コード例 #1
0
ファイル: mobile_option.php プロジェクト: jackpf/ossim-arc
        										position: "ne", 
        										backgroundOpacity: 0.1
        									}
        								});
        						});
        					</script>
        
        			</table>
        		</td>
        	</tr>
        	</table>
        </td>
        </tr>
        </table>
        <?php 
} elseif ($screen == "unique_siem" && Session::menu_perms("analysis-menu", "EventsForensics")) {
    // SIEM Unique Events
    $topue = 25;
    ini_set("include_path", ".:/usr/share/ossim/include:/usr/share/ossim/www/report/os_reports");
    require_once "../report/os_reports/Various/general.php";
    $interval = 60 * 60 * 24 * $range;
    # 1 month
    $date_from = GET('date_from') != "" ? GET('date_from') : strftime("%Y-%m-%d", time() - $interval);
    $date_to = GET('date_to') != "" ? GET('date_to') : strftime("%Y-%m-%d", time());
    $data = siem_unique_events($date_from, $date_to, 15, array("assets" => array(), "sensors" => array()), array("orderby" => "eventsdesc"));
    ?>
        <script type="text/javascript" src="../js/jquery.sparkline.js"></script>
        <table cellpadding='0' cellspacing='0' border='0' align="center" width='100%'>
        <tr>
        <td class="canvas">
        	<table cellpadding='0' cellspacing='0' border='0' width='100%'>
コード例 #2
0
function main_page($viewall, $sortby, $sortdir)
{
    global $uroles, $username, $dbconn, $hosts;
    global $arruser, $user;
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $tz = Util::get_timezone();
    if ($sortby == "") {
        $sortby = "id";
    }
    if ($sortdir == "") {
        $sortdir = "DESC";
    }
    $sql_order = "order by {$sortby} {$sortdir}";
    if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
        ?>
		<div style="width:50%; position: relative; height: 5px; float:left">
			
			<div style="width:100%; position: absolute; top: -41px;left:0px;">
    			<div style="float:left; height:28px; margin:5px 5px 0px 0px;">
    				<a class="button" href="<?php 
        echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?smethod=schedule&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs');
        ?>
">
                            <?php 
        echo _("New Scan Job");
        ?>
    				</a>
    			</div>
    			
    			<div style="float:left;height:28px;margin:5px 5px 0px -2px;">
    				<a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php 
        echo _("Import nbe file");
        ?>
">
    				        <?php 
        echo _("Import nbe file");
        ?>
    				</a>
    			</div>
			</div>		
			
		</div>
		
		<?php 
    }
    if (intval($_GET['page']) != 0) {
        $page = intval($_GET['page']);
    } else {
        $page = 1;
    }
    $pagesize = 10;
    if ($username == "admin") {
        $query = "SELECT count(id) as num FROM vuln_jobs";
    } else {
        $query = "SELECT count(id) as num FROM vuln_jobs where username='******'";
    }
    $result = $dbconn->Execute($query);
    $jobCount = $result->fields["num"];
    $num_pages = ceil($jobCount / $pagesize);
    //echo "num_pages:[".$num_pages."]";
    //echo "jobCount:[".$jobCount."]";
    //echo "page:[".$page."]";
    if (Vulnerabilities::scanner_type() == "omp") {
        // We can display scan status with OMP protocol
        echo Vulnerabilities::get_omp_running_scans($dbconn);
    } else {
        // Nessus
        all_jobs(0, 10, "R");
    }
    ?>

<?php 
    $schedulejobs = _("Scheduled Jobs");
    echo <<<EOT

   <table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table>
   <table summary="Job Schedules" class='w100 table_list'>
EOT;
    if ($sortdir == "ASC") {
        $sortdir = "DESC";
    } else {
        $sortdir = "ASC";
    }
    $arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status");
    // modified by hsh to return all scan schedules
    if (empty($arruser)) {
        $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n              FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id ";
    } else {
        $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n              FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) ";
    }
    $query .= $sql_order;
    $result = $dbconn->execute($query);
    if ($result->EOF) {
        echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>";
    }
    if (!$result->EOF) {
        echo "<tr>";
        foreach ($arr as $order_by => $value) {
            echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>";
        }
        if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
            echo "<th>" . _("Action") . "</th></tr>";
        }
    }
    $colors = array("#FFFFFF", "#EEEEEE");
    $color = 0;
    while (!$result->EOF) {
        list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields;
        $name = Av_sensor::get_name_by_id($dbconn, $servers);
        $servers = $name != '' ? $name : "unknown";
        $targets_to_resolve = explode("\n", $targets);
        $ttargets = array();
        foreach ($targets_to_resolve as $id_ip) {
            if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) {
                $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")";
            } else {
                if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) {
                    $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")";
                } else {
                    $ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip);
                }
            }
        }
        $targets = implode("<BR/>", $ttargets);
        $tz = intval($tz);
        $nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz);
        preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found);
        $time = $found[1];
        switch ($schedtype) {
            case "N":
                $stt = _("Once (Now)");
                break;
            case "O":
                $stt = _("Once");
                break;
            case "D":
                $stt = _("Daily");
                break;
            case "W":
                $stt = _("Weekly");
                break;
            case "M":
                $stt = _("Monthly");
                break;
            case "Q":
                $stt = _("Quarterly");
                break;
            case "H":
                $stt = _("On Hold");
                break;
            case "NW":
                $stt = _("N<sup>th</sup> weekday of the month");
                break;
            default:
                $stt = "&nbsp;";
                break;
        }
        switch ($schedstatus) {
            case "1":
                $itext = _("Disable Scheduled Job");
                $isrc = "images/stop_task.png";
                $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0";
                break;
            default:
                $itext = _("Enable Scheduled Job");
                $isrc = "images/play_task.png";
                $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1";
                break;
        }
        if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
            $ilink = "javascript:return false;";
        }
        if ($schedstatus) {
            $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>";
        } else {
            $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>";
        }
        require_once 'classes/Security.inc';
        if (valid_hex32($user)) {
            $user = Session::get_entity_name($dbconn, $user);
        }
        echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">";
        if ($profile == "") {
            $profile = _("Default");
        }
        echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>";
        ?>
    <td><?php 
        echo $stt;
        ?>
</td>
    <td><?php 
        echo $time;
        ?>
</td>
    <td><?php 
        echo $nextscan;
        ?>
</td>
<?php 
        echo <<<EOT
    {$txt_enabled}
    <td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a>&nbsp;
EOT;
        if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
            echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?disp=edit_sched&sched_id=' . $schedid, 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a>&nbsp;";
            echo "<a href='manage_jobs.php?disp=delete&amp;schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>";
        }
        echo "</td>";
        echo <<<EOT
</tr>
EOT;
        $result->MoveNext();
        $color++;
    }
    echo <<<EOT
</table>
EOT;
    ?>
<br />
<?php 
    $out = all_jobs(($page - 1) * $pagesize, $pagesize);
    ?>
<table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0">
    <tr>
        <td class="nobborder" valign="top" style="padding-top:5px;">
            <div class="fright">
                <?php 
    if ($out != 0 && $num_pages != 1) {
        $page_url = "manage_jobs.php";
        if ($page == 1 && $page == $num_pages) {
            echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>';
            echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>';
        } elseif ($page == 1) {
            echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>';
            echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>&nbsp;';
        } elseif ($page == $num_pages) {
            echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a>';
            echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>';
        } else {
            echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>';
        }
    }
    ?>
            </div>
        </td>
    </tr>
    </table>
<?php 
}
コード例 #3
0
ファイル: event_trends.php プロジェクト: jhbsz/ossimTest
<?php

require_once 'classes/Session.inc';
require_once 'classes/Security.inc';
require_once 'classes/Util.inc';
require_once 'sensor_filter.php';
if ($_SESSION['menu_opc'] == 'Detection' && $_SESSION['menu_sopc'] == 'HIDS') {
    $m_perms = array("MenuEvents", "MenuEvents");
    $sm_perms = array("EventsHids", "EventsHidsConfig");
    if (!Session::menu_perms($m_perms, $sm_perms)) {
        Session::unallowed_section(null, 'noback', $m_perms[0], $sm_perms[0]);
    }
} else {
    if (!Session::menu_perms("MenuControlPanel", "ControlPanelExecutive")) {
        Session::unallowed_section(null, 'noback', "MenuControlPanel", "ControlPanelExecutive");
    }
}
session_write_close();
function SIEM_trends($h = 24)
{
    global $tz;
    $tzc = Util::get_tzc($tz);
    $data = array();
    require_once 'ossim_db.inc';
    $db = new ossim_db();
    $dbconn = $db->snort_connect();
    $sensor_where = make_sensor_filter($dbconn);
    $sqlgraph = "SELECT COUNT(acid_event.sid) as num_events, hour(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, day(convert_tz(timestamp,'+00:00','{$tzc}')) as suf FROM acid_event WHERE timestamp BETWEEN '" . gmdate("Y-m-d H:i:s", gmdate("U") - 3600 * $h) . "' AND '" . gmdate("Y-m-d H:i:s") . "' {$sensor_where} GROUP BY suf,intervalo";
    //print_r($sqlgraph);
    if (!($rg =& $dbconn->Execute($sqlgraph))) {
        print $dbconn->ErrorMsg();
コード例 #4
0
ファイル: os_report_common.php プロジェクト: jackpf/ossim-arc
function get_report_data($id = NULL)
{
    $conf = $GLOBALS['CONF'];
    $conf = !$conf ? new Ossim_conf() : $conf;
    $y = strftime('%Y', time() - 24 * 60 * 60 * 30);
    $m = strftime('%m', time() - 24 * 60 * 60 * 30);
    $d = strftime('%d', time() - 24 * 60 * 60 * 30);
    $reports['asset_report'] = array('report_name' => _('Asset Details'), 'report_id' => 'asset_report', 'type' => 'external', 'link_id' => 'link_ar_asset', 'link' => '', 'parameters' => array(array('name' => _('Host Name/IP/Network'), 'id' => 'ar_asset', 'type' => 'asset', 'default_value' => '')), 'access' => Session::menu_perms('environment-menu', 'PolicyHosts') || Session::menu_perms('environment-menu', 'PolicyNetworks'), 'send_by_email' => 0);
    $status_values = array('All' => array('text' => _('All')), 'Open' => array('text' => _('Open')), 'Assigned' => array('text' => _('Assigned')), 'Studying' => array('text' => _('Studying')), 'Waiting' => array('text' => _('Waiting')), 'Testing' => array('text' => _('Testing')), 'Closed' => array('text' => _('Closed')));
    $types_values = array('ALL' => array('text' => _('ALL')), 'Expansion Virus' => array('text' => _('Expansion Virus')), 'Corporative Nets Attack' => array('text' => _('Corporative Nets Attack')), 'Policy Violation' => array('text' => _('Policy Violation')), 'Security Weakness' => array('text' => _('Security Weakness')), 'Net Performance' => array('text' => _('Net Performance')), 'Applications and Systems Failures' => array('text' => _('Applications and Systems Failures')), 'Anomalies' => array('text' => _('Anomalies')), 'Vulnerability' => array('text' => _('Vulnerability')));
    $priority_values = array('High' => _('High'), 'Medium' => _('Medium'), 'Low' => _('Low'));
    $reports['tickets_report'] = array('report_name' => _('Tickets Report'), 'report_id' => 'tickets_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'alarm' => array('id' => 'alarm', 'name' => _('Alarm'), 'report_file' => 'os_reports/Tickets/Alarm.php'), 'event' => array('id' => 'event', 'name' => _('Event'), 'report_file' => 'os_reports/Tickets/Event.php'), 'anomaly' => array('id' => 'anomaly', 'name' => _('Anomaly'), 'report_file' => 'os_reports/Tickets/Anomaly.php'), 'vulnerability' => array('id' => 'vulnerability', 'name' => _('Vulnerability'), 'report_file' => 'os_reports/Tickets/Vulnerability.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'tr_date_from', 'date_to_id' => 'tr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d'))), array('name' => _('Status'), 'id' => 'tr_status', 'type' => 'select', 'values' => $status_values), array('name' => _('Type'), 'id' => 'tr_type', 'type' => 'select', 'values' => $types_values), array('name' => _('Priority'), 'id' => 'tr_priority', 'type' => 'checkbox', 'values' => $priority_values)), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 1);
    $reports['alarm_report'] = array('report_name' => _('Alarms Report'), 'report_id' => 'alarm_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Alarms/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Alarms/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Alarms/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Alarms'), 'report_file' => 'os_reports/Alarms/TopAlarms.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Alarms by Risk'), 'report_file' => 'os_reports/Alarms/TopAlarmsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'ar_date_from', 'date_to_id' => 'ar_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'ControlPanelAlarms'), 'send_by_email' => 1);
    $reports['bc_pci_report'] = array('report_name' => _('Business & Compliance ISO PCI Report'), 'report_id' => 'bc_pci_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'threat_overview' => array('id' => 'threat_overview', 'name' => _('Threat overview'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ThreatOverview.php'), 'bri_risks' => array('id' => 'bri_risks', 'name' => _('Business real impact risks'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/BusinessPotentialImpactsRisks.php'), 'ciap_impact' => array('id' => 'ciap_impact', 'name' => _('C.I.A Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/CIAPotentialImpactsRisks.php'), 'pci_dss' => array('id' => 'pci_dss', 'name' => _('PCI-DSS 2.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS.php'), 'pci_dss3' => array('id' => 'pci_dss3', 'name' => _('PCI-DSS 3.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS3.php'), 'trends' => array('id' => 'trends', 'name' => _('Trends'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/Trends.php'), 'iso27002_p_impact' => array('id' => 'iso27002_p_impact', 'name' => _('ISO27002 Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27002PotentialImpact.php'), 'iso27001' => array('id' => 'iso27001', 'name' => _('ISO27001'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27001.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'bc_pci_date_from', 'date_to_id' => 'bc_pci_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('report-menu', 'ReportsReportServer'), 'send_by_email' => 1);
    $reports['siem_report'] = array('report_name' => _('SIEM Events'), 'report_id' => 'siem_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Siem/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Siem/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Siem/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Events'), 'report_file' => 'os_reports/Siem/TopEvents.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Events by Risk'), 'report_file' => 'os_reports/Siem/TopEventsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'sr_date_from', 'date_to_id' => 'sr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1);
    $reports['vulnerabilities_report'] = array('report_name' => _('Vulnerabilities Report'), 'report_id' => 'vulnerabilities_report', 'type' => 'external', 'target' => '_blank', 'link_id' => 'link_vr', 'link' => Menu::get_menu_url('../vulnmeter/lr_respdf.php?ipl=all&scantype=M', 'environment', 'vulnerabilities', 'overview'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0);
    $reports['th_vuln_db'] = array('report_name' => _('Threats & Vulnerabilities Database'), 'report_id' => 'th_vuln_db', 'type' => 'external', 'link_id' => 'link_tvd', 'link' => Menu::get_menu_url('../vulnmeter/threats-db.php', 'environment', 'vulnerabilities', 'threat_database'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0);
    $reports['ticket_status'] = array('report_name' => _('Tickets Status'), 'report_id' => 'ticket_status', 'type' => 'external', 'link_id' => 'link_tr', 'link' => Menu::get_menu_url('../report/incidentreport.php', 'analysis', 'tickets', 'tickets'), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 0);
    $db = new ossim_db();
    $conn = $db->connect();
    $user = Session::get_session_user();
    $session_list = Session::get_list($conn, 'ORDER BY login');
    if (preg_match('/pro|demo/', $conf->get_conf('ossim_server_version')) && !Session::am_i_admin()) {
        $myusers = Acl::get_my_users($conn, Session::get_session_user());
        if (count($myusers) > 0) {
            $is_pro_admin = 1;
        }
    }
    // User Log lists
    if (Session::am_i_admin()) {
        $user_values[''] = array('text' => _('All'));
        if ($session_list) {
            foreach ($session_list as $session) {
                $login = $session->get_login();
                $user_values[$login] = $login == $user ? array('text' => $login, 'selected' => TRUE) : array('text' => $login);
            }
        }
    } elseif ($is_pro_admin) {
        foreach ($myusers as $myuser) {
            $user_values[$myuser['login']] = array('text' => $myuser['login']);
            $user_values[$user] = array('text' => $user, 'selected' => TRUE);
        }
    } else {
        $user_values[$user] = array('text' => $user);
    }
    $code_list = Log_config::get_list($conn, 'ORDER BY descr');
    $action_values[''] = array('text' => _('All'));
    if ($code_list) {
        foreach ($code_list as $code_log) {
            $code_aux = $code_log->get_code();
            $action_values[$code_aux] = array('text' => '[' . sprintf("%02d", $code_aux) . '] ' . _(preg_replace('|%.*?%|', " ", $code_log->get_descr())));
        }
    }
    $reports['user_activity'] = array('report_name' => _('User Activity Report'), 'report_id' => 'user_activity', 'type' => 'external', 'link_id' => 'link_ua', 'link' => Menu::get_menu_url('../userlog/user_action_log.php', 'settings', 'settings', 'user_activity'), 'parameters' => array(array('name' => _('User'), 'id' => 'ua_user', 'type' => 'select', 'values' => $user_values), array('name' => _('Action'), 'id' => 'ua_action', 'type' => 'select', 'values' => $action_values)), 'access' => Session::menu_perms('settings-menu', 'ToolsUserLog'), 'send_by_email' => 0);
    $reports['geographic_report'] = array('report_name' => _('Geographic Report'), 'report_id' => 'geographic_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'geographic_report' => array('id' => 'geographic_report', 'name' => _('Geographic Report'), 'report_file' => 'os_reports/Various/Geographic.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'gr_date_from', 'date_to_id' => 'gr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1);
    //Sensor list
    $sensor_values[''] = array('text' => ' -- ' . _('Sensors no found') . ' -- ');
    $filters = array('order_by' => 'name');
    $sensor_list = Av_sensor::get_basic_list($conn, $filters);
    $filters = array('order_by' => 'priority desc');
    list($sensor_list, $sensor_total) = Av_sensor::get_list($conn, $filters);
    if ($sensor_total > 0) {
        $sensor_values = array();
        foreach ($sensor_list as $s) {
            $properties = $s['properties'];
            if ($properties['has_nagios']) {
                $sensor_values[$s['ip']] = array('text' => $s['name']);
            }
        }
    }
    /* Nagios link */
    $nagios_link = $conf->get_conf('nagios_link');
    $scheme = empty($_SERVER['HTTPS']) ? 'http://' : 'https://';
    $path = !empty($nagios_link) ? $nagios_link : '/nagios3/';
    $port = !empty($_SERVER['SERVER_PORT']) ? ':' . $_SERVER['SERVER_PORT'] : "";
    $nagios = $port . $path;
    $section_values = array(urlencode($nagios . 'cgi-bin/trends.cgi') => array('text' => _('Trends')), urlencode($nagios . 'cgi-bin/avail.cgi') => array('text' => _('Availability')), urlencode($nagios . 'cgi-bin/histogram.cgi') => array('text' => _('Event Histogram')), urlencode($nagios . 'cgi-bin/history.cgi?host=all') => array('text' => _('Event History')), urlencode($nagios . 'cgi-bin/summary.cgi') => array('text' => _('Event Summary')), urlencode($nagios . 'cgi-bin/notifications.cgi') => array('text' => _('Notifications')), urlencode($nagios . 'cgi-bin/showlog.cgi') => array('text' => _('Performance Info')));
    $reports['availability_report'] = array('report_name' => _('Availability Report'), 'report_id' => 'availability_report', 'type' => 'external', 'link_id' => 'link_avr', 'click' => "nagios_link('avr_nagios_link', 'avr_sensor', 'avr_section');", 'parameters' => array(array('name' => _('Sensor'), 'id' => 'avr_sensor', 'type' => 'select', 'values' => $sensor_values), array('name' => 'Nagioslink', 'id' => 'avr_nagios_link', 'type' => 'hidden', 'default_value' => urlencode($scheme)), array('name' => _('Section'), 'id' => 'avr_section', 'type' => 'select', 'values' => $section_values)), 'access' => Session::menu_perms('environment-menu', 'MonitorsAvailability'), 'send_by_email' => 0);
    $db->close();
    if ($id == NULL) {
        ksort($reports);
        return $reports;
    } else {
        return !empty($reports[$id]) ? $reports[$id] : array();
    }
}
コード例 #5
0
ファイル: tabs.php プロジェクト: jhbsz/ossimTest
                $tabsmerge[$tab_id] = $tab_values;
            }
        }
    }
}
if (!empty($tabsmerge) && is_array($tabsmerge)) {
    $tabshow = array();
    foreach ($tabsmerge as $tab_id => $tab_name) {
        // Check perms
        if ($tabsmerge[$tab_id]["tab_name"] == "Vulnerabilities" && !Session::menu_perms("MenuEvents", "EventsVulnerabilities")) {
            continue;
        }
        if ($tabsmerge[$tab_id]["tab_name"] == "Tickets" && !Session::menu_perms("MenuIncidents", "IncidentsIncidents")) {
            continue;
        }
        if ($tabsmerge[$tab_id]["tab_name"] == "Compliance" && !Session::menu_perms("MenuIntelligence", "ComplianceMapping")) {
            continue;
        }
        // Check disable
        if ($tabsmerge[$tab_id]['disable']) {
            continue;
        }
        $tabshow[$tab_id] = $tabsmerge[$tab_id];
    }
    //ksort($tabshow);
    $ctabs = count($tabshow) - 1;
    $j = 0;
    //echo '------';
    //print_r($tabshow);
    //echo '-----';
    $avt_icons = array("1001" => "../pixmaps/panel/executive.png", "1002" => "../pixmaps/panel/network.png", "1003" => "../pixmaps/panel/tickets.png", "1004" => "../pixmaps/panel/compliance.gif", "1005" => "../pixmaps/panel/security.png", "1006" => "../pixmaps/panel/inventory.png", "1007" => "../pixmaps/panel/vulnerabilities.png", "1008" => "../pixmaps/panel/taxonomy.png");
コード例 #6
0
ファイル: sensor_plugins.php プロジェクト: alienfault/ossim
'/><span><?php 
    echo $action . _(" {$plugin_name}, please wait a few seconds");
    ?>
 ...</span></div>
	</div>

	<?php 
    send_msg($cmd, $ip_get, $id);
    ?>
	<script type="text/javascript">	 	    
	   GB_hide();   
	</script>
	<?php 
}
// Sensors perm check
if (!Session::menu_perms('configuration-menu', 'PolicySensors')) {
    echo ossim_error(_("You need permissions of section '") . "<b>" . _("Configuration -> AlienVault Components -> Sensors") . "</b>" . _("' to see this page. Contact with the administrator."), AV_NOTICE);
    exit;
}
?>

<div id='loading'>
	<div>
	   <img src='../pixmaps/loading3.gif' alt='<?php 
echo _("Loading");
?>
'/><span><?php 
echo _('Loading sensor information, please wait a few seconds,');
?>
 ...</span>
	</div>
コード例 #7
0
ファイル: PCI-DSS.php プロジェクト: jackpf/ossim-arc
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
if (Session::menu_perms("report-menu", "ReportsReportServer")) {
    include_once 'updateBd.php';
    require_once 'common.php';
    include 'general.php';
    /*
     * PCI Version, if 3.0 then this variable is predefined in PCI-DSS3.php
     * The code is shared with this only diference
     */
    $pci_version = $pci_version != '' ? $pci_version : '';
    $sql_year = "STR_TO_DATE( CONCAT( a.year, '-', a.month, '-', a.day ) , '%Y-%m-%d' ) >= '{$date_from}' AND STR_TO_DATE( CONCAT( a.year, '-', a.month, '-', a.day ) , '%Y-%m-%d' ) <= '{$date_to}'";
    //create
    require_once 'ossim_db.inc';
    $db1 = new ossim_db();
    $conn1 = $db1->connect();
    // Check if PCI database exists
    if (!pci_database_available($conn1, "PCI{$pci_version}")) {
コード例 #8
0
ossim_valid($directive_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("directive_id"));
ossim_valid($src_ip, OSS_IP_ADDRCIDR, OSS_NULLABLE, 'illegal:' . _("src_ip"));
ossim_valid($dst_ip, OSS_IP_ADDRCIDR, OSS_NULLABLE, 'illegal:' . _("dst_ip"));
ossim_valid($inf, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("inf"));
ossim_valid($sup, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("order"));
ossim_valid($hide_closed, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("hide_closed"));
ossim_valid($date_from, OSS_DIGIT, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _("from date"));
ossim_valid($date_to, OSS_DIGIT, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _("to date"));
ossim_valid($num_alarms_page, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("field number of alarms per page"));
ossim_valid($sensor_query, OSS_IP_ADDR, OSS_ALPHA, OSS_DIGIT, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("sensor_query"));
if (ossim_error()) {
    die(ossim_error());
}
$prev_unique_id = $_SESSION['alarms_unique_id'];
// check required permissions
if (!$only_close && $move_tag == "" && !Session::menu_perms("MenuIncidents", "ControlPanelAlarmsDelete")) {
    die(ossim_error("You don't have required permissions to delete Alarms"));
}
// check unique_id for alarms
if (check_uniqueid($prev_unique_id, $param_unique_id)) {
    foreach ($_POST as $key => $value) {
        if (preg_match("/check_(\\d+)_(\\d+)/", $key, $found)) {
            if ($only_close) {
                Alarm::close($conn, $found[2]);
            } elseif ($move_tag != "") {
                if ($move_tag > 0) {
                    Tags::set_alarm_tag($conn, $found[1], $move_tag);
                } else {
                    Tags::del_alarm_tag($conn, $found[1]);
                }
            } else {
コード例 #9
0
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsTypes");
if (!Session::am_i_admin() && !Session::menu_perms("analysis-menu", "IncidentsTypes")) {
    die(ossim_error(_("Sorry, you are not allowed to perform this action")));
}
$inctype_id = POST('inctype_id');
ossim_valid($inctype_id, OSS_ALPHA, OSS_SPACE, OSS_PUNC, 'illegal:' . _("Incident ID"));
if (ossim_error()) {
    $data['status'] = 'error';
    $data['data'] = ossim_get_error();
    echo json_encode($data);
    exit;
}
$db = new ossim_db();
$conn = $db->connect();
Incident_type::delete($conn, $inctype_id);
$db->close($conn);
$data['status'] = 'OK';
コード例 #10
0
ファイル: alarm_console.php プロジェクト: jhbsz/ossimTest
                $backlog_id = $list;
                $id = null;
            } else {
                list($backlog_id, $id) = split("-", $list);
            }
            if (GET('only_close') != "") {
                $backlog_id = "closeall";
            }
            Alarm::delete_from_backlog($conn, $backlog_id, $id);
        } else {
            die(ossim_error("Can't do this action for security reasons."));
        }
    }
}
if (!empty($delete_day)) {
    if (!Session::menu_perms("MenuIncidents", "ControlPanelAlarmsDelete")) {
        die(ossim_error("You don't have required permissions to delete Alarms"));
    } else {
        if (check_uniqueid($prev_unique_id, $param_unique_id)) {
            Alarm::delete_day($conn, $delete_day);
        } else {
            die(ossim_error("Can't do this action for security reasons."));
        }
    }
}
/*
// OBSOLETE. DO NOT USE FROM ALARM CONSOLE
if (GET('purge')) {
	if (!Session::menu_perms("MenuIncidents", "ControlPanelAlarmsDelete"))
		die(ossim_error("You don't have required permissions to delete Alarms"));
	else {
コード例 #11
0
ファイル: index.php プロジェクト: jhbsz/ossimTest
</script>
</head>
<body>
<ul id="myMenu" class="contextMenu">
<li class="report"><a href="#edit"><?php 
echo _("Host Report");
?>
</a></li>
</ul>
<?php 
include "../hmenu.php";
?>

<table class="transparent" border=0 cellpadding=0 cellspacing=0 align="right">
<?php 
if (count($database_servers) > 0 && Session::menu_perms("MenuConfiguration", "PolicyServers")) {
    // session server
    ?>
	<form name="serverform">
	<tr>
		<td class="left nobborder" style="padding-right:10px">
		<a style='cursor:pointer; font-weight:bold;color:#222222' class='ndc' onclick="$('#rservers').toggle()"><img src="../pixmaps/arrow_green.gif" align="absmiddle" border="0"/><?php 
    echo _("Remote Servers");
    ?>
</a>
			<div style="position:relative; z-index:1">
			<div id="rservers" style="position:absolute;right:0;top:0;display:none;border:1px solid gray;background-color:#EEEEEE">
				<table class="transparent" border=0 cellpadding=1 cellspacing=2 width="100%">
				<?php 
    $i = 0;
    foreach ($database_servers as $db) {
コード例 #12
0
ファイル: base_header.php プロジェクト: alienfault/ossim
<!-- Solera Form -->
<form action="../conf/solera.php" method="post" id="solera_form">
<input type="hidden" name="from">
<input type="hidden" name="to">
<input type="hidden" name="src_ip">
<input type="hidden" name="dst_ip">
<input type="hidden" name="src_port">
<input type="hidden" name="dst_port">
<input type="hidden" name="proto">
</form>

<!-- MAIN HEADER TABLE -->
<table class="container">
<?php 
if (count($database_servers) > 0 && Session::menu_perms("configuration-menu", "PolicyServers") && Session::is_pro()) {
    // session server
    $ss = is_array($_SESSION["server"]) && $_SESSION["server"][0] != "" ? $_SESSION["server"][0] : "local";
    $sn = is_array($_SESSION["server"]) && $_SESSION["server"][4] != "" ? $_SESSION["server"][4] : "snort";
    ?>
    <tr>
    <td class='noborder' width="45" valign="top" style="padding:10px 0px 0px 0px">
        <table class='transparent' cellpadding="0" cellspacing="0">
            <tr>
                 <td class='noborder' align='left'>

                    <button type="button" class='av_b_gray' onclick='$("#dbs").toggle();$("#img_home").attr("src",(($("#img_home").attr("src").match(/plus/)) ? "images/home_minus.png" : "images/home_plus.png"))'>
                        <img id='img_home' src="images/home_plus.png" align="absmiddle" width='15' height='15'/>
                    </button>

                    <div style='position:relative;width:1px'>
コード例 #13
0
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
$conf = $GLOBALS["CONF"];
Session::logcheck("dashboard-menu", "BusinessProcesses");
if (!Session::menu_perms("dashboard-menu", "BusinessProcessesEdit")) {
    echo ossim_error(_("You don't have permissions to see this page"));
    exit;
}
$name = POST('name');
ossim_valid($name, OSS_ALPHA, OSS_NULLABLE, OSS_DIGIT, OSS_SCORE, ".,%", 'illegal:' . _("name"));
if (ossim_error()) {
    die(ossim_error());
}
$name = str_replace("..", "", $name);
$uploaded_icon = false;
$allowed_formats = array(IMAGETYPE_JPEG => 1, IMAGETYPE_GIF => 1, IMAGETYPE_PNG => 1);
$filename = '';
$msg = '';
if (is_uploaded_file($_FILES['fichero']['tmp_name'])) {
    if ($allowed_formats[exif_imagetype($_FILES['fichero']['tmp_name'])] == 1) {
コード例 #14
0
ファイル: pie_graph.php プロジェクト: jackpf/ossim-arc
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
require_once 'sensor_filter.php';
$m_perms = array('dashboard-menu', 'environment-menu', 'environment-menu');
$sm_perms = array('ControlPanelExecutive', 'EventsHids', 'EventsHidsConfig');
if (Session::menu_perms($m_perms, $sm_perms) == FALSE) {
    if (Session::menu_perms($m_perms[0], $sm_perms[0]) == FALSE) {
        Session::unallowed_section(NULL, 'noback', $m_perms[0], $sm_perms[0]);
    } else {
        Session::unallowed_section(NULL, 'noback', $m_perms[1], $sm_perms[1]);
    }
}
$nodata_text = _('No events found');
$db = new ossim_db(TRUE);
$conn = $db->connect();
session_write_close();
$data = '';
$urls = '';
$colors = '"#E9967A","#9BC3CF"';
$range = 604800;
//24*60*60*7 --> Week
$h = 250;
コード例 #15
0
ファイル: index.php プロジェクト: jackpf/ossim-arc
function list_results($type, $value, $ctx_filter, $sortby, $sortdir)
{
    global $allres, $offset, $pageSize, $dbconn;
    global $user, $arruser;
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $filteredView = FALSE;
    $selRadio = array("", "", "", "");
    $query_onlyuser = "";
    $url_filter = "";
    // Deprecated filter
    //if(!empty($arruser)) {$query_onlyuser = "******";}
    $sortby = "t1.results_sent DESC, t1.hostIP DESC";
    $sortdir = "";
    $queryw = "";
    $queryl = "";
    $querys = "SELECT distinct t1.hostIP, HEX(t1.ctx) as ctx, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid, t3.name as profile\n    FROM vuln_nessus_latest_reports AS t1 LEFT JOIN vuln_nessus_settings AS t3 ON t1.sid = t3.id, vuln_nessus_latest_results AS t5\n    WHERE\n    t1.hostIP      = t5.hostIP\n    AND t1.ctx     = t5.ctx\n    AND t1.deleted = '0' ";
    // set up the SQL query based on the search form input (if any)
    if ($type == "scantime" && $value != "") {
        $selRadio[0] = "CHECKED";
        $q = $value;
        $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
        $queryl = " limit {$offset},{$pageSize}";
        $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'";
        $url_filter = "&type={$type}&value={$value}";
    } else {
        if ($type == "service" && $value != "") {
            $selRadio[5] = "CHECKED";
            $q = $value;
            $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
            $queryl = " limit {$offset},{$pageSize}";
            $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'";
            $url_filter = "&type={$type}&value={$value}";
        } else {
            if ($type == "freetext" && $value != "") {
                $selRadio[6] = "CHECKED";
                $q = $value;
                $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                $queryl = " limit {$offset},{$pageSize}";
                $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'";
                $url_filter = "&type={$type}&value={$value}";
            } else {
                if ($type == "hostip" && $value != "") {
                    $selRadio[1] = "CHECKED";
                    $q = strtolower($value);
                    $queryw = " t1.hostIP LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                    $queryl = " limit {$offset},{$pageSize}";
                    $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'";
                    $url_filter = "&type={$type}&value={$value}";
                } else {
                    if ($type == "fk_name" && $value != "") {
                        $selRadio[2] = "CHECKED";
                        $q = strtolower($value);
                        $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                        $queryl = " limit {$offset},{$pageSize}";
                        $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'";
                        $url_filter = "&type={$type}&value={$value}";
                    } else {
                        if ($type == "username" && $value != "") {
                            $selRadio[3] = "CHECKED";
                            $q = strtolower($value);
                            $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                            $queryl = " limit {$offset},{$pageSize}";
                            $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'";
                            $url_filter = "&type={$type}&value={$value}";
                        } else {
                            if ($type == "hn" && $value != "") {
                                if (!empty($ctx_filter)) {
                                    $queryw = " AND t1.ctx=UNHEX('{$ctx_filter}')";
                                }
                                $selRadio[4] = "CHECKED";
                                if (preg_match("/\\//", $value)) {
                                    $ip_range = array();
                                    $ip_range = Cidr::expand_CIDR($value, "SHORT");
                                    $queryw .= " AND (inet_aton(t1.hostIP) >= '" . $ip_range[0] . "' AND inet_aton(t1.hostIP) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                } elseif (preg_match("/\\,/", $value)) {
                                    $q = implode("','", explode(",", $value));
                                    $queryw .= " AND t1.hostIP in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                    $q = "Others";
                                } else {
                                    $q = $value;
                                    $queryw .= " AND t1.hostIP LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}";
                                }
                                $queryl = " limit {$offset},{$pageSize}";
                                if (!preg_match("/\\//", $value)) {
                                    $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'";
                                } else {
                                    $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'";
                                }
                                $url_filter = "&type={$type}&value={$value}";
                            } else {
                                $selRadio[4] = "CHECKED";
                                $viewAll = FALSE;
                                $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}";
                                $queryl = " limit {$offset},{$pageSize}";
                                $stext = "";
                            }
                        }
                    }
                }
            }
        }
    }
    // set up the pager and search fields if viewing all hosts
    $reportCount = 0;
    if (!$filteredView) {
        $dbconn->Execute(str_replace("SELECT distinct", "SELECT SQL_CALC_FOUND_ROWS distinct", $querys) . $queryw);
        $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total");
        $previous = $offset - $pageSize;
        if ($previous < 0) {
            $previous = 0;
        }
        $last = intval($reportCount / $pageSize) * $pageSize;
        if ($last < 0) {
            $last = 0;
        }
        $next = $offset + $pageSize;
        $pageEnd = $offset + $pageSize;
        $value = html_entity_decode($value);
        //echo "<center><table cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td class='headerpr' style='border:0;'>"._("Current Vulnerablities")."</td></tr></table>";
        // output the search form
        echo "<table class='w100 transparent'>";
        echo "<tr><td class='sec_title'>" . _("Asset Vulnerability Details") . "</td></tr>";
        echo "<tr><td style='padding:12px 0px 0px 0px;' class='transparent'>";
        ?>
    <div id='cvleftdiv'>
        <a id="new_scan_button" class="button" href="<?php 
        echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs');
        ?>
" style="text-decoration:none;">
        <?php 
        echo _("New Scan Job");
        ?>
        </a>
    </div>
    <div id='cvrightdiv'>

<?php 
        echo '<form name="hostSearch" id="hostSearch" action="index.php" method="GET">
<input type="text" length="25" name="value" id="assets" class="assets" style="margin:0px !important;" value="' . Util::htmlentities($value) . '">';
        // cvfiltertype -> current vulnerabilities filter type
        echo "\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n";
        echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" id=\"current_vulns_find_button\" class=\"av_b_secondary small\" style=\"margin-left:15px;\">";
        echo <<<EOT
</form>
</p>
EOT;
    } else {
        // get the search result count
        $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' ";
        $scount = $dbconn->GetOne($queryc . $queryw);
        echo "<p>{$scount} report";
        if ($scount != 1) {
            echo "s";
        } else {
        }
        echo " " . _("found matching search criteria") . " | ";
        echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>";
    }
    echo "<p>";
    echo $stext;
    echo "</p>";
    echo "</div></td></tr></table>";
    $result = array();
    // get the hosts to display
    $result = $dbconn->GetArray($querys . $queryw . $queryl);
    // main query
    //echo $querys.$queryw.$queryl;
    $delete_ids = array();
    if (count($result) > 0) {
        foreach ($result as $rpt) {
            $delete_ids[] = $dreport_id = $rpt["report_id"];
        }
    }
    $_SESSION["_dreport_ids"] = implode(",", $delete_ids);
    //echo "$querys$queryw$queryl";
    if ($result === false) {
        $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg();
        $error++;
        dispSQLError($errMsg, $error);
    } else {
        $data['vInfo'] = 0;
        $data['vLow'] = 0;
        $data['vMed'] = 0;
        $data['vHigh'] = 0;
        $data['vSerious'] = 0;
        $perms_where = Asset_host::get_perms_where('host.', TRUE);
        if (!empty($perms_where)) {
            $queryt = "SELECT count(lr.result_id) AS total, lr.risk, lr.hostIP, HEX(lr.ctx) AS ctx\n                        FROM vuln_nessus_latest_results lr, host, host_ip hi\n                        WHERE host.id=hi.host_id AND inet6_ntoa(hi.ip)=lr.hostIP {$perms_where} AND falsepositive='N'\n                        GROUP BY risk, hostIP, ctx";
        } else {
            $queryt = "SELECT count(lr.result_id) AS total, risk, lr.hostIP, HEX(lr.ctx) AS ctx\n                        FROM vuln_nessus_latest_results lr\n                        WHERE falsepositive='N'\n                        GROUP BY risk, hostIP, ctx";
        }
        //echo "$queryt<br>";
        $resultt = $dbconn->Execute($queryt);
        while (!$resultt->EOF) {
            $riskcount = $resultt->fields['total'];
            $risk = $resultt->fields['risk'];
            if ($risk == 7) {
                $data['vInfo'] += $riskcount;
            } else {
                if ($risk == 6) {
                    $data['vLow'] += $riskcount;
                } else {
                    if ($risk == 3) {
                        $data['vMed'] += $riskcount;
                    } else {
                        if ($risk == 2) {
                            $data['vHigh'] += $riskcount;
                        } else {
                            if ($risk == 1) {
                                $data['vSerious'] += $riskcount;
                            }
                        }
                    }
                }
            }
            $resultt->MoveNext();
        }
        if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        } else {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "lr_reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "lr_respdf.php?ipl=all&scantype=M", "xlink" => "lr_rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        }
        foreach ($result as $data) {
            if (!Session::hostAllowed_by_ip_ctx($dbconn, $data["hostIP"], $data["ctx"])) {
                continue;
            }
            $host_id = key(Asset_host::get_id_by_ips($dbconn, $data["hostIP"], $data["ctx"]));
            if (valid_hex32($host_id)) {
                $data['host_name'] = Asset_host::get_name_by_id($dbconn, $host_id);
            }
            $data['vSerious'] = 0;
            $data['vHigh'] = 0;
            $data['vMed'] = 0;
            $data['vLow'] = 0;
            $data['vInfo'] = 0;
            // query for reports for each IP
            $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE hostIP = '" . $data['hostIP'];
            $query_risk .= "' AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND ctx = UNHEX('" . $data['ctx'] . "') AND falsepositive='N'";
            $result_risk = $dbconn->Execute($query_risk);
            while (!$result_risk->EOF) {
                if ($result_risk->fields["risk"] == 7) {
                    $data['vInfo']++;
                } else {
                    if ($result_risk->fields["risk"] == 6) {
                        $data['vLow']++;
                    } else {
                        if ($result_risk->fields["risk"] == 3) {
                            $data['vMed']++;
                        } else {
                            if ($result_risk->fields["risk"] == 2) {
                                $data['vHigh']++;
                            } else {
                                if ($result_risk->fields["risk"] == 1) {
                                    $data['vSerious']++;
                                }
                            }
                        }
                    }
                }
                $result_risk->MoveNext();
            }
            $data['plink'] = "lr_respdf.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            $data['hlink'] = "lr_reshtml.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            $data['xlink'] = "lr_rescsv.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            if (Session::am_i_admin()) {
                $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime'];
            }
            $list = explode("\n", trim($data['meth_target']));
            if (count($list) == 1) {
                $list[0] = trim($list[0]);
                $data['target'] = resolve_asset($dbconn, $list[0]);
            } elseif (count($list) == 2) {
                $list[0] = trim($list[0]);
                $list[0] = resolve_asset($dbconn, $list[0]);
                $list[1] = trim($list[1]);
                $list[1] = resolve_asset($dbconn, $list[1]);
                $data['target'] = $list[0] . ' ' . $list[1];
            } else {
                $list[0] = trim($list[0]);
                $list[0] = resolve_asset($dbconn, $list[0]);
                $list[count($list) - 1] = trim($list[count($list) - 1]);
                $list[count($list) - 1] = resolve_asset($dbconn, $list[count($list) - 1]);
                $data['target'] = $list[0] . " ... " . $list[count($list) - 1];
            }
            $tdata[] = $data;
        }
        if ($sortdir == "ASC") {
            $sortdir = "DESC";
        } else {
            $sortdir = "ASC";
        }
        $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_filter;
        $fieldMapLinks = array();
        $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png'));
        if (Session::am_i_admin()) {
            $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif');
        }
        $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks);
        // echo "<pre>";
        // var_dump($tdata);
        // echo "</pre>";
        if (count($tdata) > 1) {
            drawTableLatest($fieldMap, $tdata, "Hosts");
        } elseif (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
            echo "<br><span class='gray'>" . _("No results found: ") . "</span><a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs') . "'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br>";
        }
    }
    // draw the pager again, if viewing all hosts
    if (!$filteredView && $reportCount > 10) {
        ?>
    <div class="fright tmargin">
        <?php 
        if ($next > $pageSize) {
            ?>
	        <a href="index.php?<?php 
            echo "offset={$previous}{$url_filter}";
            ?>
" class="pager">< <?php 
            echo _("PREVIOUS");
            ?>
 </a>
	    <?php 
        } else {
            ?>
	        <a class='link_paginate_disabled' href="" onclick='return false'>< <?php 
            echo _("PREVIOUS");
            ?>
 </a>
		<?php 
        }
        if ($next <= $last) {
            ?>
            <a class='lmargin' href="index.php?<?php 
            echo "offset={$next}{$url_filter}";
            ?>
">  <?php 
            echo _("NEXT");
            ?>
 ></a>
        <?php 
        } else {
            ?>
            <a class='link_paginate_disabled lmargin' href="" onclick='return false'><?php 
            echo _("NEXT");
            ?>
 ></a>
        <?php 
        }
        ?>
    </div>
<?php 
    } else {
        echo "<p>&nbsp;</p>";
    }
}
コード例 #16
0
ファイル: panel.php プロジェクト: jhbsz/ossimTest
        rename($file1 . ".backup", $file2);
    }
}
$configs_dir = $conf->get_conf('panel_configs_dir');
$cloud_instance = $conf->get_conf("cloud_instance", FALSE) == 1 ? true : false;
$tabsavt = gettabsavt($configs_dir, $cloud_instance);
$avt_icons = array("1001" => "../pixmaps/panel/executive.png", "1002" => "../pixmaps/panel/network.png", "1003" => "../pixmaps/panel/tickets.png", "1004" => "../pixmaps/panel/compliance.gif", "1005" => "../pixmaps/panel/security.png", "1006" => "../pixmaps/panel/inventory.png", "1007" => "../pixmaps/panel/vulnerabilities.png");
require_once 'classes/User_config.inc';
$login = Session::get_session_user();
$db = new ossim_db();
$conn = $db->connect();
$config_aux = new User_config($conn);
$tabdefault = $config_aux->get($login, 'panel_default', 'simple', "main");
$panel_id = GET('panel_id') ? intval(GET('panel_id')) : ($tabdefault > 0 ? $tabdefault : 1001);
$_GET['panel_id'] = $panel_id;
if (Session::menu_perms("MenuControlPanel", "ControlPanelExecutiveEdit")) {
    if (isset($_GET['edit'])) {
        $show_edit = true;
        $_SESSION['ex_panel_can_edit'] = $can_edit = GET('edit') && $tabsavt[$panel_id] == "" ? true : false;
        $_SESSION['ex_panel_show_edit'] = true;
    } else {
        if (isset($_SESSION['ex_panel_can_edit']) && isset($_SESSION['ex_panel_show_edit'])) {
            $can_edit = $tabsavt[$panel_id] != "" ? false : $_SESSION['ex_panel_can_edit'];
            $show_edit = $_SESSION['ex_panel_show_edit'];
        } else {
            $can_edit = false;
            $show_edit = true;
        }
    }
} else {
    $can_edit = $show_edit = false;
コード例 #17
0
ファイル: Geographic.php プロジェクト: jackpf/ossim-arc
        }
    }
    $rs->MoveNext();
}
//
arsort($ips);
$ips = array_slice($ips, 0, $limit);
$totalValue = array_sum($ips);
// Set session var for graph
$dDB['_shared']->put('geoips', $ips);
$shared_file = $dDB['_shared']->dbfile();
$title = $report_name . _(' - Top') . ' ' . $limit . ' ' . _('Attacker Countries');
//pdf
$htmlPdfReport->pageBreak();
$htmlPdfReport->setBookmark($title);
if (Session::menu_perms('analysis-menu', 'EventsForensics')) {
    if (count($ips) == 0) {
        $htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, NULL) . '
        <table class="w100" cellpadding="0" cellspacing="0">
            <tr><td class="w100" align="center" valign="top">' . _('No data available') . '</td></tr>
        </table><br/><br/> ');
        return;
    }
    $htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, NULL) . '
    <table class="w100" cellpadding="0" cellspacing="0">
        <tr>
            <td style="width:95mm;" valign="top">
                <table style="width:95mm; padding-top: 10px; padding-bottom: 10px;">
                  <tr>
                    <th>' . _('Country') . '</th>
                    <th style="text-align:center">' . _('Attacks') . '</th>
コード例 #18
0
ファイル: top.php プロジェクト: jhbsz/ossimTest
<table align="center" class="noborder"><tr>
<td class="nobborder" style="padding:0px 10px 0px 0px"><b><?php 
echo $host;
?>
</b></td>
<td class="nobborder">[</td>
<td class="nobborder" nowrap> <a href="host_report.php?host=<?php 
echo $host;
?>
" target="report"> <?php 
echo gettext("Report");
?>
 </a> </td>

<?php 
if (Session::menu_perms("MenuControlPanel", "ControlPanelMetrics")) {
    ?>
<td class="nobborder">|</td>
<td class="nobborder" nowrap> <a href="metrics.php?host=<?php 
    echo $host;
    ?>
" target="report"> <?php 
    echo gettext("Metrics");
    ?>
 </a> </td>
<?php 
}
?>

<td class="nobborder">|</td>
<td class="nobborder" nowrap> <a href="<?php 
コード例 #19
0
ファイル: TopAlarms.php プロジェクト: jackpf/ossim-arc
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require 'general.php';
if (Session::menu_perms('analysis-menu', 'ReportsAlarmReport')) {
    // Initialize var
    $num_hosts = 15;
    $htmlPdfReport->pageBreak();
    $htmlPdfReport->setBookmark($title);
    $plugin_groups = NULL;
    $assets = array();
    $source_type = NULL;
    $category = NULL;
    $subcategory = NULL;
    $sensors = array();
    //Return the event with max occurrences
    $list = $security_report->Events($num_hosts, $report_type, $date_from, $date_to, $assets, $source_type, $category, $subcategory, $plugin_groups, FALSE, $sensors, 'DESC');
    $htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, NULL));
    if (count($list) == 0) {
        $htmlPdfReport->set('
コード例 #20
0
ファイル: solera.php プロジェクト: jackpf/ossim-arc
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive();
if (!Session::menu_perms("configuration-menu", "ConfigurationMain") && !Session::menu_perms("environment-menu", "MonitorsNetflows")) {
    Session::unallowed_section();
    exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <link rel="stylesheet" href="../style/av_common.css?t=<?php 
echo Util::get_css_id();
?>
"/>
    <script src="../js/jquery.min.js" type="text/javascript" ></script>
</head>
<body>
<?php 
コード例 #21
0
function get_notifications($conn)
{
    $notifications = array();
    if (Session::menu_perms('configuration-menu', 'PolicySensors')) {
        $new_sensors = Av_sensor::get_unregistered($conn);
        if (count($new_sensors) > 0) {
            $notif['msg'] = count($new_sensors) > 1 ? _('New Sensors Detected') : _('New Sensor Detected');
            $notif['class'] = 'nl_sensors';
            $notifications[$notif['class']] = $notif;
        }
    }
    if (Session::am_i_admin()) {
        $trial_days = calc_days_to_expire();
        if ($trial_days !== FALSE) {
            $notif['msg'] = $trial_days == 0 ? _('Trial Version expired') : $trial_days . ' ' . _('Days Left of Free Trial');
            $notif['class'] = 'nl_trial';
            $notifications[$notif['class']] = $notif;
        }
        $new_updates = get_only_updates();
        if ($new_updates == TRUE) {
            $notif['msg'] = _('New Updates Available');
            $notif['class'] = 'nl_updates';
            $notifications[$notif['class']] = $notif;
        }
        $unread = get_status_messages();
        if ($unread) {
            $notif['msg'] = _('New Warnings & Errors');
            $notif['class'] = 'nl_messages';
            $notifications[$notif['class']] = $notif;
        }
        $otx = calc_otx_notif();
        if ($otx === TRUE) {
            $notif['msg'] = _('Contribute to AlienVault OTX');
            $notif['class'] = 'nl_otx';
            $notifications[$notif['class']] = $notif;
        }
        $devices = calc_devices_total($conn);
        $max_dev = intval($_SESSION["_max_devices"]);
        //This val is loaded when the users log in. (session.inc)
        if ($max_dev > 0 && $devices > $max_dev) {
            $over = $devices - $max_dev;
            $notif['msg'] = _("License Violation - {$over} Assets Over");
            $notif['class'] = 'nl_device_exceed';
            $notifications[$notif['class']] = $notif;
        }
    }
    $return['error'] = FALSE;
    $return['output'] = $notifications;
    return $return;
}
コード例 #22
0
ファイル: index.php プロジェクト: AntBean/alienvault-ossim
    $_SESSION['_db_show_edit'] = "0";
}
/* Getting the tab list */
$tab_list = Dashboard_tab::get_tabs_by_user($login, $edit);
if (empty($tab_list)) {
    $config_nt = array('content' => _('No tabs have been found') . ".", 'options' => array('type' => 'nf_warning', 'cancel_button' => ''), 'style' => ' margin:25px auto 0 auto;text-align:center;padding:3px 30px;');
    $nt = new Notification('nt_panel', $config_nt);
    $nt->show();
    die;
}
if (empty($tab_list[$panel_id])) {
    $_panel_keys = array_keys($tab_list);
    $panel_id = $_panel_keys[0];
}
$_SESSION['_db_panel_selected'] = $panel_id;
if (Session::menu_perms("dashboard-menu", "ControlPanelExecutiveEdit")) {
    $show_edit = $edit;
    $can_edit = 1;
} else {
    $show_edit = 0;
    $can_edit = 0;
}
session_write_close();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <title> <?php 
echo gettext("AlienVault USM");
?>
 </title>
コード例 #23
0
ファイル: view.php プロジェクト: jhbsz/ossimTest
    $ret = false;
    foreach ($perms_arr as $perm => $val) {
        // ENTITY
        if (preg_match("/^\\d+\$/", $perm)) {
            if (preg_match("/pro|demo/i", $version) && $_SESSION['_user_vision']['entity'][$perm]) {
                $ret = true;
            }
            // USER
        } elseif (Session::get_session_user() == $perm) {
            $ret = true;
        }
    }
    return $ret;
}
$can_edit = false;
if (Session::menu_perms("MenuControlPanel", "BusinessProcessesEdit")) {
    $can_edit = true;
}
function check_writable_relative($dir)
{
    $uid = posix_getuid();
    $gid = posix_getgid();
    $user_info = posix_getpwuid($uid);
    $user = $user_info['name'];
    $group_info = posix_getgrgid($gid);
    $group = $group_info['name'];
    $fix_cmd = '. ' . _("To fix that, execute following commands as root") . ':<br><br>' . "cd " . getcwd() . "<br>" . "mkdir -p {$dir}<br>" . "chown {$user}:{$group} {$dir}<br>" . "chmod 0700 {$dir}";
    if (!is_dir($dir)) {
        die(_("Required directory " . getcwd() . "{$dir} does not exist") . $fix_cmd);
    }
    $fix_cmd .= $fix_extra;
コード例 #24
0
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsIncidents");
//Check permissions
if (!Session::menu_perms("analysis-menu", "IncidentsOpen")) {
    Session::unallowed_section();
    exit;
}
$upload_dir = '/usr/share/ossim/www/uploads/';
$prefix = POST('prefix');
ossim_valid($prefix, OSS_DIGIT, 'illegal:' . _("Prefix"));
if (ossim_error()) {
    die(ossim_error());
}
if ($_FILES['imageName']['tmp_name'] != "") {
    if (!preg_match("/^[a-zA-Z0-9\\-\\_\\s]+\\.(gif|jpg|png|jpeg)\$/i", $_FILES['imageName']['name']) || !preg_match("/image\\//", $_FILES["imageName"]["type"])) {
        echo '<div class="error_msg_container"><h3>ERROR: Your image was not one of the accepted formats (gif, jpg, png), please try again.</h3></div>';
        unlink($_FILES['imageName']['tmp_name']);
        exit;
    } else {
コード例 #25
0
ファイル: dt_agents.php プロジェクト: jackpf/ossim-arc
 * On Debian GNU/Linux systems, the complete text of the GNU General
 * Public License can be found in `/usr/share/common-licenses/GPL-2'.
 *
 * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
 *
 * @package    ossim-framework\Assets
 * @autor      AlienVault INC
 * @license    http://www.gnu.org/licenses/gpl-2.0.txt
 * @copyright  2003-2006 ossim.net
 * @copyright  2007-2013 AlienVault
 * @link       https://www.alienvault.com/
 */
require_once dirname(__FILE__) . '/../../conf/config.inc';
session_write_close();
Session::logcheck('environment-menu', 'EventsHidsConfig');
$events_hids_config = Session::menu_perms('environment-menu', 'EventsHidsConfig');
try {
    $db = new ossim_db();
    $conn = $db->connect();
    $sensor_id = POST('sensor_id');
    ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
    if (!ossim_error()) {
        if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
            $e_msg = _('Error! Sensor not allowed');
            Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
        }
    } else {
        $e_msg = ossim_get_error_clean();
        Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
    }
    $agents = Ossec_agent::get_list($sensor_id);
コード例 #26
0
ファイル: AttackedHosts.php プロジェクト: jackpf/ossim-arc
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
$path = '/usr/share/ossim/www/report/os_reports/';
set_include_path(get_include_path() . PATH_SEPARATOR . $path);
require_once 'av_init.php';
include_once 'common.php';
require 'general.php';
//Initialize var
$target = "ip_dst";
$geoloc = new Geolocation('/usr/share/geoip/GeoLiteCity.dat');
if (Session::menu_perms("analysis-menu", "EventsForensics")) {
    $htmlPdfReport->pageBreak();
    $htmlPdfReport->setBookmark($title);
    /*
     * return the list of host with max occurrences
     * as dest or source
     * pre: type is "ip_src" or "ip_dst"
     */
    $plugin_groups = null;
    $assets = array();
    $source_type = null;
    $category = null;
    $subcategory = null;
    $sensors = array();
    $list = $security_report->AttackHost($target, $num_hosts, $report_type, $date_from, $date_to, $assets, $source_type, $category, $subcategory, $plugin_groups, $sensors);
    $htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, null));
コード例 #27
0
ファイル: save.php プロジェクト: AntBean/alienvault-ossim
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
include_once 'riskmaps_functions.php';
Session::logcheck('dashboard-menu', 'BusinessProcesses');
$infolog = array('Indicator Risk Maps');
Log_action::log(49, $infolog);
if (!Session::menu_perms('dashboard-menu', 'BusinessProcessesEdit')) {
    echo ossim_error(_("You don't have permissions to edit risk indicators"));
    exit;
}
$data = array('status' => 'success', 'data' => '');
$db = new ossim_db();
$conn = $db->connect();
$map = GET('map');
$ri_positions = GET('data');
$name = GET('alarm_name');
$icon = GET('icon');
$url = GET('url');
$ri_id = GET('id');
$type = GET('type');
$type_name = GET('elem');
$iconbg = GET('iconbg');
コード例 #28
0
ファイル: Day.php プロジェクト: AntBean/alienvault-ossim
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
if (Session::menu_perms('dashboard-menu', 'ControlPanelMetrics')) {
    $report_name = $report_data['report_name'];
    $subreport_name = $report_data['subreports'][$subreport_id]['name'];
    $title = $report_name . ' - ' . $subreport_name;
    include_once 'general.php';
    $pdf = new Pdf('OSSIM Metrics Report');
    $query_temp = new ArrayObject();
    $htmlPdfReport->pageBreak();
    $htmlPdfReport->setBookmark($title);
    $htmlPdfReport->set($htmlPdfReport->newTitle($subreport_name . ' - ' . _('Last Day (Compromise)'), $date_from, $date_to, NULL));
    //User
    $htmlPdfReport->set('<table class="tableTitle w100" style="margin-top:3px;"><tr><td class="w100">' . _('Global') . '</td></tr></table>');
    $htmlPdfReport->set('<table class="w100">');
    $query_temp['dayCompromiseGlobal'] = $pdf->MetricsNoPDF('day', 'compromise', 'global', '', $dates_filter['max_c_date'], $param['user']);
    if ($query_temp['dayCompromiseGlobal'][1][1] == '') {
        $query_temp['dayCompromiseGlobal'] = array($query_temp['dayCompromiseGlobal'][0]);
コード例 #29
0
ファイル: draw_rrd.php プロジェクト: jackpf/ossim-arc
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
$m_perms = array('dashboard-menu', 'analysis-menu');
$sm_perms = array('ControlPanelMetrics', 'EventsForensics');
if (!Session::menu_perms($m_perms, $sm_perms)) {
    Session::unallowed_section(FALSE);
}
/*
 This will show errors (both PHP Errors and those detected in the code)
 as graphics, so they can be read.
*/
function mydie($errno, $errstr = '', $errfile = '', $errline = '')
{
    global $conf;
    $jpgraph = $conf->get_conf('jpgraph_path');
    include_once "{$jpgraph}/jpgraph.php";
    $err = $errstr ? $errstr : $errno;
    if ($errfile) {
        switch ($errno) {
            case 1:
コード例 #30
0
ファイル: load_agent_tab.php プロジェクト: jhbsz/ossimTest
*   MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
****************************************************************************/
require_once 'classes/Session.inc';
require_once 'classes/Security.inc';
require_once 'classes/Util.inc';
require_once '../conf/_conf.php';
require_once '../utils.php';
require_once 'classes/Xml_parser.inc';
$events_hids = Session::menu_perms("MenuEvents", "EventsHids");
$events_hids_config = Session::menu_perms("MenuEvents", "EventsHidsConfig");
$tab = POST('tab');
$error = false;
$array_os = array("Windows" => "Microsoft Windows", "Linux" => "Linux", "FreeBSD" => "FreeBSD");
if ($tab == "#tab1") {
    echo "1###";
    ?>
	<div>
	<table id='agent_table'>
		<tr>
			<th style='width: 100px;'><?php 
    echo _("ID");
    ?>
</th>
			<th><?php 
    echo _("Name");