function check_ossim_error()
{
if (ossim_error()) {
$error = ossim_get_error();
ossim_clean_error();
Av_exception::throw_error(Av_exception::USER_ERROR, $error);
}
}
function get_pulse_detail_from_id($conn)
{
$type = POST('type');
$pulse = POST('pulse');
$id = POST('id');
ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type'));
ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse'));
ossim_valid($id, OSS_HEX, 'illegal:' . _('ID'));
if (ossim_error()) {
Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
}
if ($type == 'alarm') {
$pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE);
} elseif ($type == 'event') {
$pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE);
} elseif ($type == 'alarm_event') {
$pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE);
}
return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs']));
}
function make_sid_filter($conn, $ip)
{
$sids = array();
if (preg_match("/\\d+\\/\\d+/", $ip)) {
$aux = Cidr::expand_cidr($ip, 'SHORT', 'IP');
if ($aux[0] == 'I' && $aux[1] == 'P') {
$aux[0] = '0x0';
$aux[1] = '0x0';
} else {
$aux[0] = bin2hex(inet_pton($aux[0]));
$aux[1] = bin2hex(inet_pton($aux[1]));
}
$query = "SELECT d.id FROM alienvault_siem.device d, alienvault.sensor s \n\t\t WHERE d.sensor_id=s.id \n\t\t AND ( (s.ip >= UNHEX('" . $aux[0] . "') AND s.ip <= UNHEX('" . $aux[1] . "')) \n\t\t OR (d.device_ip>=UNHEX('" . $aux[0] . "') AND d.device_ip <= UNHEX('" . $aux[1] . "')) )";
} else {
$ip = bin2hex(@inet_pton($ip));
$query = "SELECT d.id FROM alienvault_siem.device d, alienvault.sensor s \n\t\t WHERE d.sensor_id = s.id AND ( s.ip = UNHEX('{$ip}') OR d.device_ip = UNHEX('{$ip}') )";
}
//echo $query;
if (!($rs =& $conn->Execute($query))) {
Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg());
}
while (!$rs->EOF) {
$sids[] = $rs->fields['id'];
$rs->MoveNext();
}
return implode(',', $sids);
}
function do_scan($wizard)
{
try {
$next_step = 1;
$data = array('finish' => FALSE);
//File to cache scan object
$user = Session::get_session_user();
$scan_file = 'w_last_asset_object-' . md5($user);
$step = intval($wizard->get_step_data('scan_step'));
if ($step == 0) {
@unlink($scan_file);
}
$obj = Av_scan::get_object_from_file($scan_file);
if (!is_object($obj) || empty($obj)) {
$nets = $wizard->get_step_data('scan_nets');
if (count($nets) < 1) {
$e_msg = _('Invalid networks selected to scan');
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
$nets = implode(' ', $nets);
$scan_options = array('scan_type' => 'fast', 'scan_timing' => 'T3', 'autodetect_os' => 'true', 'reverse_dns' => 'true', 'scan_ports' => '', 'idm' => 'false');
$obj = new Av_scan($nets, 'local', $scan_options);
$obj->run();
Av_scan::set_object_in_file($obj, $scan_file);
}
$aux_status = $obj->get_status();
$status = $aux_status['status']['code'];
$total = $aux_status['number_of_targets'];
switch ($status) {
case Av_scan::ST_SEARCH_FINISHED:
case Av_scan::ST_SCANNING_HOSTS:
case Av_scan::ST_SCAN_FINISHED:
$next_step = $total > 0 ? 2 : 3;
$wizard->set_step_data('scan_hosts', $total);
$data = array('finish' => TRUE);
break;
}
$wizard->set_step_data('scan_step', $next_step);
//error_log("Step: $step\n", 3, '/tmp/test_wizard');
//error_log("Next Step: $next_step\n", 3, '/tmp/test_wizard');
//error_log(var_export($aux_status, TRUE)."\n", 3, '/tmp/test_wizard');
$response['error'] = FALSE;
$response['data'] = $data;
$wizard->save_status();
} catch (Exception $e) {
//error_log("Error: ".$e->getMessage()."\n", 3, '/tmp/test_wizard');
$msg = _('Error! Asset scan cannot be completed. Please try again');
set_scan_error_message($wizard, $msg);
$response['error'] = TRUE;
}
return $response;
}
$sm_perms = array('EventsHids', 'EventsHidsConfig');
$sensor_id = POST('sensor_id');
$agent_id = POST('agent_id');
$agent_ip = POST('agent_ip');
if (Session::menu_perms($m_perms, $sm_perms)) {
try {
ossim_valid($agent_id, OSS_DIGIT, 'illegal:' . _('Agent ID'));
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if ($agent_ip != 'any') {
ossim_valid($agent_ip, OSS_IP_CIDR_0, 'illegal:' . _('Agent IP'));
}
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Sensor not allowed'));
}
$db->close();
}
$more_info = Ossec_agent::get_info($sensor_id, $agent_id);
$last_scan_dates = '';
if (Asset_host_ips::valid_ip($agent_ip)) {
$last_scan_dates = Ossec_agent::get_last_scans($sensor_id, $agent_ip);
}
if (is_array($more_info) && !empty($more_info)) {
$syscheck_date = empty($last_scan_dates['syscheck']) ? $more_info[7] : $last_scan_dates['syscheck'];
$rootcheck_date = empty($last_scan_dates['rootcheck']) ? $more_info[8] : $last_scan_dates['rootcheck'];
?>
<table class='t_agent_mi'>
<tr><td colspan='2' style='text-align: center;'><?php
echo _('Agent information');
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive();
if (!Session::am_i_admin()) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have permissions to see this section'));
}
$wizard = Welcome_wizard::get_instance();
if (!$wizard instanceof Welcome_wizard) {
Av_exception::throw_error(Av_exception::USER_ERROR, 'There was an unexpected error');
}
//Getting the scan step to know if we have a scan running
$step = intval($wizard->get_step_data('scan_step'));
//Selected nets
$nets_selected = $wizard->get_step_data('scan_nets');
$nets_selected = is_array($nets_selected) ? $nets_selected : array();
$n_ids = array_fill_keys(array_keys($nets_selected), 1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM"));
?>
</title>
session_write_close();
Session::logcheck('environment-menu', 'EventsHidsConfig');
$events_hids_config = Session::menu_perms('environment-menu', 'EventsHidsConfig');
try {
$db = new ossim_db();
$conn = $db->connect();
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if (!ossim_error()) {
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$e_msg = _('Error! Sensor not allowed');
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
} else {
$e_msg = ossim_get_error_clean();
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
$agents = Ossec_agent::get_list($sensor_id);
$data = array();
if (is_array($agents) && !empty($agents)) {
foreach ($agents as $agent_id => $a_data) {
if (empty($a_data)) {
continue;
}
$a_unique_id = md5($agent_id);
$agent_actions = Ossec_agent::get_actions($agent_id, $a_data);
if (!empty($a_data['host_id'])) {
$asset_name = Asset_host::get_name_by_id($conn, $a_data['host_id']);
} else {
$asset_name = '-';
}
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::useractive();
if (!Session::am_i_admin()) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have permissions to see this section'));
}
$wizard = Welcome_wizard::get_instance();
if (!$wizard instanceof Welcome_wizard) {
Av_exception::throw_error(Av_exception::USER_ERROR, "There was an error, the Welcome_wizard object doesn't exist");
}
//Getting the scan step to know if we have a scan running
$step = intval($wizard->get_step_data('scan_step'));
//Selected nets
$nets_selected = $wizard->get_step_data('scan_nets');
$nets_selected = is_array($nets_selected) ? $nets_selected : array();
$n_ids = array_fill_keys(array_keys($nets_selected), 1);
$paths = Asset::get_path_url(FALSE);
$iframe_url = $paths['network']['views'] . 'import_all_nets.php?import_type=welcome_wizard_nets';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _("AlienVault " . (Session::is_pro() ? "USM" : "OSSIM"));
function get_indicators_from_map($conn, $map)
{
Ossim_db::check_connection($conn);
$indicators = array();
$query = "SELECT * FROM risk_indicators WHERE map = UNHEX(?)";
$params = array($map);
$rs = $conn->Execute($query, $params);
if (!$rs) {
Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg());
}
while (!$rs->EOF) {
if (is_indicator_allowed($conn, $rs->fields['type'], $rs->fields['type_name'])) {
$id = $rs->fields['id'];
$indicators[$id] = format_indicator($conn, $rs->fields);
}
$rs->MoveNext();
}
return $indicators;
}
$only_unread = POST('only_unread') ? POST('only_unread') : '';
/**********************************
****** VALIDATE POST PARAMS ******
**********************************/
ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search String'));
ossim_valid($only_unread, OSS_LETTER, OSS_NULLABLE, 'illegal:' . _('Only Unread Param'));
/***************************
****** RESPONSE VARS ******
***************************/
// Response array
$response = array();
// Array to store data
$data = array();
try {
if (ossim_error()) {
Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
}
/**********************
****** FILTERS *******
**********************/
$filters = array();
if (!empty($search)) {
$filters['search'] = $search;
}
if (!empty($only_unread)) {
$filters['only_unread'] = 'true';
}
/**********************
****** GET DATA ******
**********************/
$status = new System_notifications();
$response['data']['components_added_msg'] = sprintf($msg, $num_components, $component_type);
break;
// Delete components
// Delete components
case 'delete_components':
$tag->remove_components_from_filter($conn);
$msg = _('Your label has been deleted from %d %s(s). You can view asset labels in the asset details');
$response['data']['components_deleted_msg'] = sprintf($msg, $num_components, $component_type);
break;
default:
Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid action - please try again'));
}
}
$response['status'] = 'OK';
$response['data']['id'] = $tag->get_id();
$response['data']['name'] = $tag->get_name();
$response['data']['class'] = $tag->get_class();
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Action can not be completed'));
}
} catch (\Exception $e) {
$error_msg = $e->getMessage();
if (empty($error_msg)) {
$error_msg = _('Sorry, operation was not completed due to an error when processing the request');
}
$response['status'] = 'error';
$response['data'] = $error_msg;
}
$db->close();
echo json_encode($response);
exit;
function restart_search($conn, $data)
{
$return['error'] = FALSE;
$return['msg'] = '';
$type = $data['type'];
ossim_valid($type, 'asset', 'group', 'network', 'illegal:' . _("List Type"));
if (ossim_error()) {
$error = ossim_get_error();
ossim_clean_error();
$return['error'] = TRUE;
$return['msg'] = $error;
return $return;
}
Filter_list::delete_filters_from_session();
try {
$object = 'Filter_' . $type . '_list';
if (!class_exists($object)) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid List Type'));
}
$filter_list = new $object($conn);
$filter_list->store_filter_list_session();
} catch (Exception $e) {
$return['error'] = TRUE;
$return['msg'] = $e->getMessage();
}
return $return;
}
***************************/
/***************************
****** Set suppressed *****
***************************/
case 'set_suppressed':
$status->set_status_message($status_message_id, array('suppressed' => 'true'));
$data['data'] = _('Notification marked as suppressed');
break;
/*******************************
****** Not allowed action *****
*******************************/
/*******************************
****** Not allowed action *****
*******************************/
default:
Av_exception::throw_error(Av_exception::USER_ERROR, _('This action could not be completed. Please try again.'));
}
$data['status'] = 'OK';
} catch (\Exception $e) {
/************************
****** Catch error *****
************************/
$error_msg = $e->getMessage();
if (empty($error_msg)) {
$error_msg = _('Sorry, operation was not completed due to an error when processing the request. Please try again.');
}
Util::response_bad_request($error_msg);
}
}
$db->close();
echo json_encode($data);
function save_member_selection($conn, $data)
{
$asset_id = $data['asset_id'];
$asset_type = $data['asset_type'];
$member_type = $data['member_type'];
$all = $data['all'];
$assets = $data['assets'];
$search = $data['search'];
ossim_valid($asset_id, OSS_HEX, 'illegal:' . _('Asset UUID'));
ossim_valid($asset_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type'));
ossim_valid($member_type, 'asset', 'network', 'group', 'illegal:' . _('Asset Type'));
ossim_valid($search, OSS_INPUT, OSS_NULLABLE, 'illegal:' . _('Search Filter'));
ossim_valid($assets, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Assets'));
ossim_valid($all, OSS_BINARY, 'illegal:' . _('Asset Selection'));
check_ossim_error();
if ($all) {
$total = Filter_list::save_members_from_asset($conn, $asset_id, $asset_type, $search);
} else {
$total = Filter_list::save_items($conn, $member_type, $assets);
}
if ($total < 1) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You need at least one asset to perform any action.'));
}
return $total;
}
ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: ' . _('Search String'));
ossim_valid($from, OSS_DIGIT, 'illegal: ' . _('Configuration Parameter 2'));
ossim_valid($sec, OSS_DIGIT, 'illegal: ' . _('Configuration Parameter 3'));
if (ossim_error()) {
$response['sEcho'] = intval($sec);
$response['iTotalRecords'] = 0;
$response['iTotalDisplayRecords'] = 0;
$response['aaData'] = array();
echo json_encode($response);
exit;
}
// Get object from session
$asset_object = unserialize($_SESSION['asset_detail'][$asset_id]);
$class_name = get_class($asset_object);
if (!is_object($asset_object)) {
Av_exception::throw_error(Av_exception::DB_ERROR, _('Error retrieving the asset data from Memory'));
}
$db = new ossim_db();
$conn = $db->connect();
$filters = array('where' => 'host_properties.property_ref <> 8', 'limit' => "{$from}, {$maxrows}");
if ($search_str != '') {
$search_str = escape_sql($search_str, $conn);
$filters['where'] .= ' AND host_properties.value LIKE "%' . $search_str . '%"';
}
// DATA
list($properties, $total) = $asset_object->get_properties($conn, $filters);
$data = array();
foreach ($properties as $_host_id => $prop_list) {
$_host_aux = Asset_host::get_object($conn, $_host_id);
$host = $_host_aux->get_name() . ' (' . $_host_aux->get_ips()->get_ips('string') . ')';
foreach ($prop_list as $prop_id => $prop_data) {
function delete_note($conn)
{
$validate = array('note_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Note ID')));
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Note could not be deleted'));
}
$note_id = POST('note_id');
$result = Notes::delete($conn, $note_id);
if ($result == TRUE) {
$data['msg'] = _('Note deleted successfully');
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Note could not be deleted'));
}
return $data;
}
ossim_valid($level, OSS_LETTER, ',', OSS_NULLABLE, 'illegal:' . _('Level Param'));
/***************************
****** RESPONSE VARS ******
***************************/
// Response array
$response = array();
// Array to store data
$data = array();
$total_messages = 0;
try {
// If validation errors throw new exception with error details
if (ossim_error()) {
Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean());
}
if (strlen($search_str) > 30) {
Av_exception::throw_error(Av_exception::USER_ERROR, 'Search string very long. Max length 30 characters');
}
/*********************
****** Filters ******
*********************/
/**
* Returns order_by string by column
*
* @param integer $order
*
* @return string
*/
$order_by = function ($order) {
switch ($order) {
case 0:
return 'creation_time';
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "ControlPanelAlarms");
$q = strtolower(GET("q"));
ossim_valid($q, OSS_TEXT, 'illegal:' . _("Query"));
// Empty results when error in validation
if (ossim_error()) {
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$q = escape_sql($q, $conn);
$sql = "SELECT DISTINCT sid, plugin_id, name FROM plugin_sid WHERE lower(name) LIKE '%{$q}%';";
if (!($rs = $conn->Execute($sql))) {
Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg());
} else {
while (!$rs->EOF) {
echo $rs->fields["plugin_id"] . "-" . $rs->fields["sid"] . "###" . $rs->fields["name"] . "\n";
$rs->MoveNext();
}
}
*/
require_once 'av_init.php';
Session::admin_logcheck_ajax();
session_write_close();
/*
* This function retrieves the OTX config information.
*
* @return array
*
*/
function get_otx_info()
{
$otx = new Otx();
$otx->load();
return array('token' => $otx->get_token(), 'username' => $otx->get_username(), 'user_id' => $otx->get_user_id(), 'contributing' => $otx->is_contributing(), 'key_version' => $otx->get_key_version(), 'latest_update' => $otx->get_latest_update());
}
//Checking the action to perform.
$action = POST('action');
$result = array();
try {
switch ($action) {
case 'info':
$result = get_otx_info();
break;
default:
Av_exception::throw_error(Av_exception::USER_ERROR, _('Invalid Action.'));
}
} catch (Exception $e) {
Util::response_bad_request($e->getMessage());
}
echo json_encode($result);
}
$asset_object = $class_name::get_object($conn, $asset_id);
if (array_key_exists($order, $orders_by_columns)) {
$order = $orders_by_columns[$order];
} else {
$order = "lr.risk";
}
// Property filter
$filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}");
if ($search_str != '') {
$search_str = escape_sql($search_str, $conn);
$filters['where'] = 'p.name LIKE "%' . $search_str . '%"';
}
list($vulns, $total) = $asset_object->get_vulnerabilities($conn, '', $filters);
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information'));
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
// DATA
$data = array();
foreach ($vulns as $_asset_id => $asset_vulns) {
$_host_aux = Asset_host::get_object($conn, $_asset_id);
foreach ($asset_vulns as $vuln) {
$_host = $class_name == 'asset_host' ? $vuln['ip'] : $_host_aux->get_name() . " (" . $_host_aux->get_ips()->get_ips('string') . ")";
$data[] = array(date("Y-m-d H:i:s", strtotime($vuln['date'])), $_host, $vuln['plugin'], $vuln['plugin_id'], $vuln['service'], Vulnerabilities::get_severity_by_risk($vuln['risk']));
}
}
$response['sEcho'] = $sec;
$conn = $db->connect();
switch ($action) {
case 'track_usage_information':
try {
//Validate Token
$token = POST('token');
if (Token::verify('tk_tui', $token) == FALSE) {
$t_error = Token::create_error_message();
Av_exception::throw_error(Av_exception::USER_ERROR, $t_error);
}
if (Session::am_i_admin()) {
$tui = intval(POST('tui'));
$tui_status = $tui > 0 ? 1 : 0;
$config = new Config();
$config->update('track_usage_information', $tui_status);
$client = new Alienvault_client();
$tui_status = $tui > 0 ? TRUE : FALSE;
$client->system()->set_telemetry($tui_status);
$data['status'] = 'success';
$data['data'] = _('Your changes have been saved');
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('You do not have the correct permissions to configure this option. Please contact system administrator with any questions'));
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
break;
}
$db->close();
echo json_encode($data);
if ($can_i_modify_ips == FALSE) {
$img_disabled = 'img_disabled';
}
} elseif (Asset_group::is_in_db($conn, $id)) {
$asset_object = Asset_group::get_object($conn, $id);
$asset_type = 'group';
$breadcrumb = array('section' => _('Groups'), 'current' => _('Group Details'));
try {
$asset_object->can_i_edit($conn);
} catch (Exception $e) {
$img_disabled = 'img_disabled';
$button_disabled = 'disabled';
$flag_restricted_group = TRUE;
}
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Asset not found in the system'));
}
// Save session object
$_SESSION['asset_detail'][$id] = serialize($asset_object);
// Get default system ip
$system_list = Av_center::get_avc_list($conn);
$system_ip = @$system_list['data'][strtolower(Util::get_system_uuid())]['admin_ip'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php
echo _('Asset Details');
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
function submit_scan($SVRid, $job_name, $ssh_credential, $smb_credential, $schedule_type, $not_resolve, $user, $entity, $targets, $scheduled_status, $hosts_alive, $sid, $send_email, $timeout, $scan_locally, $dayofweek, $dayofmonth, $ROYEAR, $ROMONTH, $ROday, $time_hour, $time_min, $time_interval, $sched_id, $biyear, $bimonth, $biday, $nthweekday, $tz, $daysMap)
{
$db = new ossim_db();
$dbconn = $db->connect();
$credentials = $ssh_credential . '|' . $smb_credential;
$username = valid_hex32($entity) ? $entity : $user;
if (empty($username)) {
$username = Session::get_session_user();
}
$btime_hour = $time_hour;
// save local time
$btime_min = $time_min;
$bbiyear = $biyear;
$bbimonth = $bimonth;
$bbiday = $biday;
if ($schedule_type == 'O') {
// date and time for run once
if (empty($ROYEAR)) {
$ROYEAR = gmdate('Y');
}
if (empty($ROMONTH)) {
$ROMONTH = gmdate('m');
}
if (empty($ROday)) {
$ROday = gmdate('d');
}
list($_y, $_m, $_d, $_h, $_u, $_s, $_time) = Util::get_utc_from_date($dbconn, "{$ROYEAR}-{$ROMONTH}-{$ROday} {$time_hour}:{$time_min}:00", $tz);
$ROYEAR = $_y;
$ROMONTH = $_m;
$ROday = $_d;
$time_hour = $_h;
$time_min = $_u;
} else {
if (in_array($schedule_type, array('D', 'W', 'M', 'NW'))) {
// date and time for Daily, Day of Week, Day of month, Nth weekday of month
list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, "{$biyear}-{$bimonth}-{$biday} {$time_hour}:{$time_min}:00", $tz);
$biyear = $b_y;
$bimonth = $b_m;
$biday = $b_d;
$time_hour = $b_h;
$time_min = $b_u;
}
}
$resolve_names = $not_resolve == '1' ? 0 : 1;
if ($schedule_type != 'N') {
// current datetime in UTC
$arrTime = explode(":", gmdate('Y:m:d:w:H:i:s'));
$year = $arrTime[0];
$mon = $arrTime[1];
$mday = $arrTime[2];
$wday = $arrTime[3];
$hour = $arrTime[4];
$min = $arrTime[5];
$sec = $arrTime[6];
$timenow = $hour . $min . $sec;
$run_wday = $daysMap[$dayofweek]['number'];
$run_time = sprintf('%02d%02d%02d', $time_hour, $time_min, '00');
$run_mday = $dayofmonth;
$time_value = "{$time_hour}:{$time_min}:00";
$ndays = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
$begin_in_seconds = Util::get_utc_unixtime("{$biyear}-{$bimonth}-{$biday} {$time_hour}:{$time_min}:00") - 3600 * $tz;
$current_in_seconds = gmdate('U');
// current datetime in UTC
if (strlen($bimonth) == 1) {
$bimonth = '0' . $bimonth;
}
if (strlen($biday) == 1) {
$biday = '0' . $biday;
}
}
switch ($schedule_type) {
case 'N':
$requested_run = gmdate('YmdHis');
break;
case 'O':
$requested_run = sprintf('%04d%02d%02d%06d', $ROYEAR, $ROMONTH, $ROday, $run_time);
break;
case 'D':
if ($begin_in_seconds > $current_in_seconds) {
$next_day = $biyear . $bimonth . $biday;
// selected date by user
} else {
if ($run_time > $timenow) {
$next_day = $year . $mon . $mday;
// today
} else {
$next_day = gmdate("Ymd", strtotime("+1 day GMT", gmdate("U")));
// next day
}
}
$requested_run = sprintf("%08d%06d", $next_day, $run_time);
break;
case 'W':
if ($begin_in_seconds > $current_in_seconds) {
// if it is a future date
$wday = date("w", mktime(0, 0, 0, $bimonth, $biday, $biyear));
// make week day for begin day
if ($run_wday == $wday) {
$next_day = $biyear . $bimonth . $biday;
// selected date by user
} else {
$next_day = gmdate("Ymd", strtotime("next " . $ndays[$run_wday] . " GMT", mktime(0, 0, 0, $bimonth, $biday, $biyear)));
}
} else {
if ($run_wday == $wday && $run_time > $timenow) {
$next_day = $year . $mon . $mday;
// today
} else {
$next_day = gmdate("Ymd", strtotime("next " . $ndays[$run_wday] . " GMT", gmdate("U")));
// next week
}
}
preg_match("/(\\d{4})(\\d{2})(\\d{2})/", $next_day, $found);
list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " {$btime_hour}:{$btime_min}:00", $tz);
$requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00");
break;
case 'M':
if ($begin_in_seconds > $current_in_seconds) {
// if it is a future date
if ($run_mday >= $biday) {
$next_day = $biyear . $bimonth . ($run_mday < 10 ? "0" : "") . $run_mday;
// this month
} else {
$next_day = sprintf("%06d%02d", gmdate("Ym", strtotime("next month GMT", mktime(0, 0, 0, $bimonth, $biday, $biyear))), $run_mday);
}
} else {
if ($run_mday > $mday || $run_mday == $mday && $run_time > $timenow) {
$next_day = $year . $mon . ($run_mday < 10 ? "0" : "") . $run_mday;
// this month
} else {
$next_day = sprintf("%06d%02d", gmdate("Ym", strtotime("next month GMT", gmdate("U"))), $run_mday);
}
}
preg_match("/(\\d{4})(\\d{2})(\\d{2})/", $next_day, $found);
list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " {$btime_hour}:{$btime_min}:00", $tz);
$requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00");
break;
case 'NW':
if ($begin_in_seconds > $current_in_seconds) {
// if it is a future date
$array_time = array('month' => $bbimonth, 'day' => $bbiday, 'year' => $bbiyear);
$requested_run = weekday_month(strtolower($daysMap[$dayofweek]['text']), $nthweekday, $btime_hour, $btime_min, $array_time);
} else {
$requested_run = weekday_month(strtolower($daysMap[$dayofweek]['text']), $nthweekday, $btime_hour, $btime_min);
}
preg_match("/(\\d{4})(\\d{2})(\\d{2})(\\d{2})(\\d{2})(\\d{2})/", $requested_run, $found);
list($b_y, $b_m, $b_d, $b_h, $b_u, $b_s, $b_time) = Util::get_utc_from_date($dbconn, $found[1] . "-" . $found[2] . "-" . $found[3] . " " . $found[4] . ":" . $found[5] . ":00", $tz);
$requested_run = sprintf("%04d%02d%02d%02d%02d%02d", $b_y, $b_m, $b_d, $b_h, $b_u, "00");
$dayofmonth = $nthweekday;
break;
default:
break;
}
$insert_time = gmdate('YmdHis');
if (!empty($_SESSION['_vuln_targets']) && count($_SESSION['_vuln_targets']) > 0) {
$sgr = array();
foreach ($_SESSION['_vuln_targets'] as $target_selected => $server_id) {
$sgr[$server_id][] = $target_selected;
}
ossim_clean_error();
unset($_SESSION['_vuln_targets']);
// clean scan targets
$resolve_names = $not_resolve == '1' ? 0 : 1;
$queries = array();
$bbimonth = strlen($bbimonth) == 1 ? '0' . $bbimonth : $bbimonth;
$bbiday = strlen($bbiday) == 1 ? '0' . $bbiday : $bbiday;
$qc = 0;
if ($schedule_type == 'N') {
foreach ($sgr as $notify_sensor => $target_list) {
$target_list = implode("\n", $target_list);
$params = array($job_name, $username, Session::get_session_user(), $schedule_type, $target_list, $hosts_alive, $sid, $send_email, $timeout, $SVRid, $insert_time, $requested_run, '3', 'S', $notify_sensor, $scan_locally, '', $resolve_names, $credentials);
$queries[$qc]['query'] = 'INSERT INTO vuln_jobs ( name, username, fk_name, meth_SCHED, meth_TARGET, meth_CRED,
meth_VSET, meth_Wfile, meth_TIMEOUT, scan_ASSIGNED,
scan_SUBMIT, scan_next, scan_PRIORITY, status, notify, authorized, author_uname, resolve_names, credentials )
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
$queries[$qc]['params'] = $params;
$qc++;
}
} else {
$params = array($bbiyear . $bbimonth . $bbiday, $job_name, $username, Session::get_session_user(), $schedule_type, $dayofweek, $dayofmonth, $time_value, implode("\n", $targets), $hosts_alive, $sid, $send_email, $scan_locally, $timeout, $requested_run, $insert_time, strval($scheduled_status), $resolve_names, $time_interval, '', $credentials, $SVRid);
$queries[$qc]['query'] = 'INSERT INTO vuln_job_schedule ( begin, name, username, fk_name, schedule_type, day_of_week, day_of_month, time, meth_TARGET, meth_CRED, meth_VSET, meth_Wfile, meth_Ucheck, meth_TIMEOUT, next_CHECK, createdate, enabled, resolve_names, time_interval, IP_ctx, credentials, email)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ';
$queries[$qc]['params'] = $params;
$qc++;
}
$execute_errors = array();
foreach ($queries as $id => $sql_data) {
$rs = $dbconn->execute($sql_data['query'], $sql_data['params']);
if ($rs === FALSE) {
$execute_errors[] = $dbconn->ErrorMsg();
}
}
if (empty($execute_errors) && $schedule_type != 'N') {
// We have to update the vuln_job_assets
if (intval($sched_id) == 0) {
$query = ossim_query('SELECT LAST_INSERT_ID() as sched_id');
$rs = $dbconn->Execute($query);
if (!$rs) {
Av_exception::throw_error(Av_exception::DB_ERROR, $dbconn->ErrorMsg());
} else {
$sched_id = $rs->fields['sched_id'];
}
}
Vulnerabilities::update_vuln_job_assets($dbconn, 'insert', $sched_id, 0);
}
$config_nt = array('content' => '', 'options' => array('type' => 'nf_success', 'cancel_button' => FALSE), 'style' => 'width: 40%; margin: 20px auto; text-align: center;');
$config_nt['content'] = empty($execute_errors) ? _('Successfully Submitted Job') : _('Error creating scan job:') . implode('<br>', $execute_errors);
$nt = new Notification('nt_1', $config_nt);
$nt->show();
$dbconn->close();
}
}
