function get_pulse_detail_from_id($conn)
{
$type = POST('type');
$pulse = POST('pulse');
$id = POST('id');
ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type'));
ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse'));
ossim_valid($id, OSS_HEX, 'illegal:' . _('ID'));
if (ossim_error()) {
Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
}
if ($type == 'alarm') {
$pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE);
} elseif ($type == 'event') {
$pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE);
} elseif ($type == 'alarm_event') {
$pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE);
}
return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs']));
}
require_once dirname(__FILE__) . '/../../conf/config.inc';
session_write_close();
Session::logcheck('environment-menu', 'EventsHidsConfig');
$events_hids_config = Session::menu_perms('environment-menu', 'EventsHidsConfig');
try {
$db = new ossim_db();
$conn = $db->connect();
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if (!ossim_error()) {
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$e_msg = _('Error! Sensor not allowed');
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
} else {
$e_msg = ossim_get_error_clean();
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
$agents = Ossec_agent::get_list($sensor_id);
$data = array();
if (is_array($agents) && !empty($agents)) {
foreach ($agents as $agent_id => $a_data) {
if (empty($a_data)) {
continue;
}
$a_unique_id = md5($agent_id);
$agent_actions = Ossec_agent::get_actions($agent_id, $a_data);
if (!empty($a_data['host_id'])) {
$asset_name = Asset_host::get_name_by_id($conn, $a_data['host_id']);
} else {
$asset_name = '-';
set_include_path(get_include_path() . PATH_SEPARATOR . $path);
require_once 'Common/functions.php';
require_once 'Various/general.php';
// DB
$db = new ossim_db();
$conn = $db->connect();
$geoloc = new Geolocation('/usr/share/geoip/GeoLiteCity.dat');
//Initialize var
$report_name = $report_data['report_name'];
$subreport_name = $report_data['subreports'][$subreport_id]['name'];
$date_from = POST($report_data['parameters'][0]['date_from_id']);
$date_to = POST($report_data['parameters'][0]['date_to_id']);
ossim_valid($date_from, OSS_DATE, OSS_NULLABLE, 'illegal:' . _('Date From'));
ossim_valid($date_to, OSS_DATE, OSS_NULLABLE, 'illegal:' . _('Date To'));
if (ossim_error()) {
echo 'error###' . ossim_get_error_clean();
exit;
}
$query_temp = array();
//
// select src_ip from alarm table and not defined into nets
//
$ips = array();
$plugin_id = NULL;
$plugin_groups = NULL;
$source_type = NULL;
$category = NULL;
$subcategory = NULL;
$limit = 20;
// Taxonomy filters
$plugin_list = Plugin_sid::get_all_sids($conn, $plugin_id, $source_type, $category, $subcategory, $plugin_groups);
function import_assets_csv($filename)
{
require_once 'classes/Util.inc';
$response = array();
$db = new ossim_db();
$conn = $db->connect();
if (($content = file($filename, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES)) == false) {
$response['file_errors'] = "Failed to read file";
$response['status'] = false;
return $response;
} else {
foreach ($content as $k => $v) {
$data[] = explode(";", $v);
}
}
$cont = 0;
ini_set('max_execution_time', 180);
ids_valid($data);
if (count($data) <= 0) {
$response['file_errors'] = _("Incompatible file format");
$response['status'] = false;
return $response;
}
$allowed_sensors = Session::allowedSensors();
if (!empty($allowed_sensors)) {
$my_allowed_sensors = explode(',', $allowed_sensors);
} else {
$response['file_errors'] = _("You need at least one sensor assigned");
$response['status'] = false;
return $response;
}
foreach ($data as $k => $v) {
$response['status'] = true;
$response['read_line'] = $cont;
$cont++;
if (count($v) != 8) {
$response['line_errors'][$cont][] = array("Line", _("Format not allowed"));
$response['status'] = false;
}
$param = array();
foreach ($v as $i => $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//IP
if (!ossim_valid($param[0], OSS_IP_ADDR, 'illegal:' . _("IP"))) {
$response['line_errors'][$cont][] = array("IP", ossim_get_error_clean());
$response['status'] = false;
}
//Hostname
if (empty($param[1])) {
$param[1] = $param[0];
} else {
if (!ossim_valid($param[1], OSS_SCORE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("Hostname"))) {
$response['line_errors'][$cont][] = array("Hostname", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
//FQDNs
if (!empty($param[2])) {
$fqdns_list = explode(",", $param[2]);
foreach ($fqdns_list as $k => $fqdn) {
if (!ossim_valid(trim($fqdn), OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("FQDN/Aliases"))) {
$response['line_errors'][$cont][] = array("FQDN/Aliases", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
}
//Description
if (!ossim_valid($param[3], OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_PUNC, OSS_AT, 'illegal:' . _("Description"))) {
$response['line_errors'][$cont][] = array("Description", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
//Asset
if ($param[4] == '') {
$param[4] = 2;
} else {
if (!ossim_valid($param[4], OSS_NULLABLE, OSS_DIGIT, 'illegal:' . _("Asset value"))) {
$response['line_errors'][$cont][] = array("Asset", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
//NAT
if (!ossim_valid($param[5], OSS_NULLABLE, OSS_IP_ADDR, 'illegal:' . _("NAT"))) {
$response['line_errors'][$cont][] = array("NAT", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
//Sensors
$sensors = array();
if (!empty($param[6])) {
$sensor_name = array();
$list = explode(",", $param[6]);
$sensors_list = array_intersect($list, $my_allowed_sensors);
if (!empty($sensors_list)) {
foreach ($sensors_list as $sensor) {
$sensors[] = Sensor::get_sensor_name($conn, $sensor);
}
} else {
$response['line_errors'][$cont][] = array("Sensors", _("You need at least one allowed Sensor"));
$response['status'] = false;
ossim_clean_error();
}
} else {
$response['line_errors'][$cont][] = array("Sensors", _("Column Sensors is empty"));
$response['status'] = false;
ossim_clean_error();
}
$list_os = array("Windows", "Linux", "FreeBSD", "NetBSD", "OpenBSD", "MacOS", "Solaris", "Cisco", "AIX", "HP-UX", "Tru64", "IRIX", "BSD/OS", "SunOS", "Plan9", "IPhone");
//Operating System
if (!empty($param[7]) && !in_array($param[7], $list_os)) {
$param[7] = "Unknown";
}
if ($response['status'] == true) {
//Parameters
$ip = $param[0];
$hostname = $param[1];
$asset = $param[4];
$threshold_c = 30;
$threshold_a = 30;
$rrd_profile = "";
$alert = 0;
$persistence = 0;
$nat = $param[5];
$descr = $param[3];
$os = $param[7];
$fqdns = $param[2];
$latitude = '';
$longitude = '';
$icon = 0;
if (!Host::in_host($conn, $ip)) {
Host::insert($conn, $ip, $hostname, $asset, $threshold_c, $threshold_a, $rrd_profile, $alert, $persistence, $nat, $sensors, $descr, $os, $mac, $mac_vendor, $latitude, $longitude, $fqdns, $icon);
} else {
Host::update($conn, $ip, $hostname, $asset, $threshold_c, $threshold_a, $rrd_profile, $alert, $persistence, $nat, $sensors, $descr, $os, $mac, $mac_vendor, $latitude, $longitude, $fqdns, $icon);
}
}
}
$response['read_line'] = $cont;
return $response;
}
foreach ($assets as $asset) {
// Validate UUID#IP or IP, other cases will fail
$_asset = explode('#', $asset);
if (count($_asset) == 1) {
$_asset_ip = $_asset[0];
ossim_valid($_asset_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
} elseif (count($_asset) == 2) {
$_asset_ip = $_asset[1];
$_asset_id = $_asset[0];
ossim_valid($_asset_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
ossim_valid($_asset_id, OSS_HEX, 'illegal:' . _('Asset ID'));
} else {
ossim_set_error(_('Asset not allowed'));
}
if (ossim_error()) {
$validation_errors['assets[]'] = ossim_get_error_clean();
break;
} else {
//IP_CIDR and ID is pushed
array_push($assets_string, $asset);
}
}
$assets_p = implode(' ', $assets_string);
} else {
$validation_errors['assets[]'] = _("Error in the 'Target selection' field (missing required field)");
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
//Formatted message
$error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $validation_errors) . '</div>';
Util::response_bad_request($error_msg);
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
set_time_limit(360);
/*********************************************************************************************************************
* From net section:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"
* - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*
*
* From welcome wizard:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"
*
*********************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'networks') {
if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total nets to import
$summary['general']['statistics']['total'] = count($data);
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_nets'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'networks' && count($v) < 5;
$cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3;
if ($cnd_1 || $cnd_2) {
$summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
foreach ($v as $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//Values
$is_in_db = FALSE;
$net_id = '';
$name = $param[0];
$cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]);
$descr = $param[2];
$asset_value = $param[3] == '' ? 2 : intval($param[3]);
$sensors = $sensor_ids;
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//CIDRs
if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) {
$summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Net ID �Is there a net registered in the System?
$net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx);
$net_id = key($net_ids);
if (!empty($net_id)) {
$is_in_db = TRUE;
} else {
$net_id = Util::uuid();
}
// Special case: Forced Net ID [Version 4.x.x]
if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) {
$csv_net_id = strtoupper($param[4]);
if ($is_in_db == TRUE && $csv_net_id != $net_id) {
$id_error_msg = _('Net is already registered in the System with another Net ID');
$summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Netname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
ossim_clean_error();
$name = clean_iic($name);
$name = clean_echars($name);
$warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg;
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
unset($summary['by_nets'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_nets'][$num_line]['status'] = 'error';
$summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) {
$summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update net sensors with unregistered nets
if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP');
$summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from net section **********
***********************************************************/
if ($import_type == 'networks') {
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Insert/Update net in database
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
try {
$net = new Asset_net($net_id);
if ($is_in_db == TRUE) {
$net->load_from_db($conn, $net_id);
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net");
$summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check CIDRs
if ($can_i_modify_ips == TRUE) {
$aux_cidr = explode(',', $cidrs);
foreach ($aux_cidr as $cidr) {
$net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx);
unset($net_ids[$net_id]);
if (!empty($net_ids)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
if (Session::get_net_where() != '') {
if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
}
} else {
$c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified");
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
$net->set_ctx($ctx);
$net->set_name($name);
$net->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
$net->set_ips($cidrs);
}
$net->set_sensors($sensors);
}
$net->set_asset_value($asset_value);
$net->save_in_db($conn, FALSE);
$summary['general']['statistics']['saved']++;
$summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted');
//Keep warnings
if ($summary['by_nets'][$num_line]['status'] != 'warning') {
$summary['by_nets'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All nets have been imported successfully');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some nets could not be imported successfully');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_net::report_changes($conn, 'nets');
} catch (Exception $e) {
error_log($e->getMessage(), 0);
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Nets could not be imported');
}
}
$db->close();
return $summary;
}
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
require_once 'os_report_common.php';
Session::logcheck('report-menu', 'ReportsReportServer');
$action = POST('action');
$data = POST('data');
if ($action == 'check_file') {
$data = explode('###', base64_decode($data));
$report_name = trim($data[0]);
$filename = trim($data[1]);
ossim_valid($report_name, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Report name'));
if (ossim_error()) {
echo 'error###' . ossim_get_error_clean();
exit;
}
// Init PDF Report
$pdfReport = new Pdf_report($report_name, 'P', 'A4', NULL, FALSE);
if (isset($filename) && !empty($filename)) {
ossim_valid($filename, OSS_FILENAME, 'illegal:' . _('Filename'));
//Get complete path
$path = $pdfReport->getpath() . $filename;
$res = !ossim_error() && file_exists($path) ? 1 : _('Unable to access to PDF Report');
echo $res;
}
} elseif ($action == 'check_email') {
ossim_valid($data, OSS_MAIL_ADDR, 'illegal:' . _('Email address'));
$res = !ossim_error() ? 1 : ossim_get_error_clean();
echo $res;
}
*
*/
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
ossim_set_error(_('Error! Sensor not allowed'));
}
$db->close();
}
if (ossim_error()) {
echo '2###' . _('We found the followings errors') . ": <div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>';
exit;
}
//Current sensor
$_SESSION['ossec_sensor'] = $sensor_id;
echo '1###';
try {
$rules = Ossec::get_rule_files($sensor_id, FALSE);
$options_e .= "<optgroup label='" . _('Editable rule file') . "'>\n";
$options_ne .= "<optgroup label='" . _('Rules files read-only') . "'>\n";
foreach ($rules as $rule) {
if (Ossec::is_editable($rule)) {
$options_e .= "<option style='text-align: left;' value='{$rule}'>{$rule}</option>\n";
} else {
$options_ne .= "<option style='text-align: left;' value='{$rule}'>{$rule}</option>\n";
}
// Filters
ossim_valid($view, OSS_LETTER, 'illegal:' . _('View Param'));
ossim_valid($type, OSS_LETTER, ',', OSS_NULLABLE, 'illegal:' . _('Type Param'));
ossim_valid($level, OSS_LETTER, ',', OSS_NULLABLE, 'illegal:' . _('Level Param'));
/***************************
****** RESPONSE VARS ******
***************************/
// Response array
$response = array();
// Array to store data
$data = array();
$total_messages = 0;
try {
// If validation errors throw new exception with error details
if (ossim_error()) {
Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
}
if (strlen($search_str) > 30) {
Av_exception::throw_error(Av_exception::USER_ERROR, 'Search string very long. Max length 30 characters');
}
/*********************
****** Filters ******
*********************/
/**
* Returns order_by string by column
*
* @param integer $order
*
* @return string
*/
$order_by = function ($order) {
echo json_encode($data);
exit;
}
$assets_string = '';
$data['status'] = 'OK';
$data['data'] = NULL;
$error = FALSE;
$aux = array();
$db = new ossim_db();
$conn = $db->connect();
if (is_array($assets) && count($assets) > 0) {
foreach ($assets as $asset) {
ossim_valid($asset, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset'));
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = "<div style='text-align: left; padding: 0px 0px 3px 10px;'>" . _('We found the following errors') . ":</div>\n\t\t\t\t\t\t<div class='error_item'>" . ossim_get_error_clean() . "</div>";
echo json_encode($data);
exit;
} else {
if (!preg_match('/\\/\\d{1,2}$/', $asset)) {
$aux[] = $asset . '/32';
} else {
$aux[] = $asset;
}
}
}
}
$assets_string .= implode(' ', $aux);
$db->close();
$assets = $assets_string;
$scan_path_log = "/tmp/nmap_scanning_" . md5(Session::get_secure_id()) . '.log';
* @copyright 2003-2006 ossim.net
* @copyright 2007-2013 AlienVault
* @link https://www.alienvault.com/
*/
require_once 'av_init.php';
Session::logcheck("environment-menu", "PolicyHosts");
// Close session write for real background loading
session_write_close();
$asset_id = GET('asset_id');
$service = GET('service');
$port = GET('port');
ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID'));
ossim_valid($service, OSS_ALPHA, OSS_PUNC_EXT, 'illegal: ' . _('Service name'));
ossim_valid($port, OSS_DIGIT, 'illegal: ' . _('Port number'));
if (ossim_error()) {
throw new Exception(ossim_get_error_clean());
}
$db = new ossim_db();
$conn = $db->connect();
$filters = array('where' => "h.id = UNHEX('{$asset_id}') AND host_services.port = {$port} AND host_services.service = '" . escape_sql($service, $conn) . "'");
$_list_data = Asset_host_services::get_list($conn, $filters);
$services = $_list_data[0];
if (empty($services[$asset_id][0])) {
$db->close();
throw new Exception(_('Service not found'));
}
$service_data = $services[$asset_id][0];
$_host_aux = Asset_host::get_object($conn, $asset_id);
$_ips_aux = array_keys($_host_aux->get_ips()->get_ips());
$_ctx_aux = $_host_aux->get_ctx();
$vulns = Asset_host_services::get_vulns_by_service($conn, $_ips_aux, $_ctx_aux, $service, $port);
*****************************/
// Get params
$action = POST('action');
$component_ids = POST('component_ids');
$tag_id = POST('tag_id');
$select_from_filter = POST('select_from_filter');
$component_type = POST('component_type') ? POST('component_type') : 'asset';
// Validate action type
ossim_valid($action, OSS_LETTER, '_', 'illegal: ' . _('Action'));
ossim_valid($component_ids, OSS_HEX, OSS_NULLABLE, 'illegal: ' . _('Component ID'));
ossim_valid($tag_id, OSS_HEX, 'illegal: ' . _('Label ID'));
ossim_valid($select_from_filter, OSS_LETTER, 'illegal: ' . _('Filter value'));
ossim_valid($component_type, OSS_LETTER, 'illegal: ' . _('Component type'));
if (ossim_error()) {
$response['status'] = 'error';
$response['data'] = ossim_get_error_clean();
echo json_encode($response);
exit;
}
// Validate Token
if (Token::verify('tk_av_dropdown_tag_token', POST('token')) == FALSE) {
$response['status'] = 'error';
$response['data'] = Token::create_error_message();
echo json_encode($response);
exit;
}
/************************
****** DO ACTIONS ******
************************/
// Database access object
$db = new ossim_db();
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$file = POST('file');
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
ossim_set_error(_('Error! Sensor not allowed'));
}
$db->close();
}
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>';
echo json_encode($data);
exit;
}
//Rule file
$_SESSION['_current_file'] = $file;
try {
$rule_data = Ossec::get_rule_file($sensor_id, $file);
$data['status'] = 'success';
$data['data'] = $rule_data['data'];
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
echo json_encode($data);
}
#update_notification
{
text-align: center;
width:90%;
margin:0 auto;
}
</style>
</head>
<body>
<?php
if (($action == "migrate" || $action == "update") && Session::am_i_admin()) {
if (!ossim_valid($smethod, 'rsync', 'wget', 'illegal:' . _("synchronization method"))) {
$error_message .= ossim_get_error_clean() . "<br/>";
ossim_clean_error();
} else {
$result_check = CheckScanner();
if ($result_check != "") {
$config_nt = array('content' => $result_check, 'options' => array('type' => 'nf_warning', 'cancel_button' => false), 'style' => 'width: 98%; margin:5px auto; text-align: center;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
} else {
exec("export HOME='/tmp';cd /usr/share/ossim/scripts/vulnmeter/;nohup perl updateplugins.pl {$action} {$smethod} > /var/tmp/openvas_update 2>&1 &");
}
}
}
if ($action == "create" && $error_message == "") {
$show_notification = true;
$message = _("Credential created successfully");
$remoteurl = POST('remoteurl');
$setssh = POST('setssh') ? 1 : 0;
$rservers = POST('rservers');
$rservers = $_POST['rservers'];
unset($_POST['rservers']);
$validation_errors = validate_form_fields('POST', $validate);
$fwrd_server = array();
if (is_array($rservers) && !empty($rservers)) {
foreach ($rservers as $rserver) {
$rserver = explode('@', $rserver);
$fwr_ser = $rserver[0];
$fwr_prio = $rserver[1];
ossim_valid($fwr_ser, OSS_HEX, 'illegal:' . _("Forward Servers"));
ossim_valid($fwr_prio, OSS_DIGIT, 'illegal:' . _("Forward Priority"));
if (ossim_error()) {
$validation_errors['rservers[]'] = ossim_get_error_clean();
ossim_clean_error();
} else {
$fwrd_server[$fwr_ser] = $fwr_prio;
}
}
}
$data['status'] = 'OK';
$data['data'] = $validation_errors;
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
echo json_encode($data);
} else {
$data['status'] = 'OK';
echo json_encode($data);
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_hosts' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
/*************************************************************************************************************************************
* From asset section:
* - Version 4.x.x or higher: "IP (IP1,IP2,...)";"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset value";"Operating System";
* "Latitude";"Longitude";"Host ID";"External Asset";"Device Types(Type1,Type2,...)"
*
* - Version 3.x.x: "IP"*;"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)";
* "Operating System";"Latitude";"Longitude"
*
* From welcome wizard:
* - Version 4.x.x or higher: "IP (IP1,IP2,...)";"Hostname";"Description";"Operating System";"Device Type(Type1,Type2,...)"
*
**************************************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/IP/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'hosts') {
if (preg_match('/Operating System/', $data[0][5]) || preg_match('/Sensors/', $data[0][5])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total hosts to import
$summary['general']['statistics']['total'] = count($data);
//Getting all Operating System
$all_os = Properties::get_all_os();
//Getting devices types
$all_devices = array();
$aux_all_devices = Devices::get_all_for_filter($conn);
$_all_devices = $aux_all_devices[0];
foreach ($_all_devices as $d_data) {
$d_key = $d_data['type_name'];
$d_key .= $d_data['subtype_id'] != 0 ? ':' . $d_data['subtype_name'] : '';
$all_devices[$d_key] = $d_data['type_id'] . ':' . $d_data['subtype_id'];
}
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP address');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_hosts'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'hosts' && count($v) < 9;
$cnd_2 = $import_type == 'welcome_wizard_hosts' && count($v) < 5;
if ($cnd_1 || $cnd_2) {
$summary['by_hosts'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
$index = 0;
$max_index = count($v) - 1;
foreach ($v as $field) {
$parameter = trim($field);
if ($index == 0) {
$pattern = '/^\\"|^\'/';
$param[] = preg_replace($pattern, '', $parameter);
} else {
if ($index == $max_index) {
$pattern = '/\\"$|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
} else {
$param[] = $parameter;
}
}
$index++;
}
//Values
$is_in_db = FALSE;
$host_id = '';
$sensors = $sensor_ids;
$csv_ips = preg_replace("/\\s+/", '', $param[0]);
if (!empty($param[1])) {
$name = $param[1];
} else {
$aux_name = str_replace(' ', '', $csv_ips);
$aux_name = str_replace(',', '-', $aux_name);
$name = Asset_host::get_autodetected_name($aux_name);
}
if ($import_type == 'hosts') {
$fqdns = $param[2];
$descr = $param[3];
$asset_value = !empty($param[4]) ? $param[4] : 2;
if (preg_match('/Host ID/', $csv_headers[8])) {
$os = $param[5];
$latitude = floatval($param[6]);
$longitude = floatval($param[7]);
$external = empty($param[9]) ? 0 : intval($param[9]);
$csv_devices = $param[10];
} else {
$os = $param[6];
$latitude = floatval($param[7]);
$longitude = floatval($param[8]);
$external = 0;
$csv_devices = '';
}
} else {
$descr = $param[2];
$os = $param[3];
$latitude = 0;
$longitude = 0;
$asset_value = 2;
$external = 0;
$csv_devices = $param[4];
}
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//IPs
if (!ossim_valid($csv_ips, OSS_IP_ADDR, 'illegal:' . _('IP'))) {
$summary['by_hosts'][$num_line]['errors']['IP'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Host ID: Is there a host registered in the System?
$host_ids = Asset_host::get_id_by_ips($conn, $csv_ips, $ctx);
$host_id = key($host_ids);
if (!empty($host_id)) {
$is_in_db = TRUE;
} else {
$host_id = Util::uuid();
}
// Special case: Forced Host ID [Version 4.x.x or higher]
if ($import_type == 'hosts' && preg_match('/Host ID/', $csv_headers[8]) && valid_hex32($param[8])) {
$csv_hosts_id = strtoupper($param[8]);
if ($is_in_db == TRUE && $csv_hosts_id != $host_id) {
$id_error_msg = _('Host is already registered in the System with another Host ID');
$summary['by_hosts'][$num_line]['errors']['Host'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
} else {
if ($is_in_db == FALSE) {
$host_id = $csv_hosts_id;
// Save host ID to insert it
}
}
}
//Hostname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _('Hostname'))) {
ossim_clean_error();
$name = Asset_host::create_valid_name($name);
$warning_msg = _('Hostname does not match with RFC 1123 specifications') . '<br/>' . _('Hostname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_hosts'][$num_line]['warnings']['Hostname'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _('Hostname'))) {
unset($summary['by_hosts'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_hosts'][$num_line]['status'] = 'error';
$summary['by_hosts'][$num_line]['errors']['Hostname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_ALL, 'illegal:' . _('Description'))) {
$summary['by_hosts'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Operating System
$os_pattern = '/' . preg_quote(implode('|', $all_os), '/') . '/';
$os_pattern = str_replace('\\|', '|', $os_pattern);
if (!empty($os) && !preg_match($os_pattern, $os)) {
$warning_msg = _('Operating System unknown');
$summary['by_hosts'][$num_line]['warnings']['Operating System'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
$os = 'Unknown';
}
//Devices Types
$devices = array();
$unallowed_devices = array();
if (!empty($csv_devices)) {
$aux_devices = explode(',', $csv_devices);
if (is_array($aux_devices) && !empty($aux_devices)) {
foreach ($aux_devices as $d_name) {
$d_name = trim($d_name);
if (array_key_exists($d_name, $all_devices)) {
$devices[] = $all_devices[$d_name];
} else {
$unallowed_devices[] = $d_name;
}
}
if (!empty($unallowed_devices)) {
$warning_msg = _('Some devices could not be added (Type and/or subtype unknown)') . ': ' . implode(',', $unallowed_devices);
$summary['by_hosts'][$num_line]['warnings']['Devices'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
}
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update host sensors with unregistered hosts
if ($import_type == 'hosts' && preg_match('/Sensors/', $csv_headers[5])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP address');
$summary['by_hosts'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from host section **********
***********************************************************/
if ($import_type == 'hosts') {
//FQDNs
if (!ossim_valid($fqdns, OSS_FQDNS, OSS_NULLABLE, 'illegal:' . _('FQDN/Aliases'))) {
$summary['by_hosts'][$num_line]['errors']['FQDN/Aliases'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_hosts'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Latitude
if (!empty($latitude)) {
if (!ossim_valid(trim($latitude), OSS_NULLABLE, OSS_DIGIT, OSS_DOT, '\\-', 'illegal:' . _('Latitude'))) {
$summary['by_hosts'][$num_line]['errors']['Latitude'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Longitude
if (!empty($longitude)) {
if (!ossim_valid(trim($longitude), OSS_NULLABLE, OSS_DIGIT, OSS_DOT, '\\-', 'illegal:' . _('Longitude'))) {
$summary['by_hosts'][$num_line]['errors']['Longitude'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
}
//Insert/Update host in database
if (count($summary['by_hosts'][$num_line]['errors']) == 0) {
try {
$host = new Asset_host($conn, $host_id);
if ($is_in_db == TRUE) {
$host->load_from_db($conn, $host_id);
$can_i_modify_ips = Asset_host::can_i_modify_ips($conn, $host_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Host') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this host");
$summary['by_hosts'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check IPs
if ($can_i_modify_ips == TRUE) {
$aux_ips = explode(',', $csv_ips);
foreach ($aux_ips as $ip) {
$host_ids = Asset_host::get_id_by_ips($conn, $ip, $ctx);
unset($host_ids[$host_id]);
if (!empty($host_ids)) {
$c_error_msg = _('IP') . ' ' . $csv_ips . ' ' . _("not allowed. IP {$ip} already exists for this entity");
$summary['by_hosts'][$num_line]['errors']['IP'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
$cnd_1 = Session::get_net_where() != '' && !Session::only_ff_net();
$cnd_2 = Asset_host::is_ip_in_cache_cidr($conn, $ip, $ctx, TRUE);
if ($cnd_1 && !$cnd_2) {
$c_error_msg = sprintf(_("Error! The IP %s is not allowed. Please check with your account admin for more information"), $csv_ips);
$summary['by_hosts'][$num_line]['errors']['IP'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
} else {
$c_error_msg = _('Host') . ' ' . $name . ': ' . _("IP address not allowed. IP address cannot be modified");
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_hosts'][$num_line]['warnings']['IP'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_hosts'][$num_line]['errors']) == 0) {
$host->set_ctx($ctx);
$host->set_name($name);
$host->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
if (is_array($aux_ips) && !empty($aux_ips)) {
$ips = array();
foreach ($aux_ips as $ip) {
$ips[$ip] = array('ip' => $ip, 'mac' => NULL);
}
$host->set_ips($ips);
}
}
$host->set_sensors($sensors);
}
if (!empty($fqdns)) {
$host->set_fqdns($fqdns);
}
$host->set_external($external);
$host->set_location($latitude, $longitude);
$host->set_asset_value($asset_value);
$host->set_devices($devices);
$host->save_in_db($conn, FALSE);
//Save Operating System
if (!empty($os)) {
Asset_host_properties::save_property_in_db($conn, $host_id, 3, $os, 2);
}
$summary['general']['statistics']['saved']++;
$summary['by_hosts'][$num_line]['data'] = $is_in_db == TRUE ? _('Asset updated') : _('New asset inserted');
//Keep warnings
if ($summary['by_hosts'][$num_line]['status'] != 'warning') {
$summary['by_hosts'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_hosts'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All assets have been successfully imported ');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some assets cannot be imported');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_host::report_changes($conn, 'hosts');
} catch (Exception $e) {
Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage());
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Assets cannot be imported');
}
}
@$conn->Execute("REPLACE INTO alienvault.host_net_reference SELECT host.id,net_id FROM alienvault.host, alienvault.host_ip, alienvault.net_cidrs WHERE host.id = host_ip.host_id AND host_ip.ip >= net_cidrs.begin AND host_ip.ip <= net_cidrs.end");
$db->close();
return $summary;
}
$search_str = POST('sSearch') != '' ? POST('sSearch') : '';
$sec = POST('sEcho');
Session::logcheck_by_asset_type($asset_type);
Session::logcheck_ajax('environment-menu', 'EventsVulnerabilities');
// Close session write for real background loading
session_write_close();
ossim_valid($asset_id, OSS_HEX, 'illegal: ' . _('Asset ID'));
ossim_valid($asset_type, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal: ' . _('Asset Type'));
ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength');
ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart');
ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0');
ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0');
ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch');
ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho');
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
// Check Asset Type
$asset_types = array('asset' => 'Asset_host', 'network' => 'Asset_net', 'group' => 'Asset_group');
// Order by column
$orders_by_columns = array('0' => 'lr.scantime', '2' => 'p.name', '3' => 'lr.scriptid', '4' => 'lr.service', '5' => 'lr.risk');
try {
$db = new Ossim_db();
$conn = $db->connect();
if (isset($_POST['asset_id']) && isset($_POST['asset_type'])) {
if (!array_key_exists($asset_type, $asset_types)) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Invalid Asset Type'));
}
$class_name = $asset_types[$_POST['asset_type']];
// Check Asset Permission
if (method_exists($class_name, 'is_allowed') && !$class_name::is_allowed($conn, $asset_id)) {
$alarm_name = utf8_decode(GET("alarm_name"));
$iconbg = GET('iconbg');
$iconsize = GET('iconsize') != '' ? GET('iconsize') : 0;
$noname = GET('noname') != '' ? "#NONAME" : '';
$name_show = utf8_decode(GET("name_show"));
ossim_valid($chosen_icon, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_DIGIT, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Icon'));
ossim_valid($asset_type, OSS_NULLABLE, OSS_ALPHA, OSS_SCORE, 'illegal:' . _('Asset Type'));
ossim_valid($asset_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Asset ID'));
ossim_valid($alarm_name, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, '#', 'illegal:' . _('Alarm name'));
ossim_valid($iconbg, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Icon Background'));
ossim_valid($iconsize, OSS_DIGIT, '-', 'illegal:' . _('Icon size'));
ossim_valid($name_show, OSS_NULLABLE, OSS_TEXT, OSS_PUNC_EXT, 'illegal:' . _('Asset Name'));
$alarm_name = $alarm_name . $noname;
}
if (ossim_error()) {
echo ossim_get_error_clean();
exit;
}
if ($type != "rect" && strtolower($alarm_name) == 'rect') {
echo _("'Rect' is a reserved word. Please, use another name");
exit;
}
if ($type == 'rect') {
$sql = "INSERT INTO risk_indicators (name,map,url,type,type_name,icon,x,y,w,h) VALUES ('rect',UNHEX(?),?,'','','',100,100,50,50)";
$params = array($map, $url);
$rs = $conn->Execute($sql, $params);
if (!$rs) {
Av_exception::write_log(Av_exception::DB_ERROR, $conn->ErrorMsg());
exit;
}
$sql = "SELECT last_insert_id() AS id";
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$data['status'] = 'success';
$data['data'] = NULL;
$file = $_SESSION['_current_file'];
$sensor_id = POST('sensor_id');
$new_xml_data = $_POST['data'];
$token = POST('token');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = ossim_get_error_clean();
} else {
if (!Token::verify('tk_f_rules', $token)) {
$data['status'] = 'error';
$data['data'] = Token::create_error_message();
} else {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$data['status'] = 'error';
$data['data'] = _('Error! Sensor not allowed');
}
$db->close();
}
}
if ($data['status'] == 'error') {
foreach ($targets as $target) {
// Validate UUID#IP or IP, other cases will fail
$_target = explode('#', $target);
if (count($_target) == 1) {
$_target_ip = $_target[0];
ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
} elseif (count($_target) == 2) {
$_target_ip = $_target[1];
$_target_id = $_target[0];
ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
ossim_valid($_target_id, OSS_HEX, 'illegal:' . _('Asset ID'));
} else {
ossim_set_error(_('Asset not allowed'));
}
if (ossim_error()) {
$validation_errors['assets[]'] = strip_tags(ossim_get_error_clean());
break;
} else {
//IP_CIDR and ID is pushed
array_push($targets_string, $target);
}
}
$targets_p = implode(' ', $targets_string);
} else {
$validation_errors['assets[]'] = _("Error in the 'Target selection' field (missing required field)");
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
//Formatted message
$error_msg = _('The following errors occurred') . ":\n" . implode("\n", $validation_errors);
$error_msg = strip_tags($error_msg);
ossim_valid($map, OSS_HEX, 'illegal:' . _('Map'));
ossim_valid($ri_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('ID'));
ossim_valid($risk_positions, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, ";,.", 'illegal:' . _('Risk Indicator Positions'));
ossim_valid($url, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('URL'));
ossim_valid($name, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&#", 'illegal:' . _('Name'));
ossim_valid($icon, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Icon'));
ossim_valid($type, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Asset Type'));
ossim_valid($type_name, OSS_NULLABLE, OSS_HEX, 'illegal:' . _('Asset ID'));
ossim_valid($iconbg, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Layout Background Color'));
ossim_valid($iconsize, OSS_DIGIT, "-", 'illegal:' . _('Icon Size'));
$path = explode("pixmaps", $icon);
if (count($path) > 1) {
$icon = "pixmaps" . $path[1];
}
if (ossim_error()) {
$data = array('status' => 'error', 'data' => ossim_get_error_clean());
echo json_encode($data);
exit;
}
//Clean bp_asset_member
$query = "DELETE FROM bp_asset_member WHERE member is NULL OR member = 0x0 OR type is NULL OR type =''";
$conn->Execute($query);
$indicators = array();
$delete_list = array();
$i_enable = array();
$elems = explode(";", $ri_positions);
//Risk indicator positions
foreach ($elems as $elem) {
if (trim($elem) != '') {
$param = explode(',', $elem);
$id = str_replace('rect', '', str_replace('indicator', '', $param[0]));
// validate asset type
$type = POST('asset_type');
if ($type == 'asset' || $type == 'group') {
Session::logcheck_ajax('environment-menu', 'PolicyHosts');
} else {
if ($type == 'network' || $type == 'net_group') {
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
} else {
Util::response_bad_request(_('Invalid asset type value'));
}
}
//Validate action type
$action = POST('action');
ossim_valid($action, OSS_LETTER, '_', 'illegal:' . _('Action'));
if (ossim_error()) {
$error = ossim_get_error_clean();
Util::response_bad_request($error);
}
//Validate Form token
$token = POST('token');
$tk_key = 'tk_' . $action;
if (Token::verify($tk_key, $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$db = new ossim_db();
$conn = $db->connect();
try {
$response = array();
switch ($action) {
case 'add_note':
$rrdtool_bin = $conf->get_conf('rrdtool_path') . '/rrdtool';
set_error_handler('mydie');
$id = GET('id');
$what = GET('what');
$type = GET('type');
$start = GET('start');
$end = GET('end');
$zoom = GET('zoom') ? GET('zoom') : 1;
ossim_valid($id, OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_SCORE, 'illegal:' . _('ID'));
ossim_valid($start, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('Start param'));
ossim_valid($end, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('End param'));
ossim_valid($zoom, OSS_DIGIT, OSS_DOT, 'illegal:' . _('Zoom parameter'));
ossim_valid($what, OSS_ALPHA, OSS_SCORE, 'illegal:' . _('What'));
ossim_valid($type, OSS_ALPHA, 'illegal:' . _('Type'));
if (ossim_error()) {
mydie(strip_tags(ossim_get_error_clean()));
}
//
// params validations
//
if ($what != 'eps') {
mydie(sprintf(_("Invalid param '%s' with value '%s'"), 'what', $what));
}
if ($type != 'eps') {
mydie(sprintf(_("Invalid param '%s' with value '%s'"), 'type', $type));
}
// Where to find the RRD file
$rrdpath = "/var/lib/ossim/rrd/event_stats/";
//
// Graph style
//
if (GET('newport') != "" || GET('port') != "") {
if (GET('newport') == "") {
$newPort = GET('port');
} else {
$newPort = GET('newport');
}
$aux = explode("-", $newPort);
$port_number = trim($aux[0]);
$protocol_name = trim($aux[1]);
$nservice = GET('service');
$newport_nagios = GET('newportnagios') != "" ? 1 : 0;
ossim_valid($port_number, OSS_PORT, 'illegal:' . _("Port number"));
ossim_valid($protocol_name, OSS_PROTOCOL, 'illegal:' . _("Protocol name"));
ossim_valid($nservice, OSS_NULLABLE, OSS_ALPHA, OSS_SPACE, OSS_PUNC, 'illegal:' . _("Service"));
if (ossim_error()) {
$error_message = "<div style='padding-left: 10px'>" . ossim_get_error_clean() . "</div>";
} else {
$date = strftime("%Y-%m-%d %H:%M:%S");
if ($nservice != '') {
$serviceName = $nservice;
} else {
if ($ports[$port_number . " - " . $protocol_name] != "") {
$serviceName = $ports[$port_number . " - " . $protocol_name];
} else {
$serviceName = 'unknown';
}
}
// Insert new port
$chport = array();
$chport = Port::get_list($conn, "where port_number = {$port_number} and protocol_name = '{$protocol_name}'");
if (count($chport) == 0) {
