function check_ossim_error() { if (ossim_error()) { $error = ossim_get_error(); ossim_clean_error(); Av_exception::throw_error(Av_exception::USER_ERROR, $error); } }
function get_pulse_detail_from_id($conn) { $type = POST('type'); $pulse = POST('pulse'); $id = POST('id'); ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type')); ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse')); ossim_valid($id, OSS_HEX, 'illegal:' . _('ID')); if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } if ($type == 'alarm') { $pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE); } elseif ($type == 'event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE); } elseif ($type == 'alarm_event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE); } return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs'])); }
function make_sid_filter($conn, $ip) { $sids = array(); if (preg_match("/\\d+\\/\\d+/", $ip)) { $aux = Cidr::expand_cidr($ip, 'SHORT', 'IP'); if ($aux[0] == 'I' && $aux[1] == 'P') { $aux[0] = '0x0'; $aux[1] = '0x0'; } else { $aux[0] = bin2hex(inet_pton($aux[0])); $aux[1] = bin2hex(inet_pton($aux[1])); } $query = "SELECT d.id FROM alienvault_siem.device d, alienvault.sensor s \n\t\t WHERE d.sensor_id=s.id \n\t\t AND ( (s.ip >= UNHEX('" . $aux[0] . "') AND s.ip <= UNHEX('" . $aux[1] . "')) \n\t\t OR (d.device_ip>=UNHEX('" . $aux[0] . "') AND d.device_ip <= UNHEX('" . $aux[1] . "')) )"; } else { $ip = bin2hex(@inet_pton($ip)); $query = "SELECT d.id FROM alienvault_siem.device d, alienvault.sensor s \n\t\t WHERE d.sensor_id = s.id AND ( s.ip = UNHEX('{$ip}') OR d.device_ip = UNHEX('{$ip}') )"; } //echo $query; if (!($rs =& $conn->Execute($query))) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } while (!$rs->EOF) { $sids[] = $rs->fields['id']; $rs->MoveNext(); } return implode(',', $sids); }
function do_scan($wizard) { try { $next_step = 1; $data = array('finish' => FALSE); //File to cache scan object $user = Session::get_session_user(); $scan_file = 'w_last_asset_object-' . md5($user); $step = intval($wizard->get_step_data('scan_step')); if ($step == 0) { @unlink($scan_file); } $obj = Av_scan::get_object_from_file($scan_file); if (!is_object($obj) || empty($obj)) { $nets = $wizard->get_step_data('scan_nets'); if (count($nets) < 1) { $e_msg = _('Invalid networks selected to scan'); Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg); } $nets = implode(' ', $nets); $scan_options = array('scan_type' => 'fast', 'scan_timing' => 'T3', 'autodetect_os' => 'true', 'reverse_dns' => 'true', 'scan_ports' => '', 'idm' => 'false'); $obj = new Av_scan($nets, 'local', $scan_options); $obj->run(); Av_scan::set_object_in_file($obj, $scan_file); } $aux_status = $obj->get_status(); $status = $aux_status['status']['code']; $total = $aux_status['number_of_targets']; switch ($status) { case Av_scan::ST_SEARCH_FINISHED: case Av_scan::ST_SCANNING_HOSTS: case Av_scan::ST_SCAN_FINISHED: $next_step = $total > 0 ? 2 : 3; $wizard->set_step_data('scan_hosts', $total); $data = array('finish' => TRUE); break; } $wizard->set_step_data('scan_step', $next_step); //error_log("Step: $step\n", 3, '/tmp/test_wizard'); //error_log("Next Step: $next_step\n", 3, '/tmp/test_wizard'); //error_log(var_export($aux_status, TRUE)."\n", 3, '/tmp/test_wizard'); $response['error'] = FALSE; $response['data'] = $data; $wizard->save_status(); } catch (Exception $e) { //error_log("Error: ".$e->getMessage()."\n", 3, '/tmp/test_wizard'); $msg = _('Error! Asset scan cannot be completed. Please try again'); set_scan_error_message($wizard, $msg); $response['error'] = TRUE; } return $response; }
$sm_perms = array('EventsHids', 'EventsHidsConfig'); $sensor_id = POST('sensor_id'); $agent_id = POST('agent_id'); $agent_ip = POST('agent_ip'); if (Session::menu_perms($m_perms, $sm_perms)) { try { ossim_valid($agent_id, OSS_DIGIT, 'illegal:' . _('Agent ID')); ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID')); if ($agent_ip != 'any') { ossim_valid($agent_ip, OSS_IP_CIDR_0, 'illegal:' . _('Agent IP')); } if (!ossim_error()) { $db = new ossim_db(); $conn = $db->connect(); if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Sensor not allowed')); } $db->close(); } $more_info = Ossec_agent::get_info($sensor_id, $agent_id); $last_scan_dates = ''; if (Asset_host_ips::valid_ip($agent_ip)) { $last_scan_dates = Ossec_agent::get_last_scans($sensor_id, $agent_ip); } if (is_array($more_info) && !empty($more_info)) { $syscheck_date = empty($last_scan_dates['syscheck']) ? $more_info[7] : $last_scan_dates['syscheck']; $rootcheck_date = empty($last_scan_dates['rootcheck']) ? $more_info[8] : $last_scan_dates['rootcheck']; ?> <table class='t_agent_mi'> <tr><td colspan='2' style='text-align: center;'><?php echo _('Agent information');
* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::useractive(); if (!Session::am_i_admin()) { Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have permissions to see this section')); } $wizard = Welcome_wizard::get_instance(); if (!$wizard instanceof Welcome_wizard) { Av_exception::throw_error(Av_exception::USER_ERROR, 'There was an unexpected error'); } //Getting the scan step to know if we have a scan running $step = intval($wizard->get_step_data('scan_step')); //Selected nets $nets_selected = $wizard->get_step_data('scan_nets'); $nets_selected = is_array($nets_selected) ? $nets_selected : array(); $n_ids = array_fill_keys(array_keys($nets_selected), 1); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM")); ?> </title>
session_write_close(); Session::logcheck('environment-menu', 'EventsHidsConfig'); $events_hids_config = Session::menu_perms('environment-menu', 'EventsHidsConfig'); try { $db = new ossim_db(); $conn = $db->connect(); $sensor_id = POST('sensor_id'); ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID')); if (!ossim_error()) { if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { $e_msg = _('Error! Sensor not allowed'); Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg); } } else { $e_msg = ossim_get_error_clean(); Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg); } $agents = Ossec_agent::get_list($sensor_id); $data = array(); if (is_array($agents) && !empty($agents)) { foreach ($agents as $agent_id => $a_data) { if (empty($a_data)) { continue; } $a_unique_id = md5($agent_id); $agent_actions = Ossec_agent::get_actions($agent_id, $a_data); if (!empty($a_data['host_id'])) { $asset_name = Asset_host::get_name_by_id($conn, $a_data['host_id']); } else { $asset_name = '-'; }
* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::useractive(); if (!Session::am_i_admin()) { Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have permissions to see this section')); } $wizard = Welcome_wizard::get_instance(); if (!$wizard instanceof Welcome_wizard) { Av_exception::throw_error(Av_exception::USER_ERROR, "There was an error, the Welcome_wizard object doesn't exist"); } //Getting the scan step to know if we have a scan running $step = intval($wizard->get_step_data('scan_step')); //Selected nets $nets_selected = $wizard->get_step_data('scan_nets'); $nets_selected = is_array($nets_selected) ? $nets_selected : array(); $n_ids = array_fill_keys(array_keys($nets_selected), 1); $paths = Asset::get_path_url(FALSE); $iframe_url = $paths['network']['views'] . 'import_all_nets.php?import_type=welcome_wizard_nets'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM"));
function get_indicators_from_map($conn, $map) { Ossim_db::check_connection($conn); $indicators = array(); $query = "SELECT * FROM risk_indicators WHERE map = UNHEX(?)"; $params = array($map); $rs = $conn->Execute($query, $params); if (!$rs) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } while (!$rs->EOF) { if (is_indicator_allowed($conn, $rs->fields['type'], $rs->fields['type_name'])) { $id = $rs->fields['id']; $indicators[$id] = format_indicator($conn, $rs->fields); } $rs->MoveNext(); } return $indicators; }
$only_unread = POST('only_unread') ? POST('only_unread') : ''; /********************************** ****** VALIDATE POST PARAMS ****** **********************************/ ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search String')); ossim_valid($only_unread, OSS_LETTER, OSS_NULLABLE, 'illegal:' . _('Only Unread Param')); /*************************** ****** RESPONSE VARS ****** ***************************/ // Response array $response = array(); // Array to store data $data = array(); try { if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } /********************** ****** FILTERS ******* **********************/ $filters = array(); if (!empty($search)) { $filters['search'] = $search; } if (!empty($only_unread)) { $filters['only_unread'] = 'true'; } /********************** ****** GET DATA ****** **********************/ $status = new System_notifications();
$response['data']['components_added_msg'] = sprintf($msg, $num_components, $component_type); break; // Delete components // Delete components case 'delete_components': $tag->remove_components_from_filter($conn); $msg = _('Your label has been deleted from %d %s(s). You can view asset labels in the asset details'); $response['data']['components_deleted_msg'] = sprintf($msg, $num_components, $component_type); break; default: Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid action - please try again')); } } $response['status'] = 'OK'; $response['data']['id'] = $tag->get_id(); $response['data']['name'] = $tag->get_name(); $response['data']['class'] = $tag->get_class(); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Action can not be completed')); } } catch (\Exception $e) { $error_msg = $e->getMessage(); if (empty($error_msg)) { $error_msg = _('Sorry, operation was not completed due to an error when processing the request'); } $response['status'] = 'error'; $response['data'] = $error_msg; } $db->close(); echo json_encode($response); exit;
function restart_search($conn, $data) { $return['error'] = FALSE; $return['msg'] = ''; $type = $data['type']; ossim_valid($type, 'asset', 'group', 'network', 'illegal:' . _("List Type")); if (ossim_error()) { $error = ossim_get_error(); ossim_clean_error(); $return['error'] = TRUE; $return['msg'] = $error; return $return; } Filter_list::delete_filters_from_session(); try { $object = 'Filter_' . $type . '_list'; if (!class_exists($object)) { Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid List Type')); } $filter_list = new $object($conn); $filter_list->store_filter_list_session(); } catch (Exception $e) { $return['error'] = TRUE; $return['msg'] = $e->getMessage(); } return $return; }
***************************/ /*************************** ****** Set suppressed ***** ***************************/ case 'set_suppressed': $status->set_status_message($status_message_id, array('suppressed' => 'true')); $data['data'] = _('Notification marked as suppressed'); break; /******************************* ****** Not allowed action ***** *******************************/ /******************************* ****** Not allowed action ***** *******************************/ default: Av_exception::throw_error(Av_exception::USER_ERROR, _('This action could not be completed. Please try again.')); } $data['status'] = 'OK'; } catch (\Exception $e) { /************************ ****** Catch error ***** ************************/ $error_msg = $e->getMessage(); if (empty($error_msg)) { $error_msg = _('Sorry, operation was not completed due to an error when processing the request. Please try again.'); } Util::response_bad_request($error_msg); } } $db->close(); echo json_encode($data);
function save_member_selection($conn, $data) { $asset_id = $data['asset_id']; $asset_type = $data['asset_type']; $member_type = $data['member_type']; $all = $data['all']; $assets = $data['assets']; $search = $data['search']; ossim_valid($asset_id, OSS_HEX, 'illegal:' . _('Asset UUID')); ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type')); ossim_valid($member_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type')); ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search Filter')); ossim_valid($assets, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Assets')); ossim_valid($all, OSS_BINARY, 'illegal:' . _('Asset Selection')); check_ossim_error(); if ($all) { $total = Filter_list::save_members_from_asset($conn, $asset_id, $asset_type, $search); } else { $total = Filter_list::save_items($conn, $member_type, $assets); } if ($total < 1) { Av_exception::throw_error(Av_exception::USER_ERROR, _('You need at least one asset to perform any action.')); } return $total; }
ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: ' . _('Search String')); ossim_valid($from, OSS_DIGIT, 'illegal: ' . _('Configuration Parameter 2')); ossim_valid($sec, OSS_DIGIT, 'illegal: ' . _('Configuration Parameter 3')); if (ossim_error()) { $response['sEcho'] = intval($sec); $response['iTotalRecords'] = 0; $response['iTotalDisplayRecords'] = 0; $response['aaData'] = array(); echo json_encode($response); exit; } // Get object from session $asset_object = unserialize($_SESSION['asset_detail'][$asset_id]); $class_name = get_class($asset_object); if (!is_object($asset_object)) { Av_exception::throw_error(Av_exception::DB_ERROR, _('Error retrieving the asset data from Memory')); } $db = new ossim_db(); $conn = $db->connect(); $filters = array('where' => 'host_properties.property_ref <> 8', 'limit' => "{$from}, {$maxrows}"); if ($search_str != '') { $search_str = escape_sql($search_str, $conn); $filters['where'] .= ' AND host_properties.value LIKE "%' . $search_str . '%"'; } // DATA list($properties, $total) = $asset_object->get_properties($conn, $filters); $data = array(); foreach ($properties as $_host_id => $prop_list) { $_host_aux = Asset_host::get_object($conn, $_host_id); $host = $_host_aux->get_name() . ' (' . $_host_aux->get_ips()->get_ips('string') . ')'; foreach ($prop_list as $prop_id => $prop_data) {
function delete_note($conn) { $validate = array('note_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Note ID'))); $validation_errors = validate_form_fields('POST', $validate); if (is_array($validation_errors) && !empty($validation_errors)) { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Note could not be deleted')); } $note_id = POST('note_id'); $result = Notes::delete($conn, $note_id); if ($result == TRUE) { $data['msg'] = _('Note deleted successfully'); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Note could not be deleted')); } return $data; }
ossim_valid($level, OSS_LETTER, ',', OSS_NULLABLE, 'illegal:' . _('Level Param')); /*************************** ****** RESPONSE VARS ****** ***************************/ // Response array $response = array(); // Array to store data $data = array(); $total_messages = 0; try { // If validation errors throw new exception with error details if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } if (strlen($search_str) > 30) { Av_exception::throw_error(Av_exception::USER_ERROR, 'Search string very long. Max length 30 characters'); } /********************* ****** Filters ****** *********************/ /** * Returns order_by string by column * * @param integer $order * * @return string */ $order_by = function ($order) { switch ($order) { case 0: return 'creation_time';
* along with this package; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, * MA 02110-1301 USA * * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; Session::logcheck("analysis-menu", "ControlPanelAlarms"); $q = strtolower(GET("q")); ossim_valid($q, OSS_TEXT, 'illegal:' . _("Query")); // Empty results when error in validation if (ossim_error()) { exit; } $db = new ossim_db(); $conn = $db->connect(); $q = escape_sql($q, $conn); $sql = "SELECT DISTINCT sid, plugin_id, name FROM plugin_sid WHERE lower(name) LIKE '%{$q}%';"; if (!($rs = $conn->Execute($sql))) { Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg()); } else { while (!$rs->EOF) { echo $rs->fields["plugin_id"] . "-" . $rs->fields["sid"] . "###" . $rs->fields["name"] . "\n"; $rs->MoveNext(); } }
*/ require_once 'av_init.php'; Session::admin_logcheck_ajax(); session_write_close(); /* * This function retrieves the OTX config information. * * @return array * */ function get_otx_info() { $otx = new Otx(); $otx->load(); return array('token' => $otx->get_token(), 'username' => $otx->get_username(), 'user_id' => $otx->get_user_id(), 'contributing' => $otx->is_contributing(), 'key_version' => $otx->get_key_version(), 'latest_update' => $otx->get_latest_update()); } //Checking the action to perform. $action = POST('action'); $result = array(); try { switch ($action) { case 'info': $result = get_otx_info(); break; default: Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid Action.')); } } catch (Exception $e) { Util::response_bad_request($e->getMessage()); } echo json_encode($result);
} $asset_object = $class_name::get_object($conn, $asset_id); if (array_key_exists($order, $orders_by_columns)) { $order = $orders_by_columns[$order]; } else { $order = "lr.risk"; } // Property filter $filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}"); if ($search_str != '') { $search_str = escape_sql($search_str, $conn); $filters['where'] = 'p.name LIKE "%' . $search_str . '%"'; } list($vulns, $total) = $asset_object->get_vulnerabilities($conn, '', $filters); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information')); } } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } // DATA $data = array(); foreach ($vulns as $_asset_id => $asset_vulns) { $_host_aux = Asset_host::get_object($conn, $_asset_id); foreach ($asset_vulns as $vuln) { $_host = $class_name == 'asset_host' ? $vuln['ip'] : $_host_aux->get_name() . " (" . $_host_aux->get_ips()->get_ips('string') . ")"; $data[] = array(date("Y-m-d H:i:s", strtotime($vuln['date'])), $_host, $vuln['plugin'], $vuln['plugin_id'], $vuln['service'], Vulnerabilities::get_severity_by_risk($vuln['risk'])); } } $response['sEcho'] = $sec;
$conn = $db->connect(); switch ($action) { case 'track_usage_information': try { //Validate Token $token = POST('token'); if (Token::verify('tk_tui', $token) == FALSE) { $t_error = Token::create_error_message(); Av_exception::throw_error(Av_exception::USER_ERROR, $t_error); } if (Session::am_i_admin()) { $tui = intval(POST('tui')); $tui_status = $tui > 0 ? 1 : 0; $config = new Config(); $config->update('track_usage_information', $tui_status); $client = new Alienvault_client(); $tui_status = $tui > 0 ? TRUE : FALSE; $client->system()->set_telemetry($tui_status); $data['status'] = 'success'; $data['data'] = _('Your changes have been saved'); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have the correct permissions to configure this option. Please contact system administrator with any questions')); } } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } break; } $db->close(); echo json_encode($data);
if ($can_i_modify_ips == FALSE) { $img_disabled = 'img_disabled'; } } elseif (Asset_group::is_in_db($conn, $id)) { $asset_object = Asset_group::get_object($conn, $id); $asset_type = 'group'; $breadcrumb = array('section' => _('Groups'), 'current' => _('Group Details')); try { $asset_object->can_i_edit($conn); } catch (Exception $e) { $img_disabled = 'img_disabled'; $button_disabled = 'disabled'; $flag_restricted_group = TRUE; } } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Asset not found in the system')); } // Save session object $_SESSION['asset_detail'][$id] = serialize($asset_object); // Get default system ip $system_list = Av_center::get_avc_list($conn); $system_ip = @$system_list['data'][strtolower(Util::get_system_uuid())]['admin_ip']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php echo _('Asset Details'); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
function submit_scan($SVRid, $job_name, $ssh_credential, $smb_credential, $schedule_type, $not_resolve, $user, $entity, $targets, $scheduled_status, $hosts_alive, $sid, $send_email, $timeout, $scan_locally, $dayofweek, $dayofmonth, $ROYEAR, $ROMONTH, $ROday, $time_hour, $time_min, $time_interval, $sched_id, $biyear, $bimonth, $biday, $nthweekday, $tz, $daysMap) { $db = new ossim_db(); $dbconn = $db->connect(); $credentials = $ssh_credential . '|' . $smb_credential; $username = valid_hex32($entity) ? $entity : $user; if (empty($username)) { $username = Session::get_session_user(); } $btime_hour = $time_hour; // save local time $btime_min = $time_min; $bbiyear = $biyear; $bbimonth = $bimonth; $bbiday = $biday; if ($schedule_type == 'O') { // date and time for run once if (empty($ROYEAR)) { $ROYEAR = gmdate('Y'); } if (empty($ROMONTH)) { $ROMONTH = gmdate('m'); } if (empty($ROday)) { $ROday = gmdate('d'); } list($_y, $_m, $_d, $_h, $_u, $_s, $_time) = Util::get_utc_from_date($dbconn, "{$ROYEAR}-{$ROMONTH}-{$ROday} {$time_hour}:{$time_min}:00", $tz); $ROYEAR = $_y; $ROMONTH = $_m; $ROday = $_d; $time_hour = $_h; $time_min = $_u; } else { if (in_array($schedule_type, array('D', 'W', 'M', 'NW'))) { // date and time for Daily, Day of Week, Day of month, Nth weekday of month list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, "{$biyear}-{$bimonth}-{$biday} {$time_hour}:{$time_min}:00", $tz); $biyear = $b_y; $bimonth = $b_m; $biday = $b_d; $time_hour = $b_h; $time_min = $b_u; } } $resolve_names = $not_resolve == '1' ? 0 : 1; if ($schedule_type != 'N') { // current datetime in UTC $arrTime = explode(":", gmdate('Y:m:d:w:H:i:s')); $year = $arrTime[0]; $mon = $arrTime[1]; $mday = $arrTime[2]; $wday = $arrTime[3]; $hour = $arrTime[4]; $min = $arrTime[5]; $sec = $arrTime[6]; $timenow = $hour . $min . $sec; $run_wday = $daysMap[$dayofweek]['number']; $run_time = sprintf('%02d%02d%02d', $time_hour, $time_min, '00'); $run_mday = $dayofmonth; $time_value = "{$time_hour}:{$time_min}:00"; $ndays = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday'); $begin_in_seconds = Util::get_utc_unixtime("{$biyear}-{$bimonth}-{$biday} {$time_hour}:{$time_min}:00") - 3600 * $tz; $current_in_seconds = gmdate('U'); // current datetime in UTC if (strlen($bimonth) == 1) { $bimonth = '0' . $bimonth; } if (strlen($biday) == 1) { $biday = '0' . $biday; } } switch ($schedule_type) { case 'N': $requested_run = gmdate('YmdHis'); break; case 'O': $requested_run = sprintf('%04d%02d%02d%06d', $ROYEAR, $ROMONTH, $ROday, $run_time); break; case 'D': if ($begin_in_seconds > $current_in_seconds) { $next_day = $biyear . $bimonth . $biday; // selected date by user } else { if ($run_time > $timenow) { $next_day = $year . $mon . $mday; // today } else { $next_day = gmdate("Ymd", strtotime("+1 day GMT", gmdate("U"))); // next day } } $requested_run = sprintf("%08d%06d", $next_day, $run_time); break; case 'W': if ($begin_in_seconds > $current_in_seconds) { // if it is a future date $wday = date("w", mktime(0, 0, 0, $bimonth, $biday, $biyear)); // make week day for begin day if ($run_wday == $wday) { $next_day = $biyear . $bimonth . $biday; // selected date by user } else { $next_day = gmdate("Ymd", strtotime("next " . $ndays[$run_wday] . " GMT", mktime(0, 0, 0, $bimonth, $biday, $biyear))); } } else { if ($run_wday == $wday && $run_time > $timenow) { $next_day = $year . $mon . $mday; // today } else { $next_day = gmdate("Ymd", strtotime("next " . $ndays[$run_wday] . " GMT", gmdate("U"))); // next week } } preg_match("/(\\d{4})(\\d{2})(\\d{2})/", $next_day, $found); list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " {$btime_hour}:{$btime_min}:00", $tz); $requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00"); break; case 'M': if ($begin_in_seconds > $current_in_seconds) { // if it is a future date if ($run_mday >= $biday) { $next_day = $biyear . $bimonth . ($run_mday < 10 ? "0" : "") . $run_mday; // this month } else { $next_day = sprintf("%06d%02d", gmdate("Ym", strtotime("next month GMT", mktime(0, 0, 0, $bimonth, $biday, $biyear))), $run_mday); } } else { if ($run_mday > $mday || $run_mday == $mday && $run_time > $timenow) { $next_day = $year . $mon . ($run_mday < 10 ? "0" : "") . $run_mday; // this month } else { $next_day = sprintf("%06d%02d", gmdate("Ym", strtotime("next month GMT", gmdate("U"))), $run_mday); } } preg_match("/(\\d{4})(\\d{2})(\\d{2})/", $next_day, $found); list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " {$btime_hour}:{$btime_min}:00", $tz); $requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00"); break; case 'NW': if ($begin_in_seconds > $current_in_seconds) { // if it is a future date $array_time = array('month' => $bbimonth, 'day' => $bbiday, 'year' => $bbiyear); $requested_run = weekday_month(strtolower($daysMap[$dayofweek]['text']), $nthweekday, $btime_hour, $btime_min, $array_time); } else { $requested_run = weekday_month(strtolower($daysMap[$dayofweek]['text']), $nthweekday, $btime_hour, $btime_min); } preg_match("/(\\d{4})(\\d{2})(\\d{2})(\\d{2})(\\d{2})(\\d{2})/", $requested_run, $found); list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " " . $found[4] . ":" . $found[5] . ":00", $tz); $requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00"); $dayofmonth = $nthweekday; break; default: break; } $insert_time = gmdate('YmdHis'); if (!empty($_SESSION['_vuln_targets']) && count($_SESSION['_vuln_targets']) > 0) { $sgr = array(); foreach ($_SESSION['_vuln_targets'] as $target_selected => $server_id) { $sgr[$server_id][] = $target_selected; } ossim_clean_error(); unset($_SESSION['_vuln_targets']); // clean scan targets $resolve_names = $not_resolve == '1' ? 0 : 1; $queries = array(); $bbimonth = strlen($bbimonth) == 1 ? '0' . $bbimonth : $bbimonth; $bbiday = strlen($bbiday) == 1 ? '0' . $bbiday : $bbiday; $qc = 0; if ($schedule_type == 'N') { foreach ($sgr as $notify_sensor => $target_list) { $target_list = implode("\n", $target_list); $params = array($job_name, $username, Session::get_session_user(), $schedule_type, $target_list, $hosts_alive, $sid, $send_email, $timeout, $SVRid, $insert_time, $requested_run, '3', 'S', $notify_sensor, $scan_locally, '', $resolve_names, $credentials); $queries[$qc]['query'] = 'INSERT INTO vuln_jobs ( name, username, fk_name, meth_SCHED, meth_TARGET, meth_CRED, meth_VSET, meth_Wfile, meth_TIMEOUT, scan_ASSIGNED, scan_SUBMIT, scan_next, scan_PRIORITY, status, notify, authorized, author_uname, resolve_names, credentials ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'; $queries[$qc]['params'] = $params; $qc++; } } else { $params = array($bbiyear . $bbimonth . $bbiday, $job_name, $username, Session::get_session_user(), $schedule_type, $dayofweek, $dayofmonth, $time_value, implode("\n", $targets), $hosts_alive, $sid, $send_email, $scan_locally, $timeout, $requested_run, $insert_time, strval($scheduled_status), $resolve_names, $time_interval, '', $credentials, $SVRid); $queries[$qc]['query'] = 'INSERT INTO vuln_job_schedule ( begin, name, username, fk_name, schedule_type, day_of_week, day_of_month, time, meth_TARGET, meth_CRED, meth_VSET, meth_Wfile, meth_Ucheck, meth_TIMEOUT, next_CHECK, createdate, enabled, resolve_names, time_interval, IP_ctx, credentials, email) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) '; $queries[$qc]['params'] = $params; $qc++; } $execute_errors = array(); foreach ($queries as $id => $sql_data) { $rs = $dbconn->execute($sql_data['query'], $sql_data['params']); if ($rs === FALSE) { $execute_errors[] = $dbconn->ErrorMsg(); } } if (empty($execute_errors) && $schedule_type != 'N') { // We have to update the vuln_job_assets if (intval($sched_id) == 0) { $query = ossim_query('SELECT LAST_INSERT_ID() as sched_id'); $rs = $dbconn->Execute($query); if (!$rs) { Av_exception::throw_error(Av_exception::DB_ERROR, $dbconn->ErrorMsg()); } else { $sched_id = $rs->fields['sched_id']; } } Vulnerabilities::update_vuln_job_assets($dbconn, 'insert', $sched_id, 0); } $config_nt = array('content' => '', 'options' => array('type' => 'nf_success', 'cancel_button' => FALSE), 'style' => 'width: 40%; margin: 20px auto; text-align: center;'); $config_nt['content'] = empty($execute_errors) ? _('Successfully Submitted Job') : _('Error creating scan job:') . implode('<br>', $execute_errors); $nt = new Notification('nt_1', $config_nt); $nt->show(); $dbconn->close(); } }