* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'network');
//Delete all filtered nets
Session::logcheck('environment-menu', 'EventsHidsConfig');
$data['status'] = 'success';
$data['data'] = NULL;
$file = $_SESSION['_current_file'];
$sensor_id = POST('sensor_id');
$new_xml_data = $_POST['data'];
$token = POST('token');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = ossim_get_error_clean();
} else {
if (!Token::verify('tk_f_rules', $token)) {
$data['status'] = 'error';
$data['data'] = Token::create_error_message();
} else {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$data['status'] = 'error';
$data['data'] = _('Error! Sensor not allowed');
}
$db->close();
}
}
if ($data['status'] == 'error') {
$data['status'] = 'error';
$data['data'] = _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . $data['data'] . '</div>';
echo json_encode($data);
exit;
if (GET('ajax_validation') == TRUE) {
$data['status'] = 'OK';
$validation_errors = validate_form_fields('GET', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
echo json_encode($data);
exit;
}
$token = POST('token');
//Checking form token
if (!isset($_POST['ajax_validation_all']) || POST('ajax_validation_all') == FALSE) {
if (Token::verify('tk_deploy_form', $token) == FALSE) {
$data['status'] = 'error';
$data['data']['tk_form'] = Token::create_error_message();
echo json_encode($data);
exit;
}
}
$validation_errors = validate_form_fields('POST', $validate);
$user = POST('user');
$pass = POST('pass');
$domain = POST('domain');
//AJAX validator: Return validation results
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
} else {
$data['status'] = 'OK';
$validation_errors = validate_form_fields('POST', $validate);
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
} else {
$data['status'] = 'OK';
$data['data'] = '';
}
echo json_encode($data);
exit;
}
//Checking form token
if (!isset($_POST['ajax_validation_all']) || POST('ajax_validation_all') == FALSE) {
if (Token::verify('tk_form_wi', POST('token')) == FALSE) {
Util::response_bad_request(Token::create_error_message());
}
}
//Perform action
if (is_array($validation_errors) && !empty($validation_errors)) {
$error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . implode('<br/>', $validation_errors) . '</div>';
Util::response_bad_request($error_msg);
}
$locations_id = POST('locations_id');
$name = POST('l_name');
$ctx = POST('ctx');
$desc = POST('desc');
$location = POST('search_location');
$longitude = POST('longitude');
$latitude = POST('latitude');
$cou = POST('country');
}
break;
/********************************************
**************** Delete Tag ****************
********************************************/
/********************************************
**************** Delete Tag ****************
********************************************/
case 'delete_tag':
// Validate form params
$validate = array('tag_id' => array('validation' => 'OSS_HEX', 'e_message' => 'illegal:' . _('Label ID')));
$validation_errors = validate_form_fields('POST', $validate);
// Validate form token
if (is_array($validation_errors) && empty($validation_errors)) {
if (Token::verify('tk_tag_form', POST('token')) == FALSE) {
$validations_errors['save_tag'] = Token::create_error_message();
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
} else {
// Get form params
$tag_id = POST('tag_id');
try {
// Delete tag
Tag::delete_from_db($conn, $tag_id);
$data['status'] = 'OK';
$data['data'] = _('Label successfully deleted');
} catch (\Exception $e) {
$error_msg = $e->getMessage();
$response['message'] = _('The backup process is inserting events...');
} else {
$response['status'] = 'error';
$response['message'] = _('Sorry, operation was not completed due to an error when restoring events');
}
} else {
$response['status'] = 'error';
$response['message'] = _('Please, select the dates you want to restore');
}
break;
// Purge button
// Purge button
case 'delete':
if (Token::verify('tk_delete_events', GET('token')) == FALSE) {
$response['status'] = 'error';
$response['message'] = Token::create_error_message();
} elseif (count($dates_list) > 0) {
$launch_status = Backup::Delete($dates_list);
if ($launch_status > 0) {
$response['status'] = 'success';
$response['message'] = _('The backup process is purging events...');
} else {
$response['status'] = 'error';
$response['message'] = _('Sorry, operation was not completed due to an error when purging events');
}
} else {
$response['status'] = 'error';
$response['message'] = _('Please, select the dates you want to purge');
}
break;
// Ajax status interval check
}
if (strlen($agent_name) < 2 || strlen($agent_name) > 32) {
$validation_errors['agent_name'] = _("Unable to add agent. The agent must be between 2-32 characters and contain only alphanumeric characters. Please enter a new name and try again");
}
} catch (Exception $e) {
$validation_errors['add_agent'] = _('Sorry, operation was not completed due to an error when processing the request. Please try again');
}
//Checking if asset was linked to other HIDS Agent
$_aux_agents = Asset_host::get_related_hids_agents($conn, $asset_id, $sensor_id);
if (!empty($_aux_agents)) {
$validation_errors['asset_id'] = _("Unable to add agent. The selected asset already has a HIDS agent deployed. Please select a different asset and try again.");
}
//Check Token
if (empty($validation_errors)) {
if (!Token::verify('tk_f_agents', POST('token'))) {
$validation_errors['tk_form'] = Token::create_error_message();
}
}
}
$db->close();
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$validation_errors['html_errors'] = "<div style='text-align: left;'>" . _('The following errors occurred') . ":</div>\n <div style='padding-left:15px; text-align: left;'>" . implode('<br/>', $validation_errors) . "</div>";
$data['status'] = 'error';
$data['data'] = $validation_errors;
} else {
$ret = NULL;
$data['status'] = 'success';
try {
$new_agent = Ossec_agent::create($sensor_id, $agent_name, $ip_cidr, $asset_id);
//If ossec-remoted is not running, we have to restart Ossec Server
}
exit;
}
$agent_id = POST('agent_id');
$agent_type = POST('os_type');
$sensor_id = POST('sensor_id');
$token = POST('token');
$validate = array('sensor_id' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor ID')), 'agent_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Agent ID')), 'os_type' => array('validation' => "'regex:unix|windows'", 'e_message' => 'illegal:' . _('OS Type')));
$validation_errors = validate_form_fields('POST', $validate);
if (empty($validation_errors)) {
if (!Token::verify('tk_f_ossec_agent', $token)) {
?>
<script type='text/javascript'>
parent.hide_loading_box();
parent.$("#c_info").html(parent.notify_error('<?php
echo Token::create_error_message();
?>
'));
parent.$("#c_info").fadeIn(4000);
parent.window.scrollTo(0,0);
parent.$('#c_ossec_agent').remove();
</script>
<?php
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$sensor_allowed = Ossec_utilities::is_sensor_allowed($conn, $sensor_id);
$db->close();
if (!$sensor_allowed) {
?>
if (!empty($agent_name) && $a_data['name'] == $agent_name) {
$validation_errors['add_agent'] = _('Name') . " '{$agent_name}' " . _('already present. Please enter a new name.');
break;
}
}
if (strlen($agent_name) < 2 || strlen($agent_name) > 32) {
$validation_errors['add_agent'] = _('Invalid name') . " '{$agent_name}' " . _('given.<br/> Name must contain only alphanumeric characters (min=2, max=32).');
}
} catch (Exception $e) {
$validation_errors['add_agent'] = _('Error to add agent. Unable to retrieve agent list');
}
}
//Check Token
if (empty($validation_errors)) {
if (!Token::verify('tk_f_agents', POST('token'))) {
$validation_errors['add_agent'] = Token::create_error_message();
}
}
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$validation_errors['html_errors'] = "<div style='text-align: left;'>" . _('We found the following errors') . ":</div>\n <div style='padding-left:15px; text-align: left;'>" . implode('<br/>', $validation_errors) . "</div>";
$data['status'] = 'error';
$data['data'] = $validation_errors;
echo json_encode($data);
exit;
} else {
$ret = NULL;
$data['status'] = 'success';
switch ($action) {
case 'add_agent':
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
// Database access object
$db = new ossim_db();
$conn = $db->connect();
/**************************************
****** Validate all form fields ******
**************************************/
// Validate form params
$validate = array('status_message_id' => array('validation' => 'OSS_UUID', 'e_message' => 'illegal:' . _('Status Message UUID')));
$validation_errors = validate_form_fields('POST', $validate);
// Validate form token
if (is_array($validation_errors) && empty($validation_errors)) {
if (Token::verify('tk_notification_form', POST('token')) == FALSE) {
$validations_errors['set_viewed'] = Token::create_error_message();
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
//Formatted message
$error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $validation_errors) . '</div>';
Util::response_bad_request($error_msg);
} else {
// Get form params
$status_message_id = POST('status_message_id');
try {
/**********************
****** API Call ******
**********************/
$status = new System_notifications();
switch ($action) {
if ($action == 'modify_host_data') {
if (!empty($_POST['pass']) && POST('pass') != POST('passc')) {
$validation_errors['pass'] = _('Password fields are different');
}
if (!empty($_POST['ppass']) && POST('ppass') != POST('ppassc')) {
$validation_errors['ppass'] = _('Privileged Password fields are different');
}
}
//Check token
if ($action == 'modify_host_data') {
if (!Token::verify('tk_al_entries', $token)) {
$validation_errors['token'] = Token::create_error_message();
}
} elseif ($action != 'get_agentless_status') {
if (!Token::verify('tk_al_entries', $token)) {
$validation_errors['token'] = Token::create_error_message();
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$validation_errors['html_errors'] = "<div>" . _('We found the following errors') . ":</div><div style='padding:5px;'>" . implode("<br/>", $validation_errors) . "</div>";
$data['status'] = 'error';
$data['data'] = $validation_errors;
echo json_encode($data);
exit;
}
$data['status'] = 'success';
switch ($action) {
case 'add_monitoring_entry':
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$data['status'] = 'error';
$data['data'] = _('Error! Sensor not allowed');
ini_set('max_execution_time', '1200');
session_write_close();
//Validate action type
$action = POST('action');
ossim_valid($action, OSS_LETTER, '_', 'illegal:' . _('Action'));
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
$user = Session::get_session_user();
$scan_file = 'last_asset_object-' . md5($user);
$scan_report_file = AV_TMP_DIR . '/last_scan_report-' . md5($user);
try {
//Validate Form token
$token = POST('token');
if (Token::verify('tk_assets_form', $token) == FALSE) {
$e_msg = Token::create_error_message();
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
switch ($action) {
case 'delete_scan':
try {
$av_scan = Av_scan::get_object_from_file($scan_file);
$av_scan->delete_scan();
} catch (Exception $e) {
}
Cache_file::remove_file($scan_file);
$data['status'] = 'success';
$data['data'] = _('Asset scan has been permanently deleted');
break;
case 'stop_scan':
try {
require_once 'av_init.php';
if (!Session::am_i_admin()) {
$error = _("You do not have permission to see this section");
Util::response_bad_request($error);
}
session_write_close();
set_time_limit(0);
ob_end_clean();
// Error message options
$config_nt = array('content' => '', 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 60%; margin: 30px auto; text-align:center;');
$_back_url = Menu::get_menu_url(AV_MAIN_PATH . '/av_backup/index.php', 'configuration', 'administration', 'backups', 'backups_configuration');
$back_link = '<br/><a href="' . $_back_url . '">' . _('Return to configuration backups') . '</a>';
//Validate Form token
$token = POST('token');
if (Token::verify('tk_backup_download', $token) == FALSE) {
$config_nt['content'] = Token::create_error_message() . $back_link;
$nt = new Notification('nt_1', $config_nt);
$nt->show();
die;
}
$validate = array('system_id' => array('validation' => 'OSS_UUID', 'e_message' => 'illegal:' . _('System ID')), 'backup_file' => array('validation' => 'OSS_ALPHA, OSS_SCORE, OSS_DOT', 'e_message' => 'illegal:' . _('Backup File')), 'job_id' => array('validation' => 'OSS_UUID', 'e_message' => 'illegal:' . _('Job ID')));
$system_id = POST('system_id');
$backup_file = POST('backup_file');
$job_id = POST('job_id');
$validation_errors = validate_form_fields('POST', $validate);
if (!empty($validation_errors)) {
$config_nt['content'] = _('Validation error - unable to download backup file. Please try again.') . $back_link;
$nt = new Notification('nt_1', $config_nt);
$nt->show();
die;
}