$select_targets = get_targets($conn, $database['meth_TARGET']);
} else {
if ($action == 'delete_scan') {
$query = 'SELECT username, name, id, scan_SERVER, report_id, status FROM vuln_jobs WHERE id=?';
$params = array($job_id);
$result = $conn->execute($query, $params);
$username = $result->fields['username'];
$job_name = $result->fields['name'];
$kill_id = $result->fields['id'];
$nserver_id = $result->fields['scan_SERVER'];
$report_id = $result->fields['report_id'];
$can_i_delete = FALSE;
if (Session::am_i_admin() || Session::get_session_user() == $username) {
$can_i_delete = TRUE;
} else {
if (Session::is_pro() && Acl::am_i_proadmin()) {
$user_vision = !isset($_SESSION['_user_vision']) ? Acl::get_user_vision($conn) : $_SESSION['_user_vision'];
$my_entities_admin = array_keys($user_vision['entity_admin']);
if (in_array($username, $my_entities_admin)) {
$can_i_delete = TRUE;
}
}
}
if ($can_i_delete) {
$query = 'DELETE FROM vuln_jobs WHERE id=?';
$params = array($kill_id);
$result = $conn->execute($query, $params);
$query = 'DELETE FROM vuln_nessus_reports WHERE report_id=?';
$params = array($report_id);
$result = $conn->execute($query, $params);
$query = 'DELETE FROM vuln_nessus_report_stats WHERE report_id=?';
</div>
<div id='otx_config_section' class='section otx_admin'>
<div id='otx_loading'>
<img src='<?php
echo AV_PIXMAPS_DIR;
?>
/loading.gif'/>
</div>
<div id='token_text' data-otx='text-token'>
<?php
$msg = _('Connect your OTX account to %s by adding your OTX key in the space below. If you do not have an OTX key, <a href="javascript:;" data-otx="get-token">sign up</a> for an OTX account now!');
echo sprintf($msg, Session::is_pro() ? 'USM' : 'OSSIM');
?>
</div>
<div class='col_60'>
<div class='field'>
<label class='field_label col_25'><?php
echo _('OTX Key:');
?>
</label>
<div class='field_edit col_75' data-otx="token"></div>
</div>
<div class='field'>
<label class='field_label col_25'><?php
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
set_time_limit(360);
/*********************************************************************************************************************
* From net section:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"
* - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*
*
* From welcome wizard:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"
*
*********************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'networks') {
if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total nets to import
$summary['general']['statistics']['total'] = count($data);
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_nets'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'networks' && count($v) < 5;
$cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3;
if ($cnd_1 || $cnd_2) {
$summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
foreach ($v as $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//Values
$is_in_db = FALSE;
$net_id = '';
$name = $param[0];
$cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]);
$descr = $param[2];
$asset_value = $param[3] == '' ? 2 : intval($param[3]);
$sensors = $sensor_ids;
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//CIDRs
if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) {
$summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Net ID �Is there a net registered in the System?
$net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx);
$net_id = key($net_ids);
if (!empty($net_id)) {
$is_in_db = TRUE;
} else {
$net_id = Util::uuid();
}
// Special case: Forced Net ID [Version 4.x.x]
if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) {
$csv_net_id = strtoupper($param[4]);
if ($is_in_db == TRUE && $csv_net_id != $net_id) {
$id_error_msg = _('Net is already registered in the System with another Net ID');
$summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Netname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
ossim_clean_error();
$name = clean_iic($name);
$name = clean_echars($name);
$warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg;
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
unset($summary['by_nets'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_nets'][$num_line]['status'] = 'error';
$summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) {
$summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update net sensors with unregistered nets
if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP');
$summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from net section **********
***********************************************************/
if ($import_type == 'networks') {
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Insert/Update net in database
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
try {
$net = new Asset_net($net_id);
if ($is_in_db == TRUE) {
$net->load_from_db($conn, $net_id);
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net");
$summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check CIDRs
if ($can_i_modify_ips == TRUE) {
$aux_cidr = explode(',', $cidrs);
foreach ($aux_cidr as $cidr) {
$net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx);
unset($net_ids[$net_id]);
if (!empty($net_ids)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
if (Session::get_net_where() != '') {
if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
}
} else {
$c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified");
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
$net->set_ctx($ctx);
$net->set_name($name);
$net->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
$net->set_ips($cidrs);
}
$net->set_sensors($sensors);
}
$net->set_asset_value($asset_value);
$net->save_in_db($conn, FALSE);
$summary['general']['statistics']['saved']++;
$summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted');
//Keep warnings
if ($summary['by_nets'][$num_line]['status'] != 'warning') {
$summary['by_nets'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All nets have been imported successfully');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some nets could not be imported successfully');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_net::report_changes($conn, 'nets');
} catch (Exception $e) {
error_log($e->getMessage(), 0);
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Nets could not be imported');
}
}
$db->close();
return $summary;
}
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('analysis-menu', 'EventsForensics');
if (!Session::is_pro()) {
Session::unallowed_section(NULL, 'noback');
}
// load column layout
require_once '../conf/layout.php';
$category = "policy";
$name_layout = "databases_layout";
$layout = load_layout($name_layout, $category);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
function server_get_sensor_plugins($sensor_ip = "")
{
$ossim_conf = $GLOBALS['CONF'];
if (!$ossim_conf) {
$ossim_conf = new Ossim_conf();
$GLOBALS['CONF'] = $ossim_conf;
}
/* get the port and IP address of the server */
$address = $ossim_conf->get_conf('server_address');
$port = $ossim_conf->get_conf('server_port');
/* create socket */
$socket = socket_create(AF_INET, SOCK_STREAM, 0);
if ($socket < 0) {
echo _("socket_create() failed: reason: ") . socket_strerror($socket) . "\n";
}
$list = array();
/* connect */
socket_set_block($socket);
socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array('sec' => 5, 'usec' => 0));
socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 5, 'usec' => 0));
$result = @socket_connect($socket, $address, $port);
if (!$result) {
echo sprintf(_("Unable to connect to %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
return $list;
}
/* first send a connect message to server */
$in = 'connect id="1" type="web"' . "\n";
$out = '';
socket_write($socket, $in, strlen($in));
$out = @socket_read($socket, 2048, PHP_BINARY_READ);
if (strncmp($out, "ok id=", 4)) {
echo sprintf(_("Bad response from %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
return $list;
}
/* get sensor plugins from server */
$in = 'server-get-sensor-plugins id="2"' . "\n";
$out = '';
socket_write($socket, $in, strlen($in));
$pattern = '/sensor="(' . str_replace(".", "\\.", $sensor_ip) . ')" plugin_id="([^"]*)" ' . 'state="([^"]*)" enabled="([^"]*)"/';
while ($output = socket_read($socket, 2048, PHP_BINARY_READ)) {
$lines = explode("\n", $output);
foreach ($lines as $out) {
if (preg_match($pattern, $out, $regs)) {
$s['sensor'] = $regs[1];
$s['plugin_id'] = $regs[2];
$s['state'] = $regs[3];
$s['enabled'] = $regs[4];
if (!in_array($s, $list)) {
$list[] = $s;
}
} elseif (!strncmp($out, "ok id=", 4)) {
break;
}
}
}
socket_close($socket);
return $list;
}
');
</script>
<?php
exit;
}
if (!isset($_POST['ctx']) || empty($_POST['ctx'])) {
?>
<script type='text/javascript'>
parent.show_error('<?php
echo _('You must select an entity');
?>
');
</script>
<?php
}
if (Session::is_pro()) {
if (!valid_hex32($ctx) || Acl::entityAllowed($ctx) < 1) {
$msg_error = empty($ctx) ? _('You must select an entity') : _('Entity not allowed');
?>
<script type='text/javascript'>
parent.show_error('<?php
echo $msg_error;
?>
');
</script>
<?php
exit;
}
} else {
$ctx = Session::get_default_ctx();
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM"));
?>
</title>
<link rel="Shortcut Icon" type="image/x-icon" href="/ossim/favicon.ico">
<meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<?php
//CSS Files
$_files = array(array('src' => 'av_common.css?only_common=1', 'def_path' => TRUE), array('src' => '/wizard/wizard.css', 'def_path' => TRUE));
Util::print_include_files($_files, 'css');
//JS Files
$_files = array(array('src' => 'jquery.min.js', 'def_path' => TRUE));
Util::print_include_files($_files, 'js');
?>
function PrintPredefinedViews()
{
global $opensource;
$current_str = $_SESSION['current_cview'] != "default" && $_SESSION['current_cview'] != "" ? Util::htmlentities($_SESSION['current_cview']) : _("Default");
// Get default view
require_once "ossim_conf.inc";
$conf = $GLOBALS["CONF"];
$idm_enabled = $conf->get_conf("enable_idm") == 1 && Session::is_pro() ? true : false;
$login = Session::get_session_user();
$db_aux = new ossim_db(true);
$conn_aux = $db_aux->connect();
$config = new User_config($conn_aux);
$default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
$db_aux->close($conn_aux);
?>
<button id="views_link" class="button av_b_secondary">
<?php
echo _('Change View');
?>
▾
</button>
<div id="custom_views" class="dropdown dropdown-secondary dropdown-close dropdown-tip dropdown-anchor-right dropdown-scrolling" style='display:none'>
<ul id="custom_views_ul" class="dropdown-menu">
<?php
if (Session::am_i_admin()) {
?>
<li><a href="#" onclick="GB_show('<?php
echo _("Edit Current View");
?>
','/forensics/custom_view_edit.php?edit=1',480,700);$('#custom_views').hide();return false"><?php
echo _("Edit Current View");
?>
</a></li>
<li><a href="#" onclick="GB_show('<?php
echo _("Create new custom view");
?>
','/forensics/custom_view_edit.php',480,700);$('#custom_views').hide();return false"><?php
echo _("Create New View");
?>
</a></li>
<?php
}
foreach ($_SESSION['views'] as $name => $attr) {
$dname = $name == "default" ? "Default" : $name;
$selected = $_SESSION['current_cview'] == $name ? "► " : "";
?>
<li><a href="#" onclick="change_view('<?php
echo Util::htmlentities($name);
?>
');$('#custom_views').hide()"><?php
echo $selected . Util::htmlentities($dname);
?>
</a></li>
<?php
}
?>
</ul>
</div>
<?php
}
<div class='fbutton'><input type="button" value="<?php
echo _("Clean");
?>
" class="small" id="clean_button" onclick="document.location.href='index.php?engine_id=<?php
echo $engine_id;
?>
'"/></div>
<?php
}
?>
</form>
</td>
<?php
if (Session::is_pro() && count($available_engines = $directive_editor->get_available_engines()) > 1) {
?>
<td>
<table align="right" class="transparent">
<tr>
<td style="font-size:12px"><?php
echo _("Select Engine");
?>
:</td>
<td class="center nobborder" style="padding-left:5px">
<select name="engine_param" onchange="document.location.href='index.php?engine_id='+this.value" style="font-size:12px">
<?php
foreach ($available_engines as $e_id => $e_name) {
?>
<option value="<?php
echo $e_id;
<td colspan="3"></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="button" value="<?php
echo _('Close');
?>
" onclick="parent.GB_close()"/></td>
</tr>
</table>
</body>
</html>
<?php
$directive_editor = new Directive_editor($engine_id);
$conf = $GLOBALS["CONF"];
if (Session::is_pro() && $conf->get_conf("alienvault_mssp", false) == "1" && count($available_engines = $directive_editor->get_available_engines()) > 1) {
$engines = $available_engines;
} else {
$engines = array(_MAIN_PATH . "/{$engine_id}" => "Default");
}
$errors = array();
foreach ($engines as $engine_dir => $engine_name) {
$engine_id = preg_replace("/.*\\/([a-f0-9\\-]+)/", "\\1", $engine_dir);
if (count($engines) > 1) {
echo "<script type='text/javascript'>\$('#msg').html('{$engine_name}');</script>";
}
$_errors = $directive_editor->test($engine_id);
foreach ($_errors as $error) {
$errors[] = $error;
}
}
/**
* Returns remaining days to trial expiration or FALSE
*
* @return bool|int
*/
function calc_days_to_expire()
{
$trial_days = FALSE;
if (Session::is_pro()) {
$days_to_expire = Session::trial_days_to_expire();
if ($days_to_expire <= 30) {
$trial_days = intval($days_to_expire) <= 0 ? 0 : intval($days_to_expire);
}
}
return $trial_days;
}
/*** This file is includen in step_loader.php hence the wizard object is defined in $wizard ***/
/*** database connection is stored in $conn ***/
/************************************************************************************************/
/************************************************************************************************/
if (!$wizard instanceof Welcome_wizard) {
throw new Exception("There was an error, the Welcome_wizard object doesn't exist");
}
$interfaces = array();
try {
$interfaces = Welcome_wizard::get_interfaces();
} catch (Exception $e) {
$config_nt = array('content' => $e->getMessage(), 'options' => array('type' => 'nf_error', 'cancel_button' => true), 'style' => 'margin:10px auto;width:50%;text-align:center;padding:0 10px;z-index:999');
$nt = new Notification('nt_notif', $config_nt);
$nt->show();
}
$v_short = Session::is_pro() ? "USM" : "OSSIM";
$text_descr = _("The network interfaces in AlienVault %s can be configured to run Network Monitoring or as Log Collection & Scanning. Once you've configured the interfaces you'll need to ensure that the networking is configured appropriately for each interface so that AlienVault %s is either receiving data passively or has the ability to reach out to the desired network.");
$text_descr = sprintf($text_descr, $v_short, $v_short);
?>
<script type='text/javascript'>
var __nic ,__n_role ,__n_ip, __n_mask = null;
var __nic_state = false;
function load_js_step()
{
load_handler_step_interfaces();
<?php
if (count($interfaces) > 0) {
}
// Reset main indicator if no more policy reload need
if (!Web_indicator::is_on('Reload_policies') && !Web_indicator::is_on('Reload_sensors') && !Web_indicator::is_on('Reload_plugins') && !Web_indicator::is_on('Reload_directives') && !Web_indicator::is_on('Reload_servers')) {
Web_indicator::set_off('ReloadPolicy');
}
$error = sprintf(_("Unable to connect to %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
echo ossim_error($error);
exit;
}
if ($what != 'tasks') {
$in = 'reload-' . $what . ' id="2"' . "\n";
$out = '';
@socket_write($socket, $in, strlen($in));
$out = @socket_read($socket, 2048);
if (strncmp($out, 'ok id="2"', 9) != 0) {
$error = sprintf(_("Bad response from %s server. Please, wait until it's available again or check if it's running at %s"), Session::is_pro() ? "USM" : "OSSIM", "{$address}:{$port}");
echo ossim_error($error);
exit;
}
@socket_close($socket);
}
// Switch off web indicator
if ($what == 'all') {
Web_indicator::set_off('Reload_policies');
Web_indicator::set_off('Reload_sensors');
Web_indicator::set_off('Reload_plugins');
Web_indicator::set_off('Reload_directives');
Web_indicator::set_off('Reload_servers');
} else {
Web_indicator::set_off('Reload_' . $what);
}
if (!Session::am_i_admin()) {
echo _('You do not have permissions to see this section');
die;
}
/************************************************************************************************/
/************************************************************************************************/
/*** This file is includen in step_loader.php hence the wizard object is defined in $wizard ***/
/*** database connection is stored in $conn ***/
/************************************************************************************************/
/************************************************************************************************/
if (!$wizard instanceof Welcome_wizard) {
throw new Exception('There was an unexpected error');
}
$config = new Config();
$otx_key = $config->get_conf("open_threat_exchange_key");
$v_tag = Session::is_pro() ? "USM" : "OSSIM";
?>
<script type='text/javascript'>
function load_js_step()
{
load_handler_step_otx();
}
</script>
<div id='step_6' class='step_container'>
{
if($(this).val() != '')
{
$('#w_otx_next').prop('disabled', false);
}
else
{
$('#w_otx_next').prop('disabled', true);
}
});
$('#b_get_otx_token').on('click', function()
{
var url = "https://www.alienvault.com/my-account/customer/signup-or-thanks/?ctype=<?php
echo Session::is_pro() ? 'usm' : 'ossim';
?>
";
av_window_open(url,
{
width: 800,
height: 750,
title: 'otxwindow'
})
});
$('#otx_data_link').on('click', function()
{
LB_show("<?php
echo _('Open Threat Exchange Sample Data');
function checkall()
{
if (checks)
{
$("#fuser").unCheckCheckboxes(".i_perms", true);
checks = 0;
}
else
{
$("#fuser").checkCheckboxes(".i_perms", true);
checks = 1;
}
}
<?php
if (Session::am_i_admin() && Session::is_pro()) {
?>
function save_inputs()
{
var data = new Array();
data[0] = $('#login').val();
data[1] = $('#user_name').val();
data[2] = $('#email').val();
data[3] = $('#language').val();
data[4] = $('#tzone').val();
if ($('#fl_yes').length >= 1)
{
data[5] = ($('#fl_yes:checked').length == 1) ? 'fl_yes' : 'fl_no';
}
Session::logcheck('report-menu', 'ReportsReportServer');
$TBackground = "#7B7B7B";
$TForeground = "#FFFFFF";
$SBackground = "#8CC221";
$SForeground = "#FFFFFF";
// Load css
$styleCss = array('Title' => array('Background' => $TBackground, 'Foreground' => $TForeground), 'Subtitle' => array('Background' => $SBackground, 'Foreground' => $SForeground));
// Make header - footer with replacements
$footerContent = array('left' => 'User: '******' / [[date_y]]-[[date_m]]-[[date_d]] [[date_h]]:[[date_i]]:[[date_s]]', 'right' => 'Page [[page_cu]] / [[page_nb]]');
$report_data = $section == 'forensics' ? get_freport_data($report_id) : get_report_data($report_id);
// Init PDF Report
$pdfReport = new Pdf_report($report_id, 'P', 'A4', NULL, FALSE);
// Init html2pdf document
//$header = ucwords(str_replace('_',' ',$pdfReport->getName()));
$htmlPdfReport = new Pdf_html($report_id, $report_data['report_name'], Session::is_pro() ? 'default.png' : 'ossim.png', '', $styleCss, $footerContent);
// Include php per each sub-report
$runorder = 1;
// Close session to stop() feature
$dDB['_shared'] = new DBA_shared($report_id);
$dDB['_shared']->truncate();
session_write_close();
foreach ($report_data['subreports'] as $r_key => $r_data) {
//PDF Report with hidden modules
if (!isset($_POST['sr_' . $r_data['id']]) && $report_id == $r_data["id"] && file_exists($r_data['report_file'])) {
$subreport_id = $r_data['id'];
if ($_DEBUG) {
echo $subreport_id . '=' . $r_data['report_file'] . "<br>\n";
}
include $r_data['report_file'];
} elseif (POST('sr_' . $r_data['id']) == 'on' && file_exists($r_data['report_file'])) {
$query = GET('query') != "" ? GET('query') : "";
$directive_id = GET('directive_id');
$intent = intval(GET('intent'));
$sensor_query = GET('sensor_query');
$tag = GET('tag');
$num_events = GET('num_events');
$num_events_op = GET('num_events_op');
$date_from = GET('date_from');
$date_to = GET('date_to');
$ds_id = GET('ds_id');
$ds_name = GET('ds_name');
$beep = intval(GET('beep'));
$sec = POST('sEcho');
//$tags = Tags::get_list($conn);
$tags_html = Tags::get_list_html($conn);
if (Session::is_pro() && Session::show_entities()) {
list($entities, $_children, $_num_ent) = Acl::get_entities($conn, '', '', true, false);
}
ossim_valid($order, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Order"));
ossim_valid($torder, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Order Direction"));
ossim_valid($delete, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Delete"));
ossim_valid($close, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Close"));
ossim_valid($open, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Open"));
ossim_valid($delete_day, OSS_ALPHA, OSS_SPACE, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Delete_day"));
ossim_valid($query, OSS_ALPHA, OSS_PUNC_EXT, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("Query"));
ossim_valid($autorefresh, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Autorefresh"));
ossim_valid($refresh_time, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Refresh_time"));
ossim_valid($directive_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Directive_id"));
ossim_valid($intent, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Intent"));
ossim_valid($src_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Src_ip"));
ossim_valid($dst_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Dst_ip"));
require_once 'av_init.php';
require_once 'classes/asset_host.inc';
Session::logcheck("analysis-menu", "EventsForensics");
if (!isset($_SESSION["_user"])) {
$ossim_link = $conf->get_conf("ossim_link", FALSE);
$login_location = $ossim_link . '/session/login.php';
header("Location: {$login_location}");
exit;
}
// Timezone correction
$tz = Util::get_timezone();
$timetz = gmdate("U") + 3600 * $tz;
// time to generate dates with timezone correction
// IDM Mode?
$idm_enabled = $conf->get_conf("enable_idm", FALSE) == 1 && Session::is_pro() ? true : false;
$cloud_instance = $conf->get_conf("cloud_instance", FALSE) == 1 && Session::is_pro() ? true : false;
$_SESSION['_idm'] = $idm_enabled;
// Custom Views
$login = Session::get_session_user();
$db_aux = new ossim_db();
$conn_aux = $db_aux->connect();
$config = new User_config($conn_aux);
$_SESSION['views'] = $config->get($login, 'custom_views', 'php', "siem");
$default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
// First create default views if not exists (important!)
$session_data = $_SESSION;
foreach ($_SESSION as $k => $v) {
if (preg_match("/^(_|alarms_|back_list|current_cview|views|ports_cache|acid_|report_|graph_radar|siem_event|siem_current_query|siem_current_query_graph|deletetask|mdspw).*/", $k)) {
unset($session_data[$k]);
}
}
"><?php
echo $s_alarm_name . $events_count;
?>
</a>
<?php
echo $tooltip;
?>
</td>
<td class="nobborder center">
<?php
echo Util::number_format_locale($event_ocurrences, 0);
?>
</td>
<?php
echo $risk_field;
if (Session::is_pro() && $mssp) {
?>
<!-- entity -->
<td class="nobborder" style="text-align:center;">
<?php
foreach ($ctxs as $_ctx) {
if (count($ctxs) < 2 || $entity_types[$_ctx] != 'engine') {
echo (!empty($entities[$_ctx]) ? $entities[$_ctx] : _("Unknown")) . "<br/>";
}
}
?>
</td>
<!-- end entity -->
<?php
}
});
</script>
</head>
<body id='body_scroll' style="background-color:#fafafa">
<div id='container'>
<table width="95%" class='transparent' align='center'>
<?php
foreach ($notes as $note) {
if (Session::is_admin($conn, $note->get_user()) || $note->get_user() == AV_DEFAULT_ADMIN) {
$icon = '/ossim/pixmaps/user-business.png';
} elseif (Session::is_pro() && Acl::is_proadmin($conn, $note->get_user())) {
$icon = '/ossim/pixmaps/user-gadmin.png';
} else {
$icon = '/ossim/pixmaps/user-green.png';
}
?>
<tr>
<td class="nobborder" width='25%' height="100px">
<div class='note_info'>
<table class="noborder" align="center">
<tr>
<td><img align="absmiddle" alt="Entity admin" src="<?php
echo $icon;
?>
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive("../session/login.php");
//Support contact
$v = Session::is_pro();
$s_c = NULL;
$t_d = Session::trial_days_to_expire();
$license = Session::get_system_license();
if ($v) {
if ($license !== FALSE) {
$s_email = '*****@*****.**';
if ($t_d > 31) {
$s_email = '*****@*****.**';
}
$s_c = md5($s_email);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
$data['status'] = 'OK';
echo json_encode($data);
}
exit;
} else {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _('AlienVault ' . (Session::is_pro() ? 'USM' : 'OSSIM'));
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<?php
//CSS Files
$_files = array(array('src' => 'av_common.css', 'def_path' => TRUE));
Util::print_include_files($_files, 'css');
?>
</head>
<body>
<?php
if (POST('insert') && empty($data['data']['id'])) {
if ($data['status'] == 'error') {
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'network');
//Delete all filtered nets
Asset_net::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
<link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php
echo Util::get_css_id();
?>
"/>
</head>
<body>
<h1> <?php
echo _("New policy");
?>
</h1>
<?php
//Version
$pro = Session::is_pro();
$action = POST('action');
//Time range
//range_type
$tr_type = POST('date_type');
//timezone
$tzone = POST('tzone');
//begin
$b_month = POST('begin_month');
$b_month_day = POST('begin_day_month');
$b_week_day = POST('begin_day_week');
$b_hour = POST('begin_hour');
$b_minute = POST('begin_minute');
//end
$e_month = POST('end_month');
$e_month_day = POST('end_day_month');
function get_asset_filters($conn, $asset)
{
if (!Session::is_pro() || preg_match("/ALL_ASSETS/", $asset)) {
$return['ctx'] = array();
$return['assets']['host'] = array();
$return['assets']['net'] = array();
$return['assets']['sensor'] = array();
return $return;
} else {
include_once AV_MAIN_ROOT_PATH . '/report/asset_type_functions.php';
$filters = getAssetFilter(array('assets' => $asset), $conn);
return $filters;
}
}
function ticket_form($action)
{
global $conn;
$users = Session::get_users_to_assign($conn);
if (Session::is_pro()) {
$entities = Acl::get_entities_to_assign($conn);
}
?>
<tr class="tticket">
<td colspan="2" class="nobborder"> </td>
</tr>
<tr class="tticket">
<th><label for="in_charge"><?php
echo _('In Charge:') . required();
?>
</label></th>
<td class="nobborder left">
<table cellspacing="0" cellpadding="0" class="transparent">
<tr>
<td class="nobborder">
<label for="transferred_user"><?php
echo _('User:'******'set_focus(this);' name="transferred_user" id="transferred_user" class="vfield" onchange="switch_user('user');return false;">
<?php
$num_users = 0;
foreach ($users as $k => $v) {
$login = $v->get_login();
$options .= "<option value='{$login}'" . ($action == $login ? " selected" : "") . ">{$login}</option>\n";
$num_users++;
}
if ($num_users == 0) {
echo "<option value='' style='text-align:center !important;'>- " . _("No users found") . "- </option>";
} else {
echo "<option value='' style='text-align:center !important;' selected='selected'>- " . _("Select one user") . " -</option>\n";
echo $options;
}
?>
</select>
</td>
<?php
if (!empty($entities)) {
?>
<td class="nobborder" nowrap='nowrap'>
<label for="transferred_entity" style='margin-right: 3px;'><?php
echo _('OR') . ' ' . _('Entity:');
?>
</label>
</td>
<td class="nobborder">
<select onfocus='set_focus(this);' name="transferred_entity" id="transferred_entity" class="vfield" onchange="switch_user('entity');return false;">
<?php
if (count($entities) == 0) {
echo "<option value='' style='text-align:center !important;'>- " . _('No entities found') . " -</option>";
} else {
echo "<option value='' style='text-align:center !important;'>- " . _('Select one entity') . " -</option>\n";
}
foreach ($entities as $k => $v) {
echo "<option value='{$k}'" . ($action == $k ? " selected" : "") . ">{$v}</option>";
}
?>
</select>
</td>
<?php
}
?>
</tr>
</table>
</td>
</tr>
<?php
}
<li id='litem_tab3'><a href="#tab3" id='link_tab3'><?php
echo ucfirst(basename(Ossec_agent::CONF_PATH));
?>
</a></li>
</ul>
</td>
</tr>
</table>
<table id='tab_container'>
<tr>
<td>
<div id='tabs'>
<?php
$s_class = Session::is_pro() && count($s_data['sensors']) > 1 ? 's_show' : 's_hide';
?>
<div class='c_filter_and_actions'>
<div class='c_filter'>
<label for='sensors'><?php
echo _("Select sensor");
?>
:</label>
<select id='sensors' name='sensors' class='vfield <?php
echo $s_class;
?>
' disabled='disabled'>
<?php
echo $sensor_opt;
?>
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyServers');
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
$ip = GET('ip');
$sname = GET('name');
$update = intval(GET('update'));
$opensource = Session::is_pro() ? FALSE : TRUE;
$mssp = intval($conf->get_conf("alienvault_mssp"));
$local_id = $conf->get_conf("server_id");
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP'));
ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name'));
ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID'));
if (ossim_error()) {
die(ossim_error());
}
$action = 'newserver.php';
$all_rservers = Server::get_server_hierarchy($conn, $id);
$error_forward = FALSE;
$can_i_modify_elem = TRUE;
if (!empty($id)) {
$server = Server::get_object($conn, $id);
$role_list = Role::get_list($conn, $id);
$new->set_descr($descr);
$new->set_rpass($rpass);
foreach ($entities as $ctx) {
$new->add_new_ctx($ctx, $ctx);
}
// try to attach a component
// Only when modifying a remote sensor
if ($cproperties['version'] != '' && !empty($_POST['rpass'])) {
$new->set_component($conn);
}
$new->save_in_db($conn);
if ($location != '') {
Locations::insert_related_sensor($conn, $location, $sensor_id);
}
} catch (Exception $e) {
if (Session::is_pro() && $new_context_uuid != '' && preg_match("/password/", $e->getMessage())) {
Acl::delete_entities($conn, $new_context_uuid);
// Refresh current permissions
$_SESSION['_user_vision'] = Acl::get_user_vision($conn);
}
$config_nt = array('content' => $e->getMessage(), 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
$db->close();
// Detected sensor not inserted yet, back to rpass mode
if (!empty($_POST['rpass'])) {
Util::make_form("POST", "newsensorform.php?ip={$ip}");
} else {
Util::make_form("POST", "newsensorform.php?id={$sensor_id}&ip={$ip}&sname={$sname}");
}
exit;