Exemple #1
0
function search_vuln($scanID)
{
    $pScanID = $scanID;
    // echo $pScanID.'<br>';
    if ($userid = get_userid()) {
        // echo $userid . '<br>';
    } else {
        die;
    }
    $query = "SELECT Vuln.IP_URL,Plugin.Name,Vuln.Vuln_Info,Vuln.Level FROM Plugin,Scan,Vuln WHERE Vuln.Scan_ID=Scan.ID AND Vuln.Plugin_ID=Plugin.ID AND Scan.ID={$scanID} AND Scan.User_ID='{$userid}' ORDER BY Vuln.IP_URL,Vuln.Level,Vuln.ID";
    // echo $query.'<br>';
    $ret = array();
    $result = mysql_query($query);
    while ($row = mysql_fetch_row($result)) {
        // var_dump($row);
        foreach ($row as $key => $value) {
            // echo $key.' => '.$value;
            $row[$key] = check_xss($value);
        }
        $ipurl = $row[0];
        $ret[$ipurl][] = array_slice($row, 1);
    }
    // var_dump($ret);
    return $ret;
}
Exemple #2
0
function StopAttack($StrFiltKey, $StrFiltValue, $ArrFiltReq)
{
    if (is_array($StrFiltValue)) {
        $StrFiltValue = implode($StrFiltValue);
    }
    if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltValue) == 1 || check_xss($StrFiltValue)) {
        //slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$StrFiltKey."<br>提交数据: ".$StrFiltValue);
        error_log("操作IP: " . $_SERVER["REMOTE_ADDR"] . ",操作时间: " . strftime("%Y-%m-%d %H:%M:%S") . ",操作页面:" . $_SERVER["PHP_SELF"] . ",提交方式: " . $_SERVER["REQUEST_METHOD"] . ",提交参数: " . $StrFiltKey . ",提交数据: " . $StrFiltValue . "\n", 3, $_SERVER['DOCUMENT_ROOT'] . "/log/360safe-" . date("Y-m-d", time()) . ".log");
        print "notice:Illegal operation!";
        exit;
    }
}
Exemple #3
0
function get_code($name = '', $id = 1)
{
    // $pName = check_sql($name);
    $query = "SELECT Code FROM Plugin WHERE Name='{$name}'";
    // print($query.'<br>');
    // $ret = array('data' => array(), );
    $result = mysql_query($query);
    if ($row = mysql_fetch_row($result)) {
        // $code = check_xss($row[0]);
        $code = $row[0];
        // print $code.'<br>';
        return check_xss($code);
    }
}
Exemple #4
0
function search_dist($status, $os, $mac, $distid = 0)
{
    // $pKeyword = check_sql($keyword);
    $pStatus = $status;
    $pOS = $os;
    $pMAC = $mac;
    $pId = $distid;
    $time = time();
    $ip = $_SERVER["REMOTE_ADDR"];
    if ($userid = get_userid()) {
        // echo $userid . '<br>';
    } else {
        die;
    }
    // echo $userid . '<br>';
    // echo $time . '<br>';
    // if Last_Time bigger than now time too much, such as 1 min, then set online status off
    $query = "UPDATE Dispatcher SET Status=0 WHERE {$time}-Last_Time>60";
    $result = mysql_query($query);
    // then select information
    $query = "SELECT Dispatcher.ID,Dispatcher.OS,Dispatcher.MAC,Dispatcher.IP,Dispatcher.Last_Time,Dispatcher.Status,User.Name FROM Dispatcher,User WHERE Dispatcher.User_ID=User.ID AND Dispatcher.User_ID='{$userid}'";
    if (is_int($pStatus) and $pStatus >= 0 and $pStatus < 2) {
        $query .= " AND Dispatcher.Status='{$pStatus}'";
    }
    if ($pOS) {
        $query .= " AND Dispatcher.OS like'%{$pOS}%'";
    }
    if ($pMAC) {
        $query .= " AND Dispatcher.MAC='{$pMAC}'";
    }
    if (is_int($pId) and $pId > 0) {
        $query .= " AND Dispatcher.ID={$pId}";
    }
    // echo $query.'<br>';
    $ret = array('data' => array());
    $result = mysql_query($query);
    while ($row = mysql_fetch_row($result)) {
        // var_dump($row);
        foreach ($row as $key => $value) {
            // echo $key.' => '.$value;
            $row[$key] = check_xss($value);
        }
        $ret['data'][] = $row;
        // var_dump($row);
    }
    return $ret;
}
Exemple #5
0
function search_config($s)
{
    $name = check_sql($name);
    $userId = $_SESSION['userID'];
    $query = "SELECT Config.Name,Config.Description FROM Config,User WHERE Config.User_ID=User.ID AND Config.Name like '%{$name}%'";
    // echo $query.'<br>';
    $ret = array();
    $result = mysql_query($query);
    while ($row = mysql_fetch_row($result)) {
        foreach ($row as $key => $value) {
            $row[$key] = check_xss($value);
        }
        $ret[] = $row;
        // var_dump($row);
    }
    return $ret;
}
Exemple #6
0
function search_task($level, $keyword = '', $taskid = 0)
{
    // $pKeyword = check_sql($keyword);
    $pLevel = $level;
    // echo $pLevel.'<br>';
    $pKeyword = $keyword;
    $pId = $taskid;
    if ($userid = get_userid()) {
        // echo $userid . '<br>';
    } else {
        die;
    }
    // echo $userid . '<br>';
    // print $pLevel.$pKeyword;
    $query = "SELECT Task.ID,Task.Target,Task.Start_Time,Task.End_Time,Task.Arguments,Task.Status,User.Name,CONCAT(Dispatcher.ID,':',Dispatcher.MAC,':',Dispatcher.OS,':',Dispatcher.IP) \n\t\t\tFROM Task\n\t\t\tINNER JOIN User ON Task.User_ID=User.ID\n\t\t\tLEFT JOIN Dispatcher ON Dispatcher.ID=Task.Dispatcher_ID \n\t\t\tWHERE Task.User_ID='{$userid}'";
    if (is_int($pLevel) and $pLevel > 0 and $pLevel < 4) {
        $pLevel = $pLevel == 1 ? 'done' : ($pLevel == 2 ? 'running' : ($pLevel == 3 ? 'waiting' : 'others'));
        $query .= " AND Task.Status='{$pLevel}'";
    }
    if ($pKeyword != '') {
        $query .= " AND Task.Target LIKE '%{$pKeyword}%'";
    }
    if (is_int($pId) and $pId > 0) {
        $query .= " AND Task.ID={$pId}";
    }
    // echo $query.'<br>';
    $ret = array('data' => array());
    $result = mysql_query($query);
    while ($row = mysql_fetch_row($result)) {
        // var_dump($row);
        foreach ($row as $key => $value) {
            // echo $key.' => '.$value;
            $row[$key] = check_xss($value);
        }
        $ret['data'][] = $row;
        // var_dump($row);
    }
    return $ret;
}
Exemple #7
0
function get_code($id = 0, $name = '')
{
    $pID = intval($id);
    $pName = check_sql($name);
    $query = "SELECT ID,Name,Type,Author,Time,Version,Web,Description,Code FROM Plugin";
    if (is_int($pID) and $pID > 0) {
        $query .= " WHERE ID={$pID}";
    } elseif ($pName != '') {
        $query .= " WHERE Name={$pName}";
    }
    // print($query.'<br>');
    // $ret = array('data' => array(), );
    $result = mysql_query($query);
    if ($row = mysql_fetch_row($result)) {
        foreach ($row as $key => $value) {
            // echo $key.' => '.$value;
            $row[$key] = check_xss($value);
        }
        $ret['data'][] = $row;
        return $ret;
    }
}
Exemple #8
0
function search_scan($level, $keyword = '', $scanid = 0)
{
    // $pKeyword = check_sql($keyword);
    $pLevel = $level;
    $pKeyword = $keyword;
    $pId = $scanid;
    if ($userid = get_userid()) {
        // echo $userid . '<br>';
    } else {
        die;
    }
    // echo $userid . '<br>';
    // print $pLevel.$pKeyword;
    $query = "SELECT Scan.ID,Scan.Url,Scan.Start_Time,Scan.End_Time,Scan.Level,Scan.Arguments,User.Name FROM Scan,User WHERE Scan.User_ID=User.ID AND Scan.User_ID='{$userid}'";
    if (is_int($pLevel) and $pLevel > 0 and $pLevel < 5) {
        $query .= " AND Scan.Level={$pLevel}";
    }
    if ($pKeyword != '') {
        $query .= " AND Scan.Url LIKE '%{$pKeyword}%'";
    }
    if (is_int($pId) and $pId > 0) {
        $query .= " AND Scan.ID={$pId}";
    }
    // echo $query.'<br>';
    $ret = array('data' => array());
    $result = mysql_query($query);
    while ($row = mysql_fetch_row($result)) {
        // var_dump($row);
        foreach ($row as $key => $value) {
            // echo $key.' => '.$value;
            $row[$key] = check_xss($value);
        }
        $ret['data'][] = $row;
        // var_dump($row);
    }
    return $ret;
}
@ini_set('error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE);
include ENGINE_DIR . '/data/config.php';
if ($config['http_home_url'] == "") {
    $config['http_home_url'] = explode("engine/print.php", $_SERVER['PHP_SELF']);
    $config['http_home_url'] = reset($config['http_home_url']);
    $config['http_home_url'] = "http://" . $_SERVER['HTTP_HOST'] . $config['http_home_url'];
}
require_once ENGINE_DIR . '/classes/mysql.php';
include_once ENGINE_DIR . '/data/dbconfig.php';
include_once ENGINE_DIR . '/modules/functions.php';
require_once ENGINE_DIR . '/classes/templates.class.php';
dle_session();
if ($config['site_offline'] == "yes") {
    die("The site in offline mode");
}
check_xss();
$_TIME = time() + $config['date_adjust'] * 60;
if (isset($_COOKIE['dle_skin'])) {
    $_COOKIE['dle_skin'] = trim(totranslit($_COOKIE['dle_skin'], false, false));
    if ($_COOKIE['dle_skin'] != '' and @is_dir(ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'])) {
        $config['skin'] = $_COOKIE['dle_skin'];
    }
}
if ($config["lang_" . $config['skin']]) {
    if (file_exists(ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng')) {
        include_once ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng';
    } else {
        die("Language file not found");
    }
} else {
    include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
Exemple #10
0
       print_import();
      }elseif ($_REQUEST['doim']){
       check_xss();do_import();
      }elseif ($_REQUEST['dosht']){
       check_xss();do_sht();
      }elseif (!$_REQUEST['refresh'] || preg_match('/^select|show|explain|desc/i',$SQLq) ){
       if ($SQLq)check_xss();
       do_sql($SQLq);#perform non-select SQL only if not refresh (to avoid dangerous delete/drop)
      }
     }else{
        if ( $_REQUEST['refresh'] ){
           check_xss();do_sql($SHOW_D);
        }elseif ($_REQUEST['crdb']){
          check_xss();do_sql('CREATE DATABASE `'.$_REQUEST['new_db'].'`');do_sql($SHOW_D);
        }elseif ( preg_match('/^(?:show\s+(?:databases|status|variables|process)|create\s+database|grant\s+)/i',$SQLq) ){
           check_xss();do_sql($SQLq);
        }else{
           $err_msg="Select Database first";
           if (!$SQLq) do_sql($SHOW_D);
        }
     }
    }
    $time_all=ceil((microtime_float()-$time_start)*10000)/10000;

    print_screen();
 }else{
    print_cfg();
 }

function do_sql($q){
 global $dbh,$last_sth,$last_sql,$reccount,$out_message,$SQLq,$SHOW_T;