* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
include_once 'riskmaps_functions.php';
Session::logcheck('dashboard-menu', 'BusinessProcesses');
$infolog = array('Indicator Risk Maps');
Log_action::log(49, $infolog);
if (!Session::menu_perms('dashboard-menu', 'BusinessProcessesEdit')) {
echo ossim_error(_("You don't have permissions to edit risk indicators"));
exit;
}
$data = array('status' => 'success', 'data' => '');
$db = new ossim_db();
$conn = $db->connect();
$map = GET('map');
$ri_positions = GET('data');
$name = GET('alarm_name');
$icon = GET('icon');
$url = GET('url');
$ri_id = GET('id');
$type = GET('type');
$type_name = GET('elem');
$runorder++;
}
if ($_DEBUG) {
echo $htmlPdfReport->get();
} else {
// Generate pdf report
$pdfReport->setHtml($htmlPdfReport->get());
$pdfReport->getPdf('server');
}
//Send email
$email = $_POST['email'];
if (isset($email) && !empty($email)) {
ossim_valid($_POST['email'], OSS_MAIL_ADDR, 'illegal:' . _('Email address'));
if (ossim_error()) {
echo 'error###' . ossim_get_error_clean();
exit;
}
$status = $pdfReport->sendPdfEmail($report_data['report_name'], $email);
$file = $pdfReport->getpath() . $pdfReport->getNamePdf();
@unlink($file);
if ($status != TRUE) {
$message = _('Please check email configuration in Deployment -> AlienVault Center -> General Configuration and try again');
echo 'error###' . _('Unable to send PDF report.') . '<br/><br/>' . $message;
} else {
echo 'OK###' . _('PDF Report has been sent successfully');
}
} else {
echo $pdfReport->getNamePdf();
}
Log_action::log(19);
}
function delete_sched($schedid)
{
global $viewall, $sortby, $sortdir, $uroles, $username, $dbconn;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$sql_require = "";
if (!$uroles['admin']) {
$sql_require = "AND username='******'";
}
$query = "SELECT id, name FROM vuln_job_schedule WHERE id = '{$schedid}' {$sql_require}";
//echo "query=$query<br>";
$result = $dbconn->Execute($query);
list($jid, $nname) = $result->fields;
if ($jid > 0) {
$query = "DELETE FROM vuln_job_schedule WHERE id = '{$schedid}' {$sql_require}";
$result = $dbconn->Execute($query);
$infolog = array($nname);
Log_action::log(68, $infolog);
} else {
//echo "Not Authorized to Delete Reoccuring Schedule <i>\"$nname\"</i>";
//logAccess( "UNAUTHORIZED ATTEMPT TO DELETED Reoccuring Schedule $nname" );
}
main_page($viewall, $sortby, $sortdir);
}
$log_dst = $order_dst . " (" . $policy_dst->get_id() . ")";
}
if ($group_src == $group_dst) {
// same group => swap
Policy::swap_simple_orders($conn, $policy_src, $policy_dst);
} else {
// different group => especial swap
if ($order_src < $order_dst) {
// Only change group (do not change order value)
if ($order_src == $order_dst - 1) {
Policy::change_group($conn, $policy_src->get_id(), $group_dst);
} else {
for ($i = $order_src; $i < $order_dst - 1; $i++) {
Policy::swap_orders($conn, $i, $i + 1, $group_dst, $ctx, "src");
}
}
} else {
if ($order_src == $order_dst) {
Policy::change_group($conn, $policy_src->get_id(), $group_dst);
}
for ($i = $order_src; $i > $order_dst; $i--) {
Policy::swap_orders($conn, $i - 1, $i, $group_dst, $ctx, "dst");
}
}
}
$infolog = array($order_src . " (" . $policy_src->get_id() . ")", $log_dst);
Log_action::log(98, $infolog);
Web_indicator::set_on("Reload_policies");
// ReloadPolicy key deprecated, now using Reload_policies always
//Web_indicator::set_on("ReloadPolicy");
$db->close();
//Getting password length
$conf = $GLOBALS['CONF'];
$pass_length_min = $conf->get_conf('pass_length_min') ? $conf->get_conf('pass_length_min') : 7;
$pass_length_max = $conf->get_conf('pass_length_max') ? $conf->get_conf('pass_length_max') : 255;
$pass_length_max = $pass_length_max < $pass_length_min || $pass_length_max < 1 ? 255 : $pass_length_max;
$pass_expire_min = $conf->get_conf('pass_expire_min') ? $conf->get_conf('pass_expire_min') : 0;
if (0 != strcmp($pass1, $pass2)) {
$validation_errors['pass'] = _('Authentication failure') . '. ' . _('Passwords mismatch');
} elseif (strlen($pass1) < $pass_length_min) {
$validation_errors['pass'] = _('Password is not long enough') . ' [' . _('Minimum password size is') . ' ' . $pass_length_min . ']';
} elseif (strlen($pass1) > $pass_length_max) {
$validation_errors['pass'] = _('Password is long enough') . ' [' . _('Maximum password size is') . ' ' . $pass_length_max . ']';
} elseif (!Session::pass_check_complexity($pass1)) {
$validation_errors['pass'] = _('Password is not strong enough. Check the password policy configuration for more details');
} elseif ($mode == 'update') {
$recent_pass = Log_action::get_last_pass($conn, $login);
if ($pass_expire_min > 0 && dateDiff_min($last_pass_change, date('Y-m-d H:i:s')) < $pass_expire_min && !Session::am_i_admin()) {
$validation_errors['pass'] = _('Password lifetime is too short to allow change. Wait a few minutes...');
} elseif (count($recent_pass) > 0 && (in_array(md5($pass1), $recent_pass) || in_array(hash('sha256', $pass1), $recent_pass))) {
$validation_errors['pass'] = _('This password is recently used. Try another');
}
}
}
}
}
//Checking entities field requirements
if (empty($validation_errors['entities[]'])) {
//Check allowed entities
if ($pro && !$is_my_profile) {
foreach ($entities as $ent_id) {
if (!Acl::entityAllowed($ent_id)) {
$pass_length_min = $conf->get_conf('pass_length_min') ? $conf->get_conf('pass_length_min') : 7;
if ($first_login == '' || $first_login == 0 || $first_login == 'no') {
$accepted = 'yes';
}
$failed = FALSE;
if ($accepted == 'yes') {
$first_login = '******';
$client = new Alienvault_client($user);
$client->auth()->login($user, $pass);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
//get vector size on ECB mode
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
//Creating the vector
$_SESSION['mdspw'] = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $conf->get_conf('md5_salt'), $pass, MCRYPT_MODE_ECB, $iv);
$infolog = array($user);
Log_action::log(1, $infolog);
if ($first_user_login) {
header("Location: first_login.php");
} elseif ($pass_expire_max > 0 && dateDiff($last_pass_change, date('Y-m-d H:i:s')) >= $pass_expire_max) {
header("Location: first_login.php?expired=1");
} elseif ($user == AV_DEFAULT_ADMIN && $pass == 'admin') {
header("Location: first_login.php?changeadmin=1");
} else {
if ($mobile != '') {
header("Location: ../statusbar/mobile.php?login="******"&screen={$mobile}");
} else {
if (Session::am_i_admin()) {
if (Welcome_wizard::show_wizard_status_bar()) {
$_SESSION['_welcome_wizard_bar'] = TRUE;
} else {
unset($_SESSION['_welcome_wizard_bar']);
die(ossim_error(_("User Contributed file not found in") . " " . $directive_editor->engine_path . ". " . _("Please, create it first")));
}
// SAVE CURRENT
if ($directive_id != "") {
$directive_editor = new Directive_editor($engine_id);
$filepath = $directive_editor->engine_path . "/" . $file;
$dom = $directive_editor->get_xml($filepath, "DOMXML");
$directive = $directive_editor->getDirectiveFromXML($dom, $directive_id);
$node = $directive->directive;
$node->setAttribute('name', $name);
$node->setAttribute('priority', $prio);
$directive_editor->save_xml($filepath, $dom, "DOMXML");
$directive_editor->update_directive_pluginsid($directive_id, 2, $prio, $name);
$directive_editor->update_directive_taxonomy($directive_id, $intent, $strategy, $method);
$infolog = array($directive_id, 'updated');
Log_action::log(86, $infolog);
} else {
if ($directive_editor->directive_exists($name, $filepath)) {
die(ossim_error(_("This directive name already exists")));
}
// Get new ID
$id = $directive_editor->new_directive_id($file);
if ($id < 1) {
echo ossim_error(_("Unable to create a new directive in ") . "<b>{$file}</b>");
}
// Create a Node (Do not create yet, at rule finish)
// ...
}
// Back to MAIN
if (POST('mode') == "saveclose") {
Util::memcacheFlush();
$error_string .= $s_error;
$flag_status = 2;
}
}
}
if ($flag_status != 2) {
$api_client = new Alienvault_client();
for ($i = 0; $i < POST('nconfs'); $i++) {
if (isset($_POST["conf_{$i}"]) && isset($_POST["value_{$i}"])) {
if ($pass_fields[POST("conf_{$i}")] == 1 && Util::is_fake_pass(POST("value_{$i}")) || POST("value_{$i}") == 'skip_this_config_value') {
continue;
} else {
$before_value = $ossim_conf->get_conf(POST("conf_{$i}"));
$config->update(POST("conf_{$i}"), POST("value_{$i}"));
if (POST("value_{$i}") != $before_value) {
Log_action::log(7, array("variable: " . POST("conf_{$i}")));
// Special cases
custom_actions($api_client, POST("conf_{$i}"), POST("value_{$i}"));
if (in_array(POST("conf_{$i}"), $cert_options)) {
$certs = TRUE;
}
}
}
}
}
}
// check valid pass length max
if (intval($pass_length_max) < intval($pass_length_min) || intval($pass_length_max) < 1 || intval($pass_length_max) > 255) {
$config->update('pass_length_max', 255);
} else {
$config->update('pass_length_max', intval($pass_length_max));
}
if ($can_i_delete) {
$query = 'DELETE FROM vuln_jobs WHERE id=?';
$params = array($kill_id);
$result = $conn->execute($query, $params);
$query = 'DELETE FROM vuln_nessus_reports WHERE report_id=?';
$params = array($report_id);
$result = $conn->execute($query, $params);
$query = 'DELETE FROM vuln_nessus_report_stats WHERE report_id=?';
$params = array($report_id);
$result = $conn->execute($query, $params);
$query = 'DELETE FROM vuln_nessus_results WHERE report_id=?';
$params = array($report_id);
$result = $conn->execute($query, $params);
$infolog = array($job_name);
Log_action::log(65, $infolog);
}
}
}
}
}
$db->close($conn);
if ($action == 'save_scan' && empty($validation_errors) || $action == 'delete_scan') {
$url = Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/manage_jobs.php', 'environment', 'vulnerabilities', 'scan_jobs');
header("Location: {$url}");
die;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
*/
require_once 'av_init.php';
/* connect to db */
$db = new ossim_db();
$conn = $db->connect();
if ($_SESSION['_user']) {
$user = $_SESSION['_user'];
unset($_SESSION);
// destroy session to force password change
session_destroy();
session_start();
$_SESSION['_backup_user'] = $user;
} else {
$user = $_SESSION['_backup_user'];
}
$recent_pass = Log_action::get_last_pass($conn, $user);
$conf = $GLOBALS['CONF'];
if (!isset($_SESSION['_user']) && !isset($_SESSION['_backup_user'])) {
$ossim_link = $conf->get_conf('ossim_link');
$login_location = $ossim_link . '/session/login.php';
header("Location: {$login_location}");
exit;
}
$version = $conf->get_conf('ossim_server_version');
$opensource = !preg_match("/.*pro.*/i", $version) && !preg_match("/.*demo.*/i", $version) ? TRUE : FALSE;
$pass1 = base64_decode(POST('pass1'));
$pass2 = base64_decode(POST('pass2'));
$current_pass = base64_decode(POST('current_pass'));
$flag = POST('flag');
$changeadmin = POST('changeadmin');
$expired = POST('expired');
echo $user != "" ? "&user={$user}" : "";
echo $code != "" ? "&code={$code}" : "";
?>
">
<?php
echo gettext("Action");
?>
</a>
</th>
</tr>
</thead>
<tbody>
<?php
$time_start = time();
if ($log_list = Log_action::get_list($conn, $filter, "ORDER by {$order}", $inf, $sup)) {
foreach ($log_list as $log) {
?>
<tr>
<?php
if ($_SESSION['_user'] == "admin") {
$tmp = str_replace(" ", "#", $log->get_date());
//echo "<td><input type='checkbox' name='$tmp|".$log->get_info()."' value='yes'></td>";
}
?>
<td><?php
echo $log->get_date();
?>
</td>
<td><?php
ossim_valid($ctx, OSS_HEX, 'illegal:' . _("order"));
if (ossim_error()) {
die(ossim_error());
}
//db connection
$db = new ossim_db();
$conn = $db->connect();
$group1 = Policy_group::get_list($conn, $ctx, " AND id=UNHEX('{$group}')");
if ($group1[0]) {
$ctx = $group1[0]->get_ctx();
if ($order == "up") {
$pg_ord = Policy::get_pg_order($conn, $ctx, $group1[0]->get_order(), 'up');
$group2 = Policy_group::get_list($conn, $ctx, " AND policy_group.order={$pg_ord}");
$pg_src = $group2[0];
$pg_dst = $group1[0];
} elseif ($order == "down") {
$pg_ord = Policy::get_pg_order($conn, $ctx, $group1[0]->get_order(), 'down');
$group2 = Policy_group::get_list($conn, $ctx, " AND policy_group.order={$pg_ord}");
$pg_src = $group1[0];
$pg_dst = $group2[0];
}
if (is_object($pg_src) && is_object($pg_dst)) {
echo "Swapping: id1=" . $pg_dst->get_group_id() . ",order1=" . $pg_src->get_order() . ",id2=" . $pg_dst->get_group_id() . ",order2=" . $pg_dst->get_order() . "<br>\n";
Policy_group::swap_orders($conn, $pg_src->get_ctx(), $pg_src->get_group_id(), $pg_src->get_order(), $pg_dst->get_group_id(), $pg_dst->get_order());
$infolog = array($pg_dst->get_name() . "(" . $pg_dst->get_group_id() . ")", $pg_dst->get_name() . "(" . $pg_dst->get_group_id() . ")");
Log_action::log(99, $infolog);
Web_indicator::set_on("Reload_policies");
Web_indicator::set_on("ReloadPolicy");
}
}
$db->close();
function delete_scan($job_id)
{
global $uroles, $username, $useremail, $mailfrom, $dbconn;
if ($uroles['admin']) {
$term_status = "Allowed";
//echo "Scan Terminated";
//echo "<br>";
$query = "SELECT name, id, scan_SERVER, report_id, status FROM vuln_jobs WHERE id='{$job_id}' LIMIT 1";
$result = $dbconn->execute($query);
list($job_name, $kill_id, $nserver_id, $report_id, $status) = $result->fields;
if ($status == "R") {
$query = "UPDATE vuln_nessus_servers SET current_scans=current_scans-1 WHERE id='{$nserver_id}' and current_scans>0 LIMIT 1";
$result = $dbconn->execute($query);
}
//$query = "UPDATE vuln_jobs SET status='C' WHERE id='$kill_id' LIMIT 1";
//$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_jobs WHERE id='{$kill_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_reports WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_report_stats WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_results WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$infolog = array($job_name);
Log_action::log(65, $infolog);
?>
<script type="text/javascript">
//<![CDATA[
document.location.href='manage_jobs.php?hmenu=Vulnerabilities&smenu=Jobs';
//]]>
</script><?php
} else {
$term_status = "Denied";
}
//logAccess( "TERMINATE SCAN: [ $term_status by $username ]" );
//include("monitor.php");
}
}
$dom = $directive_editor->get_xml($file, "DOMXML");
$node = $dom->createElement('directive');
$node->setAttribute('id', POST('directive_id'));
$node->setAttribute('name', POST('directive_name'));
$node->setAttribute('priority', POST('directive_prio'));
$dom->appendChild($node);
if (!$directive_editor->save_xml($file, $dom, "DOMXML", false)) {
// DTD Validation = false
$directive_error = true;
} else {
$directive_editor->update_directive_pluginsid(POST('directive_id'), 2, POST('directive_prio'), POST('directive_name'));
$directive_editor->update_directive_taxonomy(POST('directive_id'), POST('directive_intent'), POST('directive_strategy'), POST('directive_method'));
}
$infolog = array(POST('directive_id'));
Log_action::log(85, $infolog);
}
if (!$directive_error) {
$directive_editor->insert($rule, POST("directive_id"), $file);
?>
<script type="text/javascript">
var params = new Array();
params['xml'] = "<?php
echo $xml_file;
?>
";
params['directive'] = "<?php
echo POST('directive_id');
?>
";
function delete_scan($job_id)
{
global $uroles, $username, $useremail, $mailfrom, $dbconn;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
if ($uroles['admin']) {
$term_status = "Allowed";
//echo "Scan Terminated";
//echo "<br>";
$query = "SELECT name, id, scan_SERVER, report_id, status FROM vuln_jobs WHERE id='{$job_id}' LIMIT 1";
$result = $dbconn->execute($query);
list($job_name, $kill_id, $nserver_id, $report_id, $status) = $result->fields;
if ($status == "R") {
$query = "UPDATE vuln_nessus_servers SET current_scans=current_scans-1 WHERE id='{$nserver_id}' and current_scans>0 LIMIT 1";
$result = $dbconn->execute($query);
}
//$query = "UPDATE vuln_jobs SET status='C' WHERE id='$kill_id' LIMIT 1";
//$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_jobs WHERE id='{$kill_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_reports WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_report_stats WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$query = "DELETE FROM vuln_nessus_results WHERE report_id='{$report_id}'";
$result = $dbconn->execute($query);
$infolog = array($job_name);
Log_action::log(65, $infolog);
?>
<script type="text/javascript">
//<![CDATA[
document.location.href='<?php
echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/manage_jobs.php', 'environment', 'vulnerabilities', 'scan_jobs');
?>
';
//]]>
</script><?php
} else {
$term_status = "Denied";
}
}
$dom = open_file($file);
$tab_directive = $dom->get_elements_by_tagname('directive');
foreach ($tab_directive as $lign) {
if ($lign->get_attribute('id') == $dir_id) {
$directive = $lign;
}
}
$dname = $directive->get_attribute('name');
$parent = $directive->parent_node();
$parent->remove_child($directive);
$dom->dump_file($file);
release_file($file);
delete_dir_from_groups($dir_id);
echo "<html><body onload=\"top.frames['main'].document.location.href='../index.php'\"></body></html>";
$infolog = array($dname);
Log_action::log(87, $infolog);
} elseif ($query == "add_directive") {
$cat_id = $_GET['id'];
$onlydir = $_GET['onlydir'] == "1" ? "1" : "0";
$category = get_category_by_id($cat_id);
$XML_FILE = "/etc/ossim/server/" . $category->xml_file;
$dom = open_file($XML_FILE);
$id = new_directive_id($category->id);
$null = NULL;
$node = $dom->create_element('directive');
$node->set_attribute('id', $id);
$node->set_attribute('name', "New directive");
$node->set_attribute('priority', "0");
$directive = new Directive($id, "New directive", "0", $null, $node);
$_SESSION['directive'] = serialize($directive);
release_file($XML_FILE);
