function list_results($type, $value, $ctx_filter, $sortby, $sortdir) { global $allres, $offset, $pageSize, $dbconn; global $user, $arruser; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $filteredView = FALSE; $selRadio = array("", "", "", ""); $query_onlyuser = ""; $url_filter = ""; // Deprecated filter //if(!empty($arruser)) {$query_onlyuser = "******";} $sortby = "t1.results_sent DESC, t1.hostIP DESC"; $sortdir = ""; $queryw = ""; $queryl = ""; $querys = "SELECT distinct t1.hostIP, HEX(t1.ctx) as ctx, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid, t3.name as profile\n FROM vuln_nessus_latest_reports AS t1 LEFT JOIN vuln_nessus_settings AS t3 ON t1.sid = t3.id, vuln_nessus_latest_results AS t5\n WHERE\n t1.hostIP = t5.hostIP\n AND t1.ctx = t5.ctx\n AND t1.deleted = '0' "; // set up the SQL query based on the search form input (if any) if ($type == "scantime" && $value != "") { $selRadio[0] = "CHECKED"; $q = $value; $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "service" && $value != "") { $selRadio[5] = "CHECKED"; $q = $value; $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "freetext" && $value != "") { $selRadio[6] = "CHECKED"; $q = $value; $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hostip" && $value != "") { $selRadio[1] = "CHECKED"; $q = strtolower($value); $queryw = " t1.hostIP LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "fk_name" && $value != "") { $selRadio[2] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "username" && $value != "") { $selRadio[3] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hn" && $value != "") { if (!empty($ctx_filter)) { $queryw = " AND t1.ctx=UNHEX('{$ctx_filter}')"; } $selRadio[4] = "CHECKED"; if (preg_match("/\\//", $value)) { $ip_range = array(); $ip_range = Cidr::expand_CIDR($value, "SHORT"); $queryw .= " AND (inet_aton(t1.hostIP) >= '" . $ip_range[0] . "' AND inet_aton(t1.hostIP) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}"; } elseif (preg_match("/\\,/", $value)) { $q = implode("','", explode(",", $value)); $queryw .= " AND t1.hostIP in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}"; $q = "Others"; } else { $q = $value; $queryw .= " AND t1.hostIP LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}"; } $queryl = " limit {$offset},{$pageSize}"; if (!preg_match("/\\//", $value)) { $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'"; } else { $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'"; } $url_filter = "&type={$type}&value={$value}"; } else { $selRadio[4] = "CHECKED"; $viewAll = FALSE; $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = ""; } } } } } } } // set up the pager and search fields if viewing all hosts $reportCount = 0; if (!$filteredView) { $dbconn->Execute(str_replace("SELECT distinct", "SELECT SQL_CALC_FOUND_ROWS distinct", $querys) . $queryw); $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total"); $previous = $offset - $pageSize; if ($previous < 0) { $previous = 0; } $last = intval($reportCount / $pageSize) * $pageSize; if ($last < 0) { $last = 0; } $next = $offset + $pageSize; $pageEnd = $offset + $pageSize; $value = html_entity_decode($value); //echo "<center><table cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td class='headerpr' style='border:0;'>"._("Current Vulnerablities")."</td></tr></table>"; // output the search form echo "<table class='w100 transparent'>"; echo "<tr><td class='sec_title'>" . _("Asset Vulnerability Details") . "</td></tr>"; echo "<tr><td style='padding:12px 0px 0px 0px;' class='transparent'>"; ?> <div id='cvleftdiv'> <a id="new_scan_button" class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> " style="text-decoration:none;"> <?php echo _("New Scan Job"); ?> </a> </div> <div id='cvrightdiv'> <?php echo '<form name="hostSearch" id="hostSearch" action="index.php" method="GET"> <input type="text" length="25" name="value" id="assets" class="assets" style="margin:0px !important;" value="' . Util::htmlentities($value) . '">'; // cvfiltertype -> current vulnerabilities filter type echo "\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n"; echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" id=\"current_vulns_find_button\" class=\"av_b_secondary small\" style=\"margin-left:15px;\">"; echo <<<EOT </form> </p> EOT; } else { // get the search result count $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' "; $scount = $dbconn->GetOne($queryc . $queryw); echo "<p>{$scount} report"; if ($scount != 1) { echo "s"; } else { } echo " " . _("found matching search criteria") . " | "; echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>"; } echo "<p>"; echo $stext; echo "</p>"; echo "</div></td></tr></table>"; $result = array(); // get the hosts to display $result = $dbconn->GetArray($querys . $queryw . $queryl); // main query //echo $querys.$queryw.$queryl; $delete_ids = array(); if (count($result) > 0) { foreach ($result as $rpt) { $delete_ids[] = $dreport_id = $rpt["report_id"]; } } $_SESSION["_dreport_ids"] = implode(",", $delete_ids); //echo "$querys$queryw$queryl"; if ($result === false) { $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg(); $error++; dispSQLError($errMsg, $error); } else { $data['vInfo'] = 0; $data['vLow'] = 0; $data['vMed'] = 0; $data['vHigh'] = 0; $data['vSerious'] = 0; $perms_where = Asset_host::get_perms_where('host.', TRUE); if (!empty($perms_where)) { $queryt = "SELECT count(lr.result_id) AS total, lr.risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr, host, host_ip hi\n WHERE host.id=hi.host_id AND inet6_ntoa(hi.ip)=lr.hostIP {$perms_where} AND falsepositive='N'\n GROUP BY risk, hostIP, ctx"; } else { $queryt = "SELECT count(lr.result_id) AS total, risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr\n WHERE falsepositive='N'\n GROUP BY risk, hostIP, ctx"; } //echo "$queryt<br>"; $resultt = $dbconn->Execute($queryt); while (!$resultt->EOF) { $riskcount = $resultt->fields['total']; $risk = $resultt->fields['risk']; if ($risk == 7) { $data['vInfo'] += $riskcount; } else { if ($risk == 6) { $data['vLow'] += $riskcount; } else { if ($risk == 3) { $data['vMed'] += $riskcount; } else { if ($risk == 2) { $data['vHigh'] += $riskcount; } else { if ($risk == 1) { $data['vSerious'] += $riskcount; } } } } } $resultt->MoveNext(); } if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } else { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "lr_reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "lr_respdf.php?ipl=all&scantype=M", "xlink" => "lr_rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } foreach ($result as $data) { if (!Session::hostAllowed_by_ip_ctx($dbconn, $data["hostIP"], $data["ctx"])) { continue; } $host_id = key(Asset_host::get_id_by_ips($dbconn, $data["hostIP"], $data["ctx"])); if (valid_hex32($host_id)) { $data['host_name'] = Asset_host::get_name_by_id($dbconn, $host_id); } $data['vSerious'] = 0; $data['vHigh'] = 0; $data['vMed'] = 0; $data['vLow'] = 0; $data['vInfo'] = 0; // query for reports for each IP $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE hostIP = '" . $data['hostIP']; $query_risk .= "' AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND ctx = UNHEX('" . $data['ctx'] . "') AND falsepositive='N'"; $result_risk = $dbconn->Execute($query_risk); while (!$result_risk->EOF) { if ($result_risk->fields["risk"] == 7) { $data['vInfo']++; } else { if ($result_risk->fields["risk"] == 6) { $data['vLow']++; } else { if ($result_risk->fields["risk"] == 3) { $data['vMed']++; } else { if ($result_risk->fields["risk"] == 2) { $data['vHigh']++; } else { if ($result_risk->fields["risk"] == 1) { $data['vSerious']++; } } } } } $result_risk->MoveNext(); } $data['plink'] = "lr_respdf.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; $data['hlink'] = "lr_reshtml.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; $data['xlink'] = "lr_rescsv.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; if (Session::am_i_admin()) { $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime']; } $list = explode("\n", trim($data['meth_target'])); if (count($list) == 1) { $list[0] = trim($list[0]); $data['target'] = resolve_asset($dbconn, $list[0]); } elseif (count($list) == 2) { $list[0] = trim($list[0]); $list[0] = resolve_asset($dbconn, $list[0]); $list[1] = trim($list[1]); $list[1] = resolve_asset($dbconn, $list[1]); $data['target'] = $list[0] . ' ' . $list[1]; } else { $list[0] = trim($list[0]); $list[0] = resolve_asset($dbconn, $list[0]); $list[count($list) - 1] = trim($list[count($list) - 1]); $list[count($list) - 1] = resolve_asset($dbconn, $list[count($list) - 1]); $data['target'] = $list[0] . " ... " . $list[count($list) - 1]; } $tdata[] = $data; } if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_filter; $fieldMapLinks = array(); $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png')); if (Session::am_i_admin()) { $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif'); } $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks); // echo "<pre>"; // var_dump($tdata); // echo "</pre>"; if (count($tdata) > 1) { drawTableLatest($fieldMap, $tdata, "Hosts"); } elseif (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<br><span class='gray'>" . _("No results found: ") . "</span><a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs') . "'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br>"; } } // draw the pager again, if viewing all hosts if (!$filteredView && $reportCount > 10) { ?> <div class="fright tmargin"> <?php if ($next > $pageSize) { ?> <a href="index.php?<?php echo "offset={$previous}{$url_filter}"; ?> " class="pager">< <?php echo _("PREVIOUS"); ?> </a> <?php } else { ?> <a class='link_paginate_disabled' href="" onclick='return false'>< <?php echo _("PREVIOUS"); ?> </a> <?php } if ($next <= $last) { ?> <a class='lmargin' href="index.php?<?php echo "offset={$next}{$url_filter}"; ?> "> <?php echo _("NEXT"); ?> ></a> <?php } else { ?> <a class='link_paginate_disabled lmargin' href="" onclick='return false'><?php echo _("NEXT"); ?> ></a> <?php } ?> </div> <?php } else { echo "<p> </p>"; } }
function list_results($type, $value, $sortby, $sortdir) { global $scanstate, $isReportAdmin, $allres, $offset, $pageSize, $username, $uroles, $dbconn, $hosts; global $user, $arruser, $delete_selected; $filteredView = FALSE; $selRadio = array("", "", "", ""); $query_onlyuser = ""; $url_filter = ""; //if (!$isReportAdmin || (!$allres)) { $query_onlyuser="******"; } if (!in_array("admin", $arruser)) { $query_onlyuser = "******"; } //echo $query_onlyuser; //if ($sortby == "" ) { $sortby = "scantime"; } //if ($sortdir == "" ) { $sortdir = "DESC"; } $sortby = "t1.results_sent DESC, t1.name DESC"; //$sortdir = "DESC"; $sortdir = ""; $queryw = ""; $queryl = ""; //$querys="SELECT distinct t1.report_id, t1.name as jobname, t4.meth_target, t1.scantime, // t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t3.name as profile, t4.id as jobid, t4.meth_SCHED, // t5.vSerious, t5.vHigh, t5.vMed, t5.vLow, t5.vInfo // FROM vuln_nessus_latest_reports t1 // LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id // LEFT JOIN vuln_jobs t4 on t1.report_id = t4.report_id // LEFT JOIN vuln_nessus_report_stats t5 on t1.report_id = t5.report_id // WHERE t1.deleted = '0' "; // $querys="SELECT distinct t1.report_id, t4.name as jobname, t4.scan_submit, t4.meth_target, t1.scantime, // t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t3.name as profile, t4.id as jobid, t4.meth_SCHED, // t5.vSerious, t5.vHigh, t5.vMed, t5.vLow, t5.vInfo // FROM vuln_nessus_latest_reports t1 // LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id // LEFT JOIN vuln_jobs t4 on t1.report_id = t4.report_id // LEFT JOIN vuln_nessus_report_stats t5 on t1.report_id = t5.report_id // WHERE t1.deleted = '0' "; /*$querys="SELECT distinct t1.report_id, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t3.name as profile, '0' as vSerious, '0' as High, '0' as vMed, '0' as vLow, '0' as vInfo FROM vuln_nessus_latest_reports t1 LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id WHERE t1.deleted = '0' ";*/ $querys = "SELECT distinct t1.report_id, t4.hostname as host_name, t1.scantime,\n t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid,\n t3.name as profile\n FROM vuln_nessus_latest_reports t1\n LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id\n LEFT JOIN host t4 ON t4.ip=inet_ntoa(t1.report_id)\n LEFT JOIN vuln_nessus_latest_results t5 ON t1.report_id=t5.report_id \n WHERE t1.deleted = '0' "; // set up the SQL query based on the search form input (if any) if ($type == "scantime" && $value != "") { $selRadio[0] = "CHECKED"; $q = $value; $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "service" && $value != "") { $selRadio[5] = "CHECKED"; $q = $value; $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "freetext" && $value != "") { $selRadio[6] = "CHECKED"; $q = $value; $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hostip" && $value != "") { $selRadio[1] = "CHECKED"; $q = strtolower($value); $queryw = " AND (t4.hostname LIKE '%{$q}%' OR inet_ntoa(t1.report_id) LIKE '%{$q}%') {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "fk_name" && $value != "") { $selRadio[2] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "username" && $value != "") { $selRadio[3] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hn" && $value != "") { $selRadio[4] = "CHECKED"; if (preg_match("/\\//", $value)) { /*$tokens = explode("/", $value); $bytes = explode(".",$tokens[0]); if($tokens[1]=="24") $q = $bytes[0].".".$bytes[1].".".$bytes[2]."."; else if ($tokens[1]=="16") $q = $bytes[0].".".$bytes[1]."."; else if ($tokens[1]=="8") $q = $bytes[0]."."; else if ((int)$tokens[1]>24) $q = $bytes[0].".".$bytes[1].".".$bytes[2].".".$bytes[3]; // */ $ip_range = array(); $ip_range = CIDR::expand_CIDR($value, "SHORT"); $queryw = " AND (inet_aton(t1.name) >= '" . $ip_range[0] . "' AND inet_aton(t1.name) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}"; } elseif (preg_match("/\\,/", $value)) { $q = implode("','", explode(",", $value)); $queryw = " AND t1.name in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}"; $q = "Others"; } else { $q = $value; $queryw = " AND t1.name LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}"; } $queryl = " limit {$offset},{$pageSize}"; if (!preg_match("/\\//", $value)) { $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'"; } else { $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'"; } $url_filter = "&type={$type}&value={$value}"; } else { $selRadio[4] = "CHECKED"; $viewAll = FALSE; $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = ""; } } } } } } } // put link to add new host // if ($isReportAdmin) { // $url_allres="&allres="; // if ($allres=="" || !is_numeric($allres) || (!$allres)) { // $allres=0; // echo "<a href='results.php?offset=0".$url_allres."1'>Show all results</a><br>"; // } else { // $allres=1; // echo "<a href='results.php?offset=0".$url_allres."0'>Display only my Results</a><br>"; // } // $url_allres .="$allres"; // } // echo the search criteria used // set up the pager and search fields if viewing all hosts $reportCount = 0; if (!$filteredView) { //$queryc = "SELECT count(report_id) FROM vuln_nessus_latest_reports t1 WHERE 1=1 "; $queryc = "SELECT SQL_CALC_FOUND_ROWS distinct t1.report_id, t4.hostname as host_name, t1.scantime,\n t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid,\n t3.name as profile\n FROM vuln_nessus_latest_reports t1\n LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id\n LEFT JOIN host t4 ON t4.ip=inet_ntoa(t1.report_id)" . ($type == "service" || $type == "freetext" ? " LEFT JOIN vuln_nessus_latest_results t5 ON t1.report_id=t5.report_id " : " ") . "WHERE t1.deleted = '0' "; $dbconn->Execute($queryc . $queryw); $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total"); $previous = $offset - $pageSize; if ($previous < 0) { $previous = 0; } $last = intval($reportCount / $pageSize) * $pageSize; if ($last < 0) { $last = 0; } $next = $offset + $pageSize; /*if ($next < $last) { $last = $next; }*/ $pageEnd = $offset + $pageSize; $value = html_entity_decode($value); echo "<center><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"900\"><tr><td class=\"headerpr\" style=\"border:0;\">" . _("Current Vulnerablities") . "</td></tr></table>"; //echo "<p>There are $reportCount scans defined in the system."; // output the search form echo "<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"900\">"; echo "<tr><td style=\"padding-top:5px;\" class=\"nobborder\">"; echo <<<EOT <center> <form name="hostSearch" id="hostSearch" action="index.php" method="GET"> <input type="text" length="25" name="value" class="assets" id="assets" value="{$value}"> EOT; echo "\n<!--<input type=\"radio\" name=\"type\" value=\"scantime\" {$selRadio['0']}>" . _("Date") . "/" . _("Time") . "-->\n<!--<input type=\"radio\" name=\"type\" value=\"hostip\" {$selRadio['1']}>" . _("Host - IP") . "-->\n<!--<input type=\"radio\" name=\"type\" value=\"fk_name\" {$selRadio['2']}>Subnet Name-->\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n<!--<input type=\"radio\" name=\"type\" value=\"username\" {$selRadio['3']}>Username-->\n"; /* echo <<<EOT <input type="hidden" name="sortby" value="$sortby"> <input type="hidden" name="allres" value="$allres"> <input type="hidden" name="op" value="search"> EOT;*/ echo '<input type="hidden" name="withoutmenu" value="' . GET('withoutmenu') . '">'; echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" class=\"button\" style=\"margin-left:15px;\">"; if (Session::am_i_admin() && (GET("submit") != "" || GET("type") != "") && GET("value") != "") { echo "<input style=\"margin-left:5px;\" type=\"button\" value=\"" . _("Delete selection") . "\" onclick=\"deleteSelected(this.form)\" class=\"button\">"; } echo <<<EOT </form> </center> </p> EOT; // output the pager //echo "<p align=center><a href='index.php?offset=0".$url_allres.$url_filter."' class='pager'><< "._("First")."</a> | "; //if($offset != 0) { // echo "<a href='index.php?offset=$previous".$url_allres.$url_filter."' class='pager'>< "._("Previous")." </a> | "; //} //if($pageEnd >= $reportCount) { $pageEnd = $reportCount; } //echo "[ ".($offset+1)." - $pageEnd of $reportCount ] | "; //if($next < $last) { // echo "<a href='index.php?offset=$next".$url_allres.$url_filter."' class='pager'>| "._("Next")." ></a> | "; //} //echo "<a href='index.php?offset=$last".$url_allres.$url_filter."' class='pager'> "._("Last")." >></a></p>"; } else { // get the search result count $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' "; $scount = $dbconn->GetOne($queryc . $queryw); echo "<p>{$scount} report"; if ($scount != 1) { echo "s"; } else { } echo " " . _("found matching search criteria") . " | "; echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>"; } echo "<p>"; echo $stext; echo "</p>"; echo "</td></tr></table>"; // get the hosts to display $result = $dbconn->GetArray($querys . $queryw . $queryl); $delete_ids = array(); foreach ($result as $rpt) { $delete_ids[] = $dreport_id = $rpt["report_id"]; } $_SESSION["_dreport_ids"] = implode(",", $delete_ids); /* if ($delete_selected!="") { // delete selected current vulns from latest tables defore display foreach ($result as $rpt) { $dreport_id = $rpt["report_id"]; $query = "DELETE FROM vuln_nessus_latest_reports WHERE report_id=$dreport_id"; $result=$dbconn->execute($query); $query = "DELETE FROM vuln_nessus_latest_results WHERE report_id=$dreport_id"; $result=$dbconn->execute($query); } ?> <script type="text/javascript"> // document.location.href='index.php'; </script> <?php } */ //echo "[$querys$queryw$queryl]"; if ($result === false) { $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg(); $error++; dispSQLError($errMsg, $error); } else { $data['vInfo'] = 0; $data['vLow'] = 0; $data['vMed'] = 0; $data['vHigh'] = 0; $data['vSerious'] = 0; $queryt = "SELECT count(*) AS total, risk, hostIP FROM (\n SELECT DISTINCT port, protocol, app, scriptid, msg, risk, hostIP\n FROM vuln_nessus_latest_results where falsepositive='N'" . (in_array("admin", $arruser) ? "" : " and username in ('" . $user . "')") . ") AS t GROUP BY risk, hostIP"; //echo "$queryt<br>"; $resultt = $dbconn->Execute($queryt); while (list($riskcount, $risk, $hostIP) = $resultt->fields) { if ($risk == 7) { $data['vInfo'] += $riskcount; } else { if ($risk == 6) { $data['vLow'] += $riskcount; } else { if ($risk == 3) { $data['vMed'] += $riskcount; } else { if ($risk == 2) { $data['vHigh'] += $riskcount; } else { if ($risk == 1) { $data['vSerious'] += $riskcount; } } } } } $resultt->MoveNext(); } if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } else { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "respdf.php?ipl=all&scantype=M", "xlink" => "rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } foreach ($result as $data) { $data['vSerious'] = 0; $data['vHigh'] = 0; $data['vMed'] = 0; $data['vLow'] = 0; $data['vInfo'] = 0; // query for reports for each IP $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE report_id = " . $data['report_id']; $query_risk .= " AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND falsepositive='N'"; //echo "[$query_risk]<br>"; $result_risk = $dbconn->Execute($query_risk); while (!$result_risk->EOF) { if ($result_risk->fields["risk"] == 7) { $data['vInfo']++; } else { if ($result_risk->fields["risk"] == 6) { $data['vLow']++; } else { if ($result_risk->fields["risk"] == 3) { $data['vMed']++; } else { if ($result_risk->fields["risk"] == 2) { $data['vHigh']++; } else { if ($result_risk->fields["risk"] == 1) { $data['vSerious']++; } } } } } $result_risk->MoveNext(); } $more = "&hmenu=Vulnerabilities&smenu=Vulnerabilities"; $data['clink'] = "respdfc.php?scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more; $data['plink'] = "respdf.php?treport=latest&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more; $data['hlink'] = "reshtml.php?treport=latest&key=" . $data['report_key'] . "&disp=html&output=full&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . $more; $data['rerun'] = "sched.php?disp=rerun&job_id=" . $data['jobid'] . $more; $data['xlink'] = "rescsv.php?treport=latest&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more; $data['xbase'] = "restextsummary.php?scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . $more . "&key=" . $data['report_key']; if (Session::am_i_admin()) { $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime']; } /* $data['vSerious'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype'] ."&key=".$data['report_key']."&critical=1\">".$data['vSerious']."</a>"; $data['vHigh'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype'] ."&key=".$data['report_key']."&critical=2\">".$data['vHigh']."</a>"; $data['vMed'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype'] ."&key=".$data['report_key']."&critical=3\">".$data['vMed']."</a>"; $data['vLow'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype'] ."&key=".$data['report_key']."&critical=6\">".$data['vLow']."</a>"; $data['vInfo'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype'] ."&key=".$data['report_key']."&critical=7\">".$data['vInfo']."</a>";*/ //$data['vSerious'] = $data['vSerious']; //$data['vHigh'] = $data['vHigh']; //$data['vMed'] = $data['vMed']; //$data['vLow'] = $data['vLow']; //$data['vInfo'] = $data['vInfo']; //$data['scan_submit'] = $data['scan_submit']; $list = explode("\n", trim($data['meth_target'])); if (count($list) == 1) { $list[0] = trim($list[0]); if ($list[0] != "") { if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) { $data['target'] = $hosts[$list[0]] . " (" . $list[0] . ")"; } else { $data['target'] = $list[0]; } } else { $data['target'] = "-"; } } elseif (count($list) == 2) { $list[0] = trim($list[0]); if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) { $list[0] = $hosts[$list[0]] . " (" . $list[0] . ")"; } $list[1] = trim($list[1]); if ($hosts[$list[1]] != "" && $hosts[$list[1]] != $list[1]) { $list[1] = $hosts[$list[1]] . " (" . $list[1] . ")"; } $data['target'] = $list[0] . ' ' . $list[1]; } else { $list[0] = trim($list[0]); if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) { $list[0] = $hosts[$list[0]] . " (" . $list[0] . ")"; } $list[count($list) - 1] = trim($list[count($list) - 1]); if ($hosts[$list[count($list) - 1]] != "" && $hosts[$list[count($list) - 1]] != $list[count($list) - 1]) { $list[count($list) - 1] = $hosts[$list[count($list) - 1]] . " (" . $list[count($list) - 1] . ")"; } $data['target'] = $list[0] . " ... " . $list[count($list) - 1]; } $tdata[] = $data; } if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_allres . $url_filter; $fieldMapLinks = array(); $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png')); if (Session::am_i_admin()) { $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif'); } $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks); if (count($tdata) > 1) { drawTableLatest($fieldMap, $tdata, "Hosts"); } else { echo "<br><b>" . _("No results found: ") . "<a href='sched.php?smethod=schedule&hosts_alive=1&scan_locally=1'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br></b>"; } } // draw the pager again, if viewing all hosts if (!$filteredView && $reportCount > 10) { echo "<p align=center>\n<a href=\"index.php?offset=0" . $url_allres . $url_filter . "\" class=\"pager\"><< " . _("First") . "</a>\n<a href=\"index.php?offset={$previous}" . $url_allres . $url_filter . "\" class=\"pager\">< " . _("Previous") . " </a>"; echo " [ " . ($offset + 1) . " - {$pageEnd} " . _("of") . " {$reportCount} ] "; if ($reportCount > $pageEnd) { echo "<a href=\"index.php?offset={$next}" . $url_allres . $url_filter . "\" class=\"pager\"> " . _("Next") . " ></a>\n <a href=\"index.php?offset={$last}" . $url_allres . $url_filter . "\" class=\"pager\"> " . _("Last") . " >></a>"; } echo "</p>"; } }