function plugin_activity($conn, $data)
{
$asset_id = $data['asset'];
ossim_valid($asset_id, OSS_HEX, 'illegal:' . _("ASSET"));
check_ossim_error();
$active_plugin = array();
$total_plugins = 0;
try {
$sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
$client = new Alienvault_client();
foreach ($sensors as $sensor_id => $s_data) {
$plugins = $client->sensor(Util::uuid_format($sensor_id))->get_plugins_by_assets();
$plugins = @json_decode($plugins, TRUE);
if ($plugins['status'] == 'success') {
if (array_key_exists($asset_id, $plugins['data']['plugins'])) {
$plugins = $plugins['data']['plugins'][$asset_id];
foreach ($plugins as $pdata) {
$active = Asset_host_devices::check_device_connectivity($conn, $asset_id, $pdata['plugin_id'], $sensor_id, TRUE);
if ($active) {
$row_id = md5($asset_id . $pdata['cpe'] . $sensor_id);
$active_plugin[$row_id] = TRUE;
}
$total_plugins++;
}
}
}
}
} catch (Exception $e) {
//nothing here
}
$response['error'] = FALSE;
$response['data']['plugins'] = $active_plugin;
$response['data']['total_p'] = $total_plugins;
return $response;
}
}
$levels = array("1" => "Serious:", "2" => "High:", "3" => "Medium:", "6" => "Low:", "7" => "Info:");
$db = new ossim_db();
$dbconn = $db->connect();
// select data for specified job_id
if (!($result = $dbconn->Execute(ossim_query("SELECT vj.report_id, vns.name as profile, vj.meth_VSET as profile_id, vj.name, vj.username, vj.fk_name, vj.scan_SUBMIT, vj.scan_START, vj.scan_END, TIMESTAMPDIFF(MINUTE, vj.scan_START, vj.scan_END) as duration, vj.meth_TARGET\n FROM vuln_jobs as vj, vuln_nessus_settings as vns WHERE vj.id={$job_id} and vj.meth_VSET=vns.id")))) {
echo $dbconn->ErrorMsg() . "\n";
$dbconn->close();
} else {
$report_id = $result->fields["report_id"];
$username = $result->fields["username"];
if (intval($report_id) != 0 || $message != "") {
$data = Session::get_user_info($dbconn, 'admin', TRUE);
// API Login to read email settings
//
$cc = new Alienvault_client();
$cc->auth()->login('admin', $data->get_pass());
$attachments = array();
$subject = _('Scan Job Notification: ') . $result->fields["name"];
$width = 115;
$body = '<html>
<head>
<title>' . $subject . '</title>
</head>
<body>' . '<table width="100%" cellspacing="0" cellpadding="0" style="border:0px;">' . '<tr><td colspan="2" style="text-decoration: underline;">' . _('Email scan summary') . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Scan Title:') . '</td><td>' . $result->fields["name"] . '</td></tr>' . '<tr><td width="' . $width . '">' . _('Profile:') . '</td><td>' . $result->fields["profile"] . '</td></tr>';
$body .= '<tr><td width="' . $width . '">' . _('Submit Date:') . '</td><td>SCAN_SUBMIT</td></tr>' . '<tr><td width="' . $width . '">' . _('Start Date:') . '</td><td>SCAN_START</td></tr>';
$body .= '<tr><td width="' . $width . '">' . _('Duration:') . '</td><td>' . (intval($result->fields["duration"]) == 0 ? "< 1 min" : $result->fields["duration"] . " mins") . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Launched By:') . '</td><td>' . ($result->fields["fk_name"] != "" ? $result->fields["fk_name"] : _("Unknown")) . '</td></tr>';
if (valid_hex32($username)) {
$visible_for = Acl::get_entity_name($dbconn, $username);
} else {
$visible_for = $username;
//Autologin in UI and AlienVault API
//Database connection
list($db, $conn) = Ossim_db::get_conn_db();
$db = new Ossim_db();
$conn = $db->connect();
$user_obj = Session::get_user_info($conn, $user, TRUE, FALSE);
$pass = $user_obj->get_pass();
$session = new Session($user, $pass, '');
$session->login(TRUE);
$db->close();
$is_disabled = $session->is_user_disabled();
if ($is_disabled == TRUE) {
$e_msg = _('Error! Scan cannot be completed: Scan owner is disabled');
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
$client = new Alienvault_client($user);
$client->auth()->login($user, $pass);
//Launching scan
$autodetect = $autodetect == 1 ? 'true' : 'false';
$rdns = $rdns == 1 ? 'true' : 'false';
$timing_template = empty($timing_template) ? 'T3' : $timing_template;
$scan_options = array('scan_type' => $scan_type, 'scan_timing' => $timing_template, 'autodetect_os' => $autodetect, 'reverse_dns' => $rdns, 'scan_ports' => $custom_ports, 'idm' => 'false');
$av_scan = new Av_scan($targets_p, $sensor, $scan_options);
$av_scan->run();
echo "Asset scan:\n";
echo "\tTargets: " . $av_scan->get_targets('scan_format') . "\n";
echo "\tSensor: " . $av_scan->get_sensor() . "\n";
echo "\tScan Options: \n";
$sc_options = $av_scan->get_scan_options();
foreach ($sc_options as $sc_type => $sc_value) {
echo "\t\t{$sc_type}: {$sc_value}\n";
if (POST('insert')) {
if ($data['status'] == 'error') {
$txt_error = "<div>" . _("We Found the following errors") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $data['data']) . "</div>";
$config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
}
if (!Session::hostAllowed_by_ip_ctx($conn, $ip, Session::get_default_ctx())) {
$db->close();
die(ossim_error(_("You don't have permission to create a new server with this IP Address")));
}
// Try to attach a new server
$client = new Alienvault_client();
$response = $client->system()->set_component($ip, $rpass);
$return = @json_decode($response, TRUE);
if (!$return || $return['status'] == 'error') {
$config_nt = array('content' => $return['message'], 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
} else {
$new_id = strtoupper(str_replace('-', '', $return['data']['server_id']));
if ($return['data']['hostname'] != '') {
$sname = $return['data']['hostname'];
}
}
<?php
if ($data['status'] == 'error') {
$txt_error = "<div>" . _("The following errors occurred") . ":</div>\n\t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $data['data']) . "</div>";
$config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
}
if (!Session::hostAllowed_by_ip_ctx($conn, $ip, Session::get_default_ctx())) {
$db->close();
die(ossim_error(_("You don't have permission to create a new server with this IP Address")));
}
// Try to attach a new server
$client = new Alienvault_client();
$response = $client->system()->set_component($ip, $password, 'password');
$return = @json_decode($response, TRUE);
if (!$return || $return['status'] == 'error') {
$config_nt = array('content' => $return['message'], 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form("POST", "newserverform.php");
$db->close();
exit;
} else {
$new_id = strtoupper(str_replace('-', '', $return['data']['server_id']));
if ($return['data']['hostname'] != '') {
$sname = $return['data']['hostname'];
} else {
$sname = 'USM-Server';
$conn = $db->connect();
switch ($action) {
case 'track_usage_information':
try {
//Validate Token
$token = POST('token');
if (Token::verify('tk_tui', $token) == FALSE) {
$t_error = Token::create_error_message();
Av_exception::throw_error(Av_exception::USER_ERROR, $t_error);
}
if (Session::am_i_admin()) {
$tui = intval(POST('tui'));
$tui_status = $tui > 0 ? 1 : 0;
$config = new Config();
$config->update('track_usage_information', $tui_status);
$client = new Alienvault_client();
$tui_status = $tui > 0 ? TRUE : FALSE;
$client->system()->set_telemetry($tui_status);
$data['status'] = 'success';
$data['data'] = _('Your changes have been saved');
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have the correct permissions to configure this option. Please contact system administrator with any questions'));
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
break;
}
$db->close();
echo json_encode($data);
$response['iTotalDisplayRecords'] = 0;
$response['aaData'] = array();
echo json_encode($response);
exit;
}
$db = new ossim_db();
$conn = $db->connect();
// Get plugins by asset using Alienvault API
$total = 0;
$data = array();
$plugins = array();
try {
$sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
//Show column 'Sensor' when there are two sensors or more
$num_sensors = count($sensors);
$client = new Alienvault_client();
foreach ($sensors as $sensor_id => $s_data) {
$plugins = $client->sensor(Util::uuid_format($sensor_id))->get_plugins_by_assets();
$plugins = @json_decode($plugins, TRUE);
if ($plugins['status'] == 'success') {
if (array_key_exists($asset_id, $plugins['data']['plugins'])) {
$plugins = $plugins['data']['plugins'][$asset_id];
foreach ($plugins as $plugin_name => $pdata) {
$total++;
if (!empty($search_str)) {
$aux_search_str = '/' . strtolower($search_str) . '/';
$aux_cpe = strtolower($pdata['cpe']);
if (!preg_match($aux_search_str, $aux_cpe)) {
continue;
}
}
function reconfig_system()
{
$uuid = Util::get_default_uuid();
$data['status'] = 'error';
$data['data'] = _('Error! It was not possible to apply the nfsen configuration.');
if ($uuid !== FALSE) {
//If we find a job id, then we try to retrieve the status of the job
$client = new Alienvault_client();
$response = $client->server()->nfsen_reconfig();
$response = @json_decode($response, TRUE);
//Comunication problem with the API. Error
if (!$response || $response['status'] == 'error') {
$exp_msg = $client->get_error_message($response);
$data['status'] = 'error';
$data['data'] = _('Error! Nfsen Reconfig was not executed due to an unexpected error.') . ' (' . $exp_msg . ')';
} else {
$data['status'] = 'success';
$data['data'] = '';
}
}
return $data;
}
if ($flag_status != 2) {
for ($i = 0; $i < POST('nconfs'); $i++) {
if (isset($_POST["conf_{$i}"]) && isset($_POST["value_{$i}"])) {
if ($pass_fields[POST("conf_{$i}")] == 1 && Util::is_fake_pass(POST("value_{$i}")) || POST("value_{$i}") == 'skip_this_config_value') {
continue;
} else {
$before_value = $ossim_conf->get_conf(POST("conf_{$i}"));
$config->update(POST("conf_{$i}"), POST("value_{$i}"));
if (POST("value_{$i}") != $before_value) {
Log_action::log(7, array("variable: " . POST("conf_{$i}")));
// Special cases
if (POST("conf_{$i}") == 'idm_user_login_timeout') {
$restart_server = 1;
}
if (POST("conf_{$i}") == 'track_usage_information') {
$client = new Alienvault_client();
$client->system()->set_telemetry(POST("value_{$i}") > 0 ? TRUE : FALSE);
}
}
}
}
}
}
// check valid pass length max
if (intval($pass_length_max) < intval($pass_length_min) || intval($pass_length_max) < 1 || intval($pass_length_max) > 255) {
$config->update('pass_length_max', 255);
} else {
$config->update('pass_length_max', intval($pass_length_max));
}
// check valid expire min - max
if ($pass_expire_max * 60 * 24 < $pass_expire_min) {
