public static function doGet($url, $header = false)
{
global $LastGETURL;
global $LastGETMethod;
global $LastHeadersSent;
global $last_http_response;
global $LastHeadersReceived;
$LastGETURL = $url;
$LastGETMethod = false;
$LastHeadersSent = false;
$last_http_response = false;
$LastHeadersReceived = false;
$lastGETResponse = false;
$LastGETMethod = "CURL";
$lastGETResponse = Net::getCurl($url, $header);
if ($lastGETResponse !== false) {
return $lastGETResponse;
}
$LastGETMethod = "Stream";
$lastGETResponse = Net::getStream($url, $header);
if ($lastGETResponse !== false) {
return $lastGETResponse;
}
error_log("Unable to GET Url={$url}");
error_log("Header: {$header}");
throw new \Exception("Unable to GET url=" . $url);
}
public function set_blacklist()
{
$ip = Net::get_user_ip();
$current_time = time();
$node = $this->xml->xpath('/users/blacklist[@ip="' . utf8_encode($ip) . '"]');
// IP dosen't exist
if (empty($node)) {
if (count($this->xml->users->blacklist) >= BLACKLIST_SAVED_REQUESTS) {
unset($this->xml->users->blacklist[0]);
}
// Add the table
$node = $this->xml->addChild('blacklist', '');
// Add the key
$node->addAttribute('ip', $ip);
// Add the registers
$node->addChild('date', $current_time);
$node->addChild('fail_count', 1);
error_log('Nibbleblog: Blacklist - New IP added - ' . $ip);
} else {
$date = $node[0]->getChild('date');
$fail_count = $node[0]->getChild('fail_count');
// The IP expired, so renewed
if ($current_time > $date + BLACKLIST_TIME * 60) {
$node[0]->setChild('date', $current_time);
$node[0]->setChild('fail_count', 1);
error_log('Nibbleblog: Blacklist - IP renewed because is expired - ' . $ip);
} else {
$fail_count += 1;
$node[0]->setChild('fail_count', $fail_count);
error_log('Nibbleblog: Blacklist - IP fail count(' . $fail_count . ') - ' . $ip);
}
}
// Save the database
return $this->savetofile();
}
public function doLogin($cookies)
{
$encPass = $this->getEncryptedPassword();
$res = Net::doRequest('https://steamcommunity.com/login/dologin/', $cookies, ['username' => $this->user, 'password' => $encPass['code'], 'twofactorcode' => '', 'captchagid' => $this->captchaGid, 'captcha_text' => $this->captchaText, 'emailsteamid' => $this->emailSteamId, 'emailauth' => $this->twoFactorCode, 'rsatimestamp' => $encPass['time'], 'remember_login' => false, 'oauth_client_id' => 'DE45CD61', 'oauth_scope' => 'read_profile write_profile read_client write_client', 'loginfriendlyname' => 'escrow.tf']);
$this->loginData = json_decode($res[1], true);
if (isset($this->loginData['oauth'])) {
$this->loginData['oauth'] = new Oauth(json_decode($this->loginData['oauth']));
}
// Get steam to send an email even when a bad code is supplied
if (!$loginData['success'] && isset($loginData['emailauth_needed']) && $loginData['emailauth_needed'] && !empty($this->twoFactorCode)) {
$this->setTwoFactorCode('');
return $this->doLogin($cookies);
}
return $this->loginData;
}
/**
* @param Neuron $from
* @throws \Exception
*/
public function send(Neuron $from)
{
//Choose @var int $_directionType
$_directionType = Net::getDirection() == Net::DIRECT ? self::HIGHER_NEURON : self::LOWER_NEURON;
if (!isset($this->_neurons[$_directionType])) {
throw new \Exception("Something wrong is with direction ({$_directionType}) or relation wasn`t init.");
}
/** @var Neuron $to */
$to = $this->_neurons[$_directionType];
//var_dump("Value: " . $from->getValue() . " Class: " . get_class($from));
$to->addSignal($this->_weight * $from->getValue());
// If we are on mistake step we need to correct weights
if (Net::isMistakeFlow()) {
$this->_weightCorrection($to, $from);
}
}
private static function video_get_vimeo($url, $width = 640, $height = 360)
{
preg_match('/vimeo\\.com\\/([0-9]{1,10})/', $url, $matches);
$video_id = $matches[1];
// Check if a valid url
if (!Net::check_http_code('http://vimeo.com/api/v2/video/' . $video_id . '.php', 200)) {
return false;
}
$hash = unserialize(file_get_contents('http://vimeo.com/api/v2/video/' . $video_id . '.php'));
$info = array();
$info['id'] = $video_id;
$info['title'] = $hash[0]['title'];
$info['description'] = $hash[0]['description'];
$info['thumb'][0] = $hash[0]['thumbnail_medium'];
$info['thumb'][1] = $hash[0]['thumbnail_small'];
$info['embed'] = '<iframe class="vimeo_embed" width="' . $width . '" height="' . $height . '" src="http://player.vimeo.com/video/' . $video_id . '" frameborder="0" allowFullScreen></iframe>';
return $info;
}
/**
* Ping a address
* @return int if -1 the server is down
* @access public
*/
static function ping($address)
{
$urlInfo = parse_url($address);
$domain = $urlInfo['host'];
$port = Net::getUrlPort($urlInfo);
$starttime = microtime(true);
$file = @fsockopen($domain, $port, $errno, $errstr, 10);
$stoptime = microtime(true);
$status = 0;
if (!$file) {
$status = -1;
} else {
fclose($file);
$status = ($stoptime - $starttime) * 1000;
$status = floor($status);
}
return $status;
}
private static function handleLogin()
{
if (!isset($_POST['login'])) {
return;
}
$user = new User($_POST['user'], $_POST['pass']);
$cookies = Net::startSession();
$user->setCaptcha($_POST['gid'] ?: -1, $_POST['captcha'] ?: '')->setEmailSteamId($_POST['emailsteamid'] ?: '')->setTwoFactorCode($_POST['2fa'] ?: '');
$loginData = $user->doLogin($cookies);
if (!$loginData['success']) {
return $loginData;
}
$hasPhone = $loginData['oauth']->hasPhone();
if (!$hasPhone) {
return ['phone_needed' => true];
}
$authData = $loginData['oauth']->addAuthenticator();
$authData = array_merge($authData, ['access_token' => $loginData['oauth']->oauth_token, 'wgtoken' => $loginData['oauth']->wgtoken, 'wgtoken_secure' => $loginData['oauth']->wgtoken_secure, 'steamid' => $loginData['oauth']->steamid]);
return ['sms_needed' => true, 'revocation_code' => $authData['revocation_code'], 'authdata' => Crypt::encrypt($authData, $_POST['ekey']), 'raw' => $authData];
}
public function add($category, $send_email, $args = array())
{
global $_LANG;
if (count($this->xml->notification) >= NOTIFICATIONS_AMOUNT) {
unset($this->xml->notification[0]);
}
// Email
if ($send_email) {
if ($category == 'session_fail') {
// Subject
$subject = $_LANG['LOGIN_FAILED_ATTEMPT'];
// Message
$message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{USERNAME}}' => $args['username'], '{{PASSWORD}}' => $args['password'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_FAIL_LOGIN']);
} elseif ($category == 'session_start') {
// Subject
$subject = $_LANG['NEW_SESSION_STARTED'];
// Message
$message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{USERNAME}}' => $args['username'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_SESSION_STARTED']);
} elseif ($category == 'comment') {
// Subject
$subject = $_LANG['YOU_HAVE_A_NEW_COMMENT'];
// Message
$message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{COMMENT}}' => $args['comment'], '{{AUTHOR_NAME}}' => $args['author_name'], '{{AUTHOR_EMAIL}}' => $args['author_email'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_NEW_COMMENT']);
}
$sent = Email::send(array('from' => $this->settings['notification_email_from'], 'to' => $this->settings['notification_email_to'], 'subject' => $subject, 'message' => $message));
} else {
$sent = false;
}
// Encrypt the user IP
include FILE_KEYS;
$user_ip = Crypt::encrypt(Net::get_user_ip(), $_KEYS[0]);
// Save the notification
$node = $this->xml->addChild('notification');
$node->addAttribute('category', $category);
$node->addAttribute('mail', $sent);
$node->addAttribute('ip', $user_ip);
$node->addAttribute('date', Date::unixstamp());
$this->savetofile();
return true;
}
}
}
$buffer = preg_replace("/,\$/", "", $buffer);
$buffer .= "]";
if ($buffer == "" || $buffer == "[]") {
echo "[{title:'" . _("No Hosts Found") . "', noLink:true}]";
} else {
echo $buffer;
}
} else {
if (preg_match("/^e_(.*)_net\$/", $key)) {
$buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1);
echo $buffer;
} else {
if (preg_match("/^e_(.*)_.class_(.*)/", $key)) {
$buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1);
echo $buffer;
} else {
if (preg_match("/e_(.*)_sensor/", $key, $found)) {
$entityPerms = Acl::entityPerms($conn, $found[1]);
$all = count($entityPerms["sensors"]);
$sensors = Sensor::get_all($conn);
$j = 0;
$buffer .= "[";
foreach ($sensors as $sensor) {
if (!$all || $entityPerms["sensors"][$sensor->get_ip()]) {
$sensor_name = $sensor->get_name();
$s_title = Util::htmlentities($sensor_name);
$sensor_key = utf8_encode("sensor;" . $sensor_name);
$title = strlen($sensor_name) > $length_name ? substr($sensor_name, 0, $length_name) . "..." : $sensor_name;
$title = Util::htmlentities($title);
private function runQuery($q, $qt = '', $infos = '')
{
/* ep */
$ep = $this->_arc2_RemoteStore->v('remote_store_endpoint', 0, $this->_arc2_RemoteStore->a);
if (!$ep) {
return $this->_arc2_RemoteStore->addError('No Endpoint defined.');
}
/* prefixes */
$q = $this->_arc2_RemoteStore->completeQuery($q);
/* custom handling */
$mthd = 'run' . $this->_arc2_RemoteStore->camelCase($qt) . 'Query';
if (method_exists($this, $mthd)) {
return $this->_arc2_RemoteStore->{$mthd}($q, $infos);
}
if (in_array($qt, array('insert', 'delete'))) {
if ($this->_readOnly) {
return $this->_arc2_RemoteStore->addError('No right to write in the triplestore.');
} else {
$s = new FourStore_Store($ep, $this->_debug);
$r = $s->queryUpdate($q);
if (!$r) {
$errmsg = "Error unknown.";
if (Net::ping($ep) == -1) {
$errmsg = "Could not connect to " . $ep;
}
return $this->_arc2_RemoteStore->addError($errmsg);
}
}
} else {
$s = new FourStore_Store($ep, $this->_debug);
$resp = $s->queryRead($q);
if ($resp == "") {
$errmsg = "Error unknown.";
if (Net::ping($ep) == -1) {
$errmsg = "Could not connect to " . $ep;
}
return $this->_arc2_RemoteStore->addError($errmsg);
}
if (preg_match_all('%<!--(.*error.*)-->%m', $resp, $errorResponse)) {
$message4s = $errorResponse[1][0];
return $this->_arc2_RemoteStore->addError("4Store message : " . $message4s . "\n query :\n" . $q);
}
$parser = @ARC2::getSPARQLXMLResultParser();
$parser->parse('', $resp);
$err = $parser->getErrors();
if ($err) {
return $this->_arc2_RemoteStore->addError($err);
}
if ($qt == 'ask') {
$bid = $parser->getBooleanInsertedDeleted();
$r = $bid['boolean'];
} elseif ($qt == 'select' && !method_exists($parser, 'getRows')) {
$r = $resp;
} elseif ($qt == 'select') {
$r = array('rows' => $parser->getRows(), 'variables' => $parser->getVariables());
} else {
$r = $parser->getSimpleIndex(0);
}
unset($parser);
}
return $r;
}
// No perms over the host's network
$threshold_a = $conf_threshold;
$threshold_c = $conf_threshold;
if (count($groups_belong['nets']) < 1) {
$rs->MoveNext();
continue;
// Host doesn't belong to any network
/*
} elseif ($net === null) {
$threshold_a = $conf_threshold;
$threshold_c = $conf_threshold;
// User got perms
*/
} else {
// threshold inheritance (for multiple nets get the closest)
$closest_net = Net::GetClosestNet($conn, $ip);
foreach ($groups_belong['nets'] as $net_name_aux => $net) {
if ($net_name_aux == $closest_net) {
$net_threshold_a = $net['threshold_a'];
$net_threshold_c = $net['threshold_c'];
$net_belong = $net_name_aux;
$group_belong = $net['group'];
}
}
if ($net_belong == "") {
$net_belong = $net_name_aux;
$group_belong = $net['group'];
}
$threshold_a = $rs->fields['threshold_a'] ? $rs->fields['threshold_a'] : $net_threshold_a;
$threshold_c = $rs->fields['threshold_c'] ? $rs->fields['threshold_c'] : $net_threshold_c;
}
if ($file1Size + $file2Size >= 8388608) {
//TODO 根据服务器返回error码做提示
echo "<script type=\"text/javascript\">parent.callback('提交失败 ! : 文件不得大于8M')</script>";
}
if ($tmp1 == null && $tmp2 != null) {
$params['media'] = "@" . $tmp2;
} else {
$params['media'] = "@" . $tmp1;
$params['media2'] = "@" . $tmp2;
}
}
$params['status'] = $content;
if (!empty($address)) {
$params['url'] = $address;
}
$sinaNet = new Net();
$resCode = $sinaNet->request($username, $password, $params);
returnResMsgByCode($resCode);
/**
* 根据responseCode返回对应的错误信息
* @param $code
*/
function returnResMsgByCode($code)
{
$msg = null;
switch ($code) {
case 200:
$msg = "提交成功 !";
break;
case 401:
$msg = "提交失败 ! : 原因用户名或密码错误";
** Built upon work by Roman Danyliw <*****@*****.**>, <*****@*****.**>
** Built upon work by the BASE Project Team <*****@*****.**>
*/
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
require_once 'classes/Session.inc';
Session::logcheck("MenuEvents", "EventsForensics");
//
$ip = GET('ip');
ossim_valid($ip, OSS_IP_ADDR, 'illegal:' . _("ip"));
if (ossim_error()) {
die(ossim_error());
}
//
require_once 'classes/Net.inc';
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
$netname = Net::GetClosestNet($conn, $ip);
if ($netname != false) {
list($ips, $icon) = Net::get_ips_by_name($conn, $netname, true);
if ($icon != "") {
echo "<img src='data:image/png;base64," . base64_encode($icon) . "' border='0'> ";
}
echo "<b>{$netname}</b> ({$ips})";
} else {
echo "<b>{$ip}</b> not found in home networks";
}
$db->close($conn);
function draw_members_select($form_data)
{
global $conn, $id;
$resp = new xajaxResponse();
$type = $form_data['member_type'];
// The user selected the empty type
if (!$type) {
$resp->AddAssign("members_select", "innerHTML", _("Please select a type"));
return $resp;
}
//
// Get the list of members of the given type
//
$options = array();
switch ($type) {
case 'host':
include_once 'classes/Host.inc';
$list = Host::get_list($conn, "", 'ORDER BY hostname');
print_r($list);
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr;
}
break;
case 'net':
include_once 'classes/Net.inc';
$list = Net::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr;
}
break;
case 'host_group':
include_once 'classes/Host_group.inc';
$list = Host_group::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
case 'net_group':
include_once 'classes/Net_group.inc';
$list = Net_group::get_list($conn, '', 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
}
//
// Build the SELECT tag
//
$html = '<select name="member_name">';
foreach ($options as $name => $description) {
$html .= "<option value='{$name}'>{$description}</option>";
}
$html .= '</select>';
$resp->AddAssign("members_select", "innerHTML", $html);
return $resp;
}
<th>
<label for='mboxs1'><?php
echo gettext("Networks");
?>
</label><br/>
<span><a href="newnetform.php"> <?php
echo gettext("Insert new network");
?>
?</a></span>
</th>
<td class="left nobborder">
<select style="width:250px;height:90%" multiple="multiple" size="19" class="req_field" name="nets[]" id="nets">
<?php
/* ===== Networks ==== */
if ($network_list = Net::get_list($conn)) {
foreach ($network_list as $network) {
$net_name = $network->get_name();
$net_ips = $network->get_ips();
if (in_array($net_name, $networks)) {
echo "<option value='{$net_name}'>{$net_name} ({$net_ips})</option>";
}
}
}
?>
</select>
<span style="padding-left: 3px; vertical-align: top;">*</span>
<div id='del_selected'><input type="button" value=" [X] " onclick="deletefrom('nets')" class="lbutton"/></div>
</td>
</tr>
} else {
$numnets = "10";
}
//Refresh interval
if (isset($_GET['refresh']) && is_numeric($_GET['refresh'])) {
$refresh = $_GET['refresh'];
} else {
$refresh = 2;
}
$db = new ossim_db();
$conn = $db->connect();
$nets_where = "";
if (Session::allowedNets() != "") {
$nets = explode(",", Session::allowedNets());
foreach ($nets as $net) {
$nets_where .= $nets_where != "" ? " OR net_name=\"" . Net::get_name_by_ip($conn, $net) . "\"" : " WHERE net_name=\"" . Net::get_name_by_ip($conn, $net) . "\"";
}
}
$query = "select * from net_qualification{$nets_where} order by (compromise+attack)/2 desc limit {$numnets};";
if (!($rs =& $conn->Execute($query))) {
print $conn->ErrorMsg();
exit;
}
$addresses = array();
$compromise = array();
$attack = array();
$i = 0;
$addresses[$i] = "Nets";
$compromise[$i] = "Compromise";
$attack[$i] = "Attack";
$addresses[$i + 1] = "no data";
</a> </td>
<?php
}
?>
<td class="nobborder">|</td>
<td class="nobborder" nowrap> <a href="<?php
echo Sensor::get_sensor_link($conn, $host) . "/{$host}.html";
?>
" target="report"> <?php
echo gettext("Usage");
?>
</a> </td>
<?php
if (Host::in_host($conn, $host) || Net::isIpInAnyNet($conn, $host)) {
$interface = Sensor::get_sensor_interface($conn, $host);
?>
<td class="nobborder">|</td>
<td class="nobborder" nowrap> <a href="<?php
echo Sensor::get_sensor_link($conn, $host) . "/plugins/rrdPlugin?action=list&key=interfaces/{$interface}/hosts/{$ip_slashed}&title=host%20{$host}";
?>
" target="report"> <?php
echo gettext("Anomalies");
?>
</a> </td>
<?php
}
$db->close($conn);
?>
unset($_SESSION["_response_descr"]);
echo '<p align="center">Response-Action policy inserted<br/>
<a href="response.php">Back</a></p>';
print '</body></html>';
exit;
}
/* hosts */
require_once 'classes/Host.inc';
$host_list = Host::get_list($conn);
$hosts[] = array("value" => ANY, "name" => "ANY");
foreach ($host_list as $h) {
$hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")");
}
/* nets */
require_once 'classes/Net.inc';
$net_list = Net::get_list($conn);
$nets[] = array("value" => ANY, "name" => "ANY");
foreach ($net_list as $n) {
$nets[] = array("value" => $n->get_name(), "name" => $n->get_name());
}
/* sensors */
require_once 'classes/Sensor.inc';
$sensor_list = Sensor::get_list($conn);
$sensors[] = array("value" => ANY, "name" => "ANY");
foreach ($sensor_list as $s) {
$sensors[] = array("value" => $s->get_ip(), "name" => $s->get_name() . " (" . $s->get_ip() . ")");
}
/* ports */
require_once 'classes/Port_group.inc';
$port_list = Port_group::get_list($conn);
$ports[] = array("value" => ANY, "name" => "ANY");
function host_row_basic($host, $conn, $criterias, $has_criterias, $networks, $hosts_ips, $i)
{
require_once "classes/Sensor.inc";
$color = $i % 2 == 0 ? "#F2F2F2" : "#FFFFFF";
$ip = $host->get_ip();
$host_name = $ip != $host->get_hostname() ? $host->get_hostname() . " ({$ip})" : $ip;
$gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD);
$country = strtolower(geoip_country_code_by_addr($gi, $ip));
$country_name = geoip_country_name_by_addr($gi, $ip);
geoip_close($gi);
if ($country) {
$country_img = " <img src=\"../pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">";
} else {
$country_img = "";
}
//$homelan = (Net::isIpInNet($ip, $networks) || in_array($ip, $hosts_ips)) ? " <a href=\"javascript:;\" class=\"scriptinfo\" style=\"text-decoration:none\" ip=\"".$ip."\"><img src=\"../forensics/images/homelan.png\" border=0></a>" : "";
// Network
require_once 'classes/Net.inc';
$netname = Net::GetClosestNet($conn, $ip);
if ($netname != false) {
$ips = Net::get_ips_by_name($conn, $netname);
$net = "<b>{$netname}</b> ({$ips})";
} else {
$net = "<i>" . _("Asset Unknown") . "</i>";
}
// Inventory
$os_data = Host_os::get_ip_data($conn, $ip);
if ($os_data["os"] != "") {
$os = $os_data["os"];
$os_pixmap = Host_os::get_os_pixmap($conn, $ip);
} else {
$os = _("OS Unknown");
$os_pixmap = "";
}
require_once 'classes/Host_services.inc';
$services = Host_services::get_ip_data($conn, $ip, 0);
$services_arr = array();
foreach ($services as $serv) {
$services_arr[$serv['service']]++;
}
// Vulnerabilities
require_once 'classes/Status.inc';
list($vuln_list, $num_vuln, $vuln_highrisk, $vuln_risknum) = Status::get_vul_events($conn, $ip);
$vuln_list_str = "";
$v = 0;
foreach ($vuln_list as $vuln) {
if ($v++ < 20) {
$vuln_list_str .= $vuln['name'] . "<br>";
}
}
$vuln_list_str = str_replace("\"", "", $vuln_list_str);
$vuln_caption = $num_vuln > 0 ? ' class="greybox_caption" data="' . $vuln_list_str . '"' : ' class="greybox"';
// Incidents
$sql = "SELECT count(*) as num FROM alarm WHERE src_ip=INET_ATON(\"{$ip}\") OR dst_ip=INET_ATON(\"{$ip}\")";
if (!($rs =& $conn->Execute($sql))) {
$num_alarms = _("Error in Query: {$sql}");
} else {
if (!$rs->EOF) {
$num_alarms = $rs->fields['num'];
}
}
if ($num_alarms > 0) {
$alarm_link = '<a href="../control_panel/alarm_console.php?&hide_closed=1&hmenu=Alarms&smenu=Alarms&src_ip=' . $ip . '&dst_ip=' . $ip . '" target="main"><b>' . $num_alarms . '</b></a>';
} else {
$alarm_link = '<b>' . $num_alarms . '</b>';
}
$sql = "SELECT count(*) as num FROM incident_alarm WHERE src_ips=\"{$ip}\" OR dst_ips=\"{$ip}\"";
if (!($rs =& $conn->Execute($sql))) {
$num_tickets = _("Error in Query: {$sql}");
} else {
if (!$rs->EOF) {
$num_tickets = $rs->fields['num'];
}
}
if ($num_tickets > 0) {
$tickets_link = '<a href="../incidents/index.php?status=Open&hmenu=Tickets&smenu=Tickets&with_text=' . $ip . '" target="main"><b>' . $num_tickets . '</b></a>';
} else {
$tickets_link = '<b>' . $num_tickets . '</b>';
}
// Events
list($sim_events, $sim_foundrows, $sim_highrisk, $sim_risknum, $sim_date) = Status::get_SIM_light($ip, $ip);
if ($sim_foundrows > 0) {
$sim_link = '<a href="../forensics/base_qry_main.php?&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d&ip=' . $ip . '&date_range=week&hmenu=Forensics&smenu=Forensics" target="main"><b>' . $sim_foundrows . '</b></a>';
} else {
$sim_link = '<b>' . $sim_foundrows . '</b>';
}
//
$txt_tmp1 = _('Events in the SIEM');
$txt_tmp2 = _('Events in the logger');
if ($_SESSION['inventory_search']['date_from'] != "" && $_SESSION['inventory_search']['date_from'] != '1700-01-01') {
$start_week = $_SESSION['inventory_search']['date_from'];
} else {
$start_week = strftime("%Y-%m-%d", time() - 24 * 60 * 60 * 1);
}
if ($_SESSION['inventory_search']['date_to'] != "" && $_SESSION['inventory_search']['date_to'] != '3000-01-01') {
$end = $_SESSION['inventory_search']['date_to'];
} else {
$end = strftime("%Y-%m-%d", time());
}
if ($start_week == strftime("%Y-%m-%d", time() - 24 * 60 * 60 * 1) && $end == strftime("%Y-%m-%d", time())) {
$txt_tmp1 .= _(' (Last Week)');
$txt_tmp2 .= _(' (Last Day)');
}
$start_week_temp = $start_week;
$start_week .= ' 00:00:00';
$end_temp = $end;
$end .= ' 23:59:59';
//
//$start_week = strftime("%Y-%m-%d %H:%M:%S", time() - (24 * 60 * 60 * 7));
//$end = strftime("%Y-%m-%d %H:%M:%S", time());
list($sem_events_week, $sem_foundrows_week, $sem_date, $sem_wplot_y, $sem_wplot_x) = Status::get_SEM("", $start_week, $end, "none", 1234, $ip);
if ($sem_foundrows_week > 0) {
$sem_link = '<a href="../sem/index.php?hmenu=SEM&smenu=SEM&query=' . urlencode($ip) . '&start=' . urlencode($start_week) . '" target="main"><b>' . $sem_foundrows_week . '</b></a>';
} else {
$sem_link = '<b>' . $sem_foundrows_week . '</b>';
}
// Anomalies
list($event_list, $anm_foundrows, $anm_foundrows_week, $anm_date) = Status::get_anomalies($conn, $ip);
// Ntp link
$ntop_lnk = Sensor::get_sensor_link($conn, $ip);
if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)/", $ntop_lnk, $fnd)) {
$ntop_ip = $fnd[1];
} else {
$ntop_ip = $ip;
}
//
$row = '<tr bgcolor="' . $color . '">
<td class="nobborder" style="text-align:center;padding:2px"><a href="../report/host_report.php?host=' . $ip . '&star_date=' . $start_week_temp . '&end_date=' . $end_temp . '" id="' . $ip . ';' . $host->get_hostname() . '" class="HostReportMenu" style="color:#17457c;font-size:15px;text-align:left"><b>' . $host_name . '</b></font></a><br><font style="color:gray">' . $net . '</font></td>
<td class="nobborder" style="text-align:center;padding:2px">' . $os . ' ' . $os_pixmap . '<br>' . implode("<br>", array_keys($services_arr)) . '</td>
<td class="nobborder" style="text-align:center;padding:2px"><a href="../vulnmeter/index.php?value=' . $ip . '&type=hn&withoutmenu=1&hmenu=Vulnerabilities&smenu=Vulnerabilities" title="Top 20 ' . _("Vulnerabilities for") . ' ' . $ip . '"' . $vuln_caption . '>' . $num_vuln . '</a></td>
<td class="nobborder" style="text-align:center;padding:2px">' . $alarm_link . ' ' . _("Alarms") . '<br>' . $tickets_link . ' ' . _("Tickets") . '</td>
<td class="nobborder" style="padding:2px">' . $sim_link . ' ' . $txt_tmp1 . '<br>' . $sem_link . ' ' . $txt_tmp2 . '</td>
<td class="nobborder" style="text-align:center;padding:2px"><a href="../control_panel/anomalies.php?withoutmenu=1" class="greybox" title="' . _("Anomalies") . '"><b>' . $anm_foundrows . '</b></a></td>
<td class="nobborder" style="text-align:center;padding:2px">
<table class="transparent">
<tr>
<td class="nobborder"><img src="../pixmaps/ntop_graph_thumb.gif" width="40"></td>
<td class="nobborder"><a href="../ntop/index.php?opc=services&sensor=' . $ntop_ip . '&hmenu=Network&smenu=Profiles&link_ip=' . $ip . '" target="main">' . _("Traffic Sent/Rcvd") . '</a></td>
</tr>
</table>
</td>
</tr>';
// <td class="nobborder"><a href="'.Sensor::get_sensor_link($conn,$ip).'/hostTimeTrafficDistribution-'.$ip.'-65535.png?1" class="greybox">'._("Traffic Sent").'</a><br><a href="'.Sensor::get_sensor_link($conn,$ip).'/hostTimeTrafficDistribution-'.$ip.'-65535.png" class="greybox">'._("Traffic Rcvd").'</a></td>
echo str_replace("\n", "", str_replace("\r", "", str_replace("'", "", $row)));
}
$tooltip = $ng_title;
$li = "h:'{$h}', url:'../net/newnetgroupform.php?name=" . urlencode($netgroup_name) . "', icon:'../../pixmaps/theme/net_group.png', title:'{$title}', tooltip:'{$tooltip}'\n";
$buffer .= ($j > 0 ? "," : "") . "{ {$li} }";
$j++;
}
$buffer .= "]";
if ($buffer == "[]") {
$buffer = "[{title:'" . _("No Network Groups Found") . "', noLink:true}]";
}
echo $buffer;
} else {
if (preg_match("/^e_(.*)_net\$/", $key)) {
echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
} else {
if (preg_match("/^e_(.*)_.class_(.*)/", $key)) {
echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
} else {
if (preg_match("/e_(.*)_sensor/", $key, $found)) {
$entityPerms = Acl::entityPerms($conn, $found[1]);
$all = count($entityPerms["sensors"]);
$sensors = Sensor::get_all($conn);
$j = 0;
$buffer .= "[";
foreach ($sensors as $sensor) {
if (!$all || $entityPerms["sensors"][$sensor->get_ip()]) {
$sensor_name = $sensor->get_name();
$s_title = Util::htmlentities($sensor_name);
$title = strlen($sensor_name) > $length_name ? substr($sensor_name, 0, $length_name) . "..." : $sensor_name;
$title = Util::htmlentities($title);
$tooltip = $s_title;
$li = "h:'{$h}', url:'../sensor/interfaces.php?sensor=" . $sensor->get_ip() . "&name=" . urlencode($sensor_name) . "', icon:'../../pixmaps/theme/server.png', title:'{$title}', tooltip:'{$tooltip}'\n";
* Classes list:
*/
require_once 'classes/Security.inc';
require_once 'classes/Session.inc';
require_once 'languages.inc';
Session::logcheck("MenuConfiguration", "ConfigurationUsers");
?>
<?php
require_once 'ossim_acl.inc';
require_once 'ossim_db.inc';
require_once 'classes/Net.inc';
require_once 'classes/Sensor.inc';
$db = new ossim_db();
$conn = $db->connect();
$net_list = Net::get_all($conn);
$sensor_list = Sensor::get_all($conn, "ORDER BY name ASC");
$pass_length_min = $conf->get_conf("pass_length_min", FALSE) ? $conf->get_conf("pass_length_min", FALSE) : 7;
$pass_length_max = $conf->get_conf("pass_length_max", FALSE) ? $conf->get_conf("pass_length_max", FALSE) : 255;
if ($pass_length_max < $pass_length_min || $pass_length_max < 1) {
$pass_length_max = 255;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
require_once 'ossim_db.inc';
require_once 'ossim_conf.inc';
include "functions.php";
$new = GET('new') == "1" ? 1 : 0;
$ip = GET('ip');
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _("ip"));
if (ossim_error()) {
die(ossim_error());
}
// Database Object
$db = new ossim_db();
$conn = $db->connect();
$net_search = Net::GetClosestNet($conn, $ip, 1);
// Get Networks
list($_sensors, $_hosts) = Host::get_ips_and_hostname($conn, true);
$_nets = Net::get_all($conn, true);
$networks = $hosts = "";
foreach ($_nets as $_net) {
$networks .= '{ txt:"' . $_net->get_name() . ' [' . $_net->get_ips() . ']", id: "' . $_net->get_ips() . '" },';
}
foreach ($_hosts as $_ip => $_hostname) {
if ($_hostname != $_ip) {
$hosts .= '{ txt:"' . $_ip . ' [' . $_hostname . ']", id: "' . $_ip . '" },';
} else {
$hosts .= '{ txt:"' . $_ip . '", id: "' . $_ip . '" },';
}
}
// Get Services and OS
$inventory = "";
$query = "(SELECT DISTINCT os as element FROM host_os ORDER BY os) UNION (SELECT DISTINCT service as element FROM host_services ORDER BY service)";
if (!($rs =& $conn->Execute($query, $params))) {
require dirname(__FILE__) . '/config.php';
$action = isset($action) ? $action : NULL;
$q = isset($wd) ? trim($wd) : '';
$page = empty($page) ? 1 : intval($page);
$short_movies = array();
if (empty($wd)) {
header('Location:index.php');
}
//保存搜索的历史记录
/*if(isset($userid)){
sethostory($q,$userid);
}*/
//搜索路径
$single_url = 'http://www.soku.com/v?keyword=' . $q . '&curpage=' . $page;
//采集HTML
$single_html = Net::curl($single_url);
$movies = array();
$main_str = preg($single_html, '/<li\\s+class=\\"p_link\\">\\s*[\\w\\W]*?\\s*<\\/li>\\s+<li\\s+class=\\"p_thumb\\">\\s*[\\w\\W]*?\\s*<\\/li>/six', 2);
$_str = $main_str[0];
if (is_array($_str) && count($_str) > 0) {
foreach ($_str as $v) {
$v_url = preg($v, '/href=\\"([\\w\\W]*?)\\"/');
$v_url = $v_url[1];
$v_title = preg($v, '/\\s+title=\\"([\\w\\W]*?)\\"/');
$v_title = $v_title[1];
$v_img = preg($v, '/src=\\"([\\w\\W]*?)\\"/');
$v_img = $v_img[1];
if (strstr($v_url, '/detail/show/')) {
$singe = array();
$singe['playlist_url'] = $v_url;
$singe['playlist_title'] = $v_title;
/**
* Check if the server is up.
* @return boolean true if the triplestore is up.
* @access public
*/
public function check()
{
return Net::ping($this->_endpoint) != -1;
}
if (POST('withoutmenu') != "1") {
include "../hmenu.php";
$get_param = "withoutmenu=0";
} else {
$get_param = "name={$net_name}&withoutmenu=1";
}
if (POST('insert')) {
if ($error == true) {
$txt_error = "<div>" . _("We Found the following errors") . ":</div><div style='padding:10px;'>" . implode("<br/>", $message_error) . "</div>";
Util::print_error($txt_error);
Util::make_form("POST", "newnetform.php?" . $get_param);
die;
}
$db = new ossim_db();
$conn = $db->connect();
Net::insert($conn, $net_name, $cidr, $asset, $threshold_c, $threshold_a, $rrd_profile, $alert, $persistence, $sensors, $descr, $icon);
//if ( POST('nessus') ) { Net_scan::insert($conn, $net_name, 3001, 0); }
if ($nagios) {
Net_scan::insert($conn, $net_name, 2007, 0);
}
$db->close($conn);
Util::clean_json_cache_files("(policy|vulnmeter|hostgroup)");
}
if (isset($_SESSION['_net'])) {
unset($_SESSION['_net']);
}
if ($_SESSION["menu_sopc"] == "Networks" && POST('withoutmenu') != "1") {
?>
<p> <?php
echo gettext("Network succesfully inserted");
?>
function get_values($conn, $host_types, $type, $name)
{
// r --> bad
// a --> medium
// v --> good
$RiskValue = 'b';
$VulnValue = 'b';
$AvailValue = 'b';
if (in_array($type, $host_types)) {
if ($type == "host") {
$what = "hostname";
}
$query = "select ip from {$type} where {$what} = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$name = $rs3->fields["ip"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// related sensor
$sensor = $name;
if ($type == "host") {
require_once 'classes/Host.inc';
$sensors = Host::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
} elseif ($type == "net") {
$query = "select ips from net where name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$ips = $rs3->fields["ips"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// related sensor
require_once 'classes/Net.inc';
$sensors = Net::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
} elseif ($type == "host_group") {
$query = "select host_ip from host_group_reference where host_group_name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$iphg = array();
while (!$rs3->EOF) {
$iphg[] = "'" . $rs3->fields["host_ip"] . "'";
$rs3->MoveNext();
}
$ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'";
if (count($iphg) == 0) {
$in_assets = 0;
}
}
// related sensor{
require_once 'classes/Host_group.inc';
$sensors = Host_group::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
$params = $type == "host_group" ? array() : array($name);
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_metric\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_metric\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_metric\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$r_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$RiskValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$RiskValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$RiskValue = 'v';
}
}
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_vulnerability\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_vulnerability\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_vulnerability\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$v_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$VulnValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$VulnValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$VulnValue = 'v';
}
}
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_availability\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_availability\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_availability\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$a_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$AvailValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$AvailValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$AvailValue = 'v';
}
}
return array($RiskValue, $VulnValue, $AvailValue, $sensor, $r_ip, $v_ip);
}
/**
* Exit with status code $code
*
* @throws Exception
* If headers are already sent
* @param int $code
*/
public static function server_exit($code)
{
$file = null;
$line = null;
if (!headers_sent($file, $line)) {
$desc = Net::status_description($code);
header("HTTP/1.1 {$code} {$desc}");
echo "<h1>{$code} <small>{$desc}</small></h1>";
die;
} else {
throw new \Exception("Headers already sent in {$file} on line {$line}!");
}
}
}
qroPrintEntryHeader($i);
/* Generating checkbox value -- nikns */
$addr_type == SOURCE_IP ? $src_ip = $myrow[0] : ($dst_ip = $myrow[0]);
$tmp_rowid = $src_ip . "_" . $dst_ip;
echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>';
/* Check for a NULL IP which indicates an event (e.g. portscan)
* which has no IP
*/
if ($no_ip) {
qroPrintEntry('<A HREF="' . $BASE_urlpath . '/help/base_app_faq.php#1">' . gettext("unknown") . '</A>');
} else {
$country = strtolower(geoip_country_code_by_addr($gi, $currentIP));
$country_name = geoip_country_name_by_addr($gi, $currentIP);
$homelan = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $currentIP)) || in_array($currentIP, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$currentIP}'><img src=\"" . Host::get_homelan_icon($currentIP, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
if ($country) {
$country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" title=\"" . $country_name . "\">";
$slnk = $current_url . "/pixmaps/flags/" . $country . ".png";
} else {
$country_img = "";
$slnk = $homelan != "" ? $current_url . "/forensics/images/homelan.png" : "";
}
$sip_aux = $sensors[$currentIP] != "" ? $sensors[$currentIP] : ($hosts[$currentIP] != "" ? $hosts[$currentIP] : $currentIP);
$div = '<div id="' . $currentIP . ';' . $ip_aux . '" class="HostReportMenu">';
$bdiv = '</div>';
qroPrintEntry($div . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $country_img . $homelan . $bdiv, 'center', '', 'nowrap');
}
if ($resolve_IP == 1) {
qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime) . ' ');
}
$ntop_links = Sensor::get_ntop_link($sensor);
$ntop_link = $ntop_links["ntop"];
$ntop_link = preg_replace("/\\/\$/", "", $ntop_link);
?>
<a href="<?php
echo $ntop_link;
?>
/NetNetstat.html"
target="ntop">
<?php
echo gettext("Reload");
?>
</a>
<?php
} else {
if ($net_list = Net::get_list($conn, "name = '{$sensor}'")) {
$net_ips = $net_list[0]->get_ips();
}
?>
<a href="<?php
echo "net_session.php?net={$net_ips}";
?>
"
target="ntop">
<?php
echo gettext("Reload");
?>
</a>
<?php
}
$db->close($conn);
if ($buffer == "[]" || $buffer == "") {
$buffer = "[{title:'" . _("No Network Groups Found") . "', noLink:true}]";
}
} else {
if (preg_match("/netgroup_(.*)/", $key, $found)) {
$html = "";
$k = 1;
$j = 0;
$nets = Net_group::get_networks($conn, base64_decode($found[1]));
$buffer .= "[";
foreach ($nets as $net) {
if ($j >= $from && $j < $to) {
$net_name = $net->get_net_name();
$net_title = Util::htmlentities(utf8_encode($net_name));
$net_key = utf8_encode("NET:" . $net_name);
$ips_data = Net::get_ips_by_name($conn, $net_name);
$ips = "<font style=\"font-size:80%\">(" . $ips_data . ")</font>";
$title = strlen($net_name) > $length_name ? substr($net_name, 0, $length_name) . "..." : $net_name;
$title = Util::htmlentities(utf8_encode($title)) . " " . $ips;
$tooltip = $net_title . " (" . $ips_data . ")";
$html .= "{ key:'{$net_key}', asset_data:'" . trim($ips_data) . "', icon:'../../pixmaps/theme/net.png', title:'{$title}', tooltip: '{$tooltip}' },\n";
$k++;
}
$j++;
}
if ($html != "") {
$buffer .= preg_replace("/,\$/", "", $html);
}
if ($j > $to) {
$li = "key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net.png', title:'" . _("next") . " {$maxresults} " . _("nets") . "'";
$buffer .= ",{ {$li} }\n";
