コード例 #1
0
ファイル: base_timeline.php プロジェクト: jhbsz/ossimTest
         $myrow_payload = $result2->baseFetchRow();
         $result2->baseFreeRows();
         $myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2);
         $current_sig = $current_sig . str_replace("Open Port", "", $myrow_payload);
     } else {
         if (stristr($current_sig_txt, "(portscan) TCP Portscan") || stristr($current_sig_txt, "(portscan) UDP Portscan")) {
             $sql2 = "SELECT data_payload FROM data WHERE sid='" . $myrow["sid"] . "' AND cid='" . $myrow["cid"] . "'";
             $result2 = $db->baseExecute($sql2);
             $myrow_payload = $result2->baseFetchRow();
             $result2->baseFreeRows();
             $myrow_payload = PrintCleanHexPacketPayload($myrow_payload[0], 2);
             $current_sig = $current_sig . stristr(stristr($myrow_payload, "Port/Proto Range"), ": ");
         }
     }
 }
 $rowid = $qs->GetCurrentView() * $show_rows + $i;
 $tmpsig = explode("##", $current_sig);
 if ($tmpsig[1] != "") {
     $antes = $tmpsig[0];
     $despues = $tmpsig[1];
 } else {
     $antes = "";
     $despues = $current_sig;
 }
 // 5- Source IP Address
 if ($current_sip32 != "") {
     $country = strtolower(geoip_country_code_by_addr($gi, $current_sip));
     $country_name = geoip_country_name_by_addr($gi, $current_sip);
     if ($country) {
         $country_img = " <img src=\"../pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">";
         $slnk = "<img src='../pixmaps/flags/" . $country . ".png' style='width:3mm'>";
コード例 #2
0
    $product_type = GetSourceType($myrow["product_type"], $db);
    $total_occurances = $myrow["events"];
    $temp = "SELECT acid_event.id,plugin_sid.name as sig_name,acid_event.timestamp FROM alienvault.plugin LEFT JOIN alienvault.product_type ON product_type.id=plugin.product_type, acid_event LEFT JOIN alienvault.plugin_sid ON plugin_sid.plugin_id=acid_event.plugin_id AND plugin_sid.sid=acid_event.plugin_sid WHERE acid_event.plugin_id=plugin.id AND product_type.id=" . $myrow["product_type"] . " ORDER BY timestamp DESC LIMIT 1";
    $result2 = $db->baseExecute($temp);
    $last = $result2->baseFetchRow();
    $result2->baseFreeRows();
    $last_signature = $last['sig_name'];
    if (empty($last_signature)) {
        $last_signature = _("Signame Unknown");
    }
    $sig_id = $last['id'];
    $timestamp = $last["timestamp"];
    if ($tz != 0) {
        $timestamp = gmdate("Y-m-d H:i:s", get_utc_unixtime($db, $timestamp) + 3600 * $tz);
    }
    $submit = "#" . ($qs->GetCurrentView() * $show_rows + $i) . "-" . $sig_id;
    $tmp_rowid = rawurlencode($sig_id);
    $urlp = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&sourcetype=" . urlencode($myrow["product_type"]);
    //$urlp = "base_stat_ptypes.php?sort=occur_d&sourcetype=".urlencode($myrow["product_type"]);
    qroPrintEntryHeader($i);
    qroPrintEntry('&nbsp;&nbsp<a href="' . $urlp . '">' . $product_type . '</a>', 'left', "", "nowrap");
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "");
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", "");
    qroPrintEntry("&nbsp<A HREF='{$urlp}'>" . $last_signature . "</a>", "left", "", "");
    qroPrintEntry($timestamp, "center", "", "nowrap");
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$dbo->close($_conn);
コード例 #3
0
ファイル: base_stat_plugins.php プロジェクト: jhbsz/ossimTest
 $bgcolor = $i % 2 == 0 ? "bgcolor='#FFFFFF'" : "bgcolor='#F2F2F2'";
 $max_cid = $myrow[0];
 $plugin_id = $myrow["plugin_id"];
 $timestamp = $myrow["timestamp"];
 if ($tz != 0) {
     $timestamp = gmdate("Y-m-d H:i:s", get_utc_unixtime($db, $timestamp) + 3600 * $tz);
 }
 $plugin_name = $myrow["name"];
 $total_occurances = $myrow["events"];
 $total_sensors = $myrow["sensors"];
 $temp = "SELECT acid_event.sid,acid_event.ip_src,acid_event.ip_dst,plugin_sid.name as sig_name FROM acid_event LEFT JOIN ossim.plugin_sid ON plugin_sid.plugin_id=acid_event.plugin_id AND plugin_sid.sid=acid_event.plugin_sid WHERE acid_event.plugin_id={$plugin_id} AND cid={$max_cid} LIMIT 1";
 $result2 = $db->baseExecute($temp);
 $last = $result2->baseFetchRow();
 $last_signature = $last['sig_name'];
 $sig_id = $last['sid'];
 $submit = "#" . ($qs->GetCurrentView() * $show_rows + $i) . "-(" . $sig_id . "-" . $max_cid . ")";
 $current_sip = long2ip($last['ip_src']);
 $current_dip = long2ip($last['ip_dst']);
 $homelan_sip = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $current_sip)) || in_array($current_sip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$current_sip}'><img src=\"" . Host::get_homelan_icon($current_sip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
 $homelan_dip = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $current_dip)) || in_array($current_dip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$current_dip}'><img src=\"" . Host::get_homelan_icon($current_dip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
 /* Print out (Colored Version) -- Alejandro */
 //qroPrintEntryHeader((($colored_alerts == 1) ? GetSignaturePriority($sig_id, $db) : $i) , $colored_alerts);
 $tmp_rowid = rawurlencode($sig_id);
 /*echo '  <TD nowrap '.$bgcolor.'>&nbsp;&nbsp;
                <INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">
                &nbsp;&nbsp;
            </TD>';
   echo '      <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';*/
 $urlp = "base_qry_main.php?search=1&sensor=&bsf=Query+DB&search_str=&sip=&ossim_risk_a=+&plugin={$plugin_id}";
 qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . $plugin_name . '</a>', 'left', "", "nowrap", $bgcolor);
 qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "", $bgcolor);