} if ($direct->id != $directive_id) { echo "<center><span style='color:red'>" . _("The directive {$directive_id} doesn't exist in {$XML_FILE}") . "</span></center>"; exit; } $_SESSION['directive'] = serialize($direct); if ($XML_FILE != '/etc/ossim/server/directives.xml') { release_file($XML_FILE); } if (!empty($directive_id)) { $direct->printDirective($level, $directive_xml); } ?> </table> <?php $directive_name = Plugin_sid::get_name_by_idsid($conn, "1505", $directive_id); list($properties, $num_properties) = Compliance::get_category($conn, "AND category.sid={$directive_id}"); $iso_groups = ISO27001::get_groups($conn, "WHERE SIDSS_Ref LIKE '{$directive_id}' OR SIDSS_Ref LIKE '{$directive_id},%' OR SIDSS_Ref LIKE '%,{$directive_id}' OR SIDSS_Ref LIKE '%,{$directive_id},%'"); $pci_groups = PCI::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'"); list($alarms, $num_alarms) = Alarm::get_list3($conn, "", "", 0, "", null, null, null, null, "", $directive_id); $kdocs = Repository::get_linked_by_directive($conn, $directive_id); ?> <table class="transparent" height="100%" width="100%"> <tr> <td class="nobborder" valign="top"> <table height="100%" width="100%"> <tr><th colspan="2" height="15"><?php echo _("Properties"); ?> </th></tr> <?php
$start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $xml = ""; $xml .= "<rows>\n"; if ($plugin_list = Plugin_reference::get_list($conn, "{$where} ORDER BY {$order} {$limit}")) { $total = $plugin_list[0]->get_foundrows(); if ($total == 0) { $total = count($plugin_list); } $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($plugin_list as $plugin) { $id = $plugin->get_plugin_id(); $sid = $plugin->get_plugin_sid(); $ref_id = $plugin->get_reference_id(); $ref_sid = $plugin->get_reference_sid(); $xml .= "<row id='{$id}" . "_" . "{$sid}" . "_" . "{$ref_id}" . "_" . "{$ref_sid}'>"; $lnk_id = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin::get_name_by_id($conn, $id) . "</a>"; $lnk_sid = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin_sid::get_name_by_idsid($conn, $id, $sid) . "</a>"; $lnk_ref = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin::get_name_by_id($conn, $ref_id) . "</a>"; $lnk_ref_sid = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin_sid::get_name_by_idsid($conn, $ref_id, $ref_sid) . "</a>"; $xml .= "<cell><![CDATA[" . $lnk_id . "]]></cell>"; $xml .= "<cell><![CDATA[" . $lnk_sid . "]]></cell>"; $xml .= "<cell><![CDATA[" . $lnk_ref . "]]></cell>"; $xml .= "<cell><![CDATA[" . $lnk_ref_sid . "]]></cell>"; $xml .= "</row>\n"; } } $xml .= "</rows>\n"; echo $xml; $db->close($conn);
if (preg_match("/' plugin_sid='(\\d+)/", $matches[12], $fnd)) { $plugin_sid = $fnd[1]; } $matches[12] = preg_replace("/' plugin_sid=.*/", "", $matches[12]); $signature = ""; if (preg_match("/' sig='(.*)('?)/", $matches[12], $found)) { $signature = $found[1]; $matches[12] = preg_replace("/' sig=.*/", "", $matches[12]); } # decode if data is stored in base64 $data = $matches[12]; $demo = 0; # special case "demo event" if ($data == "demo event" && $plugin_sid != "") { $demo = 1; $plugin_sid_name = Plugin_sid::get_name_by_idsid($conn, $matches[4], $plugin_sid); if ($plugin_sid_name != "") { $data = $plugin_sid_name; $matches[12] = $plugin_sid_name; } } #$data = $matches[12]; #$matches[12] = base64_decode($matches[12],true); #if ($matches[12]==FALSE) $matches[12] = $data; if ($htmlResult) { if ($_SESSION["_plugins"][$matches[4]] != "") { $plugin = $_SESSION["_plugins"][$matches[4]]; } else { $query = "select name from plugin where id = " . intval($matches[4]); if (!($rs =& $conn->Execute($query))) { print $conn->ErrorMsg();
function get_doc_info($conn, $rel) { $name = ''; $url = ''; $url_links['host'] = Menu::get_menu_url('/ossim/av_asset/common/views/detail.php?asset_id=KKKK', 'environment', 'assets', 'assets'); $url_links['net'] = Menu::get_menu_url('/ossim/av_asset/network/view/list.php', 'environment', 'assets', 'networks'); $url_links['host_group'] = Menu::get_menu_url('/ossim/av_asset/group/view/list.php', 'environment', 'assets', 'asset_groups'); $url_links['net_group'] = Menu::get_menu_url('/ossim/netgroup/netgroup.php', 'environment', 'assets', 'network_groups'); $url_links['incident'] = Menu::get_menu_url('/ossim/incidents/incident.php?id=KKKK', 'analysis', 'tickets', 'tickets'); $url_links['directive'] = Menu::get_menu_url('/ossim/directives/index.php?toggled_dir=KKKK&dir_info=1', 'configuration', 'threat_intelligence', 'directives'); $url_links['plugin_sid'] = Menu::get_menu_url('/ossim/forensics/base_qry_main.php?clear_allcriteria=1&search=1&sensor=&sip=&plugin=&ossim_risk_a=+&submit=Signature&search_str=KKKK', 'analysis', 'security_events', 'security_events'); $url_links['taxonomy'] = ""; $key = $rel['key']; switch ($rel['type']) { case 'directive': $name = $rel['key']; break; case 'incident': $sql = "SELECT title from incident where id=?"; $params = array($rel['key']); $rs = $conn->Execute($sql, $params); if (!$rs) { $name = _('Unknown'); } elseif (!$rs->EOF) { $name = $rs->fields["title"]; } break; case 'plugin_sid': $plugin = explode('##', $rel['key']); $pid = $plugin[1]; $sid = $plugin[0]; if ($pid != '' && $sid != '') { $name = Plugin_sid::get_name_by_idsid($conn, $pid, $sid); if (!preg_match('/:/', $name)) { $name = Plugin::get_name_by_id($conn, $pid) . ": " . $name; } $key = $name; } else { $name = _('Unknown, Please edit this relationship'); $key = ''; } break; case 'host': case 'host_group': case 'net': case 'net_group': $field = $rel['type'] == 'host' ? 'hostname' : 'name'; $sql = "SELECT {$field} as name from " . $rel['type'] . " where id=UNHEX(?)"; $params = array($rel['key']); $rs = $conn->Execute($sql, $params); if (!$rs) { $name = _('Unknown'); } elseif (!$rs->EOF) { $name = $rs->fields["name"]; } break; case 'taxonomy': $tax = explode('##', $rel['key']); $ptype = intval($tax[0]) != 0 ? Product_type::get_name_by_id($conn, $tax[0]) : _('ANY'); $cat = intval($tax[1]) != 0 ? Category::get_name_by_id($conn, $tax[1]) : _('ANY'); $subcat = intval($tax[2]) != 0 ? Subcategory::get_name_by_id($conn, $tax[2]) : _('ANY'); $name = _('Product Type') . ': ' . $ptype . ', ' . _('Category') . ': ' . $cat . ', ' . _('Subcategory') . ': ' . $subcat; break; default: $name = _('Unknown'); } $url = $url_links[$rel['type']]; $url = $url != '' ? str_replace('KKKK', $key, $url) : 'javascript:;'; return array($name, $url); }
</th> <th><?php echo _("Event"); ?> </th> <th><?php echo _("Count"); ?> </th> </tr> <?php foreach ($arr as $ip => $plugins_obj) { $plugins_arr = (array) $plugins_obj; foreach ($plugins_arr as $idsid => $num) { list($id, $sid) = explode(",", $idsid); $event = Plugin_sid::get_name_by_idsid($conn, $id, $sid); ?> <tr style="background-color:<?php echo $i++ % 2 == 0 ? "#F2F2F2" : "#FFFFFF"; ?> "> <td><b><?php echo $ip; ?> </b></td> <td style="text-align:left"><?php echo $event; ?> </td> <td><?php echo $num;
$page = "../net/net.php"; } if ($rel['type'] == "host_group") { $page = "../host/hostgroup.php"; } if ($rel['type'] == "net_group") { $page = "../net/netgroup.php"; } if ($rel['type'] == "incident") { $page = "../incidents/incident.php?id=" . $rel['key']; } if ($rel['type'] == "directive") { $page = "../directive_editor/index.php?hmenu=Directives&smenu=Directives&level=1&directive=" . $rel['key']; } if ($rel['type'] == "plugin_sid") { $page = "../forensics/base_qry_main.php?clear_allcriteria=1&search=1&sensor=&sip=&plugin=&ossim_risk_a=+&hmenu=Forensics&smenu=Forensics&submit=Signature&search_str=" . urlencode(Plugin_sid::get_name_by_idsid($conn, $rel['key'], $rel['name'])); } ?> <tr> <td class="nobborder"><a href="<?php echo $page; ?> " target="main"><?php echo $rel['type'] == "plugin_sid" ? $rel['key'] . " (" . $rel['name'] . ")" : $rel['name']; ?> </a></td> <td class="nobborder"><?php echo $rel['type'] == "incident" ? "ticket" : $rel['type']; ?> </td> </tr>
$xml = ""; $xml .= "<rows>\n"; if ($plugin_list = Plugin_reference::get_list2($conn, "{$where} ORDER BY {$order} {$limit}")) { $total = $plugin_list[0]->get_foundrows(); if ($total == 0) { $total = count($plugin_list); } $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($plugin_list as $plugin) { //$id = $plugin->get_id(); //$name = $plugin->get_name(); //$type = $plugin->get_type(); $id = $plugin->get_plugin_id(); $sid = $plugin->get_plugin_sid(); $ref_id = $plugin->get_reference_id(); $ref_sid = $plugin->get_reference_sid(); $xml .= "<row id='{$id}" . "_" . "{$sid}" . "_" . "{$ref_id}" . "_" . "{$ref_sid}'>"; $lnk = "<a href='modify_pluginref.php?id={$id}&sid={$sid}&ref_id={$ref_id}&ref_sid={$ref_sid}'><img src='../pixmaps/script--pencil.png' alt='Edit' title='Edit' border=0></a>"; $lnk_del = "<a href='delete_pluginref.php?id={$id}&sid={$sid}&ref_id={$ref_id}&ref_sid={$ref_sid}'><img src='../pixmaps/cross-circle-frame.png' border=0 alt='Delete' title='Delete'></a>"; //$xml.= "<cell><![CDATA[" . $lnk . " ".$lnk_del."]]></cell>"; $xml .= "<cell><![CDATA[" . Plugin::get_name_by_id($conn, $id) . "]]></cell>"; $xml .= "<cell><![CDATA[" . Plugin_sid::get_name_by_idsid($conn, $id, $sid) . "]]></cell>"; $xml .= "<cell><![CDATA[" . Plugin::get_name_by_id($conn, $ref_id) . "]]></cell>"; $xml .= "<cell><![CDATA[" . Plugin_sid::get_name_by_idsid($conn, $ref_id, $ref_sid) . "]]></cell>"; $xml .= "</row>\n"; } } $xml .= "</rows>\n"; echo $xml; $db->close($conn);