$parameters = array('action', 'job_name', 'targets', 'schedule_type', 'ROYEAR', 'ROMONTH', 'ROday', 'time_hour', 'time_min', 'dayofweek', 'dayofmonth', 'timeout', 'SVRid', 'sid', 'targets', 'job_id', 'sched_id', 'user', 'entity', 'hosts_alive', 'scan_locally', 'nthweekday', 'nthdayofweek', 'time_interval', 'biyear', 'bimonth', 'biday', 'not_resolve', 'send_email', 'ssh_credential', 'smb_credential', 'hosts_alive', '$scan_locally', 'not_resolve', 'type', 'total_assets');
foreach ($parameters as $variable) {
${$variable} = REQUEST($variable);
}
$hosts_alive = intval($hosts_alive);
$scan_locally = intval($scan_locally);
$not_resolve = intval($not_resolve);
$send_email = intval($send_email);
$total_assets = intval($total_assets);
$scheduled_status = $_REQUEST['status'] != '' ? intval($_REQUEST['status']) : 1;
// enable scheduled jobs by default
ossim_valid($action, 'create_scan', 'save_scan', OSS_NULLABLE, 'Illegal:' . _('Action'));
if (ossim_error()) {
die(_('Invalid Action Parameter'));
}
$selected = Filter_list::get_total_selection($conn, $type);
if ($selected > Filter_list::MAX_VULNS_ITEMS) {
$msg = _('Vulnerability scans can only be performed on %s assets at a time. Please select less assets and try again.');
$limit_msg = sprintf($msg, Util::number_format_locale(Filter_list::MAX_VULNS_ITEMS));
}
if (!$limit_msg && in_array($action, array('create_scan', 'save_scan'))) {
// load the default values for the form
if ($action == 'create_scan') {
$conf = $GLOBALS['CONF'];
$scan_locally = $conf->get_conf('nessus_pre_scan_locally');
$timeout = 28800;
$hosts_alive = 1;
}
$hosts_alive_data = get_host_alive_attributes($hosts_alive, $targets);
$scan_locally_checked = $scan_locally == 1 ? 'checked="checked"' : '';
$resolve_names_checked = $not_resolve == 1 ? 'checked="checked"' : '';
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'network');
//Delete all filtered nets
Asset_net::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyHosts');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_asset_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$db->close();
$error = _('You do not have the correct permissions to delete assets. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'asset');
//Delete all filtered asset
Asset_host::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s assets have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
$action = REQUEST('action');
$allowed_action = array('show_unsupported' => 1, 'remove_unsupported' => 2, 'deploy_all_agents' => 3);
if (empty($allowed_action[$action])) {
Util::response_bad_request(_('Error! Action not allowed'));
}
$db = new Ossim_db();
$conn = $db->connect();
switch ($action) {
case 'show_unsupported':
$data['status'] = 'success';
$data['data'] = _('Your request has been processed');
try {
//Number of assets in the system
list($assets, $total_assets) = Asset_host::get_list($conn, '', array('limit' => 1));
//Number of selected assets
$total_selected = Filter_list::get_total_selection($conn, 'asset');
//Remove asset selection
Filter_list::clean_selection($conn);
//Getting the object with the filters.
$filters = Filter_list::retrieve_filter_list_session();
$filters->empty_filter_search($conn);
if ($filters === FALSE) {
$exp_msg = _('Sorry, operation was not completed due to an error when processing the request');
Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg);
}
if ($total_selected == $total_assets) {
//All assets were selected, so we filter them by OS
$os_filters = array('where' => '(host_properties.value NOT LIKE "windows%" AND host_properties.value NOT LIKE "microsoft%")');
list($os_list, $total_os) = Asset_host_properties::get_property_values($conn, 3, $os_filters);
$filters->modify_filter(20, 'unknown', 0);
foreach ($os_list as $os_key => $os_value) {
break;
case 'delete_from_groups':
//Validate Form token
$token = POST('token');
if (Token::verify('tk_asset_form', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$asset_id = POST('asset_id');
if (!valid_hex32($asset_id)) {
Util::response_bad_request(_('Error! Asset ID not allowed. Asset could not be deleted from selected Asset Groups'));
} else {
try {
$db = new ossim_db();
$conn = $db->connect();
$num_groups = Filter_list::get_total_selection($conn, 'group');
$asset = new Asset_host($conn, $asset_id);
$asset->delete_from_groups($conn);
$db->close();
$data['status'] = 'success';
$data['data'] = sprintf(_("Asset have been deleted from %s groups"), $num_groups);
} catch (Exception $e) {
Util::response_bad_request(_('Error! Asset could not be deleted from selected Asset Groups') . ': ' . $e->getMessage());
}
}
break;
case 'add_port':
//Validate Form token
$token = POST('token');
if (Token::verify('tk_services_form', $token) == FALSE) {
$error = Token::create_error_message();
$data['status'] = 'OK';
$data['data'] = $validation_errors;
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
}
echo json_encode($data);
exit;
} else {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
}
if ($data['status'] != 'error') {
try {
$db = new ossim_db();
$conn = $db->connect();
Notes::bulk_insert($conn, $asset_type, gmdate("Y-m-d H:i:s"), $note);
$num_assets = Filter_list::get_total_selection($conn, $asset_type);
$data['status'] = 'OK';
$data['data'] = sprintf(_('Your note has been added to (%s) assets'), $num_assets);
$db->close();
} catch (Exception $e) {
Util::response_bad_request($e->getMessage());
}
} else {
//Formatted message
$error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $data['data']) . '</div>';
Util::response_bad_request($error_msg);
}
