function service_list($conn, $page, $search) { $return['error'] = TRUE; $return['msg'] = ''; $filters = array(); $filters['limit'] = get_query_limits($page); $filters['order_by'] = 'port'; if ($search != '') { $search = utf8_decode($search); $search = escape_sql($search, $conn); $filters['where'] = " (s.port LIKE '%{$search}%' OR s.service LIKE '%{$search}%'"; //Filter by protocol name $protocol_list = Protocol::get_list($search); $protocol_list = array_keys($protocol_list); $protocol_list = implode(',', $protocol_list); if (!empty($protocol_list)) { $filters['where'] .= " OR s.protocol IN ({$protocol_list})"; } $filters['where'] .= ")"; } try { list($services, $total) = Asset_host_services::get_services_available($conn, $filters, TRUE); } catch (Exception $e) { $return['error'] = TRUE; $return['msg'] = $e->getMessage(); return $return; } if ($total > 0) { $selected = get_selected_values(10); } $list = array(); //Going through the list to format the elements properly: foreach ($services as $service) { $_serv = array(); $id = $service['port'] . ';' . $service['protocol'] . ';' . $service['service']; $md5 = md5($id); $name = $service['port'] . '/' . $service['prot_name'] . ' (' . $service['service'] . ')'; $_chk = $selected[$md5] != '' ? TRUE : FALSE; $_serv = array('id' => $id, 'name' => Util::utf8_encode2($name), 'checked' => $_chk); $list[$md5] = $_serv; } $data['total'] = intval($total); $data['list'] = $list; $return['error'] = FALSE; $return['data'] = $data; return $return; }
$selection_filter = escape_sql($selection_filter, $conn); //Create asset object $asset_host = new Asset_host($conn, $asset_id); $filters = array('where' => 'AND service LIKE "%' . $selection_filter . '%"'); list($s_list, ) = $asset_host->get_services($conn, $filters); } } $data['status'] = 'success'; $data['data'] = _('Your changes have been saved'); if ($toggle_all == TRUE) { if (!valid_hex32($asset_id)) { $db->close(); Util::response_bad_request(_('Error! Asset ID not allowed. Your changes could not be saved')); } else { try { Asset_host_services::toggle_nagios($conn, $asset_id, $nagios); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } } } else { if (is_array($s_list) && !empty($s_list)) { foreach ($s_list as $s_values) { try { //Clean last error ossim_clean_error(); $validate = array('asset_id' => array('validation' => array(OSS_HEX), 'e_message' => 'illegal:' . _('Asset ID')), 'ip' => array('validation' => array(OSS_IP_ADDR), 'e_message' => 'illegal:' . _('Asset IP')), 'port' => array('validation' => array(OSS_PORT), 'e_message' => 'illegal:' . _('Port')), 'protocol' => array('validation' => array(OSS_PROTOCOL_SERVICE), 'e_message' => 'illegal:' . _('Protocol'))); //Initialize service data $s_data = array(); //Asset ID
throw new Exception(ossim_get_error_clean()); } $db = new ossim_db(); $conn = $db->connect(); $filters = array('where' => "h.id = UNHEX('{$asset_id}') AND host_services.port = {$port} AND host_services.service = '" . escape_sql($service, $conn) . "'"); $_list_data = Asset_host_services::get_list($conn, $filters); $services = $_list_data[0]; if (empty($services[$asset_id][0])) { $db->close(); throw new Exception(_('Service not found')); } $service_data = $services[$asset_id][0]; $_host_aux = Asset_host::get_object($conn, $asset_id); $_ips_aux = array_keys($_host_aux->get_ips()->get_ips()); $_ctx_aux = $_host_aux->get_ctx(); $vulns = Asset_host_services::get_vulns_by_service($conn, $_ips_aux, $_ctx_aux, $service, $port); // Not matching with software_cpe, but cpe found in version field if ($service_data['cpe'] == '' && preg_match('/cpe\\:/', $service_data['version'])) { $service_data['cpe'] = $service_data['version']; $service_data['version'] = ''; } ?> <div id="tray_container"> <div class="tray_triangle"></div> <div id="tray_table"> <div> <div class='detail_header_left detail_2column'> <div class='tray_title'><?php
if ($e_counter == $n_size && $n_size == 1) { $e_message = _('Host service could not be toggled'); } elseif ($e_counter == $n_size && $n_size > 1) { $e_message = _('Host services could not be toggled'); } else { $e_message = _('Some host services could not be toggled'); //At least, one service was toggled, we have to clear the cache $data['reload_tree'] = TRUE; } } //Formatted message $data['data'] = '<div>' . _('We Found the following errors') . ":</div>\n\t\t\t\t\t <div style='padding: 5px;'>" . $e_message . '</div>'; } //Enable o disable Nagios in host $filters = array('where' => "h.id IN (UNHEX('" . $p_data['host_id'] . "')) AND nagios = 1"); $_host_services = Asset_host_services::get_list($conn, $filters); $host_services = $_host_services[0]; if (count($host_services) >= 1) { Asset_host_scan::save_plugin_in_db($conn, $p_data['host_id'], 2007); } else { Asset_host_scan::delete_plugin_from_db($conn, $p_data['host_id'], 2007); } $db->close(); break; case 'delete_properties': //Error counter $e_counter = 0; //Properties $properties = base64_decode(POST('properties')); $properties = json_decode($properties, TRUE); $data['status'] = 'OK';
$conn = $db->connect(); $filters = array('limit' => "{$from}, {$maxrows}"); if ($search_str != '') { $search_str = escape_sql($search_str, $conn); $filters['where'] = 'host_services.service LIKE "%' . $search_str . '%"'; } // DATA list($services, $total) = $asset_object->get_services($conn, $filters); $data = array(); //$status_values = array(_('Ok'), _('Warning'), _('Critical')); foreach ($services as $host_id => $services_list) { $_host_aux = Asset_host::get_object($conn, $host_id); $_ips_aux = array_keys($_host_aux->get_ips()->get_ips()); $_ctx_aux = $_host_aux->get_ctx(); foreach ($services_list as $sw) { $vulns = Asset_host_services::get_vulns_by_service($conn, $_ips_aux, $_ctx_aux, $sw['service'], $sw['port']); $has_vulns = count($vulns) > 0 ? _('Yes') : _('No'); if ($sw['nagios']['enabled']) { $has_nagios = _('Yes'); if ($sw['nagios']['status'] == 0) { $nagios_status = _('OK'); } elseif ($sw['nagios']['status'] == 1) { $nagios_status = _('WARNING'); } elseif ($sw['nagios']['status'] == 2) { $nagios_status = _('CRITICAL'); } else { $nagios_status = _('UNKNOWN'); } } else { $has_nagios = _('No'); $nagios_status = "-";
Util::response_bad_request($e->getMessage()); } //Distinct Host IDs with properties $assets_with_services = array(); // Services data $data = array(); foreach ($s_list as $s_id => $serv_data) { foreach ($serv_data as $_asset_id => $s_values) { if (array_key_exists($_asset_id, $assets_with_services)) { $ips_to_show = $assets_with_services[$_asset_id]; } else { $_host = Asset_host::get_object($conn, $_asset_id); $ips_to_show = $_host->get_name() . ' (' . $_host->get_ips()->get_ips('string') . ')'; $assets_with_services[$_asset_id] = $ips_to_show; } $r_key = strtolower($_asset_id . '_' . md5($s_id)); $nagios_enabled = intval($s_values['nagios']['enabled']); $nagios_status = $nagios_enabled == 1 ? Asset_host_services::get_nagios_status_by_code($s_values['nagios']['status']) : '-'; $ip_value = $_host->get_name() . ' (' . $s_values['ip'] . ')'; $_s_data = array("DT_RowId" => $r_key, "DT_RowData" => array('p_id' => 40, 's_ip' => $s_values['ip'], 's_port' => $s_values['port'], 's_protocol' => $s_values['protocol']['id'], 's_name' => $s_values['service'], 'version' => $s_values['version'], 'nagios' => intval($s_values['nagios']['enabled']), 'source_id' => $s_values['source']['id']), "", $ip_value, $s_values['port'], $s_values['protocol']['name'], $s_values['service'], $nagios_status, $nagios_enabled, ""); $data[] = $_s_data; } } $response['sEcho'] = $sec; $response['iTotalRecords'] = $s_total; $response['iTotalDisplayRecords'] = $s_total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file dt_services.php */ /* Location: /av_asset/common/providers/dt_services.php */