript:delete_sensor('" . $sensor_id . "', 0);\">\n                            <img src='../pixmaps/tables/table_row_delete.png' align='absmiddle' border='0' align='top'/>" . _("Discard") . "</a>\n                        </td>               \n                    </tr>\n                    <tr><td colspan='2'></td></tr>";
    }
    $msg .= "</table>";
}
?>
    
       
    
    <div id='av_info'>        
        <?php 
if ($msg != '') {
    echo ossim_error($msg, AV_WARNING, 'width: 100%; margin: 0px auto 10px auto;');
}
?>
             
    </div>
            
    <table id="flextable" style="display:none"></table>      
    
    <!-- Right Click Menu -->
    <ul id="myMenu" class="contextMenu">
        <li class="hostreport"><a href="#modify" class="greybox" style="padding:3px"><img src="../pixmaps/tables/table_edit.png" align="absmiddle"/> <?php 
echo _('Modify');
?>
</a></li>
        <li class="hostreport"><a href="#delete" class="greybox" style="padding:3px"><img src="../pixmaps/tables/table_row_delete.png" align="absmiddle"/> <?php 
echo _('Delete');
Example #21
0
function send_msg($cmd, $ip, $id)
{
    /*
     *  Send message to server
     *    sensor-plugin-CMD sensor="" plugin_id=""
     *  where CMD can be (start|stop|enable|disable)
     */
    $ossim_conf = $GLOBALS['CONF'];
    if (!$ossim_conf) {
        $ossim_conf = new Ossim_conf();
        $GLOBALS['CONF'] = $ossim_conf;
    }
    /* get the port and IP address of the server */
    $address = $ossim_conf->get_conf('server_address');
    $port = $ossim_conf->get_conf('server_port');
    /* create socket */
    $socket = socket_create(AF_INET, SOCK_STREAM, 0);
    if ($socket < 0) {
        $err_msg = '<strong>' . _('socket_create() failed: reason: ') . '</strong>' . socket_strerror($socket);
        echo ossim_error($err_msg, AV_WARNING);
        exit;
    }
    /* connect  */
    socket_set_block($socket);
    socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array('sec' => 10, 'usec' => 0));
    socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 5, 'usec' => 0));
    $result = socket_connect($socket, $address, $port);
    if ($result < 0) {
        $err_msg = '<strong>' . _('socket_connect() failed') . '<br/> ' . _('Reason: ') . "</strong> ({$result})" . socket_strerror($socket);
        echo ossim_error($err_msg, AV_WARNING);
        exit;
    }
    /* first send a connect message to server */
    $in = 'connect id="1" type="web"' . "\n";
    $out = '';
    socket_write($socket, $in, strlen($in));
    $out = socket_read($socket, 2048, PHP_BINARY_READ);
    if (strncmp($out, "ok id=", 4)) {
        $err_msg = '<strong>' . _('Bad response from server') . '</strong>';
        echo ossim_error($err_msg, AV_WARNING);
        break;
    }
    /* send command */
    $msg = "sensor-plugin-{$cmd} sensor=\"{$ip}\" plugin_id=\"{$id}\"\n";
    socket_write($socket, $msg, strlen($msg));
    socket_close($socket);
    /* wait for
     *   framework => server -> agent -> server => framework
     * messages */
    //sleep(5);
}
Example #22
0
    echo $action . _(" {$plugin_name}, please wait a few seconds");
    ?>
 ...</span></div>
	</div>

	<?php 
    send_msg($cmd, $ip_get, $id);
    ?>
	<script type="text/javascript">	 	    
	   GB_hide();   
	</script>
	<?php 
}
// Sensors perm check
if (!Session::menu_perms('configuration-menu', 'PolicySensors')) {
    echo ossim_error(_("You need permissions of section '") . "<b>" . _("Configuration -> AlienVault Components -> Sensors") . "</b>" . _("' to see this page. Contact with the administrator."), AV_NOTICE);
    exit;
}
?>

<div id='loading'>
	<div>
	   <img src='../pixmaps/loading3.gif' alt='<?php 
echo _("Loading");
?>
'/><span><?php 
echo _('Loading sensor information, please wait a few seconds,');
?>
 ...</span>
	</div>
</div>
Example #23
0
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
require_once 'os_report_common.php';
Session::logcheck('report-menu', 'ReportsReportServer');
$action = POST('action');
$data = POST('data');
if ($action == 'check_file') {
    $data = explode('###', base64_decode($data));
    $report_name = trim($data[0]);
    $filename = trim($data[1]);
    ossim_valid($report_name, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Report name'));
    if (ossim_error()) {
        echo 'error###' . ossim_get_error_clean();
        exit;
    }
    // Init PDF Report
    $pdfReport = new Pdf_report($report_name, 'P', 'A4', NULL, FALSE);
    if (isset($filename) && !empty($filename)) {
        ossim_valid($filename, OSS_FILENAME, 'illegal:' . _('Filename'));
        //Get complete path
        $path = $pdfReport->getpath() . $filename;
        $res = !ossim_error() && file_exists($path) ? 1 : _('Unable to access to PDF Report');
        echo $res;
    }
} elseif ($action == 'check_email') {
    ossim_valid($data, OSS_MAIL_ADDR, 'illegal:' . _('Email address'));
    $res = !ossim_error() ? 1 : ossim_get_error_clean();
    echo $res;
}
Example #24
0
require_once AV_MAIN_ROOT_PATH . '/av_center/config.inc';
function RemoveExtension($strName, $strExt)
{
    if (substr($strName, strlen($strName) - strlen($strExt)) == $strExt) {
        return substr($strName, 0, strlen($strName) - strlen($strExt));
    } else {
        return $strName;
    }
}
$range = GET('range');
ossim_valid($range, "day", "week", "month", "year", OSS_NULLABLE, 'illegal:' . _("range"));
$valid_range = array('day', 'week', 'month', 'year');
if (!$range) {
    $range = 'day';
} elseif (!in_array($range, $valid_range)) {
    die(ossim_error('Invalid range'));
}
$end = gmdate("U");
if ($range == 'day') {
    $start = gmdate("U") - 86400;
} elseif ($range == 'week') {
    $start = gmdate("U") - 86400 * 7;
} elseif ($range == 'month') {
    $start = gmdate("U") - 86400 * 30;
} elseif ($range == 'year') {
    $start = gmdate("U") - 86400 * 365;
}
$start_acid = date("Y-m-d H:i:s", $start);
$end_acid = date("Y-m-d H:i:s", $end);
// Get conf
$conf = $GLOBALS['CONF'];
$url_form = 'newpluginref.php';
$button_text = Util::js_entities(_("Create rule"));
$plugin_id1 = REQUEST('plugin_id1');
$plugin_id2 = REQUEST('plugin_id2');
$plugin_sid1 = REQUEST('plugin_sid1');
$plugin_sid2 = REQUEST('plugin_sid2');
if ($plugin_id1 != '' || $plugin_id2 != '' || $plugin_sid1 != '' || $plugin_sid2 != '') {
    $action = 'modify';
    $url_form = 'modifypluginref.php';
    $button_text = Util::js_entities(_('Save rule'));
    ossim_valid($plugin_id1, OSS_DIGIT, 'illegal:' . _('Plugin ID1'));
    ossim_valid($plugin_id2, OSS_DIGIT, 'illegal:' . _('Plugin ID2'));
    ossim_valid($plugin_sid1, OSS_DIGIT, 'illegal:' . _('Plugin SID1'));
    ossim_valid($plugin_sid2, OSS_DIGIT, 'illegal:' . _('Plugin SID2'));
    if (ossim_error()) {
        echo ossim_error();
        exit;
    }
}
$db = new ossim_db();
$conn = $db->connect();
$plugin_list = Plugin::get_list($conn, 'ORDER BY name', 0);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title><?php 
echo _("Cross-Correlation");
?>
</title>
	<meta http-equiv="Pragma" content="no-cache"/>
Example #26
0
function edit_process($form_data)
{
    global $conn, $id;
    $resp = new xajaxResponse();
    ossim_valid($form_data['bp_name'], OSS_INPUT, 'illegal:' . _("Name"));
    ossim_valid($form_data['bp_desc'], OSS_TEXT, 'illegal:' . _("Description"));
    if (ossim_error()) {
        $resp->AddAssign("form_errors", "innerHTML", ossim_error());
    } else {
        // Check if there is already a BP with that name
        $sql = "SELECT name FROM bp_process WHERE name=?";
        if ($id != 0) {
            $sql .= " AND id <> {$id}";
        }
        $params = array($form_data['bp_name']);
        if (!($rs = $conn->Execute($sql, $params))) {
            $resp->AddAssign("form_errors", "innerHTML", $conn->ErrorMsg());
            return $resp;
        } elseif (!$rs->EOF) {
            $resp->AddAssign("form_errors", "innerHTML", ossim_error(_("There is already a process with that name")));
            return $resp;
        }
        if ($id == 0) {
            $sql = "INSERT INTO bp_process (id, name, description) VALUES (?, ?, ?)";
            $id = $conn->GenID('bp_seq');
            $params = array($id, $form_data['bp_name'], $form_data['bp_desc']);
            if (!$conn->Execute($sql, $params)) {
                $resp->AddAssign("form_errors", "innerHTML", $conn->ErrorMsg());
            } else {
                $resp->addRedirect($_SERVER['SCRIPT_NAME'] . "?id={$id}");
            }
        } else {
            $sql = "UPDATE bp_process SET name=?, description=? WHERE id=?";
            $params = array($form_data['bp_name'], $form_data['bp_desc'], $id);
            if (!$conn->Execute($sql, $params)) {
                $resp->AddAssign("form_errors", "innerHTML", $conn->ErrorMsg());
            } else {
                $resp->addRedirect("./bp_list.php");
            }
        }
    }
    return $resp;
}
function print_form($import_type)
{
    $config = array('networks' => array('contexts' => array('show_tree' => Session::show_entities(), 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => TRUE, 'checked' => FALSE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"479D45C0BBF22B4458BD2F8EE09ECAC2"'), 'Version 3.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"192.168.10.2,192.168.10.3"'))), 'welcome_wizard_nets' => array('contexts' => array('show_tree' => FALSE, 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => FALSE, 'checked' => TRUE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '"'))));
    if (!array_key_exists($import_type, $config)) {
        echo ossim_error(_('Error! Import Type not found'));
    } else {
        ?>
    	<div id='av_info'></div>
    	
    	<form name='form_csv' id='form_csv' method='POST' action='import_all_nets_ajax.php' enctype='multipart/form-data' target='iframe_upload'>        
			
			<input type="hidden" name="ctx" id="ctx" value="<?php 
        echo $config[$import_type]['contexts']['default_value'];
        ?>
"/>
			<input type="hidden" name="import_type" id="import_type" value="<?php 
        echo $import_type;
        ?>
"/>
            
            <table id='form_container'>
                                       
    			<?php 
        //Context
        if ($config[$import_type]['contexts']['show_tree'] == TRUE) {
            ?>
    				<tr class='left'>
    				    <td class="td_title">
						    <span><?php 
            echo _('Select the Entity for the nets');
            ?>
:</span>
						</td>
    				</tr>        
    				
    				<tr>
    					<td class='td_content'>    											
    						<table id="t_tree">    							
    							<tr>
        							<td class='noborder'>
        							    <div id="tree"></div>
        							</td>
    							</tr>
    							
    							<tr>
            						<td id='td_es'>
            						    <span class='bold'><?php 
            echo _('Entity selected');
            ?>
:</span> 
            						    <span id="entity_selected"> - </span>
            						</td>
            					</tr>  							
    						</table>    					
    					</td>    			
    				</tr>   				
    				<?php 
        }
        $top_class = $import_type == 'welcome_wizard_nets' ? 'td_top' : '';
        //Input File
        ?>
			
                <tr>
                    <td class='td_title <?php 
        echo $top_class;
        ?>
'>
                        <span><?php 
        echo _('Choose a CSV file');
        ?>
:</span>    
                    </td>
                </tr>
                
                <tr>    
                    <td class='td_content'>                    
                        <input name='file_csv' id='file_csv' type='file' size='38'/>                        
                        <?php 
        if ($config[$import_type]['chk_iic']['show'] == TRUE) {
            $checked_iic = $config[$import_type]['chk_iic']['checked'] == TRUE ? 'checked="checked"' : '';
            ?>
                            <span class='ignore_span'>
                                <input type='checkbox' name='iic' id='iic' <?php 
            echo $checked_iic;
            ?>
 value='1'/>
                                <label for='iic' style='margin-left: 2px;'><?php 
            echo _('Ignore invalid characters');
            ?>
</label>
                            </span>
                            <?php 
        } else {
            $chk_iic_value = $config[$import_type]['chk_iic']['checked'] == TRUE ? '1' : '0';
            ?>
                
                            <input type='hidden' name='iic' id='iic' value="<?php 
            echo $chk_iic_value;
            ?>
"/>                
                            <?php 
        }
        ?>
               
                    </td>
                </tr>
			
			    <tr>
        				<td class='td_content'>
        					<div id='c_send'>
        						<input type='button' name='send' id='send' value='<?php 
        echo _('Import');
        ?>
'/>
        					</div>
        				</td>
        			</tr>
			
                <tr>
                    <td class='td_title'>
                        <span><?php 
        echo _('Formats allowed');
        ?>
:</span>
                    </td>
                </tr>
                
                <tr>    
                    <td class='td_content'>
                        <table id='t_format'>   
                            <?php 
        //Help
        foreach ($config[$import_type]['help'] as $version => $help_data) {
            ?>
                                <tr>
                				    <td class='td_version'>
                				        <?php 
            echo $version;
            ?>
:
                				    </td>      				    
                                </tr>
                                
                                <tr>
                				    <td class='td_format'>
                				        <?php 
            echo $help_data['format'];
            ?>
                				    </td>      				    
                                </tr>
                                
                                <tr>
                				    <td class='td_example'>
                				       <?php 
            echo $help_data['example'];
            ?>
                				    </td>      				    
                                </tr>
                                <?php 
        }
        ?>
                        </table>
                    </td>
                </tr>           
			
    			<tr>
    				<td class='td_title'>
    				    <span><?php 
        echo _('Notes');
        ?>
:</span>
    				</td> 	
        		</tr>		
                
                <tr>
                    <td class='td_content'>                           
                        <ul id='note_list'>
                            <li><?php 
        echo _('Characters allowed: A-Z, a-z, 0-9, ., :, _ and -');
        ?>
</li>
                            <li><?php 
        echo _('Values marked with (*) are mandatory');
        ?>
</li>
                        </ul>                        
                    </td>
    			</tr>
    			
    		</table>
        
            <div id='c_resume'></div>
        
            <iframe name="iframe_upload" id="iframe_upload" style="display:none;"></iframe>
        
        </form>
    	<?php 
    }
}
Example #28
0
    $return['output'] = $notifications;
    return $return;
}
// Check only the updates balloon to be shown
function get_only_updates()
{
    $new_updates = Av_center::get_software_updates();
    $return['error'] = FALSE;
    $return['output'] = $new_updates;
    return $return;
}
$action = POST('action');
ossim_valid($action, OSS_TEXT, 'illegal:' . _('Action'));
if (ossim_error()) {
    $response['error'] = TRUE;
    $response['output'] = ossim_error();
    echo json_encode($response);
    exit;
}
$db = new ossim_db();
$conn = $db->connect();
if ($action != '' && isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    $check_perms = array('only_updates' => array('func' => 'Session::am_i_admin', 'parameters' => array()), 'open_tickets' => array('func' => 'Session::menu_perms', 'parameters' => array('analysis-menu', 'IncidentsOpen')), 'unresolved_alarms' => array('func' => 'Session::menu_perms', 'parameters' => array('analysis-menu', 'ControlPanelAlarms')), 'sensor_status' => array('func' => 'Session::menu_perms', 'parameters' => array('configuration-menu', 'PolicySensors')), 'system_eps' => array('func' => 'Session::menu_perms', 'parameters' => array('analysis-menu', 'EventsForensics')), 'monitored_devices' => array('func' => 'Session::am_i_admin', 'parameters' => array()), 'events_trend' => array('func' => 'Session::menu_perms', 'parameters' => array('analysis-menu', 'EventsForensics')));
    if (array_key_exists($action, $check_perms) && !call_user_func_array($check_perms[$action]['func'], $check_perms[$action]['parameters'])) {
        $response['error'] = TRUE;
        $response['output'] = _("You don't have permissions to see this section");
        echo json_encode($response);
        $db->close();
        exit;
    }
    switch ($action) {
Example #29
0
/*
*
* <------------------------   END OF THE FUNCTIONS   ------------------------> 
*
*/
/*
*
* <-------------------------   BODY OF THE SCRIPT   -------------------------> 
*
*/
$action = POST("action");
//Action to perform.
$data = POST("data");
//Data related to the action.
ossim_valid($action, OSS_INPUT, 'illegal:' . _("Action"));
if (ossim_error()) {
    $response['error'] = TRUE;
    $response['msg'] = ossim_get_error();
    ossim_clean_error();
    echo json_encode($response);
    die;
}
//Default values for the response.
$response['error'] = TRUE;
$response['msg'] = _('Error when processing the request');
//checking if it is an ajax request
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    //Checking token
    if (!Token::verify('tk_welcome_wizard', GET('token'))) {
        $response['error'] = TRUE;
        $response['msg'] = _('Invalid Action');
Example #30
0
function validate_parameter($type, $parameter)
{
    $res = TRUE;
    ossim_clean_error();
    switch ($type) {
        case 'date':
            ossim_valid($parameter, OSS_DATE, 'illegal:' . _('Date'));
            if (ossim_error()) {
                $res = _('Invalid Date-time. Format allowed: YYYY-MM-DD');
            }
            break;
        case 'year':
            if ($parameter > 1970 && $parameter < 3000) {
                $res = _('Invalid Year. Format allowed: YYYY [1970-3000]');
            }
        case 'month':
            if ($parameter > 0 && $parameter < 13) {
                $res = _('Invalid Month. Format allowed: MM [00-12]');
            }
            break;
    }
    return $res;
}