$val = "<no ssid>"; } $j = 1; $t_children = array(); $title = strlen($val) > 30 ? substr($val, 0, 30) . '...' : $val; $title .= ' <font style="font-size:80%; font-weight:normal">(' . $v->BSSID . ')</font>'; $tooltip = Util::utf8_encode2(Util::htmlentities($val)) . ' ' . $v->BSSID; $tree['children'][] = array('title' => $title, 'tooltip' => $tooltip, 'key' => "key1{$i}", 'isFolder' => TRUE, 'icon' => "../../pixmaps/theme/wifi.png", 'expand' => FALSE, 'hideCheckbox' => TRUE, 'isLazy' => FALSE); foreach ($v as $k1 => $v1) { if ($k1 == 'wireless-client') { foreach ($v1 as $k2 => $v2) { if ($k2 == 'client-mac') { $title = Util::utf8_encode2($v2); $t_children[] = array('title' => $title, 'key' => "key1{$i}{$j}", 'isFolder' => TRUE, 'icon' => "../../pixmaps/theme/net.png"); $j++; } } } } if (is_array($t_children) && !empty($t_children)) { $tree['children'][$i - 1]['children'] = $t_children; } $i++; } } $json_encode = @json_encode($tree); if (json_last_error() != JSON_ERROR_NONE) { $tree = array('title' => '', 'key' => 'tree_error', 'isFolder' => TRUE, 'icon' => '../../pixmaps/any.png', 'hideCheckbox' => TRUE, 'expand' => TRUE, 'noLink' => TRUE, 'hideCheckbox' => TRUE, 'addClass' => 'size12', 'children' => array('title' => '<span>' . Util::utf8_encode2(_('Load error')) . '</span>', 'key' => 'load_error', 'icon' => '', 'hideCheckbox' => TRUE, 'noLink' => TRUE, 'hideCheckbox' => TRUE, 'addClass' => 'bold_red dynatree-statusnode-error')); $json_encode = @json_encode($tree); } echo $json_encode;
$db->close(); exit; } // Open selected if ($only_open) { $groups = retrieve_groups($only_open); $file = Alarm_groups::change_status($groups, "open"); @system("php /usr/share/ossim/scripts/alarms/bg_alarms.php {$user} {$file} > /dev/null 2>&1 &"); $db->close(); exit; } $entities = array(); if (Session::is_pro()) { $_entities = Acl::get_entities($conn); foreach ($_entities[0] as $e_id => $e) { $entities[$e_id] = Util::utf8_encode2($e['name']); } } $entity_types = Session::get_entity_types($conn, TRUE); $name = $name == _('Unknown Directive') ? '' : $name; list($list, $num_rows) = Alarm_groups::get_alarms($conn, $sensor_query, $src_ip, $dst_ip, $hide_closed, "", $from, $top, $from_date, $to_date, $name, "", $directive_id, $tag, TRUE, $num_events, $num_events_op); $tz = Util::get_timezone(); $colspan = Session::is_pro() && $mssp ? 11 : 10; ?> <table class='t_agr table_list'> <tr> <th></th> <th></th> <th><?php echo _("Alarm Name");
$results = array(); foreach ($groups as $group) { // Alarms $alarms = $group->has_alarms($conn); $alarms_icon = $alarms ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Vulns $vulns = $group->get_vulnerability_number($conn, $group->get_id()); $vulns_icon = $vulns > 0 ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Events $events = $group->has_events($conn); $events_icon = $events ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // COLUMNS $_res = array(); $_res['DT_RowId'] = $group->get_id(); $_res[] = Util::utf8_encode2($group->get_name()); $_res[] = Util::utf8_encode2($group->get_owner()); $_res[] = $group->get_num_host($conn); $_res[] = $alarms_icon; $_res[] = $vulns_icon; $_res[] = $events_icon; $_res[] = $detail; $results[] = $_res; } } catch (Exception $e) { $response = array(); $response['sEcho'] = intval($sec); $response['iTotalRecords'] = 0; $response['iTotalDisplayRecords'] = 0; $response['aaData'] = array(); $response['iDisplayStart'] = 0; echo json_encode($response);
$_devices->load_from_db($conn); $devices = $_devices->get_devices(); if ($_os == 'Windows') { $_dev = 'windows_'; } elseif (is_array($devices[1]) && !empty($devices[1])) { if ($_os == 'Linux') { $_dev = 'linux_server'; } else { $_dev = '_'; } } elseif (is_array($devices[4]) && !empty($devices[4])) { $_dev = '_networkdevice'; } elseif (count($devices) > 0) { $_dev = '_'; } $_res[] = Util::utf8_encode2($asset_data['name']); $_res[] = Asset::format_to_print($asset_data['ips']); $_res[] = $_dev; $_res[] = ''; $_res['DT_RowId'] = $_id; $results[] = $_res; } // datatables response json $response = array(); $response['sEcho'] = $sec; $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $results; $response['iDisplayStart'] = 0; echo json_encode($response); $db->close();
function service_list($conn, $page, $search) { $return['error'] = TRUE; $return['msg'] = ''; $filters = array(); $filters['limit'] = get_query_limits($page); $filters['order_by'] = 'port'; if ($search != '') { $search = utf8_decode($search); $search = escape_sql($search, $conn); $filters['where'] = " (s.port LIKE '%{$search}%' OR s.service LIKE '%{$search}%'"; //Filter by protocol name $protocol_list = Protocol::get_list($search); $protocol_list = array_keys($protocol_list); $protocol_list = implode(',', $protocol_list); if (!empty($protocol_list)) { $filters['where'] .= " OR s.protocol IN ({$protocol_list})"; } $filters['where'] .= ")"; } try { list($services, $total) = Asset_host_services::get_services_available($conn, $filters, TRUE); } catch (Exception $e) { $return['error'] = TRUE; $return['msg'] = $e->getMessage(); return $return; } if ($total > 0) { $selected = get_selected_values(10); } $list = array(); //Going through the list to format the elements properly: foreach ($services as $service) { $_serv = array(); $id = $service['port'] . ';' . $service['protocol'] . ';' . $service['service']; $md5 = md5($id); $name = $service['port'] . '/' . $service['prot_name'] . ' (' . $service['service'] . ')'; $_chk = $selected[$md5] != '' ? TRUE : FALSE; $_serv = array('id' => $id, 'name' => Util::utf8_encode2($name), 'checked' => $_chk); $list[$md5] = $_serv; } $data['total'] = intval($total); $data['list'] = $list; $return['error'] = FALSE; $return['data'] = $data; return $return; }
*/ require_once 'av_init.php'; Session::logcheck_ajax('environment-menu', 'PolicyHosts'); session_write_close(); $validate = array('asset_type' => array('validation' => 'OSS_LETTER', 'e_message' => 'illegal:' . _('Asset Type'))); $asset_type = POST('asset_type'); $validation_errors = validate_form_fields('POST', $validate); if (!empty($validation_errors)) { Util::response_bad_request(_('Sorry, asset data was not loaded due to a validation error')); } $db = new ossim_db(); $conn = $db->connect(); $ctx = Asset_host::get_common_ctx($conn); if (!empty($ctx)) { $ctx_name = Session::get_entity_name($conn, $ctx); $ctx_name = Util::utf8_encode2($ctx_name); //Check asset context $ext_ctxs = Session::get_external_ctxs($conn); if (!empty($ext_ctxs[$ctx])) { // CTX is external, this CTX could not be edited $ctx = NULL; } else { //Server related to CTX $server_obj = Server::get_server_by_ctx($conn, $ctx); $s_name = ''; $s_ip = ''; if ($r_server) { $s_name = $server_obj->get_name(); $s_ip = $server_obj->get_ip(); } }
$db->close(); Util::response_bad_request($e->getMessage()); } // DATA $data = array(); foreach ($groups as $_group_id => $_group_object) { $_res = array(); $_res['DT_RowId'] = $_group_id; try { $_can_edit = $_group_object->can_i_edit($conn); } catch (Exception $e) { $_can_edit = FALSE; } $_res['DT_RowData']['editable'] = $_can_edit; $_res[] = ''; // Checkbox $_res[] = Util::utf8_encode2($_group_object->get_name()); $_res[] = $_group_object->get_owner(); $_res[] = $_group_object->get_num_host($conn); $_res[] = ''; // Action $data[] = $_res; } $response['sEcho'] = $sec; $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file dt_groups.php */ /* Location: /av_asset/asset/providers/dt_groups.php */
/* Nessus if ($scan_list = Net_group_scan::get_list($conn, "WHERE net_group_name = '$name' AND plugin_id = 3001")) { $scan_types = "<img src='../pixmaps/tables/tick.png'>"; } else { $scan_types = "<img src='../pixmaps/tables/cross.png'>"; } $xml.= "<cell><![CDATA[" . $scan_types . "]]></cell>"; */ $desc = $net_group->get_descr(); if ($desc == "") { $desc = " "; } $xml .= "<cell><![CDATA[" . Util::utf8_encode2($desc) . "]]></cell>"; // KDB $rep = ''; if ($linkedocs = Repository::have_linked_documents($conn, $id, 'net_group')) { $rep .= "<a href=\"javascript:;\" onclick=\"GB_edit('../repository/repository_list.php?keyname=" . $id . "&type=net_group&nosize=1')\" class=\"blue\" target=\"main\">[" . $linkedocs . "]</a> "; } $rep .= "<a href=\"javascript:;\" onclick=\"GB_edit('../repository/asset_repository.php?id=" . $id . "&name=" . urlencode($name) . "&linktype=net_group')\"><img src=\"../pixmaps/tables/table_row_insert.png\" border=0 title=\"Add KDB\" alt=\"Add KDB\" align=\"absmiddle\"></a>"; $xml .= "<cell><![CDATA[" . Util::utf8_encode2($rep) . "]]></cell>"; // Notes $rep = ''; if ($notes = Notes::howmanynotes($conn, $id, 'net_group')) { $rep .= "<a href=\"javascript:;\" onclick=\"GB_notes('../av_asset/common/views/notes.php?asset_type=net_group&asset_id=" . $id . "')\" class=\"blue\" target=\"main\">[" . $notes . "]</a> "; } $rep .= "<a href=\"javascript:;\" onclick=\"GB_notes('../av_asset/common/views/notes.php?asset_type=net_group&asset_id=" . $id . "')\"><img src=\"../pixmaps/notes.png\" border=0 title=\"View Notes\" alt=\"View Notes\" width='16px' align=\"absmiddle\"></a>"; $xml .= "<cell><![CDATA[" . Util::utf8_encode2($rep) . "]]></cell>"; $xml .= "</row>\n"; } $xml .= "</rows>\n"; echo $xml; $db->close();
$db = new ossim_db(); $conn = $db->connect(); if ($from != "") { $length_hn = 50; if ($host_list = Host::get_list($conn, "", "ORDER BY hostname")) { foreach ($host_list as $host) { $hostname = strlen($host->get_hostname()) > $length_hn ? substr($host->get_hostname(), 0, $length_hn) . "..." : $host->get_hostname(); $ossim_hosts[$host->get_ip()] = $hostname; } } // Json properties data $props = Host::get_latest_properties($conn, date("Y-m-d H:i:s", $from), 20); foreach ($props as $prop) { $prop["value"] = str_replace("'", "\\'", $prop["value"]); $prop["extra"] = str_replace("'", "\\'", $prop["extra"]); $buffer .= "{\n\t\t\tip:'" . $prop["ip"] . "',\n\t\t\tref:'p" . $prop["property_ref"] . "',\n\t\t\tvalue:'" . Util::utf8_encode2($prop["value"]) . "',\n\t\t\tkey:'" . md5($prop["value"]) . "',\n\t\t\textra:'" . Util::utf8_encode2($prop["extra"]) . "',\n\t\t\tname:'" . ($ossim_hosts[$prop["ip"]] != "" ? $prop["ip"] . " <font style=\"font-size:80%\">(" . $ossim_hosts[$prop["ip"]] . ")</font>" : $host_ip) . "'\n\t\t},"; } $buffer = "[ " . preg_replace("/,\$/", "", $buffer) . " ]"; } else { // Default tree $props = Host::get_properties_types($conn); $buffer .= "[ {title: '" . _("Asset by Property") . " <img src=\"../pixmaps/sem/loading.gif\" style=\"display:none\" id=\"refreshing\" border=0>', isFolder: true, key:'main', icon:'../../pixmaps/theme/any.png', expand:true, children:[\n"; $icons = array("software" => "software", "operating-system" => "host_os", "cpu" => "cpu", "service" => "ports", "memory" => "ram", "department" => "host_group", "macaddress" => "mac", "workgroup" => "net_group", "role" => "server_role", "acl" => "acl", "storage" => "storage", "route" => "route"); foreach ($props as $prop) { $png = $icons[strtolower($prop["name"])]; $png = empty($png) ? "folder" : $png; $buffer .= "{ key:'p" . $prop["id"] . "', isFolder:true, expand:true, icon:'../../pixmaps/theme/{$png}.png', title:'" . _($prop["description"]) . "' },\n"; } $buffer .= "{ key:'all', expand:false, icon:'../../pixmaps/theme/host_add.png', title:'" . _("All Hosts") . "' }\n"; $buffer .= "] } ]"; }
} $first_login = $conf->get_conf('first_login'); $cnd_1 = !isset($user) || empty($user); $cnd_2 = $first_login == 'yes' || $first_login === 1; if ($cnd_1 || $cnd_2) { $ossim_link = $conf->get_conf('ossim_link'); $login_location = $ossim_link . '/session/login.php'; header("Location: {$login_location}"); exit; } $pass_1 = base64_decode(POST('pass1')); $pass_2 = base64_decode(POST('pass2')); $c_pass = base64_decode(POST('current_pass')); $pass_1 = Util::utf8_encode2(trim($pass_1)); $pass_2 = Util::utf8_encode2(trim($pass_2)); $c_pass = Util::utf8_encode2(trim($c_pass)); $flag = POST('flag'); $changeadmin = POST('changeadmin'); $expired = POST('expired'); ossim_valid($c_pass, OSS_PASSWORD, OSS_NULLABLE, 'illegal:' . _('Current Password')); ossim_valid($pass_1, OSS_PASSWORD, OSS_NULLABLE, 'illegal:' . _('Password')); ossim_valid($pass_2, OSS_PASSWORD, OSS_NULLABLE, 'illegal:' . _('Rewrite Password')); ossim_valid($flag, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('Flag')); ossim_valid($changeadmin, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('Change Admin Password')); ossim_valid($expired, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('Expired')); if (ossim_error()) { die(ossim_error()); } $version = $conf->get_conf('ossim_server_version'); $opensource = !preg_match("/.*pro.*/i", $version) && !preg_match("/.*demo.*/i", $version) ? TRUE : FALSE; if ($flag != '') {
$owner = $group->get_owner() != '' ? $group->get_owner() : '<i>' . _('unknown') . '</i>'; echo Util::utf8_encode2($owner); ?> </div> </div> <div id='tray_host_description' class='tray_section'> <div class='tray_title'> <?php echo _('Description'); ?> </div> <div class='tray_content'> <?php $descr = $group->get_descr() != "" ? $group->get_descr() : '<i>' . _('none') . '</i>'; echo Util::utf8_encode2($descr); ?> </div> </div> <div class='tray_button_list'> <input type='button' class='tray_button' onclick='link_to("<?php echo $group_id; ?> ");' value="<?php echo _('Details'); ?> "> </div> <div style='width:100%;clear:both'></div>
if (Session::get_session_user() != '') { header("Location: /ossim"); exit; } $embed = REQUEST('embed'); $user = REQUEST('user'); $pass = base64_decode(REQUEST('pass')); $pass1 = base64_decode(REQUEST('pass1')); $accepted = POST('first_login'); $email = REQUEST("email"); $mobile = REQUEST("mobile"); $fullname = REQUEST('fullname'); //Bookmark string $bookmark = REQUEST('bookmark_string'); $pass = Util::utf8_encode2(trim($pass)); $pass1 = Util::utf8_encode2(trim($pass1)); $email = trim($email); $fullname = trim($fullname); if ($fullname == '') { $fullname = 'AlienVault admin'; } $company = REQUEST('company'); $location = REQUEST('search_location'); $lat = REQUEST('latitude'); $lng = REQUEST('longitude'); $country = REQUEST('country'); $track_usage_information = intval(REQUEST('track_usage_information')); ossim_valid($embed, 'true', OSS_NULLABLE, 'illegal:' . _('Embed')); ossim_valid($user, OSS_USER, OSS_NULLABLE, 'illegal:' . _('User name')); ossim_valid($mobile, OSS_LETTER, OSS_NULLABLE, 'illegal:' . _('Mobile')); ossim_valid($accepted, OSS_NULLABLE, 'yes', 'no', 'illegal:' . _('First login'));
} $results = array(); foreach ($nets as $_id => $net) { $_res = array(); $cidr_list = explode(',', $net['ips']); $ip_count = 0; foreach ($cidr_list as $cidr) { list($dir, $mask) = explode('/', $cidr); if ($mask > 0 && $mask <= 32) { $ip_count += 1 << 32 - $mask; } } $cidrs = implode(', ', $cidr_list); $_res[] = '<input class="net_input" type="checkbox" value="' . $_id . '">'; $_res[] = Util::utf8_encode2($net['name']); $_res[] = $cidrs; $_res[] = Util::number_format_locale($ip_count); $_res[] = Util::utf8_encode2($net['descr']); $_res[] = ''; $_res['DT_RowId'] = $_id; $results[] = $_res; } // datatables response json $response = array(); $response['sEcho'] = $sec; $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $results; $response['iDisplayStart'] = 0; echo json_encode($response); $db->close();
$events = Asset_net::has_events($conn, $_id); $events_icon = $events ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-'; // Sensors $sensors = Asset_net_sensors::get_sensors_by_id($conn, $_id); $sensors_string = ''; foreach ($sensors as $sensor_id => $sensor_data) { if ($sensors_string != '') { $sensors_string .= ', '; } $sensors_string .= $sensor_data['name']; } // COLUMNS $_res = array(); $_res['DT_RowId'] = $_id; $_res[] = $net_data['name']; $_res[] = Util::utf8_encode2($net_data['owner']); $_res[] = Asset::format_to_print($net_data['ips']); $_res[] = $sensors_string; $_res[] = $alarms_icon; $_res[] = $vulns_icon; $_res[] = $events_icon; $_res[] = $detail; $results[] = $_res; } // datatables response json $response = array(); $response['sEcho'] = intval($sec); $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $results; $response['iDisplayStart'] = 0;
} $filters['where'] = count($where) > 0 ? implode(' AND ', $where) : ''; // Get Groups list($groups, $total) = Asset_group::get_list($conn, '', $filters); $results = array(); foreach ($groups as $group) { // COLUMNS $_res = array(); $_res['DT_RowId'] = $group->get_id(); try { $_can_edit = $group->can_i_edit($conn); } catch (Exception $e) { $_can_edit = FALSE; } $_res['DT_RowData']['editable'] = $_can_edit; $_res[] = Util::utf8_encode2($group->get_name()); $_res[] = ''; $results[] = $_res; } } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } // datatables response json $response['sEcho'] = intval($sec); $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $results; echo json_encode($response); $db->close(); /* End of file dt_groups_asset.php */
$data = array(); foreach ($host_list as $host_id => $host_data) { $devices = Asset_host_devices::get_devices_to_string($conn, $host_id); // Asset Group details format if ($asset_type == 'group') { try { $asset_object->can_i_edit($conn); $asset_object->can_delete_host($conn); $delete_link = '<a href="javascript:;" onclick="del_asset_from_group(\'' . $host_id . '\');return false">'; $delete_link .= '<img class="delete_small tipinfo" txt="' . _('Remove this asset from group') . '" src="/ossim/pixmaps/delete.png" border="0"/>'; $delete_link .= '</a>'; } catch (Exception $e) { $title = $e->getMessage(); $delete_link = '<img class="delete_small img_disabled tipinfo" txt="' . $title . '" src="/ossim/pixmaps/delete.png" border="0"/>'; } $data[] = array($host_data['name'], $host_data['ips'], $host_data['fqdns'], $devices, Util::utf8_encode2($host_data['descr']), $delete_link); } elseif ($asset_type == 'net') { $data[] = array($host_data['name'], $host_data['ips'], $host_data['fqdns'], $devices, Util::utf8_encode2($host_data['descr'])); } elseif ($asset_type == 'othergroups') { $checkbox = "<input type='checkbox' id='check_{$host_id}' class='check_host' value='1'/>"; $data[] = array($checkbox, $host_data['name'], '', $host_data['ips'], $devices, $host_data['fqdns']); } } $response['sEcho'] = $sec; $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file get_hosts.php */ /* Location: ./asset_details/ajax/get_hosts.php */
function get_subcategories($conn, $data) { $ctx = empty($data['ctx']) ? Session::get_default_ctx() : $data['ctx']; $id = $data['id']; ossim_valid($ctx, OSS_HEX, 'illegal:' . _("CTX")); ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Category ID")); if (ossim_error()) { $info_error = "Error: " . ossim_get_error(); ossim_clean_error(); $return['error'] = TRUE; $return['msg'] = $info_error; return $return; } $result = "<option value='0' selected='selected'>" . _("ANY") . "</option>"; $query = "SELECT id, name FROM subcategory where cat_id = ?"; $params = array($id); $rs = $conn->Execute($query, $params); if (!$rs) { $return['error'] = TRUE; $return['msg'] = $conn->ErrorMsg(); return $return; } else { while (!$rs->EOF) { $result .= "<option value='" . $rs->fields["id"] . "'>" . Util::utf8_encode2($rs->fields["name"]) . "</option>\n"; $rs->MoveNext(); } } $return['error'] = FALSE; $return['data'] = $result; return $return; }