public static function doGet($url, $header = false) { global $LastGETURL; global $LastGETMethod; global $LastHeadersSent; global $last_http_response; global $LastHeadersReceived; $LastGETURL = $url; $LastGETMethod = false; $LastHeadersSent = false; $last_http_response = false; $LastHeadersReceived = false; $lastGETResponse = false; $LastGETMethod = "CURL"; $lastGETResponse = Net::getCurl($url, $header); if ($lastGETResponse !== false) { return $lastGETResponse; } $LastGETMethod = "Stream"; $lastGETResponse = Net::getStream($url, $header); if ($lastGETResponse !== false) { return $lastGETResponse; } error_log("Unable to GET Url={$url}"); error_log("Header: {$header}"); throw new \Exception("Unable to GET url=" . $url); }
public function set_blacklist() { $ip = Net::get_user_ip(); $current_time = time(); $node = $this->xml->xpath('/users/blacklist[@ip="' . utf8_encode($ip) . '"]'); // IP dosen't exist if (empty($node)) { if (count($this->xml->users->blacklist) >= BLACKLIST_SAVED_REQUESTS) { unset($this->xml->users->blacklist[0]); } // Add the table $node = $this->xml->addChild('blacklist', ''); // Add the key $node->addAttribute('ip', $ip); // Add the registers $node->addChild('date', $current_time); $node->addChild('fail_count', 1); error_log('Nibbleblog: Blacklist - New IP added - ' . $ip); } else { $date = $node[0]->getChild('date'); $fail_count = $node[0]->getChild('fail_count'); // The IP expired, so renewed if ($current_time > $date + BLACKLIST_TIME * 60) { $node[0]->setChild('date', $current_time); $node[0]->setChild('fail_count', 1); error_log('Nibbleblog: Blacklist - IP renewed because is expired - ' . $ip); } else { $fail_count += 1; $node[0]->setChild('fail_count', $fail_count); error_log('Nibbleblog: Blacklist - IP fail count(' . $fail_count . ') - ' . $ip); } } // Save the database return $this->savetofile(); }
public function doLogin($cookies) { $encPass = $this->getEncryptedPassword(); $res = Net::doRequest('https://steamcommunity.com/login/dologin/', $cookies, ['username' => $this->user, 'password' => $encPass['code'], 'twofactorcode' => '', 'captchagid' => $this->captchaGid, 'captcha_text' => $this->captchaText, 'emailsteamid' => $this->emailSteamId, 'emailauth' => $this->twoFactorCode, 'rsatimestamp' => $encPass['time'], 'remember_login' => false, 'oauth_client_id' => 'DE45CD61', 'oauth_scope' => 'read_profile write_profile read_client write_client', 'loginfriendlyname' => 'escrow.tf']); $this->loginData = json_decode($res[1], true); if (isset($this->loginData['oauth'])) { $this->loginData['oauth'] = new Oauth(json_decode($this->loginData['oauth'])); } // Get steam to send an email even when a bad code is supplied if (!$loginData['success'] && isset($loginData['emailauth_needed']) && $loginData['emailauth_needed'] && !empty($this->twoFactorCode)) { $this->setTwoFactorCode(''); return $this->doLogin($cookies); } return $this->loginData; }
/** * @param Neuron $from * @throws \Exception */ public function send(Neuron $from) { //Choose @var int $_directionType $_directionType = Net::getDirection() == Net::DIRECT ? self::HIGHER_NEURON : self::LOWER_NEURON; if (!isset($this->_neurons[$_directionType])) { throw new \Exception("Something wrong is with direction ({$_directionType}) or relation wasn`t init."); } /** @var Neuron $to */ $to = $this->_neurons[$_directionType]; //var_dump("Value: " . $from->getValue() . " Class: " . get_class($from)); $to->addSignal($this->_weight * $from->getValue()); // If we are on mistake step we need to correct weights if (Net::isMistakeFlow()) { $this->_weightCorrection($to, $from); } }
private static function video_get_vimeo($url, $width = 640, $height = 360) { preg_match('/vimeo\\.com\\/([0-9]{1,10})/', $url, $matches); $video_id = $matches[1]; // Check if a valid url if (!Net::check_http_code('http://vimeo.com/api/v2/video/' . $video_id . '.php', 200)) { return false; } $hash = unserialize(file_get_contents('http://vimeo.com/api/v2/video/' . $video_id . '.php')); $info = array(); $info['id'] = $video_id; $info['title'] = $hash[0]['title']; $info['description'] = $hash[0]['description']; $info['thumb'][0] = $hash[0]['thumbnail_medium']; $info['thumb'][1] = $hash[0]['thumbnail_small']; $info['embed'] = '<iframe class="vimeo_embed" width="' . $width . '" height="' . $height . '" src="http://player.vimeo.com/video/' . $video_id . '" frameborder="0" allowFullScreen></iframe>'; return $info; }
/** * Ping a address * @return int if -1 the server is down * @access public */ static function ping($address) { $urlInfo = parse_url($address); $domain = $urlInfo['host']; $port = Net::getUrlPort($urlInfo); $starttime = microtime(true); $file = @fsockopen($domain, $port, $errno, $errstr, 10); $stoptime = microtime(true); $status = 0; if (!$file) { $status = -1; } else { fclose($file); $status = ($stoptime - $starttime) * 1000; $status = floor($status); } return $status; }
private static function handleLogin() { if (!isset($_POST['login'])) { return; } $user = new User($_POST['user'], $_POST['pass']); $cookies = Net::startSession(); $user->setCaptcha($_POST['gid'] ?: -1, $_POST['captcha'] ?: '')->setEmailSteamId($_POST['emailsteamid'] ?: '')->setTwoFactorCode($_POST['2fa'] ?: ''); $loginData = $user->doLogin($cookies); if (!$loginData['success']) { return $loginData; } $hasPhone = $loginData['oauth']->hasPhone(); if (!$hasPhone) { return ['phone_needed' => true]; } $authData = $loginData['oauth']->addAuthenticator(); $authData = array_merge($authData, ['access_token' => $loginData['oauth']->oauth_token, 'wgtoken' => $loginData['oauth']->wgtoken, 'wgtoken_secure' => $loginData['oauth']->wgtoken_secure, 'steamid' => $loginData['oauth']->steamid]); return ['sms_needed' => true, 'revocation_code' => $authData['revocation_code'], 'authdata' => Crypt::encrypt($authData, $_POST['ekey']), 'raw' => $authData]; }
public function add($category, $send_email, $args = array()) { global $_LANG; if (count($this->xml->notification) >= NOTIFICATIONS_AMOUNT) { unset($this->xml->notification[0]); } // Email if ($send_email) { if ($category == 'session_fail') { // Subject $subject = $_LANG['LOGIN_FAILED_ATTEMPT']; // Message $message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{USERNAME}}' => $args['username'], '{{PASSWORD}}' => $args['password'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_FAIL_LOGIN']); } elseif ($category == 'session_start') { // Subject $subject = $_LANG['NEW_SESSION_STARTED']; // Message $message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{USERNAME}}' => $args['username'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_SESSION_STARTED']); } elseif ($category == 'comment') { // Subject $subject = $_LANG['YOU_HAVE_A_NEW_COMMENT']; // Message $message = Text::replace_assoc(array('{{BLOG_NAME}}' => $this->settings['name'], '{{COMMENT}}' => $args['comment'], '{{AUTHOR_NAME}}' => $args['author_name'], '{{AUTHOR_EMAIL}}' => $args['author_email'], '{{IP}}' => Net::get_user_ip()), $_LANG['EMAIL_NOTIFICATION_NEW_COMMENT']); } $sent = Email::send(array('from' => $this->settings['notification_email_from'], 'to' => $this->settings['notification_email_to'], 'subject' => $subject, 'message' => $message)); } else { $sent = false; } // Encrypt the user IP include FILE_KEYS; $user_ip = Crypt::encrypt(Net::get_user_ip(), $_KEYS[0]); // Save the notification $node = $this->xml->addChild('notification'); $node->addAttribute('category', $category); $node->addAttribute('mail', $sent); $node->addAttribute('ip', $user_ip); $node->addAttribute('date', Date::unixstamp()); $this->savetofile(); return true; }
} } $buffer = preg_replace("/,\$/", "", $buffer); $buffer .= "]"; if ($buffer == "" || $buffer == "[]") { echo "[{title:'" . _("No Hosts Found") . "', noLink:true}]"; } else { echo $buffer; } } else { if (preg_match("/^e_(.*)_net\$/", $key)) { $buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1); echo $buffer; } else { if (preg_match("/^e_(.*)_.class_(.*)/", $key)) { $buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1); echo $buffer; } else { if (preg_match("/e_(.*)_sensor/", $key, $found)) { $entityPerms = Acl::entityPerms($conn, $found[1]); $all = count($entityPerms["sensors"]); $sensors = Sensor::get_all($conn); $j = 0; $buffer .= "["; foreach ($sensors as $sensor) { if (!$all || $entityPerms["sensors"][$sensor->get_ip()]) { $sensor_name = $sensor->get_name(); $s_title = Util::htmlentities($sensor_name); $sensor_key = utf8_encode("sensor;" . $sensor_name); $title = strlen($sensor_name) > $length_name ? substr($sensor_name, 0, $length_name) . "..." : $sensor_name; $title = Util::htmlentities($title);
private function runQuery($q, $qt = '', $infos = '') { /* ep */ $ep = $this->_arc2_RemoteStore->v('remote_store_endpoint', 0, $this->_arc2_RemoteStore->a); if (!$ep) { return $this->_arc2_RemoteStore->addError('No Endpoint defined.'); } /* prefixes */ $q = $this->_arc2_RemoteStore->completeQuery($q); /* custom handling */ $mthd = 'run' . $this->_arc2_RemoteStore->camelCase($qt) . 'Query'; if (method_exists($this, $mthd)) { return $this->_arc2_RemoteStore->{$mthd}($q, $infos); } if (in_array($qt, array('insert', 'delete'))) { if ($this->_readOnly) { return $this->_arc2_RemoteStore->addError('No right to write in the triplestore.'); } else { $s = new FourStore_Store($ep, $this->_debug); $r = $s->queryUpdate($q); if (!$r) { $errmsg = "Error unknown."; if (Net::ping($ep) == -1) { $errmsg = "Could not connect to " . $ep; } return $this->_arc2_RemoteStore->addError($errmsg); } } } else { $s = new FourStore_Store($ep, $this->_debug); $resp = $s->queryRead($q); if ($resp == "") { $errmsg = "Error unknown."; if (Net::ping($ep) == -1) { $errmsg = "Could not connect to " . $ep; } return $this->_arc2_RemoteStore->addError($errmsg); } if (preg_match_all('%<!--(.*error.*)-->%m', $resp, $errorResponse)) { $message4s = $errorResponse[1][0]; return $this->_arc2_RemoteStore->addError("4Store message : " . $message4s . "\n query :\n" . $q); } $parser = @ARC2::getSPARQLXMLResultParser(); $parser->parse('', $resp); $err = $parser->getErrors(); if ($err) { return $this->_arc2_RemoteStore->addError($err); } if ($qt == 'ask') { $bid = $parser->getBooleanInsertedDeleted(); $r = $bid['boolean']; } elseif ($qt == 'select' && !method_exists($parser, 'getRows')) { $r = $resp; } elseif ($qt == 'select') { $r = array('rows' => $parser->getRows(), 'variables' => $parser->getVariables()); } else { $r = $parser->getSimpleIndex(0); } unset($parser); } return $r; }
// No perms over the host's network $threshold_a = $conf_threshold; $threshold_c = $conf_threshold; if (count($groups_belong['nets']) < 1) { $rs->MoveNext(); continue; // Host doesn't belong to any network /* } elseif ($net === null) { $threshold_a = $conf_threshold; $threshold_c = $conf_threshold; // User got perms */ } else { // threshold inheritance (for multiple nets get the closest) $closest_net = Net::GetClosestNet($conn, $ip); foreach ($groups_belong['nets'] as $net_name_aux => $net) { if ($net_name_aux == $closest_net) { $net_threshold_a = $net['threshold_a']; $net_threshold_c = $net['threshold_c']; $net_belong = $net_name_aux; $group_belong = $net['group']; } } if ($net_belong == "") { $net_belong = $net_name_aux; $group_belong = $net['group']; } $threshold_a = $rs->fields['threshold_a'] ? $rs->fields['threshold_a'] : $net_threshold_a; $threshold_c = $rs->fields['threshold_c'] ? $rs->fields['threshold_c'] : $net_threshold_c; }
if ($file1Size + $file2Size >= 8388608) { //TODO 根据服务器返回error码做提示 echo "<script type=\"text/javascript\">parent.callback('提交失败 ! : 文件不得大于8M')</script>"; } if ($tmp1 == null && $tmp2 != null) { $params['media'] = "@" . $tmp2; } else { $params['media'] = "@" . $tmp1; $params['media2'] = "@" . $tmp2; } } $params['status'] = $content; if (!empty($address)) { $params['url'] = $address; } $sinaNet = new Net(); $resCode = $sinaNet->request($username, $password, $params); returnResMsgByCode($resCode); /** * 根据responseCode返回对应的错误信息 * @param $code */ function returnResMsgByCode($code) { $msg = null; switch ($code) { case 200: $msg = "提交成功 !"; break; case 401: $msg = "提交失败 ! : 原因用户名或密码错误";
** Built upon work by Roman Danyliw <*****@*****.**>, <*****@*****.**> ** Built upon work by the BASE Project Team <*****@*****.**> */ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); require_once 'classes/Session.inc'; Session::logcheck("MenuEvents", "EventsForensics"); // $ip = GET('ip'); ossim_valid($ip, OSS_IP_ADDR, 'illegal:' . _("ip")); if (ossim_error()) { die(ossim_error()); } // require_once 'classes/Net.inc'; require_once 'ossim_db.inc'; $db = new ossim_db(); $conn = $db->connect(); $netname = Net::GetClosestNet($conn, $ip); if ($netname != false) { list($ips, $icon) = Net::get_ips_by_name($conn, $netname, true); if ($icon != "") { echo "<img src='data:image/png;base64," . base64_encode($icon) . "' border='0'> "; } echo "<b>{$netname}</b> ({$ips})"; } else { echo "<b>{$ip}</b> not found in home networks"; } $db->close($conn);
function draw_members_select($form_data) { global $conn, $id; $resp = new xajaxResponse(); $type = $form_data['member_type']; // The user selected the empty type if (!$type) { $resp->AddAssign("members_select", "innerHTML", _("Please select a type")); return $resp; } // // Get the list of members of the given type // $options = array(); switch ($type) { case 'host': include_once 'classes/Host.inc'; $list = Host::get_list($conn, "", 'ORDER BY hostname'); print_r($list); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr; } break; case 'net': include_once 'classes/Net.inc'; $list = Net::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr; } break; case 'host_group': include_once 'classes/Host_group.inc'; $list = Host_group::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; case 'net_group': include_once 'classes/Net_group.inc'; $list = Net_group::get_list($conn, '', 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; } // // Build the SELECT tag // $html = '<select name="member_name">'; foreach ($options as $name => $description) { $html .= "<option value='{$name}'>{$description}</option>"; } $html .= '</select>'; $resp->AddAssign("members_select", "innerHTML", $html); return $resp; }
<th> <label for='mboxs1'><?php echo gettext("Networks"); ?> </label><br/> <span><a href="newnetform.php"> <?php echo gettext("Insert new network"); ?> ?</a></span> </th> <td class="left nobborder"> <select style="width:250px;height:90%" multiple="multiple" size="19" class="req_field" name="nets[]" id="nets"> <?php /* ===== Networks ==== */ if ($network_list = Net::get_list($conn)) { foreach ($network_list as $network) { $net_name = $network->get_name(); $net_ips = $network->get_ips(); if (in_array($net_name, $networks)) { echo "<option value='{$net_name}'>{$net_name} ({$net_ips})</option>"; } } } ?> </select> <span style="padding-left: 3px; vertical-align: top;">*</span> <div id='del_selected'><input type="button" value=" [X] " onclick="deletefrom('nets')" class="lbutton"/></div> </td> </tr>
} else { $numnets = "10"; } //Refresh interval if (isset($_GET['refresh']) && is_numeric($_GET['refresh'])) { $refresh = $_GET['refresh']; } else { $refresh = 2; } $db = new ossim_db(); $conn = $db->connect(); $nets_where = ""; if (Session::allowedNets() != "") { $nets = explode(",", Session::allowedNets()); foreach ($nets as $net) { $nets_where .= $nets_where != "" ? " OR net_name=\"" . Net::get_name_by_ip($conn, $net) . "\"" : " WHERE net_name=\"" . Net::get_name_by_ip($conn, $net) . "\""; } } $query = "select * from net_qualification{$nets_where} order by (compromise+attack)/2 desc limit {$numnets};"; if (!($rs =& $conn->Execute($query))) { print $conn->ErrorMsg(); exit; } $addresses = array(); $compromise = array(); $attack = array(); $i = 0; $addresses[$i] = "Nets"; $compromise[$i] = "Compromise"; $attack[$i] = "Attack"; $addresses[$i + 1] = "no data";
</a> </td> <?php } ?> <td class="nobborder">|</td> <td class="nobborder" nowrap> <a href="<?php echo Sensor::get_sensor_link($conn, $host) . "/{$host}.html"; ?> " target="report"> <?php echo gettext("Usage"); ?> </a> </td> <?php if (Host::in_host($conn, $host) || Net::isIpInAnyNet($conn, $host)) { $interface = Sensor::get_sensor_interface($conn, $host); ?> <td class="nobborder">|</td> <td class="nobborder" nowrap> <a href="<?php echo Sensor::get_sensor_link($conn, $host) . "/plugins/rrdPlugin?action=list&key=interfaces/{$interface}/hosts/{$ip_slashed}&title=host%20{$host}"; ?> " target="report"> <?php echo gettext("Anomalies"); ?> </a> </td> <?php } $db->close($conn); ?>
unset($_SESSION["_response_descr"]); echo '<p align="center">Response-Action policy inserted<br/> <a href="response.php">Back</a></p>'; print '</body></html>'; exit; } /* hosts */ require_once 'classes/Host.inc'; $host_list = Host::get_list($conn); $hosts[] = array("value" => ANY, "name" => "ANY"); foreach ($host_list as $h) { $hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")"); } /* nets */ require_once 'classes/Net.inc'; $net_list = Net::get_list($conn); $nets[] = array("value" => ANY, "name" => "ANY"); foreach ($net_list as $n) { $nets[] = array("value" => $n->get_name(), "name" => $n->get_name()); } /* sensors */ require_once 'classes/Sensor.inc'; $sensor_list = Sensor::get_list($conn); $sensors[] = array("value" => ANY, "name" => "ANY"); foreach ($sensor_list as $s) { $sensors[] = array("value" => $s->get_ip(), "name" => $s->get_name() . " (" . $s->get_ip() . ")"); } /* ports */ require_once 'classes/Port_group.inc'; $port_list = Port_group::get_list($conn); $ports[] = array("value" => ANY, "name" => "ANY");
function host_row_basic($host, $conn, $criterias, $has_criterias, $networks, $hosts_ips, $i) { require_once "classes/Sensor.inc"; $color = $i % 2 == 0 ? "#F2F2F2" : "#FFFFFF"; $ip = $host->get_ip(); $host_name = $ip != $host->get_hostname() ? $host->get_hostname() . " ({$ip})" : $ip; $gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD); $country = strtolower(geoip_country_code_by_addr($gi, $ip)); $country_name = geoip_country_name_by_addr($gi, $ip); geoip_close($gi); if ($country) { $country_img = " <img src=\"../pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">"; } else { $country_img = ""; } //$homelan = (Net::isIpInNet($ip, $networks) || in_array($ip, $hosts_ips)) ? " <a href=\"javascript:;\" class=\"scriptinfo\" style=\"text-decoration:none\" ip=\"".$ip."\"><img src=\"../forensics/images/homelan.png\" border=0></a>" : ""; // Network require_once 'classes/Net.inc'; $netname = Net::GetClosestNet($conn, $ip); if ($netname != false) { $ips = Net::get_ips_by_name($conn, $netname); $net = "<b>{$netname}</b> ({$ips})"; } else { $net = "<i>" . _("Asset Unknown") . "</i>"; } // Inventory $os_data = Host_os::get_ip_data($conn, $ip); if ($os_data["os"] != "") { $os = $os_data["os"]; $os_pixmap = Host_os::get_os_pixmap($conn, $ip); } else { $os = _("OS Unknown"); $os_pixmap = ""; } require_once 'classes/Host_services.inc'; $services = Host_services::get_ip_data($conn, $ip, 0); $services_arr = array(); foreach ($services as $serv) { $services_arr[$serv['service']]++; } // Vulnerabilities require_once 'classes/Status.inc'; list($vuln_list, $num_vuln, $vuln_highrisk, $vuln_risknum) = Status::get_vul_events($conn, $ip); $vuln_list_str = ""; $v = 0; foreach ($vuln_list as $vuln) { if ($v++ < 20) { $vuln_list_str .= $vuln['name'] . "<br>"; } } $vuln_list_str = str_replace("\"", "", $vuln_list_str); $vuln_caption = $num_vuln > 0 ? ' class="greybox_caption" data="' . $vuln_list_str . '"' : ' class="greybox"'; // Incidents $sql = "SELECT count(*) as num FROM alarm WHERE src_ip=INET_ATON(\"{$ip}\") OR dst_ip=INET_ATON(\"{$ip}\")"; if (!($rs =& $conn->Execute($sql))) { $num_alarms = _("Error in Query: {$sql}"); } else { if (!$rs->EOF) { $num_alarms = $rs->fields['num']; } } if ($num_alarms > 0) { $alarm_link = '<a href="../control_panel/alarm_console.php?&hide_closed=1&hmenu=Alarms&smenu=Alarms&src_ip=' . $ip . '&dst_ip=' . $ip . '" target="main"><b>' . $num_alarms . '</b></a>'; } else { $alarm_link = '<b>' . $num_alarms . '</b>'; } $sql = "SELECT count(*) as num FROM incident_alarm WHERE src_ips=\"{$ip}\" OR dst_ips=\"{$ip}\""; if (!($rs =& $conn->Execute($sql))) { $num_tickets = _("Error in Query: {$sql}"); } else { if (!$rs->EOF) { $num_tickets = $rs->fields['num']; } } if ($num_tickets > 0) { $tickets_link = '<a href="../incidents/index.php?status=Open&hmenu=Tickets&smenu=Tickets&with_text=' . $ip . '" target="main"><b>' . $num_tickets . '</b></a>'; } else { $tickets_link = '<b>' . $num_tickets . '</b>'; } // Events list($sim_events, $sim_foundrows, $sim_highrisk, $sim_risknum, $sim_date) = Status::get_SIM_light($ip, $ip); if ($sim_foundrows > 0) { $sim_link = '<a href="../forensics/base_qry_main.php?&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d&ip=' . $ip . '&date_range=week&hmenu=Forensics&smenu=Forensics" target="main"><b>' . $sim_foundrows . '</b></a>'; } else { $sim_link = '<b>' . $sim_foundrows . '</b>'; } // $txt_tmp1 = _('Events in the SIEM'); $txt_tmp2 = _('Events in the logger'); if ($_SESSION['inventory_search']['date_from'] != "" && $_SESSION['inventory_search']['date_from'] != '1700-01-01') { $start_week = $_SESSION['inventory_search']['date_from']; } else { $start_week = strftime("%Y-%m-%d", time() - 24 * 60 * 60 * 1); } if ($_SESSION['inventory_search']['date_to'] != "" && $_SESSION['inventory_search']['date_to'] != '3000-01-01') { $end = $_SESSION['inventory_search']['date_to']; } else { $end = strftime("%Y-%m-%d", time()); } if ($start_week == strftime("%Y-%m-%d", time() - 24 * 60 * 60 * 1) && $end == strftime("%Y-%m-%d", time())) { $txt_tmp1 .= _(' (Last Week)'); $txt_tmp2 .= _(' (Last Day)'); } $start_week_temp = $start_week; $start_week .= ' 00:00:00'; $end_temp = $end; $end .= ' 23:59:59'; // //$start_week = strftime("%Y-%m-%d %H:%M:%S", time() - (24 * 60 * 60 * 7)); //$end = strftime("%Y-%m-%d %H:%M:%S", time()); list($sem_events_week, $sem_foundrows_week, $sem_date, $sem_wplot_y, $sem_wplot_x) = Status::get_SEM("", $start_week, $end, "none", 1234, $ip); if ($sem_foundrows_week > 0) { $sem_link = '<a href="../sem/index.php?hmenu=SEM&smenu=SEM&query=' . urlencode($ip) . '&start=' . urlencode($start_week) . '" target="main"><b>' . $sem_foundrows_week . '</b></a>'; } else { $sem_link = '<b>' . $sem_foundrows_week . '</b>'; } // Anomalies list($event_list, $anm_foundrows, $anm_foundrows_week, $anm_date) = Status::get_anomalies($conn, $ip); // Ntp link $ntop_lnk = Sensor::get_sensor_link($conn, $ip); if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)/", $ntop_lnk, $fnd)) { $ntop_ip = $fnd[1]; } else { $ntop_ip = $ip; } // $row = '<tr bgcolor="' . $color . '"> <td class="nobborder" style="text-align:center;padding:2px"><a href="../report/host_report.php?host=' . $ip . '&star_date=' . $start_week_temp . '&end_date=' . $end_temp . '" id="' . $ip . ';' . $host->get_hostname() . '" class="HostReportMenu" style="color:#17457c;font-size:15px;text-align:left"><b>' . $host_name . '</b></font></a><br><font style="color:gray">' . $net . '</font></td> <td class="nobborder" style="text-align:center;padding:2px">' . $os . ' ' . $os_pixmap . '<br>' . implode("<br>", array_keys($services_arr)) . '</td> <td class="nobborder" style="text-align:center;padding:2px"><a href="../vulnmeter/index.php?value=' . $ip . '&type=hn&withoutmenu=1&hmenu=Vulnerabilities&smenu=Vulnerabilities" title="Top 20 ' . _("Vulnerabilities for") . ' ' . $ip . '"' . $vuln_caption . '>' . $num_vuln . '</a></td> <td class="nobborder" style="text-align:center;padding:2px">' . $alarm_link . ' ' . _("Alarms") . '<br>' . $tickets_link . ' ' . _("Tickets") . '</td> <td class="nobborder" style="padding:2px">' . $sim_link . ' ' . $txt_tmp1 . '<br>' . $sem_link . ' ' . $txt_tmp2 . '</td> <td class="nobborder" style="text-align:center;padding:2px"><a href="../control_panel/anomalies.php?withoutmenu=1" class="greybox" title="' . _("Anomalies") . '"><b>' . $anm_foundrows . '</b></a></td> <td class="nobborder" style="text-align:center;padding:2px"> <table class="transparent"> <tr> <td class="nobborder"><img src="../pixmaps/ntop_graph_thumb.gif" width="40"></td> <td class="nobborder"><a href="../ntop/index.php?opc=services&sensor=' . $ntop_ip . '&hmenu=Network&smenu=Profiles&link_ip=' . $ip . '" target="main">' . _("Traffic Sent/Rcvd") . '</a></td> </tr> </table> </td> </tr>'; // <td class="nobborder"><a href="'.Sensor::get_sensor_link($conn,$ip).'/hostTimeTrafficDistribution-'.$ip.'-65535.png?1" class="greybox">'._("Traffic Sent").'</a><br><a href="'.Sensor::get_sensor_link($conn,$ip).'/hostTimeTrafficDistribution-'.$ip.'-65535.png" class="greybox">'._("Traffic Rcvd").'</a></td> echo str_replace("\n", "", str_replace("\r", "", str_replace("'", "", $row))); }
$tooltip = $ng_title; $li = "h:'{$h}', url:'../net/newnetgroupform.php?name=" . urlencode($netgroup_name) . "', icon:'../../pixmaps/theme/net_group.png', title:'{$title}', tooltip:'{$tooltip}'\n"; $buffer .= ($j > 0 ? "," : "") . "{ {$li} }"; $j++; } $buffer .= "]"; if ($buffer == "[]") { $buffer = "[{title:'" . _("No Network Groups Found") . "', noLink:true}]"; } echo $buffer; } else { if (preg_match("/^e_(.*)_net\$/", $key)) { echo Net::draw_nets_by_class($conn, $key, $filter, $length_name); } else { if (preg_match("/^e_(.*)_.class_(.*)/", $key)) { echo Net::draw_nets_by_class($conn, $key, $filter, $length_name); } else { if (preg_match("/e_(.*)_sensor/", $key, $found)) { $entityPerms = Acl::entityPerms($conn, $found[1]); $all = count($entityPerms["sensors"]); $sensors = Sensor::get_all($conn); $j = 0; $buffer .= "["; foreach ($sensors as $sensor) { if (!$all || $entityPerms["sensors"][$sensor->get_ip()]) { $sensor_name = $sensor->get_name(); $s_title = Util::htmlentities($sensor_name); $title = strlen($sensor_name) > $length_name ? substr($sensor_name, 0, $length_name) . "..." : $sensor_name; $title = Util::htmlentities($title); $tooltip = $s_title; $li = "h:'{$h}', url:'../sensor/interfaces.php?sensor=" . $sensor->get_ip() . "&name=" . urlencode($sensor_name) . "', icon:'../../pixmaps/theme/server.png', title:'{$title}', tooltip:'{$tooltip}'\n";
* Classes list: */ require_once 'classes/Security.inc'; require_once 'classes/Session.inc'; require_once 'languages.inc'; Session::logcheck("MenuConfiguration", "ConfigurationUsers"); ?> <?php require_once 'ossim_acl.inc'; require_once 'ossim_db.inc'; require_once 'classes/Net.inc'; require_once 'classes/Sensor.inc'; $db = new ossim_db(); $conn = $db->connect(); $net_list = Net::get_all($conn); $sensor_list = Sensor::get_all($conn, "ORDER BY name ASC"); $pass_length_min = $conf->get_conf("pass_length_min", FALSE) ? $conf->get_conf("pass_length_min", FALSE) : 7; $pass_length_max = $conf->get_conf("pass_length_max", FALSE) ? $conf->get_conf("pass_length_max", FALSE) : 255; if ($pass_length_max < $pass_length_min || $pass_length_max < 1) { $pass_length_max = 255; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo gettext("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
require_once 'ossim_db.inc'; require_once 'ossim_conf.inc'; include "functions.php"; $new = GET('new') == "1" ? 1 : 0; $ip = GET('ip'); ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _("ip")); if (ossim_error()) { die(ossim_error()); } // Database Object $db = new ossim_db(); $conn = $db->connect(); $net_search = Net::GetClosestNet($conn, $ip, 1); // Get Networks list($_sensors, $_hosts) = Host::get_ips_and_hostname($conn, true); $_nets = Net::get_all($conn, true); $networks = $hosts = ""; foreach ($_nets as $_net) { $networks .= '{ txt:"' . $_net->get_name() . ' [' . $_net->get_ips() . ']", id: "' . $_net->get_ips() . '" },'; } foreach ($_hosts as $_ip => $_hostname) { if ($_hostname != $_ip) { $hosts .= '{ txt:"' . $_ip . ' [' . $_hostname . ']", id: "' . $_ip . '" },'; } else { $hosts .= '{ txt:"' . $_ip . '", id: "' . $_ip . '" },'; } } // Get Services and OS $inventory = ""; $query = "(SELECT DISTINCT os as element FROM host_os ORDER BY os) UNION (SELECT DISTINCT service as element FROM host_services ORDER BY service)"; if (!($rs =& $conn->Execute($query, $params))) {
require dirname(__FILE__) . '/config.php'; $action = isset($action) ? $action : NULL; $q = isset($wd) ? trim($wd) : ''; $page = empty($page) ? 1 : intval($page); $short_movies = array(); if (empty($wd)) { header('Location:index.php'); } //保存搜索的历史记录 /*if(isset($userid)){ sethostory($q,$userid); }*/ //搜索路径 $single_url = 'http://www.soku.com/v?keyword=' . $q . '&curpage=' . $page; //采集HTML $single_html = Net::curl($single_url); $movies = array(); $main_str = preg($single_html, '/<li\\s+class=\\"p_link\\">\\s*[\\w\\W]*?\\s*<\\/li>\\s+<li\\s+class=\\"p_thumb\\">\\s*[\\w\\W]*?\\s*<\\/li>/six', 2); $_str = $main_str[0]; if (is_array($_str) && count($_str) > 0) { foreach ($_str as $v) { $v_url = preg($v, '/href=\\"([\\w\\W]*?)\\"/'); $v_url = $v_url[1]; $v_title = preg($v, '/\\s+title=\\"([\\w\\W]*?)\\"/'); $v_title = $v_title[1]; $v_img = preg($v, '/src=\\"([\\w\\W]*?)\\"/'); $v_img = $v_img[1]; if (strstr($v_url, '/detail/show/')) { $singe = array(); $singe['playlist_url'] = $v_url; $singe['playlist_title'] = $v_title;
/** * Check if the server is up. * @return boolean true if the triplestore is up. * @access public */ public function check() { return Net::ping($this->_endpoint) != -1; }
if (POST('withoutmenu') != "1") { include "../hmenu.php"; $get_param = "withoutmenu=0"; } else { $get_param = "name={$net_name}&withoutmenu=1"; } if (POST('insert')) { if ($error == true) { $txt_error = "<div>" . _("We Found the following errors") . ":</div><div style='padding:10px;'>" . implode("<br/>", $message_error) . "</div>"; Util::print_error($txt_error); Util::make_form("POST", "newnetform.php?" . $get_param); die; } $db = new ossim_db(); $conn = $db->connect(); Net::insert($conn, $net_name, $cidr, $asset, $threshold_c, $threshold_a, $rrd_profile, $alert, $persistence, $sensors, $descr, $icon); //if ( POST('nessus') ) { Net_scan::insert($conn, $net_name, 3001, 0); } if ($nagios) { Net_scan::insert($conn, $net_name, 2007, 0); } $db->close($conn); Util::clean_json_cache_files("(policy|vulnmeter|hostgroup)"); } if (isset($_SESSION['_net'])) { unset($_SESSION['_net']); } if ($_SESSION["menu_sopc"] == "Networks" && POST('withoutmenu') != "1") { ?> <p> <?php echo gettext("Network succesfully inserted"); ?>
function get_values($conn, $host_types, $type, $name) { // r --> bad // a --> medium // v --> good $RiskValue = 'b'; $VulnValue = 'b'; $AvailValue = 'b'; if (in_array($type, $host_types)) { if ($type == "host") { $what = "hostname"; } $query = "select ip from {$type} where {$what} = ?"; $params = array($name); if ($rs3 =& $conn->Execute($query, $params)) { $name = $rs3->fields["ip"]; if ($rs3->EOF) { $in_assets = 0; } } // related sensor $sensor = $name; if ($type == "host") { require_once 'classes/Host.inc'; $sensors = Host::get_related_sensors($conn, $name); $sensor = $sensors[0] != "" ? $sensors[0] : $name; } } elseif ($type == "net") { $query = "select ips from net where name = ?"; $params = array($name); if ($rs3 =& $conn->Execute($query, $params)) { $ips = $rs3->fields["ips"]; if ($rs3->EOF) { $in_assets = 0; } } // related sensor require_once 'classes/Net.inc'; $sensors = Net::get_related_sensors($conn, $name); $sensor = $sensors[0] != "" ? $sensors[0] : $name; } elseif ($type == "host_group") { $query = "select host_ip from host_group_reference where host_group_name = ?"; $params = array($name); if ($rs3 =& $conn->Execute($query, $params)) { $iphg = array(); while (!$rs3->EOF) { $iphg[] = "'" . $rs3->fields["host_ip"] . "'"; $rs3->MoveNext(); } $ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'"; if (count($iphg) == 0) { $in_assets = 0; } } // related sensor{ require_once 'classes/Host_group.inc'; $sensors = Host_group::get_related_sensors($conn, $name); $sensor = $sensors[0] != "" ? $sensors[0] : $name; } $params = $type == "host_group" ? array() : array($name); if (in_array($type, $host_types)) { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_metric\""; } elseif ($type == "host_group") { $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_metric\" order by severity desc limit 1"; } else { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_metric\""; } if (!($rs2 =& $conn->Execute($query, $params))) { print $conn->ErrorMsg(); } else { $r_ip = $rs2->fields["member"]; if (intval($rs2->fields["severity"]) > 7) { $RiskValue = 'r'; } elseif (intval($rs2->fields["severity"]) > 3) { $RiskValue = 'a'; } elseif ($rs2->fields["severity"] != "") { $RiskValue = 'v'; } } if (in_array($type, $host_types)) { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_vulnerability\""; } elseif ($type == "host_group") { $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_vulnerability\" order by severity desc limit 1"; } else { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_vulnerability\""; } if (!($rs2 =& $conn->Execute($query, $params))) { print $conn->ErrorMsg(); } else { $v_ip = $rs2->fields["member"]; if (intval($rs2->fields["severity"]) > 7) { $VulnValue = 'r'; } elseif (intval($rs2->fields["severity"]) > 3) { $VulnValue = 'a'; } elseif ($rs2->fields["severity"] != "") { $VulnValue = 'v'; } } if (in_array($type, $host_types)) { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_availability\""; } elseif ($type == "host_group") { $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_availability\" order by severity desc limit 1"; } else { $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_availability\""; } if (!($rs2 =& $conn->Execute($query, $params))) { print $conn->ErrorMsg(); } else { $a_ip = $rs2->fields["member"]; if (intval($rs2->fields["severity"]) > 7) { $AvailValue = 'r'; } elseif (intval($rs2->fields["severity"]) > 3) { $AvailValue = 'a'; } elseif ($rs2->fields["severity"] != "") { $AvailValue = 'v'; } } return array($RiskValue, $VulnValue, $AvailValue, $sensor, $r_ip, $v_ip); }
/** * Exit with status code $code * * @throws Exception * If headers are already sent * @param int $code */ public static function server_exit($code) { $file = null; $line = null; if (!headers_sent($file, $line)) { $desc = Net::status_description($code); header("HTTP/1.1 {$code} {$desc}"); echo "<h1>{$code} <small>{$desc}</small></h1>"; die; } else { throw new \Exception("Headers already sent in {$file} on line {$line}!"); } }
} qroPrintEntryHeader($i); /* Generating checkbox value -- nikns */ $addr_type == SOURCE_IP ? $src_ip = $myrow[0] : ($dst_ip = $myrow[0]); $tmp_rowid = $src_ip . "_" . $dst_ip; echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">'; echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>'; /* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ if ($no_ip) { qroPrintEntry('<A HREF="' . $BASE_urlpath . '/help/base_app_faq.php#1">' . gettext("unknown") . '</A>'); } else { $country = strtolower(geoip_country_code_by_addr($gi, $currentIP)); $country_name = geoip_country_name_by_addr($gi, $currentIP); $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $currentIP)) || in_array($currentIP, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$currentIP}'><img src=\"" . Host::get_homelan_icon($currentIP, $icons, $match_cidr, $_conn) . "\" border=0></a>" : ""; if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" title=\"" . $country_name . "\">"; $slnk = $current_url . "/pixmaps/flags/" . $country . ".png"; } else { $country_img = ""; $slnk = $homelan != "" ? $current_url . "/forensics/images/homelan.png" : ""; } $sip_aux = $sensors[$currentIP] != "" ? $sensors[$currentIP] : ($hosts[$currentIP] != "" ? $hosts[$currentIP] : $currentIP); $div = '<div id="' . $currentIP . ';' . $ip_aux . '" class="HostReportMenu">'; $bdiv = '</div>'; qroPrintEntry($div . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $country_img . $homelan . $bdiv, 'center', '', 'nowrap'); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime) . ' '); }
$ntop_links = Sensor::get_ntop_link($sensor); $ntop_link = $ntop_links["ntop"]; $ntop_link = preg_replace("/\\/\$/", "", $ntop_link); ?> <a href="<?php echo $ntop_link; ?> /NetNetstat.html" target="ntop"> <?php echo gettext("Reload"); ?> </a> <?php } else { if ($net_list = Net::get_list($conn, "name = '{$sensor}'")) { $net_ips = $net_list[0]->get_ips(); } ?> <a href="<?php echo "net_session.php?net={$net_ips}"; ?> " target="ntop"> <?php echo gettext("Reload"); ?> </a> <?php } $db->close($conn);
if ($buffer == "[]" || $buffer == "") { $buffer = "[{title:'" . _("No Network Groups Found") . "', noLink:true}]"; } } else { if (preg_match("/netgroup_(.*)/", $key, $found)) { $html = ""; $k = 1; $j = 0; $nets = Net_group::get_networks($conn, base64_decode($found[1])); $buffer .= "["; foreach ($nets as $net) { if ($j >= $from && $j < $to) { $net_name = $net->get_net_name(); $net_title = Util::htmlentities(utf8_encode($net_name)); $net_key = utf8_encode("NET:" . $net_name); $ips_data = Net::get_ips_by_name($conn, $net_name); $ips = "<font style=\"font-size:80%\">(" . $ips_data . ")</font>"; $title = strlen($net_name) > $length_name ? substr($net_name, 0, $length_name) . "..." : $net_name; $title = Util::htmlentities(utf8_encode($title)) . " " . $ips; $tooltip = $net_title . " (" . $ips_data . ")"; $html .= "{ key:'{$net_key}', asset_data:'" . trim($ips_data) . "', icon:'../../pixmaps/theme/net.png', title:'{$title}', tooltip: '{$tooltip}' },\n"; $k++; } $j++; } if ($html != "") { $buffer .= preg_replace("/,\$/", "", $html); } if ($j > $to) { $li = "key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net.png', title:'" . _("next") . " {$maxresults} " . _("nets") . "'"; $buffer .= ",{ {$li} }\n";