$myrow_payload = $result2->baseFetchRow();
$result2->baseFreeRows();
$myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2);
$current_sig = $current_sig . str_replace("Open Port", "", $myrow_payload);
} else {
if (stristr($current_sig_txt, "(portscan) TCP Portscan") || stristr($current_sig_txt, "(portscan) UDP Portscan")) {
$sql2 = "SELECT data_payload FROM data WHERE sid='" . $myrow["sid"] . "' AND cid='" . $myrow["cid"] . "'";
$result2 = $db->baseExecute($sql2);
$myrow_payload = $result2->baseFetchRow();
$result2->baseFreeRows();
$myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2);
$current_sig = $current_sig . stristr(stristr($myrow_payload, "Port/Proto Range"), ": ");
}
}
}
$rowid = $qs->GetCurrentView() * $show_rows + $i;
$tmpsig = explode("##", $current_sig);
if ($tmpsig[1] != "") {
$antes = $tmpsig[0];
$despues = $tmpsig[1];
} else {
$antes = "";
$despues = $current_sig;
}
// 5- Source IP Address
if ($current_sip32 != "") {
$country = strtolower(geoip_country_code_by_addr($gi, $current_sip));
$country_name = geoip_country_name_by_addr($gi, $current_sip);
if ($country) {
$country_img = " <img src=\"../pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">";
$slnk = "<img src='../pixmaps/flags/" . $country . ".png' style='width:3mm'>";
$product_type = GetSourceType($myrow["product_type"], $db);
$total_occurances = $myrow["events"];
$temp = "SELECT acid_event.id,plugin_sid.name as sig_name,acid_event.timestamp FROM alienvault.plugin LEFT JOIN alienvault.product_type ON product_type.id=plugin.product_type, acid_event LEFT JOIN alienvault.plugin_sid ON plugin_sid.plugin_id=acid_event.plugin_id AND plugin_sid.sid=acid_event.plugin_sid WHERE acid_event.plugin_id=plugin.id AND product_type.id=" . $myrow["product_type"] . " ORDER BY timestamp DESC LIMIT 1";
$result2 = $db->baseExecute($temp);
$last = $result2->baseFetchRow();
$result2->baseFreeRows();
$last_signature = $last['sig_name'];
if (empty($last_signature)) {
$last_signature = _("Signame Unknown");
}
$sig_id = $last['id'];
$timestamp = $last["timestamp"];
if ($tz != 0) {
$timestamp = gmdate("Y-m-d H:i:s", get_utc_unixtime($db, $timestamp) + 3600 * $tz);
}
$submit = "#" . ($qs->GetCurrentView() * $show_rows + $i) . "-" . $sig_id;
$tmp_rowid = rawurlencode($sig_id);
$urlp = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&sourcetype=" . urlencode($myrow["product_type"]);
//$urlp = "base_stat_ptypes.php?sort=occur_d&sourcetype=".urlencode($myrow["product_type"]);
qroPrintEntryHeader($i);
qroPrintEntry('  <a href="' . $urlp . '">' . $product_type . '</a>', 'left', "", "nowrap");
qroPrintEntry(' <a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "");
qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", "");
qroPrintEntry(" <A HREF='{$urlp}'>" . $last_signature . "</a>", "left", "", "");
qroPrintEntry($timestamp, "center", "", "nowrap");
qroPrintEntryFooter();
$i++;
$prev_time = null;
}
$result->baseFreeRows();
$dbo->close($_conn);
$bgcolor = $i % 2 == 0 ? "bgcolor='#FFFFFF'" : "bgcolor='#F2F2F2'";
$max_cid = $myrow[0];
$plugin_id = $myrow["plugin_id"];
$timestamp = $myrow["timestamp"];
if ($tz != 0) {
$timestamp = gmdate("Y-m-d H:i:s", get_utc_unixtime($db, $timestamp) + 3600 * $tz);
}
$plugin_name = $myrow["name"];
$total_occurances = $myrow["events"];
$total_sensors = $myrow["sensors"];
$temp = "SELECT acid_event.sid,acid_event.ip_src,acid_event.ip_dst,plugin_sid.name as sig_name FROM acid_event LEFT JOIN ossim.plugin_sid ON plugin_sid.plugin_id=acid_event.plugin_id AND plugin_sid.sid=acid_event.plugin_sid WHERE acid_event.plugin_id={$plugin_id} AND cid={$max_cid} LIMIT 1";
$result2 = $db->baseExecute($temp);
$last = $result2->baseFetchRow();
$last_signature = $last['sig_name'];
$sig_id = $last['sid'];
$submit = "#" . ($qs->GetCurrentView() * $show_rows + $i) . "-(" . $sig_id . "-" . $max_cid . ")";
$current_sip = long2ip($last['ip_src']);
$current_dip = long2ip($last['ip_dst']);
$homelan_sip = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $current_sip)) || in_array($current_sip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$current_sip}'><img src=\"" . Host::get_homelan_icon($current_sip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
$homelan_dip = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $current_dip)) || in_array($current_dip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$current_dip}'><img src=\"" . Host::get_homelan_icon($current_dip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
/* Print out (Colored Version) -- Alejandro */
//qroPrintEntryHeader((($colored_alerts == 1) ? GetSignaturePriority($sig_id, $db) : $i) , $colored_alerts);
$tmp_rowid = rawurlencode($sig_id);
/*echo ' <TD nowrap '.$bgcolor.'>
<INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">
</TD>';
echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';*/
$urlp = "base_qry_main.php?search=1&sensor=&bsf=Query+DB&search_str=&sip=&ossim_risk_a=+&plugin={$plugin_id}";
qroPrintEntry(' <a href="' . $urlp . '">' . $plugin_name . '</a>', 'left', "", "nowrap", $bgcolor);
qroPrintEntry(' <a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "", $bgcolor);
