$display = $stmt3->result(0); } else { $display = $row['plugin']; } } $plugins[] = array('id' => $count, 'name' => $plugin_name, 'type' => $plugin_type, 'disp' => $display, 'val' => $plugin_name); $count++; } $tpl->assign('plugins', $plugins); $tpl->display('settings_specific_scan_plugins.tpl'); break; case "x_do_get_specific_scan_devices": require_once _ABSPATH . '/lib/Clusters.php'; require_once _ABSPATH . '/lib/Devices.php'; $_clu = Clusters::getInstance(); $_dev = Devices::getInstance(); $profile_id = import_var('profile_id', 'P'); $count = 1; $devices = array(); $sql = array('devices' => "SELECT * FROM profile_machine_list WHERE profile_id=':1';"); $stmt1 = $db->prepare($sql['devices']); $stmt1->execute($profile_id); while ($row = $stmt1->fetch_assoc()) { $type = ''; $device = ''; // determine the device type here; cluster,registered,etc $type = $_dev->determine_device_type($row['machine']); // strip off the device type to only get back the device name // aka the cluster name, whitelist entry, vhost, etc $device = $_dev->strip_device_type($row['machine']); /**
/** * Create list of machines to scan * * This function will query the database for the list * of all the machines that were specified when the * scan was created * * @param string $profile_id ID of the profile to get machines of * @return array Return array of machines listed in profile */ public function getMachines($profile_id) { require_once _ABSPATH . '/lib/Devices.php'; require_once _ABSPATH . '/lib/Clusters.php'; $db = nessquikDB::getInstance(); $_dev = Devices::getInstance(); $_clu = Clusters::getInstance(); $result = array(); $sql = array('select' => "SELECT machine FROM profile_machine_list WHERE profile_id=':1';"); $stmt = $db->prepare($sql['select']); $stmt->execute($profile_id); while ($row = $stmt->fetch_assoc()) { $machine = $row['machine']; $type = $_dev->determine_device_type($machine); /** * Clusters are special cases because they conflict with * hostnames by not having any special defining characters * in them. That's one of the reasons I do the cluster * processing here. * * Another is because in the settings for a specific scan * you can add and remove devices. Well, clusters are one * of those things you can remove and to distinctly know * which device is a cluster, I need to retain the :clu: * prefix on the cluster name. */ if ($type == "cluster") { $machine_list = array(); foreach ($cluster as $key => $cluster_id) { $output = array(); $output = $_clu->get_cluster($cluster_id); foreach ($output as $key2 => $val2) { // Index 1 is the hostname as pulled from miscomp $hostname = $val2[1]; $tmp = array(); $tmp = $_dev->get_mac_from_system($hostname); // The first index will hold the IP address array_push($machine_list, $tmp[0]); } } $result = array_merge($result, $machine_list); } else { $item = $_dev->strip_device_type($machine); if (is_ip($item)) { $result[] = $item; } else { if (is_cidr($item)) { $result[] = $item; } else { if (is_vhost($item)) { $result[] = $item; } else { $item = gethostbyname($item); if ($item != '') { $result[] = $item; } } } } } } return $result; }