function nmap_scan_results()
{
if (!is_file("/etc/artica-postfix/nmap.map")) {
return;
}
$f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map"));
while (list($index, $ligne) = each($f)) {
if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
$LOGS[] = "Found {$ipaddr} without computername ";
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$computer[$ipaddr]["MAC"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} ";
$MACSSCAN[trim($re[1])] = true;
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$MACSSCAN[trim($re[1])] = true;
$computer[$ipaddr]["MAC"] = trim($re[1]);
$computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}";
continue;
}
if (preg_match("#^Running:(.+)#", $ligne, $re)) {
$computer[$ipaddr]["RUNNING"] = trim($re[1]);
continue;
}
if (preg_match("#^OS details:(.+)#", $ligne, $re)) {
$LOGS[] = "Found {$ipaddr} with OS {$re[1]}";
$computer[$ipaddr]["OS"] = trim($re[1]);
continue;
}
}
nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS));
$c = 0;
while (list($ipaddr, $array) = each($computer)) {
if (isset($already[$mac])) {
continue;
}
$mac = trim($array["MAC"]);
if ($mac == null) {
continue;
}
$c++;
$already[$mac] = true;
$ldap_ipaddr = null;
$ComputerRealName = null;
$uid = null;
$RAISON = array();
if (!isset($array["HOSTNAME"])) {
$array["HOSTNAME"] = null;
}
if (!isset($array["OS"])) {
$array["OS"] = null;
}
if (!isset($array["RUNNING"])) {
$array["RUNNING"] = null;
}
if (!isset($array["MACHINE_TYPE"])) {
$array["MACHINE_TYPE"] = null;
}
$cmp = new computers(null);
$uid = $cmp->ComputerIDFromMAC($mac);
if ($uid != null) {
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\n";
}
$cmp = new computers($uid);
$ldap_ipaddr = $cmp->ComputerIP;
$ComputerRealName = $cmp->ComputerRealName;
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}";
}
if ($array["HOSTNAME"] != null) {
$EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$";
if ($EXPECTED_UID != $uid) {
$RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}";
nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_uid($EXPECTED_UID);
}
}
if ($ldap_ipaddr != $ipaddr) {
writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__);
$RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}";
$RAISON[] = "DN: {$cmp->dn}";
$RAISON[] = "UID: {$cmp->uid}";
$RAISON[] = "MAC: {$cmp->ComputerMacAddress}";
if (!$cmp->update_ipaddr($ipaddr)) {
$RAISON[] = "ERROR:{$cmp->ldap_last_error}";
}
nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
}
if ($array["OS"] != null) {
if (strtolower($cmp->ComputerOS == "Unknown")) {
$cmp->ComputerOS = null;
}
if ($cmp->ComputerOS == null) {
$RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}";
nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_OS($array["OS"]);
}
}
} else {
if ($array["HOSTNAME"] != null) {
$uid = "{$array["HOSTNAME"]}\$";
} else {
$uid = "{$ipaddr}\$";
}
nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}");
$cmp = new computers();
$cmp->ComputerIP = $ipaddr;
$cmp->ComputerMacAddress = $mac;
$cmp->uid = "{$uid}";
$cmp->ComputerOS = $array["OS"];
$cmp->ComputerRunning = $array["RUNNING"];
$cmp->ComputerMachineType = $array["MACHINE_TYPE"];
$cmp->Add();
}
}
nmap_logs("{$c} hosts analyzed in databases");
@unlink("/etc/artica-postfix/nmap.map");
//print_r($computer);
}
function computer_list()
{
$tofindorg = $_POST["query"];
$tpl = new templates();
$_GET["tofind"] = $_POST["query"];
$MyPage = CurrentPageName();
if ($_GET["tofind"] == '*') {
$_GET["tofind"] = null;
}
if ($_GET["tofind"] == null) {
$tofind = "*";
} else {
$tofind = "*{$_GET["tofind"]}*";
}
$tofind = str_replace("**", "*", $tofind);
$filter_search = "(&(objectClass=ArticaComputerInfos)(|(cn={$tofind})(ComputerIP={$tofind})(uid={$tofind}))(gecos=computer))";
$ldap = new clladp();
$attrs = array("uid", "ComputerIP", "ComputerOS", "ComputerMachineType", "ComputerMacAddress");
$dn = "{$ldap->suffix}";
$hash = $ldap->Ldap_search($dn, $filter_search, $attrs, $_POST["rp"]);
if (IsPhysicalAddress($tofindorg)) {
$tofind = strtolower($tofindorg);
$tofind = str_replace('-', ":", $tofind);
$patternMac = "(&(objectclass=posixAccount)(ComputerMacAddress={$tofind}))";
$hash2 = $ldap->Ldap_search($dn, $patternMac, $attrs, $_POST["rp"]);
}
$spanStyle = "<span style='font-size:14px;font-weight:bold'>";
$data['page'] = 1;
$data['total'] = $hash["count"];
$data['rows'] = array();
$c = 0;
$unknown = $tpl->_ENGINE_parse_body("{unknown}");
for ($i = 0; $i < $hash["count"]; $i++) {
$realuid = $hash[$i]["uid"][0];
$hash[$i]["uid"][0] = str_replace('$', '', $hash[$i]["uid"][0]);
$js = MEMBER_JS($realuid, 1);
$Alreadyrealuid[$realuid] = true;
if ($_GET["mode"] == "dansguardian-ip-group") {
$js_add = "<td width=1%>" . imgtootltip('add-18.png', "{add_computer}", "AddComputerToDansGuardian('{$realuid}','{$_GET["value"]}')") . "</td>";
}
if ($_GET["mode"] == "selection") {
$js = "{$_GET["callback"]}('{$realuid}');";
}
$ip = $hash[$i][strtolower("ComputerIP")][0];
$os = $hash[$i][strtolower("ComputerOS")][0];
$type = $hash[$i][strtolower("ComputerMachineType")][0];
$name = $hash[$i]["uid"][0];
if ($os == "Unknown") {
if ($type != "Unknown") {
$os = $type;
}
}
$js = str_replace("javascript:", '', $js);
$md5S = md5(serialize($hash[$i]));
if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ip)) {
$ip = gethostbyname($hash[$i]["uid"][0]);
if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ip)) {
$ip = $unknown;
} else {
$computer = new computers($realuid);
$computer->update_ipaddr($ip);
}
}
if ($os == "UnKnown") {
$os = $unknown;
}
$c++;
$delete = imgsimple("delete-24.png", null, "Loadjs('{$MyPage}?computer-delete-js=yes&uid={$realuid}&id={$md5S}')");
$data['rows'][] = array('id' => $md5S, 'cell' => array("<img src='img/computer-32.png'>", "<a href='#' OnClick=\"javascript:{$js}\" style='font-size:14px;text-decoration:underline;font-weight:bold'>{$name}</a>", "{$spanStyle}{$ip}</span>", "{$spanStyle}{$os}</span>", $delete));
}
if (is_array($hash2)) {
for ($i = 0; $i < $hash2["count"]; $i++) {
$realuid = $hash2[$i]["uid"][0];
if (isset($Alreadyrealuid[$realuid])) {
continue;
}
$hash2[$i]["uid"][0] = str_replace('$', '', $hash2[$i]["uid"][0]);
$js = MEMBER_JS($realuid, 1);
$Alreadyrealuid[$realuid] = true;
if ($_GET["mode"] == "dansguardian-ip-group") {
$js_add = "<td width=1%>" . imgtootltip('add-18.png', "{add_computer}", "AddComputerToDansGuardian('{$realuid}','{$_GET["value"]}')") . "</td>";
}
if ($_GET["mode"] == "selection") {
$js = "{$_GET["callback"]}('{$realuid}');";
}
$ip = $hash2[$i][strtolower("ComputerIP")][0];
$os = $hash2[$i][strtolower("ComputerOS")][0];
$type = $hash2[$i][strtolower("ComputerMachineType")][0];
$name = $hash2[$i]["uid"][0];
if (strlen($name) > 25) {
$name = substr($name, 0, 23) . "...";
}
if ($os == "Unknown") {
if ($type != "Unknown") {
$os = $type;
}
}
if (strlen($os) > 20) {
$os = texttooltip(substr($os, 0, 17) . '...', $os, null, null, 1);
}
if (strlen($ip) > 20) {
$ip = texttooltip(substr($ip, 0, 17) . '...', $ip, null, null, 1);
}
$js = str_replace("javascript:", '', $js);
$md5S = md5(serialize($hash2[$i]));
$delete = imgsimple("delete-24.png", null, "Loadjs('{$MyPage}?computer-delete-js=yes&uid={$realuid}&id={$md5S}');");
$c++;
$data['rows'][] = array('id' => $md5S, 'cell' => array("<img src='img/computer-32.png'>", "<a href='#' OnClick=\"javascript:{$js}\" style='font-size:13px;text-decoration:underline'>{$name}</a>", "{$spanStyle}{$ip}</span>", "{$spanStyle}{$os}</span>", $delete));
}
}
$data['total'] = $c;
if ($c == 0) {
json_error_show("no item");
}
echo json_encode($data);
}
function nmap_scan_results()
{
if (!is_file("/etc/artica-postfix/nmap.map")) {
return;
}
$f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map"));
$ipaddr = null;
$computer = array();
while (list($index, $ligne) = each($f)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if ($ligne == "PORT STATE SERVICE") {
continue;
}
if (strpos(" {$ligne}", "Network Distance:") > 0) {
continue;
}
if (strpos(" {$ligne}", "tcp closed tcpmux") > 0) {
continue;
}
if (strpos(" {$ligne}", "Too many fingerprints match") > 0) {
continue;
}
if (strpos(" {$ligne}", "OS detection performed. Please report") > 0) {
continue;
}
if (strpos(" {$ligne}", "OSScan results may be unreliable") > 0) {
continue;
}
if (strpos(" {$ligne}", "/tcp filtered") > 0) {
continue;
}
if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Interesting ports on (.*?)\\s+\\(([0-9\\.]+)\\)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Interesting ports on ([0-9\\.]+):#", $ligne, $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} only in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} only";
continue;
}
if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found IP address `{$ipaddr}` without computername in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} without computername ";
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) {
if (trim($ipaddr) == null) {
continue;
}
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$computer[$ipaddr]["MAC"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} ";
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found mac {$re[1]} in `{$ligne}`\n";
}
$MACSSCAN[trim($re[1])] = true;
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) {
if (trim($ipaddr) == null) {
continue;
}
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$MACSSCAN[trim($re[1])] = true;
$computer[$ipaddr]["MAC"] = trim($re[1]);
$computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]);
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found mac {$re[1]} and machine type {$re[2]} in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}";
continue;
}
if (preg_match("#^Running:(.+)#", $ligne, $re)) {
if (trim($ipaddr) == null) {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Found running in `{$line}`\n";
}
$computer[$ipaddr]["RUNNING"] = trim($re[1]);
continue;
}
if (preg_match("#^OS details:(.+)#", $ligne, $re)) {
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found OS {$re[1]} in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} with OS {$re[1]}";
$computer[$ipaddr]["OS"] = trim($re[1]);
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Not understood in `{$ligne}`\n";
}
}
nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS));
$c = 0;
$prefix_sql = "INSERT IGNORE INTO computers_lastscan (`MAC`, `zDate`,`ipaddr`,`hostname`,`Info`) VALUES ";
while (list($ipaddr, $array) = each($computer)) {
if (!isset($array["MAC"])) {
continue;
}
$mac = trim($array["MAC"]);
if (isset($already[$mac])) {
continue;
}
if ($mac == null) {
continue;
}
$c++;
$already[$mac] = true;
$ldap_ipaddr = null;
$ComputerRealName = null;
$uid = null;
$RAISON = array();
if (!isset($array["HOSTNAME"])) {
$array["HOSTNAME"] = null;
}
if (!isset($array["OS"])) {
$array["OS"] = null;
}
if (!isset($array["RUNNING"])) {
$array["RUNNING"] = null;
}
if (!isset($array["MACHINE_TYPE"])) {
$array["MACHINE_TYPE"] = null;
}
$date = date('Y-m-d H:i:s');
$infos = addslashes($array["OS"] . " Type:{$array["MACHINE_TYPE"]} ");
$SQLAD[] = "('{$mac}','{$date}','{$ipaddr}','{$array["HOSTNAME"]}','{$infos}')";
$cmp = new computers(null);
$uid = $cmp->ComputerIDFromMAC($mac);
if ($uid != null) {
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\n";
}
$cmp = new computers($uid);
$ldap_ipaddr = $cmp->ComputerIP;
$ComputerRealName = $cmp->ComputerRealName;
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}";
}
if ($array["HOSTNAME"] != null) {
$EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$";
if ($EXPECTED_UID != $uid) {
$RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}";
nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_uid($EXPECTED_UID);
}
}
if ($ldap_ipaddr != $ipaddr) {
writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__);
$RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}";
$RAISON[] = "DN: {$cmp->dn}";
$RAISON[] = "UID: {$cmp->uid}";
$RAISON[] = "MAC: {$cmp->ComputerMacAddress}";
if (!$cmp->update_ipaddr($ipaddr)) {
$RAISON[] = "ERROR:{$cmp->ldap_last_error}";
}
nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
}
if ($array["OS"] != null) {
if (strtolower($cmp->ComputerOS == "Unknown")) {
$cmp->ComputerOS = null;
}
if ($cmp->ComputerOS == null) {
$RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}";
nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_OS($array["OS"]);
}
}
} else {
if ($array["HOSTNAME"] != null) {
$uid = "{$array["HOSTNAME"]}\$";
} else {
continue;
}
nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}");
$cmp = new computers();
$cmp->ComputerIP = $ipaddr;
$cmp->ComputerMacAddress = $mac;
$cmp->uid = "{$uid}";
$cmp->ComputerOS = $array["OS"];
$cmp->ComputerRunning = $array["RUNNING"];
$cmp->ComputerMachineType = $array["MACHINE_TYPE"];
$cmp->Add();
}
}
if ($GLOBALS["VERBOSE"]) {
echo "*** " . count($SQLAD) . " MYsql queries...***\n";
}
system_admin_events("{$c} hosts analyzed in networks", __FUNCTION__, __FILE__, __LINE__, "nmap");
nmap_logs("{$c} hosts analyzed in networks", @file_get_contents("/etc/artica-postfix/nmap.map"), null);
if (count($SQLAD) > 0) {
$q = new mysql();
$q->QUERY_SQL("DROP TABLE computers_lastscan", "artica_backup");
$q->check_storage_table(true);
$final = $prefix_sql . @implode(",", $SQLAD);
if ($GLOBALS["VERBOSE"]) {
echo "*** {$final} ***\n";
}
$q->QUERY_SQL($prefix_sql . @implode(",", $SQLAD), "artica_backup");
if (!$q->ok) {
echo $q->mysql_error . "\n";
}
}
@unlink("/etc/artica-postfix/nmap.map");
//print_r($computer);
}
