Пример #1
0
// targets
foreach ($targets as $target) {
    if (preg_match("/^!/", $target)) {
        continue;
    }
    $unresolved = !preg_match("/\\d+\\.\\d+\\.\\d+\\.\\d+/", $target) && $not_resolve ? true : false;
    if (preg_match("/\\//", $target)) {
        // Net
        $name = Net::get_name_by_ip($conn, $target);
        $perm = Session::netAllowed($conn, $name);
        $sensors = Net::get_related_sensors($conn, $name);
    } else {
        // Host
        $name = $unresolved ? $target : Host::ip2hostname($conn, $target);
        $perm = $unresolved ? true : Session::hostAllowed($conn, $name);
        $sensors = Host::get_related_sensors($conn, $target);
    }
    if ($unresolved || Session::am_i_admin() && count($sensors) == 0 && $scan_server == "0") {
        if ($unresolved) {
            foreach ($all_sensors as $ip => $unused) {
                $sensors[] = $ip;
            }
        } else {
            $local_ip = `grep framework_ip /etc/ossim/ossim_setup.conf | cut -f 2 -d "="`;
            $local_ip = trim($local_ip);
            $result = $conn->Execute("SELECT name FROM vuln_nessus_servers WHERE hostname like '{$local_ip}'");
            if ($result->fields["name"] != "") {
                $sensors[] = $local_ip;
            }
        }
    }
Пример #2
0
function get_values($conn, $host_types, $type, $name)
{
    // r --> bad
    // a --> medium
    // v --> good
    $RiskValue = 'b';
    $VulnValue = 'b';
    $AvailValue = 'b';
    if (in_array($type, $host_types)) {
        if ($type == "host") {
            $what = "hostname";
        }
        $query = "select ip from {$type} where {$what} = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $name = $rs3->fields["ip"];
            if ($rs3->EOF) {
                $in_assets = 0;
            }
        }
        // related sensor
        $sensor = $name;
        if ($type == "host") {
            require_once 'classes/Host.inc';
            $sensors = Host::get_related_sensors($conn, $name);
            $sensor = $sensors[0] != "" ? $sensors[0] : $name;
        }
    } elseif ($type == "net") {
        $query = "select ips from net where name = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $ips = $rs3->fields["ips"];
            if ($rs3->EOF) {
                $in_assets = 0;
            }
        }
        // related sensor
        require_once 'classes/Net.inc';
        $sensors = Net::get_related_sensors($conn, $name);
        $sensor = $sensors[0] != "" ? $sensors[0] : $name;
    } elseif ($type == "host_group") {
        $query = "select host_ip from host_group_reference where host_group_name = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $iphg = array();
            while (!$rs3->EOF) {
                $iphg[] = "'" . $rs3->fields["host_ip"] . "'";
                $rs3->MoveNext();
            }
            $ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'";
            if (count($iphg) == 0) {
                $in_assets = 0;
            }
        }
        // related sensor{
        require_once 'classes/Host_group.inc';
        $sensors = Host_group::get_related_sensors($conn, $name);
        $sensor = $sensors[0] != "" ? $sensors[0] : $name;
    }
    $params = $type == "host_group" ? array() : array($name);
    if (in_array($type, $host_types)) {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_metric\"";
    } elseif ($type == "host_group") {
        $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_metric\" order by severity desc limit 1";
    } else {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_metric\"";
    }
    if (!($rs2 =& $conn->Execute($query, $params))) {
        print $conn->ErrorMsg();
    } else {
        $r_ip = $rs2->fields["member"];
        if (intval($rs2->fields["severity"]) > 7) {
            $RiskValue = 'r';
        } elseif (intval($rs2->fields["severity"]) > 3) {
            $RiskValue = 'a';
        } elseif ($rs2->fields["severity"] != "") {
            $RiskValue = 'v';
        }
    }
    if (in_array($type, $host_types)) {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_vulnerability\"";
    } elseif ($type == "host_group") {
        $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_vulnerability\" order by severity desc limit 1";
    } else {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_vulnerability\"";
    }
    if (!($rs2 =& $conn->Execute($query, $params))) {
        print $conn->ErrorMsg();
    } else {
        $v_ip = $rs2->fields["member"];
        if (intval($rs2->fields["severity"]) > 7) {
            $VulnValue = 'r';
        } elseif (intval($rs2->fields["severity"]) > 3) {
            $VulnValue = 'a';
        } elseif ($rs2->fields["severity"] != "") {
            $VulnValue = 'v';
        }
    }
    if (in_array($type, $host_types)) {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_availability\"";
    } elseif ($type == "host_group") {
        $query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_availability\" order by severity desc limit 1";
    } else {
        $query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_availability\"";
    }
    if (!($rs2 =& $conn->Execute($query, $params))) {
        print $conn->ErrorMsg();
    } else {
        $a_ip = $rs2->fields["member"];
        if (intval($rs2->fields["severity"]) > 7) {
            $AvailValue = 'r';
        } elseif (intval($rs2->fields["severity"]) > 3) {
            $AvailValue = 'a';
        } elseif ($rs2->fields["severity"] != "") {
            $AvailValue = 'v';
        }
    }
    return array($RiskValue, $VulnValue, $AvailValue, $sensor, $r_ip, $v_ip);
}
Пример #3
0
function get_assets($conn, $name, $type, $host_types)
{
    // in_assets first
    $in_assets = is_in_assets($conn, $name, $type);
    // Asset values
    $ips = $name;
    $what = "name";
    if (in_array($type, $host_types)) {
        if ($type == "host") {
            $what = "hostname";
        }
        $query = "select ip from {$type} where {$what} = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $name = $rs3->fields["ip"];
            if ($rs3->EOF) {
                $in_assets = 0;
            }
        }
        // Related sensor
        $sensor = $name;
        if ($type == "host") {
            require_once 'classes/Host.inc';
            $sensors = Host::get_related_sensors($conn, $name, false);
            $sensor = $sensors[0] != "" ? $sensors[0] : $name;
        }
    } elseif ($type == "net") {
        $query = "select ips from net where name = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $ips = $rs3->fields["ips"];
            if ($rs3->EOF) {
                $in_assets = 0;
            }
        }
        // related sensor
        require_once 'classes/Net.inc';
        $sensors = Net::get_related_sensors($conn, $name);
        $sensor = $sensors[0] != "" ? $sensors[0] : "";
    } elseif ($type == "host_group") {
        $query = "select host_ip from host_group_reference where host_group_name = ?";
        $params = array($name);
        if ($rs3 =& $conn->Execute($query, $params)) {
            $iphg = array();
            while (!$rs3->EOF) {
                $iphg[] = "'" . $rs3->fields["host_ip"] . "'";
                $rs3->MoveNext();
            }
            $ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'";
            if (count($iphg) == 0) {
                $in_assets = 0;
            }
        }
        // related sensor{
        require_once 'classes/Host_group.inc';
        $sensors = Host_group::get_related_sensors($conn, $name);
        $sensor = $sensors[0] != "" ? $sensors[0] : $name;
    }
    return array($name, $sensor, $type, $ips, $what, $in_assets);
}