function validate_post_params($conn, $name, $descr, $sids, $imported_sids) { $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description"))); ossim_valid($name, $vals['name']); ossim_valid($descr, $vals['descr']); $plugins = array(); $sids = is_array($sids) ? $sids : array(); if (intval(POST('pluginid')) > 0) { $sids[POST('pluginid')] = "0"; } foreach ($sids as $plugin => $sids_str) { if ($sids_str !== '') { list($valid, $data) = Plugin_sid::validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") { $sids_str = "0"; } else { $aux = count(explode(',', $sids_str)); $total = Plugin_sid::get_sidscount_by_id($conn, $plugin); $sids_str = $aux == $total ? "0" : $sids_str; } $plugins[$plugin] = $sids_str; } } if (!count($plugins) && !count($imported_sids)) { ossim_set_error(_("No Data Sources or Event Types selected")); } if (ossim_error()) { die(ossim_error()); } return array($name, $descr, $plugins); }
function delete_nfsen_source($data) { if (!Session::am_i_admin()) { $return['error'] = TRUE; $return['msg'] = _('Action not authorized'); return $return; } require_once '../sensor/nfsen_functions.php'; $sensor = $data['sensor']; ossim_valid($sensor, OSS_ALPHA, 'illegal:' . _('Nfsen Source')); if (ossim_error()) { $info_error = _('Error') . ': ' . ossim_get_error(); ossim_clean_error(); $return['error'] = TRUE; $return['msg'] = $info_error; return $return; } $res = delete_nfsen($sensor); if ($res['status'] == 'success') { $return['error'] = FALSE; $return['msg'] = _('Source deleted successfully'); //To forcer load variables in session again unset($_SESSION['tab']); } else { $return['error'] = TRUE; $return['msg'] = $res['data']; } return $return; }
function server_get_servers($conn) { $name = GET('name'); ossim_valid($name, OSS_ALPHA, OSS_PUNC, OSS_SPACE, 'illegal:' . _("Server name")); require_once 'ossim_conf.inc'; $ossim_conf = $GLOBALS["CONF"]; /* get the port and IP address of the server */ $address = $ossim_conf->get_conf("server_address"); $port = $ossim_conf->get_conf("server_port"); /* create socket */ $socket = socket_create(AF_INET, SOCK_STREAM, 0); if ($socket < 0) { echo _("socket_create() failed: reason: ") . socket_strerror($socket) . "\n"; } $list = array(); $err = ""; /* connect */ $result = @socket_connect($socket, $address, $port); if (!$result) { $err = "<p><b>" . _("socket error") . "</b>: " . gettext("Is OSSIM server running at") . " {$address}:{$port}?</p>"; return array($list, $err); } /* first send a connect message to server */ $in = 'connect id="1" type="web"' . "\n"; $out = ''; socket_write($socket, $in, strlen($in)); $out = @socket_read($socket, 2048, PHP_NORMAL_READ); if (strncmp($out, "ok id=", 4)) { $err = "<p><b>" . gettext("Bad response from server") . "</b></p>"; $err .= "<p><b>" . _("socket error") . "</b>: " . gettext("Is OSSIM server running at") . " {$address}:{$port}?</p>"; return array($list, $err); } /* get servers from server */ if ($name != NULL) { $in = 'server-get-servers id="2" servername="' . $name . '"' . "\n"; } else { $in = 'server-get-servers id="2"' . "\n"; } $out = ''; socket_write($socket, $in, strlen($in)); $pattern = '/server host="([^"]*)" servername="([^"]*)"/ '; while ($out = socket_read($socket, 2048, PHP_NORMAL_READ)) { if (preg_match($pattern, $out, $regs)) { if (Session::hostAllowed($conn, $regs[1])) { $s["host"] = $regs[1]; $s["servername"] = $regs[2]; //# This should be checked in the server TODO FIXME if (!in_array($s, $list)) { $list[] = $s; } } } elseif (!strncmp($out, "ok id=", 4)) { break; } } socket_close($socket); return array($list, $err); }
function activate_account() { $data = POST('data'); $token = $data['token']; ossim_valid($token, OSS_ALPHA, 'illegal:' . _("OTX auth-token")); check_ossim_error(); $otx = new Otx(); $otx->register_token($token); return array('msg' => _("Your OTX account has been connected. The OTX pulses that you have subscribed to will begin downloading shortly. This process may take a few minutes."), 'token' => $token, 'username' => $otx->get_username(), 'user_id' => $otx->get_user_id(), 'contributing' => TRUE, 'key_version' => $otx->get_key_version(), 'latest_update' => $otx->get_latest_update()); }
function retrieve_groups($num) { $g_list = array(); for ($i = 1; $i <= $num; $i++) { $aux = explode("_", GET('group' . $i)); if (ossim_valid($aux[0], OSS_HEX, 'illegal:' . _("Group ID"))) { $g_list[] = "'" . $aux[0] . "'"; } } return implode(',', $g_list); }
function get_pulse_detail() { $data = POST('data'); ossim_valid($data['pulse_id'], OSS_HEX, 'illegal: Pulse ID'); if (ossim_error()) { return array(); } $otx = new Otx(); $pulse = $otx->get_pulse_detail($data['pulse_id']); //Converting indicator hash to array to use it in the datatables. $pulse['indicators'] = array_values($pulse['indicators']); return $pulse; }
function get_pulse_detail_from_id($conn) { $type = POST('type'); $pulse = POST('pulse'); $id = POST('id'); ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type')); ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse')); ossim_valid($id, OSS_HEX, 'illegal:' . _('ID')); if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } if ($type == 'alarm') { $pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE); } elseif ($type == 'event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE); } elseif ($type == 'alarm_event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE); } return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs'])); }
function modify_plugingroup_plugin($conn, $data) { $plugin_group = $data['plugin_group']; $plugin_id = $data['plugin_id']; $sids_str = $data['plugin_sids']; ossim_valid($plugin_id, OSS_DIGIT, 'illegal:' . _("Plugin ID")); ossim_valid($plugin_group, OSS_HEX, 'illegal:' . _("Plugin GroupID")); if (ossim_error()) { $info_error = "Error: " . ossim_get_error(); ossim_clean_error(); $return['error'] = true; $return['msg'] = $info_error; return $return; } $total_sel = 1; if (is_array($sids_str)) { $total_sel = count($sids_str); $sids_str = implode(',', $sids_str); } if ($sids_str !== '') { list($valid, $data) = Plugin_sid::validate_sids_str($sids_str); if (!$valid) { $return['error'] = true; $return['msg'] = _("Error for data source ") . $plugin_id . ': ' . $data; return $return; } if ($sids_str == "ANY") { $sids_str = "0"; } else { $total = Plugin_sid::get_sidscount_by_id($conn, $plugin_id); $sids_str = $total_sel == $total ? "0" : $sids_str; } Plugin_group::edit_plugin($conn, $plugin_group, $plugin_id, $sids_str); } $return['error'] = false; $return['output'] = ''; return $return; }
function validate_post_params($conn, $name, $descr, $sids, $imported_sids, $group_id = NULL) { $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_ALL, OSS_NULLABLE, 'illegal:' . _("Description")), 'group_id' => array(OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Group ID"))); ossim_valid($group_id, $vals['group_id']); ossim_valid($name, $vals['name']); if (ossim_error() == FALSE && Plugin_group::is_valid_group_name($conn, $name, $group_id) == FALSE) { $name = Util::htmlentities($name); ossim_set_error(sprintf(_("DS group name '<strong>%s</strong>' already exists"), $name)); } ossim_valid($descr, $vals['descr']); $plugins = array(); $sids = is_array($sids) ? $sids : array(); $pluginid = intval(POST('pluginid')); if ($pluginid > 0) { $sids[$pluginid] = "0"; } foreach ($sids as $plugin => $sids_str) { if ($sids_str !== '') { list($valid, $data) = Plugin_sid::validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") { $sids_str = "0"; } else { $aux = count(explode(',', $sids_str)); $total = Plugin_sid::get_sidscount_by_id($conn, $plugin); $sids_str = $aux == $total ? "0" : $sids_str; } $plugins[$plugin] = $sids_str; } } if (!count($plugins) && !count($imported_sids)) { ossim_set_error(_("No Data Sources or Event Types selected")); } return array($group_id, $name, $descr, $plugins, ossim_error()); }
function modify_deploy_hosts($wizard, $data) { $os = $data['os']; $hosts = $data['hosts']; $username = $data['username']; $password = $data['password']; $domain = $data['domain']; ossim_valid($os, "windows|linux", 'illegal:' . _('Deploy Option')); ossim_valid($hosts, OSS_HEX, 'illegal:' . _('Host')); ossim_valid($username, OSS_USER_2, 'illegal:' . _('Username')); ossim_valid($password, OSS_PASSWORD, 'illegal:' . _('Password')); ossim_valid($domain, OSS_NOECHARS, OSS_ALPHA, OSS_PUNC_EXT, OSS_NULLABLE, 'illegal:' . _('Domain')); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); return $response; } $domain = $os == 'windows' ? $domain : ''; //Encrypting password to save it in the object $pass_c = Util::encrypt($password, Util::get_system_uuid()); //First we clean the deploy info stored in the object $wizard->clean_step_data(); //Saving the info to achieve the deploy $wizard->set_step_data('deploy_os', $os); $wizard->set_step_data('deploy_username', $username); $wizard->set_step_data('deploy_password', $pass_c); $wizard->set_step_data('deploy_domain', $domain); $wizard->set_step_data('deploy_hosts', $hosts); //Setting the deploy step to 1 (Inicialized) $wizard->set_step_data('deploy_step', 1); //Saving wizard status $wizard->save_status(); $response['error'] = FALSE; return $response; }
* * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck("configuration-menu", "CorrelationDirectives"); $directive_id = GET('directive_id'); $file = GET('file'); $engine_id = GET('engine_id'); $rule = GET('rule'); $mode = GET('mode'); ossim_valid($directive_id, OSS_DIGIT, 'illegal:' . _("Directive ID")); ossim_valid($file, OSS_ALPHA, OSS_DOT, OSS_SCORE, 'illegal:' . _("XML File")); ossim_valid($engine_id, OSS_HEX, OSS_SCORE, 'illegal:' . _("Engine ID")); ossim_valid($rule, OSS_DIGIT, '\\-', OSS_NULLABLE, 'illegal:' . _("Rule ID")); ossim_valid($mode, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Mode")); if (ossim_error()) { die(ossim_error()); } $directive_editor = new Directive_editor($engine_id); $filepath = file_exists($directive_editor->engine_path . "/" . $file) ? $directive_editor->engine_path . "/" . $file : $directive_editor->main_path . "/" . $file; if (preg_match("/^\\d+-\\d+-\\d+\$/", $rule)) { if (GET('mode') == "delete") { $dom = $directive_editor->get_xml($filepath, "DOMXML"); $direct = $directive_editor->getDirectiveFromXML($dom, $directive_id); $tab_rules = $direct->rules; $directive_editor->delrule($rule, &$tab_rules); if (!$directive_editor->save_xml($filepath, $dom, "DOMXML")) { echo "<!-- ERRORDELETE -->"; } } elseif (GET('mode') == "copy") {
* MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt ****************************************************************************/ /** * Class and Function List: * Function list: * Classes list: */ include "classes/Security.inc"; $param = GET('param'); ossim_valid($plugin_id, OSS_ALPHA, OSS_NULLABLE); if (ossim_error()) { die(ossim_error()); } ?> <div style=" background-color:#17457c; width:100%; position:fixed; height:2px; left:0px;"></div> <center> <button style="width: 80px; margin-top:8px; cursor:pointer;" id="cancel" onclick="cancel()"
* */ require_once 'av_init.php'; Session::logcheck('configuration-menu', 'PolicyServers'); $db = new ossim_db(); $conn = $db->connect(); $id = GET('id'); $ip = GET('ip'); $sname = GET('name'); $update = intval(GET('update')); $opensource = Session::is_pro() ? FALSE : TRUE; $mssp = intval($conf->get_conf("alienvault_mssp")); $local_id = $conf->get_conf("server_id"); ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP')); ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name')); ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID')); if (ossim_error()) { die(ossim_error()); } $action = 'newserver.php'; $all_rservers = Server::get_server_hierarchy($conn, $id); $error_forward = FALSE; $can_i_modify_elem = TRUE; if (!empty($id)) { $server = Server::get_object($conn, $id); $role_list = Role::get_list($conn, $id); if (!empty($server) && !empty($role_list)) { $role = $role_list[0]; $sname = $server->get_name(); $ip = $server->get_ip(); $port = $server->get_port();
$AllPlugins = ""; $NonDOS = ""; $DisableAll = ""; $saveplugins = ""; break; case "POST": foreach ($postParams as $pp) { if (isset($_POST[$pp])) { ${$pp} = Util::htmlentities(mysql_real_escape_string(trim($_POST[$pp])), ENT_QUOTES); } else { ${$pp} = ""; } } break; } ossim_valid($sid, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Sid")); if (ossim_error()) { die(_("Invalid Parameter Sid")); } if (isset($_POST['authorized_users'])) { foreach ($_POST['authorized_users'] as $user) { $users[] = Util::htmlentities(mysql_real_escape_string(trim($user)), ENT_QUOTES); } } //if (!($uroles['profile'] || $uroles['admin'])) { // echo "Access Denied!!!<br>"; // logAccess( $username . " : " . $_SERVER['SCRIPT_NAME'] . " : Unauthorized Access" ); // //require_once('footer.php'); // die(); //} $db = new ossim_db();
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck('environment-menu', 'PolicyHosts'); //CPE Types $_cpe_types = array('os' => 'o', 'hardware' => 'h', 'software' => 'a'); $_cpe = GET('q'); $_cpe_type = GET('cpe_type'); ossim_valid($_cpe, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, 'illegal:' . _('CPE')); ossim_valid($_cpe_type, 'os | software | hardware', 'illegal:' . _('CPE Type')); if (ossim_error() || !array_key_exists($_cpe_type, $_cpe_types)) { exit; } $db = new Ossim_db(); $conn = $db->connect(); $_cpe = escape_sql($_cpe, $conn); $filters = array('where' => "`cpe` LIKE 'cpe:/" . $_cpe_types[$_cpe_type] . "%' AND `line` LIKE '%{$_cpe}%'", 'limit' => 20); $software = new Software($conn, $filters); $db->close(); foreach ($software->get_software() as $cpe_info) { echo $cpe_info['cpe'] . '###' . $cpe_info['line'] . "\n"; } /* End of file search_cpe.php */
Session::logcheck('configuration-menu', 'CorrelationCrossCorrelation'); $action = 'insert'; $url_form = 'newpluginref.php'; $button_text = Util::js_entities(_("Create rule")); $plugin_id1 = REQUEST('plugin_id1'); $plugin_id2 = REQUEST('plugin_id2'); $plugin_sid1 = REQUEST('plugin_sid1'); $plugin_sid2 = REQUEST('plugin_sid2'); if ($plugin_id1 != '' || $plugin_id2 != '' || $plugin_sid1 != '' || $plugin_sid2 != '') { $action = 'modify'; $url_form = 'modifypluginref.php'; $button_text = Util::js_entities(_('Save rule')); ossim_valid($plugin_id1, OSS_DIGIT, 'illegal:' . _('Plugin ID1')); ossim_valid($plugin_id2, OSS_DIGIT, 'illegal:' . _('Plugin ID2')); ossim_valid($plugin_sid1, OSS_DIGIT, 'illegal:' . _('Plugin SID1')); ossim_valid($plugin_sid2, OSS_DIGIT, 'illegal:' . _('Plugin SID2')); if (ossim_error()) { echo ossim_error(); exit; } } $db = new ossim_db(); $conn = $db->connect(); $plugin_list = Plugin::get_list($conn, 'ORDER BY name', 0); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php echo _("Cross-Correlation"); ?>
if (isset($_SESSION['_actions'])) { $action_id = $_SESSION['_actions']['action_id']; $action_type = $_SESSION['_actions']['action_type']; $descr = $_SESSION['_actions']['descr']; $name = $_SESSION['_actions']['name']; $cond = $_SESSION['_actions']['cond']; $on_risk = $_SESSION['_actions']['on_risk']; $email_from = $_SESSION['_actions']['email_from']; $email_to = $_SESSION['_actions']['email_to']; $email_subject = $_SESSION['_actions']['email_subject']; $email_message = $_SESSION['_actions']['email_message']; $exec_command = $_SESSION['_actions']['exec_command']; unset($_SESSION['_actions']); } else { $action_id = REQUEST('id'); ossim_valid($action_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Action ID')); if (ossim_error()) { die(ossim_error()); } list($db, $conn) = Ossim_db::get_conn_db(); $action_list = Action::get_list($conn, " AND id = UNHEX('{$action_id}')"); if (is_array($action_list)) { $action = $action_list[0]; } if (!is_null($action)) { $action_type = $action->get_action_type(); $ctx = $action->get_ctx(); $cond = Util::htmlentities($action->get_cond()); $on_risk = $action->is_on_risk(); $name = $action->get_name(); if (REQUEST('descr')) {
* it under the terms of the GNU General Public License as published by * the Free Software Foundation; version 2 dated June, 1991. * You may not use, modify or distribute this program under any other version * of the GNU General Public License. * * This package is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck("analysis-menu", "EventsForensics"); $rname = GET('name'); ossim_valid($rname, OSS_ALPHA, OSS_SPACE, 'illegal:' . _("Report Name")); if (ossim_error()) { die(ossim_error()); } $pdfReport = new Pdf_report($rname, "P"); $pdfReport->getPdf();
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ //Config File require_once dirname(__FILE__) . '/../../../config.inc'; session_write_close(); $system_id = POST('system_id'); $confirm = intval(POST('confirm')); ossim_valid($system_id, OSS_UUID, 'illegal:' . _('System ID')); if (ossim_error()) { $data['status'] = 'error'; $data['data'] = ossim_get_error(); } else { //Getting system status $local_id = strtolower(Util::get_system_uuid()); try { $db = new ossim_db(); $conn = $db->connect(); $ha_enabled = Av_center::is_ha_enabled($conn, $system_id); $db->close(); } catch (Exception $e) { $db->close(); $data['status'] = 'error'; $data['data'] = $e->getMessage();
$order = Policy::get_next_order($conn, $ctx, $group); } $newid = Policy::insert($conn, $ctx, $priority, $active, $group, $order, $tzone, $b_month, $b_month_day, $b_week_day, $b_hour, $b_minute, $e_month, $e_month_day, $e_week_day, $e_hour, $e_minute, $descr, $source_ips, $source_host_groups, $dest_ips, $dest_host_groups, $source_nets, $source_net_groups, $dest_nets, $dest_net_groups, $portsrc, $portdst, $plug_groups, $sensors, $target, $taxonomy, $reputation, $event_conds, $idm, $correlate, $cross_correlate, $store, $rep, $qualify, $resend_alarms, $resend_events, $frw_conds, $sign, $sem, $sim); // Actions if (!empty($newid) && count($policy_action) > 0) { foreach ($policy_action as $action_id) { Policy_action::insert($conn, $action_id, $newid); } } break; case 'edit': $id = POST('policy_id'); if (!Policy::is_visible($conn, $id)) { die(ossim_error(_("You do not have permission to edit this policy"))); } ossim_valid($id, OSS_HEX, 'illegal:' . _("Policy ID")); if (ossim_error()) { die(ossim_error()); } Policy::update($conn, $id, $ctx, $priority, $active, $group, $order, $tzone, $b_month, $b_month_day, $b_week_day, $b_hour, $b_minute, $e_month, $e_month_day, $e_week_day, $e_hour, $e_minute, $descr, $source_ips, $source_host_groups, $dest_ips, $dest_host_groups, $source_nets, $source_net_groups, $dest_nets, $dest_net_groups, $portsrc, $portdst, $plug_groups, $sensors, $target, $taxonomy, $reputation, $event_conds, $idm, $correlate, $cross_correlate, $store, $rep, $qualify, $resend_alarms, $resend_events, $frw_conds, $sign, $sem, $sim); // Actions if (count($policy_action) > 0) { Policy_action::delete($conn, $id); foreach ($policy_action as $action_id) { Policy_action::insert($conn, $action_id, $id); } } break; case 'clone': $order = Policy::get_next_order($conn, $ctx, $group); $newid = Policy::insert($conn, $ctx, $priority, $active, $group, $order, $tzone, $b_month, $b_month_day, $b_week_day, $b_hour, $b_minute, $e_month, $e_month_day, $e_week_day, $e_hour, $e_minute, $descr, $source_ips, $source_host_groups, $dest_ips, $dest_host_groups, $source_nets, $source_net_groups, $dest_nets, $dest_net_groups, $portsrc, $portdst, $plug_groups, $sensors, $target, $taxonomy, $reputation, $event_conds, $idm, $correlate, $cross_correlate, $store, $rep, $qualify, $resend_alarms, $resend_events, $frw_conds, $sign, $sem, $sim);
* MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck("environment-menu", "ReportsWireless"); require_once 'Wireless.inc'; $sensor = GET('sensor'); $file = str_replace("../", "", GET('file')); ossim_valid($sensor, OSS_IP_ADDR, 'illegal: sensor'); ossim_valid($file, OSS_TEXT, 'illegal: file'); if (ossim_error()) { die(ossim_error()); } # sensor list with perms require_once 'ossim_db.inc'; $db = new ossim_db(); $conn = $db->connect(); if (!validate_sensor_perms($conn, $sensor, ", sensor_properties WHERE sensor.id=sensor_properties.sensor_id AND sensor_properties.has_kismet=1")) { echo ossim_error($_SESSION["_user"] . " have not privileges for {$sensor}"); $db->close(); exit; } $db->close(); # $path = "/var/ossim/kismet/parsed/{$sensor}/{$file}";
} /* if ($order == 'ip') { $order = "host_ip.ip"; } */ $torder = !strcasecmp($torder, 'asc') ? 'asc' : 'desc'; ossim_valid($group_id, OSS_HEX, 'illegal: ' . _('Net or Group ID')); ossim_valid($asset_type, OSS_ALPHA, 'illegal: ' . _('Asset Type')); ossim_valid($maxrows, OSS_DIGIT, 'illegal: ' . _('Maxrows Param')); ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: ' . _('Search String')); ossim_valid($from, OSS_DIGIT, 'illegal: ' . _('From Param')); ossim_valid($order, OSS_ALPHA, OSS_DOT, OSS_SCORE, 'illegal: ' . _('Order Param')); ossim_valid($torder, OSS_ALPHA, 'illegal: ' . _('tOrder Param')); ossim_valid($sec, OSS_DIGIT, 'illegal: ' . _('sec Param')); if (ossim_error()) { $response['sEcho'] = intval($sec); $response['iTotalRecords'] = 0; $response['iTotalDisplayRecords'] = 0; $response['aaData'] = array(); echo json_encode($response); exit; } $db = new ossim_db(); $conn = $db->connect(); $filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}"); if ($search_str != '') { $filters['where'] = 'hostname LIKE "%' . $search_str . '%"'; } // Get object from session
$tip_target[] = $target; } } else { if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}(\\/\\d{1,2})?\$/", $target)) { $tip_target[] = $target; } else { list($asset_id, $ip_target) = explode("#", $target); ossim_set_error(FALSE); ossim_valid($asset_id, OSS_HEX, OSS_NULLABLE, 'illegal: Asset id'); // asset id if (ossim_error()) { $target_error = FALSE; $validation_errors[] = _('Invalid asset id') . ': ' . $asset_id; } ossim_set_error(FALSE); ossim_valid($ip_target, OSS_NULLABLE, OSS_DIGIT, OSS_SPACE, OSS_SCORE, OSS_ALPHA, OSS_PUNC, '\\.\\,\\/\\!', 'illegal:' . _("Target")); if (ossim_error()) { $target_error = FALSE; $validation_errors[] = _('Invalid target') . ': ' . $ip_target; } if (!$target_error) { $tip_target[] = str_replace('!', '', $target); } } } } $ip_list = $tip_target; // validated targets if (count($tip_target) == 0) { $validation_errors[] = _('Invalid Targets'); }
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck("analysis-menu", "IncidentsIncidents"); $id = GET('id'); $incident_id = GET('incident_id'); ossim_valid($id, OSS_DIGIT, 'illegal:' . _("Id")); ossim_valid($incident_id, OSS_DIGIT, 'illegal:' . _("Incident Id")); if (ossim_error()) { die(ossim_error()); } /* database connect */ $db = new ossim_db(); $conn = $db->connect(); list($output_name, $content) = Incident::get_custom_content($conn, $id, $incident_id); $conn->disconnect(); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private", false); header("Content-Type: application/octet-stream"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . strlen($content));
function import_assets_from_csv($filename, $iic, $ctx, $import_type) { //Process status $summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array()); $db = new ossim_db(); $conn = $db->connect(); $str_data = file_get_contents($filename); if ($str_data === FALSE) { $summary['general']['status'] = 'error'; $summary['general']['data']['errors'] = _('Failed to read data from CSV file'); $summary['general']['statistics']['errors'] = 1; return $summary; } $array_data = preg_split('/\\n|\\r/', $str_data); foreach ($array_data as $k => $v) { if (trim($v) != '') { $data[] = explode('";"', trim($v)); } } set_time_limit(360); /********************************************************************************************************************* * From net section: * - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID" * - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"* * * From welcome wizard: * - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description" * *********************************************************************************************************************/ //Check file size if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('CSV file is empty'); $summary['general']['statistics']['errors'] = 1; return $summary; } //Check importation type and headers $csv_headers = array(); if ($import_type == 'networks') { if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) { $csv_headers = array_shift($data); } else { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('Headers not found'); $summary['general']['statistics']['errors'] = 1; return $summary; } } //Setting total nets to import $summary['general']['statistics']['total'] = count($data); //Allowed sensors $filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')"); $a_sensors = Av_sensor::get_basic_list($conn, $filters); $sensor_ids = array_keys($a_sensors); if (count($sensor_ids) == 0) { $summary['general']['status'] = 'error'; $s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net'); $summary['general']['data'] = $s_error_msg; $summary['general']['statistics']['errors'] = 1; return $summary; } Util::disable_perm_triggers($conn, TRUE); foreach ($data as $k => $v) { //Clean previous errors ossim_clean_error(); $num_line = $k + 1; //Set default status $summary['by_nets'][$num_line]['status'] = 'error'; //Check file format $cnd_1 = $import_type == 'networks' && count($v) < 5; $cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3; if ($cnd_1 || $cnd_2) { $summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect'); $summary['general']['statistics']['errors']++; continue; } //Clean values $param = array(); foreach ($v as $field) { $parameter = trim($field); $pattern = '/^\\"|\\"$|^\'|\'$/'; $param[] = preg_replace($pattern, '', $parameter); } //Values $is_in_db = FALSE; $net_id = ''; $name = $param[0]; $cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]); $descr = $param[2]; $asset_value = $param[3] == '' ? 2 : intval($param[3]); $sensors = $sensor_ids; //Permissions $can_i_create_assets = Session::can_i_create_assets(); $can_i_modify_ips = TRUE; //CIDRs if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) { $summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } //Check Net ID �Is there a net registered in the System? $net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx); $net_id = key($net_ids); if (!empty($net_id)) { $is_in_db = TRUE; } else { $net_id = Util::uuid(); } // Special case: Forced Net ID [Version 4.x.x] if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) { $csv_net_id = strtoupper($param[4]); if ($is_in_db == TRUE && $csv_net_id != $net_id) { $id_error_msg = _('Net is already registered in the System with another Net ID'); $summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg; $summary['general']['statistics']['errors']++; continue; } } //Netname if (!empty($iic)) { $name = clean_iic($name); } if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) { ossim_clean_error(); $name = clean_iic($name); $name = clean_echars($name); $warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>"; $summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg; $summary['by_nets'][$num_line]['status'] = 'warning'; $summary['general']['statistics']['warnings']++; if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) { unset($summary['by_nets'][$num_line]['warnings']); $summary['general']['statistics']['warnings']--; $summary['by_nets'][$num_line]['status'] = 'error'; $summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } } //Description if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) { $summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } else { if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') { $descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8'); } } //Sensor if ($is_in_db == FALSE) { //Only update net sensors with unregistered nets if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) { //Special case: Sensors in CSV file //[Version 3.x.x] $sensors = array(); $_sensors = explode(',', $param[4]); if (is_array($_sensors) && !empty($_sensors)) { $_sensors = array_flip($_sensors); if (is_array($a_sensors) && !empty($a_sensors)) { foreach ($a_sensors as $s_id => $s_data) { if (array_key_exists($s_data['ip'], $_sensors)) { $sensors[] = $s_id; } } } } if (!is_array($sensors) || empty($sensors)) { $s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP'); $summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg; $summary['general']['statistics']['errors']++; continue; } } } /*********************************************************** ********** Only for importation from net section ********** ***********************************************************/ if ($import_type == 'networks') { //Asset if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) { $summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean(); $summary['general']['statistics']['errors']++; continue; } } //Insert/Update net in database if (count($summary['by_nets'][$num_line]['errors']) == 0) { try { $net = new Asset_net($net_id); if ($is_in_db == TRUE) { $net->load_from_db($conn, $net_id); $can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id); } else { if ($can_i_create_assets == FALSE) { $n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net"); $summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg; $summary['general']['statistics']['errors']++; continue; } } //Check CIDRs if ($can_i_modify_ips == TRUE) { $aux_cidr = explode(',', $cidrs); foreach ($aux_cidr as $cidr) { $net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx); unset($net_ids[$net_id]); if (!empty($net_ids)) { $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity"); $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg; $summary['general']['statistics']['errors']++; break; } else { if (Session::get_net_where() != '') { if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) { $c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter"); $summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg; $summary['general']['statistics']['errors']++; break; } } } } } else { $c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified"); $summary['by_nets'][$num_line]['status'] = 'warning'; $summary['general']['warnings']['errors']++; $summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg; } //Setting new values if (count($summary['by_nets'][$num_line]['errors']) == 0) { $net->set_ctx($ctx); $net->set_name($name); $net->set_descr($descr); if ($is_in_db == FALSE) { if ($can_i_modify_ips == TRUE) { $net->set_ips($cidrs); } $net->set_sensors($sensors); } $net->set_asset_value($asset_value); $net->save_in_db($conn, FALSE); $summary['general']['statistics']['saved']++; $summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted'); //Keep warnings if ($summary['by_nets'][$num_line]['status'] != 'warning') { $summary['by_nets'][$num_line]['status'] = 'success'; } } } catch (Exception $e) { $summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage(); $summary['general']['statistics']['errors']++; } } } if ($summary['general']['statistics']['saved'] > 0) { if ($summary['general']['statistics']['errors'] == 0) { $summary['general']['status'] = 'success'; $summary['general']['data'] = _('All nets have been imported successfully'); } else { $summary['general']['status'] = 'warning'; $summary['general']['data'] = _('Some nets could not be imported successfully'); } Util::disable_perm_triggers($conn, FALSE); try { Asset_net::report_changes($conn, 'nets'); } catch (Exception $e) { error_log($e->getMessage(), 0); } } else { $summary['general']['statistics']['errors'] = count($data); //CSV file is not empty, but all lines are wrong if (empty($summary['general']['status'])) { $summary['general']['status'] = 'error'; $summary['general']['data'] = _('Nets could not be imported'); } } $db->close(); return $summary; }
//Type of widget: chart, tag_cloud, etc. $winfo['asset'] = GET("asset"); //Assets implicated in the widget $chart_info = unserialize(GET("value")); //Params of the widget representation, this is: type of chart, legend params, etc. } else { //Getting the widget's info from DB $winfo = get_widget_data($conn, $id); //Check it out in widget_common.php $chart_info = $winfo['params']; //Params of the widget representation, this is: type of chart, legend params, etc. } //Validation ossim_valid($winfo['wtype'], OSS_TEXT, 'illegal:' . _("Type")); ossim_valid($winfo['height'], OSS_DIGIT, 'illegal:' . _("Widget ID")); ossim_valid($winfo['asset'], OSS_HEX, OSS_SCORE, OSS_ALPHA, OSS_USER, 'illegal:' . _("Asset/User/Entity")); if (is_array($chart_info) && !empty($chart_info)) { $validation = get_array_validation(); foreach ($chart_info as $key => $val) { if ($validation[$key] == '') { continue; } eval("ossim_valid(\"\$val\", " . $validation[$key] . ", 'illegal:" . _($key) . "');"); } } if (ossim_error()) { die(ossim_error()); } //End of validation. $assets_filters = array(); $assets_filters = get_asset_filters($conn, $winfo['asset']);
$conn = $db->connect(); $conf = $GLOBALS['CONF']; $rrdtool_bin = $conf->get_conf('rrdtool_path') . '/rrdtool'; set_error_handler('mydie'); $id = GET('id'); $what = GET('what'); $type = GET('type'); $start = GET('start'); $end = GET('end'); $zoom = GET('zoom') ? GET('zoom') : 1; ossim_valid($id, OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_SCORE, 'illegal:' . _('ID')); ossim_valid($start, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('Start param')); ossim_valid($end, OSS_LETTER, OSS_DIGIT, OSS_SCORE, 'illegal:' . _('End param')); ossim_valid($zoom, OSS_DIGIT, OSS_DOT, 'illegal:' . _('Zoom parameter')); ossim_valid($what, OSS_ALPHA, OSS_SCORE, 'illegal:' . _('What')); ossim_valid($type, OSS_ALPHA, 'illegal:' . _('Type')); if (ossim_error()) { mydie(strip_tags(ossim_get_error_clean())); } // // params validations // if ($what != 'eps') { mydie(sprintf(_("Invalid param '%s' with value '%s'"), 'what', $what)); } if ($type != 'eps') { mydie(sprintf(_("Invalid param '%s' with value '%s'"), 'type', $type)); } // Where to find the RRD file $rrdpath = "/var/lib/ossim/rrd/event_stats/"; //
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; require_once 'os_report_common.php'; Session::logcheck('report-menu', 'ReportsReportServer'); $action = POST('action'); $data = POST('data'); if ($action == 'check_file') { $data = explode('###', base64_decode($data)); $report_name = trim($data[0]); $filename = trim($data[1]); ossim_valid($report_name, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Report name')); if (ossim_error()) { echo 'error###' . ossim_get_error_clean(); exit; } // Init PDF Report $pdfReport = new Pdf_report($report_name, 'P', 'A4', NULL, FALSE); if (isset($filename) && !empty($filename)) { ossim_valid($filename, OSS_FILENAME, 'illegal:' . _('Filename')); //Get complete path $path = $pdfReport->getpath() . $filename; $res = !ossim_error() && file_exists($path) ? 1 : _('Unable to access to PDF Report'); echo $res; } } elseif ($action == 'check_email') { ossim_valid($data, OSS_MAIL_ADDR, 'illegal:' . _('Email address')); $res = !ossim_error() ? 1 : ossim_get_error_clean(); echo $res; }
} /* * * <------------------------ END OF THE FUNCTIONS ------------------------> * */ /* * * <------------------------- BODY OF THE SCRIPT -------------------------> * */ $action = POST("action"); //Action to perform. $data = POST("data"); //Data related to the action. ossim_valid($action, OSS_INPUT, 'illegal:' . _("Action")); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); echo json_encode($response); die; } //Default values for the response. $response['error'] = TRUE; $response['msg'] = _('Error when processing the request'); //checking if it is an ajax request if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { //Checking token if (!Token::verify('tk_welcome_wizard', GET('token'))) { $response['error'] = TRUE;
$icon = str_replace("url_slash", "/", $icon); $icon = str_replace("url_quest", "?", $icon); $icon = str_replace("url_equal", "=", $icon); $url = str_replace("url_slash", "/", $url); $url = str_replace("url_quest", "?", $url); $url = str_replace("url_equal", "=", $url); ossim_valid($map, OSS_HEX, 'illegal:' . _('Map')); ossim_valid($ri_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('ID')); ossim_valid($risk_positions, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, ";,.", 'illegal:' . _('Risk Indicator Positions')); ossim_valid($url, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('URL')); ossim_valid($name, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&#", 'illegal:' . _('Name')); ossim_valid($icon, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Icon')); ossim_valid($type, OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_SPACE, ";,.:\\/\\?=&()%&", 'illegal:' . _('Asset Type')); ossim_valid($type_name, OSS_NULLABLE, OSS_HEX, 'illegal:' . _('Asset ID')); ossim_valid($iconbg, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Layout Background Color')); ossim_valid($iconsize, OSS_DIGIT, "-", 'illegal:' . _('Icon Size')); $path = explode("pixmaps", $icon); if (count($path) > 1) { $icon = "pixmaps" . $path[1]; } if (ossim_error()) { $data = array('status' => 'error', 'data' => ossim_get_error_clean()); echo json_encode($data); exit; } //Clean bp_asset_member $query = "DELETE FROM bp_asset_member WHERE member is NULL OR member = 0x0 OR type is NULL OR type =''"; $conn->Execute($query); $indicators = array(); $delete_list = array(); $i_enable = array();