$d_u_from = $filters[2]->get_from(); $d_u_to = $filters[2]->get_to(); //Asset Created $d_created = $filters[1]->get_val(); $d_c_from = $filters[1]->get_from(); $d_c_to = $filters[1]->get_to(); //Vulnerabilities $flag_vulns = $filters[5]->is_active(); $vulns_from = $flag_vulns ? $filters[5]->get_to() : 7; $vulns_to = $flag_vulns ? $filters[5]->get_from() : 1; //Asset Value $flag_av = $filters[6]->is_active(); $av_from = $flag_av ? $filters[6]->get_from() : 0; $av_to = $flag_av ? $filters[6]->get_to() : 5; // Getting Filter Legends $f_legend = Filter_list::get_filter_legends(); // Getting Permissions: $perm_add = Session::can_i_create_assets(); // Getting Permissions: $perms = array('admin' => Session::am_i_admin(), 'create' => $perm_add, 'delete' => $perm_add, 'vulnerabilities' => Session::logcheck_bool('environment-menu', 'EventsVulnerabilitiesScan'), 'alarms' => Session::logcheck_bool('analysis-menu', 'ControlPanelAlarms'), 'events' => Session::logcheck_bool('analysis-menu', 'EventsForensics'), 'availability' => Session::logcheck_bool('environment-menu', 'MonitorsAvailability'), 'deploy_agents' => Session::logcheck_bool('environment-menu', 'EventsHidsConfig'), 'nmap' => Session::logcheck_bool('environment-menu', 'ToolsScan')); switch ($notif) { case 'delete': $msg = _('Network has been permanently deleted.'); show_notif($msg, 'nf_success'); break; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php
$parameters = array('action', 'job_name', 'targets', 'schedule_type', 'ROYEAR', 'ROMONTH', 'ROday', 'time_hour', 'time_min', 'dayofweek', 'dayofmonth', 'timeout', 'SVRid', 'sid', 'targets', 'job_id', 'sched_id', 'user', 'entity', 'hosts_alive', 'scan_locally', 'nthweekday', 'nthdayofweek', 'time_interval', 'biyear', 'bimonth', 'biday', 'not_resolve', 'send_email', 'ssh_credential', 'smb_credential', 'hosts_alive', '$scan_locally', 'not_resolve', 'type', 'total_assets'); foreach ($parameters as $variable) { ${$variable} = REQUEST($variable); } $hosts_alive = intval($hosts_alive); $scan_locally = intval($scan_locally); $not_resolve = intval($not_resolve); $send_email = intval($send_email); $total_assets = intval($total_assets); $scheduled_status = $_REQUEST['status'] != '' ? intval($_REQUEST['status']) : 1; // enable scheduled jobs by default ossim_valid($action, 'create_scan', 'save_scan', OSS_NULLABLE, 'Illegal:' . _('Action')); if (ossim_error()) { die(_('Invalid Action Parameter')); } $selected = Filter_list::get_total_selection($conn, $type); if ($selected > Filter_list::MAX_VULNS_ITEMS) { $msg = _('Vulnerability scans can only be performed on %s assets at a time. Please select less assets and try again.'); $limit_msg = sprintf($msg, Util::number_format_locale(Filter_list::MAX_VULNS_ITEMS)); } if (!$limit_msg && in_array($action, array('create_scan', 'save_scan'))) { // load the default values for the form if ($action == 'create_scan') { $conf = $GLOBALS['CONF']; $scan_locally = $conf->get_conf('nessus_pre_scan_locally'); $timeout = 28800; $hosts_alive = 1; } $hosts_alive_data = get_host_alive_attributes($hosts_alive, $targets); $scan_locally_checked = $scan_locally == 1 ? 'checked="checked"' : ''; $resolve_names_checked = $not_resolve == 1 ? 'checked="checked"' : '';
require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyHosts'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_asset_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $db->close(); $error = _('You do not have the correct permissions to delete assets. Please contact system administrator with any questions'); Util::response_bad_request($error); } $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM'; $num_assets = Filter_list::get_total_selection($conn, 'asset'); //Delete all filtered asset Asset_host::bulk_delete($conn); $data['status'] = 'OK'; $data['data'] = sprintf(_('%s assets have been permanently deleted from %s'), $num_assets, $app_name); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $db->close(); echo json_encode($data);
//Config File require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyNetworks'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_network_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions'); Util::response_bad_request($error); } $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM'; $num_assets = Filter_list::get_total_selection($conn, 'network'); //Delete all filtered nets Asset_net::bulk_delete($conn); $data['status'] = 'OK'; $data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $db->close(); echo json_encode($data);
foreach ($unsupported_assets as $a_data) { $filters->modify_filter(11, $a_data[2], 0); } } $filters->store_filter_list_session(); } catch (Exception $e) { $db->close(); $error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . $e->getMessage() . '</div>'; Util::response_bad_request($error_msg); } break; case 'remove_unsupported': $data['status'] = 'success'; $data['data'] = _('Your changes have been saved'); try { Filter_list::clean_asset_by_criteria($conn, 'not_windows_os'); } catch (Exception $e) { $db->close(); $error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . $e->getMessage() . '</div>'; Util::response_bad_request($error_msg); } break; case 'deploy_all_agents': $validation_errors = array(); $validate = array('user' => array('validation' => 'OSS_USER', 'e_message' => 'illegal:' . _('User')), 'pass' => array('validation' => 'OSS_PASSWORD', 'e_message' => 'illegal:' . _('Password')), 'domain' => array('validation' => 'OSS_NOECHARS, OSS_ALPHA, OSS_PUNC_EXT, OSS_NULLABLE', 'e_message' => 'illegal:' . _('Domain'))); //Validate parameters if (GET('ajax_validation') == TRUE) { $data['status'] = 'OK'; $validation_errors = validate_form_fields('GET', $validate); if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error';
ossim_valid($torder, OSS_DIGIT, 'illegal: sSortDir_0'); ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho'); if (ossim_error()) { echo ossim_get_error(); $response['sEcho'] = intval($sec); $response['iTotalRecords'] = 0; $response['iTotalDisplayRecords'] = 0; $response['aaData'] = array(); echo json_encode($response); exit; } /* If $all_list = TRUE, then the asset list will be load from host because there are no filters to be applied If $all_list = FALSE, then the asset list will be load from user_host_filter because there are already some filters applied */ $l_filter = Filter_list::retrieve_filter_list_session(); if ($l_filter === FALSE) { $all_list = TRUE; } else { $cont = $l_filter->get_num_filter_added(); $all_list = $cont > 0 ? FALSE : TRUE; } // Order by column switch ($order) { case 0: $order = 'g.name'; break; default: $order = 'g.name'; } // Order direction
break; case 'delete_from_groups': //Validate Form token $token = POST('token'); if (Token::verify('tk_asset_form', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } $asset_id = POST('asset_id'); if (!valid_hex32($asset_id)) { Util::response_bad_request(_('Error! Asset ID not allowed. Asset could not be deleted from selected Asset Groups')); } else { try { $db = new ossim_db(); $conn = $db->connect(); $num_groups = Filter_list::get_total_selection($conn, 'group'); $asset = new Asset_host($conn, $asset_id); $asset->delete_from_groups($conn); $db->close(); $data['status'] = 'success'; $data['data'] = sprintf(_("Asset have been deleted from %s groups"), $num_groups); } catch (Exception $e) { Util::response_bad_request(_('Error! Asset could not be deleted from selected Asset Groups') . ': ' . $e->getMessage()); } } break; case 'add_port': //Validate Form token $token = POST('token'); if (Token::verify('tk_services_form', $token) == FALSE) { $error = Token::create_error_message();
function get_selected_values($id) { //Getting the object with the filters. $filters = Filter_list::retrieve_filter_list_session(); //If the filters object is not an object, returns empty if ($filters === FALSE) { return array(); } $filter = $filters->get_filter($id); //If the concrete filter is not an object, returns empty. if (!is_object($filter)) { return array(); } //Returns the selected values return $filter->get_values(); }
function cancel_filter_list() { Filter_list::restore_filter_copy(); $return['error'] = FALSE; $return['msg'] = ''; return $return; }
require_once 'av_init.php'; $asset_type = GET('type'); Session::logcheck('environment-menu', 'EventsHidsConfig'); Session::logcheck_by_asset_type($asset_type); session_write_close(); ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type')); if (ossim_error()) { echo ossim_error(); } //Database connection $db = new ossim_db(); $conn = $db->connect(); if ($asset_type == 'network' || $asset_type == 'group') { Filter_list::save_members_from_selection($conn, $asset_type); } $total_selected = Filter_list::get_total_selection($conn, 'asset'); $total_unknown_os = 0; $total_not_windows = 0; if ($total_selected > 0) { //Getting assets with unknown Operating System $tables = 'LEFT JOIN host_properties hp ON hp.host_id=host.id AND hp.property_ref=3 INNER JOIN user_component_filter f ON f.asset_id = host.id'; $filters = array('where' => '(hp.host_id IS NULL OR hp.value IS NULL OR hp.value LIKE "%unknown%") AND f.asset_type="asset" AND f.session_id = "' . session_id() . '"'); list($assets_unknown_os, $total_unknown_os) = Asset_host::get_list($conn, $tables, $filters, FALSE); //Getting assets with Operating System distinct to Windows $tables = ', host_properties hp, user_component_filter f'; $filters = array('where' => 'hp.host_id=host.id AND hp.property_ref=3 AND (hp.value NOT LIKE "windows%" AND hp.value NOT LIKE "microsoft%") AND f.asset_id = host.id AND f.asset_type="asset" AND f.session_id = "' . session_id() . '"'); list($assets_not_w_os, $total_not_windows) = Asset_host::get_list($conn, $tables, $filters, FALSE); } else { echo ossim_error(_('Unable to deploy HIDS agents. The selected assets do not have a Windows operating system. Please update the operating system and try again'), AV_WARNING);
$data['status'] = 'OK'; $data['data'] = $validation_errors; if (POST('ajax_validation_all') == TRUE) { if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; } echo json_encode($data); exit; } else { if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; $data['data'] = $validation_errors; } } if ($data['status'] != 'error') { try { $db = new ossim_db(); $conn = $db->connect(); Notes::bulk_insert($conn, $asset_type, gmdate("Y-m-d H:i:s"), $note); $num_assets = Filter_list::get_total_selection($conn, $asset_type); $data['status'] = 'OK'; $data['data'] = sprintf(_('Your note has been added to (%s) assets'), $num_assets); $db->close(); } catch (Exception $e) { Util::response_bad_request($e->getMessage()); } } else { //Formatted message $error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $data['data']) . '</div>'; Util::response_bad_request($error_msg); }
} try { $delete = $gobj->can_delete_group($conn); } catch (Exception $err) { $delete = FALSE; } $p_plugin = Session::am_i_admin(); $deploy_agent = FALSE; } else { $error = _('Invalid Asset ID'); Av_exception::throw_error(Av_exception::USER_ERROR, $error); } } } $perms = array('admin' => Session::am_i_admin(), 'delete' => $delete, 'edit' => $edit, 'vulnerabilities' => Session::logcheck_bool('environment-menu', 'EventsVulnerabilitiesScan'), 'alarms' => Session::logcheck_bool('analysis-menu', 'ControlPanelAlarms'), 'events' => Session::logcheck_bool('analysis-menu', 'EventsForensics'), 'netflows' => Session::logcheck_bool('environment-menu', 'MonitorsNetflows'), 'nmap' => Session::logcheck_bool('environment-menu', 'ToolsScan'), 'availability' => Session::logcheck_bool('environment-menu', 'MonitorsAvailability'), 'hids' => Session::logcheck_bool('environment-menu', 'EventsHids') || Session::logcheck_bool('environment-menu', 'EventsHidsConfig'), 'deploy_agent' => $deploy_agent, 'plugins' => $p_plugin); Filter_list::save_items($conn, $asset_type, $assets = array($id)); $db->close(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php echo _('Asset Details'); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/> <?php //CSS Files
function save_member_selection($conn, $data) { $asset_id = $data['asset_id']; $asset_type = $data['asset_type']; $member_type = $data['member_type']; $all = $data['all']; $assets = $data['assets']; $search = $data['search']; ossim_valid($asset_id, OSS_HEX, 'illegal:' . _('Asset UUID')); ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type')); ossim_valid($member_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type')); ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search Filter')); ossim_valid($assets, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Assets')); ossim_valid($all, OSS_BINARY, 'illegal:' . _('Asset Selection')); check_ossim_error(); if ($all) { $total = Filter_list::save_members_from_asset($conn, $asset_id, $asset_type, $search); } else { $total = Filter_list::save_items($conn, $member_type, $assets); } if ($total < 1) { Av_exception::throw_error(Av_exception::USER_ERROR, _('You need at least one asset to perform any action.')); } return $total; }