$d_u_from = $filters[2]->get_from();
$d_u_to = $filters[2]->get_to();
//Asset Created
$d_created = $filters[1]->get_val();
$d_c_from = $filters[1]->get_from();
$d_c_to = $filters[1]->get_to();
//Vulnerabilities
$flag_vulns = $filters[5]->is_active();
$vulns_from = $flag_vulns ? $filters[5]->get_to() : 7;
$vulns_to = $flag_vulns ? $filters[5]->get_from() : 1;
//Asset Value
$flag_av = $filters[6]->is_active();
$av_from = $flag_av ? $filters[6]->get_from() : 0;
$av_to = $flag_av ? $filters[6]->get_to() : 5;
// Getting Filter Legends
$f_legend = Filter_list::get_filter_legends();
// Getting Permissions:
$perm_add = Session::can_i_create_assets();
// Getting Permissions:
$perms = array('admin' => Session::am_i_admin(), 'create' => $perm_add, 'delete' => $perm_add, 'vulnerabilities' => Session::logcheck_bool('environment-menu', 'EventsVulnerabilitiesScan'), 'alarms' => Session::logcheck_bool('analysis-menu', 'ControlPanelAlarms'), 'events' => Session::logcheck_bool('analysis-menu', 'EventsForensics'), 'availability' => Session::logcheck_bool('environment-menu', 'MonitorsAvailability'), 'deploy_agents' => Session::logcheck_bool('environment-menu', 'EventsHidsConfig'), 'nmap' => Session::logcheck_bool('environment-menu', 'ToolsScan'));
switch ($notif) {
case 'delete':
$msg = _('Network has been permanently deleted.');
show_notif($msg, 'nf_success');
break;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php
$parameters = array('action', 'job_name', 'targets', 'schedule_type', 'ROYEAR', 'ROMONTH', 'ROday', 'time_hour', 'time_min', 'dayofweek', 'dayofmonth', 'timeout', 'SVRid', 'sid', 'targets', 'job_id', 'sched_id', 'user', 'entity', 'hosts_alive', 'scan_locally', 'nthweekday', 'nthdayofweek', 'time_interval', 'biyear', 'bimonth', 'biday', 'not_resolve', 'send_email', 'ssh_credential', 'smb_credential', 'hosts_alive', '$scan_locally', 'not_resolve', 'type', 'total_assets');
foreach ($parameters as $variable) {
${$variable} = REQUEST($variable);
}
$hosts_alive = intval($hosts_alive);
$scan_locally = intval($scan_locally);
$not_resolve = intval($not_resolve);
$send_email = intval($send_email);
$total_assets = intval($total_assets);
$scheduled_status = $_REQUEST['status'] != '' ? intval($_REQUEST['status']) : 1;
// enable scheduled jobs by default
ossim_valid($action, 'create_scan', 'save_scan', OSS_NULLABLE, 'Illegal:' . _('Action'));
if (ossim_error()) {
die(_('Invalid Action Parameter'));
}
$selected = Filter_list::get_total_selection($conn, $type);
if ($selected > Filter_list::MAX_VULNS_ITEMS) {
$msg = _('Vulnerability scans can only be performed on %s assets at a time. Please select less assets and try again.');
$limit_msg = sprintf($msg, Util::number_format_locale(Filter_list::MAX_VULNS_ITEMS));
}
if (!$limit_msg && in_array($action, array('create_scan', 'save_scan'))) {
// load the default values for the form
if ($action == 'create_scan') {
$conf = $GLOBALS['CONF'];
$scan_locally = $conf->get_conf('nessus_pre_scan_locally');
$timeout = 28800;
$hosts_alive = 1;
}
$hosts_alive_data = get_host_alive_attributes($hosts_alive, $targets);
$scan_locally_checked = $scan_locally == 1 ? 'checked="checked"' : '';
$resolve_names_checked = $not_resolve == 1 ? 'checked="checked"' : '';
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyHosts');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_asset_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$db->close();
$error = _('You do not have the correct permissions to delete assets. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'asset');
//Delete all filtered asset
Asset_host::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s assets have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'network');
//Delete all filtered nets
Asset_net::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
foreach ($unsupported_assets as $a_data) {
$filters->modify_filter(11, $a_data[2], 0);
}
}
$filters->store_filter_list_session();
} catch (Exception $e) {
$db->close();
$error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . $e->getMessage() . '</div>';
Util::response_bad_request($error_msg);
}
break;
case 'remove_unsupported':
$data['status'] = 'success';
$data['data'] = _('Your changes have been saved');
try {
Filter_list::clean_asset_by_criteria($conn, 'not_windows_os');
} catch (Exception $e) {
$db->close();
$error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . $e->getMessage() . '</div>';
Util::response_bad_request($error_msg);
}
break;
case 'deploy_all_agents':
$validation_errors = array();
$validate = array('user' => array('validation' => 'OSS_USER', 'e_message' => 'illegal:' . _('User')), 'pass' => array('validation' => 'OSS_PASSWORD', 'e_message' => 'illegal:' . _('Password')), 'domain' => array('validation' => 'OSS_NOECHARS, OSS_ALPHA, OSS_PUNC_EXT, OSS_NULLABLE', 'e_message' => 'illegal:' . _('Domain')));
//Validate parameters
if (GET('ajax_validation') == TRUE) {
$data['status'] = 'OK';
$validation_errors = validate_form_fields('GET', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
ossim_valid($torder, OSS_DIGIT, 'illegal: sSortDir_0');
ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho');
if (ossim_error()) {
echo ossim_get_error();
$response['sEcho'] = intval($sec);
$response['iTotalRecords'] = 0;
$response['iTotalDisplayRecords'] = 0;
$response['aaData'] = array();
echo json_encode($response);
exit;
}
/*
If $all_list = TRUE, then the asset list will be load from host because there are no filters to be applied
If $all_list = FALSE, then the asset list will be load from user_host_filter because there are already some filters applied
*/
$l_filter = Filter_list::retrieve_filter_list_session();
if ($l_filter === FALSE) {
$all_list = TRUE;
} else {
$cont = $l_filter->get_num_filter_added();
$all_list = $cont > 0 ? FALSE : TRUE;
}
// Order by column
switch ($order) {
case 0:
$order = 'g.name';
break;
default:
$order = 'g.name';
}
// Order direction
break;
case 'delete_from_groups':
//Validate Form token
$token = POST('token');
if (Token::verify('tk_asset_form', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$asset_id = POST('asset_id');
if (!valid_hex32($asset_id)) {
Util::response_bad_request(_('Error! Asset ID not allowed. Asset could not be deleted from selected Asset Groups'));
} else {
try {
$db = new ossim_db();
$conn = $db->connect();
$num_groups = Filter_list::get_total_selection($conn, 'group');
$asset = new Asset_host($conn, $asset_id);
$asset->delete_from_groups($conn);
$db->close();
$data['status'] = 'success';
$data['data'] = sprintf(_("Asset have been deleted from %s groups"), $num_groups);
} catch (Exception $e) {
Util::response_bad_request(_('Error! Asset could not be deleted from selected Asset Groups') . ': ' . $e->getMessage());
}
}
break;
case 'add_port':
//Validate Form token
$token = POST('token');
if (Token::verify('tk_services_form', $token) == FALSE) {
$error = Token::create_error_message();
function get_selected_values($id)
{
//Getting the object with the filters.
$filters = Filter_list::retrieve_filter_list_session();
//If the filters object is not an object, returns empty
if ($filters === FALSE) {
return array();
}
$filter = $filters->get_filter($id);
//If the concrete filter is not an object, returns empty.
if (!is_object($filter)) {
return array();
}
//Returns the selected values
return $filter->get_values();
}
function cancel_filter_list()
{
Filter_list::restore_filter_copy();
$return['error'] = FALSE;
$return['msg'] = '';
return $return;
}
require_once 'av_init.php';
$asset_type = GET('type');
Session::logcheck('environment-menu', 'EventsHidsConfig');
Session::logcheck_by_asset_type($asset_type);
session_write_close();
ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type'));
if (ossim_error()) {
echo ossim_error();
}
//Database connection
$db = new ossim_db();
$conn = $db->connect();
if ($asset_type == 'network' || $asset_type == 'group') {
Filter_list::save_members_from_selection($conn, $asset_type);
}
$total_selected = Filter_list::get_total_selection($conn, 'asset');
$total_unknown_os = 0;
$total_not_windows = 0;
if ($total_selected > 0) {
//Getting assets with unknown Operating System
$tables = 'LEFT JOIN host_properties hp ON hp.host_id=host.id AND hp.property_ref=3 INNER JOIN user_component_filter f ON f.asset_id = host.id';
$filters = array('where' => '(hp.host_id IS NULL OR hp.value IS NULL OR hp.value LIKE "%unknown%")
AND f.asset_type="asset" AND f.session_id = "' . session_id() . '"');
list($assets_unknown_os, $total_unknown_os) = Asset_host::get_list($conn, $tables, $filters, FALSE);
//Getting assets with Operating System distinct to Windows
$tables = ', host_properties hp, user_component_filter f';
$filters = array('where' => 'hp.host_id=host.id AND hp.property_ref=3 AND (hp.value NOT LIKE "windows%" AND hp.value NOT LIKE "microsoft%")
AND f.asset_id = host.id AND f.asset_type="asset" AND f.session_id = "' . session_id() . '"');
list($assets_not_w_os, $total_not_windows) = Asset_host::get_list($conn, $tables, $filters, FALSE);
} else {
echo ossim_error(_('Unable to deploy HIDS agents. The selected assets do not have a Windows operating system. Please update the operating system and try again'), AV_WARNING);
$data['status'] = 'OK';
$data['data'] = $validation_errors;
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
}
echo json_encode($data);
exit;
} else {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
}
if ($data['status'] != 'error') {
try {
$db = new ossim_db();
$conn = $db->connect();
Notes::bulk_insert($conn, $asset_type, gmdate("Y-m-d H:i:s"), $note);
$num_assets = Filter_list::get_total_selection($conn, $asset_type);
$data['status'] = 'OK';
$data['data'] = sprintf(_('Your note has been added to (%s) assets'), $num_assets);
$db->close();
} catch (Exception $e) {
Util::response_bad_request($e->getMessage());
}
} else {
//Formatted message
$error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $data['data']) . '</div>';
Util::response_bad_request($error_msg);
}
}
try {
$delete = $gobj->can_delete_group($conn);
} catch (Exception $err) {
$delete = FALSE;
}
$p_plugin = Session::am_i_admin();
$deploy_agent = FALSE;
} else {
$error = _('Invalid Asset ID');
Av_exception::throw_error(Av_exception::USER_ERROR, $error);
}
}
}
$perms = array('admin' => Session::am_i_admin(), 'delete' => $delete, 'edit' => $edit, 'vulnerabilities' => Session::logcheck_bool('environment-menu', 'EventsVulnerabilitiesScan'), 'alarms' => Session::logcheck_bool('analysis-menu', 'ControlPanelAlarms'), 'events' => Session::logcheck_bool('analysis-menu', 'EventsForensics'), 'netflows' => Session::logcheck_bool('environment-menu', 'MonitorsNetflows'), 'nmap' => Session::logcheck_bool('environment-menu', 'ToolsScan'), 'availability' => Session::logcheck_bool('environment-menu', 'MonitorsAvailability'), 'hids' => Session::logcheck_bool('environment-menu', 'EventsHids') || Session::logcheck_bool('environment-menu', 'EventsHidsConfig'), 'deploy_agent' => $deploy_agent, 'plugins' => $p_plugin);
Filter_list::save_items($conn, $asset_type, $assets = array($id));
$db->close();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php
echo _('Asset Details');
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<?php
//CSS Files
function save_member_selection($conn, $data)
{
$asset_id = $data['asset_id'];
$asset_type = $data['asset_type'];
$member_type = $data['member_type'];
$all = $data['all'];
$assets = $data['assets'];
$search = $data['search'];
ossim_valid($asset_id, OSS_HEX, 'illegal:' . _('Asset UUID'));
ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type'));
ossim_valid($member_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type'));
ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search Filter'));
ossim_valid($assets, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Assets'));
ossim_valid($all, OSS_BINARY, 'illegal:' . _('Asset Selection'));
check_ossim_error();
if ($all) {
$total = Filter_list::save_members_from_asset($conn, $asset_id, $asset_type, $search);
} else {
$total = Filter_list::save_items($conn, $member_type, $assets);
}
if ($total < 1) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You need at least one asset to perform any action.'));
}
return $total;
}
