function update_users($sid, $users)
{
global $username, $dbconn;
//if ( $sid ) {
// $query = "delete from vuln_nessus_settings_users where sid=$sid";
// $result = $dbconn->execute($query);
//}
if ($sid && $users) {
$query = "SELECT name FROM vuln_nessus_settings WHERE id='{$sid}'";
$result = $dbconn->execute($query);
list($name) = $result->fields;
echo _("Updated Users Access for Profile") . ": [{$name}]<br>";
// foreach( $users as $uname ) {
// if ( $uname ) {
// $query = "INSERT INTO vuln_nessus_settings_users (sid, username) VALUES ('$sid', '$uname' );";
// $result = $dbconn->execute($query);
#echo "sql=$query<br>";
#echo "inserting server=$nserver zid=$zid<br>";
// }
// }
}
echo "<br>";
logAccess("Updated Users Associated to Profile {$sid}");
manage_profile_users($sid);
}
function net2ftp($action)
{
// --------------
// This function is the main net2ftp function; it is the interface between 3rd party
// scripts (CMS, control panels, etc), and the internal net2ftp modules and plugins.
//
// This function is called 5 times per pageload: to send the HTTP headers, to print
// the javascript code, to print the CSS code, to print the body onload actions and
// finally to print the body content.
// --------------
// -------------------------------------------------------------------------
// Check that "sendHttpHeaders" action is only executed once
// Check that no other actions can be executed if "sendHttpHeaders" has not yet been executed
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
if (defined("NET2FTP_SENDHTTPHEADERS") == true) {
echo "Error: please call the net2ftp(\$action) function only once with \$action = \"sendHttpHeaders\"!";
return false;
} else {
define("NET2FTP_SENDHTTPHEADERS", 1);
}
} else {
if (defined("NET2FTP_SENDHTTPHEADERS") == false) {
echo "Error: please call the net2ftp(\$action) function first with \$action = \"sendHttpHeaders\"!";
return false;
}
}
// -------------------------------------------------------------------------
// Global variables
// -------------------------------------------------------------------------
global $net2ftp_settings, $net2ftp_globals, $net2ftp_result, $net2ftp_messages;
// Set the NET2FTP constant which is used to check if template files are called by net2ftp
if (defined("NET2FTP") == false) {
define("NET2FTP", 1);
}
// Initialize the global variables
if ($action == "sendHttpHeaders") {
$net2ftp_globals = array();
$net2ftp_messages = array();
$net2ftp_output = array();
$net2ftp_result["success"] = true;
$net2ftp_result["errormessage"] = "";
$net2ftp_result["debug_backtrace"] = "";
$net2ftp_result["exit"] = false;
$net2ftp_settings = array();
}
// -------------------------------------------------------------------------
// If an error occured during a previous execution of net2ftp(), return false
// and let index.php print the error message
// -------------------------------------------------------------------------
if ($net2ftp_result["success"] == false) {
return false;
}
// -------------------------------------------------------------------------
// Input checks
// -------------------------------------------------------------------------
if ($action != "sendHttpHeaders" && $action != "printJavascript" && $action != "printCss" && $action != "printBodyOnload" && $action != "printBody") {
$net2ftp_result["success"] = false;
$net2ftp_result["errormessage"] = "The \$action variable has an unknown value: {$action}.";
$net2ftp_result["debug_backtrace"] = debug_backtrace();
logError();
return false;
}
// -------------------------------------------------------------------------
// Read settings files
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
require NET2FTP_APPLICATION_ROOTDIR . "/settings.inc.php";
require NET2FTP_APPLICATION_ROOTDIR . "/settings_authorizations.inc.php";
require NET2FTP_APPLICATION_ROOTDIR . "/settings_screens.inc.php";
}
// -------------------------------------------------------------------------
// Main directories
// -------------------------------------------------------------------------
$net2ftp_globals["application_rootdir"] = NET2FTP_APPLICATION_ROOTDIR;
if (NET2FTP_APPLICATION_ROOTDIR_URL == "/") {
$net2ftp_globals["application_rootdir_url"] = "";
} else {
$net2ftp_globals["application_rootdir_url"] = NET2FTP_APPLICATION_ROOTDIR_URL;
}
$net2ftp_globals["application_includesdir"] = $net2ftp_globals["application_rootdir"] . "/includes";
$net2ftp_globals["application_languagesdir"] = $net2ftp_globals["application_rootdir"] . "/languages";
$net2ftp_globals["application_modulesdir"] = $net2ftp_globals["application_rootdir"] . "/modules";
$net2ftp_globals["application_pluginsdir"] = $net2ftp_globals["application_rootdir"] . "/plugins";
$net2ftp_globals["application_skinsdir"] = $net2ftp_globals["application_rootdir"] . "/skins";
$net2ftp_globals["application_tempdir"] = $net2ftp_globals["application_rootdir"] . "/temp";
// -------------------------------------------------------------------------
// Set basic settings
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
// Run the script to the end, even if the user hits the stop button
ignore_user_abort();
// Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds)
// DON'T REGISTER IT HERE YET, as this causes errors on newer versions of PHP; first include the function libraries
// register_shutdown_function("net2ftp_shutdown");
// Set the error reporting level
if ($net2ftp_settings["error_reporting"] == "ALL") {
error_reporting(E_ALL);
} elseif ($net2ftp_settings["error_reporting"] == "NONE") {
error_reporting(0);
} else {
error_reporting(E_ERROR | E_WARNING | E_PARSE);
}
// Timer: start
$net2ftp_globals["starttime"] = microtime();
$net2ftp_globals["endtime"] = microtime();
}
// Set the PHP temporary directory
// putenv("TMPDIR=" . $net2ftp_globals["application_tempdir"]);
// -------------------------------------------------------------------------
// Function libraries:
// 1. Libraries which are always needed
// 2. Register global variables
// 3. Function libraries which are needed depending on certain variables
// // --> Do this only once, when $action == "sendHttpHeaders"
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
// 1. Libraries which are always needed
require_once $net2ftp_globals["application_includesdir"] . "/authorizations.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/consumption.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/database.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/errorhandling.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/filesystem.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/html.inc.php";
require_once $net2ftp_globals["application_includesdir"] . "/StonePhpSafeCrypt.php";
require_once $net2ftp_globals["application_languagesdir"] . "/languages.inc.php";
require_once $net2ftp_globals["application_skinsdir"] . "/skins.inc.php";
// 1. Define functions which are used, but which did not exist before PHP version 4.3.0
if (version_compare(phpversion(), "4.3.0", "<")) {
require_once $net2ftp_globals["application_includesdir"] . "/before430.inc.php";
}
// 2. Register global variables (POST, GET, GLOBAL, ...)
require_once $net2ftp_globals["application_includesdir"] . "/registerglobals.inc.php";
// 3. Function libraries which are needed depending on certain variables
if ($net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "unzip") {
require_once $net2ftp_globals["application_includesdir"] . "/pclerror.lib.php";
require_once $net2ftp_globals["application_includesdir"] . "/pcltar.lib.php";
require_once $net2ftp_globals["application_includesdir"] . "/pcltrace.lib.php";
require_once $net2ftp_globals["application_includesdir"] . "/pclzip.lib.php";
}
if ($net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "zip") {
require_once $net2ftp_globals["application_includesdir"] . "/browse.inc.php";
}
if ($net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "zip") {
require_once $net2ftp_globals["application_includesdir"] . "/zip.lib.php";
}
// 4. Load the plugins
require_once $net2ftp_globals["application_pluginsdir"] . "/plugins.inc.php";
$net2ftp_globals["activePlugins"] = getActivePlugins();
net2ftp_plugin_includePhpFiles();
// 5. Load the language file
includeLanguageFile();
}
// -------------------------------------------------------------------------
// Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds)
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
register_shutdown_function("net2ftp_shutdown");
}
// -------------------------------------------------------------------------
// Log access
// --> Do this only once, when $action == "sendHttpHeaders"
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
logAccess();
if ($net2ftp_result["success"] == false) {
logError();
return false;
}
}
// -------------------------------------------------------------------------
// Check authorizations
// --> Do this only once, when $action == "sendHttpHeaders"
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders" && $net2ftp_settings["check_authorization"] == "yes" && $net2ftp_globals["ftpserver"] != "") {
checkAuthorization($net2ftp_globals["ftpserver"], $net2ftp_globals["ftpserverport"], $net2ftp_globals["directory"], $net2ftp_globals["username"]);
if ($net2ftp_result["success"] == false) {
logError();
return false;
}
}
// -------------------------------------------------------------------------
// Get the consumption counter values from the database
// This retrieves the consumption of network and server resources for the
// current IP address and FTP server from the database, and stores these
// values in global variables. See /includes/consumption.inc.php for the details.
// --> Do this only once, when $action == "sendHttpHeaders"
// -------------------------------------------------------------------------
if ($action == "sendHttpHeaders") {
getConsumption();
if ($net2ftp_result["success"] == false) {
logError();
return false;
}
}
// -------------------------------------------------------------------------
// Execute the action!
// -------------------------------------------------------------------------
// ------------------------------------
// For most modules, everything must be done: send headers, print body, etc
// ------------------------------------
if ($net2ftp_globals["state"] == "admin" || $net2ftp_globals["state"] == "admin_createtables" || $net2ftp_globals["state"] == "admin_emptylogs" || $net2ftp_globals["state"] == "admin_viewlogs" || $net2ftp_globals["state"] == "advanced" || $net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "bookmark" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "edit" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 1 || $net2ftp_globals["state"] == "login" || $net2ftp_globals["state"] == "login_small" || $net2ftp_globals["state"] == "logout" || $net2ftp_globals["state"] == "newdir" || $net2ftp_globals["state"] == "raw" || $net2ftp_globals["state"] == "rename" || $net2ftp_globals["state"] == "unzip" || $net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] == "" || $net2ftp_globals["state"] == "zip") {
require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php";
if ($action == "sendHttpHeaders") {
net2ftp_module_sendHttpHeaders();
// If needed, exit to avoid sending non-header output (by net2ftp or other application)
// Example: if a module sends a HTTP redirect header (See /includes/authorizations.inc.php function checkAdminUsernamePassword()!)
if ($net2ftp_result["exit"] == true) {
exit;
}
} elseif ($action == "printJavascript") {
net2ftp_module_printJavascript();
net2ftp_plugin_printJavascript();
} elseif ($action == "printCss") {
net2ftp_module_printCss();
net2ftp_plugin_printCss();
} elseif ($action == "printBodyOnload") {
net2ftp_module_printBodyOnload();
net2ftp_plugin_printBodyOnload();
} elseif ($action == "printBody") {
// Print the status bar to be able to show the progress
if (isStatusbarActive() == true) {
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/statusbar.template.php";
}
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/status/status.inc.php";
// Do the work and meanwhile update the progress bar
net2ftp_module_printBody();
// Update the consumption statistics
$net2ftp_globals["endtime"] = microtime();
$net2ftp_globals["time_taken"] = timer();
addConsumption(0, $net2ftp_globals["time_taken"]);
putConsumption();
// Set the progress bar to "finished"
if (isStatusbarActive() == true) {
$statusmessage = __("Script finished in %1\$s seconds", $net2ftp_globals["time_taken"]);
setStatus(1, 1, $statusmessage);
}
}
} elseif ($net2ftp_globals["state"] == "clearcookies" || $net2ftp_globals["state"] == "downloadfile" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 2 || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] != "") {
require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php";
if ($action == "sendHttpHeaders") {
// Do the work - do not update the progress bar
net2ftp_module_sendHttpHeaders();
// Update the consumption statistics
$net2ftp_globals["endtime"] = microtime();
$net2ftp_globals["time_taken"] = timer();
addConsumption(0, $net2ftp_globals["time_taken"]);
putConsumption();
// Exit to avoid sending non-header output (by net2ftp or other application)
exit;
} elseif ($action == "printJavascript") {
} elseif ($action == "printCss") {
} elseif ($action == "printBodyOnload") {
} elseif ($action == "printBody") {
}
} elseif ($net2ftp_globals["state"] == "error") {
logError();
return false;
} else {
$errormessage = __("Unexpected state string: %1\$s. Exiting.", $net2ftp_globals["state"]);
setErrorVars(false, $errormessage, debug_backtrace(), __FILE__, __LINE__);
logError();
return false;
}
}
function script_details($id, $op, $nid)
{
global $enableNotes, $username, $site_code, $user_sites, $dbconn;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
if ($op == "delnote" and $nid != "") {
if (!is_numeric($nid)) {
require_once 'footer.php';
echo "Cannot access this page - nid is non numeric";
die;
}
logAccess("Security violation - Requested non numeric noteid " . $nid);
$query = "delete from nessus_notes \n where id={$nid} and username='******'";
$result = $dbconn->execute($query);
}
$result = $dbconn->Execute("SELECT t1.id, t1.name, t2.name, t3.name, t1.copyright, t1.summary, t1.description, t1.version, \n\tt1.cve_id, t1.bugtraq_id FROM vuln_nessus_plugins t1\n\tLEFT JOIN vuln_nessus_family t2 on t1.family=t2.id\n\tLEFT JOIN vuln_nessus_category t3 on t1.category=t3.id\n\tWHERE t1.id='{$id}'");
list($pid, $pname, $pfamily, $pcategory, $pcopyright, $psummary, $pdescription, $pversion, $pcve_id, $pbugtraq_id) = $result->fields;
$pdescription = Util::htmlentities($pdescription);
echo "\n<center><B>Plugin details</B></center>\n<B>ID:</B> {$pid}<BR>\n<B>Name:</B> {$pname}<BR>\n<B>Family:</B> {$pfamily}<BR>\n<B>Category:</B> {$pcategory}<BR>\n<B>Copyright:</B> {$pcopyright}<BR>\n<B>Summary:</B> {$psummary}<BR>\n<B>Description:</B> " . preg_replace("/\n/", "<br>", $pdescription) . "<BR>\n<B>Version:</B> {$pversion}<BR>\n<B>CVE IDs: </B>";
$CVEs = preg_split("/[\\s,]+/", $pcve_id);
foreach ($CVEs as $CVE) {
echo "<a href=\"http://www.cvedetails.com/cve/{$CVE}/\" target=\"_blank\">{$CVE}</a> ";
}
$Bugtraqs = preg_split("/[\\s,]+/", $pbugtraq_id);
echo "<br/><B>Bugtraq IDs: </B>";
foreach ($Bugtraqs as $Bugtraq) {
echo "<a href=\"http://www.securityfocus.com/bid/{$Bugtraq}\">{$Bugtraq}</a> ";
}
$result->Close();
echo <<<EOT
<BR/><BR/>
EOT;
if ($enableNotes) {
echo '<font color="red"><B>Notes:</B></font><BR>';
$query = "select id, note \n from vuln_nessus_notes \n where username='******' and pid={$id}";
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($nid, $note) = $result->fields;
echo <<<EOT
<hr><a href="lookup.php?op=delnote&nid={$nid}&id={$id}">
<img alt="Delete Note" src="images/false.png" border=0></a> {$note}<BR>
EOT;
$result->MoveNext();
}
echo <<<EOT
<BR>
<a href="notes.php?op=add&pid={$id}&httpfrom=lookup">
<img alt="Add a Custom Note" src="images/note.png" border=0>
Add a Custom Note</a></font>
EOT;
}
}
$_SESSION["contratoVigente"] = ($row["CONTRATOVIGENTE"] == 1);
$_SESSION["cuit"] = $row["EM_CUIT"];
$_SESSION["empresa"] = $row["EMPRESA"];
$_SESSION["fieldError"] = "";
$_SESSION["idEmpresa"] = $row["IDEMPRESA"];
$_SESSION["idUsuario"] = $row["UE_ID"];
$_SESSION["isAdmin"] = ($row["UC_ESADMINEMPRESA"] == "S");
$_SESSION["isAdminTotal"] = ($row["UC_ESADMINTOTAL"] == "S");
$_SESSION["isCliente"] = true;
$_SESSION["login"] = true;
$_SESSION["msgError"] = "";
$_SESSION["suss"] = $row["EM_SUSS"];
$_SESSION["usuario"] = $row["UE_USUARIO"];
if (!$servidorContingenciaActivo) { // Si el servidor activo es el primario puedo guardar en la base..
logAccess($_SESSION["idUsuario"], 3, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 49);
// Actualizo la password si corresponde..
if (($_SESSION["cambiarPassword"]) and (isset($_POST["psn"]))) {
$params = array(":clave" => $_POST["psn"], ":id" => $_SESSION["idUsuario"]);
$sql =
"UPDATE web.wue_usuariosextranet
SET ue_clave = art.utiles.md5(:clave),
ue_forzarclave = 'F'
WHERE ue_id = :id";
DBExecSql($conn, $sql, $params);
}
// Registro el último login y blanqueo la clave provisoria..
$params = array(":id" => $_SESSION["idUsuario"]);
$sql =
// Directory that contains error pages
define("ERRORS", dirname(__FILE__) . "/errors");
// Default index file
define("DIRECTORY_INDEX", "index.php");
// Optional array of authorized client IPs for a bit of security
$config["hostsAllowed"] = array();
function logAccess($status = 200)
{
file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"]));
}
// parse allowed host list
if (in_array($_SERVER["REMOTE_ADDR"], $config["hostsAllowed"])) {
logAccess(403);
http_response_code(403);
include ERRORS . "/403.php";
exit;
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
$path = rtrim($path, "/") . "/" . DIRECTORY_INDEX;
}
// If the file exists then return false and let the server handle it
if (file_exists($_SERVER["DOCUMENT_ROOT"] . $path)) {
return false;
}
// default behavior
logAccess(404);
http_response_code(404);
include ERRORS . "/404.php";
if (!isset($_SESSION["contrato"])) {
header("Location: login.php");
validarParametro(false);
exit;
}
$contrato = $_SESSION["contrato"];
$file = DATA_FORMULARIO_ESTABLECIMIENTOS."contrato_".$contrato.".pdf";
$fileE = DATA_FORMULARIO_ESTABLECIMIENTOS_EXTERNAL."contrato_".$contrato.".pdf";
if (!file_exists($file))
solicitarArchivo($contrato, $fileE);
elseif ((file_exists($file)) and (date("c") > date("c", filemtime($file) + 600))) { // Si el archivo existe y se creó hace mas de 10 minutos lo borro para que se genere de nuevo..
unlink($fileE);
solicitarArchivo($contrato, $fileE);
}
set_time_limit(120);
while (!file_exists($file)) // Queda loopeando hasta que se genere el archivo o salga por timeout..
sleep(2);
logAccess($contrato, 1, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 2);
?>
<script type="text/javascript">
window.open('<?php
echo getFile($file);
?>
', 'extranetWindow', 'location=0');
history.back();
</script>
Abriendo archivo...
function generate_results($output)
{
global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser;
$ip = $_SERVER['REMOTE_ADDR'];
logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED");
echo "";
switch ($output) {
case "full":
echo vulnbreakdown();
echo hostsummary();
echo origdetails();
break;
case "summary":
echo "" . vulnbreakdown();
echo "" . hostsummary();
break;
case "printable":
$border = 0;
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . vulndetails();
break;
case "min":
$query_risk = "AND risk <= '3' ";
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . vulndetails();
break;
case "optimized":
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . vulndetails();
break;
default:
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . origdetails();
break;
}
echo "";
}
if ($i++ !== 0) {
$k .= "::";
}
$k .= urldecode($val);
}
if ($debug) {
echo "Query: {$k}";
}
$conn = DBConn();
$escapedK = $conn->real_escape_string($k);
$sql = "select v from {$tname} where k='" . $escapedK . "'";
if ($debug) {
echo $sql;
}
$result = $conn->query($sql);
$rows = [];
if ($result->num_rows > 0) {
// output data of each row
while ($row = $result->fetch_assoc()) {
$rows[] = $row['v'];
}
}
// JSON_PRETTY_PRINT|
print json_encode($rows, JSON_UNESCAPED_UNICODE);
logAccess($conn, $appname, $escapedK);
$conn->close();
function logAccess($db, $type, $k)
{
$sql = "insert into log set type='" . $type . "', loc='" . $k . "'";
$db->query($sql);
}
define('ERRORS', dirname(__FILE__) . '/errors');
// Default index file
define('DIRECTORY_INDEX', 'index.php');
// Optional array of authorized client IPs for a bit of security
$config['hostsAllowed'] = [];
chdir(getcwd() . DIRECTORY_SEPARATOR . 'public');
function logAccess($status = 200)
{
file_put_contents('php://stdout', sprintf("[%s] %s:%s [%s]: %s\n", date('D M j H:i:s Y'), $_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_PORT'], $status, $_SERVER['REQUEST_URI']));
}
// Parse allowed host list
if (!empty($config['hostsAllowed'])) {
if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) {
logAccess(403);
http_response_code(403);
echo '403';
exit;
}
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
$path = rtrim($path, '/') . '/' . DIRECTORY_INDEX;
}
// If the file exists then return false and let the server handle it
if (file_exists(getcwd() . DIRECTORY_SEPARATOR . $path) && strstr($path, '.php') === false) {
return false;
}
logAccess();
require_once getcwd() . DIRECTORY_SEPARATOR . 'index.php';
function rerun($job_id)
{
global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn;
logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}");
$sql_access = "";
if (!$uroles['admin']) {
$sql_access = "AND username='******'";
}
$query = "SELECT id, name, fk_name, notify, job_TYPE, meth_SCHED, meth_TARGET, \n meth_CRED, meth_VSET, meth_Wcheck, meth_Wfile, \n\t\t meth_Ucheck, meth_TIMEOUT, scan_ASSIGNED, authorized\n FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}";
$result = $dbconn->execute($query);
#list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields;
$editdata = $result->fields;
if ($editdata['id'] == $job_id) {
main_page($job_id, "rerun");
} else {
//logAccess( "INVALID JOBID $job_id" );
echo "<p><font color=red>INVALID JOB ID</font></p>";
}
}
function rerun($job_id)
{
global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}");
$sql_access = "";
if (!$uroles['admin']) {
$sql_access = "AND username='******'";
}
$query = "SELECT * FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}";
$result = $dbconn->execute($query);
#list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields;
$editdata = $result->fields;
if ($editdata['id'] == $job_id) {
main_page($job_id, "rerun");
} else {
//logAccess( "INVALID JOBID $job_id" );
echo "<p><font color=red>INVALID JOB ID</font></p>";
}
}
function updatedb($nessus_id, $fieldvalue, $dbconn, $type, $category)
{
if ($type == "C" and $fieldvalue == "") {
$fieldvalue = "no";
} else {
$fieldvalue = htmlspecialchars(mysql_escape_string(trim($fieldvalue)), ENT_QUOTES);
}
$sql = "select count(*) from vuln_nessus_preferences where nessus_id = \"{$nessus_id}\"";
$result = $dbconn->execute($sql);
list($existing) = $result->fields;
if ($existing == 0) {
# Do an insert statement
logAccess("New default preference added - {$nessus_id}");
$sql = "insert vuln_nessus_preferences set nessus_id = \"{$nessus_id}\", value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\"";
} else {
$sql = "update vuln_nessus_preferences set value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\" where nessus_id = \"{$nessus_id}\"";
}
$result = $dbconn->execute($sql);
}
function generate_results($output)
{
global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser;
if ($report_id != "") {
$query = "SELECT sid FROM vuln_nessus_latest_reports WHERE 1=1" . ($report_id != "all" ? " AND report_id={$report_id}" : "") . " {$query_byuser}";
//echo $query;
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($sid) = $result->fields;
$sids[] = $sid;
$result->MoveNext();
}
$sid = implode(",", $sids);
} else {
if ($scansubmit != "" && $treport != "latest") {
$query = "SELECT r.report_id, r.sid FROM vuln_nessus_reports r,vuln_jobs j WHERE r.report_id=j.report_id AND j.scan_SUBMIT='{$scansubmit}'" . (in_array("admin", $arruser) ? "" : " AND r.username in ('{$user}') ");
//print_r($arruser);
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($report_id, $sid) = $result->fields;
$ids[] = $report_id;
$result->MoveNext();
}
$report_id = implode(",", $ids);
} else {
$query = "SELECT report_id, sid FROM " . ($treport == "latest" ? "vuln_nessus_latest_reports" : "vuln_nessus_reports") . " WHERE " . ($treport == "" ? "scantime='{$scantime}'" : "report_key={$key}") . "\n AND scantype='{$scantype}' {$query_byuser} LIMIT 1";
//echo $query;
$result = $dbconn->execute($query);
list($report_id, $sid) = $result->fields;
}
}
//echo $query;
//echo "sid=$sid<br>";
//echo "report_id=$report_id<br>";
$ip = $_SERVER['REMOTE_ADDR'];
logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED");
echo "";
//var_dump($output);
switch ($output) {
case "full":
//echo "navbar-".navbar($output)."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
//echo "reportsummary-".reportsummary()."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
echo "" . reportsummary();
//echo "".navbar($output);
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . origdetails();
break;
case "detailed":
echo "" . reportsummary();
//navbar ( $output );
#echo "". detailedresults();
break;
case "summary":
echo "" . reportsummary();
//navbar ( $output );
echo "" . vulnbreakdown();
echo "" . hostsummary();
break;
case "printable":
$border = 0;
echo "" . reportsummary();
//navbar ( $output );
echo "" . vulnbreakdown();
#echo "". atrisksummary();
echo "" . hostsummary();
echo "" . vulndetails();
break;
case "min":
#$border=0;
$query_risk = "AND risk <= '3' ";
echo "" . reportsummary();
//navbar ( $output );
echo "" . vulnbreakdown();
#echo "". atrisksummary();
echo "" . hostsummary();
echo "" . vulndetails();
break;
case "optimized":
echo "" . reportsummary();
//navbar ( $output );
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . vulndetails();
break;
default:
echo "" . reportsummary();
//navbar ( $output );
echo "" . vulnbreakdown();
echo "" . hostsummary();
echo "" . origdetails();
break;
}
echo "";
}
// Set timezone
date_default_timezone_set("UTC");
// Directory that contains error pages
define("ERRORS", dirname(__FILE__) . "/errors");
// Default index file
$DIRECTORY_INDEX = array('index.php', 'index.htm', 'index.html');
// Optional array of authorized client IPs for a bit of security
$config["hostsAllowed"] = array();
function logAccess($status = 200)
{
file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"]));
}
// Parse allowed host list
if (!empty($config['hostsAllowed'])) {
if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) {
logAccess(403);
http_response_code(403);
include ERRORS . '/403.php';
exit;
}
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
foreach ($DIRECTORY_INDEX as $index) {
$temp_path = rtrim($path, "/") . "/" . $index;
// If the file index exists then return false and let the server handle it
if (file_exists($_SERVER["DOCUMENT_ROOT"] . $temp_path)) {
return false;
}