/** * @covers Netmask\Netmask::getAll */ public function testGetAll() { $block = new Netmask('192.168.0.1/24'); $this->assertTrue(is_array($block->getAll())); $this->assertEquals(254, count($block->getAll())); $this->assertTrue(in_array('192.168.0.24', $block->getAll())); }
static function getInstance() { if (empty(self::$instance)) { self::$instance = new Netmask(); } return self::$instance; }
#!/usr/bin/php -q <?php set_time_limit(0); if (!@$argc) { die("<p>script can only be run from command line"); } define('_ABSPATH', dirname(dirname(__FILE__))); require_once _ABSPATH . '/confs/config-inc.php'; require_once _ABSPATH . '/lib/functions.php'; require_once _ABSPATH . '/lib/scan-maker.php'; require_once _ABSPATH . '/lib/Nessus.php'; require_once _ABSPATH . '/lib/IXR_Library.php'; require_once _ABSPATH . '/lib/Netmask.php'; $nes = new Nessus(); $_nm = new Netmask(); $client = getIXRClient(); define_syslog_variables(); @($profile_id = $argv[1]); if ($profile_id == '') { exit; } // Begin processing the scan $machine_list = array(); $scanner_set = array(); $output = array(); $settings = array(); $reading_output = false; $stopped = false; $output = ''; $recipients = array();
/** * Deeper scan of the whitelist to match entries * * A deeper whitelist scan is needed if the user * has specified a range, CIDR block, vhost, etc, * because these particular types could be stored * in the whitelist in a number of ways. This * method performs the deeper interrogation of the * whitelist to try to definitively proove that * a specified machine is or is not in the whitelist * * @param array $wl Whitelist to check for machines in * @param array $machine_list List of questionable * machines that need to be checked for in the * whitelist * @param array $ok_computers List of computers that * have been deemed "ok", aka the user is * allowed to scan them */ function whitelist_dig_deep_verify_nodes(&$wl, &$machine_list, &$ok_computers) { $_nm = Netmask::getInstance(); foreach ($machine_list as $key3 => $val3) { foreach ($wl as $key4 => $val4) { // If the entry is a cidr and the whitelist is a cidr if (is_cidr($val4) && is_cidr($val3)) { if ($_nm->match_cidr($val4, $val3)) { $ok_computers[] = ":whi:{$val3}"; $machine_list[$key3] = ''; } // if the entry is an ip and the whitelist is a cidr } else { if (is_cidr($val4) && is_ip($val3)) { if ($_nm->net_match($val4, $val3)) { $ok_computers[] = ":whi:{$val3}"; $machine_list[$key3] = ''; } // if the entry is a vhost and the whitelist is a cidr } else { if (is_cidr($val4) && is_vhost($val3)) { $vhost = $val3; $tmp = substr($val3, 1, -1); $comp = gethostbyname($tmp); if ($_nm->net_match($val4, $comp)) { $ok_computers[] = ":vho:{$vhost}"; $machine_list[$key3] = ''; } // if entry is a ?hostname? and whitelist is a cidr } else { if (is_cidr($val4) && $val3 != '') { $val3 = gethostbyname($val3); // Check if it's in the CIDR range and remove it // if it is, because that means it's whitelisted if ($_nm->net_match($val4, $val3)) { // Not keeping the hostname because whitelist // entries can only be IP based? $ok_computers[] = ":whi:{$val3}"; $machine_list[$key3] = ''; } } } } } } } }