function get_asset_info($conn, $asset_id) { $asset = Asset_host::get_object($conn, $asset_id); //Asset Type $asset_type = $asset->get_external() ? _('External') : _('Internal'); //Asset IPs $asset_ips = $asset->get_ips(); $ips = $asset_ips->get_ips(); //Asset Sensors $asset_sensors = $asset->get_sensors(); $sensors = $asset_sensors->get_sensors(); //Asset Nets $networks = $asset->get_nets($conn); //Asset Devices $asset_devices = $asset->get_devices(); $devices = array(); foreach ($asset_devices->get_devices() as $dt_id => $dt_data) { foreach ($dt_data as $dst_id => $d_name) { $device_id = $dt_id; $device_id .= $dst_id > 0 ? ': ' . $dst_id : ''; $devices[$device_id] = $d_name; } } $os_data = $asset->get_os(); $data = array('id' => $asset_id, 'hostname' => $asset->get_name(), 'ips' => $ips, 'descr' => html_entity_decode($asset->get_descr(), ENT_QUOTES, 'UTF-8'), 'asset_type' => $asset_type, 'fqdn' => $asset->get_fqdns(), 'asset_value' => $asset->get_asset_value(), 'icon' => base64_encode($asset->get_icon()), 'os' => $os_data['value'], 'model' => $asset->get_model(), 'sensors' => $sensors, 'networks' => $networks, 'devices' => $devices); return $data; }
function get_asset_groups($conn, $asset_id) { if (!Asset_host::is_allowed($conn, $asset_id)) { $error = _('Asset Not Allowed'); Util::response_bad_request($error); } try { $asset = Asset_host::get_object($conn, $asset_id); $num = $asset->get_num_group($conn); } catch (Exception $e) { $num = '-'; } return $num; }
// Property filter $filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}"); if ($search_str != '') { $search_str = escape_sql($search_str, $conn); $filters['where'] = 'p.name LIKE "%' . $search_str . '%"'; } list($vulns, $total) = $asset_object->get_vulnerabilities($conn, '', $filters); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information')); } } catch (Exception $e) { $db->close(); Util::response_bad_request($e->getMessage()); } // DATA $data = array(); foreach ($vulns as $_asset_id => $asset_vulns) { $_host_aux = Asset_host::get_object($conn, $_asset_id); foreach ($asset_vulns as $vuln) { $_host = $class_name == 'asset_host' ? $vuln['ip'] : $_host_aux->get_name() . " (" . $_host_aux->get_ips()->get_ips('string') . ")"; $data[] = array(date("Y-m-d H:i:s", strtotime($vuln['date'])), $_host, $vuln['plugin'], $vuln['plugin_id'], $vuln['service'], Vulnerabilities::get_severity_by_risk($vuln['risk'])); } } $response['sEcho'] = $sec; $response['iTotalRecords'] = $total; $response['iTotalDisplayRecords'] = $total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file dt_vulnerabilities.php */ /* Location: /av_asset/common/providers/dt_vulnerabilities.php */
<table align="center" class="noborder"> <tr> <th style="background-position:top center"><?php echo _("Destination"); ?> </th> <td class="left nobborder"> <select id="toselect" name="toselect[]" size="12" multiple="multiple" style="width:150px"> <?php if ($rule->to != "ANY" && $rule->to != "" && !preg_match("/\\:...\\_IP/", $rule->to)) { $pre_list = explode(",", $rule->to); foreach ($pre_list as $list_element) { // Asset ID: Resolve by name if (preg_match("/(\\!)?([0-9A-Fa-f\\-]{36})/", $list_element, $found)) { $uuid_aux = str_replace("-", "", strtoupper($found[2])); $h_obj = Asset_host::get_object($conn, $uuid_aux); if ($h_obj != null) { echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $h_obj->get_name() . " (" . $h_obj->get_ips()->get_ips('string') . ")</option>\n"; } else { $n_obj = Asset_net::get_object($conn, $uuid_aux); if ($n_obj != null) { echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $n_obj->get_name() . " (" . $n_obj->get_ips() . ")</option>\n"; } } // Another one (HOME_NET, 12.12.12.12...) } else { echo "<option value='{$list_element}'>{$list_element}</option>\n"; } } } ?>
} else { foreach ($list as $s_alarm) { $s_id = $s_alarm->get_plugin_id(); $s_sid = $s_alarm->get_plugin_sid(); $s_backlog_id = $s_alarm->get_backlog_id(); $s_event_id = $s_alarm->get_event_id(); $ctx = $s_alarm->get_ctx(); $s_src_ip = $s_alarm->get_src_ip(); $s_src_port = $s_alarm->get_src_port(); $s_dst_port = $s_alarm->get_dst_port(); $s_dst_ip = $s_alarm->get_dst_ip(); $s_status = $s_alarm->get_status(); $ctxs = $s_alarm->get_sensors(); $event_info = $s_alarm->get_event_info(); $src_host = Asset_host::get_object($conn, $event_info["src_host"]); $dst_host = Asset_host::get_object($conn, $event_info["dst_host"]); $s_net_id = $event_info["src_net"]; $d_net_id = $event_info["dst_net"]; $s_asset_src = $s_alarm->get_asset_src(); $s_asset_dst = $s_alarm->get_asset_dst(); // Src if ($no_resolv || !$src_host) { $s_src_name = $s_src_ip; $ctx_src = $ctx; } elseif ($src_host) { $s_src_name = $src_host->get_name(); $ctx_src = $src_host->get_ctx(); } // Src icon and bold $src_output = Asset_host::get_extended_name($conn, $geoloc, $s_src_ip, $ctx_src, $event_info["src_host"], $event_info["src_net"]); $homelan_src = $src_output['is_internal'];
Session::logcheck("analysis-menu", "ControlPanelAlarms"); $h_id = GET('id'); $h_ip = GET('ip'); $prefix = GET('prefix'); ossim_valid($h_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Asset ID")); ossim_valid($h_ip, OSS_IP_ADDR_0, OSS_NULLABLE, 'illegal:' . _("Ip")); ossim_valid($prefix, 'src', 'dst', 'illegal:' . _("Prefix")); if (ossim_error()) { die(ossim_error()); } $gloc = new Geolocation('/usr/share/geoip/GeoLiteCity.dat'); $data = $_SESSION['_alarm_stats'][$prefix]; /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); $h_obj = Asset_host::get_object($conn, $h_id, TRUE); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php echo gettext("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/> <link rel="stylesheet" type="text/css" href="/ossim/style/av_common.css?t=<?php echo Util::get_css_id(); ?>
$aux[] = '<a href="#" data-url="' . Menu::get_menu_url(AV_MAIN_PATH . '/av_asset/common/views/detail.php?asset_id=' . $nid, 'environment', 'assets', 'asset_groups') . '">' . Util::htmlentities($nname) . '</a>'; } if (empty($aux)) { $aux[] = $empty; } $dst_groups = implode(', ', $aux) . (count($aux) >= $limitc ? ' [...]' : ''); $dst_output = Asset_host::get_extended_name($_conn, $geoloc, $current_dip, $ctx, $myrow2["dst_host"], $myrow2["dst_net"]); $dip_aux = $dst_output['name']; $dst_img = $dst_output['html_icon']; $dst_loc = preg_match("/data-title\\s*=\\s*'([^\\d]+)'/", $dst_img, $matches) ? $dst_img . ' <a target="_blank" href="' . $gmaps_url . '">' . $matches[1] . '</a>' : ''; $ip_dst_data = (preg_match("/data-title\\s*=\\s*'\\d+/", $dst_img) ? $dst_img . ' ' : ' ') . ($myrow2['dst_host'] != '' ? '<A HREF="#" data-url="' . Menu::get_menu_url(AV_MAIN_PATH . '/av_asset/common/views/detail.php?asset_id=' . $myrow2['dst_host'], 'environment', 'assets', 'assets') . '">' : '<A HREF="#" data-url="' . AV_MAIN_PATH . '/forensics/base_stat_ipaddr.php?ip=' . $current_dip . '&netmask=32">') . $dip_aux . ($current_dip == $dip_aux ? '' : ' [' . $current_dip . ']'); $reptooltip_dst = getreptooltip($idm_data["rep_prio_dst"], $idm_data["rep_rel_dst"], $idm_data["rep_act_dst"], $current_dip); // Destination Map $dst_latitude = $dst_longitude = 0; if (valid_hex32($myrow2['dst_host'])) { if ($dst_obj = Asset_host::get_object($_conn, $myrow2['dst_host'])) { $coordinates = $dst_obj->get_location(); if (floatval($coordinates['lat']) != 0) { $dst_latitude = floatval($coordinates['lat']); } if (floatval($coordinates['lon']) != 0) { $dst_longitude = floatval($coordinates['lon']); } if (empty($dst_loc)) { $dst_location = Asset_host::get_extended_location($_conn, $geoloc, $current_dip, $myrow2['dst_host']); if ($dst_location['country']['code']) { $dst_loc = '<img src="../pixmaps/flags/' . $dst_location['country']['code'] . '.png"/> <a target="_blank" href="' . $gmaps_url . '">' . $dst_location['country']['name'] . '</a>'; } } } }
function scan2html($conn, $scan) { $count = 0; $text_hostname = "<div>" . _('A valid hostname satisfy the following rules (according RFC 1123)') . ":</div>\n <div>\n <ul>\n <li>" . _("A hostname can start or end with a letter or a number [a-zA-z0-9]") . "</li>\n <li>" . _("A hostname <strong>MUST NOT</strong> contain any '.' (dot)") . "</li>\n <li>" . _("A hostname <strong>MUST NOT</strong> start or end with a '-' (dash)") . "</li>\n <li>" . _("A hostname can be up to 63 characters") . "</li>\n </ul>\n </div>"; $text_fqdn = "<div>" . _('If FQDN contains any dot, only the first label will be used') . "</div>"; $text_mac = "<div>" . _('Place the pointer over the MAC address to show MAC vendor') . "</div>"; $text_services = "<div>" . _('Place the pointer over the service name to show more information') . "</div>"; $text_os = "<div>" . _('Place the pointer over the OS to show more information') . "</div>"; $html = ''; $s_ctx = $scan['sensor']['ctx']; foreach ($scan['scanned_ips'] as $ip => $host) { $w_msg = ''; $w_html = ''; $external_ctxs = Session::get_external_ctxs($conn); //Checking forwarded hosts if (empty($external_ctxs[$s_ctx])) { $can_i_modify_elem = TRUE; $md_check = "<input id='icheckbox" . $count . "' type='checkbox' checked='checked' class='mc' value='" . $ip . "' name='ip_" . $count . "'/>"; } else { $can_i_modify_elem = FALSE; $md_check = "<input id='icheckbox" . $count . "' type='checkbox' disabled='disabled' class='mc' name='ip_" . $count . "'/>"; } $host_name = $host['hostname']; $fqdn = $host['fqdn']; $ids = Asset_host::get_id_by_ips($conn, $ip, $s_ctx); $id = key($ids); //Host already exists if (!empty($id)) { $host_object = Asset_host::get_object($conn, $id); if (is_object($host_object) && !empty($host_object)) { $host_name = $host_object->get_name(); $h_fqdn = $host_object->get_fqdns(); $fqdn = !empty($fqdn) ? $fqdn : $h_fqdn; } } //FQDN if (!empty($fqdn)) { $fqdn_check = "<input id='fcheckbox" . $count . "' type='checkbox' class='fqdn' value='" . $ip . "' name='fqdn_" . $count . "'/>"; } else { $fqdn = '-'; $fqdn_check = "<input id='fcheckbox" . $count . "' type='checkbox' disabled='disabled' class='fqdn' value='" . $ip . "' name='fqdn_" . $count . "'/>"; } //Devices types $devices_types = count($host['device_types']) > 0 ? implode(', ', $host['device_types']) : '-'; //MAC $mac = !empty($host['mac']) != '' ? "<a class='more_info' title='" . $host['mac_vendor'] . "'>" . $host['mac'] . "</a>" : '-'; //Operating System $os = !empty($host['os']) != '' ? Properties::get_os_pixmap($host['os']) . ' ' . $host['os'] : '-'; //Services $services = array(); if (is_array($host['services'])) { foreach ($host['services'] as $port_and_proto => $s_data) { $service_name = $s_data['service'] != 'unknown' ? $s_data['service'] : $port_and_proto; $version = $s_data['version']; if (preg_match('/^cpe:\\/a/', $s_data['version'])) { $version = Software::get_info($conn, $s_data['version']); } $version = !empty($version) && !preg_match("/^cpe/", $version) ? $version : $s_data['service']; $title = $port_and_proto . " (" . $version . ')'; $html_data = "<a class='more_info' title='{$title}'>{$service_name}</a>"; $services[] = $html_data; } } $services = implode(', ', $services); if ($can_i_modify_elem == FALSE) { $w_msg = _('The properties of this asset can only be modified at the USM') . ": <strong>" . $external_ctxs[$s_ctx] . '</strong>'; } if (!empty($w_msg)) { $w_html = "<a class='more_info' title='" . $w_msg . "'>\n <img src='../pixmaps/warning.png' border='0'/>\n </a>"; } $html .= "\n <tr>\n <td class='td_chk_hosts'>" . $md_check . "</td>\n\n <td class='td_ip' id='ip" . $count . "'>{$w_html} " . $host['ip'] . "</td>\n\n <td class='td_hostname' id='hostname" . $count . "'>" . $host_name . "</td>\n\n <td class='td_fqdn' id='fqdn" . $count . "'>" . $fqdn . "</td>\n\n <td class='td_device_types' id='device_types" . $count . "'>" . ucwords($devices_types) . "</td>\n\n <td class='td_mac' id='mac" . $count . "'>" . $mac . "</td>\n\n <td class='td_os' id='os" . $count . "'>" . $os . "</td>\n\n <td class='td_services' id='services" . $count . "'>" . $services . "</td>\n\n <td class='td_chk_fqdns'>" . $fqdn_check . "</td>\n\n </tr>"; $count++; } ?> <form method="POST" action="scan_form.php" name="scan_form" id="scan_form"> <input type="hidden" name="ips" value='<?php echo $count; ?> '/> <div class='results_title'><?php echo _('Scan Results'); ?> </div> <table class='table_data' id='t_sresults'> <thead> </tr> <th class="th_chk_hosts"> <input type='checkbox' name='chk_all_hosts' id='chk_all_hosts' checked="checked" value="1"/> </th> <th class="th_ip"><?php echo _('Host'); ?> </th> <th class="th_hostname"><?php echo _('Hostname'); ?> <a class="more_info" title="<?php echo $text_hostname; ?> "> <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/> </a> </th> <th class="th_fqdn"><?php echo _('FQDN'); ?> </th> <th class="th_devices_types"><?php echo _('Device types'); ?> </th> <th class="th_mac"><?php echo _('Mac'); ?> <a class="more_info" title="<?php echo $text_mac; ?> "> <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/> </a> </th> <th class="th_os"><?php echo _('OS'); ?> <a class="more_info" title="<?php echo $text_os; ?> "> <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/> </a> </th> <th class="th_services"><?php echo _('Services'); ?> <a class="more_info" title="<?php echo $text_services; ?> "> <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/> </a> </th> <th class="th_chk_fqdns"> <input type='checkbox' name='chk_all_fqdns' id='chk_all_fqdns' value="1"/> <span><?php echo _('FQDN as Hostname'); ?> </span> <a class="more_info" title="<?php echo $text_fqdn; ?> "> <img src="../pixmaps/helptip_icon.gif" border="0" align="absmiddle"/> </a> </th> </tr> </thead> <tbody> <?php echo $html; ?> </tbody> </table> <div style='text-align:center; padding: 10px 0px;'> <input type="button" style='margin-left: 10px;' class="av_b_secondary" onclick="document.location.href='index.php?clearscan=1'" value='<?php echo _('Clear scan result'); ?> '/> <input type='submit' name='send' id='send' value="<?php echo _('Update database values'); ?> "/> </div> </form> <script type='text/javascript'> $(".more_info").tipTip({maxWidth: "auto"}); $("#chk_all_hosts").click(function(){ if ($(this).prop("checked")) { $(".mc:not(:disabled)").prop("checked", true); } else { $(".mc:not(:disabled)").prop("checked", false); } }); $(".mc:not(:disabled)").click(function(){ if($('.mc:checked').length == 0) { $("#chk_all_hosts").prop("checked", false); } }); if ($(".fqdn:not(:disabled)").length > 0) { $("#chk_all_fqdns").click(function(){ if ($(this).prop("checked")) { $(".fqdn:not(:disabled)").prop("checked", true); } else { $(".fqdn:not(:disabled)").prop("checked", false); } }); } else { $("#chk_all_fqdns").prop("disabled", true); } $(".mc:not(:disabled)").click(function(){ if($('.fqdn:checked').length == 0) { $("#chk_all_fqdns").prop("checked", false); } }); /*************************************************** *********************** Token ********************* ***************************************************/ Token.add_to_forms(); </script> <?php }
$host_id = GET('host_id'); ossim_valid($host_id, OSS_HEX, 'illegal:' . _('Host ID')); if (ossim_error()) { die(ossim_error()); } $conf = $GLOBALS['CONF']; $graph_link = $conf->get_conf('graph_link'); $image1 = "{$graph_link}?id={$host_id}&what=compromise&start=N-24h&end=N&type=host&zoom=1"; $image2 = "{$graph_link}?id={$host_id}&what=compromise&start=N-7D&end=N&type=host&zoom=1"; $image3 = "{$graph_link}?id={$host_id}&what=compromise&start=N-1M&end=N&type=host&zoom=1"; $image4 = "{$graph_link}?id={$host_id}&what=compromise&start=N-1Y&end=N&type=host&zoom=1"; /* Connect to DB */ $db = new ossim_db(); $conn = $db->connect(); /* Get thresholds */ $host = Asset_host::get_object($conn, $host_id); if (is_object($host) && !empty($host)) { $threshold_c = $host->get_threshold_c(); $threshold_a = $host->get_threshold_a(); } else { $threshold_c = $conf->get_conf('threshold'); $threshold_a = $conf->get_conf('threshold'); } /* Max C */ $list = Control_panel_host::get_list($conn, "WHERE id = '{$host_id}' ORDER BY time_range", 3); if (isset($list[0])) { $max_c['day'] = $list[0]->get_max_c(); $max_c_date['day'] = $list[0]->get_max_c_date(); } if (isset($list[1])) { $max_c['month'] = $list[1]->get_max_c();
$keyname = GET('keyname'); $nosize = GET('nosize') ? GET('nosize') : 0; ossim_valid($type, OSS_INPUT, 'Illegal:' . _("Link Type")); ossim_valid($keyname, OSS_HEX, 'Illegal:' . _("Keyname")); ossim_valid($nosize, OSS_DIGIT, OSS_NULLABE, 'Illegal:' . _("nosize parameter")); if (ossim_error()) { die(ossim_error()); } $db = new ossim_db(); $conn = $db->connect(); $repository_list = Repository::get_repository_linked($conn, $keyname, $type); $vars = array(); switch ($type) { case 'host': try { $host = Asset_host::get_object($conn, $keyname); } catch (Exception $e) { $host = NULL; } if (is_object($host)) { $vars['_HOST_NAME'] = $host->get_name(); $vars['_HOST_IP'] = $host->get_ips(); $vars['_HOST_FQDN'] = $host->get_fqdns(); $vars['_HOST_DESC'] = $host->get_descr(); } break; case 'net': try { $net = Asset_net::get_object($conn, $keyname); } catch (Exception $e) { $net = NULL;
} elseif (!empty($dst_ip)) { $where = "WHERE inet_ntoa(dst_ip) = '{$dst_ip}'"; } else { $where = ''; } //Datasource filter $plugin_id = ""; $plugin_sid = ""; if (!empty($ds_id)) { $ds = explode("-", $ds_id); $plugin_id = $ds[0]; $plugin_sid = $ds[1]; } // Asset filter if ($host_id != "") { if ($host_obj = Asset_host::get_object($conn, $host_id)) { $asset_filter = $host_obj->get_name(); } } if ($net_id != "") { if ($net_obj = Asset_net::get_object($conn, $net_id)) { $asset_filter = $net_obj->get_name(); } } if (!isset($_GET["hide_search"])) { ?> <form method="GET" id="queryform" name="filters"> <input type="hidden" name="tag" value="<?php echo $tag;
//Empty geo-data, try with Geoloc $country = $geoloc->get_country_by_host($conn, $ip); $flag = strtolower($country[0]); $location = $country[1]; if (!file_exists("/usr/share/ossim/www/pixmaps/flags/{$flag}.png")) { $location = _('Unknown'); $flag = ''; } } // HOME IP $vulns = -1; $_ctx = $ctx; $homelan = ''; $hostname = ''; $_net_id = preg_match('/src/', $prefix) ? $event_info['src_net'] : $event_info['dst_net']; $host_obj = Asset_host::get_object($conn, $uuid, TRUE); if (is_object($host_obj)) { $hostname = $host_obj->get_name(); $_ctx = $host_obj->get_ctx(); } $host_output = Asset_host::get_extended_name($conn, $geoloc, $ip, $_ctx, $uuid, $_net_id); $homelan = $host_output['is_internal'] ? 'bold' : ''; if ($homelan) { $location = '<strong>' . _('UNKNOWN') . '</strong>'; $vulns = Vulnerabilities::get_latest_vulns($conn, $ip); } $net = array_shift(Asset_host::get_closest_net($conn, $ip, $_ctx)); if (is_array($net) && !empty($net)) { $location = ''; if ($net['icon'] != '') { $location = "<img src='data:image/png;base64," . base64_encode($net['icon']) . "' border='0'> ";
ossim_valid($load_tab, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Tab')); if (ossim_error()) { die(ossim_error()); } // Database Object $db = new ossim_db(); $conn = $db->connect(); // ********** Select mode of details: Asset, Network, Asset Group *********** //This var is used for groups, when we dont have visibility for all the elements within the group $button_disabled = ''; $img_disabled = ''; $flag_restricted_group = FALSE; // Host if (Asset_host::is_in_db($conn, $id)) { if (Asset_host::is_allowed($conn, $id)) { $asset_object = Asset_host::get_object($conn, $id); $asset_type = 'host'; $breadcrumb = array('section' => _('Assets'), 'current' => _('Asset Details')); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Host not allowed')); } $can_i_modify_ips = Asset_host::can_i_modify_ips($conn, $id); if ($can_i_modify_ips == FALSE) { $img_disabled = 'img_disabled'; } } elseif (Asset_net::is_in_db($conn, $id)) { if (Asset_net::is_allowed($conn, $id)) { $asset_object = Asset_net::get_object($conn, $id); $asset_type = 'net'; $breadcrumb = array('section' => _('Networks'), 'current' => _('Network Details')); } else {