* Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt ****************************************************************************/ /** * Class and Function List: * Function list: * Classes list: */ require_once 'classes/Session.inc'; Session::logcheck("MenuEvents", "EventsVulnerabilities"); // // LOCAL SERVER if ($_SESSION["scanner"] == "omp") { require_once 'classes/OMP.inc'; $omp = new OMP(); $tresults = $omp->get_number_of_results("Running|Paused|Pause Requested|Requested"); $details = $omp->get_tasks_details("Running|Paused|Pause Requested|Requested"); echo "{$tresults}|{$details}"; } else { $scanner = $_SESSION["scanner"] == "openvas" ? "openvas-client" : "nessus"; $running = shell_exec('ps -ef | grep "' . $scanner . '" | grep -v "/bin/sh" | egrep -v "serving|grep|nessus-service|nessusd" | wc -l'); $run = intval($running) == 0 ? "0" : "1"; /* # nessusd: testing 192.168.1.5 (/var/lib/nessus/plugins/DDI_Directory_Scanner.nasl) $lineas = explode("\n",`ps -ef | grep "$scanner" | grep -v "/bin/sh" | grep -v grep`); $i=0; foreach ($lineas as $linea) if (trim($linea)!="") { if (preg_match("/testing (.*?) \((.*)\/(.*?)\.(.*?)\)/",$linea,$found)) { if ($i++<25) print ";".$found[1]." ".$found[3]; if ($i==26) print ";[...] "; }
function update_profile($sid, $sname, $sdescription, $stype, $sautoenable, $auto_cat_status, $auto_fam_status, $tracker) { global $uroles, $dbconn, $conf; $username = $stype; // Owner Profile $host_tracker = 0; // $result = $dbconn->execute("select owner // from vuln_nessus_settings // where id = $sid"); // list ($myowner)=$result->fields; // if ($myowner <> $username && !$uroles[admin]) { // echo "Access denied: You do not own this profile and are not an admin // - (owner = $myowner)\n"; // //require_once('footer.php'); // die (); // } // "G" is global, blank is a private scan profile if ($stype == TRUE) { $stype = "G"; } else { $stype = ""; } if ($tracker == "on") { $host_tracker = 1; } $query = "update vuln_nessus_settings \n set name='{$sname}', description='{$sdescription}', \n type='{$stype}', autoenable='{$sautoenable}',\n auto_cat_status = {$auto_cat_status},\n auto_fam_status = {$auto_fam_status},\n update_host_tracker='{$host_tracker}',\n owner = '{$username}'\n where id={$sid}"; $result = $dbconn->execute($query); reset($_POST); // if form method="post" while (list($key, $value) = each($_POST)) { $value = Util::htmlentities(mysql_real_escape_string(trim($value)), ENT_QUOTES); if (substr($key, 0, 2) == "f_") { $type = substr($key, 0, 1); $key = substr($key, 2); $query = "update vuln_nessus_settings_family \n set status={$value} \n where sid={$sid} and fid={$key}"; $results = $dbconn->Execute($query); } elseif (substr($key, 0, 2) == "c_") { $type = substr($key, 0, 1); $key = substr($key, 2); $query = "update vuln_nessus_settings_category set status={$value} where sid={$sid} and cid={$key}"; $results = $dbconn->Execute($query); } } if ($sautoenable == "C") { $query = "select t1.cid, t1.status from vuln_nessus_settings_category as t1, vuln_nessus_category as t2 where sid={$sid}"; $result = $dbconn->execute($query); while (!$result->EOF) { list($cid, $catstatus) = $result->fields; if ($catstatus == 4) { $query1 = "update vuln_nessus_settings_plugins set enabled='N' where category={$cid} and sid={$sid}"; $result1 = $dbconn->execute($query1); } elseif ($catstatus == 1) { $query1 = "update vuln_nessus_settings_plugins set enabled='Y' where category={$cid} and sid={$sid}"; $result1 = $dbconn->execute($query1); } $result->MoveNext(); } } elseif ($sautoenable == "F") { $query = "select t1.fid, t1.status from vuln_nessus_settings_family as t1, vuln_nessus_family as t2 where sid={$sid}"; $result = $dbconn->execute($query); while (!$result->EOF) { list($fid, $catstatus) = $result->fields; if ($catstatus == 4) { $query1 = "update vuln_nessus_settings_plugins set enabled='N' where family={$fid} and sid={$sid}"; $result1 = $dbconn->execute($query1); } elseif ($catstatus == 1) { $query1 = "update vuln_nessus_settings_plugins set enabled='Y' where family={$fid} and sid={$sid}"; $result1 = $dbconn->execute($query1); } $result->MoveNext(); } } //echo "Profile Updated<BR>"; ?> <script type="text/javascript"> //<![CDATA[ document.location.href='settings.php?hmenu=Vulnerabilities&smenu=ScanProfiles'; //]]> </script><?php //logAccess( "Updated Autoenable Settings for Profile $sid" ); if (preg_match("/omp\\s*\$/i", $nessus_path)) { $omp = new OMP(); $omp->set_plugins_by_family($sid); } edit_profile($sid); }
case "play_task": $omp = new OMP(); $omp->play_task($job_id); break; case "pause_task": $omp = new OMP(); $omp->pause_task($job_id); break; case "stop_task": $omp = new OMP(); $omp->stop_task($job_id); break; case "resume_task": $omp = new OMP(); $omp->resume_task($job_id); break; case "delete_task": $omp = new OMP(); $omp->delete_task($job_id); break; case "delete": delete_sched($schedid); break; case "setstatus": set_status($schedid, $enabled); break; default: main_page(1, $sortby, $sortdir); break; } require_once "footer.php";