$parameters = array('action', 'job_name', 'targets', 'schedule_type', 'ROYEAR', 'ROMONTH', 'ROday', 'time_hour', 'time_min', 'dayofweek', 'dayofmonth', 'timeout', 'SVRid', 'sid', 'targets', 'job_id', 'sched_id', 'user', 'entity', 'hosts_alive', 'scan_locally', 'nthweekday', 'nthdayofweek', 'time_interval', 'biyear', 'bimonth', 'biday', 'not_resolve', 'send_email', 'ssh_credential', 'smb_credential', 'hosts_alive', '$scan_locally', 'not_resolve', 'type', 'total_assets'); foreach ($parameters as $variable) { ${$variable} = REQUEST($variable); } $hosts_alive = intval($hosts_alive); $scan_locally = intval($scan_locally); $not_resolve = intval($not_resolve); $send_email = intval($send_email); $total_assets = intval($total_assets); $scheduled_status = $_REQUEST['status'] != '' ? intval($_REQUEST['status']) : 1; // enable scheduled jobs by default ossim_valid($action, 'create_scan', 'save_scan', OSS_NULLABLE, 'Illegal:' . _('Action')); if (ossim_error()) { die(_('Invalid Action Parameter')); } $selected = Filter_list::get_total_selection($conn, $type); if ($selected > Filter_list::MAX_VULNS_ITEMS) { $msg = _('Vulnerability scans can only be performed on %s assets at a time. Please select less assets and try again.'); $limit_msg = sprintf($msg, Util::number_format_locale(Filter_list::MAX_VULNS_ITEMS)); } if (!$limit_msg && in_array($action, array('create_scan', 'save_scan'))) { // load the default values for the form if ($action == 'create_scan') { $conf = $GLOBALS['CONF']; $scan_locally = $conf->get_conf('nessus_pre_scan_locally'); $timeout = 28800; $hosts_alive = 1; } $hosts_alive_data = get_host_alive_attributes($hosts_alive, $targets); $scan_locally_checked = $scan_locally == 1 ? 'checked="checked"' : ''; $resolve_names_checked = $not_resolve == 1 ? 'checked="checked"' : '';
//Config File require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyNetworks'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_network_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions'); Util::response_bad_request($error); } $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM'; $num_assets = Filter_list::get_total_selection($conn, 'network'); //Delete all filtered nets Asset_net::bulk_delete($conn); $data['status'] = 'OK'; $data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $db->close(); echo json_encode($data);
require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyHosts'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_asset_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $db->close(); $error = _('You do not have the correct permissions to delete assets. Please contact system administrator with any questions'); Util::response_bad_request($error); } $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM'; $num_assets = Filter_list::get_total_selection($conn, 'asset'); //Delete all filtered asset Asset_host::bulk_delete($conn); $data['status'] = 'OK'; $data['data'] = sprintf(_('%s assets have been permanently deleted from %s'), $num_assets, $app_name); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $db->close(); echo json_encode($data);
$action = REQUEST('action'); $allowed_action = array('show_unsupported' => 1, 'remove_unsupported' => 2, 'deploy_all_agents' => 3); if (empty($allowed_action[$action])) { Util::response_bad_request(_('Error! Action not allowed')); } $db = new Ossim_db(); $conn = $db->connect(); switch ($action) { case 'show_unsupported': $data['status'] = 'success'; $data['data'] = _('Your request has been processed'); try { //Number of assets in the system list($assets, $total_assets) = Asset_host::get_list($conn, '', array('limit' => 1)); //Number of selected assets $total_selected = Filter_list::get_total_selection($conn, 'asset'); //Remove asset selection Filter_list::clean_selection($conn); //Getting the object with the filters. $filters = Filter_list::retrieve_filter_list_session(); $filters->empty_filter_search($conn); if ($filters === FALSE) { $exp_msg = _('Sorry, operation was not completed due to an error when processing the request'); Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg); } if ($total_selected == $total_assets) { //All assets were selected, so we filter them by OS $os_filters = array('where' => '(host_properties.value NOT LIKE "windows%" AND host_properties.value NOT LIKE "microsoft%")'); list($os_list, $total_os) = Asset_host_properties::get_property_values($conn, 3, $os_filters); $filters->modify_filter(20, 'unknown', 0); foreach ($os_list as $os_key => $os_value) {
break; case 'delete_from_groups': //Validate Form token $token = POST('token'); if (Token::verify('tk_asset_form', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } $asset_id = POST('asset_id'); if (!valid_hex32($asset_id)) { Util::response_bad_request(_('Error! Asset ID not allowed. Asset could not be deleted from selected Asset Groups')); } else { try { $db = new ossim_db(); $conn = $db->connect(); $num_groups = Filter_list::get_total_selection($conn, 'group'); $asset = new Asset_host($conn, $asset_id); $asset->delete_from_groups($conn); $db->close(); $data['status'] = 'success'; $data['data'] = sprintf(_("Asset have been deleted from %s groups"), $num_groups); } catch (Exception $e) { Util::response_bad_request(_('Error! Asset could not be deleted from selected Asset Groups') . ': ' . $e->getMessage()); } } break; case 'add_port': //Validate Form token $token = POST('token'); if (Token::verify('tk_services_form', $token) == FALSE) { $error = Token::create_error_message();
$data['status'] = 'OK'; $data['data'] = $validation_errors; if (POST('ajax_validation_all') == TRUE) { if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; } echo json_encode($data); exit; } else { if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; $data['data'] = $validation_errors; } } if ($data['status'] != 'error') { try { $db = new ossim_db(); $conn = $db->connect(); Notes::bulk_insert($conn, $asset_type, gmdate("Y-m-d H:i:s"), $note); $num_assets = Filter_list::get_total_selection($conn, $asset_type); $data['status'] = 'OK'; $data['data'] = sprintf(_('Your note has been added to (%s) assets'), $num_assets); $db->close(); } catch (Exception $e) { Util::response_bad_request($e->getMessage()); } } else { //Formatted message $error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $data['data']) . '</div>'; Util::response_bad_request($error_msg); }