function getFlagSIEMPDF($url) { if ($url != '') { return '<img src="' . getProtocol() . '//' . Util::get_default_admin_ip() . $url . '" />'; } else { return ''; } }
function getProtocolUrl() { /* if(empty($_SERVER["HTTPS"])) { return 'http://'.Util::get_default_admin_ip(); } else { return 'https://'.Util::get_default_admin_ip(); } */ // Hack: getimagesize() doesn't support https (). See Trends.php, line 110 return 'http://' . Util::get_default_admin_ip(); }
* On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::useractive("../session/login.php"); require_once 'classes/Mobile.inc'; ?> <!DOCTYPE html> <html class="iphone"> <head> <title>AVC <?php echo preg_replace("/\\d+\\.\\d+\\.(\\d+\\.\\d+)/", "\\1", Util::get_default_admin_ip()); ?> </title> <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="apple-mobile-web-app-status-bar-style" content="black" /> <meta name="viewport" content="user-scalable=no; width=device-width; initial-scale=1.0; maximum-scale=1.0;"> <link rel="Shortcut Icon" type="image/x-icon" href="../favicon.ico" /> <link rel="apple-touch-icon" href="/ossim/statusbar/app-icon.png" /> <!-- <link rel="apple-touch-startup-image" href="/ossim/statusbar/avconsole.jpg" /> --> <script type="text/javascript" src="../js/mobile/jquery.js"></script> <script type="text/javascript" src="../js/mobile/jquery-ui.js"></script> <script type="text/javascript" src="../js/mobile/jquery.iphone.js"></script> <script type="text/javascript" src="../js/mobile/other/jquery.mousewheel.js"></script> <script type="text/javascript" src="../js/mobile/other/jquery.disable.text.select.js"></script>
* Classes list: */ $pathtoxml = dirname($_SERVER['REQUEST_URI']); define("MAX_HOSTNAME_LEN", 30); define("MAX_ALERTNAME_LEN", 30); $proto = "http"; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") { $proto = "https"; } require_once "ossim_conf.inc"; $ossim_conf = $GLOBALS["CONF"]; $datapath = $ossim_conf->get_conf("ossim_link") . "/tmp/"; $base_dir = $ossim_conf->get_conf("base_dir"); $port = explode("\n", `grep 'Listen' /etc/apache2/ports.conf | awk '{print \$2}'`); $_SERVER["APACHE_PORT"] = is_array($port) && intval($port[0]) > 0 ? intval($port[0]) : 80; $datapath = "{$proto}://" . Util::get_default_admin_ip() . ":{$_SERVER['APACHE_PORT']}/{$datapath}/"; function jgraph_attack_graph($target, $hosts, $type = "Bar3D", $width = 450, $height = 250) { global $security_report; global $datapath; global $base_dir; global $date_from, $date_to; if (!strcmp($target, "ip_src")) { if (!($fp = @fopen("{$base_dir}/tmp/ip_src.xml", "w"))) { print "Error: <b>{$datapath}</b> directory must exists and be <br/>\n"; print "writable by the user the webserver runs as"; exit; } } else { if (!($fp = @fopen("{$base_dir}/tmp/ip_dst.xml", "w"))) { print "Error: <b>{$datapath}</b> directory must exists and be <br/>\n";
?> </a> </td> <td class='noborder' style='padding-right:4px;'> <?php /* * Show munin link for every sensor * */ if ($use_munin == 1) { $munin_link = $ossim_conf->get_conf('munin_link'); if ($munin_link == '') { $munin_link = "/munin/"; } $server_ip = Util::get_default_admin_ip(); if ($server_ip == '') { $server_ip = $ossim_conf->get_conf('frameworkd_address'); } $protocol = 'http'; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { $protocol = 'https'; } $port = ""; if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != '443') { $port = ":" . $_SERVER['SERVER_PORT']; } $current_user = Session::get_session_user(); if ($ip == $server_ip) { $munin_url = $protocol . '://' . $_SERVER['SERVER_NAME'] . $port . $munin_link; $munin_url = str_replace('localhost', $ip, $munin_url);
'); $c = 0; $conf = $GLOBALS['CONF']; foreach ($ips as $country => $val) { // type=6 Top Attackers from Country $cou = explode(':', $country); if ($cou[0] == '') { $flag = $flag1 = ''; } else { if ($cou[0] == 'me' || $cou[0] == 'eu' || $cou[0] == 'ap') { $flag = $flag1 = ''; } elseif ($cou[0] == 'local') { $flag = getProtocol() . '//' . Util::get_default_admin_ip() . '/ossim/forensics/images/homelan.png'; $flag1 = '../forensics/images/homelan.png'; } else { $flag = getProtocol() . '//' . Util::get_default_admin_ip() . '/ossim/pixmaps/flags/' . $cou[0] . '.png'; $flag1 = '../pixmaps/flags/' . $cou[0] . '.png'; } } $porcent = round($val * 100 / $totalValue, 1); $bc = $c++ % 2 != 0 ? "class='par'" : ""; /**/ $htmlPdfReport->set(' <tr ' . $bc . '> <td style="width:50mm;font-size:11px">' . ($flag != '' ? "<img src='{$flag}' border='0' align='absmiddle' style='width:4mm'>" : "") . ' ' . $cou[1] . '</td> <td style="width:18mm;text-align:center;font-size:11px">' . $val . '</td> <td style="width:12mm;text-align:center;font-size:11px">' . $porcent . '%</td> </tr> '); } $db->close();
function get_assets($conn, $id, $type, $host_types) { $filters = array('where' => 'sensor_properties.has_nagios = 1', 'order_by' => 'priority desc'); list($nagios_list, $nagios_total) = Av_sensor::get_list($conn, $filters); $sensor = NULL; $sensors = array(); $type = strtolower($type); $id = strtoupper($id); // in_assets first $in_assets = is_in_assets($conn, $id, $type); //Host, sensor or server if (in_array($type, $host_types)) { $table = $type; if ($type == 'host') { $what = 'host_id'; $table = 'host_ip'; } else { $what = 'id'; } $query = "SELECT INET6_NTOA(ip) AS ip FROM {$table} WHERE {$what} = UNHEX(?) LIMIT 1"; $params = array($id); $rs = $conn->Execute($query, $params); if ($rs) { $ips = $rs->fields['ip']; } // Related sensors if ($type == 'host') { $sensors = Asset_host_sensors::get_sensors_by_id($conn, $id); } elseif ($type == 'sensor') { $sensors[$id] = $ips; } else { $s_id = Av_sensor::get_id_by_ip($conn, Util::get_default_admin_ip()); $sensors[$s_id] = Util::get_default_admin_ip(); } } elseif ($type == 'net') { $query = "SELECT ips FROM net WHERE id = UNHEX(?)"; $params = array($id); $rs = $conn->Execute($query, $params); if ($rs) { $ips = $rs->fields['ips']; } // Related sensors $sensors = Asset_net_sensors::get_sensors_by_id($conn, $id); } elseif ($type == 'net_group' || $type == 'netgroup') { $query = "SELECT hex(ngr.net_id) as net_id, n.ips FROM net_group_reference AS ngr, net AS n\n WHERE ngr.net_group_id = UNHEX(?) AND ngr.net_id = n.id"; $net_ids = array($id); $params = $net_ids; $rs = $conn->Execute($query, $params); if ($rs) { $ipng = array(); if (!$rs->EOF) { $net_ids = array(); } while (!$rs->EOF) { $ipng[] = $rs->fields['ips']; $net_ids[] = $rs->fields['net_id']; $rs->MoveNext(); } $ips = count($ipng) > 0 ? implode(",", $ipng) : "'0.0.0.0/0'"; if (count($ipng) == 0) { $in_assets = 0; } } // Related sensors foreach ($net_ids as $net_id) { $_sensors_aux = Asset_net_sensors::get_sensors_by_id($conn, $net_id); foreach ($_sensors_aux as $sensor_id => $sensor_data) { $sensors[$sensor_id] = $sensor_data['ip']; } } } elseif ($type == 'host_group' || $type == 'hostgroup') { $query = "SELECT hex(hg.host_id) as host_id, INET6_NTOA(hi.ip) AS ip FROM host_group_reference hg, host_ip hi\n WHERE hi.host_id=hg.host_id AND hg.host_group_id = UNHEX(?)"; $host_ids = array($id); $params = $host_ids; $rs = $conn->Execute($query, $params); if ($rs) { $iphg = array(); if (!$rs->EOF) { $host_ids = array(); } while (!$rs->EOF) { $iphg[] = "'" . $rs->fields['ip'] . "'"; $host_ids[] = $rs->fields['host_id']; $rs->MoveNext(); } $ips = count($iphg) > 0 ? implode(',', $iphg) : "'0.0.0.0'"; if (count($iphg) == 0) { $in_assets = 0; } } // Related sensors foreach ($host_ids as $host_id) { $_sensors_aux = Asset_host_sensors::get_sensors_by_id($conn, $host_id); foreach ($_sensors_aux as $sensor_id => $sensor_data) { $sensors[$sensor_id] = $sensor_data['ip']; } } } //Getting first Nagios sensor (By priority) if ($nagios_total > 0) { foreach ($nagios_list as $n_sensor_id => $n_sensor_data) { if (array_key_exists($n_sensor_id, $sensors)) { $sensor = $n_sensor_data['ip']; break; } } } return array($id, $sensor, $type, $ips, $in_assets); }
if ($sensor == $s['ip']) { $option = 1; $ng_selected = count($sensors_nagios); } $sensors_nagios[] = array('id' => $sid, 'ip' => $s['ip'], 'name' => $s['name'], 'selected' => $option); } } } //If we have permissions to see any sensor... if (!empty($sensors_nagios)) { if ($ng_selected == -1) { $ng_selected = 0; } $_ip = $sensors_nagios[$ng_selected]['ip']; //Remote ossim sensors and remote nagios... if ($_ip != '' && $_ip != 'localhost' && $_ip != Util::get_default_admin_ip() && $_ip != $_SERVER['SERVER_NAME']) { $_sensor = new Av_sensor($sensors_nagios[$ng_selected]['id']); $_sensor->load_from_db($conn); $nagios_options = $_sensor->get_nagios_credentials($conn); $_s_user = $nagios_options['user']; $_s_pass = $nagios_options['password']; try { $nagios_url = $_sensor->get_nagios_url($_s_user, $_s_pass); $nagios = $nagios_url['url']; $nagios_opts = $nagios_url['s_context']; if (preg_match('/^http:\\/\\//', $nagios) && $_s_user != '' && $_s_pass != '') { $nagios = str_replace('http://', "http://{$_s_user}:{$_s_pass}@", $nagios); } elseif (preg_match('/^https:\\/\\//', $nagios) && $nagios_opts['http']['header'] != '') { $flag_login = TRUE; $_login = base64_encode(Util::encrypt($_s_user . "####" . md5($_s_pass), $conf->get_conf('remote_key'))); $_SESSION['_remote_nagios_credential'] = array($_ip, $_login);
function insert_host($conn, $data) { $ips = preg_replace('/\\s*/', '', $data['ip']); $name = utf8_decode($data['name']); list($os, $dtype) = explode("_", $data['type']); // Type ossim_valid($ips, OSS_IP_ADDR, 'illegal:' . _("IP")); ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _("Name")); ossim_valid($os, OSS_NULLABLE, OSS_ALPHA, 'illegal:' . _("OS")); ossim_valid($dtype, OSS_NULLABLE, OSS_ALPHA, 'illegal:' . _("Device Type")); check_ossim_error(); $ips = explode(',', $ips); foreach ($ips as $ip) { $h_ip[$ip] = array('ip' => $ip, 'mac' => NULL); } //Insert the New Host $uuid = Util::uuid(); $sensor_ip = Util::get_default_admin_ip(); $sensor = Av_sensor::get_id_by_ip($conn, $sensor_ip); $host = new Asset_host($conn, $uuid); $host->set_ips($h_ip); $host->set_name($name); $host->set_sensors(array($sensor)); $host->save_in_db($conn); // Device Type if ($dtype == 'networkdevice') { Asset_host_devices::save_device_in_db($conn, $uuid, 4); } // OS if ($os == 'windows' || $os == 'linux') { Asset_host_properties::save_property_in_db($conn, $uuid, 3, ucfirst($os), 1, TRUE); } $response['error'] = FALSE; $response['data'] = array(); return $response; }
* MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ session_cache_limiter('private'); $pathtographs = dirname($_SERVER['REQUEST_URI']); $proto = "http"; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") { $proto = "https"; } $datapath = "{$proto}://" . Util::get_default_admin_ip() . "{$pathtographs}/graphs"; function clean_tmp_files() { if (isset($GLOBALS['tmp_files'])) { foreach ($GLOBALS['tmp_files'] as $file) { if (file_exists($file)) { unlink($file); } } } } register_shutdown_function('clean_tmp_files'); function create_image($url, $args = array()) { foreach ($args as $k => $v) { $_GET[$k] = $v;
function schedule_scan($conn, $wizard, $data) { $step = intval($wizard->get_step_data('scan_step')); $nets = $wizard->get_step_data('scan_nets'); if ($step != 3 || count($nets) < 1) { $response['error'] = TRUE; $response['msg'] = _('NMAP Scan not valid to schedule'); return $response; } $sched = $data['sch_opt']; ossim_valid($sched, OSS_DIGIT, 'illegal:' . _("Schedule Option")); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); $wizard->set_step_data('scan_nets', -1); return $response; } if ($sched == 1) { $period = 86400; } elseif ($sched == 2) { $period = 604800; } else { $period = 2419200; } $sensor_ip = Util::get_default_admin_ip(); $sensor_id = Av_sensor::get_id_by_ip($conn, $sensor_ip); $name = _('Default_wizard_scan'); $type = 5; $enable = 1; $targets = array(); foreach ($nets as $cidrs) { $cidrs = explode(' ', $cidrs); foreach ($cidrs as $cidr) { $targets[$cidr] = $cidr; } } $targets = implode(' ', $targets); $params = $targets . '#-T5 -A -sS -F'; Inventory::insert($conn, $sensor_id, $name, $type, $period, $params, $enable, $targets); $response['error'] = FALSE; $response['data'] = array(); return $response; }
<div class="w_overlay" style="height:100%;"></div> <div class='cnf_header'><div class='cnf_h_title'><?php echo _('General Configuration'); ?> </div></div> <div class='cnf_body'> <form id='f_gc' method='POST'> <input type='hidden' id='system_id' class='vfield' name='system_id' value='<?php echo $system_id; ?> '/> <input type='hidden' id='server_addr' class='vfield' name='server_addr' value='<?php echo Util::get_default_admin_ip(); ?> '/> <input type='hidden' id='server_url' class='vfield' name='server_url' value='<?php echo $url; ?> '/> <table id='t_gc'> <tr> <th class='_label'><?php display_label($cnf_data['hostname']); ?> </th> <td class='_data'> <input type='hidden' id='h_<?php
$nfsen_sensors = get_nfsen_sensors(); $used_ports = array(); foreach ($nfsen_sensors as $sensor => $data) { $used_ports[$data['port']]++; // load used ports in configuration file } if ($used_ports[$port] == '') { $nfsen_sensors[$sensor_name]['port'] = $port; $nfsen_sensors[$sensor_name]['color'] = $color; $nfsen_sensors[$sensor_name]['type'] = $type; set_nfsen_sensors($nfsen_sensors); nfsen_reset(); // Talk to frameworkd try { $s = new Frameworkd_socket(); $s->write('nfsen action="addsensor" sensorname="' . $sensor_name . '" port="' . $port . '" type="netflow" color="' . $color . '"'); $admin_ip = Util::get_default_admin_ip(); $data['status'] = 'success'; $data['data'] = Util::js_entities(str_replace('IP', $admin_ip, str_replace('PORT', $port, _('You should now configure your Flows generator to send Flows to IP port PORT')))); } catch (Exception $e) { $data['status'] = 'error'; $data['data'] = Util::js_entities($e->getMessage()); } } else { $data['status'] = 'error'; $data['data'] = Util::js_entities(_('The selected port is used by another sensor')); } } break; } echo json_encode($data);