Пример #1
0
function update_users($sid, $users)
{
    global $username, $dbconn;
    //if ( $sid ) {
    //   $query = "delete from vuln_nessus_settings_users where sid=$sid";
    //   $result = $dbconn->execute($query);
    //}
    if ($sid && $users) {
        $query = "SELECT name FROM vuln_nessus_settings WHERE id='{$sid}'";
        $result = $dbconn->execute($query);
        list($name) = $result->fields;
        echo _("Updated Users Access for Profile") . ": [{$name}]<br>";
        // foreach( $users as $uname ) {
        //  if ( $uname ) {
        //      $query = "INSERT INTO vuln_nessus_settings_users (sid, username) VALUES ('$sid', '$uname' );";
        //       $result = $dbconn->execute($query);
        #echo "sql=$query<br>";
        #echo "inserting server=$nserver   zid=$zid<br>";
        //     }
        //  }
    }
    echo "<br>";
    logAccess("Updated Users Associated to Profile {$sid}");
    manage_profile_users($sid);
}
Пример #2
0
function net2ftp($action)
{
    // --------------
    // This function is the main net2ftp function; it is the interface between 3rd party
    // scripts (CMS, control panels, etc), and the internal net2ftp modules and plugins.
    //
    // This function is called 5 times per pageload: to send the HTTP headers, to print
    // the javascript code, to print the CSS code, to print the body onload actions and
    // finally to print the body content.
    // --------------
    // -------------------------------------------------------------------------
    // Check that "sendHttpHeaders" action is only executed once
    // Check that no other actions can be executed if "sendHttpHeaders" has not yet been executed
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        if (defined("NET2FTP_SENDHTTPHEADERS") == true) {
            echo "Error: please call the net2ftp(\$action) function only once with \$action = \"sendHttpHeaders\"!";
            return false;
        } else {
            define("NET2FTP_SENDHTTPHEADERS", 1);
        }
    } else {
        if (defined("NET2FTP_SENDHTTPHEADERS") == false) {
            echo "Error: please call the net2ftp(\$action) function first with \$action = \"sendHttpHeaders\"!";
            return false;
        }
    }
    // -------------------------------------------------------------------------
    // Global variables
    // -------------------------------------------------------------------------
    global $net2ftp_settings, $net2ftp_globals, $net2ftp_result, $net2ftp_messages;
    // Set the NET2FTP constant which is used to check if template files are called by net2ftp
    if (defined("NET2FTP") == false) {
        define("NET2FTP", 1);
    }
    // Initialize the global variables
    if ($action == "sendHttpHeaders") {
        $net2ftp_globals = array();
        $net2ftp_messages = array();
        $net2ftp_output = array();
        $net2ftp_result["success"] = true;
        $net2ftp_result["errormessage"] = "";
        $net2ftp_result["debug_backtrace"] = "";
        $net2ftp_result["exit"] = false;
        $net2ftp_settings = array();
    }
    // -------------------------------------------------------------------------
    // If an error occured during a previous execution of net2ftp(), return false
    // and let index.php print the error message
    // -------------------------------------------------------------------------
    if ($net2ftp_result["success"] == false) {
        return false;
    }
    // -------------------------------------------------------------------------
    // Input checks
    // -------------------------------------------------------------------------
    if ($action != "sendHttpHeaders" && $action != "printJavascript" && $action != "printCss" && $action != "printBodyOnload" && $action != "printBody") {
        $net2ftp_result["success"] = false;
        $net2ftp_result["errormessage"] = "The \$action variable has an unknown value: {$action}.";
        $net2ftp_result["debug_backtrace"] = debug_backtrace();
        logError();
        return false;
    }
    // -------------------------------------------------------------------------
    // Read settings files
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        require NET2FTP_APPLICATION_ROOTDIR . "/settings.inc.php";
        require NET2FTP_APPLICATION_ROOTDIR . "/settings_authorizations.inc.php";
        require NET2FTP_APPLICATION_ROOTDIR . "/settings_screens.inc.php";
    }
    // -------------------------------------------------------------------------
    // Main directories
    // -------------------------------------------------------------------------
    $net2ftp_globals["application_rootdir"] = NET2FTP_APPLICATION_ROOTDIR;
    if (NET2FTP_APPLICATION_ROOTDIR_URL == "/") {
        $net2ftp_globals["application_rootdir_url"] = "";
    } else {
        $net2ftp_globals["application_rootdir_url"] = NET2FTP_APPLICATION_ROOTDIR_URL;
    }
    $net2ftp_globals["application_includesdir"] = $net2ftp_globals["application_rootdir"] . "/includes";
    $net2ftp_globals["application_languagesdir"] = $net2ftp_globals["application_rootdir"] . "/languages";
    $net2ftp_globals["application_modulesdir"] = $net2ftp_globals["application_rootdir"] . "/modules";
    $net2ftp_globals["application_pluginsdir"] = $net2ftp_globals["application_rootdir"] . "/plugins";
    $net2ftp_globals["application_skinsdir"] = $net2ftp_globals["application_rootdir"] . "/skins";
    $net2ftp_globals["application_tempdir"] = $net2ftp_globals["application_rootdir"] . "/temp";
    // -------------------------------------------------------------------------
    // Set basic settings
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        // Run the script to the end, even if the user hits the stop button
        ignore_user_abort();
        // Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds)
        // DON'T REGISTER IT HERE YET, as this causes errors on newer versions of PHP; first include the function libraries
        //		register_shutdown_function("net2ftp_shutdown");
        // Set the error reporting level
        if ($net2ftp_settings["error_reporting"] == "ALL") {
            error_reporting(E_ALL);
        } elseif ($net2ftp_settings["error_reporting"] == "NONE") {
            error_reporting(0);
        } else {
            error_reporting(E_ERROR | E_WARNING | E_PARSE);
        }
        // Timer: start
        $net2ftp_globals["starttime"] = microtime();
        $net2ftp_globals["endtime"] = microtime();
    }
    // Set the PHP temporary directory
    //	putenv("TMPDIR=" . $net2ftp_globals["application_tempdir"]);
    // -------------------------------------------------------------------------
    // Function libraries:
    // 1. Libraries which are always needed
    // 2. Register global variables
    // 3. Function libraries which are needed depending on certain variables
    // // --> Do this only once, when $action == "sendHttpHeaders"
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        // 1. Libraries which are always needed
        require_once $net2ftp_globals["application_includesdir"] . "/authorizations.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/consumption.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/database.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/errorhandling.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/filesystem.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/html.inc.php";
        require_once $net2ftp_globals["application_includesdir"] . "/StonePhpSafeCrypt.php";
        require_once $net2ftp_globals["application_languagesdir"] . "/languages.inc.php";
        require_once $net2ftp_globals["application_skinsdir"] . "/skins.inc.php";
        // 1. Define functions which are used, but which did not exist before PHP version 4.3.0
        if (version_compare(phpversion(), "4.3.0", "<")) {
            require_once $net2ftp_globals["application_includesdir"] . "/before430.inc.php";
        }
        // 2. Register global variables (POST, GET, GLOBAL, ...)
        require_once $net2ftp_globals["application_includesdir"] . "/registerglobals.inc.php";
        // 3. Function libraries which are needed depending on certain variables
        if ($net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "unzip") {
            require_once $net2ftp_globals["application_includesdir"] . "/pclerror.lib.php";
            require_once $net2ftp_globals["application_includesdir"] . "/pcltar.lib.php";
            require_once $net2ftp_globals["application_includesdir"] . "/pcltrace.lib.php";
            require_once $net2ftp_globals["application_includesdir"] . "/pclzip.lib.php";
        }
        if ($net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "zip") {
            require_once $net2ftp_globals["application_includesdir"] . "/browse.inc.php";
        }
        if ($net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "zip") {
            require_once $net2ftp_globals["application_includesdir"] . "/zip.lib.php";
        }
        // 4. Load the plugins
        require_once $net2ftp_globals["application_pluginsdir"] . "/plugins.inc.php";
        $net2ftp_globals["activePlugins"] = getActivePlugins();
        net2ftp_plugin_includePhpFiles();
        // 5. Load the language file
        includeLanguageFile();
    }
    // -------------------------------------------------------------------------
    // Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds)
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        register_shutdown_function("net2ftp_shutdown");
    }
    // -------------------------------------------------------------------------
    // Log access
    // --> Do this only once, when $action == "sendHttpHeaders"
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        logAccess();
        if ($net2ftp_result["success"] == false) {
            logError();
            return false;
        }
    }
    // -------------------------------------------------------------------------
    // Check authorizations
    // --> Do this only once, when $action == "sendHttpHeaders"
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders" && $net2ftp_settings["check_authorization"] == "yes" && $net2ftp_globals["ftpserver"] != "") {
        checkAuthorization($net2ftp_globals["ftpserver"], $net2ftp_globals["ftpserverport"], $net2ftp_globals["directory"], $net2ftp_globals["username"]);
        if ($net2ftp_result["success"] == false) {
            logError();
            return false;
        }
    }
    // -------------------------------------------------------------------------
    // Get the consumption counter values from the database
    // This retrieves the consumption of network and server resources for the
    // current IP address and FTP server from the database, and stores these
    // values in global variables. See /includes/consumption.inc.php for the details.
    // --> Do this only once, when $action == "sendHttpHeaders"
    // -------------------------------------------------------------------------
    if ($action == "sendHttpHeaders") {
        getConsumption();
        if ($net2ftp_result["success"] == false) {
            logError();
            return false;
        }
    }
    // -------------------------------------------------------------------------
    // Execute the action!
    // -------------------------------------------------------------------------
    // ------------------------------------
    // For most modules, everything must be done: send headers, print body, etc
    // ------------------------------------
    if ($net2ftp_globals["state"] == "admin" || $net2ftp_globals["state"] == "admin_createtables" || $net2ftp_globals["state"] == "admin_emptylogs" || $net2ftp_globals["state"] == "admin_viewlogs" || $net2ftp_globals["state"] == "advanced" || $net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "bookmark" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "edit" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 1 || $net2ftp_globals["state"] == "login" || $net2ftp_globals["state"] == "login_small" || $net2ftp_globals["state"] == "logout" || $net2ftp_globals["state"] == "newdir" || $net2ftp_globals["state"] == "raw" || $net2ftp_globals["state"] == "rename" || $net2ftp_globals["state"] == "unzip" || $net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] == "" || $net2ftp_globals["state"] == "zip") {
        require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php";
        if ($action == "sendHttpHeaders") {
            net2ftp_module_sendHttpHeaders();
            // If needed, exit to avoid sending non-header output (by net2ftp or other application)
            // Example: if a module sends a HTTP redirect header (See /includes/authorizations.inc.php function checkAdminUsernamePassword()!)
            if ($net2ftp_result["exit"] == true) {
                exit;
            }
        } elseif ($action == "printJavascript") {
            net2ftp_module_printJavascript();
            net2ftp_plugin_printJavascript();
        } elseif ($action == "printCss") {
            net2ftp_module_printCss();
            net2ftp_plugin_printCss();
        } elseif ($action == "printBodyOnload") {
            net2ftp_module_printBodyOnload();
            net2ftp_plugin_printBodyOnload();
        } elseif ($action == "printBody") {
            // Print the status bar to be able to show the progress
            if (isStatusbarActive() == true) {
                require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/statusbar.template.php";
            }
            require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/status/status.inc.php";
            // Do the work and meanwhile update the progress bar
            net2ftp_module_printBody();
            // Update the consumption statistics
            $net2ftp_globals["endtime"] = microtime();
            $net2ftp_globals["time_taken"] = timer();
            addConsumption(0, $net2ftp_globals["time_taken"]);
            putConsumption();
            // Set the progress bar to "finished"
            if (isStatusbarActive() == true) {
                $statusmessage = __("Script finished in %1\$s seconds", $net2ftp_globals["time_taken"]);
                setStatus(1, 1, $statusmessage);
            }
        }
    } elseif ($net2ftp_globals["state"] == "clearcookies" || $net2ftp_globals["state"] == "downloadfile" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 2 || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] != "") {
        require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php";
        if ($action == "sendHttpHeaders") {
            // Do the work - do not update the progress bar
            net2ftp_module_sendHttpHeaders();
            // Update the consumption statistics
            $net2ftp_globals["endtime"] = microtime();
            $net2ftp_globals["time_taken"] = timer();
            addConsumption(0, $net2ftp_globals["time_taken"]);
            putConsumption();
            // Exit to avoid sending non-header output (by net2ftp or other application)
            exit;
        } elseif ($action == "printJavascript") {
        } elseif ($action == "printCss") {
        } elseif ($action == "printBodyOnload") {
        } elseif ($action == "printBody") {
        }
    } elseif ($net2ftp_globals["state"] == "error") {
        logError();
        return false;
    } else {
        $errormessage = __("Unexpected state string: %1\$s. Exiting.", $net2ftp_globals["state"]);
        setErrorVars(false, $errormessage, debug_backtrace(), __FILE__, __LINE__);
        logError();
        return false;
    }
}
Пример #3
0
function script_details($id, $op, $nid)
{
    global $enableNotes, $username, $site_code, $user_sites, $dbconn;
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    if ($op == "delnote" and $nid != "") {
        if (!is_numeric($nid)) {
            require_once 'footer.php';
            echo "Cannot access this page - nid is non numeric";
            die;
        }
        logAccess("Security violation - Requested non numeric noteid " . $nid);
        $query = "delete from nessus_notes \n            where id={$nid} and username='******'";
        $result = $dbconn->execute($query);
    }
    $result = $dbconn->Execute("SELECT t1.id, t1.name, t2.name, t3.name, t1.copyright, t1.summary, t1.description, t1.version, \n\tt1.cve_id, t1.bugtraq_id FROM vuln_nessus_plugins t1\n\tLEFT JOIN vuln_nessus_family t2 on t1.family=t2.id\n\tLEFT JOIN vuln_nessus_category t3 on t1.category=t3.id\n\tWHERE t1.id='{$id}'");
    list($pid, $pname, $pfamily, $pcategory, $pcopyright, $psummary, $pdescription, $pversion, $pcve_id, $pbugtraq_id) = $result->fields;
    $pdescription = Util::htmlentities($pdescription);
    echo "\n<center><B>Plugin details</B></center>\n<B>ID:</B> {$pid}<BR>\n<B>Name:</B> {$pname}<BR>\n<B>Family:</B> {$pfamily}<BR>\n<B>Category:</B> {$pcategory}<BR>\n<B>Copyright:</B> {$pcopyright}<BR>\n<B>Summary:</B> {$psummary}<BR>\n<B>Description:</B> " . preg_replace("/\n/", "<br>", $pdescription) . "<BR>\n<B>Version:</B> {$pversion}<BR>\n<B>CVE IDs: </B>";
    $CVEs = preg_split("/[\\s,]+/", $pcve_id);
    foreach ($CVEs as $CVE) {
        echo "<a href=\"http://www.cvedetails.com/cve/{$CVE}/\" target=\"_blank\">{$CVE}</a> ";
    }
    $Bugtraqs = preg_split("/[\\s,]+/", $pbugtraq_id);
    echo "<br/><B>Bugtraq IDs: </B>";
    foreach ($Bugtraqs as $Bugtraq) {
        echo "<a href=\"http://www.securityfocus.com/bid/{$Bugtraq}\">{$Bugtraq}</a>  ";
    }
    $result->Close();
    echo <<<EOT
<BR/><BR/>

EOT;
    if ($enableNotes) {
        echo '<font color="red"><B>Notes:</B></font><BR>';
        $query = "select id, note \n             from vuln_nessus_notes \n             where username='******' and pid={$id}";
        $result = $dbconn->execute($query);
        while (!$result->EOF) {
            list($nid, $note) = $result->fields;
            echo <<<EOT
<hr><a href="lookup.php?op=delnote&amp;nid={$nid}&amp;id={$id}">
<img alt="Delete Note" src="images/false.png" border=0></a>&nbsp;&nbsp;{$note}<BR>
EOT;
            $result->MoveNext();
        }
        echo <<<EOT
<BR>
<a href="notes.php?op=add&amp;pid={$id}&httpfrom=lookup">
<img alt="Add a Custom Note" src="images/note.png" border=0>
&nbsp;&nbsp;Add a Custom Note</a></font>
EOT;
    }
}
Пример #4
0
	$_SESSION["contratoVigente"] = ($row["CONTRATOVIGENTE"] == 1);
	$_SESSION["cuit"] = $row["EM_CUIT"];
	$_SESSION["empresa"] = $row["EMPRESA"];
	$_SESSION["fieldError"] = "";
	$_SESSION["idEmpresa"] = $row["IDEMPRESA"];
	$_SESSION["idUsuario"] = $row["UE_ID"];
	$_SESSION["isAdmin"] = ($row["UC_ESADMINEMPRESA"] == "S");
	$_SESSION["isAdminTotal"] = ($row["UC_ESADMINTOTAL"] == "S");
	$_SESSION["isCliente"] = true;
	$_SESSION["login"] = true;
	$_SESSION["msgError"] = "";
	$_SESSION["suss"] = $row["EM_SUSS"];
	$_SESSION["usuario"] = $row["UE_USUARIO"];

	if (!$servidorContingenciaActivo) {		// Si el servidor activo es el primario puedo guardar en la base..
		logAccess($_SESSION["idUsuario"], 3, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 49);

		// Actualizo la password si corresponde..
		if (($_SESSION["cambiarPassword"]) and (isset($_POST["psn"]))) {
			$params = array(":clave" => $_POST["psn"], ":id" => $_SESSION["idUsuario"]);
			$sql =
				"UPDATE web.wue_usuariosextranet
						SET ue_clave = art.utiles.md5(:clave),
								ue_forzarclave = 'F'
					WHERE ue_id = :id";
			DBExecSql($conn, $sql, $params);
		}

		// Registro el último login y blanqueo la clave provisoria..
		$params = array(":id" => $_SESSION["idUsuario"]);
		$sql =
Пример #5
0
// Directory that contains error pages
define("ERRORS", dirname(__FILE__) . "/errors");
// Default index file
define("DIRECTORY_INDEX", "index.php");
// Optional array of authorized client IPs for a bit of security
$config["hostsAllowed"] = array();
function logAccess($status = 200)
{
    file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"]));
}
// parse allowed host list
if (in_array($_SERVER["REMOTE_ADDR"], $config["hostsAllowed"])) {
    logAccess(403);
    http_response_code(403);
    include ERRORS . "/403.php";
    exit;
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
    $path = rtrim($path, "/") . "/" . DIRECTORY_INDEX;
}
// If the file exists then return false and let the server handle it
if (file_exists($_SERVER["DOCUMENT_ROOT"] . $path)) {
    return false;
}
// default behavior
logAccess(404);
http_response_code(404);
include ERRORS . "/404.php";
Пример #6
0
if (!isset($_SESSION["contrato"])) {
	header("Location: login.php");
	validarParametro(false);
	exit;
}

$contrato = $_SESSION["contrato"];
$file = DATA_FORMULARIO_ESTABLECIMIENTOS."contrato_".$contrato.".pdf";
$fileE = DATA_FORMULARIO_ESTABLECIMIENTOS_EXTERNAL."contrato_".$contrato.".pdf";

if (!file_exists($file))
	solicitarArchivo($contrato, $fileE);
elseif ((file_exists($file)) and (date("c") > date("c", filemtime($file) + 600))) {		// Si el archivo existe y se creó hace mas de 10 minutos lo borro para que se genere de nuevo..
	unlink($fileE);
	solicitarArchivo($contrato, $fileE);
}

set_time_limit(120);
while (!file_exists($file))		// Queda loopeando hasta que se genere el archivo o salga por timeout..
	sleep(2);

logAccess($contrato, 1, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 2);
?>
<script type="text/javascript">
	window.open('<?php 
echo getFile($file);
?>
', 'extranetWindow', 'location=0');
	history.back();
</script>
Abriendo archivo...
Пример #7
0
function generate_results($output)
{
    global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser;
    $ip = $_SERVER['REMOTE_ADDR'];
    logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED");
    echo "";
    switch ($output) {
        case "full":
            echo vulnbreakdown();
            echo hostsummary();
            echo origdetails();
            break;
        case "summary":
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            break;
        case "printable":
            $border = 0;
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        case "min":
            $query_risk = "AND risk <= '3' ";
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        case "optimized":
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        default:
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . origdetails();
            break;
    }
    echo "";
}
Пример #8
0
    if ($i++ !== 0) {
        $k .= "::";
    }
    $k .= urldecode($val);
}
if ($debug) {
    echo "Query: {$k}";
}
$conn = DBConn();
$escapedK = $conn->real_escape_string($k);
$sql = "select v from {$tname} where k='" . $escapedK . "'";
if ($debug) {
    echo $sql;
}
$result = $conn->query($sql);
$rows = [];
if ($result->num_rows > 0) {
    // output data of each row
    while ($row = $result->fetch_assoc()) {
        $rows[] = $row['v'];
    }
}
// JSON_PRETTY_PRINT|
print json_encode($rows, JSON_UNESCAPED_UNICODE);
logAccess($conn, $appname, $escapedK);
$conn->close();
function logAccess($db, $type, $k)
{
    $sql = "insert into log set type='" . $type . "', loc='" . $k . "'";
    $db->query($sql);
}
Пример #9
0
define('ERRORS', dirname(__FILE__) . '/errors');
// Default index file
define('DIRECTORY_INDEX', 'index.php');
// Optional array of authorized client IPs for a bit of security
$config['hostsAllowed'] = [];
chdir(getcwd() . DIRECTORY_SEPARATOR . 'public');
function logAccess($status = 200)
{
    file_put_contents('php://stdout', sprintf("[%s] %s:%s [%s]: %s\n", date('D M j H:i:s Y'), $_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_PORT'], $status, $_SERVER['REQUEST_URI']));
}
// Parse allowed host list
if (!empty($config['hostsAllowed'])) {
    if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) {
        logAccess(403);
        http_response_code(403);
        echo '403';
        exit;
    }
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
    $path = rtrim($path, '/') . '/' . DIRECTORY_INDEX;
}
// If the file exists then return false and let the server handle it
if (file_exists(getcwd() . DIRECTORY_SEPARATOR . $path) && strstr($path, '.php') === false) {
    return false;
}
logAccess();
require_once getcwd() . DIRECTORY_SEPARATOR . 'index.php';
Пример #10
0
function rerun($job_id)
{
    global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn;
    logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}");
    $sql_access = "";
    if (!$uroles['admin']) {
        $sql_access = "AND username='******'";
    }
    $query = "SELECT id, name, fk_name, notify, job_TYPE, meth_SCHED, meth_TARGET, \n                     meth_CRED, meth_VSET, meth_Wcheck, meth_Wfile, \n\t\t     meth_Ucheck, meth_TIMEOUT, scan_ASSIGNED, authorized\n              FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}";
    $result = $dbconn->execute($query);
    #list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields;
    $editdata = $result->fields;
    if ($editdata['id'] == $job_id) {
        main_page($job_id, "rerun");
    } else {
        //logAccess( "INVALID JOBID $job_id" );
        echo "<p><font color=red>INVALID JOB ID</font></p>";
    }
}
Пример #11
0
function rerun($job_id)
{
    global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn;
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}");
    $sql_access = "";
    if (!$uroles['admin']) {
        $sql_access = "AND username='******'";
    }
    $query = "SELECT * FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}";
    $result = $dbconn->execute($query);
    #list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields;
    $editdata = $result->fields;
    if ($editdata['id'] == $job_id) {
        main_page($job_id, "rerun");
    } else {
        //logAccess( "INVALID JOBID $job_id" );
        echo "<p><font color=red>INVALID JOB ID</font></p>";
    }
}
Пример #12
0
function updatedb($nessus_id, $fieldvalue, $dbconn, $type, $category)
{
    if ($type == "C" and $fieldvalue == "") {
        $fieldvalue = "no";
    } else {
        $fieldvalue = htmlspecialchars(mysql_escape_string(trim($fieldvalue)), ENT_QUOTES);
    }
    $sql = "select count(*) from vuln_nessus_preferences where nessus_id = \"{$nessus_id}\"";
    $result = $dbconn->execute($sql);
    list($existing) = $result->fields;
    if ($existing == 0) {
        # Do an insert statement
        logAccess("New default preference added - {$nessus_id}");
        $sql = "insert vuln_nessus_preferences set nessus_id = \"{$nessus_id}\", value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\"";
    } else {
        $sql = "update vuln_nessus_preferences set value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\" where nessus_id = \"{$nessus_id}\"";
    }
    $result = $dbconn->execute($sql);
}
Пример #13
0
function generate_results($output)
{
    global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser;
    if ($report_id != "") {
        $query = "SELECT sid FROM vuln_nessus_latest_reports WHERE 1=1" . ($report_id != "all" ? " AND report_id={$report_id}" : "") . " {$query_byuser}";
        //echo $query;
        $result = $dbconn->execute($query);
        while (!$result->EOF) {
            list($sid) = $result->fields;
            $sids[] = $sid;
            $result->MoveNext();
        }
        $sid = implode(",", $sids);
    } else {
        if ($scansubmit != "" && $treport != "latest") {
            $query = "SELECT r.report_id, r.sid FROM vuln_nessus_reports r,vuln_jobs j WHERE r.report_id=j.report_id AND j.scan_SUBMIT='{$scansubmit}'" . (in_array("admin", $arruser) ? "" : " AND r.username in ('{$user}') ");
            //print_r($arruser);
            $result = $dbconn->execute($query);
            while (!$result->EOF) {
                list($report_id, $sid) = $result->fields;
                $ids[] = $report_id;
                $result->MoveNext();
            }
            $report_id = implode(",", $ids);
        } else {
            $query = "SELECT report_id, sid FROM " . ($treport == "latest" ? "vuln_nessus_latest_reports" : "vuln_nessus_reports") . " WHERE " . ($treport == "" ? "scantime='{$scantime}'" : "report_key={$key}") . "\n                 AND scantype='{$scantype}' {$query_byuser} LIMIT 1";
            //echo $query;
            $result = $dbconn->execute($query);
            list($report_id, $sid) = $result->fields;
        }
    }
    //echo $query;
    //echo "sid=$sid<br>";
    //echo "report_id=$report_id<br>";
    $ip = $_SERVER['REMOTE_ADDR'];
    logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED");
    echo "";
    //var_dump($output);
    switch ($output) {
        case "full":
            //echo "navbar-".navbar($output)."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
            //echo "reportsummary-".reportsummary()."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
            echo "" . reportsummary();
            //echo "".navbar($output);
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . origdetails();
            break;
        case "detailed":
            echo "" . reportsummary();
            //navbar ( $output );
            #echo "". detailedresults();
            break;
        case "summary":
            echo "" . reportsummary();
            //navbar ( $output );
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            break;
        case "printable":
            $border = 0;
            echo "" . reportsummary();
            //navbar ( $output );
            echo "" . vulnbreakdown();
            #echo "". atrisksummary();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        case "min":
            #$border=0;
            $query_risk = "AND risk <= '3' ";
            echo "" . reportsummary();
            //navbar ( $output );
            echo "" . vulnbreakdown();
            #echo "". atrisksummary();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        case "optimized":
            echo "" . reportsummary();
            //navbar ( $output );
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . vulndetails();
            break;
        default:
            echo "" . reportsummary();
            //navbar ( $output );
            echo "" . vulnbreakdown();
            echo "" . hostsummary();
            echo "" . origdetails();
            break;
    }
    echo "";
}
// Set timezone
date_default_timezone_set("UTC");
// Directory that contains error pages
define("ERRORS", dirname(__FILE__) . "/errors");
// Default index file
$DIRECTORY_INDEX = array('index.php', 'index.htm', 'index.html');
// Optional array of authorized client IPs for a bit of security
$config["hostsAllowed"] = array();
function logAccess($status = 200)
{
    file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"]));
}
// Parse allowed host list
if (!empty($config['hostsAllowed'])) {
    if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) {
        logAccess(403);
        http_response_code(403);
        include ERRORS . '/403.php';
        exit;
    }
}
// if requesting a directory then serve the default index
$path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
$ext = pathinfo($path, PATHINFO_EXTENSION);
if (empty($ext)) {
    foreach ($DIRECTORY_INDEX as $index) {
        $temp_path = rtrim($path, "/") . "/" . $index;
        // If the file index exists then return false and let the server handle it
        if (file_exists($_SERVER["DOCUMENT_ROOT"] . $temp_path)) {
            return false;
        }