$_snm->scanner_set = $_snm->getAllPlugins();
$settings = $_snm->getProfileSettings($profile_id);
$_snm->merge_severities();
$_snm->merge_families();
$_snm->merge_plugin_profiles();
$_snm->merge_plugins();
$_snm->merge_all();
// Make the nessusrc file that contains scanner settings
$output = $_snm->get_nrc_file_data($_snm->scanner_set, $settings);
$filename = "nessusrc";
$format = "txt";
$params = array('data' => $output, 'cache' => false, 'contenttype' => 'application/octet-stream', 'contentdisposition' => array(HTTP_DOWNLOAD_ATTACHMENT, "{$filename}.{$format}"));
HTTP_DOWNLOAD::staticSend($params, false);
break;
break;
case "make_machine_list":
require_once _ABSPATH . '/lib/ScanMaker.php';
if (!@(include_once _ABSPATH . '/lib/pear/HTTP/Download.php')) {
die("Could not find the PEAR HTTP/Download.php file");
}
$profile_id = import_var('profile_id');
$_snm = new ScanMaker($profile_id);
// Make the machine list that specifies all the machines that need to be scanned
$machine_list = $_snm->getMachines($profile_id);
$output = $_snm->get_ml_file_data($machine_list);
$filename = "machine-list";
$format = "txt";
$params = array('data' => $output, 'cache' => false, 'contenttype' => 'application/octet-stream', 'contentdisposition' => array(HTTP_DOWNLOAD_ATTACHMENT, "{$filename}.{$format}"));
HTTP_DOWNLOAD::staticSend($params, false);
break;
}
/**
* Add an exemption to the database
*
* On site we maintain an exemptions table for use
* when requesting, for instance, web exemptions
* in the border router ACL. This method updates
* the exemption table so that if a person goes to
* request a new exemption, their scan results will
* have been added to the table already, and they
* can proceed with the exemption request.
*
* @param array $params Array of parameters sent to the function
* 0 - Client key of the scanner
* 1 - Profile ID associated with the scan
* 2 - Username of the person who performed the
* scan. This is stored in the database for
* reference later if needed.
* 3 - Duration, in seconds, of the scan
* @return True on successful progress update. IXR_Error
* on failure
*/
public function jobs_addExemption($params)
{
$client_key = $params[0];
$profile_id = $params[1];
$username = $params[2];
$duration = $params[3];
if (!$this->client_key_privileged($client_key)) {
return $this->error;
}
$ex = exemptDB::getInstance();
$machine_list = ScanMaker::getMachines($profile_id);
$sql = array('sel_exemptions' => "\tSELECT urn \n\t\t\t\t\t\tFROM scan \n\t\t\t\t\t\tWHERE user='******' \n\t\t\t\t\t\tAND latest='True';", 'upd_exemptions' => "\tUPDATE scan \n\t\t\t\t\t\tSET latest=':1' \n\t\t\t\t\t\tWHERE urn=':2';", 'ins_exemption' => "\tINSERT INTO scan (\n\t\t\t\t\t\t\t`ip`,\n\t\t\t\t\t\t\t`scandate`,\n\t\t\t\t\t\t\t`duration`,\n\t\t\t\t\t\t\t`latest`,\n\t\t\t\t\t\t\t`dns`,\n\t\t\t\t\t\t\t`user`,\n\t\t\t\t\t\t\t`scanner`) \n\t\t\t\t\t\tVALUES (':1',':2',':3','True',':4',':5','sham-ness');");
$stmt1 = $ex->prepare($sql['sel_exemptions']);
$stmt2 = $ex->prepare($sql['upd_exemptions']);
$stmt3 = $ex->prepare($sql['ins_exemption']);
// Select the latest exemption for a user
$stmt1->execute($username);
// Set the latest exemption equal to false
while ($row = $stmt1->fetch_assoc()) {
$urn = $row['urn'];
$stmt2->execute('False', $urn);
}
/**
* For each machine, not cidr or range, insert that
* as an entry into the exempt database
*/
foreach ($machine_list as $key => $val) {
if (!is_ip($val)) {
continue;
}
$date = strftime("%Y-%m-%d", time());
// hostname is one of the database fields, so get it from DNS
$host = gethostbyaddr($val);
/**
* Insert the exemption. Default to 'True' for latest
* because all previous 'True' were set to 'False'
*/
$stmt3->execute($val, $date, $duration, $host, $username);
}
return true;
}
