Esempio n. 1
0
    }
    if ($direct->id != $directive_id) {
        echo "<center><span style='color:red'>" . _("The directive {$directive_id} doesn't exist in {$XML_FILE}") . "</span></center>";
        exit;
    }
    $_SESSION['directive'] = serialize($direct);
    if ($XML_FILE != '/etc/ossim/server/directives.xml') {
        release_file($XML_FILE);
    }
    if (!empty($directive_id)) {
        $direct->printDirective($level, $directive_xml);
    }
    ?>
</table>
<?php 
    $directive_name = Plugin_sid::get_name_by_idsid($conn, "1505", $directive_id);
    list($properties, $num_properties) = Compliance::get_category($conn, "AND category.sid={$directive_id}");
    $iso_groups = ISO27001::get_groups($conn, "WHERE SIDSS_Ref LIKE '{$directive_id}' OR SIDSS_Ref LIKE '{$directive_id},%' OR SIDSS_Ref LIKE '%,{$directive_id}' OR SIDSS_Ref LIKE '%,{$directive_id},%'");
    $pci_groups = PCI::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'");
    list($alarms, $num_alarms) = Alarm::get_list3($conn, "", "", 0, "", null, null, null, null, "", $directive_id);
    $kdocs = Repository::get_linked_by_directive($conn, $directive_id);
    ?>
<table class="transparent" height="100%" width="100%">
	<tr>
		<td class="nobborder" valign="top">
			<table height="100%" width="100%">
				<tr><th colspan="2" height="15"><?php 
    echo _("Properties");
    ?>
</th></tr>
				<?php 
Esempio n. 2
0
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$xml = "";
$xml .= "<rows>\n";
if ($plugin_list = Plugin_reference::get_list($conn, "{$where} ORDER BY {$order} {$limit}")) {
    $total = $plugin_list[0]->get_foundrows();
    if ($total == 0) {
        $total = count($plugin_list);
    }
    $xml .= "<page>{$page}</page>\n";
    $xml .= "<total>{$total}</total>\n";
    foreach ($plugin_list as $plugin) {
        $id = $plugin->get_plugin_id();
        $sid = $plugin->get_plugin_sid();
        $ref_id = $plugin->get_reference_id();
        $ref_sid = $plugin->get_reference_sid();
        $xml .= "<row id='{$id}" . "_" . "{$sid}" . "_" . "{$ref_id}" . "_" . "{$ref_sid}'>";
        $lnk_id = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin::get_name_by_id($conn, $id) . "</a>";
        $lnk_sid = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin_sid::get_name_by_idsid($conn, $id, $sid) . "</a>";
        $lnk_ref = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin::get_name_by_id($conn, $ref_id) . "</a>";
        $lnk_ref_sid = "<a href='newpluginrefform.php?plugin_id1={$id}&plugin_sid1={$sid}&plugin_id2={$ref_id}&plugin_sid2={$ref_sid}'>" . Plugin_sid::get_name_by_idsid($conn, $ref_id, $ref_sid) . "</a>";
        $xml .= "<cell><![CDATA[" . $lnk_id . "]]></cell>";
        $xml .= "<cell><![CDATA[" . $lnk_sid . "]]></cell>";
        $xml .= "<cell><![CDATA[" . $lnk_ref . "]]></cell>";
        $xml .= "<cell><![CDATA[" . $lnk_ref_sid . "]]></cell>";
        $xml .= "</row>\n";
    }
}
$xml .= "</rows>\n";
echo $xml;
$db->close($conn);
Esempio n. 3
0
 if (preg_match("/' plugin_sid='(\\d+)/", $matches[12], $fnd)) {
     $plugin_sid = $fnd[1];
 }
 $matches[12] = preg_replace("/' plugin_sid=.*/", "", $matches[12]);
 $signature = "";
 if (preg_match("/' sig='(.*)('?)/", $matches[12], $found)) {
     $signature = $found[1];
     $matches[12] = preg_replace("/' sig=.*/", "", $matches[12]);
 }
 # decode if data is stored in base64
 $data = $matches[12];
 $demo = 0;
 # special case "demo event"
 if ($data == "demo event" && $plugin_sid != "") {
     $demo = 1;
     $plugin_sid_name = Plugin_sid::get_name_by_idsid($conn, $matches[4], $plugin_sid);
     if ($plugin_sid_name != "") {
         $data = $plugin_sid_name;
         $matches[12] = $plugin_sid_name;
     }
 }
 #$data = $matches[12];
 #$matches[12] = base64_decode($matches[12],true);
 #if ($matches[12]==FALSE) $matches[12] = $data;
 if ($htmlResult) {
     if ($_SESSION["_plugins"][$matches[4]] != "") {
         $plugin = $_SESSION["_plugins"][$matches[4]];
     } else {
         $query = "select name from plugin where id = " . intval($matches[4]);
         if (!($rs =& $conn->Execute($query))) {
             print $conn->ErrorMsg();
Esempio n. 4
0
function get_doc_info($conn, $rel)
{
    $name = '';
    $url = '';
    $url_links['host'] = Menu::get_menu_url('/ossim/av_asset/common/views/detail.php?asset_id=KKKK', 'environment', 'assets', 'assets');
    $url_links['net'] = Menu::get_menu_url('/ossim/av_asset/network/view/list.php', 'environment', 'assets', 'networks');
    $url_links['host_group'] = Menu::get_menu_url('/ossim/av_asset/group/view/list.php', 'environment', 'assets', 'asset_groups');
    $url_links['net_group'] = Menu::get_menu_url('/ossim/netgroup/netgroup.php', 'environment', 'assets', 'network_groups');
    $url_links['incident'] = Menu::get_menu_url('/ossim/incidents/incident.php?id=KKKK', 'analysis', 'tickets', 'tickets');
    $url_links['directive'] = Menu::get_menu_url('/ossim/directives/index.php?toggled_dir=KKKK&dir_info=1', 'configuration', 'threat_intelligence', 'directives');
    $url_links['plugin_sid'] = Menu::get_menu_url('/ossim/forensics/base_qry_main.php?clear_allcriteria=1&search=1&sensor=&sip=&plugin=&ossim_risk_a=+&submit=Signature&search_str=KKKK', 'analysis', 'security_events', 'security_events');
    $url_links['taxonomy'] = "";
    $key = $rel['key'];
    switch ($rel['type']) {
        case 'directive':
            $name = $rel['key'];
            break;
        case 'incident':
            $sql = "SELECT title from incident where id=?";
            $params = array($rel['key']);
            $rs = $conn->Execute($sql, $params);
            if (!$rs) {
                $name = _('Unknown');
            } elseif (!$rs->EOF) {
                $name = $rs->fields["title"];
            }
            break;
        case 'plugin_sid':
            $plugin = explode('##', $rel['key']);
            $pid = $plugin[1];
            $sid = $plugin[0];
            if ($pid != '' && $sid != '') {
                $name = Plugin_sid::get_name_by_idsid($conn, $pid, $sid);
                if (!preg_match('/:/', $name)) {
                    $name = Plugin::get_name_by_id($conn, $pid) . ": " . $name;
                }
                $key = $name;
            } else {
                $name = _('Unknown, Please edit this relationship');
                $key = '';
            }
            break;
        case 'host':
        case 'host_group':
        case 'net':
        case 'net_group':
            $field = $rel['type'] == 'host' ? 'hostname' : 'name';
            $sql = "SELECT {$field} as name from " . $rel['type'] . " where id=UNHEX(?)";
            $params = array($rel['key']);
            $rs = $conn->Execute($sql, $params);
            if (!$rs) {
                $name = _('Unknown');
            } elseif (!$rs->EOF) {
                $name = $rs->fields["name"];
            }
            break;
        case 'taxonomy':
            $tax = explode('##', $rel['key']);
            $ptype = intval($tax[0]) != 0 ? Product_type::get_name_by_id($conn, $tax[0]) : _('ANY');
            $cat = intval($tax[1]) != 0 ? Category::get_name_by_id($conn, $tax[1]) : _('ANY');
            $subcat = intval($tax[2]) != 0 ? Subcategory::get_name_by_id($conn, $tax[2]) : _('ANY');
            $name = _('Product Type') . ': ' . $ptype . ', ' . _('Category') . ': ' . $cat . ', ' . _('Subcategory') . ': ' . $subcat;
            break;
        default:
            $name = _('Unknown');
    }
    $url = $url_links[$rel['type']];
    $url = $url != '' ? str_replace('KKKK', $key, $url) : 'javascript:;';
    return array($name, $url);
}
Esempio n. 5
0
</th>
                                            	<th><?php 
                echo _("Event");
                ?>
</th>
                                            	<th><?php 
                echo _("Count");
                ?>
</th>
                                            </tr>
                                            <?php 
                foreach ($arr as $ip => $plugins_obj) {
                    $plugins_arr = (array) $plugins_obj;
                    foreach ($plugins_arr as $idsid => $num) {
                        list($id, $sid) = explode(",", $idsid);
                        $event = Plugin_sid::get_name_by_idsid($conn, $id, $sid);
                        ?>
                            						<tr style="background-color:<?php 
                        echo $i++ % 2 == 0 ? "#F2F2F2" : "#FFFFFF";
                        ?>
">
                            							<td><b><?php 
                        echo $ip;
                        ?>
</b></td>
                            							<td style="text-align:left"><?php 
                        echo $event;
                        ?>
</td>
                            							<td><?php 
                        echo $num;
Esempio n. 6
0
            $page = "../net/net.php";
        }
        if ($rel['type'] == "host_group") {
            $page = "../host/hostgroup.php";
        }
        if ($rel['type'] == "net_group") {
            $page = "../net/netgroup.php";
        }
        if ($rel['type'] == "incident") {
            $page = "../incidents/incident.php?id=" . $rel['key'];
        }
        if ($rel['type'] == "directive") {
            $page = "../directive_editor/index.php?hmenu=Directives&smenu=Directives&level=1&directive=" . $rel['key'];
        }
        if ($rel['type'] == "plugin_sid") {
            $page = "../forensics/base_qry_main.php?clear_allcriteria=1&search=1&sensor=&sip=&plugin=&ossim_risk_a=+&hmenu=Forensics&smenu=Forensics&submit=Signature&search_str=" . urlencode(Plugin_sid::get_name_by_idsid($conn, $rel['key'], $rel['name']));
        }
        ?>
												<tr>
													<td class="nobborder"><a href="<?php 
        echo $page;
        ?>
" target="main"><?php 
        echo $rel['type'] == "plugin_sid" ? $rel['key'] . " (" . $rel['name'] . ")" : $rel['name'];
        ?>
</a></td>
													<td class="nobborder"><?php 
        echo $rel['type'] == "incident" ? "ticket" : $rel['type'];
        ?>
</td>
												</tr>
Esempio n. 7
0
$xml = "";
$xml .= "<rows>\n";
if ($plugin_list = Plugin_reference::get_list2($conn, "{$where} ORDER BY {$order} {$limit}")) {
    $total = $plugin_list[0]->get_foundrows();
    if ($total == 0) {
        $total = count($plugin_list);
    }
    $xml .= "<page>{$page}</page>\n";
    $xml .= "<total>{$total}</total>\n";
    foreach ($plugin_list as $plugin) {
        //$id = $plugin->get_id();
        //$name = $plugin->get_name();
        //$type = $plugin->get_type();
        $id = $plugin->get_plugin_id();
        $sid = $plugin->get_plugin_sid();
        $ref_id = $plugin->get_reference_id();
        $ref_sid = $plugin->get_reference_sid();
        $xml .= "<row id='{$id}" . "_" . "{$sid}" . "_" . "{$ref_id}" . "_" . "{$ref_sid}'>";
        $lnk = "<a href='modify_pluginref.php?id={$id}&sid={$sid}&ref_id={$ref_id}&ref_sid={$ref_sid}'><img src='../pixmaps/script--pencil.png' alt='Edit' title='Edit' border=0></a>";
        $lnk_del = "<a href='delete_pluginref.php?id={$id}&sid={$sid}&ref_id={$ref_id}&ref_sid={$ref_sid}'><img src='../pixmaps/cross-circle-frame.png' border=0 alt='Delete' title='Delete'></a>";
        //$xml.= "<cell><![CDATA[" . $lnk . "&nbsp;&nbsp;".$lnk_del."]]></cell>";
        $xml .= "<cell><![CDATA[" . Plugin::get_name_by_id($conn, $id) . "]]></cell>";
        $xml .= "<cell><![CDATA[" . Plugin_sid::get_name_by_idsid($conn, $id, $sid) . "]]></cell>";
        $xml .= "<cell><![CDATA[" . Plugin::get_name_by_id($conn, $ref_id) . "]]></cell>";
        $xml .= "<cell><![CDATA[" . Plugin_sid::get_name_by_idsid($conn, $ref_id, $ref_sid) . "]]></cell>";
        $xml .= "</row>\n";
    }
}
$xml .= "</rows>\n";
echo $xml;
$db->close($conn);