function update_users($sid, $users) { global $username, $dbconn; //if ( $sid ) { // $query = "delete from vuln_nessus_settings_users where sid=$sid"; // $result = $dbconn->execute($query); //} if ($sid && $users) { $query = "SELECT name FROM vuln_nessus_settings WHERE id='{$sid}'"; $result = $dbconn->execute($query); list($name) = $result->fields; echo _("Updated Users Access for Profile") . ": [{$name}]<br>"; // foreach( $users as $uname ) { // if ( $uname ) { // $query = "INSERT INTO vuln_nessus_settings_users (sid, username) VALUES ('$sid', '$uname' );"; // $result = $dbconn->execute($query); #echo "sql=$query<br>"; #echo "inserting server=$nserver zid=$zid<br>"; // } // } } echo "<br>"; logAccess("Updated Users Associated to Profile {$sid}"); manage_profile_users($sid); }
function net2ftp($action) { // -------------- // This function is the main net2ftp function; it is the interface between 3rd party // scripts (CMS, control panels, etc), and the internal net2ftp modules and plugins. // // This function is called 5 times per pageload: to send the HTTP headers, to print // the javascript code, to print the CSS code, to print the body onload actions and // finally to print the body content. // -------------- // ------------------------------------------------------------------------- // Check that "sendHttpHeaders" action is only executed once // Check that no other actions can be executed if "sendHttpHeaders" has not yet been executed // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { if (defined("NET2FTP_SENDHTTPHEADERS") == true) { echo "Error: please call the net2ftp(\$action) function only once with \$action = \"sendHttpHeaders\"!"; return false; } else { define("NET2FTP_SENDHTTPHEADERS", 1); } } else { if (defined("NET2FTP_SENDHTTPHEADERS") == false) { echo "Error: please call the net2ftp(\$action) function first with \$action = \"sendHttpHeaders\"!"; return false; } } // ------------------------------------------------------------------------- // Global variables // ------------------------------------------------------------------------- global $net2ftp_settings, $net2ftp_globals, $net2ftp_result, $net2ftp_messages; // Set the NET2FTP constant which is used to check if template files are called by net2ftp if (defined("NET2FTP") == false) { define("NET2FTP", 1); } // Initialize the global variables if ($action == "sendHttpHeaders") { $net2ftp_globals = array(); $net2ftp_messages = array(); $net2ftp_output = array(); $net2ftp_result["success"] = true; $net2ftp_result["errormessage"] = ""; $net2ftp_result["debug_backtrace"] = ""; $net2ftp_result["exit"] = false; $net2ftp_settings = array(); } // ------------------------------------------------------------------------- // If an error occured during a previous execution of net2ftp(), return false // and let index.php print the error message // ------------------------------------------------------------------------- if ($net2ftp_result["success"] == false) { return false; } // ------------------------------------------------------------------------- // Input checks // ------------------------------------------------------------------------- if ($action != "sendHttpHeaders" && $action != "printJavascript" && $action != "printCss" && $action != "printBodyOnload" && $action != "printBody") { $net2ftp_result["success"] = false; $net2ftp_result["errormessage"] = "The \$action variable has an unknown value: {$action}."; $net2ftp_result["debug_backtrace"] = debug_backtrace(); logError(); return false; } // ------------------------------------------------------------------------- // Read settings files // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { require NET2FTP_APPLICATION_ROOTDIR . "/settings.inc.php"; require NET2FTP_APPLICATION_ROOTDIR . "/settings_authorizations.inc.php"; require NET2FTP_APPLICATION_ROOTDIR . "/settings_screens.inc.php"; } // ------------------------------------------------------------------------- // Main directories // ------------------------------------------------------------------------- $net2ftp_globals["application_rootdir"] = NET2FTP_APPLICATION_ROOTDIR; if (NET2FTP_APPLICATION_ROOTDIR_URL == "/") { $net2ftp_globals["application_rootdir_url"] = ""; } else { $net2ftp_globals["application_rootdir_url"] = NET2FTP_APPLICATION_ROOTDIR_URL; } $net2ftp_globals["application_includesdir"] = $net2ftp_globals["application_rootdir"] . "/includes"; $net2ftp_globals["application_languagesdir"] = $net2ftp_globals["application_rootdir"] . "/languages"; $net2ftp_globals["application_modulesdir"] = $net2ftp_globals["application_rootdir"] . "/modules"; $net2ftp_globals["application_pluginsdir"] = $net2ftp_globals["application_rootdir"] . "/plugins"; $net2ftp_globals["application_skinsdir"] = $net2ftp_globals["application_rootdir"] . "/skins"; $net2ftp_globals["application_tempdir"] = $net2ftp_globals["application_rootdir"] . "/temp"; // ------------------------------------------------------------------------- // Set basic settings // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { // Run the script to the end, even if the user hits the stop button ignore_user_abort(); // Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds) // DON'T REGISTER IT HERE YET, as this causes errors on newer versions of PHP; first include the function libraries // register_shutdown_function("net2ftp_shutdown"); // Set the error reporting level if ($net2ftp_settings["error_reporting"] == "ALL") { error_reporting(E_ALL); } elseif ($net2ftp_settings["error_reporting"] == "NONE") { error_reporting(0); } else { error_reporting(E_ERROR | E_WARNING | E_PARSE); } // Timer: start $net2ftp_globals["starttime"] = microtime(); $net2ftp_globals["endtime"] = microtime(); } // Set the PHP temporary directory // putenv("TMPDIR=" . $net2ftp_globals["application_tempdir"]); // ------------------------------------------------------------------------- // Function libraries: // 1. Libraries which are always needed // 2. Register global variables // 3. Function libraries which are needed depending on certain variables // // --> Do this only once, when $action == "sendHttpHeaders" // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { // 1. Libraries which are always needed require_once $net2ftp_globals["application_includesdir"] . "/authorizations.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/consumption.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/database.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/errorhandling.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/filesystem.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/html.inc.php"; require_once $net2ftp_globals["application_includesdir"] . "/StonePhpSafeCrypt.php"; require_once $net2ftp_globals["application_languagesdir"] . "/languages.inc.php"; require_once $net2ftp_globals["application_skinsdir"] . "/skins.inc.php"; // 1. Define functions which are used, but which did not exist before PHP version 4.3.0 if (version_compare(phpversion(), "4.3.0", "<")) { require_once $net2ftp_globals["application_includesdir"] . "/before430.inc.php"; } // 2. Register global variables (POST, GET, GLOBAL, ...) require_once $net2ftp_globals["application_includesdir"] . "/registerglobals.inc.php"; // 3. Function libraries which are needed depending on certain variables if ($net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "unzip") { require_once $net2ftp_globals["application_includesdir"] . "/pclerror.lib.php"; require_once $net2ftp_globals["application_includesdir"] . "/pcltar.lib.php"; require_once $net2ftp_globals["application_includesdir"] . "/pcltrace.lib.php"; require_once $net2ftp_globals["application_includesdir"] . "/pclzip.lib.php"; } if ($net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "zip") { require_once $net2ftp_globals["application_includesdir"] . "/browse.inc.php"; } if ($net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "zip") { require_once $net2ftp_globals["application_includesdir"] . "/zip.lib.php"; } // 4. Load the plugins require_once $net2ftp_globals["application_pluginsdir"] . "/plugins.inc.php"; $net2ftp_globals["activePlugins"] = getActivePlugins(); net2ftp_plugin_includePhpFiles(); // 5. Load the language file includeLanguageFile(); } // ------------------------------------------------------------------------- // Execute function shutdown() if the script reaches the maximum execution time (usually 30 seconds) // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { register_shutdown_function("net2ftp_shutdown"); } // ------------------------------------------------------------------------- // Log access // --> Do this only once, when $action == "sendHttpHeaders" // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { logAccess(); if ($net2ftp_result["success"] == false) { logError(); return false; } } // ------------------------------------------------------------------------- // Check authorizations // --> Do this only once, when $action == "sendHttpHeaders" // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders" && $net2ftp_settings["check_authorization"] == "yes" && $net2ftp_globals["ftpserver"] != "") { checkAuthorization($net2ftp_globals["ftpserver"], $net2ftp_globals["ftpserverport"], $net2ftp_globals["directory"], $net2ftp_globals["username"]); if ($net2ftp_result["success"] == false) { logError(); return false; } } // ------------------------------------------------------------------------- // Get the consumption counter values from the database // This retrieves the consumption of network and server resources for the // current IP address and FTP server from the database, and stores these // values in global variables. See /includes/consumption.inc.php for the details. // --> Do this only once, when $action == "sendHttpHeaders" // ------------------------------------------------------------------------- if ($action == "sendHttpHeaders") { getConsumption(); if ($net2ftp_result["success"] == false) { logError(); return false; } } // ------------------------------------------------------------------------- // Execute the action! // ------------------------------------------------------------------------- // ------------------------------------ // For most modules, everything must be done: send headers, print body, etc // ------------------------------------ if ($net2ftp_globals["state"] == "admin" || $net2ftp_globals["state"] == "admin_createtables" || $net2ftp_globals["state"] == "admin_emptylogs" || $net2ftp_globals["state"] == "admin_viewlogs" || $net2ftp_globals["state"] == "advanced" || $net2ftp_globals["state"] == "advanced_ftpserver" || $net2ftp_globals["state"] == "advanced_parsing" || $net2ftp_globals["state"] == "advanced_webserver" || $net2ftp_globals["state"] == "bookmark" || $net2ftp_globals["state"] == "browse" || $net2ftp_globals["state"] == "calculatesize" || $net2ftp_globals["state"] == "chmod" || $net2ftp_globals["state"] == "copymovedelete" || $net2ftp_globals["state"] == "edit" || $net2ftp_globals["state"] == "findstring" || $net2ftp_globals["state"] == "install" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 1 || $net2ftp_globals["state"] == "login" || $net2ftp_globals["state"] == "login_small" || $net2ftp_globals["state"] == "logout" || $net2ftp_globals["state"] == "newdir" || $net2ftp_globals["state"] == "raw" || $net2ftp_globals["state"] == "rename" || $net2ftp_globals["state"] == "unzip" || $net2ftp_globals["state"] == "upload" || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] == "" || $net2ftp_globals["state"] == "zip") { require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php"; if ($action == "sendHttpHeaders") { net2ftp_module_sendHttpHeaders(); // If needed, exit to avoid sending non-header output (by net2ftp or other application) // Example: if a module sends a HTTP redirect header (See /includes/authorizations.inc.php function checkAdminUsernamePassword()!) if ($net2ftp_result["exit"] == true) { exit; } } elseif ($action == "printJavascript") { net2ftp_module_printJavascript(); net2ftp_plugin_printJavascript(); } elseif ($action == "printCss") { net2ftp_module_printCss(); net2ftp_plugin_printCss(); } elseif ($action == "printBodyOnload") { net2ftp_module_printBodyOnload(); net2ftp_plugin_printBodyOnload(); } elseif ($action == "printBody") { // Print the status bar to be able to show the progress if (isStatusbarActive() == true) { require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/statusbar.template.php"; } require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/status/status.inc.php"; // Do the work and meanwhile update the progress bar net2ftp_module_printBody(); // Update the consumption statistics $net2ftp_globals["endtime"] = microtime(); $net2ftp_globals["time_taken"] = timer(); addConsumption(0, $net2ftp_globals["time_taken"]); putConsumption(); // Set the progress bar to "finished" if (isStatusbarActive() == true) { $statusmessage = __("Script finished in %1\$s seconds", $net2ftp_globals["time_taken"]); setStatus(1, 1, $statusmessage); } } } elseif ($net2ftp_globals["state"] == "clearcookies" || $net2ftp_globals["state"] == "downloadfile" || $net2ftp_globals["state"] == "downloadzip" || $net2ftp_globals["state"] == "followsymlink" || $net2ftp_globals["state"] == "jupload" && $net2ftp_globals["screen"] == 2 || $net2ftp_globals["state"] == "view" && $net2ftp_globals["state2"] != "") { require_once $net2ftp_globals["application_modulesdir"] . "/" . $net2ftp_globals["state"] . "/" . $net2ftp_globals["state"] . ".inc.php"; if ($action == "sendHttpHeaders") { // Do the work - do not update the progress bar net2ftp_module_sendHttpHeaders(); // Update the consumption statistics $net2ftp_globals["endtime"] = microtime(); $net2ftp_globals["time_taken"] = timer(); addConsumption(0, $net2ftp_globals["time_taken"]); putConsumption(); // Exit to avoid sending non-header output (by net2ftp or other application) exit; } elseif ($action == "printJavascript") { } elseif ($action == "printCss") { } elseif ($action == "printBodyOnload") { } elseif ($action == "printBody") { } } elseif ($net2ftp_globals["state"] == "error") { logError(); return false; } else { $errormessage = __("Unexpected state string: %1\$s. Exiting.", $net2ftp_globals["state"]); setErrorVars(false, $errormessage, debug_backtrace(), __FILE__, __LINE__); logError(); return false; } }
function script_details($id, $op, $nid) { global $enableNotes, $username, $site_code, $user_sites, $dbconn; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); if ($op == "delnote" and $nid != "") { if (!is_numeric($nid)) { require_once 'footer.php'; echo "Cannot access this page - nid is non numeric"; die; } logAccess("Security violation - Requested non numeric noteid " . $nid); $query = "delete from nessus_notes \n where id={$nid} and username='******'"; $result = $dbconn->execute($query); } $result = $dbconn->Execute("SELECT t1.id, t1.name, t2.name, t3.name, t1.copyright, t1.summary, t1.description, t1.version, \n\tt1.cve_id, t1.bugtraq_id FROM vuln_nessus_plugins t1\n\tLEFT JOIN vuln_nessus_family t2 on t1.family=t2.id\n\tLEFT JOIN vuln_nessus_category t3 on t1.category=t3.id\n\tWHERE t1.id='{$id}'"); list($pid, $pname, $pfamily, $pcategory, $pcopyright, $psummary, $pdescription, $pversion, $pcve_id, $pbugtraq_id) = $result->fields; $pdescription = Util::htmlentities($pdescription); echo "\n<center><B>Plugin details</B></center>\n<B>ID:</B> {$pid}<BR>\n<B>Name:</B> {$pname}<BR>\n<B>Family:</B> {$pfamily}<BR>\n<B>Category:</B> {$pcategory}<BR>\n<B>Copyright:</B> {$pcopyright}<BR>\n<B>Summary:</B> {$psummary}<BR>\n<B>Description:</B> " . preg_replace("/\n/", "<br>", $pdescription) . "<BR>\n<B>Version:</B> {$pversion}<BR>\n<B>CVE IDs: </B>"; $CVEs = preg_split("/[\\s,]+/", $pcve_id); foreach ($CVEs as $CVE) { echo "<a href=\"http://www.cvedetails.com/cve/{$CVE}/\" target=\"_blank\">{$CVE}</a> "; } $Bugtraqs = preg_split("/[\\s,]+/", $pbugtraq_id); echo "<br/><B>Bugtraq IDs: </B>"; foreach ($Bugtraqs as $Bugtraq) { echo "<a href=\"http://www.securityfocus.com/bid/{$Bugtraq}\">{$Bugtraq}</a> "; } $result->Close(); echo <<<EOT <BR/><BR/> EOT; if ($enableNotes) { echo '<font color="red"><B>Notes:</B></font><BR>'; $query = "select id, note \n from vuln_nessus_notes \n where username='******' and pid={$id}"; $result = $dbconn->execute($query); while (!$result->EOF) { list($nid, $note) = $result->fields; echo <<<EOT <hr><a href="lookup.php?op=delnote&nid={$nid}&id={$id}"> <img alt="Delete Note" src="images/false.png" border=0></a> {$note}<BR> EOT; $result->MoveNext(); } echo <<<EOT <BR> <a href="notes.php?op=add&pid={$id}&httpfrom=lookup"> <img alt="Add a Custom Note" src="images/note.png" border=0> Add a Custom Note</a></font> EOT; } }
$_SESSION["contratoVigente"] = ($row["CONTRATOVIGENTE"] == 1); $_SESSION["cuit"] = $row["EM_CUIT"]; $_SESSION["empresa"] = $row["EMPRESA"]; $_SESSION["fieldError"] = ""; $_SESSION["idEmpresa"] = $row["IDEMPRESA"]; $_SESSION["idUsuario"] = $row["UE_ID"]; $_SESSION["isAdmin"] = ($row["UC_ESADMINEMPRESA"] == "S"); $_SESSION["isAdminTotal"] = ($row["UC_ESADMINTOTAL"] == "S"); $_SESSION["isCliente"] = true; $_SESSION["login"] = true; $_SESSION["msgError"] = ""; $_SESSION["suss"] = $row["EM_SUSS"]; $_SESSION["usuario"] = $row["UE_USUARIO"]; if (!$servidorContingenciaActivo) { // Si el servidor activo es el primario puedo guardar en la base.. logAccess($_SESSION["idUsuario"], 3, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 49); // Actualizo la password si corresponde.. if (($_SESSION["cambiarPassword"]) and (isset($_POST["psn"]))) { $params = array(":clave" => $_POST["psn"], ":id" => $_SESSION["idUsuario"]); $sql = "UPDATE web.wue_usuariosextranet SET ue_clave = art.utiles.md5(:clave), ue_forzarclave = 'F' WHERE ue_id = :id"; DBExecSql($conn, $sql, $params); } // Registro el último login y blanqueo la clave provisoria.. $params = array(":id" => $_SESSION["idUsuario"]); $sql =
// Directory that contains error pages define("ERRORS", dirname(__FILE__) . "/errors"); // Default index file define("DIRECTORY_INDEX", "index.php"); // Optional array of authorized client IPs for a bit of security $config["hostsAllowed"] = array(); function logAccess($status = 200) { file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"])); } // parse allowed host list if (in_array($_SERVER["REMOTE_ADDR"], $config["hostsAllowed"])) { logAccess(403); http_response_code(403); include ERRORS . "/403.php"; exit; } // if requesting a directory then serve the default index $path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); $ext = pathinfo($path, PATHINFO_EXTENSION); if (empty($ext)) { $path = rtrim($path, "/") . "/" . DIRECTORY_INDEX; } // If the file exists then return false and let the server handle it if (file_exists($_SERVER["DOCUMENT_ROOT"] . $path)) { return false; } // default behavior logAccess(404); http_response_code(404); include ERRORS . "/404.php";
if (!isset($_SESSION["contrato"])) { header("Location: login.php"); validarParametro(false); exit; } $contrato = $_SESSION["contrato"]; $file = DATA_FORMULARIO_ESTABLECIMIENTOS."contrato_".$contrato.".pdf"; $fileE = DATA_FORMULARIO_ESTABLECIMIENTOS_EXTERNAL."contrato_".$contrato.".pdf"; if (!file_exists($file)) solicitarArchivo($contrato, $fileE); elseif ((file_exists($file)) and (date("c") > date("c", filemtime($file) + 600))) { // Si el archivo existe y se creó hace mas de 10 minutos lo borro para que se genere de nuevo.. unlink($fileE); solicitarArchivo($contrato, $fileE); } set_time_limit(120); while (!file_exists($file)) // Queda loopeando hasta que se genere el archivo o salga por timeout.. sleep(2); logAccess($contrato, 1, gethostbyaddr($_SERVER['REMOTE_ADDR']), $_SERVER["REMOTE_ADDR"], 2); ?> <script type="text/javascript"> window.open('<?php echo getFile($file); ?> ', 'extranetWindow', 'location=0'); history.back(); </script> Abriendo archivo...
function generate_results($output) { global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser; $ip = $_SERVER['REMOTE_ADDR']; logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED"); echo ""; switch ($output) { case "full": echo vulnbreakdown(); echo hostsummary(); echo origdetails(); break; case "summary": echo "" . vulnbreakdown(); echo "" . hostsummary(); break; case "printable": $border = 0; echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . vulndetails(); break; case "min": $query_risk = "AND risk <= '3' "; echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . vulndetails(); break; case "optimized": echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . vulndetails(); break; default: echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . origdetails(); break; } echo ""; }
if ($i++ !== 0) { $k .= "::"; } $k .= urldecode($val); } if ($debug) { echo "Query: {$k}"; } $conn = DBConn(); $escapedK = $conn->real_escape_string($k); $sql = "select v from {$tname} where k='" . $escapedK . "'"; if ($debug) { echo $sql; } $result = $conn->query($sql); $rows = []; if ($result->num_rows > 0) { // output data of each row while ($row = $result->fetch_assoc()) { $rows[] = $row['v']; } } // JSON_PRETTY_PRINT| print json_encode($rows, JSON_UNESCAPED_UNICODE); logAccess($conn, $appname, $escapedK); $conn->close(); function logAccess($db, $type, $k) { $sql = "insert into log set type='" . $type . "', loc='" . $k . "'"; $db->query($sql); }
define('ERRORS', dirname(__FILE__) . '/errors'); // Default index file define('DIRECTORY_INDEX', 'index.php'); // Optional array of authorized client IPs for a bit of security $config['hostsAllowed'] = []; chdir(getcwd() . DIRECTORY_SEPARATOR . 'public'); function logAccess($status = 200) { file_put_contents('php://stdout', sprintf("[%s] %s:%s [%s]: %s\n", date('D M j H:i:s Y'), $_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_PORT'], $status, $_SERVER['REQUEST_URI'])); } // Parse allowed host list if (!empty($config['hostsAllowed'])) { if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) { logAccess(403); http_response_code(403); echo '403'; exit; } } // if requesting a directory then serve the default index $path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); $ext = pathinfo($path, PATHINFO_EXTENSION); if (empty($ext)) { $path = rtrim($path, '/') . '/' . DIRECTORY_INDEX; } // If the file exists then return false and let the server handle it if (file_exists(getcwd() . DIRECTORY_SEPARATOR . $path) && strstr($path, '.php') === false) { return false; } logAccess(); require_once getcwd() . DIRECTORY_SEPARATOR . 'index.php';
function rerun($job_id) { global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn; logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}"); $sql_access = ""; if (!$uroles['admin']) { $sql_access = "AND username='******'"; } $query = "SELECT id, name, fk_name, notify, job_TYPE, meth_SCHED, meth_TARGET, \n meth_CRED, meth_VSET, meth_Wcheck, meth_Wfile, \n\t\t meth_Ucheck, meth_TIMEOUT, scan_ASSIGNED, authorized\n FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}"; $result = $dbconn->execute($query); #list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields; $editdata = $result->fields; if ($editdata['id'] == $job_id) { main_page($job_id, "rerun"); } else { //logAccess( "INVALID JOBID $job_id" ); echo "<p><font color=red>INVALID JOB ID</font></p>"; } }
function rerun($job_id) { global $uroles, $editdata, $scheduler, $username, $useremail, $dbconn; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); logAccess("USER {$username} CHOSE TO RERUN SCAN {$job_id}"); $sql_access = ""; if (!$uroles['admin']) { $sql_access = "AND username='******'"; } $query = "SELECT * FROM vuln_jobs WHERE id = '{$job_id}' {$sql_access}"; $result = $dbconn->execute($query); #list( $sname, $notify_email, $job_type, $schedule_type, $timeout, $SVRid, $sid, $targetlist ) = $result->fields; $editdata = $result->fields; if ($editdata['id'] == $job_id) { main_page($job_id, "rerun"); } else { //logAccess( "INVALID JOBID $job_id" ); echo "<p><font color=red>INVALID JOB ID</font></p>"; } }
function updatedb($nessus_id, $fieldvalue, $dbconn, $type, $category) { if ($type == "C" and $fieldvalue == "") { $fieldvalue = "no"; } else { $fieldvalue = htmlspecialchars(mysql_escape_string(trim($fieldvalue)), ENT_QUOTES); } $sql = "select count(*) from vuln_nessus_preferences where nessus_id = \"{$nessus_id}\""; $result = $dbconn->execute($sql); list($existing) = $result->fields; if ($existing == 0) { # Do an insert statement logAccess("New default preference added - {$nessus_id}"); $sql = "insert vuln_nessus_preferences set nessus_id = \"{$nessus_id}\", value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\""; } else { $sql = "update vuln_nessus_preferences set value=\"{$fieldvalue}\", type=\"{$type}\", category=\"{$category}\" where nessus_id = \"{$nessus_id}\""; } $result = $dbconn->execute($sql); }
function generate_results($output) { global $user, $border, $report_id, $sid, $scantime, $scansubmit, $scantype, $fp, $nfp, $output, $filterip, $query_risk, $dbconn, $treport, $ipl, $key, $query_byuser, $arruser; if ($report_id != "") { $query = "SELECT sid FROM vuln_nessus_latest_reports WHERE 1=1" . ($report_id != "all" ? " AND report_id={$report_id}" : "") . " {$query_byuser}"; //echo $query; $result = $dbconn->execute($query); while (!$result->EOF) { list($sid) = $result->fields; $sids[] = $sid; $result->MoveNext(); } $sid = implode(",", $sids); } else { if ($scansubmit != "" && $treport != "latest") { $query = "SELECT r.report_id, r.sid FROM vuln_nessus_reports r,vuln_jobs j WHERE r.report_id=j.report_id AND j.scan_SUBMIT='{$scansubmit}'" . (in_array("admin", $arruser) ? "" : " AND r.username in ('{$user}') "); //print_r($arruser); $result = $dbconn->execute($query); while (!$result->EOF) { list($report_id, $sid) = $result->fields; $ids[] = $report_id; $result->MoveNext(); } $report_id = implode(",", $ids); } else { $query = "SELECT report_id, sid FROM " . ($treport == "latest" ? "vuln_nessus_latest_reports" : "vuln_nessus_reports") . " WHERE " . ($treport == "" ? "scantime='{$scantime}'" : "report_key={$key}") . "\n AND scantype='{$scantype}' {$query_byuser} LIMIT 1"; //echo $query; $result = $dbconn->execute($query); list($report_id, $sid) = $result->fields; } } //echo $query; //echo "sid=$sid<br>"; //echo "report_id=$report_id<br>"; $ip = $_SERVER['REMOTE_ADDR']; logAccess(strtoupper($output) . " HTML REPORT [ {$report_id} ] ACCESSED"); echo ""; //var_dump($output); switch ($output) { case "full": //echo "navbar-".navbar($output)."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"; //echo "reportsummary-".reportsummary()."\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"; echo "" . reportsummary(); //echo "".navbar($output); echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . origdetails(); break; case "detailed": echo "" . reportsummary(); //navbar ( $output ); #echo "". detailedresults(); break; case "summary": echo "" . reportsummary(); //navbar ( $output ); echo "" . vulnbreakdown(); echo "" . hostsummary(); break; case "printable": $border = 0; echo "" . reportsummary(); //navbar ( $output ); echo "" . vulnbreakdown(); #echo "". atrisksummary(); echo "" . hostsummary(); echo "" . vulndetails(); break; case "min": #$border=0; $query_risk = "AND risk <= '3' "; echo "" . reportsummary(); //navbar ( $output ); echo "" . vulnbreakdown(); #echo "". atrisksummary(); echo "" . hostsummary(); echo "" . vulndetails(); break; case "optimized": echo "" . reportsummary(); //navbar ( $output ); echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . vulndetails(); break; default: echo "" . reportsummary(); //navbar ( $output ); echo "" . vulnbreakdown(); echo "" . hostsummary(); echo "" . origdetails(); break; } echo ""; }
// Set timezone date_default_timezone_set("UTC"); // Directory that contains error pages define("ERRORS", dirname(__FILE__) . "/errors"); // Default index file $DIRECTORY_INDEX = array('index.php', 'index.htm', 'index.html'); // Optional array of authorized client IPs for a bit of security $config["hostsAllowed"] = array(); function logAccess($status = 200) { file_put_contents("php://stdout", sprintf("[%s] %s:%s [%s]: %s\n", date("D M j H:i:s Y"), $_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $status, $_SERVER["REQUEST_URI"])); } // Parse allowed host list if (!empty($config['hostsAllowed'])) { if (!in_array($_SERVER['REMOTE_ADDR'], $config['hostsAllowed'])) { logAccess(403); http_response_code(403); include ERRORS . '/403.php'; exit; } } // if requesting a directory then serve the default index $path = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); $ext = pathinfo($path, PATHINFO_EXTENSION); if (empty($ext)) { foreach ($DIRECTORY_INDEX as $index) { $temp_path = rtrim($path, "/") . "/" . $index; // If the file index exists then return false and let the server handle it if (file_exists($_SERVER["DOCUMENT_ROOT"] . $temp_path)) { return false; }