function network_list($conn, $page, $search) { $filters = array(); $filters['limit'] = get_query_limits($page); if ($search != '') { $search = utf8_decode($search); $search = escape_sql($search, $conn); $filters['where'] = " name LIKE '%{$search}%' OR ips LIKE '%{$search}%'"; } $filters['order_by'] = 'name ASC'; try { list($nets, $total) = Asset_net::get_list($conn, '', $filters, TRUE); } catch (Exception $e) { $return['error'] = TRUE; $return['msg'] = $e->getMessage(); return $return; } //If we have at least one element... if ($total > 0) { //Getting the nets already selected in the filter. $selected = get_selected_values(7); } $list = array(); //Going through the list to format the elements properly: foreach ($nets as $id => $net) { $_chk = $selected[$id] != '' ? TRUE : FALSE; $_net = array('id' => $id, 'name' => $net['name'], 'extra' => $net['ips'], 'checked' => $_chk); $list[$id] = $_net; } $data['total'] = intval($total); $data['list'] = $list; $return['error'] = FALSE; $return['data'] = $data; return $return; }
function get_network_info($conn, $net_id) { $net = Asset_net::get_object($conn, $net_id); //Asset IPs $cidrs = $net->get_ips('array'); //Asset Sensors $net_sensors = $net->get_sensors(); $sensors = $net_sensors->get_sensors(); $data = array('id' => $net_id, 'name' => $net->get_name(), 'owner' => $net->get_owner(), 'descr' => html_entity_decode($net->get_descr(), ENT_QUOTES, 'UTF-8'), 'cidrs' => $cidrs, 'asset_value' => $net->get_asset_value(), 'icon' => base64_encode($net->get_icon()), 'sensors' => $sensors); return $data; }
function get_network_status($conn, $data) { $id = $data['id']; $location = $data['location']; ossim_valid($id, OSS_HEX, 'illegal:' . _("Network ID")); ossim_valid($location, OSS_HEX, 'illegal:' . _("Location ID")); if (ossim_error()) { $info_error = "Error: " . ossim_get_error(); ossim_clean_error(); $return['error'] = true; $return['msg'] = $info_error; return $return; } //aux variables $answ['0'] = 'error'; $answ['1'] = 'ok'; $answ['2'] = 'info'; $types = array('ids', 'vulns', 'passive', 'active', 'netflow'); //net info $net = Asset_net::get_object($conn, $id); if ($net != NULL) { $cidr = $net->get_ips(); $data['net_name'] = $net->get_name() . " (" . $cidr . ")"; $data['net_owner'] = Session::get_entity_name($conn, $net->get_ctx(), true); $data['net_descr'] = $net->get_descr(); } else { $data['net_name'] = _('Unknown'); $data['net_owner'] = _('Unknown'); $data['net_descr'] = _('Unknown'); } $checks = Locations::get_location_checks($conn, $location); foreach ($types as $t_pos => $t) { if (strlen($checks) == 5 && $checks[$t_pos] == 0) { $data[$t] = 'info'; } else { $options = array("type" => $t, "percent" => false, "network" => $id); $var = get_network_visibility($conn, $options); $data[$t] = $answ[$var]; } } $options = array("type" => 'asset_network', "network" => $id); $data['net_devices'] = get_asset_visibility($conn, $options); $options = array("type" => 'asset_server', "network" => $id); $data['servers'] = get_asset_visibility($conn, $options); $return['error'] = false; $return['data'] = $data; return $return; }
function modify_scan_networks($conn, $wizard, $data) { $step = intval($wizard->get_step_data('scan_step')); if ($step == 1 || $step == 2) { $response['error'] = TRUE; $response['msg'] = _('There is a Asset scan running, you have to wait until it completes.'); return $response; } $ids = array_keys($data['nets']); ossim_valid($ids, OSS_HEX, 'illegal:' . _("Network ID")); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); return $response; } $nets = array(); $ip_count = 0; foreach ($ids as $id) { $cidrs = Asset_net::get_ips_by_id($conn, $id); $cidrs = preg_replace('/\\s*,\\s*/', ' ', $cidrs); $nets[$id] = trim($cidrs); $cidr_list = explode(' ', $cidrs); foreach ($cidr_list as $cidr) { list($dir, $mask) = explode('/', $cidr); if ($mask > 0 && $mask <= 32) { $ip_count += 1 << 32 - $mask; } } } $wizard->clean_step_data(); $wizard->set_step_data('scan_step', 0); $wizard->set_step_data('scan_nets', $nets); $wizard->set_step_data('scan_ips_count', $ip_count); $wizard->save_status(); $response['error'] = FALSE; $response['data']['total'] = Util::number_format_locale($ip_count); return $response; }
$net_id = $host_id = ''; if (!empty($asset_id)) { if (preg_match("/\\//", $ip_cidr)) { if (Asset_net::is_in_db($conn, $asset_id) === TRUE) { $net_id = $asset_id; } } else { if (Asset_host::is_in_db($conn, $asset_id) === TRUE) { $host_id = $asset_id; } } } if (!empty($net_id)) { // Net with ID $total_host += Util::host_in_net($ip_cidr); $name = Asset_net::get_name_by_id($conn, $net_id); $perm = Session::netAllowed($conn, $net_id); if (count($sensors) == 0) { $sensors = array_keys(Asset_net_sensors::get_sensors_by_id($conn, $net_id)); } } else { if (!empty($host_id)) { // Host with ID $total_host++; $name = Asset_host::get_name_by_id($conn, $host_id); $perm = $unresolved ? TRUE : Session::hostAllowed($conn, $host_id); if (count($sensors) == 0) { $sensors = array_keys(Asset_host_sensors::get_sensors_by_id($conn, $host_id)); } } else { if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2}?\$/", $ip_cidr)) {
echo $mode == 'insert' ? _('Inserting hosts from network') : _('Searching hosts from network'); ?> "; parent.$("#ptext").html(n_msg + "<?php echo ' <strong>' . $net['name'] . '</strong>'; ?> "); </script> <?php $cidrs = explode(',', $net['ips']); $net_ctx = $net['ctx']; $query = "SELECT DISTINCT INET6_NTOP(ip_src) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id\n FROM acid_event, device \n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_src >= INET6_PTON(?) AND ip_src <= INET6_PTON(?) AND ctx = UNHEX(?) AND src_host is NULL\n UNION\n SELECT DISTINCT INET6_NTOP(ip_dst) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id \n FROM acid_event, device\n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_dst >= INET6_PTON(?) AND ip_dst <= INET6_PTON(?) AND ctx = UNHEX(?) AND dst_host is NULL"; foreach ($cidrs as $cidr) { $range = Asset_net::expand_cidr($cidr, 'SHORT', 'IP'); $conn_snort = $db->snort_connect(); $params = array($range[$cidr][0], $range[$cidr][1], $net_ctx, $range[$cidr][0], $range[$cidr][1], $net_ctx); //error_log($cidr."\n".$rs->sql."\n\n", 3, '/tmp/siem_host.txt'); $rs = $conn_snort->Execute($query, $params); if (!$rs) { ?> <script type="text/javascript"> parent.show_error("<?php echo $conn_snort->ErrorMsg(); ?> "); </script> <?php exit;
$source = "<img src='../pixmaps/theme/host.png' align=absbottom />" . _('ANY'); } $xml .= "<cell><![CDATA[" . $source . "]]></cell>"; // $dest = ""; if ($dest_host_list = $policy->get_hosts($conn, 'dest')) { foreach ($dest_host_list as $dest_host) { if (!check_any($dest_host->get_host_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/host.png' align=absbottom /> " . Asset_host::get_name_by_id($conn, $dest_host->get_host_id()); } } } if ($dest_net_list = $policy->get_nets($conn, 'dest')) { foreach ($dest_net_list as $dest_net) { if (!check_any($dest_net->get_net_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net.png' align=absbottom /> " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id()); } } } if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) { foreach ($dest_host_list as $dest_host_group) { if (!check_any($dest_host_group->get_host_group_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/host_group.png' align=absbottom /> " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id()); } } } if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) { foreach ($dest_net_list as $dest_net_group) { if (!check_any($dest_net_group->get_net_group_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net_group.png' align=absbottom /> " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id()); }
function get_indicator_asset_name($conn, $type, $asset_id) { $name = ''; switch ($type) { case 'host': $name = Asset_host::get_name_by_id($conn, $asset_id); break; case 'net': $name = Asset_net::get_name_by_id($conn, $asset_id); break; case 'hostgroup': case 'host_group': $name = Asset_group::get_name_by_id($conn, $asset_id); break; case 'net_group': case 'netgroup': $name = Net_group::get_name_by_id($conn, $asset_id); break; case 'sensor': $name = Av_sensor::get_name_by_id($conn, $asset_id); break; } $name = empty($name) ? _('Unknown') : $name; return $name; }
$sources['netgroup_' . $source_net_group->get_net_group_id()] = check_any($source_net_group->get_net_group_id()) ? _("ANY") : _("NETWORK_GROUP") . ": " . Net_group::get_name_by_id($conn, $source_net_group->get_net_group_id()); } } //DESTINY if ($dest_host_list = $policy->get_hosts($conn, 'dest')) { foreach ($dest_host_list as $dest_host) { if (check_any($dest_host->get_host_id())) { $dests[$dest_host->get_host_id()] = _("ANY"); } else { $dests['host_' . $dest_host->get_host_id()] = _("HOST") . ": " . Asset_host::get_name_by_id($conn, $dest_host->get_host_id()); } } } if ($dest_net_list = $policy->get_nets($conn, 'dest')) { foreach ($dest_net_list as $dest_net) { $dests['net_' . $dest_net->get_net_id()] = check_any($dest_net->get_net_id()) ? _("ANY") : _("NETWORK") . ": " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id()); } } if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) { foreach ($dest_host_list as $dest_host_group) { $dests['hostgroup_' . $dest_host_group->get_host_group_id()] = check_any($dest_host_group->get_host_group_id()) ? _("ANY") : _("HOST_GROUP") . ": " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id()); } } if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) { foreach ($dest_net_list as $dest_net_group) { $dests['netgroup_' . $dest_net_group->get_net_group_id()] = check_any($dest_net_group->get_net_group_id()) ? _("ANY") : _("NETWORK_GROUP") . ": " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id()); } } //PORTS //source if ($port_list = $policy->get_ports($conn, 'source')) {
Session::logcheck('environment-menu', 'PolicyNetworks'); //Export all nets if (isset($_GET['get_data'])) { //Setting up a high time limit. $db = new ossim_db(); $conn = $db->connect(); //Setting up the file name with the nets info $file = uniqid('/tmp/export_all_net_' . date('Ymd_H-i-s') . '_'); $_SESSION['_csv_file_nets'] = $file; session_write_close(); //Export a filtered list $filters = array(); $session = session_id(); $tables = ', user_component_filter f'; $filters = array('where' => "f.asset_id=net.id AND f.asset_type='network' AND f.session_id = '{$session}'", 'order_by' => 'net.name ASC'); $_net_list = Asset_net::get_list($conn, $tables, $filters); $n_data = array(); foreach ($_net_list[0] as $net) { $descr = $net['descr']; $n_data[] = '"' . $net['name'] . '";"' . $net['ips'] . '";"' . $descr . '";"' . $net['asset_value'] . '";"' . $net['id'] . '"'; } $csv_data = implode("\r\n", $n_data); file_put_contents($file, $csv_data); exit; } elseif (isset($_GET['download_data'])) { $output_name = _('Networks') . '__' . gmdate('Y-m-d', time()) . '.csv'; //Retrieving the file name $file = $_SESSION['_csv_file_nets']; unset($_SESSION['_csv_file_nets']); $csv_data = '"Netname";"CIDRs";"Description";"Asset Value";"Net ID"' . "\r\n"; if (file_exists($file)) {
function get_targets($conn, $ip_list) { $result = array(); if (!empty($ip_list)) { if (is_array($ip_list) == FALSE) { $ip_list = explode("\n", trim($ip_list)); } foreach ($ip_list as $asset) { $asset = trim($asset); if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2})$/i', $asset, $found)) { $_asset_name = Asset_net::is_in_db($conn, $found[1]) ? Asset_net::get_name_by_id($conn, $found[1]) : $found[2]; $result[$asset] = $_asset_name; } else { if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})$/i', $asset, $found)) { $_asset_name = Asset_host::is_in_db($conn, $found[1]) ? Asset_host::get_name_by_id($conn, $found[1]) : $found[2]; $result[$asset] = $_asset_name; } else { if (preg_match('/^([a-f\\d]{32})#hostgroup$/i', $asset, $found)) { $result[$asset] = Asset_group::get_name_by_id($conn, $found[1]); } else { if (preg_match('/^([a-f\\d]{32})#netgroup$/i', $asset, $found)) { $result[$asset] = Net_group::get_name_by_id($conn, $found[1]); } else { $result[$asset] = $asset; } } } } } } return $result; }
//Config File require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyNetworks'); //Validate Form token $token = POST('token'); if (Token::verify('tk_delete_network_bulk', $token) == FALSE) { $error = Token::create_error_message(); Util::response_bad_request($error); } session_write_close(); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); try { $perm_add = Session::can_i_create_assets(); if (!$perm_add) { $error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions'); Util::response_bad_request($error); } $app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM'; $num_assets = Filter_list::get_total_selection($conn, 'network'); //Delete all filtered nets Asset_net::bulk_delete($conn); $data['status'] = 'OK'; $data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name); } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } $db->close(); echo json_encode($data);
"type": "POST", "url": sSource, "data": aoData, "beforeSend": function() { datatables_loading(true); }, "success": function (json) { datatables_loading(false); <?php // Modify the 'Delete' button status // This option will be disable if the user has host or net permissions $host_perm_where = Asset_host::get_perms_where(); $net_perm_where = Asset_net::get_perms_where(); if (empty($host_perm_where) && empty($net_perm_where)) { ?> if (json.iTotalDisplayRecords > 0) { $('#delete_all').removeClass('disabled'); } else { $('#delete_all').addClass('disabled'); } <?php } ?>
require_once 'av_init.php'; $option = $argv[1]; $asset = $argv[2]; $result = ''; $db = new ossim_db(); $dbconn = $db->connect(); $_SESSION['_user'] = '******'; switch ($option) { case 'get_ctx': if (preg_match("/^([a-f\\d]{32})#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\$/i", $asset, $found)) { // host_id#IP $result = Asset_host::get_ctx_by_id($dbconn, $found[1]); } else { if (preg_match("/^([a-f\\d]{32})#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2}\$/i", $asset, $found)) { // net_id#CIDR $result = Asset_net::get_ctx_by_id($dbconn, $found[1]); } else { $filters = array('where' => 'hostname = "' . $asset . '" OR fqdns LIKE "%' . $asset . '%"'); $_hosts_data = Asset_host::get_basic_list($dbconn, $filters); $hosts_list = $_hosts_data[1]; $total = count($hosts_list); if ($total > 0) { $host_id = key($hosts_list); $result = $hosts_list[$host_id]['ctx']; } else { $result = ''; } } } break; case 'get_sensor_ip':
} else { $dbo->enable_cache(); $conn = $dbo->connect(); } include_once "{$BASE_path}/base_common.php"; $sensors = $hosts = $ossim_servers = array(); $sensors = Av_sensor::get_basic_list($conn, array(), TRUE); list($hosts, $host_ids) = Asset_host::get_basic_list($conn, array(), TRUE); $entities = Session::get_all_entities($conn); $rep_activities = Reputation::get_reputation_activities($conn, "ORDER BY descr", $db_memcache); $rep_severities = array("ANY", "High", "Medium", "Low"); // // added default home host/lan to SESSION[ip_addr] // if ($_GET["addhomeips"] == "src" || $_GET["addhomeips"] == "dst") { $_nets = Asset_net::get_all($conn, TRUE); // adding all not external lans $local_ips = array(); $total_ips = 0; foreach ($_nets as $current_net) { $cirds = explode(",", $current_net['ips']); foreach ($cirds as $cidr) { if (!$current_net['external'] && preg_match("/(.*)\\.(.*)\\.(.*)\\.(.*)\\/(.*)/", $cidr, $fields)) { $local_ips[] = array(" ", "ip_" . $_GET["addhomeips"], "=", $fields[1], $fields[2], $fields[3], $fields[4], $cidr, " ", "OR", $fields[5]); $total_ips++; } } } // adding rest of hosts foreach ($hosts as $current_ip => $_hips) { foreach ($_hips as $ctx => $_hdata) {
<?php //CSS Files $_files = array(array('src' => 'av_common.css', 'def_path' => TRUE)); Util::print_include_files($_files, 'css'); ?> </head> <body> <?php if ($data['status'] != 'error') { try { $db = new ossim_db(); $conn = $db->connect(); $is_in_db = Asset_net::is_in_db($conn, $id); $net = new Asset_net($id); if ($is_in_db == TRUE) { $can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $id); $can_i_create_assets = TRUE; $net->load_from_db($conn, $id); } else { $can_i_modify_ips = TRUE; $can_i_create_assets = Session::can_i_create_assets(); } if ($can_i_create_assets == TRUE) { $net->set_ctx($ctx); $net->set_name($name); if ($can_i_modify_ips == TRUE) { $net->set_ips($ips_string); } $net->set_descr($descr);
$sensor_id = POST('task_sensor'); $params = POST('task_params'); $frequency = POST('task_period'); $validation_errors = validate_form_fields('POST', $validate); //Extra validations if (empty($validation_errors)) { switch ($s_type) { case 'nmap': $db = new ossim_db(); $conn = $db->connect(); $params = POST('task_params'); $sensor_id = POST('task_sensor'); if (!Asset_net::is_cidr_in_my_nets($conn, $params)) { $validation_errors['task_params'] = sprintf(_("Error! The network %s is not allowed. Please check your network settings"), Util::htmlentities($params)); } else { if (!Asset_net::check_cidr_by_sensor($conn, $params, $sensor_id)) { $validation_errors['task_params'] = _("You can't scan the specified network using this sensor"); } } $db->close(); break; case 'wmi': $pattern = '/\\s*wmihost:(.*);wmiuser:(.*);wmipass:(.*)\\s*/'; preg_match($pattern, $params, $matches); $wmi_host = trim($matches[1]); $wmi_user = trim($matches[2]); $wmi_pass = trim($matches[3]); ossim_clean_error(); if (!ossim_valid($wmi_host, OSS_IP_ADDR, 'illegal:' . _('WMI Host'))) { ossim_clean_error(); ossim_valid($wmi_host, OSS_HOST_NAME, 'illegal:' . _('WMI Host'));
$_list_data = Asset_net::get_list($conn); $_net_aux = array_keys($_list_data[0]); foreach ($_net_aux as $n_id) { $assets_aux[] = Util::uuid_format($n_id); } $_POST["from_list"] = implode(",", $assets_aux); } if ((Session::get_host_where() != "" || Session::get_net_where() != "") && (POST('to') == "ANY" || POST('to_list') == "")) { $_POST["to"] = "LIST"; $assets_aux = array(); $_list_data = Asset_host::get_basic_list($conn); $_host_aux = array_keys($_list_data[1]); foreach ($_host_aux as $h_id) { $assets_aux[] = Util::uuid_format($h_id); } $_list_data = Asset_net::get_list($conn); $_net_aux = array_keys($_list_data[0]); foreach ($_net_aux as $n_id) { $assets_aux[] = Util::uuid_format($n_id); } $_POST["to_list"] = implode(",", $assets_aux); } if (POST("from") == "LIST") { $_POST["from"] = POST("from_list"); } if (POST("port_from") == "LIST") { $_POST["port_from"] = POST("port_from_list"); } if (POST("to") == "LIST") { $_POST["to"] = POST("to_list"); }
Session::logcheck("analysis-menu", "EventsForensics"); list($ip, $ctx, $net_id) = explode(";", GET('ip')); ossim_valid($ip, OSS_IP_ADDR_0, 'illegal:' . _('IP address')); ossim_valid($ctx, OSS_HEX, 'illegal:' . _('CTX')); ossim_valid($net_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Net Id')); if (ossim_error()) { die(ossim_error()); } $db = new ossim_db(TRUE); if (is_array($_SESSION['server']) && $_SESSION['server'][0] != '') { $conn = $db->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]); } else { $conn = $db->connect(); } $net = NULL; if ($net_id != '') { if ($net_obj = Asset_net::get_object($conn, $net_id)) { $net = array('name' => $net_obj->get_name(), 'ips' => $net_obj->get_ips(), 'icon' => $net_obj->get_html_icon()); } } else { $net = array_shift(Asset_host::get_closest_net($conn, $ip, $ctx)); if ($net['icon'] != '') { $net['icon'] = "<img class='asset_icon w16' src='data:image/png;base64," . base64_encode($net['icon']) . "'/>"; } } if (is_array($net) && !empty($net)) { echo $net['icon'] . "<strong>" . $net['name'] . "</strong> (" . $net['ips'] . ")"; } else { echo "<strong>{$ip}</strong> " . _("not found in home networks"); } $db->close();
function get_allowed_nets($conn, $tables = '', $filters = array()) { $filters['order'] = 'name ASC'; $_net_list = Asset_net::get_list($conn, $tables, $filters); $nets = $_net_list[0]; return $nets; }
$response['aaData'] = array(); $response['iDisplayStart'] = 0; echo json_encode($response); die; } $detail = "<img class='detail_img' src='" . AV_PIXMAPS_DIR . "/show_details.png'/>"; $results = array(); foreach ($nets as $_id => $net_data) { // Alarms $alarms = Asset_net::has_alarms($conn, $_id); $alarms_icon = $alarms ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Vulns $vulns = Asset_net::get_vulnerability_number($conn, $_id); $vulns_icon = $vulns > 0 ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Events $events = Asset_net::has_events($conn, $_id); $events_icon = $events ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Sensors $sensors = Asset_net_sensors::get_sensors_by_id($conn, $_id); $sensors_string = ''; foreach ($sensors as $sensor_id => $sensor_data) { if ($sensors_string != '') { $sensors_string .= ', '; } $sensors_string .= $sensor_data['name']; } // COLUMNS $_res = array(); $_res['DT_RowId'] = $_id; $_res[] = $net_data['name']; $_res[] = Util::utf8_encode2($net_data['owner']);
if (ossim_error()) { die(ossim_error()); } $networks = array(); $descr = ''; if ($id != '') { if ($net_group_list = Net_group::get_list($conn, " g.id = UNHEX('{$id}')")) { $net_group = $net_group_list[0]; $ngname = $net_group->get_name(); $ctx = $net_group->get_ctx(); $descr = $net_group->get_descr(); $obj_networks = Net_group::get_networks($conn, $net_group->get_id()); foreach ($obj_networks as $net) { $net_id = $net->get_net_id(); $filters = array('where' => "id = UNHEX('" . $net_id . "')"); $_aux_net_list = Asset_net::get_list($conn, '', $filters); $networks[$net->get_net_id()] = $_aux_net_list[0][$net_id]; } $rrd_profile = $net_group->get_rrd_profile(); if (!$rrd_profile) { $rrd_profile = 'None'; } } } if (GET('id') != '' || GET('clone') == 1) { $action = 'modifynetgroup.php'; } else { $action = 'newnetgroup.php'; } $paths = Asset::get_path_url(FALSE); ?>
$ret = array(); $res = $conn->query("SELECT id,name,value FROM acl_perm WHERE type='MENU'"); while ($rw = $res->fetchRow()) { $ret[$rw['name']][$rw['value']] = $rw['id']; } return $ret; } ini_set("include_path", ".:/usr/share/ossim/include:/usr/share/phpgacl"); $force_gacl = true; require_once 'av_init.php'; $gacl = $GLOBALS['ACL']; /* connect to db */ $db = new ossim_db(); $conn = $db->connect(); try { $net_list = Asset_net::get_all($conn); $sensor_list = Av_sensor::get_all($conn); } catch (Exception $e) { print $e->getMessage(); exit; } $permids = get_permids($conn); $users = Session::get_list($conn); foreach ($users as $user) { $nets = ""; $sensors = ""; $perms = array(); $login = $user->get_login(); if ($user->get_is_admin() || $login == ACL_DEFAULT_OSSIM_ADMIN) { continue; }
$db = new ossim_db(); $conn = $db->connect(); $assets .= '<tr> <td style="text-align:left;width:25mm;font-size:10px;color:#535353;" valign="top">' . "Assets Selected:" . '</td> <td class="nobborder" style="padding-left:5px;font-size:10px" valign="top"> <table class="w100" cellpadding="0" cellspacing="0">'; if ($_SESSION['_user_vision']['host_where'] && !Session::only_ff_host()) { $_host_list = Asset_host::get_basic_list($conn); $hosts = $_host_list[1]; foreach ($hosts as $host) { $assets .= '<tr><td class="nobborder" style="text-align:left;" valign="top">' . _('Host') . ': ' . $host['name'] . ' [' . $host['ips'] . ']</td></tr>'; } } if ($_SESSION['_user_vision']['net_where'] && !Session::only_ff_net()) { $nets = Asset_net::get_list($conn); $_net_list = Asset_net::get_list($conn); $nets = $_net_list[0]; foreach ($nets as $net) { $assets .= '<tr><td class="nobborder" style="text-align:left;" valign="top">' . _('Net') . ': ' . $net['name'] . ' [' . $net['ips'] . ']</td></tr>'; } } $assets .= ' </table> </td> </tr>'; $db->close(); } else { $assets .= '<tr> <td style="text-align:left;width:25mm;font-size:10px;color:#535353;">' . _('Assets Selected:') . '</td> <td class="nobborder" style="padding-left:5px;text-align:left;font-size:10px" valign="top">' . _('All Assets') . '</td> </tr>'; }
?> </th> <td class="left nobborder"> <select id="toselect" name="toselect[]" size="12" multiple="multiple" style="width:150px"> <?php if ($rule->to != "ANY" && $rule->to != "" && !preg_match("/\\:...\\_IP/", $rule->to)) { $pre_list = explode(",", $rule->to); foreach ($pre_list as $list_element) { // Asset ID: Resolve by name if (preg_match("/(\\!)?([0-9A-Fa-f\\-]{36})/", $list_element, $found)) { $uuid_aux = str_replace("-", "", strtoupper($found[2])); $h_obj = Asset_host::get_object($conn, $uuid_aux); if ($h_obj != null) { echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $h_obj->get_name() . " (" . $h_obj->get_ips()->get_ips('string') . ")</option>\n"; } else { $n_obj = Asset_net::get_object($conn, $uuid_aux); if ($n_obj != null) { echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $n_obj->get_name() . " (" . $n_obj->get_ips() . ")</option>\n"; } } // Another one (HOME_NET, 12.12.12.12...) } else { echo "<option value='{$list_element}'>{$list_element}</option>\n"; } } } ?> </select> <input type="button" class="small" value=" [X] " onclick="deletefrom('toselect');"/> </td> </tr>
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck('configuration-menu', 'AlienVaultInventory'); $sensor_id = GET('sensor_id'); $data['status'] = 'error'; $data['data'] = ''; if (valid_hex32($sensor_id)) { $_networks = array(); $db = new ossim_db(); $conn = $db->connect(); $_nets = Asset_net::get_nets_by_sensor($conn, $sensor_id); $db->close(); foreach ($_nets as $_net) { $cidrs = explode(',', $_net['ips']); foreach ($cidrs as $cidr) { $_networks[] = array('txt' => trim($cidr) . ' [' . $_net['name'] . ']', 'id' => trim($cidr)); } } $data['status'] = 'OK'; $data['data'] = $_networks; } echo json_encode($data);
function main_page($viewall, $sortby, $sortdir) { global $uroles, $username, $dbconn, $hosts; global $arruser, $user; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $tz = Util::get_timezone(); if ($sortby == "") { $sortby = "id"; } if ($sortdir == "") { $sortdir = "DESC"; } $sql_order = "order by {$sortby} {$sortdir}"; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { ?> <div style="width:50%; position: relative; height: 5px; float:left"> <div style="width:100%; position: absolute; top: -41px;left:0px;"> <div style="float:left; height:28px; margin:5px 5px 0px 0px;"> <a class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?smethod=schedule&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> "> <?php echo _("New Scan Job"); ?> </a> </div> <div style="float:left;height:28px;margin:5px 5px 0px -2px;"> <a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php echo _("Import nbe file"); ?> "> <?php echo _("Import nbe file"); ?> </a> </div> </div> </div> <?php } if (intval($_GET['page']) != 0) { $page = intval($_GET['page']); } else { $page = 1; } $pagesize = 10; if ($username == "admin") { $query = "SELECT count(id) as num FROM vuln_jobs"; } else { $query = "SELECT count(id) as num FROM vuln_jobs where username='******'"; } $result = $dbconn->Execute($query); $jobCount = $result->fields["num"]; $num_pages = ceil($jobCount / $pagesize); //echo "num_pages:[".$num_pages."]"; //echo "jobCount:[".$jobCount."]"; //echo "page:[".$page."]"; if (Vulnerabilities::scanner_type() == "omp") { // We can display scan status with OMP protocol echo Vulnerabilities::get_omp_running_scans($dbconn); } else { // Nessus all_jobs(0, 10, "R"); } ?> <?php $schedulejobs = _("Scheduled Jobs"); echo <<<EOT <table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table> <table summary="Job Schedules" class='w100 table_list'> EOT; if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status"); // modified by hsh to return all scan schedules if (empty($arruser)) { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id "; } else { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) "; } $query .= $sql_order; $result = $dbconn->execute($query); if ($result->EOF) { echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>"; } if (!$result->EOF) { echo "<tr>"; foreach ($arr as $order_by => $value) { echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>"; } if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<th>" . _("Action") . "</th></tr>"; } } $colors = array("#FFFFFF", "#EEEEEE"); $color = 0; while (!$result->EOF) { list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields; $name = Av_sensor::get_name_by_id($dbconn, $servers); $servers = $name != '' ? $name : "unknown"; $targets_to_resolve = explode("\n", $targets); $ttargets = array(); foreach ($targets_to_resolve as $id_ip) { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")"; } else { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")"; } else { $ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip); } } } $targets = implode("<BR/>", $ttargets); $tz = intval($tz); $nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz); preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found); $time = $found[1]; switch ($schedtype) { case "N": $stt = _("Once (Now)"); break; case "O": $stt = _("Once"); break; case "D": $stt = _("Daily"); break; case "W": $stt = _("Weekly"); break; case "M": $stt = _("Monthly"); break; case "Q": $stt = _("Quarterly"); break; case "H": $stt = _("On Hold"); break; case "NW": $stt = _("N<sup>th</sup> weekday of the month"); break; default: $stt = " "; break; } switch ($schedstatus) { case "1": $itext = _("Disable Scheduled Job"); $isrc = "images/stop_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0"; break; default: $itext = _("Enable Scheduled Job"); $isrc = "images/play_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1"; break; } if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { $ilink = "javascript:return false;"; } if ($schedstatus) { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>"; } else { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>"; } require_once 'classes/Security.inc'; if (valid_hex32($user)) { $user = Session::get_entity_name($dbconn, $user); } echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">"; if ($profile == "") { $profile = _("Default"); } echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>"; ?> <td><?php echo $stt; ?> </td> <td><?php echo $time; ?> </td> <td><?php echo $nextscan; ?> </td> <?php echo <<<EOT {$txt_enabled} <td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a> EOT; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?disp=edit_sched&sched_id=' . $schedid, 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a> "; echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>"; } echo "</td>"; echo <<<EOT </tr> EOT; $result->MoveNext(); $color++; } echo <<<EOT </table> EOT; ?> <br /> <?php $out = all_jobs(($page - 1) * $pagesize, $pagesize); ?> <table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0"> <tr> <td class="nobborder" valign="top" style="padding-top:5px;"> <div class="fright"> <?php if ($out != 0 && $num_pages != 1) { $page_url = "manage_jobs.php"; if ($page == 1 && $page == $num_pages) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } elseif ($page == 1) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a> '; } elseif ($page == $num_pages) { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } else { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>'; } } ?> </div> </td> </tr> </table> <?php }
if (!isset($_POST['ajax_validation_all']) || POST('ajax_validation_all') == FALSE) { if (!Token::verify('tk_form_task', REQUEST('token'))) { Token::show_error(); exit; } } } $validation_errors = validate_form_fields('POST', $validate); if (empty($validation_errors['task_params'])) { if ($_SESSION['av_inventory_type'] == 'nmap') { $task_params = POST('task_params'); $task_sensor = POST('task_sensor'); if (!Asset_net::is_cidr_in_my_nets($conn, $task_params)) { $validation_errors['task_params'] = _('Network not allowed') . '. Check your asset filter. <br/>' . _('Entered value') . ": <strong>'" . Util::htmlentities($task_params) . "</strong>'"; } else { if (!Asset_net::check_cidr_by_sensor($conn, $task_params, $task_sensor)) { $validation_errors['task_params'] = _("You can't scan the specified network using this sensor"); } } } elseif ($_SESSION['av_inventory_type'] == 'wmi') { //Format example: wmihost:ip_address;wmiuser:user;wmipass:pass $task_params = POST('task_params'); $pattern = '/\\s*wmihost:(.*);wmiuser:(.*);wmipass:(.*)\\s*/'; preg_match($pattern, $task_params, $matches); $wmi_host = trim($matches[1]); $wmi_user = trim($matches[2]); $wmi_pass = trim($matches[3]); ossim_clean_error(); if (!ossim_valid($wmi_host, OSS_IP_ADDR, 'illegal:' . _('WMI Credentials'))) { ossim_clean_error(); ossim_valid($wmi_host, OSS_HOST_NAME, 'illegal:' . _('WMI Credentials'));
function import_assets_from_csv($filename, $iic, $ctx, $import_type) { //Process status $summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array()); $db = new ossim_db(); $conn = $db->connect(); $str_data = file_get_contents($filename); if ($str_data === FALSE) { $summary['general']['status'] = 'error'; $summary['general']['data']['errors'] = _('Failed to read data from CSV file'); $summary['general']['statistics']['errors'] = 1; return $summary; } $array_data = preg_split('/\\n|\\r/', $str_data); foreach ($array_data as $k => $v) { if (trim($v) != '') { $data[] = explode('";"', trim($v)); } } set_time_limit(360); /********************************************************************************************************************* * From net section: * - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID" * - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"* * * From welcome wizard: * - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description" * *********************************************************************************************************************/ //Check file size if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('CSV file is empty'); $summary['general']['statistics']['errors'] = 1; return $summary; } //Check importation type and headers $csv_headers = array(); if ($import_type == 'networks') { if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) { $csv_headers = array_shift($data); } else { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('Headers not found'); $summary['general']['statistics']['errors'] = 1; return $summary; } } //Setting total nets to import $summary['general']['statistics']['total'] = count($data); //Allowed sensors $filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')"); $a_sensors = Av_sensor::get_basic_list($conn, $filters); $sensor_ids = array_keys($a_sensors); if (count($sensor_ids) == 0) { $summary['general']['status'] = 'error'; $s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net'); $summary['general']['data'] = $s_error_msg; $summary['general']['statistics']['errors'] = 1; return $summary; } Util::disable_perm_triggers($conn, TRUE); foreach ($data as $k => $v) { //Clean previous errors ossim_clean_error(); $num_line = $k + 1; //Set default status $summary['by_nets'][$num_line]['status'] = 'error'; //Check file format $cnd_1 = $import_type == 'networks' && count($v) < 5; $cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3; if ($cnd_1 || $cnd_2) { $summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect'); $summary['general']['statistics']['errors']++; continue; } //Clean values $param = array(); foreach ($v as $field) { $parameter = trim($field); $pattern = '/^\\"|\\"$|^\'|\'$/'; $param[] = preg_replace($pattern, '', $parameter); } //Values $is_in_db = FALSE; $net_id = ''; $name = $param[0]; $cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]); $descr = $param[2]; $asset_value = $param[3] == '' ? 2 : intval($param[3]); $sensors = $sensor_ids; //Permissions $can_i_create_assets = Session::can_i_create_assets(); $can_i_modify_ips = TRUE; //CIDRs if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) { $summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } //Check Net ID �Is there a net registered in the System? $net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx); $net_id = key($net_ids); if (!empty($net_id)) { $is_in_db = TRUE; } else { $net_id = Util::uuid(); } // Special case: Forced Net ID [Version 4.x.x] if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) { $csv_net_id = strtoupper($param[4]); if ($is_in_db == TRUE && $csv_net_id != $net_id) { $id_error_msg = _('Net is already registered in the System with another Net ID'); $summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg; $summary['general']['statistics']['errors']++; continue; } } //Netname if (!empty($iic)) { $name = clean_iic($name); } if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) { ossim_clean_error(); $name = clean_iic($name); $name = clean_echars($name); $warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>"; $summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg; $summary['by_nets'][$num_line]['status'] = 'warning'; $summary['general']['statistics']['warnings']++; if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) { unset($summary['by_nets'][$num_line]['warnings']); $summary['general']['statistics']['warnings']--; $summary['by_nets'][$num_line]['status'] = 'error'; $summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } } //Description if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) { $summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } else { if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') { $descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8'); } } //Sensor if ($is_in_db == FALSE) { //Only update net sensors with unregistered nets if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) { //Special case: Sensors in CSV file //[Version 3.x.x] $sensors = array(); $_sensors = explode(',', $param[4]); if (is_array($_sensors) && !empty($_sensors)) { $_sensors = array_flip($_sensors); if (is_array($a_sensors) && !empty($a_sensors)) { foreach ($a_sensors as $s_id => $s_data) { if (array_key_exists($s_data['ip'], $_sensors)) { $sensors[] = $s_id; } } } } if (!is_array($sensors) || empty($sensors)) { $s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP'); $summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg; $summary['general']['statistics']['errors']++; continue; } } } /*********************************************************** ********** Only for importation from net section ********** ***********************************************************/ if ($import_type == 'networks') { //Asset if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) { $summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } } //Insert/Update net in database if (count($summary['by_nets'][$num_line]['errors']) == 0) { try { $net = new Asset_net($net_id); if ($is_in_db == TRUE) { $net->load_from_db($conn, $net_id); $can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id); } else { if ($can_i_create_assets == FALSE) { $n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net"); $summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg; $summary['general']['statistics']['errors']++; continue; } } //Check CIDRs if ($can_i_modify_ips == TRUE) { $aux_cidr = explode(',', $cidrs); foreach ($aux_cidr as $cidr) { $net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx); unset($net_ids[$net_id]); if (!empty($net_ids)) { $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity"); $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg; $summary['general']['statistics']['errors']++; break; } else { if (Session::get_net_where() != '') { if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) { $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter"); $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg; $summary['general']['statistics']['errors']++; break; } } } } } else { $c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified"); $summary['by_nets'][$num_line]['status'] = 'warning'; $summary['general']['warnings']['errors']++; $summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg; } //Setting new values if (count($summary['by_nets'][$num_line]['errors']) == 0) { $net->set_ctx($ctx); $net->set_name($name); $net->set_descr($descr); if ($is_in_db == FALSE) { if ($can_i_modify_ips == TRUE) { $net->set_ips($cidrs); } $net->set_sensors($sensors); } $net->set_asset_value($asset_value); $net->save_in_db($conn, FALSE); $summary['general']['statistics']['saved']++; $summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted'); //Keep warnings if ($summary['by_nets'][$num_line]['status'] != 'warning') { $summary['by_nets'][$num_line]['status'] = 'success'; } } } catch (Exception $e) { $summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage(); $summary['general']['statistics']['errors']++; } } } if ($summary['general']['statistics']['saved'] > 0) { if ($summary['general']['statistics']['errors'] == 0) { $summary['general']['status'] = 'success'; $summary['general']['data'] = _('All nets have been imported successfully'); } else { $summary['general']['status'] = 'warning'; $summary['general']['data'] = _('Some nets could not be imported successfully'); } Util::disable_perm_triggers($conn, FALSE); try { Asset_net::report_changes($conn, 'nets'); } catch (Exception $e) { error_log($e->getMessage(), 0); } } else { $summary['general']['statistics']['errors'] = count($data); //CSV file is not empty, but all lines are wrong if (empty($summary['general']['status'])) { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('Nets could not be imported'); } } $db->close(); return $summary; }
$data['data'] = _('Net removed successfully'); } catch (Exception $e) { $data['status'] = 'error'; $data['data'] = _('Error! Net could not be removed'); } } break; case 'remove_icon': $validate = array('asset_id' => array('validation' => 'OSS_HEX', 'e_message' => 'illegal:' . _('Net ID'))); $net_id = POST('asset_id'); $validation_errors = validate_form_fields('POST', $validate); if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; $data['data'] = _('Error! Net ID not allowed. Icon could not be removed'); } else { try { $db = new ossim_db(); $conn = $db->connect(); Asset_net::delete_icon($conn, $net_id); $db->close(); $data['status'] = 'OK'; $data['data'] = _('Net icon removed successfully'); } catch (Exception $e) { $data['status'] = 'error'; $data['data'] = _('Error! Net icon could not be removed'); } } break; } echo json_encode($data); exit;