function main_page($viewall, $sortby, $sortdir) { global $uroles, $username, $dbconn, $hosts; global $arruser, $user; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $tz = Util::get_timezone(); if ($sortby == "") { $sortby = "id"; } if ($sortdir == "") { $sortdir = "DESC"; } $sql_order = "order by {$sortby} {$sortdir}"; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { ?> <div style="width:50%; position: relative; height: 5px; float:left"> <div style="width:100%; position: absolute; top: -41px;left:0px;"> <div style="float:left; height:28px; margin:5px 5px 0px 0px;"> <a class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?smethod=schedule&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> "> <?php echo _("New Scan Job"); ?> </a> </div> <div style="float:left;height:28px;margin:5px 5px 0px -2px;"> <a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php echo _("Import nbe file"); ?> "> <?php echo _("Import nbe file"); ?> </a> </div> </div> </div> <?php } if (intval($_GET['page']) != 0) { $page = intval($_GET['page']); } else { $page = 1; } $pagesize = 10; if ($username == "admin") { $query = "SELECT count(id) as num FROM vuln_jobs"; } else { $query = "SELECT count(id) as num FROM vuln_jobs where username='******'"; } $result = $dbconn->Execute($query); $jobCount = $result->fields["num"]; $num_pages = ceil($jobCount / $pagesize); //echo "num_pages:[".$num_pages."]"; //echo "jobCount:[".$jobCount."]"; //echo "page:[".$page."]"; if (Vulnerabilities::scanner_type() == "omp") { // We can display scan status with OMP protocol echo Vulnerabilities::get_omp_running_scans($dbconn); } else { // Nessus all_jobs(0, 10, "R"); } ?> <?php $schedulejobs = _("Scheduled Jobs"); echo <<<EOT <table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table> <table summary="Job Schedules" class='w100 table_list'> EOT; if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status"); // modified by hsh to return all scan schedules if (empty($arruser)) { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id "; } else { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) "; } $query .= $sql_order; $result = $dbconn->execute($query); if ($result->EOF) { echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>"; } if (!$result->EOF) { echo "<tr>"; foreach ($arr as $order_by => $value) { echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>"; } if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<th>" . _("Action") . "</th></tr>"; } } $colors = array("#FFFFFF", "#EEEEEE"); $color = 0; while (!$result->EOF) { list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields; $name = Av_sensor::get_name_by_id($dbconn, $servers); $servers = $name != '' ? $name : "unknown"; $targets_to_resolve = explode("\n", $targets); $ttargets = array(); foreach ($targets_to_resolve as $id_ip) { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")"; } else { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")"; } else { $ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip); } } } $targets = implode("<BR/>", $ttargets); $tz = intval($tz); $nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz); preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found); $time = $found[1]; switch ($schedtype) { case "N": $stt = _("Once (Now)"); break; case "O": $stt = _("Once"); break; case "D": $stt = _("Daily"); break; case "W": $stt = _("Weekly"); break; case "M": $stt = _("Monthly"); break; case "Q": $stt = _("Quarterly"); break; case "H": $stt = _("On Hold"); break; case "NW": $stt = _("N<sup>th</sup> weekday of the month"); break; default: $stt = " "; break; } switch ($schedstatus) { case "1": $itext = _("Disable Scheduled Job"); $isrc = "images/stop_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0"; break; default: $itext = _("Enable Scheduled Job"); $isrc = "images/play_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1"; break; } if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { $ilink = "javascript:return false;"; } if ($schedstatus) { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>"; } else { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>"; } require_once 'classes/Security.inc'; if (valid_hex32($user)) { $user = Session::get_entity_name($dbconn, $user); } echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">"; if ($profile == "") { $profile = _("Default"); } echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>"; ?> <td><?php echo $stt; ?> </td> <td><?php echo $time; ?> </td> <td><?php echo $nextscan; ?> </td> <?php echo <<<EOT {$txt_enabled} <td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a> EOT; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?disp=edit_sched&sched_id=' . $schedid, 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a> "; echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>"; } echo "</td>"; echo <<<EOT </tr> EOT; $result->MoveNext(); $color++; } echo <<<EOT </table> EOT; ?> <br /> <?php $out = all_jobs(($page - 1) * $pagesize, $pagesize); ?> <table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0"> <tr> <td class="nobborder" valign="top" style="padding-top:5px;"> <div class="fright"> <?php if ($out != 0 && $num_pages != 1) { $page_url = "manage_jobs.php"; if ($page == 1 && $page == $num_pages) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } elseif ($page == 1) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a> '; } elseif ($page == $num_pages) { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } else { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>'; } } ?> </div> </td> </tr> </table> <?php }
$flag_events = false; } } if ($flag_events) { $event_types = "<b>" . _('DS Groups') . ":</b><br>" . $plugingroups; } else { $event_types = "<b>" . _('Taxonomy') . ":</b><br>" . $taxonomy; } $xml .= "<cell><![CDATA[" . $event_types . "]]></cell>"; if ($engine != 'engine') { $sensors = ""; $sensor_exist = $policy->exist_sensors($conn); if ($sensor_list = $policy->get_sensors($conn)) { foreach ($sensor_list as $sensor) { if (!check_any($sensor->get_sensor_id())) { $sensors .= ($sensors == "" ? "" : "<br/>") . Av_sensor::get_name_by_id($conn, $sensor->get_sensor_id()); if ($sensor_exist[$sensor->get_sensor_id()] == 'false') { $sensors = '<div title="' . _('sensor non-existent') . '">' . $sensors; $sensors .= '<a href="newpolicyform.php?id=' . $id . '&sensorNoExist=true#tabs-5"><img style="vertical-align: middle" src="../pixmaps/tables/cross-small-circle.png" /></a></div>'; } } } } if (empty($sensors)) { $sensors = "<font color='#AAAAAA'><b>ANY</b></font>"; } $xml .= "<cell><![CDATA[" . $sensors . "]]></cell>"; } if ($policy_time = $policy->get_time($conn)) { $tzone = $policy_time->get_timezone(); $begin_range = "";
//Validating icon format and size $icon = ''; if (is_uploaded_file($_FILES['icon']['tmp_name'])) { $icon = file_get_contents($_FILES['icon']['tmp_name']); } if ($icon != '') { $image = @imagecreatefromstring($icon); if (!$image || imagesx($image) > 400 || imagesy($image) > 400) { $validation_errors['icon'] = _('Image format is not allowed'); } } //Validating Sensors if (is_array($sensors) && !empty($sensors)) { foreach ($sensors as $sensor) { if (!Av_sensor::is_allowed($conn, $sensor)) { $validation_errors['sboxs[]'] .= sprintf(_("Error! Sensor %s cannot be assigned to this asset"), Av_sensor::get_name_by_id($conn, $sensor)) . "<br/>"; } } } $db->close(); } $data['status'] = 'OK'; $data['data'] = $validation_errors; if (POST('ajax_validation_all') == TRUE) { if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; } echo json_encode($data); exit; } else { if (is_array($validation_errors) && !empty($validation_errors)) {
$ips = $_ips->get_ips(); //Checking HIDS Sensor $cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $sensor_id) == FALSE; $asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id); $cnd_2 = empty($asset_sensors[$sensor_id]); if ($cnd_1 || $cnd_2) { $validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id)); } else { $system_ids = Av_center::get_system_id_by_component($conn, $sensor_id); $res = Av_center::get_system_info_by_id($conn, $system_ids['non-canonical']); if ($res['status'] == 'success') { //We use this function to calculate sensor name because in HA environments there are two systems for one Sensor ID if (empty($res['data']['ha_ip'])) { $sensor_name = $res['data']['name']; } else { $sensor_name = Av_sensor::get_name_by_id($conn, $sensor_id); } $sensor_ip = $res['data']['current_ip']; if (Ossec_utilities::get_default_sensor_id() == $sensor_id && empty($res['data']['ha_ip'])) { $sensor_ip = $res['data']['admin_ip']; } $sensor_ip_txt = $sensor_ip . ' [' . $sensor_name . ']'; } //Getting Agent information $_aux_agent = Asset_host::get_related_hids_agents($conn, $asset_id, $sensor_id); $agent_key = md5(strtoupper($sensor_id) . '#' . $agent_id); $agent = $_aux_agent[$agent_key]; if (empty($agent)) { $validation_errors['agent_id'] = _('Error! Agent information cannot be retrieved from system'); } else { $agent_descr = $agent['name'] . ' (' . $agent['ip_cidr'] . ')';
* On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once dirname(__FILE__) . '/../../conf/config.inc'; Session::logcheck('environment-menu', 'EventsHidsConfig'); $sensor_id = REQUEST('sensor_id'); ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID')); if (!ossim_error()) { $db = new ossim_db(); $conn = $db->connect(); if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { $db->close(); $error_msg = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id)); echo ossim_error($error_msg); exit; } $db->close(); } //Current sensor $_SESSION['ossec_sensor'] = $sensor_id; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title><?php echo _('OSSIM Framework'); ?>
if ($taxonomy_list = $policy->get_taxonomy_conditions($conn)) { foreach ($taxonomy_list as $tax) { $tax_id = $tax->get_product_type_id() . "@" . $tax->get_category_id() . "@" . $tax->get_subcategory_id(); $tax_val = $filter['ptype'][$tax->get_product_type_id()] . " | " . $filter['cat'][$tax->get_category_id()] . " | " . $filter['subcat'][$tax->get_subcategory_id()]; $tax_filters[$tax_id] = $tax_val; $flag_events = false; } } } //SENSOR $sensor_exist = $policy->exist_sensors($conn); if ($sensor_list = $policy->get_sensors($conn)) { foreach ($sensor_list as $sensor) { if (!check_any($sensor->get_sensor_id())) { if ($sensor_exist[$sensor->get_sensor_id()] != 'false') { $sensors['sensor_' . $sensor->get_sensor_id()] = Av_sensor::get_name_by_id($conn, $sensor->get_sensor_id()); $flag_sensors = false; } } else { $sensors[$sensor->get_sensor_id()] = _('ANY'); } } } //Time Filters $policy_time = $policy->get_time($conn); $time_begin[0] = $policy_time->get_month_start(); $time_begin[1] = $policy_time->get_month_day_start(); $time_begin[2] = $policy_time->get_week_day_start(); $time_begin[3] = $policy_time->get_hour_start(); $time_begin[4] = $policy_time->get_minute_start(); $time_end[0] = $policy_time->get_month_end();
function get_indicator_asset_name($conn, $type, $asset_id) { $name = ''; switch ($type) { case 'host': $name = Asset_host::get_name_by_id($conn, $asset_id); break; case 'net': $name = Asset_net::get_name_by_id($conn, $asset_id); break; case 'hostgroup': case 'host_group': $name = Asset_group::get_name_by_id($conn, $asset_id); break; case 'net_group': case 'netgroup': $name = Net_group::get_name_by_id($conn, $asset_id); break; case 'sensor': $name = Av_sensor::get_name_by_id($conn, $asset_id); break; } $name = empty($name) ? _('Unknown') : $name; return $name; }
$e_message = _('You do not have the correct permissions to see this page. Please contact system administrator with any questions'); Util::response_bad_request($e_message); } // Logcheck by s_type if ($s_type == 'ocs') { Session::logcheck_ajax('configuration-menu', 'AlienVaultInventory'); } else { Session::logcheck_ajax('environment-menu', 'AlienVaultInventory'); } $data = array(); try { $db = new ossim_db(); $conn = $db->connect(); $task_list = Inventory::get_list($conn, '', $scan_types[$s_type]); foreach ($task_list as $task) { $sensor_name = Av_sensor::get_name_by_id($conn, $task['task_sensor']); if ($sensor_name == '') { $sensor_name = _('Unknown'); } if ($s_type == 'wmi') { preg_match('/wmipass:(.*)/', $task['task_params'], $matches); if ($matches[1] != '') { $task['task_params'] = preg_replace('/wmipass:(.*)/', '', $task['task_params']); $task['task_params'] = $task['task_params'] . 'wmipass:'******'/./', '*', $matches[1]); } } elseif ($s_type == 'nmap') { $task['task_params'] = str_replace(' ', ', ', preg_replace("/#.*/", "", $task['task_params'])); } $s_data = array("DT_RowId" => $task['task_id'], "DT_RowData" => array('s_type' => $s_type, 'sensor_id' => $task['task_sensor'], 'params' => $task['task_params'], 'frecuency' => $task['task_period'], 'enabled' => $task['task_enable']), $task['task_name'], $sensor_name, $task['task_params'], $frequencies[$task['task_period']], $task['task_enable'], ''); $data[] = $s_data; }