* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
****************************************************************************/
/**
* Class and Function List:
* Function list:
* Classes list:
*/
require_once 'classes/Session.inc';
Session::logcheck("MenuEvents", "EventsVulnerabilities");
//
// LOCAL SERVER
if ($_SESSION["scanner"] == "omp") {
require_once 'classes/OMP.inc';
$omp = new OMP();
$tresults = $omp->get_number_of_results("Running|Paused|Pause Requested|Requested");
$details = $omp->get_tasks_details("Running|Paused|Pause Requested|Requested");
echo "{$tresults}|{$details}";
} else {
$scanner = $_SESSION["scanner"] == "openvas" ? "openvas-client" : "nessus";
$running = shell_exec('ps -ef | grep "' . $scanner . '" | grep -v "/bin/sh" | egrep -v "serving|grep|nessus-service|nessusd" | wc -l');
$run = intval($running) == 0 ? "0" : "1";
/*
# nessusd: testing 192.168.1.5 (/var/lib/nessus/plugins/DDI_Directory_Scanner.nasl)
$lineas = explode("\n",`ps -ef | grep "$scanner" | grep -v "/bin/sh" | grep -v grep`);
$i=0; foreach ($lineas as $linea) if (trim($linea)!="") {
if (preg_match("/testing (.*?) \((.*)\/(.*?)\.(.*?)\)/",$linea,$found)) {
if ($i++<25) print ";".$found[1]." ".$found[3];
if ($i==26) print ";[...] ";
}
function update_profile($sid, $sname, $sdescription, $stype, $sautoenable, $auto_cat_status, $auto_fam_status, $tracker)
{
global $uroles, $dbconn, $conf;
$username = $stype;
// Owner Profile
$host_tracker = 0;
// $result = $dbconn->execute("select owner
// from vuln_nessus_settings
// where id = $sid");
// list ($myowner)=$result->fields;
// if ($myowner <> $username && !$uroles[admin]) {
// echo "Access denied: You do not own this profile and are not an admin
// - (owner = $myowner)\n";
// //require_once('footer.php');
// die ();
// }
// "G" is global, blank is a private scan profile
if ($stype == TRUE) {
$stype = "G";
} else {
$stype = "";
}
if ($tracker == "on") {
$host_tracker = 1;
}
$query = "update vuln_nessus_settings \n set name='{$sname}', description='{$sdescription}', \n type='{$stype}', autoenable='{$sautoenable}',\n auto_cat_status = {$auto_cat_status},\n auto_fam_status = {$auto_fam_status},\n update_host_tracker='{$host_tracker}',\n owner = '{$username}'\n where id={$sid}";
$result = $dbconn->execute($query);
reset($_POST);
// if form method="post"
while (list($key, $value) = each($_POST)) {
$value = Util::htmlentities(mysql_real_escape_string(trim($value)), ENT_QUOTES);
if (substr($key, 0, 2) == "f_") {
$type = substr($key, 0, 1);
$key = substr($key, 2);
$query = "update vuln_nessus_settings_family \n set status={$value} \n where sid={$sid} and fid={$key}";
$results = $dbconn->Execute($query);
} elseif (substr($key, 0, 2) == "c_") {
$type = substr($key, 0, 1);
$key = substr($key, 2);
$query = "update vuln_nessus_settings_category set status={$value} where sid={$sid} and cid={$key}";
$results = $dbconn->Execute($query);
}
}
if ($sautoenable == "C") {
$query = "select t1.cid, t1.status from vuln_nessus_settings_category as t1, vuln_nessus_category as t2 where sid={$sid}";
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($cid, $catstatus) = $result->fields;
if ($catstatus == 4) {
$query1 = "update vuln_nessus_settings_plugins set enabled='N' where category={$cid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
} elseif ($catstatus == 1) {
$query1 = "update vuln_nessus_settings_plugins set enabled='Y' where category={$cid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
}
$result->MoveNext();
}
} elseif ($sautoenable == "F") {
$query = "select t1.fid, t1.status from vuln_nessus_settings_family as t1, vuln_nessus_family as t2 where sid={$sid}";
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($fid, $catstatus) = $result->fields;
if ($catstatus == 4) {
$query1 = "update vuln_nessus_settings_plugins set enabled='N' where family={$fid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
} elseif ($catstatus == 1) {
$query1 = "update vuln_nessus_settings_plugins set enabled='Y' where family={$fid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
}
$result->MoveNext();
}
}
//echo "Profile Updated<BR>";
?>
<script type="text/javascript">
//<![CDATA[
document.location.href='settings.php?hmenu=Vulnerabilities&smenu=ScanProfiles';
//]]>
</script><?php
//logAccess( "Updated Autoenable Settings for Profile $sid" );
if (preg_match("/omp\\s*\$/i", $nessus_path)) {
$omp = new OMP();
$omp->set_plugins_by_family($sid);
}
edit_profile($sid);
}
case "play_task":
$omp = new OMP();
$omp->play_task($job_id);
break;
case "pause_task":
$omp = new OMP();
$omp->pause_task($job_id);
break;
case "stop_task":
$omp = new OMP();
$omp->stop_task($job_id);
break;
case "resume_task":
$omp = new OMP();
$omp->resume_task($job_id);
break;
case "delete_task":
$omp = new OMP();
$omp->delete_task($job_id);
break;
case "delete":
delete_sched($schedid);
break;
case "setstatus":
set_status($schedid, $enabled);
break;
default:
main_page(1, $sortby, $sortdir);
break;
}
require_once "footer.php";
