include 'functions/config.php'; require_once 'functions/functions.php'; if (!check_session()) { header("Location: {$serviceurl}/?error=1"); exit; } $vm = addslashes($_GET['vm']); $hypervisor = addslashes($_GET['hypervisor']); if (empty($vm) || empty($hypervisor)) { exit; } $h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'"); $v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'"); $source_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$v_reply['4']}'"); ssh_connect($h_reply[2] . ":" . $h_reply[3]); $source_path = str_replace("\n", "", ssh_command("sudo virsh domblklist {$source_reply['0']}|grep vda| awk '{print \$2}' ", true)); $dest_path = str_replace("\n", "", ssh_command("sudo virsh domblklist {$v_reply['1']}|grep vda| awk '{print \$2}' ", true)); $filekey = uniqid(); add_SQL_line("UPDATE vms SET filecopy='{$filekey}' WHERE id='{$vm}'"); add_SQL_line("UPDATE vms SET maintenance='true' WHERE source_volume='{$vm}'"); #destroy all runing child vms $child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'"); $x = 0; while ($child_vms[$x]['name']) { ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true); ++$x; } ssh_command("sudo /usr/local/VDI/copy-file {$source_path} {$dest_path} {$filekey}", false); header("Location: {$serviceurl}/dashboard.php"); exit;
if ($action == "mass_on" || $action == "mass_off" || $action == "mass_destroy") { $child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'"); $x = 0; while ($child_vms[$x]['name']) { if ($action == "mass_on") { ssh_command("sudo virsh start " . $child_vms[$x]['name'], true); } if ($action == "mass_off") { ssh_command("sudo virsh shutdown " . $child_vms[$x]['name'], true); } if ($action == "mass_destroy") { ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true); } ++$x; } } if ($action == "single") { $v_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$vm}'"); $state = addslashes($_GET['state']); if ($state == "up") { ssh_command("sudo virsh start " . $v_reply[0], true); } if ($state == "down") { ssh_command("sudo virsh shutdown " . $v_reply[0], true); } if ($state == "destroy") { ssh_command("sudo virsh destroy " . $v_reply[0], true); } } header("Location: {$serviceurl}/reload_vm_info.php"); exit;
<?php require_once 'functions/config.php'; require_once 'functions/functions.php'; if (!check_session()) { header("Location: {$serviceurl}/?error=1"); exit; } $vm = addslashes($_GET['vm']); $hypervisor = addslashes($_GET['hypervisor']); if (empty($vm) || empty($hypervisor)) { exit; } $h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'"); $v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'"); $filepath = $temp_folder . '/' . $v_reply[1] . ".ppm"; ssh_connect($h_reply[2] . ":" . $h_reply[3]); ssh_command("sudo virsh screenshot " . $v_reply[1] . " " . $filepath, true); $im = ssh_command("cat " . $filepath, true); $image = new Imagick(); $image->readImageBlob($im); $image->setImageFormat("png"); $image->scaleImage(865, 865, true); header("Content-type: image/png"); echo $image->getImageBlob(); ssh_command("rm " . $filepath, true);
function reload_vm_info() { include 'config.php'; $x = 0; while ($hypervizors[$x]) { $tmp = explode(":", $hypervizors[$x]); $ip = $tmp[0]; $port = $tmp[1]; $sql_reply = get_SQL_line("SELECT id FROM hypervisors WHERE ip='{$ip}'"); if (empty($sql_reply[0])) { add_SQL_line("INSERT INTO hypervisors (ip,port) VALUES ('{$ip}','{$port}')"); } else { add_SQL_line("UPDATE hypervisors SET ip='{$ip}', port='{$port}' WHERE id='{$sql_reply['0']}'"); } $sql_reply = get_SQL_line("SELECT id FROM hypervisors WHERE ip='{$ip}'"); $hyper_id = $sql_reply[0]; ssh_connect($ip . ":" . $port); $output = ssh_command("sudo virsh list --all |tail -n +3|head -n -1|awk '{print \$2" . '" "' . "\$3}'", true); $vms = array(); $output = str_replace("\n", " ", $output); $vms = explode(" ", $output); $y = 0; while ($vms[$y]) { $sql_reply = get_SQL_line("SELECT id FROM vms WHERE name='{$vms[$y]}' AND hypervisor='{$hyper_id}'"); $state = $vms[$y + 1]; if (empty($sql_reply[0])) { add_SQL_line("INSERT INTO vms (name,hypervisor,state) VALUES ('{$vms[$y]}','{$hyper_id}','{$state}')"); } else { add_SQL_line("UPDATE vms SET name='{$vms[$y]}', hypervisor='{$hyper_id}', state='{$state}' WHERE id='{$sql_reply['0']}'"); } $y = $y + 2; } ++$x; } }
public function process_subnet() { // accept or process the output of the discover subnet script - nmap details if (!isset($_POST['form_details'])) { $this->load->view('v_process_subnet', $this->data); } else { $display = ''; if ($this->input->post('debug') and strpos($_SERVER['HTTP_ACCEPT'], 'html')) { $display = 'y'; echo "<pre>\n"; echo "DEBUG - Starting process_subnet.\n"; echo "***********************************************************************************\n"; echo "* NOTE - THIS PAGE WILL CONTINUOUSLY RENDER UNTIL THE DISCOVERY HAS FINISHED *\n"; echo "* WATCH YOUR BROSWER TO SEE WHEN THE PAGE FINISHES RENDERING *\n"; echo "* DO NOT REFRESH THIS PAGE OR ATTEMPT TO GO 'back' UNTIL THE PAGE HAS COMPLETED *\n"; echo "***********************************************************************************\n"; } $this->load->model('m_oa_user'); $this->load->model('m_scripts'); if (isset($this->session->userdata['user_id']) and is_numeric($this->session->userdata['user_id'])) { $this->user = $this->m_oa_user->get_user_details($this->session->userdata['user_id']); } // all logging will be as below, only the message will change $log_details = new stdClass(); $log_details->severity = 7; $log_details->file = 'system'; $log_details->display = $display; if (!$this->m_oa_config->check_blessed($_SERVER['REMOTE_ADDR'], '')) { if ($display == 'y') { $log_details->message = "Audit submission from an IP (" . $_SERVER['REMOTE_ADDR'] . ") not in the list of blessed subnets, exiting."; echo "\n" . $log_details->message . "\n"; stdlog($log_details); } exit; } $this->load->helper('url'); $this->load->model('m_credentials'); if ($display == 'y') { echo 'DEBUG - <a href=\'' . base_url() . "index.php/discovery/discover_subnet'>Back to input page</a>\n"; echo 'DEBUG - <a href=\'' . base_url() . "index.php'>Front Page</a>\n"; } if (php_uname('s') != 'Windows NT') { $filepath = $this->config->config['base_path'] . '/other'; } else { $filepath = $this->config->config['base_path'] . '\\other'; } $this->load->helper('xml'); $xml_input = $_POST['form_details']; try { $xml = new SimpleXMLElement($xml_input); } catch (Exception $error) { // not a valid XML string $log_details->message = 'Invalid XML input for discovery from ' . $_SERVER['REMOTE_ADDR']; stdlog($log_details); exit; } $this->load->helper('url'); $this->load->library('encrypt'); $this->load->helper('ipmi'); if (extension_loaded('snmp')) { $this->load->helper('snmp'); $this->load->helper('snmp_oid'); } $this->load->model('m_system'); $this->load->model('m_oa_group'); $this->load->model('m_audit_log'); $this->load->model('m_change_log'); $this->load->model('m_devices_components'); $this->load->model('m_devices'); $timestamp = $this->config->config['timestamp']; $count = 0; foreach ($xml->children() as $details) { $details = (object) $details; if (isset($details->complete) and $details->complete == 'y') { // delete the credential set if ($display == 'y') { echo "DEBUG - ----------------------------------------------------\n"; } $this->echo_details($details); sleep(5); $log_details->message = 'Deleting credential set for ' . $details->subnet_range . ' submitted on ' . $details->subnet_timestamp; stdlog($log_details); $sql = '/* discovery::process_subnet */ DELETE FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' '; $query = $this->db->query($sql); } else { $skip = false; if (stripos(' ' . $this->config->config['discovery_ip_exclude'] . ' ', ' ' . $details->ip . ' ') !== false) { # Our ip address matched an ip in the discovery_ip_exclude list - exit $log_details->message = $details->ip . ' is in the list of excluded ip addresses - skipping.'; stdlog($log_details); $skip = true; } if (!$skip) { $log_details->message = 'Start processing ' . $details->ip; stdlog($log_details); $count++; $details->last_seen = $timestamp; $details->last_user = ''; $details->last_seen_by = 'nmap'; $details->domain = ''; $details->audits_ip = ip_address_to_db($_SERVER['REMOTE_ADDR']); $details->hostname = ''; if ($this->config->item('discovery_use_dns') == 'y') { $details = dns_validate($details, $display); } $details->id = ''; $details->id = $this->m_system->find_system($details); $details->last_seen_user = ''; $details->network_address = ''; $details->limit = 1000000; $details->count = 0; $details->use_https = ''; // # 1.12.6 $credentials = array(); // If we find a device and we're in DEBUG, output a result line. if ($display == 'y') { if (!empty($details->id)) { echo 'DEBUG - Device found with ID: <a href=\'' . base_url() . 'index.php/main/system_display/' . $details->id . '\'>' . $details->id . "</a>.\n"; } } // Device specific credentials if (!empty($details->id)) { $temp = $this->m_devices_components->read(intval($details->id), 'y', 'credential', '', '*'); if (count($temp) > 0) { foreach ($temp as $credential) { $credentials[] = $credential; } } unset($temp); } // Credential Sets $temp = $this->m_credentials->collection(); if (count($temp) > 0) { $credentials = array_merge($credentials, $temp); } unset($temp); // supplied credentials $sql = '/* discovery::process_subnet */ SELECT temp_value FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' ORDER BY temp_id DESC LIMIT 1'; $query = $this->db->query($sql); $row = $query->row(); $supplied_credentials = @$row->temp_value; $supplied = new stdClass(); if (isset($supplied_credentials) and $supplied_credentials > '') { $supplied_credentials = $this->encrypt->decode($supplied_credentials); $supplied_credentials = json_decode($supplied_credentials); $details->last_seen_user = @$supplied_credentials->last_user; $details->network_address = @$supplied_credentials->network_address; $details->limit = (int) @$supplied_credentials->limit; $details->count = (int) @$supplied_credentials->count; $details->org_id = (int) @$supplied_credentials->org; $details->location_id = (int) @$supplied_credentials->location; $details->org_id = (int) @$supplied_credentials->org; $details->location_id = (int) @$supplied_credentials->location; $details->use_https = (string) @$supplied_credentials->use_https; } # TODO - replace the ugly code below $creds = array(); foreach ($credentials as $credential) { $creds[] = $credential->attributes; } unset($credentials); $credentials = $creds; unset($creds); // default Open-AudIT credentials // $default = $this->m_oa_config->get_credentials(); // unset($default); if (intval($details->count) >= intval($details->limit)) { # we have discovered the requested number of devcies $log_details->message = 'Count from DB is higher than requested limit, exiting. Count: ' . $details->count . ' Limit: ' . $details->limit; stdlog($log_details); return; } if (empty($supplied_credentials)) { $supplied_credentials = new stdClass(); } if (empty($supplied_credentials->count)) { $supplied_credentials->count = 0; } else { $supplied_credentials->count++; } $sql = '/* discovery::process_subnet */ UPDATE oa_temp SET temp_value = ? WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\''; $data_in = json_encode($supplied_credentials); $data_in = $this->encrypt->encode($data_in); $data = array("{$data_in}"); $query = $this->db->query($sql, $data); $details->last_user = $details->last_seen_user; $log_details->user = $details->last_seen_user; // create the URL for use by the audit scripts # use $_POST if supplied if (isset($_POST['network_address']) and $_POST['network_address'] > '') { $temp = explode('/', base_url()); $url = str_replace($temp[2], $_POST['network_address'], base_url()); # use $details->network_address if stored in DB } elseif (isset($details->network_address) and $details->network_address != '') { $temp = explode('/', base_url()); $url = str_replace($temp[2], $details->network_address, base_url()); # use the open-audit default config value } elseif (isset($this->config->config['default_network_address']) and $this->config->config['default_network_address'] > '') { $temp = explode('/', base_url()); $url = str_replace($temp[2], $this->config->config['default_network_address'], base_url()); # use the PHP function to guess as a last resort } else { $url = base_url(); } unset($details->network_address); if ($details->use_https == 'on') { $url = str_ireplace('http://', 'https://', $url); } if (isset($supplied->snmp_community) and $supplied->snmp_community != '') { $details->snmp_community = $supplied->snmp_community; } // output to log file and DEBUG the status of the three main services $log_details->message = 'WMI Status is ' . $details->wmi_status . ' on ' . $details->ip; stdlog($log_details); // On OSX we cannot run Nmap and get a UDP port result for 161 as 'You requested a scan type which requires root privileges.' So just set the snmp_status to true and attempt to snmp_audit the target device if (php_uname('s') == 'Darwin') { $details->snmp_status = 'true'; $details->nmap_ports .= ',161/udp/snmp'; } $log_details->message = 'SNMP Status is ' . $details->snmp_status . ' on ' . $details->ip; stdlog($log_details); $log_details->message = 'SSH Status is ' . $details->ssh_status . ' on ' . $details->ip; stdlog($log_details); // get rid of os_* as nmap only guesses unset($details->os_group); unset($details->os_family); unset($details->os_name); # IPMI audit # TODO - make a ipmi_helper::ipmi_credentials function // if (isset($this->config->config['discovery_use_ipmi']) and $this->config->config['discovery_use_ipmi'] == 'y') { // $credentials_ipmi = new stdClass(); // $credentials_ipmi->type = 'ipmi'; // $credentials_ipmi->credentials = new stdClass(); // $credentials_ipmi->credentials->username = $this->config->config['default_ipmi_username']; // $credentials_ipmi->credentials->password = $this->config->config['default_ipmi_username']; // $credentials[] = $credentials_ipmi; // $ipmi_details = ipmi_audit($details->ip, $credentials_ipmi, $display); // if (!empty($ipmi_details)) { // foreach ($ipmi_details as $key => $value) { // if (!empty($value)) { // $details->key = $value; // } // } // } // if ($details->serial) { // $details->last_seen_by = 'ipmi'; // $details->audits_ip = '127.0.0.1'; // } // } // SNMP audit if (!extension_loaded('snmp') and $details->snmp_status == 'true') { $log_details->message = 'PHP extension not loaded, skipping SNMP data retrieval for ' . $details->ip; stdlog($log_details); } if (extension_loaded('snmp') and $details->snmp_status == 'true') { $log_details->message = 'Testing SNMP credentials for ' . $details->ip; stdlog($log_details); $credentials_snmp = snmp_credentials($details->ip, $credentials, $display); } else { $credentials_snmp = false; } if ($credentials_snmp) { $temp_array = snmp_audit($details->ip, $credentials_snmp, $display); if (!empty($temp_array['details'])) { foreach ($temp_array['details'] as $key => $value) { if (!empty($value)) { $details->{$key} = $value; } } $details->last_seen_by = 'snmp'; $details->audits_ip = '127.0.0.1'; } if (!empty($temp_array['interfaces'])) { $network_interfaces = $temp_array['interfaces']; } if (!empty($temp_array['modules'])) { $modules = $temp_array['modules']; } if (!empty($temp_array['ip'])) { $ip = $temp_array['ip']; } if (!empty($temp_array['guests'])) { $guests = $temp_array['guests']; } } // new for 1.8.4 - if we have a non-computer, do not attempt to connect using SSH if ($details->type != 'computer' and $details->type != '' and $details->type != 'unknown' and $details->os_family != 'DD-WRT' and stripos($details->sysDescr, 'dd-wrt') === false) { $log_details->message = 'Not a computer and not a DD-WRT device, setting SSH status to false for ' . $details->ip . ' (System ID ' . $details->id . ')'; stdlog($log_details); $details->ssh_status = 'false'; } # test for working SSH credentials if ($details->ssh_status == 'true') { $log_details->message = 'Testing SSH credentials for ' . $details->ip; stdlog($log_details); $credentials_ssh = ssh_credentials($details->ip, $credentials, $display); } else { $credentials_ssh = false; } # run SSH audit commands if ($details->ssh_status == 'true' and $credentials_ssh) { $ssh_details = ssh_audit($details->ip, $credentials_ssh, $display); if (!empty($ssh_details)) { $details->last_seen_by = 'ssh'; $details->audits_ip = '127.0.0.1'; foreach ($ssh_details as $key => $value) { if (!empty($value)) { $details->{$key} = $value; } } } } // test for working Windows credentials if ($details->wmi_status == 'true') { $log_details->message = 'Testing Windows credentials for ' . $details->ip; stdlog($log_details); $credentials_windows = windows_credentials($details->ip, $credentials, $display); } else { $credentials_windows = false; } # run Windows audit commands if ($details->wmi_status == 'true' and $credentials_windows) { $windows_details = wmi_audit($details->ip, $credentials_windows, $display); if (!empty($windows_details)) { $details->last_seen_by = 'windows'; $details->audits_ip = '127.0.0.1'; foreach ($windows_details as $key => $value) { if (!empty($value)) { $details->{$key} = $value; } } } } # in the case where port 5060 is detected and we have no other information, assign type 'voip phone' if (empty($details->type) and empty($details->snmp_oid) and empty($details->uuid) and stripos($details->nmap_result, '5060/') !== false) { $details->type = 'voip phone'; } if ($this->config->item('discovery_use_dns') == 'y') { $details = dns_validate($details, $display); } $details->id = $this->m_system->find_system($details, $display); if ($display == 'y') { $details->show_output = true; echo "=======DETAILS======\n"; foreach ($details as $key => $value) { echo "DEBUG - " . $key . ": " . (string) $value . "\n"; } echo "====================\n"; ob_flush(); flush(); } // insert or update the device if (isset($details->id) and $details->id != '') { // we have a system id - UPDATE $log_details->message = strtoupper($details->last_seen_by) . " update for {$details->ip} (System ID {$details->id})"; stdlog($log_details); $details->original_last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen'); $details->original_last_seen_by = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen_by'); $this->m_system->update_system($details, $display); } else { // we have a new system - INSERT $log_details->message = strtoupper($details->last_seen_by) . " insert for {$details->ip}"; stdlog($log_details); $details->id = $this->m_system->insert_system($details, $display); } // grab some timestamps $details->last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen'); $details->first_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'first_seen'); // Insert an audit log if (isset($this->user->full_name)) { $temp_user = $this->user->full_name; } else { $temp_user = ''; } $this->m_audit_log->create($details->id, $temp_user, $details->last_seen_by, $details->audits_ip, '', '', $details->last_seen); unset($temp_user); // Update the groups if ($this->config->config['discovery_update_groups'] == 'y') { $this->m_oa_group->update_system_groups($details); } // update any network interfaces and ip addresses retrieved by SNMP if (isset($network_interfaces) and is_array($network_interfaces) and count($network_interfaces) > 0) { $input = new stdClass(); $input->item = array(); $input->item = $network_interfaces; $this->m_devices_components->process_component('network', $details, $input, $display); } // insert any ip addresses if (isset($ip->item) and count($ip->item) > 0) { $this->m_devices_components->process_component('ip', $details, $ip, $display); } // finish off with updating any network IPs that don't have a matching interface $this->m_devices_components->update_missing_interfaces($details->id); // insert any modules if (isset($modules) and count($modules) > 0) { $input = new stdClass(); $input->item = array(); $input->item = $modules; $this->m_devices_components->process_component('module', $details, $input, $display); } // insert any found virtual machines if (isset($guests) and is_array($guests) and count($guests) > 0) { $vm = new stdClass(); $vm->item = array(); $vm->item = $guests; $this->m_devices_components->process_component('vm', $details, $vm, $display); } if (!empty($credentials_snmp) and $details->snmp_status == 'true') { $log_details->message = 'SNMP credential update for ' . $details->ip . ' (System ID ' . $details->id . ')'; stdlog($log_details); $this->m_devices->sub_resource_create($details->id, 'credential', $credentials_snmp); } if (!empty($credentials_ssh) and $details->ssh_status == 'true') { $log_details->message = 'SSH credential update for ' . $details->ip . ' (System ID ' . $details->id . ')'; stdlog($log_details); $this->m_devices->sub_resource_create($details->id, 'credential', $credentials_ssh); } if (isset($credentials_windows) and $details->wmi_status == 'true') { $log_details->message = "Windows credential update for {$details->ip} (System ID {$details->id})"; stdlog($log_details); $this->m_devices->sub_resource_create($details->id, 'credential', $credentials_windows); } // $details->id is now set if ($display == 'y') { echo "DEBUG - System ID <a href='" . base_url() . "index.php/devices/" . $details->id . "'>" . $details->id . "</a>\n"; } // process and store the Nmap result $nmap_result = array(); foreach (explode(',', $details->nmap_ports) as $port) { $temp = explode('/', $port); $nmap_item = new stdClass(); $nmap_item->ip = (string) $details->ip; $nmap_item->port = $temp[0]; $nmap_item->protocol = $temp[1]; $nmap_item->program = $temp[2]; if ($nmap_item->port != '') { $nmap_result[] = $nmap_item; } unset($nmap_item); unset($temp); } if (count($nmap_result) > 0) { $input = new stdClass(); $input->item = array(); $input->item = $nmap_result; $this->m_devices_components->process_component('nmap', $details, $input, $display); } // insert a blank to indicate we're finished this part of the discovery // if required, the audit scripts will insert their own audit logs $this->m_audit_log->update('debug', '', $details->id, $details->last_seen); # Audit Windows if ($details->wmi_status == "true" and $credentials_windows) { $log_details->message = "Starting windows audit for {$details->ip} (System ID {$details->id})"; stdlog($log_details); $share = '\\admin$'; $destination = 'audit_windows.vbs'; if ($display = 'y') { $debugging = 3; } else { $debugging = 0; } $sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = 'audit_windows.vbs' AND `based_on` = 'audit_windows.vbs' ORDER BY `id` LIMIT 1"; $query = $this->db->query($sql); $result = $query->result(); if (!empty($result[0])) { $script_details = $result[0]; # Just ensure we delete any audit scripts that might exist. # Shouldn't be required because we're creating based on the timestamp # Then open the file for writing $ts = date('y_m_d_H_i_s'); if (php_uname('s') == 'Windows NT') { $source_name = 'scripts\\audit_windows_' . $ts . '.vbs'; @unlink($this->config->config['base_path'] . '\\other\\' . $source_name); try { $fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w'); } catch (Exception $e) { print_r($e); } } else { $source_name = 'scripts/audit_windows_' . $ts . '.vbs'; @unlink($this->config->config['base_path'] . '/other/' . $source_name); try { $fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w'); } catch (Exception $e) { print_r($e); } } $script = $this->m_scripts->download($script_details->id); fwrite($fp, $script); fclose($fp); } else { $source_name = 'audit_windows.vbs'; } if (php_uname('s') != 'Windows NT') { $source = $this->config->config['base_path'] . '/other/' . $source_name; $command = "cscript c:\\windows\\audit_windows.vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " last_seen_by=audit_wmi"; if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) { if (execute_windows($details->ip, $credentials_windows, $command, $display)) { # All complete! } else { # run audit script failed } } else { # copy audit script to Windows failed } if ($source_name != 'audit_windows.vbs') { unlink($this->config->config['base_path'] . '/other/' . $source_name); } } else { #if (strtolower($_SERVER['USERPROFILE']) == 'c:\windows\system32\config\systemprofile') { if (exec('whoami') == 'nt authority\\system') { # We're running on the LocalSystem account. # We cannot copy the audit script to the target and then run it, # We _must_ run the script locally and use $details->ip as the script target # We will loose the ability to retrieve certain items like files, netstat, tasks, etc $log_details->message = "Windows audit for {$details->ip} (System ID {$details->id})"; stdlog($log_details); $username = $credentials_windows->credentials->username; $temp = explode('@', $username); $username = $temp[0]; if (count($temp) > 1) { $domain = $temp[1] . '\\'; } else { $domain = ''; } unset($temp); if ($display == 'y') { $script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=3 system_id=" . $details->id . " last_seen_by=audit_wmi"; $command_string = "%comspec% /c start /b cscript //nologo " . $script_string; exec($command_string, $output, $return_var); $command_string = str_replace($credentials_windows->credentials->password, '******', $command_string); echo 'DEBUG - Command Executed: ' . $command_string . "\n"; echo 'DEBUG - Return Value: ' . $return_var . "\n"; echo "DEBUG - Command Output:\n"; print_r($output); if ($return_var != '0') { $error = "Attempt to run audit_windows.vbs on {$details->ip} has failed"; $log_details->message = $error; stdlog($log_details); } else { $log_details->message = "Attempt to run audit_windows.vbs on {$details->ip} has succeeded"; stdlog($log_details); } $output = null; $return_var = null; } else { $script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=0 system_id=" . $details->id . " last_seen_by=audit_wmi"; $command_string = "%comspec% /c start /b cscript //nologo " . $script_string . " &"; pclose(popen($command_string, "r")); } $command_string = null; if ($source_name != 'audit_windows.vbs') { unlink($this->config->config['base_path'] . '/other/' . $source_name); } } else { # We are running as something other than the LocalSystem account. # Therefore we _should_ be able to copy the audit script to tthe target and start it there # and therefore retrieve ALL information $source = $this->config->config['base_path'] . '\\other\\' . $source_name; rename($source, 'c:\\windows\\audit_windows_' . $ts . '.vbs'); $source = 'audit_windows_' . $ts . '.vbs'; $command = "cscript \\\\" . $details->ip . "\\admin\$\\audit_windows_" . $ts . ".vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " self_delete=y last_seen_by=audit_wmi"; if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) { if (execute_windows($details->ip, $credentials_windows, $command, $display)) { # All complete! } else { # run audit script failed } } else { # copy audit script to Windows failed } if ($source_name != 'audit_windows.vbs') { unlink('c:\\windows\\audit_windows_' . $ts . '.vbs'); } } } } # Audit SSH if ($details->ssh_status == "true" and $details->os_family != 'DD-WRT' and $credentials_ssh) { $log_details->message = "Starting ssh audit for {$details->ip} (System ID {$details->id})"; stdlog($log_details); // $command = 'uname'; // $ssh_result = ssh_command($details->ip, $credentials_ssh, $command, $display); // if ($ssh_result['status'] == 0) { // $remote_os = $ssh_result['output'][0]; // } // switch (strtolower($remote_os)) { switch (strtolower($details->os_group)) { case 'aix': $audit_script = 'audit_aix.sh'; break; case 'vmkernel': $audit_script = 'audit_esxi.sh'; break; case 'linux': $audit_script = 'audit_linux.sh'; break; case 'darwin': $audit_script = 'audit_osx.sh'; break; case 'windows': $audit_script = ''; break; default: $audit_script = ''; break; } $destination = $audit_script; if ($display = 'y') { $debugging = 3; } else { $debugging = 0; } $sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = '{$audit_script}' AND `based_on` = '{$audit_script}' ORDER BY `id` LIMIT 1"; $query = $this->db->query($sql); $result = $query->result(); if (!empty($result[0])) { $script_details = $result[0]; # Just ensure we delete any audit scripts that might exist. # Shouldn't be required because we're creating based on the timestamp # Then open the file for writing $ts = date('y_m_d_H_i_s'); if (php_uname('s') == 'Windows NT') { $source_name = 'scripts\\' . str_replace('.sh', '_' . $ts . '.sh', $audit_script); $unlink = $this->config->config['base_path'] . '\\other\\' . $source_name; @unlink($unlink); $fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w'); } else { $source_name = 'scripts/' . str_replace('.sh', '_' . $ts . '.sh', $audit_script); $unlink = $this->config->config['base_path'] . '/other/' . $source_name; @unlink($unlink); try { $fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w'); } catch (Exception $e) { print_r($e); } } $script = $this->m_scripts->download($script_details->id); fwrite($fp, $script); fclose($fp); } else { $unlink = ''; $source_name = $audit_script; } unset($temp); if ($audit_script != '') { # copy the audit script to the target ip if (php_uname('s') == 'Windows NT') { $source = $filepath . '\\' . $source_name; } else { $source = $filepath . '/' . $source_name; } $destination = $this->config->item('discovery_linux_script_directory'); if (substr($destination, -1) != '/') { $destination .= '/'; } $destination .= $audit_script; if ($ssh_result = scp($details->ip, $credentials_ssh, $source, $destination, $display)) { # Successfully copied the audit script $command = 'chmod ' . $this->config->item('discovery_linux_script_permissions') . ' ' . $destination; $temp = ssh_command($details->ip, $credentials_ssh, $command, $display); } if ($display = 'y') { $debugging = 3; } else { $debugging = 0; } } # audit anything that's not ESX if ($audit_script != 'audit_esxi.sh' and $audit_script != '') { # successfully copied and chmodded the audit script if (!empty($credentials_ssh->sudo)) { # run the audit script as a normal user, using sudo $command = 'echo "' . $credentials_ssh->credentials->password . '" | ' . $credentials_ssh->sudo . ' -S ' . $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh'; } else { # run the script without using sudo $command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh'; } $result = ssh_command($details->ip, $credentials_ssh, $command, $display); if ($unlink != '') { unlink($unlink); } } # audit ESX if ($audit_script == 'audit_esxi.sh') { $command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y last_seen_by=audit_ssh create_file=n debugging=0 echo_output=y system_id=' . $details->id . ' 2>/dev/null'; if ($result = ssh_command($details->ip, $credentials_ssh, $command, $display)) { if ($result['status'] == 0) { $script_result = ''; foreach ($result['output'] as $line) { $script_result .= $line . "\n"; } $script_result = preg_replace('/\\s+/', ' ', $script_result); $script_result = str_replace("> <", "><", $script_result); $esx_input = trim($script_result); try { $esx_xml = new SimpleXMLElement($esx_input); } catch (Exception $error) { // not a valid XML string $log_details->message = 'Invalid XML input for ESX audit script'; stdlog($log_details); exit; } $count = 0; foreach ($esx_xml->children() as $child) { if ($child->getName() === 'sys') { $esx_details = (object) $esx_xml->sys; if (!isset($esx_details->ip) or $esx_details->ip == '') { $esx_details->ip = $details->ip; } $esx_details->system_id = $this->m_system->find_system($esx_details, $display); $esx_details->last_seen = $details->last_seen; if (isset($esx_details->system_id) and $esx_details->system_id != '') { // we have an existing device $esx_details->original_last_seen_by = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen_by'); $esx_details->original_last_seen = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen'); $this->m_system->update_system($esx_details); $log_details->message = "ESX update for {$esx_details->ip} (System ID {$esx_details->system_id})"; stdlog($log_details); } else { // we have a new system $esx_details->system_id = $this->m_system->insert_system($esx_details); $log_details->message = "ESX insert for {$esx_details->ip} (System ID {$esx_details->system_id})"; stdlog($log_details); } if (!isset($esx_details->audits_ip)) { $esx_details->audits_ip = $details->audits_ip; } if (isset($this->user->full_name)) { $temp_user = $this->user->full_name; } else { $temp_user = ''; } $this->m_audit_log->create($esx_details->system_id, $temp_user, $esx_details->last_seen_by, $esx_details->audits_ip, '', '', $esx_details->last_seen); unset($temp_user); } } $this->m_devices_components->process_component('network', $esx_details, $esx_xml->network, $display); $this->m_devices_components->process_component('software', $esx_details, $esx_xml->software, $display); $this->m_devices_components->process_component('processor', $esx_details, $esx_xml->processor, $display); $this->m_devices_components->process_component('bios', $esx_details, $esx_xml->bios, $display); $this->m_devices_components->process_component('memory', $esx_details, $esx_xml->memory, $display); $this->m_devices_components->process_component('motherboard', $esx_details, $esx_xml->motherboard, $display); $this->m_devices_components->process_component('video', $esx_details, $esx_xml->video, $display); $this->m_devices_components->process_component('vm', $esx_details, $esx_xml->vm, $display); $this->m_devices_components->process_component('ip', $esx_details, $esx_xml->ip, $display); } } } $log_details->message = "Completed processing {$details->ip} (System ID {$details->id})"; stdlog($log_details); } // close the 'skip' } // close the device / complete switch unset($details); } // close for each device in XML } // close for form submission } // close function }
?> </label> <div class="input-group"> <span class="input-group-addon" style="min-width:40px;"> <input type="checkbox" name="iso_image" id="iso_image"> </span> <select class="form-control" name="iso_path" id="iso_path" disabled> <option value=""><?php echo _("Select ISO image"); ?> </option> <?php $x = 0; while ($h_reply[$x]['id']) { ssh_connect($h_reply[$x]['ip'] . ":" . $h_reply[$x]['port']); $files = explode("\n", ssh_command("sudo ls " . $default_iso_path . "|grep -i .iso", true)); foreach ($files as &$value) { if (!empty($value)) { echo '<option class="iso_option hypervisor_iso-' . $h_reply[$x]['id'] . '" value="' . $value . '">' . $value . '</option>' . "\n"; } } ++$x; } ?> </select> </div> </div> </div> </div> <div class="row"> <div class="col-md-4">
include 'functions/config.php'; require_once 'functions/functions.php'; if (!check_session()) { header("Location: {$serviceurl}/?error=1"); exit; } $vm = addslashes($_GET['vm']); $hypervisor = addslashes($_GET['hypervisor']); if (empty($vm) || empty($hypervisor)) { exit; } $h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'"); $v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'"); ssh_connect($h_reply[2] . ":" . $h_reply[3]); #$filekey= uniqid(); #add_SQL_line("UPDATE vms SET filecopy='$filekey' WHERE id='$vm'"); add_SQL_line("UPDATE vms SET maintenance='true' WHERE source_volume='{$vm}'"); add_SQL_line("UPDATE vms SET snapshot='false' WHERE source_volume='{$vm}'"); $source_path = str_replace("\n", "", ssh_command("sudo virsh domblklist " . $v_reply[1] . "|grep vda| awk '{print \$2}' ", true)); #destroy all runing child vms $child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'"); $x = 0; while ($child_vms[$x]['name']) { ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true); $dest_path = str_replace("\n", "", ssh_command("sudo virsh domblklist " . $child_vms[$x]['name'] . "|grep vda| awk '{print \$2}' ", true)); ssh_command("sudo qemu-img create -f qcow2 -b {$source_path} {$dest_path}", true); ssh_command("sudo virsh start " . $child_vms[$x]['name'], true); ++$x; } header("Location: {$serviceurl}/reload_vm_info.php"); exit;
$json_reply = json_encode(array('status' => "OK", 'protocol' => $protocol, 'address' => $vmView_server, 'pool' => $pool)); } if ($protocol == "SPICE") { $vm = get_SQL_line("SELECT hypervisor,maintenance FROM vms WHERE name='{$machine_name}'"); $h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$vm['0']}'"); if ($vm[1] == "true") { echo json_encode(array('status' => "MAINTENANCE")); exit; } ssh_connect($h_reply[2] . ":" . $h_reply[3]); $status = ssh_command("sudo virsh domdisplay " . $machine_name, true); $status = str_replace("spice://", "", $status); $status = str_replace("\n", "", $status); $status = str_replace("localhost", $h_reply[2], $status); if (empty($status)) { $status = 'BOOTUP'; ssh_command("sudo virsh start " . $machine_name, true); reload_vm_info(); } if ($status == "BOOTUP") { $json_reply = json_encode(array('status' => "BOOTUP", 'protocol' => $protocol, 'address' => '')); } else { if ($status) { $json_reply = json_encode(array('status' => "OK", 'protocol' => $protocol, 'address' => $status)); } else { $json_reply = json_encode(array('status' => "FAIL", 'protocol' => $protocol, 'address' => '')); } } } echo $json_reply; add_sql_line("INSERT INTO log (ip,message) VALUES ('{$client}','{$json_reply}')");
function ssh_audit($ip = '', $credentials, $display = 'n') { if (strtolower($display) != 'y') { $display = 'n'; } else { $display = 'y'; } $log = new stdClass(); $log->severity = 7; $log->file = 'system'; $log->display = $display; if (empty($ip)) { $log->message = 'No IP supplied to ssh_audit function.'; stdlog($log); return false; } if (!filter_var($ip, FILTER_VALIDATE_IP)) { $log->message = 'No valid IP supplied to ssh_audit function.'; stdlog($log); return false; } if (!is_object($credentials)) { $log->message = 'No credentials supplied to ssh_audit function.'; stdlog($log); return false; } $details = new stdClass(); $command = 'uname'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { if (!empty($ssh_result['output'][0])) { $details->os_group = $ssh_result['output'][0]; if ($details->os_group == 'WindowsNT') { $details->os_group = 'Windows'; } } } else { # Windows doesn't have a uname so the above may fail (it might have unix tools installed) $command = 'wmic os get name'; $ssh_result = ssh_command($ip, $credentials, $command, $display); foreach ($ssh_result['output'] as $line) { if (stripos($line, 'Windows') !== false) { $details->os_group = 'Windows'; } } } unset($ssh_result); if ($details->os_group == 'Windows') { # We don't support SSH auditing to Windows at the moment return($details); } # DD-WRT specific test $command = 'cat /etc/motd | grep -i DD-WRT'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { if (stripos($ssh_result['output'][0], 'dd-wrt') !== false) { $details->os_family = 'DD-WRT'; $details->os_name = trim($ssh_result['output'][0]); $details->type = 'router'; } } # Hostname $command = 'hostname -s'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->hostname = $ssh_result['output'][0]; } # FQDN $command = 'hostname -f | grep -F .'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->fqdn = $ssh_result['output'][0]; } if (empty($details->hostname) and !empty($details->fqdn)) { $temp = explode('.', $details->fqdn); $details->hostname = $temp[0]; unset($temp); } # UUID on Linux if ($details->os_group == 'Linux') { if ($credentials->credentials->username == 'root') { $command = 'dmidecode -s system-uuid'; } elseif (!empty($credentials->sudo) and $credentials->sudo) { $command = 'echo ' . $credentials->credentials->password . ' | sudo -S dmidecode -s system-uuid'; } else { $command = ''; } if ($command != '') { $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->uuid = $ssh_result['output'][0]; } } else { $details->uuid = ''; } if (empty($details->uuid)) { if ($credentials->credentials->username == 'root') { $command = 'cat /sys/class/dmi/id/product_uuid'; } elseif (!empty($credentials->sudo) and $credentials->sudo) { $command = 'echo ' . $credentials->credentials->password . ' | sudo -S cat /sys/class/dmi/id/product_uuid'; } else { $command = ''; } if ($command != '') { $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->uuid = $ssh_result['output'][0]; } } } } # DBUS identifier on Linux (no need for sudo/root) if ($details->os_group == 'Linux') { $command = 'cat /var/lib/dbus/machine-id'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->dbus_identifier = $ssh_result['output'][0]; } } # UUID on ESX if ($details->os_group == 'VMkernel') { $command = "vim-cmd hostsvc/hostsummary | sed -n '/^ hardware = (vim.host.Summary.HardwareSummary) {/,/^ \},/p' | grep uuid | cut -d= -f2 | sed 's/,//g' | sed 's/\\\"//g'"; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->uuid = $ssh_result['output'][0]; } } # UUID on OSX if ($details->os_group == 'Darwin') { $command = 'system_profiler SPHardwareDataType | grep UUID | cut -d: -f2'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->uuid = $ssh_result['output'][0]; } } # Model and Manufuacturer (maybe) on DD-WRT if (isset($details->os_family) and $details->os_family == 'DD-WRT') { $command = 'nvram get DD_BOARD'; $ssh_result = ssh_command($ip, $credentials, $command, $display); if ($ssh_result['status'] == 0) { $details->model = $ssh_result['output'][0]; } if (stripos($details->model, "tplink") !== false) { $details->manufacturer = "TP-Link Technology"; } } return $details; }
} } if ($machine_type == 'initialmachine') { $name = $machinename; $disk = $source_drivepath . '/' . $name . "-" . uniqid() . ".qcow2"; $vm_cmd = "sudo virt-install --name=" . $name . " --disk path=" . $disk . ",format=qcow2,bus=virtio,cache=none --soundhw=ac97 --vcpus=" . $numcpu . ",cores=" . $numcore . " --ram=" . $numram . " --network bridge=" . $network . ",model=virtio --os-type=" . $os_type . " --os-variant=" . $os_version . " --graphics spice,listen=0.0.0.0 --redirdev usb,type=spicevmc --video qxl --import --noreboot"; $drive_cmd = "sudo qemu-img create -f qcow2 -o size=1G " . $disk; ssh_command($drive_cmd, true); ssh_command($vm_cmd, true); add_SQL_line("INSERT INTO vms (name,hypervisor,machine_type,source_volume) VALUES ('{$name}','{$hypervisor}','{$machine_type}','{$source_volume}')"); $v_reply = get_SQL_line("SELECT id FROM vms WHERE name='{$name}'"); header("Location: {$serviceurl}/copy_disk.php?vm=" . $v_reply[0]); exit; } if ($machine_type == 'vdimachine') { $source_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$source_volume}'"); $source_disk = str_replace("\n", "", ssh_command("sudo virsh domblklist {$source_reply['0']}|grep vda| awk '{print \$2}' ", true)); $x = 0; while ($x < $machinecount) { $name = $machinename . sprintf("%0" . strlen($machinecount) . "s", $x + 1); $disk = $source_drivepath . '/' . $name . "-" . uniqid() . ".qcow2"; $vm_cmd = "sudo virt-install --name=" . $name . " --disk path=" . $disk . ",format=qcow2,bus=virtio,cache=none --soundhw=ac97 --vcpus=" . $numcpu . ",cores=" . $numcore . " --ram=" . $numram . " --network bridge=" . $network . ",model=virtio --os-type=" . $os_type . " --os-variant=" . $os_version . " --graphics spice,listen=0.0.0.0 --redirdev usb,type=spicevmc --video qxl --noreboot --import"; $drive_cmd = "sudo qemu-img create -f qcow2 -b " . $source_disk . " " . $disk; ssh_command($drive_cmd, true); ssh_command($vm_cmd, true); add_SQL_line("INSERT INTO vms (name,hypervisor,machine_type,source_volume) VALUES ('{$name}','{$hypervisor}','{$machine_type}','{$source_volume}')"); ++$x; } } header("Location: {$serviceurl}/reload_vm_info.php"); exit;
*/ include 'functions/config.php'; require_once 'functions/functions.php'; if (!check_session()) { header("Location: {$serviceurl}/?error=1"); exit; } $vm = addslashes($_GET['vm']); $hypervisor = addslashes($_GET['hypervisor']); if (empty($vm) || empty($hypervisor)) { exit; } $h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'"); $v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'"); ssh_connect($h_reply[2] . ":" . $h_reply[3]); $address = ssh_command("sudo virsh domdisplay " . $v_reply[1], true); $address = str_replace("localhost", $remote_spice_substitute[$h_reply[2]], $address); $rnd = uniqid(); set_lang(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title><?php echo _("VM screen"); ?> </title> </head> <body> <div class="modal-content">