public function testWithObjects()
{
$criteria = Criteria::create(TestUser::dao())->add(Expression::containsIp(IpRange::create('192.168.1.1-192.168.1.255'), 'ip'))->addProjection(Projection::property('id'));
$this->assertEquals($criteria->toDialectString(PostgresDialect::me()), 'SELECT "test_user"."id" FROM "test_user" WHERE "test_user"."ip" <<= \'192.168.1.1-192.168.1.255\'');
$criteria = Criteria::create(TestInternetProvider::dao())->add(Expression::containsIp('range', IpAddress::create('42.42.42.42')))->addProjection(Projection::property('id'));
$this->assertEquals($criteria->toDialectString(PostgresDialect::me()), 'SELECT "test_internet_provider"."id" FROM "test_internet_provider" WHERE \'42.42.42.42\' <<= "test_internet_provider"."range"');
}
/**
* @return IpAddress
**/
public function getEnd()
{
if (!$this->end) {
$this->end = IpAddress::create(long2ip($this->ip->getLongIp() | ~$this->longMask));
}
return $this->end;
}
public function testIpRangeProperty()
{
foreach (DBTestPool::me()->getPool() as $db) {
DBPool::me()->setDefault($db);
$akado = TestInternetProvider::create()->setName('Akada')->setRange(IpRange::create(IpAddress::create('192.168.1.1'), IpAddress::create('192.168.1.42')));
TestInternetProvider::dao()->add($akado);
$plainRange = Criteria::create(TestInternetProvider::dao())->addProjection(Projection::property('range'))->add(Expression::eq('name', 'Akada'))->getCustom();
$this->assertEquals($plainRange['range'], '192.168.1.1-192.168.1.42');
TestInternetProvider::dao()->add(TestInternetProvider::create()->setName('DomRu')->setRange(IpRange::create('192.168.2.0/24')));
$list = Criteria::create(TestInternetProvider::dao())->addOrder('id')->getList();
$this->assertEquals(count($list), 2);
}
}
public function testContains()
{
$IpNetwork = IpNetwork::create(IpAddress::create('83.149.5.0'), 24);
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.0')));
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.1')));
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.4')));
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.5.255')));
$this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.4.255')));
$this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.6.1')));
$IpNetwork = IpNetwork::create(IpAddress::create('83.149.24.64'), 26);
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.64')));
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.66')));
$this->assertTrue($IpNetwork->contains(IpAddress::create('83.149.24.127')));
$this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.24.63')));
$this->assertFalse($IpNetwork->contains(IpAddress::create('83.149.25.64')));
}
public function testBase()
{
$prm = Primitive::ipAddress('ip');
$this->assertTrue($prm->importValue('127.0.0.1'));
$this->assertTrue($prm->importValue('254.254.254.254'));
$this->assertTrue($prm->importValue('0.0.0.0'));
$this->assertFalse($prm->importValue('10.0.0'));
$this->assertFalse($prm->importValue('42.42.42.360'));
$this->assertFalse($prm->importValue('10.0.256'));
$prmWithDefault = Primitive::ipAddress('ip')->setDefault(IpAddress::create('42.42.42.42'));
$this->assertEquals($prmWithDefault->getActualValue()->toString(), '42.42.42.42');
$prmWithDefault->import(array('ip' => '43.43.43.43'));
$this->assertEquals($prmWithDefault->getActualValue()->toString(), '43.43.43.43');
$prmWithDefault->importValue(IpAddress::create('8.8.8.8'));
//google public dns ;)
$this->assertEquals($prmWithDefault->getActualValue()->toString(), '8.8.8.8');
}
public function testCreation()
{
$range = IpRange::create('192.168.2.1-192.168.255.255');
$anotherRange = IpRange::create(IpAddress::create('192.168.2.1'), IpAddress::create('192.168.255.255'));
$this->assertEquals($range->toString(), $anotherRange->toString());
try {
$range = IpRange::create('192.168.2.1-192.168.255.666');
$this->fail();
} catch (WrongArgumentException $e) {
/**/
}
try {
$range = IpRange::create('192.168.666.1-192.168.255.254');
$this->fail();
} catch (WrongArgumentException $e) {
/**/
}
try {
$range = IpRange::create(array(array(array(false))));
$this->fail();
} catch (WrongArgumentException $e) {
/**/
}
$slashRange = IpRange::create('192.168.1.0/30');
$this->assertEquals('192.168.1.0', $slashRange->getStart()->toString());
$this->assertEquals('192.168.1.3', $slashRange->getEnd()->toString());
try {
$range = IpRange::create('192.168.1.0/4');
$this->fail();
} catch (WrongArgumentException $e) {
/**/
}
$range = IpRange::create('8.8/16');
$this->assertEquals($range->toString(), '8.8.0.0-8.8.255.255');
$range = IpRange::create('192.168.1.1');
$this->assertEquals($range->getStart()->toString(), $range->getEnd()->toString());
}
public function fire($job, $data)
{
$output = new Symfony\Component\Console\Output\ConsoleOutput();
$json_array = json_decode($data['message']);
$service_provider = new $json_array->service_provider();
# Ensure the integration still exists. If not, delete all the nodes and remove the job from the queue forever.
try {
$integration = Integration::findOrFail($json_array->db_integration_id);
} catch (Exception $e) {
try {
Node::where('integration_id', '=', $json_array->db_integration_id)->delete();
return $job->delete();
} catch (Exception $e) {
}
}
$user_id = $integration->user_id;
$service_provider->db_integration_id = $integration->id;
$nodes = null;
$service_provider_nodes = array();
foreach ($service_provider->availability_zones as $availability_zone_name => $availability_zone_friendly_name) {
// I think this could be done with a recursive array merge
foreach ($service_provider->list_nodes($availability_zone_name, $availability_zone_friendly_name) as $availability_zone_node_list) {
array_push($service_provider_nodes, $availability_zone_node_list);
}
}
$current_nodes = $integration->nodes;
$all_service_provider_ids = [];
if ($service_provider_nodes && sizeof($service_provider_nodes) > 0) {
$integration->status = "Confirmed";
$integration->save();
foreach ($service_provider_nodes as $service_provider_node) {
array_push($all_service_provider_ids, $service_provider_node['service_provider_id']);
$node = Node::firstOrNew(array('service_provider_uuid' => $service_provider_node['service_provider_id'], 'integration_id' => $integration->id));
// Delete the node if it's been terminated
if ($node->service_provider_status == "terminated") {
$node->delete();
continue;
}
$node->service_provider_status = $service_provider_node['service_provider_status'];
$node->service_provider_uuid = $service_provider_node['service_provider_id'];
$node->service_provider_base_image_id = $service_provider_node['service_provider_base_image_id'];
$node->description = $service_provider_node['private_dns_name'] . " " . $service_provider_node['public_dns_name'];
$node->owner_id = $integration->user_id;
$node->public_dns_name = $service_provider_node['public_dns_name'];
$node->platform = $service_provider_node['platform'];
$node->name = "";
try {
$node->service_provider_availability_zone = $service_provider_node['availability_zone_name'];
$node->friendly_availability_zone = $service_provider_node['availability_zone_friendly'];
} catch (Exception $e) {
$node->service_provider_availability_zone = "San Francisco!";
$node->friendly_availability_zone = "San Francisco!";
}
// This should be handled in the DB schema. Default val of false.
if ($node->managed == null) {
$node->managed = false;
}
$base_image = BaseImage::firstOrNew(array('integration_id' => $integration->id, 'service_provider_id' => $service_provider_node['service_provider_base_image_id'], 'integration_id' => $integration->id, 'service_provider_label' => $service_provider_node['service_provider_base_image_id']));
$base_image->rollback_index = 0;
// Should be handled by schema or just removed. Stupid.
$base_image->save();
$node->base_image_id = $base_image->id;
if (!is_null($service_provider_node['service_provider_cluster_id'])) {
$node->service_provider_cluster_id = $service_provider_node['service_provider_cluster_id'];
}
$node->save();
foreach ($service_provider_node['service_provider_ip_addresses'] as $service_provider_ip) {
$db_ip = IpAddress::firstOrNew(array('address' => $service_provider_ip, 'node_id' => $node->id));
$db_ip->save();
}
// Delete ips from the database that don't appear in client report
IpAddress::where('address', '=', $integration->id)->where('node_id', '=', $node->id)->whereNotIn('address', $service_provider_node['service_provider_ip_addresses'])->delete();
}
// This is where we delete Nodes that no longer exist on the service provider side.
Node::where('integration_id', '=', $integration->id)->where('owner_id', '=', $user_id)->whereNotIn('service_provider_uuid', $all_service_provider_ids)->delete();
} else {
if (sizeof($service_provider_nodes) == 0) {
}
$integration->status = "Bad";
$integration->save();
}
// Do this job again in 30 seconds.
$job->release(900);
}
/**
* @return TestUser
*/
private function spawnUser($options = array())
{
$options += array('id' => '77', 'credentials' => Credentials::create(), 'lastLogin' => Timestamp::create('2011-12-31'), 'registered' => Timestamp::create('2011-12-30'), 'strangeTime' => Time::create('01:23:45'), 'city' => null, 'firstOptional' => null, 'secondOptional' => null, 'url' => HttpUrl::create()->parse('https://www.github.com'), 'properties' => Hstore::make(array('a' => 'apple', 'b' => 'bananas')), 'ip' => IpAddress::create('127.0.0.1'));
return $this->spawnObject(TestUser::create(), $options);
}
public function testSignedLongToIpToSignedLong()
{
foreach ($this->ips as $ip) {
$this->assertEquals(IpAddress::create(long2ip($ip[1]))->toSignedInt(), $ip[1]);
}
}
/**
* Compares two ip address
*
* @param \Extlib\System\IpAddress $address
* @return boolean
*/
public function equals(IpAddress $address)
{
return $this->getAddress(true) === $address->getAddress(true);
}
private function createFromString($string)
{
if (preg_match(self::SINGLE_IP_PATTERN, $string)) {
$ip = IpAddress::create($string);
$this->setup($ip, $ip);
} elseif (preg_match(self::IP_SLASH_PATTERN, $string)) {
list($ip, $mask) = explode('/', $string);
$this->createFromSlash($ip, $mask);
} elseif (preg_match(self::INTERVAL_PATTERN, $string)) {
$this->createFromInterval($string);
} else {
throw new WrongArgumentException('strange parameters received');
}
}
public function fire($job, $data)
{
try {
$output = new Symfony\Component\Console\Output\ConsoleOutput();
$packages = $data['message']['pkginfo']['installed'];
$matched_public_ip = false;
$node = null;
$matches = 0;
$ip_node_id_count = array();
$all_matched_ips = IpAddress::whereIn('address', $data['message']['ips'])->get();
if ($all_matched_ips) {
foreach ($all_matched_ips as $db_ip) {
if (!isset($ip_node_id_count[$db_ip->node_id])) {
$ip_node_id_count[$db_ip->node_id] = 1;
} else {
$ip_node_id_count[$db_ip->node_id]++;
}
}
} else {
$output->writeln("Couldn't find any ip addresses in the database from this report.");
return $job->delete();
}
asort($ip_node_id_count, SORT_NUMERIC);
end($ip_node_id_count);
$matched_node_id = key($ip_node_id_count);
$node = Node::find($matched_node_id);
if ($node) {
$node->managed = true;
$node->limbo = false;
$node->hostname = $data['message']['hostname'];
$node->virtual = $data['message']['virtual'];
$node->last_updated = $data['message']['pkginfo']['last_updated'];
$node->package_manager = $data['message']['pkginfo']['package_manager'];
if (!$node->platform) {
$node->platform = $data['message']['pkginfo']['platform'];
}
$node->save();
$query_version_vendor_query_pairs = array();
$packages_index = array();
foreach ($packages as $package_version) {
// Get rid of debian epochs
//https://ask.fedoraproject.org/en/question/6987/whats-the-meaning-of-the-number-which-appears-sometimes-when-i-use-yum-to-install-a-fedora-package-before-a-colon-at-the-beginning-of-the-name-of-the/
$explode_epoch = explode(":", $package_version[1]);
if (isset($explode_epoch[1])) {
array_shift($explode_epoch);
$package_version[1] = implode(":", $explode_epoch);
}
// Get rid of trailing periods. Note: Explore improving the regex on the agent because this really shouldn't happen but it does.
$package_version[1] = rtrim($package_version[1], ".");
// Get rid of downstream versioning that comes from dpkg. This should definitely be done on the agent side
// because I am 99% sure this is a dpkg thing only. And I'm sure some ying yangs legit put dashes in version
// numbers.
$last_dash = strrpos($package_version[1], "-");
if ($last_dash) {
$package_version[1] = substr($package_version[1], 0, $last_dash);
}
$package_record = Package::firstOrNew(array('name' => $package_version[0], 'node_id' => $node->id));
$package_record->version = $package_version[1];
try {
$package_record->save();
} catch (Exception $e) {
$output->writeln("couldn't save record" . print_r($e->getMessage()));
}
$packages_index[$package_record->name] = $package_record;
// Set up query cache. Only one query per agent report. That is crucial. Multiple queries would kill everything.
array_push($query_version_vendor_query_pairs, array('$and' => array(array('product' => $package_record->name, 'version' => $package_record->version))));
}
// Do one giant query. Not one per record.
$mongo_client = new MongoClient('mongodb://*****:*****@capital.3.mongolayer.com:10201,capital.2.mongolayer.com:10201/vulnerabilities?replicaSet=set-5558d1202c6859fcde00176a');
$mongo_database = $mongo_client->selectDB('vulnerabilities');
$mongo_collection = new MongoCollection($mongo_database, 'processed');
$mongo_query = $mongo_collection->find(array('$or' => $query_version_vendor_query_pairs))->timeout(9999999);
// This is where we actually do something.
// for some reason if i do a sort the query is so slow it times out
//$mongo_query->sort(array('last_updated' => 1));
// This won't work right if there are multiple vulnerabilties that match the prod and version.
$might_alert_for = array();
foreach ($mongo_query as $document) {
$packages_index[$document['product']]->vulnerability_severity = $document['risk_score'];
if ($document['risk_score'] > 0) {
if ($document['risk_score'] > 1) {
$node->vulnerable = true;
} else {
// See if any alerts need to go out. Severe only for now.
/*$alerts = Alert::where("owner_user_id", "=", $node->owner_id)->where("value", "=", 1)->get();
foreach($alerts as $alert) {
if(!isset($might_alert_for[$alert->user_id])) {
$might_alert_for[$alert->user_id] = array();
}
array_push($might_alert_for, $document);
}*/
if ($document['risk_score'] > 5) {
$node->severe_vulnerable = true;
}
}
}
try {
$packages_index[$document['product']]->save();
} catch (Exception $e) {
}
}
$node->save();
//$output->writeln(print_r($might_alert_for));
// Check to see if target user has been alerted about these particular issues before.
/*foreach($might_alert_for as $user_id, $list) {
foreach($list as $k, $list_item) {
$query = DB::table('sent_alerts')->where('node_id', '=', $node->id);
$query->where('package', '=', $list_item['product']);
$query->where('version', '=', $list_item['version']);
$count_result = $query->count();
if($count_result > 0) {
// If we've alerted before, remove this item from the list.
unset($might_alert_for[$user_id][$k]);
}
}
}
foreach($might_alert_for as $user_id, $list) {
foreach($list as $k, $list_item) {
Mail::send('emails.alerts.vulnerable', $data, function($message) use ($list_item) {
$message->from("*****@*****.**", "NoSprawl Vulnerability Alerting");
$message->to(User::find($list_item['user_id'])->email, User::find($list_item['user_id'])->name)->subject('NoSprawl New Vulnerability Discovered');
});
}
}*/
#$output->writeln("Done");
$job->delete();
} else {
$output->writeln("Got an agent report we couldn't match.");
$job->delete();
}
} catch (Exception $e) {
$output->writeln("error" . $e->getMessage());
}
}
