public function system_snmp()
{
// check to make sure we have SNMP capability
# TODO - provide a message saying SNMP extension not loaded
if (!extension_loaded('snmp')) {
redirect('main/list_devices');
}
$this->load->model("m_system");
$this->load->model("m_audit_log");
$this->load->model("m_devices_components");
$this->load->library('encrypt');
$this->load->helper('snmp');
$this->load->helper('snmp_oid');
$details = new stdClass();
$details->id = $this->uri->segment(3, 0);
$credentials = $this->m_devices_components->read($details->id, 'y', 'credential');
foreach ($credentials as $credential) {
if (!empty($credential->type) and $credential->type == 'snmp') {
break;
}
}
$details->hostname = $this->m_devices_components->read($details->id, 'y', 'system', '', 'hostname');
if ($details->hostname == '-') {
$details->hostname = '';
}
$details->ip = ip_address_from_db($this->m_devices_components->read($details->id, 'y', 'system', '', 'ip'));
$details->show_output = true;
# set up the pop up page
echo "<html>\n\t\t<head>\n\t\t<script type=\"text/javascript\">\n\t\twindow.onunload = refreshParent;\n\t\tfunction refreshParent()\n\t\t{\n\t\t\twindow.opener.location.reload();\n\t\t}\n\t\tfunction CloseMe()\n\t\t{\n\t\t\twindow.opener.location.reload();\n\t\t\twindow.close();\n\t\t}\n\t\t</script>\n\t\t</head>\n\t\t<body>\n\t\t<h3 style='text-align: center'>Open-AudIT SNMP Scan</h3>\n\t\t<p style='font-family: \"Verdana\",\"Lucida Sans Unicode\",\"Lucida Sans\",sans-serif; font-size: 12px;'>\n\t\t<pre>";
# audit the device via snmp
#if ($temp_array = get_snmp($details)) {
if ($temp_array = snmp_audit($details->ip, $credential->attributes, 'y')) {
if (!empty($temp_array['details'])) {
foreach ($temp_array['details'] as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
$details->last_seen_by = 'snmp';
$details->audits_ip = '127.0.0.1';
}
} else {
echo "Error - nothing returned when SNMP routine executed.";
}
$network_interfaces = $temp_array['interfaces'];
$ip = $temp_array['ip'];
unset($guests);
if (isset($temp_array['guests']) and count($temp_array['guests']) > 0) {
$guests = $temp_array['guests'];
}
$modules = $temp_array['modules'];
$details->last_seen_by = 'snmp';
$details->last_seen = $this->config->config['timestamp'];
$details->last_user = $this->user->full_name;
$details->audits_ip = '127.0.0.1';
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, 'y');
}
#unset($details->type);
unset($details->show_output);
unset($details->ip);
echo "<pre>\n";
if (isset($details->snmp_oid) and $details->snmp_oid > '') {
$details->original_timestamp = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$this->m_system->update_system($details);
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($details->id, $temp_user, $details->last_seen_by, $details->audits_ip, '', '', $details->last_seen);
unset($temp_user);
# update any network interfaces and ip addresses retrieved by SNMP
$details->last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->first_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'first_seen');
$details->original_last_seen_by = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen_by');
if (isset($network_interfaces) and is_array($network_interfaces) and count($network_interfaces) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $network_interfaces;
$this->m_devices_components->process_component('network', $details, $input, 'y');
}
if (isset($ip->item) and count($ip->item) > 0) {
$this->m_devices_components->process_component('ip', $details, $ip, 'y');
}
# insert any found virtual machines
if (isset($guests) and is_array($guests) and count($guests) > 0) {
$vm = new stdClass();
$vm->item = array();
$vm->item = $guests;
$this->m_devices_components->process_component('vm', $details, $vm, 'y');
}
# insert any modules
if (isset($modules) and is_array($modules) and count($modules) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $modules;
$this->m_devices_components->process_component('module', $details, $input, 'y');
}
// Generate any DNS entries required
$dns = new stdClass();
$dns->item = array();
$dns->item = $this->m_devices_components->create_dns_entries((int) $details->id);
if (count($dns->item) > 0) {
$this->m_devices_components->process_component('dns', $details, $dns, 'y');
}
unset($dns);
// insert a blank to indicate we're finished this part of the discovery
// if required, the audit scripts will insert their own audit logs
$this->m_audit_log->update('debug', '', $details->id, $details->last_seen);
} else {
echo "Audit NOT submitted.";
}
echo "<div align=\"center\"><input type=\"button\" value=\"Close\" onclick=\"CloseMe();\"/></div></p>\n</body>\n</html>";
}
public function process_subnet()
{
// accept or process the output of the discover subnet script - nmap details
if (!isset($_POST['form_details'])) {
$this->load->view('v_process_subnet', $this->data);
} else {
$display = '';
if ($this->input->post('debug') and strpos($_SERVER['HTTP_ACCEPT'], 'html')) {
$display = 'y';
echo "<pre>\n";
echo "DEBUG - Starting process_subnet.\n";
echo "***********************************************************************************\n";
echo "* NOTE - THIS PAGE WILL CONTINUOUSLY RENDER UNTIL THE DISCOVERY HAS FINISHED *\n";
echo "* WATCH YOUR BROSWER TO SEE WHEN THE PAGE FINISHES RENDERING *\n";
echo "* DO NOT REFRESH THIS PAGE OR ATTEMPT TO GO 'back' UNTIL THE PAGE HAS COMPLETED *\n";
echo "***********************************************************************************\n";
}
$this->load->model('m_oa_user');
$this->load->model('m_scripts');
if (isset($this->session->userdata['user_id']) and is_numeric($this->session->userdata['user_id'])) {
$this->user = $this->m_oa_user->get_user_details($this->session->userdata['user_id']);
}
// all logging will be as below, only the message will change
$log_details = new stdClass();
$log_details->severity = 7;
$log_details->file = 'system';
$log_details->display = $display;
if (!$this->m_oa_config->check_blessed($_SERVER['REMOTE_ADDR'], '')) {
if ($display == 'y') {
$log_details->message = "Audit submission from an IP (" . $_SERVER['REMOTE_ADDR'] . ") not in the list of blessed subnets, exiting.";
echo "\n" . $log_details->message . "\n";
stdlog($log_details);
}
exit;
}
$this->load->helper('url');
$this->load->model('m_credentials');
if ($display == 'y') {
echo 'DEBUG - <a href=\'' . base_url() . "index.php/discovery/discover_subnet'>Back to input page</a>\n";
echo 'DEBUG - <a href=\'' . base_url() . "index.php'>Front Page</a>\n";
}
if (php_uname('s') != 'Windows NT') {
$filepath = $this->config->config['base_path'] . '/other';
} else {
$filepath = $this->config->config['base_path'] . '\\other';
}
$this->load->helper('xml');
$xml_input = $_POST['form_details'];
try {
$xml = new SimpleXMLElement($xml_input);
} catch (Exception $error) {
// not a valid XML string
$log_details->message = 'Invalid XML input for discovery from ' . $_SERVER['REMOTE_ADDR'];
stdlog($log_details);
exit;
}
$this->load->helper('url');
$this->load->library('encrypt');
$this->load->helper('ipmi');
if (extension_loaded('snmp')) {
$this->load->helper('snmp');
$this->load->helper('snmp_oid');
}
$this->load->model('m_system');
$this->load->model('m_oa_group');
$this->load->model('m_audit_log');
$this->load->model('m_change_log');
$this->load->model('m_devices_components');
$this->load->model('m_devices');
$timestamp = $this->config->config['timestamp'];
$count = 0;
foreach ($xml->children() as $details) {
$details = (object) $details;
if (isset($details->complete) and $details->complete == 'y') {
// delete the credential set
if ($display == 'y') {
echo "DEBUG - ----------------------------------------------------\n";
}
$this->echo_details($details);
sleep(5);
$log_details->message = 'Deleting credential set for ' . $details->subnet_range . ' submitted on ' . $details->subnet_timestamp;
stdlog($log_details);
$sql = '/* discovery::process_subnet */ DELETE FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' ';
$query = $this->db->query($sql);
} else {
$skip = false;
if (stripos(' ' . $this->config->config['discovery_ip_exclude'] . ' ', ' ' . $details->ip . ' ') !== false) {
# Our ip address matched an ip in the discovery_ip_exclude list - exit
$log_details->message = $details->ip . ' is in the list of excluded ip addresses - skipping.';
stdlog($log_details);
$skip = true;
}
if (!$skip) {
$log_details->message = 'Start processing ' . $details->ip;
stdlog($log_details);
$count++;
$details->last_seen = $timestamp;
$details->last_user = '';
$details->last_seen_by = 'nmap';
$details->domain = '';
$details->audits_ip = ip_address_to_db($_SERVER['REMOTE_ADDR']);
$details->hostname = '';
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, $display);
}
$details->id = '';
$details->id = $this->m_system->find_system($details);
$details->last_seen_user = '';
$details->network_address = '';
$details->limit = 1000000;
$details->count = 0;
$details->use_https = '';
// # 1.12.6
$credentials = array();
// If we find a device and we're in DEBUG, output a result line.
if ($display == 'y') {
if (!empty($details->id)) {
echo 'DEBUG - Device found with ID: <a href=\'' . base_url() . 'index.php/main/system_display/' . $details->id . '\'>' . $details->id . "</a>.\n";
}
}
// Device specific credentials
if (!empty($details->id)) {
$temp = $this->m_devices_components->read(intval($details->id), 'y', 'credential', '', '*');
if (count($temp) > 0) {
foreach ($temp as $credential) {
$credentials[] = $credential;
}
}
unset($temp);
}
// Credential Sets
$temp = $this->m_credentials->collection();
if (count($temp) > 0) {
$credentials = array_merge($credentials, $temp);
}
unset($temp);
// supplied credentials
$sql = '/* discovery::process_subnet */ SELECT temp_value FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' ORDER BY temp_id DESC LIMIT 1';
$query = $this->db->query($sql);
$row = $query->row();
$supplied_credentials = @$row->temp_value;
$supplied = new stdClass();
if (isset($supplied_credentials) and $supplied_credentials > '') {
$supplied_credentials = $this->encrypt->decode($supplied_credentials);
$supplied_credentials = json_decode($supplied_credentials);
$details->last_seen_user = @$supplied_credentials->last_user;
$details->network_address = @$supplied_credentials->network_address;
$details->limit = (int) @$supplied_credentials->limit;
$details->count = (int) @$supplied_credentials->count;
$details->org_id = (int) @$supplied_credentials->org;
$details->location_id = (int) @$supplied_credentials->location;
$details->org_id = (int) @$supplied_credentials->org;
$details->location_id = (int) @$supplied_credentials->location;
$details->use_https = (string) @$supplied_credentials->use_https;
}
# TODO - replace the ugly code below
$creds = array();
foreach ($credentials as $credential) {
$creds[] = $credential->attributes;
}
unset($credentials);
$credentials = $creds;
unset($creds);
// default Open-AudIT credentials
// $default = $this->m_oa_config->get_credentials();
// unset($default);
if (intval($details->count) >= intval($details->limit)) {
# we have discovered the requested number of devcies
$log_details->message = 'Count from DB is higher than requested limit, exiting. Count: ' . $details->count . ' Limit: ' . $details->limit;
stdlog($log_details);
return;
}
if (empty($supplied_credentials)) {
$supplied_credentials = new stdClass();
}
if (empty($supplied_credentials->count)) {
$supplied_credentials->count = 0;
} else {
$supplied_credentials->count++;
}
$sql = '/* discovery::process_subnet */ UPDATE oa_temp SET temp_value = ? WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\'';
$data_in = json_encode($supplied_credentials);
$data_in = $this->encrypt->encode($data_in);
$data = array("{$data_in}");
$query = $this->db->query($sql, $data);
$details->last_user = $details->last_seen_user;
$log_details->user = $details->last_seen_user;
// create the URL for use by the audit scripts
# use $_POST if supplied
if (isset($_POST['network_address']) and $_POST['network_address'] > '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $_POST['network_address'], base_url());
# use $details->network_address if stored in DB
} elseif (isset($details->network_address) and $details->network_address != '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $details->network_address, base_url());
# use the open-audit default config value
} elseif (isset($this->config->config['default_network_address']) and $this->config->config['default_network_address'] > '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $this->config->config['default_network_address'], base_url());
# use the PHP function to guess as a last resort
} else {
$url = base_url();
}
unset($details->network_address);
if ($details->use_https == 'on') {
$url = str_ireplace('http://', 'https://', $url);
}
if (isset($supplied->snmp_community) and $supplied->snmp_community != '') {
$details->snmp_community = $supplied->snmp_community;
}
// output to log file and DEBUG the status of the three main services
$log_details->message = 'WMI Status is ' . $details->wmi_status . ' on ' . $details->ip;
stdlog($log_details);
// On OSX we cannot run Nmap and get a UDP port result for 161 as 'You requested a scan type which requires root privileges.' So just set the snmp_status to true and attempt to snmp_audit the target device
if (php_uname('s') == 'Darwin') {
$details->snmp_status = 'true';
$details->nmap_ports .= ',161/udp/snmp';
}
$log_details->message = 'SNMP Status is ' . $details->snmp_status . ' on ' . $details->ip;
stdlog($log_details);
$log_details->message = 'SSH Status is ' . $details->ssh_status . ' on ' . $details->ip;
stdlog($log_details);
// get rid of os_* as nmap only guesses
unset($details->os_group);
unset($details->os_family);
unset($details->os_name);
# IPMI audit
# TODO - make a ipmi_helper::ipmi_credentials function
// if (isset($this->config->config['discovery_use_ipmi']) and $this->config->config['discovery_use_ipmi'] == 'y') {
// $credentials_ipmi = new stdClass();
// $credentials_ipmi->type = 'ipmi';
// $credentials_ipmi->credentials = new stdClass();
// $credentials_ipmi->credentials->username = $this->config->config['default_ipmi_username'];
// $credentials_ipmi->credentials->password = $this->config->config['default_ipmi_username'];
// $credentials[] = $credentials_ipmi;
// $ipmi_details = ipmi_audit($details->ip, $credentials_ipmi, $display);
// if (!empty($ipmi_details)) {
// foreach ($ipmi_details as $key => $value) {
// if (!empty($value)) {
// $details->key = $value;
// }
// }
// }
// if ($details->serial) {
// $details->last_seen_by = 'ipmi';
// $details->audits_ip = '127.0.0.1';
// }
// }
// SNMP audit
if (!extension_loaded('snmp') and $details->snmp_status == 'true') {
$log_details->message = 'PHP extension not loaded, skipping SNMP data retrieval for ' . $details->ip;
stdlog($log_details);
}
if (extension_loaded('snmp') and $details->snmp_status == 'true') {
$log_details->message = 'Testing SNMP credentials for ' . $details->ip;
stdlog($log_details);
$credentials_snmp = snmp_credentials($details->ip, $credentials, $display);
} else {
$credentials_snmp = false;
}
if ($credentials_snmp) {
$temp_array = snmp_audit($details->ip, $credentials_snmp, $display);
if (!empty($temp_array['details'])) {
foreach ($temp_array['details'] as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
$details->last_seen_by = 'snmp';
$details->audits_ip = '127.0.0.1';
}
if (!empty($temp_array['interfaces'])) {
$network_interfaces = $temp_array['interfaces'];
}
if (!empty($temp_array['modules'])) {
$modules = $temp_array['modules'];
}
if (!empty($temp_array['ip'])) {
$ip = $temp_array['ip'];
}
if (!empty($temp_array['guests'])) {
$guests = $temp_array['guests'];
}
}
// new for 1.8.4 - if we have a non-computer, do not attempt to connect using SSH
if ($details->type != 'computer' and $details->type != '' and $details->type != 'unknown' and $details->os_family != 'DD-WRT' and stripos($details->sysDescr, 'dd-wrt') === false) {
$log_details->message = 'Not a computer and not a DD-WRT device, setting SSH status to false for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$details->ssh_status = 'false';
}
# test for working SSH credentials
if ($details->ssh_status == 'true') {
$log_details->message = 'Testing SSH credentials for ' . $details->ip;
stdlog($log_details);
$credentials_ssh = ssh_credentials($details->ip, $credentials, $display);
} else {
$credentials_ssh = false;
}
# run SSH audit commands
if ($details->ssh_status == 'true' and $credentials_ssh) {
$ssh_details = ssh_audit($details->ip, $credentials_ssh, $display);
if (!empty($ssh_details)) {
$details->last_seen_by = 'ssh';
$details->audits_ip = '127.0.0.1';
foreach ($ssh_details as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
}
}
// test for working Windows credentials
if ($details->wmi_status == 'true') {
$log_details->message = 'Testing Windows credentials for ' . $details->ip;
stdlog($log_details);
$credentials_windows = windows_credentials($details->ip, $credentials, $display);
} else {
$credentials_windows = false;
}
# run Windows audit commands
if ($details->wmi_status == 'true' and $credentials_windows) {
$windows_details = wmi_audit($details->ip, $credentials_windows, $display);
if (!empty($windows_details)) {
$details->last_seen_by = 'windows';
$details->audits_ip = '127.0.0.1';
foreach ($windows_details as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
}
}
# in the case where port 5060 is detected and we have no other information, assign type 'voip phone'
if (empty($details->type) and empty($details->snmp_oid) and empty($details->uuid) and stripos($details->nmap_result, '5060/') !== false) {
$details->type = 'voip phone';
}
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, $display);
}
$details->id = $this->m_system->find_system($details, $display);
if ($display == 'y') {
$details->show_output = true;
echo "=======DETAILS======\n";
foreach ($details as $key => $value) {
echo "DEBUG - " . $key . ": " . (string) $value . "\n";
}
echo "====================\n";
ob_flush();
flush();
}
// insert or update the device
if (isset($details->id) and $details->id != '') {
// we have a system id - UPDATE
$log_details->message = strtoupper($details->last_seen_by) . " update for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$details->original_last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->original_last_seen_by = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen_by');
$this->m_system->update_system($details, $display);
} else {
// we have a new system - INSERT
$log_details->message = strtoupper($details->last_seen_by) . " insert for {$details->ip}";
stdlog($log_details);
$details->id = $this->m_system->insert_system($details, $display);
}
// grab some timestamps
$details->last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->first_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'first_seen');
// Insert an audit log
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($details->id, $temp_user, $details->last_seen_by, $details->audits_ip, '', '', $details->last_seen);
unset($temp_user);
// Update the groups
if ($this->config->config['discovery_update_groups'] == 'y') {
$this->m_oa_group->update_system_groups($details);
}
// update any network interfaces and ip addresses retrieved by SNMP
if (isset($network_interfaces) and is_array($network_interfaces) and count($network_interfaces) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $network_interfaces;
$this->m_devices_components->process_component('network', $details, $input, $display);
}
// insert any ip addresses
if (isset($ip->item) and count($ip->item) > 0) {
$this->m_devices_components->process_component('ip', $details, $ip, $display);
}
// finish off with updating any network IPs that don't have a matching interface
$this->m_devices_components->update_missing_interfaces($details->id);
// insert any modules
if (isset($modules) and count($modules) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $modules;
$this->m_devices_components->process_component('module', $details, $input, $display);
}
// insert any found virtual machines
if (isset($guests) and is_array($guests) and count($guests) > 0) {
$vm = new stdClass();
$vm->item = array();
$vm->item = $guests;
$this->m_devices_components->process_component('vm', $details, $vm, $display);
}
if (!empty($credentials_snmp) and $details->snmp_status == 'true') {
$log_details->message = 'SNMP credential update for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_snmp);
}
if (!empty($credentials_ssh) and $details->ssh_status == 'true') {
$log_details->message = 'SSH credential update for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_ssh);
}
if (isset($credentials_windows) and $details->wmi_status == 'true') {
$log_details->message = "Windows credential update for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_windows);
}
// $details->id is now set
if ($display == 'y') {
echo "DEBUG - System ID <a href='" . base_url() . "index.php/devices/" . $details->id . "'>" . $details->id . "</a>\n";
}
// process and store the Nmap result
$nmap_result = array();
foreach (explode(',', $details->nmap_ports) as $port) {
$temp = explode('/', $port);
$nmap_item = new stdClass();
$nmap_item->ip = (string) $details->ip;
$nmap_item->port = $temp[0];
$nmap_item->protocol = $temp[1];
$nmap_item->program = $temp[2];
if ($nmap_item->port != '') {
$nmap_result[] = $nmap_item;
}
unset($nmap_item);
unset($temp);
}
if (count($nmap_result) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $nmap_result;
$this->m_devices_components->process_component('nmap', $details, $input, $display);
}
// insert a blank to indicate we're finished this part of the discovery
// if required, the audit scripts will insert their own audit logs
$this->m_audit_log->update('debug', '', $details->id, $details->last_seen);
# Audit Windows
if ($details->wmi_status == "true" and $credentials_windows) {
$log_details->message = "Starting windows audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$share = '\\admin$';
$destination = 'audit_windows.vbs';
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
$sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = 'audit_windows.vbs' AND `based_on` = 'audit_windows.vbs' ORDER BY `id` LIMIT 1";
$query = $this->db->query($sql);
$result = $query->result();
if (!empty($result[0])) {
$script_details = $result[0];
# Just ensure we delete any audit scripts that might exist.
# Shouldn't be required because we're creating based on the timestamp
# Then open the file for writing
$ts = date('y_m_d_H_i_s');
if (php_uname('s') == 'Windows NT') {
$source_name = 'scripts\\audit_windows_' . $ts . '.vbs';
@unlink($this->config->config['base_path'] . '\\other\\' . $source_name);
try {
$fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
} else {
$source_name = 'scripts/audit_windows_' . $ts . '.vbs';
@unlink($this->config->config['base_path'] . '/other/' . $source_name);
try {
$fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
}
$script = $this->m_scripts->download($script_details->id);
fwrite($fp, $script);
fclose($fp);
} else {
$source_name = 'audit_windows.vbs';
}
if (php_uname('s') != 'Windows NT') {
$source = $this->config->config['base_path'] . '/other/' . $source_name;
$command = "cscript c:\\windows\\audit_windows.vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " last_seen_by=audit_wmi";
if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) {
if (execute_windows($details->ip, $credentials_windows, $command, $display)) {
# All complete!
} else {
# run audit script failed
}
} else {
# copy audit script to Windows failed
}
if ($source_name != 'audit_windows.vbs') {
unlink($this->config->config['base_path'] . '/other/' . $source_name);
}
} else {
#if (strtolower($_SERVER['USERPROFILE']) == 'c:\windows\system32\config\systemprofile') {
if (exec('whoami') == 'nt authority\\system') {
# We're running on the LocalSystem account.
# We cannot copy the audit script to the target and then run it,
# We _must_ run the script locally and use $details->ip as the script target
# We will loose the ability to retrieve certain items like files, netstat, tasks, etc
$log_details->message = "Windows audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$username = $credentials_windows->credentials->username;
$temp = explode('@', $username);
$username = $temp[0];
if (count($temp) > 1) {
$domain = $temp[1] . '\\';
} else {
$domain = '';
}
unset($temp);
if ($display == 'y') {
$script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=3 system_id=" . $details->id . " last_seen_by=audit_wmi";
$command_string = "%comspec% /c start /b cscript //nologo " . $script_string;
exec($command_string, $output, $return_var);
$command_string = str_replace($credentials_windows->credentials->password, '******', $command_string);
echo 'DEBUG - Command Executed: ' . $command_string . "\n";
echo 'DEBUG - Return Value: ' . $return_var . "\n";
echo "DEBUG - Command Output:\n";
print_r($output);
if ($return_var != '0') {
$error = "Attempt to run audit_windows.vbs on {$details->ip} has failed";
$log_details->message = $error;
stdlog($log_details);
} else {
$log_details->message = "Attempt to run audit_windows.vbs on {$details->ip} has succeeded";
stdlog($log_details);
}
$output = null;
$return_var = null;
} else {
$script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=0 system_id=" . $details->id . " last_seen_by=audit_wmi";
$command_string = "%comspec% /c start /b cscript //nologo " . $script_string . " &";
pclose(popen($command_string, "r"));
}
$command_string = null;
if ($source_name != 'audit_windows.vbs') {
unlink($this->config->config['base_path'] . '/other/' . $source_name);
}
} else {
# We are running as something other than the LocalSystem account.
# Therefore we _should_ be able to copy the audit script to tthe target and start it there
# and therefore retrieve ALL information
$source = $this->config->config['base_path'] . '\\other\\' . $source_name;
rename($source, 'c:\\windows\\audit_windows_' . $ts . '.vbs');
$source = 'audit_windows_' . $ts . '.vbs';
$command = "cscript \\\\" . $details->ip . "\\admin\$\\audit_windows_" . $ts . ".vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " self_delete=y last_seen_by=audit_wmi";
if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) {
if (execute_windows($details->ip, $credentials_windows, $command, $display)) {
# All complete!
} else {
# run audit script failed
}
} else {
# copy audit script to Windows failed
}
if ($source_name != 'audit_windows.vbs') {
unlink('c:\\windows\\audit_windows_' . $ts . '.vbs');
}
}
}
}
# Audit SSH
if ($details->ssh_status == "true" and $details->os_family != 'DD-WRT' and $credentials_ssh) {
$log_details->message = "Starting ssh audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
// $command = 'uname';
// $ssh_result = ssh_command($details->ip, $credentials_ssh, $command, $display);
// if ($ssh_result['status'] == 0) {
// $remote_os = $ssh_result['output'][0];
// }
// switch (strtolower($remote_os)) {
switch (strtolower($details->os_group)) {
case 'aix':
$audit_script = 'audit_aix.sh';
break;
case 'vmkernel':
$audit_script = 'audit_esxi.sh';
break;
case 'linux':
$audit_script = 'audit_linux.sh';
break;
case 'darwin':
$audit_script = 'audit_osx.sh';
break;
case 'windows':
$audit_script = '';
break;
default:
$audit_script = '';
break;
}
$destination = $audit_script;
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
$sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = '{$audit_script}' AND `based_on` = '{$audit_script}' ORDER BY `id` LIMIT 1";
$query = $this->db->query($sql);
$result = $query->result();
if (!empty($result[0])) {
$script_details = $result[0];
# Just ensure we delete any audit scripts that might exist.
# Shouldn't be required because we're creating based on the timestamp
# Then open the file for writing
$ts = date('y_m_d_H_i_s');
if (php_uname('s') == 'Windows NT') {
$source_name = 'scripts\\' . str_replace('.sh', '_' . $ts . '.sh', $audit_script);
$unlink = $this->config->config['base_path'] . '\\other\\' . $source_name;
@unlink($unlink);
$fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w');
} else {
$source_name = 'scripts/' . str_replace('.sh', '_' . $ts . '.sh', $audit_script);
$unlink = $this->config->config['base_path'] . '/other/' . $source_name;
@unlink($unlink);
try {
$fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
}
$script = $this->m_scripts->download($script_details->id);
fwrite($fp, $script);
fclose($fp);
} else {
$unlink = '';
$source_name = $audit_script;
}
unset($temp);
if ($audit_script != '') {
# copy the audit script to the target ip
if (php_uname('s') == 'Windows NT') {
$source = $filepath . '\\' . $source_name;
} else {
$source = $filepath . '/' . $source_name;
}
$destination = $this->config->item('discovery_linux_script_directory');
if (substr($destination, -1) != '/') {
$destination .= '/';
}
$destination .= $audit_script;
if ($ssh_result = scp($details->ip, $credentials_ssh, $source, $destination, $display)) {
# Successfully copied the audit script
$command = 'chmod ' . $this->config->item('discovery_linux_script_permissions') . ' ' . $destination;
$temp = ssh_command($details->ip, $credentials_ssh, $command, $display);
}
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
}
# audit anything that's not ESX
if ($audit_script != 'audit_esxi.sh' and $audit_script != '') {
# successfully copied and chmodded the audit script
if (!empty($credentials_ssh->sudo)) {
# run the audit script as a normal user, using sudo
$command = 'echo "' . $credentials_ssh->credentials->password . '" | ' . $credentials_ssh->sudo . ' -S ' . $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh';
} else {
# run the script without using sudo
$command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh';
}
$result = ssh_command($details->ip, $credentials_ssh, $command, $display);
if ($unlink != '') {
unlink($unlink);
}
}
# audit ESX
if ($audit_script == 'audit_esxi.sh') {
$command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y last_seen_by=audit_ssh create_file=n debugging=0 echo_output=y system_id=' . $details->id . ' 2>/dev/null';
if ($result = ssh_command($details->ip, $credentials_ssh, $command, $display)) {
if ($result['status'] == 0) {
$script_result = '';
foreach ($result['output'] as $line) {
$script_result .= $line . "\n";
}
$script_result = preg_replace('/\\s+/', ' ', $script_result);
$script_result = str_replace("> <", "><", $script_result);
$esx_input = trim($script_result);
try {
$esx_xml = new SimpleXMLElement($esx_input);
} catch (Exception $error) {
// not a valid XML string
$log_details->message = 'Invalid XML input for ESX audit script';
stdlog($log_details);
exit;
}
$count = 0;
foreach ($esx_xml->children() as $child) {
if ($child->getName() === 'sys') {
$esx_details = (object) $esx_xml->sys;
if (!isset($esx_details->ip) or $esx_details->ip == '') {
$esx_details->ip = $details->ip;
}
$esx_details->system_id = $this->m_system->find_system($esx_details, $display);
$esx_details->last_seen = $details->last_seen;
if (isset($esx_details->system_id) and $esx_details->system_id != '') {
// we have an existing device
$esx_details->original_last_seen_by = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen_by');
$esx_details->original_last_seen = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen');
$this->m_system->update_system($esx_details);
$log_details->message = "ESX update for {$esx_details->ip} (System ID {$esx_details->system_id})";
stdlog($log_details);
} else {
// we have a new system
$esx_details->system_id = $this->m_system->insert_system($esx_details);
$log_details->message = "ESX insert for {$esx_details->ip} (System ID {$esx_details->system_id})";
stdlog($log_details);
}
if (!isset($esx_details->audits_ip)) {
$esx_details->audits_ip = $details->audits_ip;
}
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($esx_details->system_id, $temp_user, $esx_details->last_seen_by, $esx_details->audits_ip, '', '', $esx_details->last_seen);
unset($temp_user);
}
}
$this->m_devices_components->process_component('network', $esx_details, $esx_xml->network, $display);
$this->m_devices_components->process_component('software', $esx_details, $esx_xml->software, $display);
$this->m_devices_components->process_component('processor', $esx_details, $esx_xml->processor, $display);
$this->m_devices_components->process_component('bios', $esx_details, $esx_xml->bios, $display);
$this->m_devices_components->process_component('memory', $esx_details, $esx_xml->memory, $display);
$this->m_devices_components->process_component('motherboard', $esx_details, $esx_xml->motherboard, $display);
$this->m_devices_components->process_component('video', $esx_details, $esx_xml->video, $display);
$this->m_devices_components->process_component('vm', $esx_details, $esx_xml->vm, $display);
$this->m_devices_components->process_component('ip', $esx_details, $esx_xml->ip, $display);
}
}
}
$log_details->message = "Completed processing {$details->ip} (System ID {$details->id})";
stdlog($log_details);
}
// close the 'skip'
}
// close the device / complete switch
unset($details);
}
// close for each device in XML
}
// close for form submission
}
// close function
}
