public function testWithObjects()
 {
     $criteria = Criteria::create(TestUser::dao())->add(Expression::containsIp(IpRange::create('192.168.1.1-192.168.1.255'), 'ip'))->addProjection(Projection::property('id'));
     $this->assertEquals($criteria->toDialectString(PostgresDialect::me()), 'SELECT "test_user"."id" FROM "test_user" WHERE "test_user"."ip" <<= \'192.168.1.1-192.168.1.255\'');
     $criteria = Criteria::create(TestInternetProvider::dao())->add(Expression::containsIp('range', IpAddress::create('42.42.42.42')))->addProjection(Projection::property('id'));
     $this->assertEquals($criteria->toDialectString(PostgresDialect::me()), 'SELECT "test_internet_provider"."id" FROM "test_internet_provider" WHERE \'42.42.42.42\' <<= "test_internet_provider"."range"');
 }
 /**
  * @return IpAddress
  **/
 public function getEnd()
 {
     if (!$this->end) {
         $this->end = IpAddress::create(long2ip($this->ip->getLongIp() | ~$this->longMask));
     }
     return $this->end;
 }
 public function testIpRangeProperty()
 {
     foreach (DBTestPool::me()->getPool() as $db) {
         DBPool::me()->setDefault($db);
         $akado = TestInternetProvider::create()->setName('Akada')->setRange(IpRange::create(IpAddress::create('192.168.1.1'), IpAddress::create('192.168.1.42')));
         TestInternetProvider::dao()->add($akado);
         $plainRange = Criteria::create(TestInternetProvider::dao())->addProjection(Projection::property('range'))->add(Expression::eq('name', 'Akada'))->getCustom();
         $this->assertEquals($plainRange['range'], '192.168.1.1-192.168.1.42');
         TestInternetProvider::dao()->add(TestInternetProvider::create()->setName('DomRu')->setRange(IpRange::create('192.168.2.0/24')));
         $list = Criteria::create(TestInternetProvider::dao())->addOrder('id')->getList();
         $this->assertEquals(count($list), 2);
     }
 }
 public function testContains()
 {
     $IpNetwork = IpNetwork::create(IpAddress::create('83.149.5.0'), 24);
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.0')));
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.1')));
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.4')));
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.255')));
     $this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.4.255')));
     $this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.6.1')));
     $IpNetwork = IpNetwork::create(IpAddress::create('83.149.24.64'), 26);
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.64')));
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.66')));
     $this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.127')));
     $this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.24.63')));
     $this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.25.64')));
 }
 public function testBase()
 {
     $prm = Primitive::ipAddress('ip');
     $this->assertTrue($prm->importValue('127.0.0.1'));
     $this->assertTrue($prm->importValue('254.254.254.254'));
     $this->assertTrue($prm->importValue('0.0.0.0'));
     $this->assertFalse($prm->importValue('10.0.0'));
     $this->assertFalse($prm->importValue('42.42.42.360'));
     $this->assertFalse($prm->importValue('10.0.256'));
     $prmWithDefault = Primitive::ipAddress('ip')->setDefault(IpAddress::create('42.42.42.42'));
     $this->assertEquals($prmWithDefault->getActualValue()->toString(), '42.42.42.42');
     $prmWithDefault->import(array('ip' => '43.43.43.43'));
     $this->assertEquals($prmWithDefault->getActualValue()->toString(), '43.43.43.43');
     $prmWithDefault->importValue(IpAddress::create('8.8.8.8'));
     //google public dns ;)
     $this->assertEquals($prmWithDefault->getActualValue()->toString(), '8.8.8.8');
 }
 public function testCreation()
 {
     $range = IpRange::create('192.168.2.1-192.168.255.255');
     $anotherRange = IpRange::create(IpAddress::create('192.168.2.1'), IpAddress::create('192.168.255.255'));
     $this->assertEquals($range->toString(), $anotherRange->toString());
     try {
         $range = IpRange::create('192.168.2.1-192.168.255.666');
         $this->fail();
     } catch (WrongArgumentException $e) {
         /**/
     }
     try {
         $range = IpRange::create('192.168.666.1-192.168.255.254');
         $this->fail();
     } catch (WrongArgumentException $e) {
         /**/
     }
     try {
         $range = IpRange::create(array(array(array(false))));
         $this->fail();
     } catch (WrongArgumentException $e) {
         /**/
     }
     $slashRange = IpRange::create('192.168.1.0/30');
     $this->assertEquals('192.168.1.0', $slashRange->getStart()->toString());
     $this->assertEquals('192.168.1.3', $slashRange->getEnd()->toString());
     try {
         $range = IpRange::create('192.168.1.0/4');
         $this->fail();
     } catch (WrongArgumentException $e) {
         /**/
     }
     $range = IpRange::create('8.8/16');
     $this->assertEquals($range->toString(), '8.8.0.0-8.8.255.255');
     $range = IpRange::create('192.168.1.1');
     $this->assertEquals($range->getStart()->toString(), $range->getEnd()->toString());
 }
 public function fire($job, $data)
 {
     $output = new Symfony\Component\Console\Output\ConsoleOutput();
     $json_array = json_decode($data['message']);
     $service_provider = new $json_array->service_provider();
     # Ensure the integration still exists. If not, delete all the nodes and remove the job from the queue forever.
     try {
         $integration = Integration::findOrFail($json_array->db_integration_id);
     } catch (Exception $e) {
         try {
             Node::where('integration_id', '=', $json_array->db_integration_id)->delete();
             return $job->delete();
         } catch (Exception $e) {
         }
     }
     $user_id = $integration->user_id;
     $service_provider->db_integration_id = $integration->id;
     $nodes = null;
     $service_provider_nodes = array();
     foreach ($service_provider->availability_zones as $availability_zone_name => $availability_zone_friendly_name) {
         // I think this could be done with a recursive array merge
         foreach ($service_provider->list_nodes($availability_zone_name, $availability_zone_friendly_name) as $availability_zone_node_list) {
             array_push($service_provider_nodes, $availability_zone_node_list);
         }
     }
     $current_nodes = $integration->nodes;
     $all_service_provider_ids = [];
     if ($service_provider_nodes && sizeof($service_provider_nodes) > 0) {
         $integration->status = "Confirmed";
         $integration->save();
         foreach ($service_provider_nodes as $service_provider_node) {
             array_push($all_service_provider_ids, $service_provider_node['service_provider_id']);
             $node = Node::firstOrNew(array('service_provider_uuid' => $service_provider_node['service_provider_id'], 'integration_id' => $integration->id));
             // Delete the node if it's been terminated
             if ($node->service_provider_status == "terminated") {
                 $node->delete();
                 continue;
             }
             $node->service_provider_status = $service_provider_node['service_provider_status'];
             $node->service_provider_uuid = $service_provider_node['service_provider_id'];
             $node->service_provider_base_image_id = $service_provider_node['service_provider_base_image_id'];
             $node->description = $service_provider_node['private_dns_name'] . " " . $service_provider_node['public_dns_name'];
             $node->owner_id = $integration->user_id;
             $node->public_dns_name = $service_provider_node['public_dns_name'];
             $node->platform = $service_provider_node['platform'];
             $node->name = "";
             try {
                 $node->service_provider_availability_zone = $service_provider_node['availability_zone_name'];
                 $node->friendly_availability_zone = $service_provider_node['availability_zone_friendly'];
             } catch (Exception $e) {
                 $node->service_provider_availability_zone = "San Francisco!";
                 $node->friendly_availability_zone = "San Francisco!";
             }
             // This should be handled in the DB schema. Default val of false.
             if ($node->managed == null) {
                 $node->managed = false;
             }
             $base_image = BaseImage::firstOrNew(array('integration_id' => $integration->id, 'service_provider_id' => $service_provider_node['service_provider_base_image_id'], 'integration_id' => $integration->id, 'service_provider_label' => $service_provider_node['service_provider_base_image_id']));
             $base_image->rollback_index = 0;
             // Should be handled by schema or just removed. Stupid.
             $base_image->save();
             $node->base_image_id = $base_image->id;
             if (!is_null($service_provider_node['service_provider_cluster_id'])) {
                 $node->service_provider_cluster_id = $service_provider_node['service_provider_cluster_id'];
             }
             $node->save();
             foreach ($service_provider_node['service_provider_ip_addresses'] as $service_provider_ip) {
                 $db_ip = IpAddress::firstOrNew(array('address' => $service_provider_ip, 'node_id' => $node->id));
                 $db_ip->save();
             }
             // Delete ips from the database that don't appear in client report
             IpAddress::where('address', '=', $integration->id)->where('node_id', '=', $node->id)->whereNotIn('address', $service_provider_node['service_provider_ip_addresses'])->delete();
         }
         // This is where we delete Nodes that no longer exist on the service provider side.
         Node::where('integration_id', '=', $integration->id)->where('owner_id', '=', $user_id)->whereNotIn('service_provider_uuid', $all_service_provider_ids)->delete();
     } else {
         if (sizeof($service_provider_nodes) == 0) {
         }
         $integration->status = "Bad";
         $integration->save();
     }
     // Do this job again in 30 seconds.
     $job->release(900);
 }
 /**
  * @return TestUser
  */
 private function spawnUser($options = array())
 {
     $options += array('id' => '77', 'credentials' => Credentials::create(), 'lastLogin' => Timestamp::create('2011-12-31'), 'registered' => Timestamp::create('2011-12-30'), 'strangeTime' => Time::create('01:23:45'), 'city' => null, 'firstOptional' => null, 'secondOptional' => null, 'url' => HttpUrl::create()->parse('https://www.github.com'), 'properties' => Hstore::make(array('a' => 'apple', 'b' => 'bananas')), 'ip' => IpAddress::create('127.0.0.1'));
     return $this->spawnObject(TestUser::create(), $options);
 }
 public function testSignedLongToIpToSignedLong()
 {
     foreach ($this->ips as $ip) {
         $this->assertEquals(IpAddress::create(long2ip($ip[1]))->toSignedInt(), $ip[1]);
     }
 }
Example #10
0
 /**
  * Compares two ip address
  * 
  * @param \Extlib\System\IpAddress $address
  * @return boolean
  */
 public function equals(IpAddress $address)
 {
     return $this->getAddress(true) === $address->getAddress(true);
 }
Example #11
0
 private function createFromString($string)
 {
     if (preg_match(self::SINGLE_IP_PATTERN, $string)) {
         $ip = IpAddress::create($string);
         $this->setup($ip, $ip);
     } elseif (preg_match(self::IP_SLASH_PATTERN, $string)) {
         list($ip, $mask) = explode('/', $string);
         $this->createFromSlash($ip, $mask);
     } elseif (preg_match(self::INTERVAL_PATTERN, $string)) {
         $this->createFromInterval($string);
     } else {
         throw new WrongArgumentException('strange parameters received');
     }
 }
Example #12
0
 public function fire($job, $data)
 {
     try {
         $output = new Symfony\Component\Console\Output\ConsoleOutput();
         $packages = $data['message']['pkginfo']['installed'];
         $matched_public_ip = false;
         $node = null;
         $matches = 0;
         $ip_node_id_count = array();
         $all_matched_ips = IpAddress::whereIn('address', $data['message']['ips'])->get();
         if ($all_matched_ips) {
             foreach ($all_matched_ips as $db_ip) {
                 if (!isset($ip_node_id_count[$db_ip->node_id])) {
                     $ip_node_id_count[$db_ip->node_id] = 1;
                 } else {
                     $ip_node_id_count[$db_ip->node_id]++;
                 }
             }
         } else {
             $output->writeln("Couldn't find any ip addresses in the database from this report.");
             return $job->delete();
         }
         asort($ip_node_id_count, SORT_NUMERIC);
         end($ip_node_id_count);
         $matched_node_id = key($ip_node_id_count);
         $node = Node::find($matched_node_id);
         if ($node) {
             $node->managed = true;
             $node->limbo = false;
             $node->hostname = $data['message']['hostname'];
             $node->virtual = $data['message']['virtual'];
             $node->last_updated = $data['message']['pkginfo']['last_updated'];
             $node->package_manager = $data['message']['pkginfo']['package_manager'];
             if (!$node->platform) {
                 $node->platform = $data['message']['pkginfo']['platform'];
             }
             $node->save();
             $query_version_vendor_query_pairs = array();
             $packages_index = array();
             foreach ($packages as $package_version) {
                 // Get rid of debian epochs
                 //https://ask.fedoraproject.org/en/question/6987/whats-the-meaning-of-the-number-which-appears-sometimes-when-i-use-yum-to-install-a-fedora-package-before-a-colon-at-the-beginning-of-the-name-of-the/
                 $explode_epoch = explode(":", $package_version[1]);
                 if (isset($explode_epoch[1])) {
                     array_shift($explode_epoch);
                     $package_version[1] = implode(":", $explode_epoch);
                 }
                 // Get rid of trailing periods. Note: Explore improving the regex on the agent because this really shouldn't happen but it does.
                 $package_version[1] = rtrim($package_version[1], ".");
                 // Get rid of downstream versioning that comes from dpkg. This should definitely be done on the agent side
                 // because I am 99% sure this is a dpkg thing only. And I'm sure some ying yangs legit put dashes in version
                 // numbers.
                 $last_dash = strrpos($package_version[1], "-");
                 if ($last_dash) {
                     $package_version[1] = substr($package_version[1], 0, $last_dash);
                 }
                 $package_record = Package::firstOrNew(array('name' => $package_version[0], 'node_id' => $node->id));
                 $package_record->version = $package_version[1];
                 try {
                     $package_record->save();
                 } catch (Exception $e) {
                     $output->writeln("couldn't save record" . print_r($e->getMessage()));
                 }
                 $packages_index[$package_record->name] = $package_record;
                 // Set up query cache. Only one query per agent report. That is crucial. Multiple queries would kill everything.
                 array_push($query_version_vendor_query_pairs, array('$and' => array(array('product' => $package_record->name, 'version' => $package_record->version))));
             }
             // Do one giant query. Not one per record.
             $mongo_client = new MongoClient('mongodb://*****:*****@capital.3.mongolayer.com:10201,capital.2.mongolayer.com:10201/vulnerabilities?replicaSet=set-5558d1202c6859fcde00176a');
             $mongo_database = $mongo_client->selectDB('vulnerabilities');
             $mongo_collection = new MongoCollection($mongo_database, 'processed');
             $mongo_query = $mongo_collection->find(array('$or' => $query_version_vendor_query_pairs))->timeout(9999999);
             // This is where we actually do something.
             // for some reason if i do a sort the query is so slow it times out
             //$mongo_query->sort(array('last_updated' => 1));
             // This won't work right if there are multiple vulnerabilties that match the prod and version.
             $might_alert_for = array();
             foreach ($mongo_query as $document) {
                 $packages_index[$document['product']]->vulnerability_severity = $document['risk_score'];
                 if ($document['risk_score'] > 0) {
                     if ($document['risk_score'] > 1) {
                         $node->vulnerable = true;
                     } else {
                         // See if any alerts need to go out. Severe only for now.
                         /*$alerts = Alert::where("owner_user_id", "=", $node->owner_id)->where("value", "=", 1)->get();
                         		foreach($alerts as $alert) {
                         			if(!isset($might_alert_for[$alert->user_id])) {
                         				$might_alert_for[$alert->user_id] = array();
                         			}
                         			
                         			array_push($might_alert_for, $document);
                         		}*/
                         if ($document['risk_score'] > 5) {
                             $node->severe_vulnerable = true;
                         }
                     }
                 }
                 try {
                     $packages_index[$document['product']]->save();
                 } catch (Exception $e) {
                 }
             }
             $node->save();
             //$output->writeln(print_r($might_alert_for));
             // Check to see if target user has been alerted about these particular issues before.
             /*foreach($might_alert_for as $user_id, $list) {
             			foreach($list as $k, $list_item) {
             				$query = DB::table('sent_alerts')->where('node_id', '=', $node->id);
             				$query->where('package', '=', $list_item['product']);
             				$query->where('version', '=', $list_item['version']);
             				$count_result = $query->count();
             				if($count_result > 0) {
             					// If we've alerted before, remove this item from the list.
             					unset($might_alert_for[$user_id][$k]);
             				}
             				
             			}
             			
             		}
             		
             		foreach($might_alert_for as $user_id, $list) {
             			foreach($list as $k, $list_item) {
             				Mail::send('emails.alerts.vulnerable', $data, function($message) use ($list_item) {
             					$message->from("*****@*****.**", "NoSprawl Vulnerability Alerting");
             					$message->to(User::find($list_item['user_id'])->email, User::find($list_item['user_id'])->name)->subject('NoSprawl New Vulnerability Discovered');
             				});
             				
             			}
             			
             		}*/
             #$output->writeln("Done");
             $job->delete();
         } else {
             $output->writeln("Got an agent report we couldn't match.");
             $job->delete();
         }
     } catch (Exception $e) {
         $output->writeln("error" . $e->getMessage());
     }
 }