Exemple #1
0
 /**
  * @return CSecurityEvent
  */
 public static function getInstance()
 {
     if (is_null(self::$instance)) {
         self::$instance = new static();
     }
     return self::$instance;
 }
Exemple #2
0
 /**
  * @return CSecurityEvent
  */
 public static function getInstance()
 {
     if (is_null(self::$instance)) {
         self::$instance = new CSecurityEvent();
     }
     return self::$instance;
 }
Exemple #3
0
	/**
	 * Return WAF events count for Admin's informer popup and Admin's gadget
	 * @param string $timestampX  - from date
	 * @return integer
	 */
	public static function GetEventsCount($timestampX = '')
	{
		return CSecurityEvent::getInstance()->getEventsCount($timestampX);
	}
Exemple #4
0
<?php

$module_id = "security";
CModule::IncludeModule($module_id);
/**
 * @global CUser $USER
 * @global CMain $APPLICATION
 **/
$canRead = $USER->CanDoOperation('security_module_settings_read');
$canWrite = $USER->CanDoOperation('security_module_settings_write');
if ($canRead || $canWrite) {
    IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/options.php");
    IncludeModuleLangFile(__FILE__);
    $arSyslogFacilities = array("reference_id" => array_keys(CSecurityEvent::getSyslogFacilities()), "reference" => CSecurityEvent::getSyslogFacilities());
    $arSyslogPriorities = array("reference_id" => array_keys(CSecurityEvent::getSyslogPriorities()), "reference" => CSecurityEvent::getSyslogPriorities());
    $arAllOptions = array(array("", GetMessage("SEC_OPTIONS_IPCHECK"), array("heading")), array("ipcheck_allow_self_block", GetMessage("SEC_OPTIONS_IPCHECK_ALLOW_SELF_BLOCK"), array("checkbox")), array("ipcheck_disable_file", GetMessage("SEC_OPTIONS_IPCHECK_DISABLE_FILE"), array("text", 45)), array("", GetMessage("SEC_OPTIONS_EVENTS"), array("heading")), array("security_event_format", GetMessage("SEC_OPTIONS_EVENT_FORMAT"), array("text", 60)), array("security_event_userinfo_format", GetMessage("SEC_OPTIONS_EVENT_USERINFO_FORMAT"), array("text", 60)), array("security_event_db_active", GetMessage("SEC_OPTIONS_EVENT_DB_ACTIVE"), array("checkbox")), array("security_event_syslog_active", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_ACTIVE"), array("checkbox")), array("security_event_syslog_facility", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_FACILITY"), array("selectbox", $arSyslogFacilities)), array("security_event_syslog_priority", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_PRIORITY"), array("selectbox", $arSyslogPriorities)), array("security_event_file_active", GetMessage("SEC_OPTIONS_EVENT_FILE_ACTIVE"), array("checkbox")), array("security_event_file_path", GetMessage("SEC_OPTIONS_EVENT_FILE_PATH"), array("text", 45)));
    $aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB_SET"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_SET")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB_RIGHTS"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_RIGHTS")));
    $tabControl = new CAdminTabControl("tabControl", $aTabs);
    if ($_SERVER["REQUEST_METHOD"] == "POST" && $_REQUEST["Update"] . $_REQUEST["Apply"] . $_REQUEST["RestoreDefaults"] != "" && $canWrite && check_bitrix_sessid()) {
        if ($_REQUEST["RestoreDefaults"] != "") {
            COption::RemoveOption($module_id);
        } else {
            foreach ($arAllOptions as $arOption) {
                $name = $arOption[0];
                $val = trim($_REQUEST[$name], " \t\n\r");
                $type = $arOption[2][0];
                if ($type === 'heading') {
                    continue;
                }
                if ($type === 'checkbox' && $val != 'Y') {
                    $val = 'N';
Exemple #5
0
	public static function BeforeLocalRedirect(&$url, $skip_security_check)
	{
		//This define will be used on buffer end handler
		if(!defined("BX_SECURITY_LOCAL_REDIRECT"))
			// define("BX_SECURITY_LOCAL_REDIRECT", true);

		if(array_key_exists("LOCAL_REDIRECTS", $_SESSION))
		{
			if($_SESSION["LOCAL_REDIRECTS"]["C"] == 0 && strlen($_SESSION["LOCAL_REDIRECTS"]["R"]) == 0)
				$_SESSION["LOCAL_REDIRECTS"]["R"] = $_SERVER["HTTP_REFERER"];

			$_SESSION["LOCAL_REDIRECTS"]["C"]++;
		}
		else
		{
			$_SESSION["LOCAL_REDIRECTS"] = array("C" => 1, "R" => $_SERVER["HTTP_REFERER"]);
		}

		if($skip_security_check)
			return;

		/** global CMain $APPLICATION */
		global $APPLICATION;

		$url_l = str_replace(array("\r", "\n"), "", $url);

		//In case of absolute url will check if server to be redirected is our
		$bSkipCheck = false;
		if(preg_match("/^(http|https):\\/\\/(.*?)\\//i", $url_l, $arMatch))
		{
			if(defined("BX24_HOST_NAME"))
			{
				$arSite = array(
					"SERVER_NAME" => BX24_HOST_NAME,
					"DOMAINS" => ""
				);
			}
			elseif(defined("SITE_ID"))
			{
				$rsSite = CSite::GetByID(SITE_ID);
				$arSite = $rsSite->Fetch();
			}
			else
			{
				$arSite = false;
			}

			if($arSite)
			{
				if($arMatch[2] === $arSite["SERVER_NAME"])
				{
					$bSkipCheck = true;
				}
				elseif($arSite["DOMAINS"])
				{
					$arDomains = explode("\n", str_replace("\r", "\n", $arSite["DOMAINS"]));
					foreach($arDomains as $domain)
					{
						$domain = trim($domain, " \t\n\r");
						if(strlen($domain) > 0)
						{
							if($domain === substr($arMatch[2], -strlen($domain)))
							{
								$bSkipCheck = true;
								break;
							}
						}
					}
				}
			}
		}

		if(!$bSkipCheck && preg_match("/^(http|https|ftp):\\/\\//i", $url_l))
		{
			$good = true;

			if($_SESSION["LOCAL_REDIRECTS"]["C"] > 1)
				$REFERER_TO_CHECK = $_SESSION["LOCAL_REDIRECTS"]["R"];
			else
				$REFERER_TO_CHECK = $_SERVER["HTTP_REFERER"];

			if($good && COption::GetOptionString("security", "redirect_referer_check") == "Y")
			{
				$good &= strlen($REFERER_TO_CHECK) > 0;
			}

			if($good && strlen($REFERER_TO_CHECK) > 0 && COption::GetOptionString("security", "redirect_referer_site_check") == "Y")
			{
				$valid_site = ($APPLICATION->IsHTTPS()? "https://": "http://").$_SERVER['HTTP_HOST']."/";
				$good &= strpos($REFERER_TO_CHECK, $valid_site) === 0;
			}

			if($good && COption::GetOptionString("security", "redirect_href_sign") == "Y")
			{
				$sid = COption::GetOptionString("security", "redirect_sid").$_SERVER["REMOTE_ADDR"];
				$good &= md5($sid.":".$url) === $_GET["af"];
			}

			if(!$good)
			{
				global $APPLICATION;

				if(COption::GetOptionString("security", "redirect_log") == "Y")
					CSecurityEvent::getInstance()->doLog(
							"SECURITY",
							"SECURITY_REDIRECT",
							$APPLICATION->GetCurPage(),
							$url
					);

				if(COption::GetOptionString("security", "redirect_action") == "show_message")
				{
					$timeout = intval(COption::GetOptionString("security", "redirect_message_timeout"));
					if($timeout <= 0)
						$timeout = 30;

					$mess = COption::GetOptionString("security", "redirect_message_warning_".LANGUAGE_ID);
					if(strlen($mess) <= 0)
						$mess = COption::GetOptionString("security", "redirect_message_warning");
					$charset = COption::GetOptionString("security", "redirect_message_charset");
					if(strlen($mess) <= 0)
					{
						$mess = CSecurityRedirect::GetDefaultMessage();
						$charset = LANG_CHARSET;
					}
					$html_mess = str_replace("+", "&#43;", htmlspecialcharsbx($mess));

					$url = htmlspecialcharsbx($url);
					$html_url = '<nobr><a href="'.$url.'">'.$url.'</a></nobr>';
					$html_mess = str_replace("#URL#", $html_url, $html_mess);
		?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?echo $charset?>" />
<meta http-equiv="Refresh" content="<?php 
echo $timeout;
?>
; URL=<?php 
echo $url;
?>
">
<meta name="robots" content="none" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/adminstyles.css" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/404.css" />
</head>
<body>
<script>if(document.location!=top.location)top.location=document.location;</script>

<div class="error-404">
<table class="error-404" border="0" cellpadding="0" cellspacing="0" align="center">
	<tbody><tr class="top">
		<td class="left"><div class="empty"></div></td>
		<td><div class="empty"></div></td>
		<td class="right"><div class="empty"></div></td>
	</tr>
	<tr>
		<td class="left"><div class="empty"></div></td>
		<td class="content">
			<div class="description">
				<table cellpadding="0" cellspacing="0">
					<tbody><tr>
						<td><div class="icon"></div></td>
						<td><?php 
echo $html_mess;
?>
</td>
					</tr>
				</tbody></table>
			</div>
		</td>
		<td class="right"><div class="empty"></div></td>
	</tr>
	<tr class="bottom">
		<td class="left"><div class="empty"></div></td>
		<td><div class="empty"></div></td>
		<td class="right"><div class="empty"></div></td>
	</tr>
</tbody></table>
</div>
</body>
</html>
		<?
					die();
				}
				else
				{
					$url = COption::GetOptionString("security", "redirect_url");
				}
			}
		}
	}
Exemple #6
0
 /**
  * @param $name
  * @param $value
  * @param $sourceScript
  * @return mixed
  */
 protected function logVariable($name, $value, $sourceScript)
 {
     if (defined("ANTIVIRUS_CREATE_TRACE")) {
         $this->CreateTrace($name, $value, $sourceScript);
     }
     return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_XSS2", $name, $value);
 }
 /**
  * @param string $host
  * @return bool
  */
 protected function log($host)
 {
     return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_HOST_RESTRICTION', 'HTTP_HOST', $host);
 }
Exemple #8
0
<?php

$module_id = "security";
$RIGHT_R = $USER->CanDoOperation('security_module_settings_read');
$RIGHT_W = $USER->CanDoOperation('security_module_settings_write');
if ($RIGHT_R || $RIGHT_W) {
    IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/options.php");
    IncludeModuleLangFile(__FILE__);
    $arSyslogFacilities = array();
    $arSyslogFacilities['reference_id'] = array_keys(CSecurityEvent::getSyslogFacilities());
    $arSyslogFacilities['reference'] = array_values(CSecurityEvent::getSyslogFacilities());
    $arSyslogPriorities = array();
    $arSyslogPriorities['reference_id'] = array_keys(CSecurityEvent::getSyslogPriorities());
    $arSyslogPriorities['reference'] = array_values(CSecurityEvent::getSyslogPriorities());
    $arAllOptions = array(array("", GetMessage("SEC_OPTIONS_IPCHECK") . " ", array("heading")), array("ipcheck_allow_self_block", GetMessage("SEC_OPTIONS_IPCHECK_ALLOW_SELF_BLOCK") . " ", array("checkbox")), array("ipcheck_disable_file", GetMessage("SEC_OPTIONS_IPCHECK_DISABLE_FILE") . " ", array("text", 45)), array("", GetMessage("SEC_OPTIONS_EVENTS") . " ", array("heading")), array("security_event_collect_user_info", GetMessage("SEC_OPTIONS_EVENT_COLLECT_USER_INFO") . " ", array("checkbox")), array("security_event_db_active", GetMessage("SEC_OPTIONS_EVENT_DB_ACTIVE") . " ", array("checkbox")), array("security_event_syslog_active", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_ACTIVE") . " ", array("checkbox")), array("security_event_syslog_facility", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_FACILITY") . " ", array("selectbox", $arSyslogFacilities)), array("security_event_syslog_priority", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_PRIORITY") . " ", array("selectbox", $arSyslogPriorities)), array("security_event_file_active", GetMessage("SEC_OPTIONS_EVENT_FILE_ACTIVE") . " ", array("checkbox")), array("security_event_file_path", GetMessage("SEC_OPTIONS_EVENT_FILE_PATH") . " ", array("text", 45)));
    $aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB_SET"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_SET")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB_RIGHTS"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_RIGHTS")));
    $tabControl = new CAdminTabControl("tabControl", $aTabs);
    CModule::IncludeModule($module_id);
    if ($REQUEST_METHOD == "POST" && strlen($Update . $Apply . $RestoreDefaults) > 0 && $RIGHT_W && check_bitrix_sessid()) {
        if (strlen($RestoreDefaults) > 0) {
            COption::RemoveOption($module_id);
        } else {
            foreach ($arAllOptions as $arOption) {
                $name = $arOption[0];
                $val = trim($_REQUEST[$name], " \t\n\r");
                if ($arOption[2][0] == "checkbox" && $val != "Y") {
                    $val = "N";
                }
                COption::SetOptionString($module_id, $name, $val, $arOption[1]);
            }
        }
Exemple #9
0
 /**
  * @param string $value
  * @param string $name
  * @param string $auditorName
  * @return bool
  */
 protected static function logVariable($value, $name, $auditorName)
 {
     return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_FILTER_' . $auditorName, $name, $value);
 }
Exemple #10
0
 /**
  * @param string $pValue
  * @param string $pName
  * @param string $pAuditorName
  * @return bool
  */
 protected static function logVariable($pValue, $pName, $pAuditorName)
 {
     return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_" . $pAuditorName, $pName, "==" . base64_encode($pValue));
 }