// targets
foreach ($targets as $target) {
if (preg_match("/^!/", $target)) {
continue;
}
$unresolved = !preg_match("/\\d+\\.\\d+\\.\\d+\\.\\d+/", $target) && $not_resolve ? true : false;
if (preg_match("/\\//", $target)) {
// Net
$name = Net::get_name_by_ip($conn, $target);
$perm = Session::netAllowed($conn, $name);
$sensors = Net::get_related_sensors($conn, $name);
} else {
// Host
$name = $unresolved ? $target : Host::ip2hostname($conn, $target);
$perm = $unresolved ? true : Session::hostAllowed($conn, $name);
$sensors = Host::get_related_sensors($conn, $target);
}
if ($unresolved || Session::am_i_admin() && count($sensors) == 0 && $scan_server == "0") {
if ($unresolved) {
foreach ($all_sensors as $ip => $unused) {
$sensors[] = $ip;
}
} else {
$local_ip = `grep framework_ip /etc/ossim/ossim_setup.conf | cut -f 2 -d "="`;
$local_ip = trim($local_ip);
$result = $conn->Execute("SELECT name FROM vuln_nessus_servers WHERE hostname like '{$local_ip}'");
if ($result->fields["name"] != "") {
$sensors[] = $local_ip;
}
}
}
function get_values($conn, $host_types, $type, $name)
{
// r --> bad
// a --> medium
// v --> good
$RiskValue = 'b';
$VulnValue = 'b';
$AvailValue = 'b';
if (in_array($type, $host_types)) {
if ($type == "host") {
$what = "hostname";
}
$query = "select ip from {$type} where {$what} = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$name = $rs3->fields["ip"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// related sensor
$sensor = $name;
if ($type == "host") {
require_once 'classes/Host.inc';
$sensors = Host::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
} elseif ($type == "net") {
$query = "select ips from net where name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$ips = $rs3->fields["ips"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// related sensor
require_once 'classes/Net.inc';
$sensors = Net::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
} elseif ($type == "host_group") {
$query = "select host_ip from host_group_reference where host_group_name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$iphg = array();
while (!$rs3->EOF) {
$iphg[] = "'" . $rs3->fields["host_ip"] . "'";
$rs3->MoveNext();
}
$ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'";
if (count($iphg) == 0) {
$in_assets = 0;
}
}
// related sensor{
require_once 'classes/Host_group.inc';
$sensors = Host_group::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
$params = $type == "host_group" ? array() : array($name);
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_metric\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_metric\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_metric\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$r_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$RiskValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$RiskValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$RiskValue = 'v';
}
}
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_vulnerability\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_vulnerability\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_vulnerability\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$v_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$VulnValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$VulnValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$VulnValue = 'v';
}
}
if (in_array($type, $host_types)) {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"host_availability\"";
} elseif ($type == "host_group") {
$query = "select severity,member from bp_member_status where member in ({$ips}) and measure_type = \"host_availability\" order by severity desc limit 1";
} else {
$query = "select severity,member from bp_member_status where member = ? and measure_type = \"net_availability\"";
}
if (!($rs2 =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
$a_ip = $rs2->fields["member"];
if (intval($rs2->fields["severity"]) > 7) {
$AvailValue = 'r';
} elseif (intval($rs2->fields["severity"]) > 3) {
$AvailValue = 'a';
} elseif ($rs2->fields["severity"] != "") {
$AvailValue = 'v';
}
}
return array($RiskValue, $VulnValue, $AvailValue, $sensor, $r_ip, $v_ip);
}
function get_assets($conn, $name, $type, $host_types)
{
// in_assets first
$in_assets = is_in_assets($conn, $name, $type);
// Asset values
$ips = $name;
$what = "name";
if (in_array($type, $host_types)) {
if ($type == "host") {
$what = "hostname";
}
$query = "select ip from {$type} where {$what} = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$name = $rs3->fields["ip"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// Related sensor
$sensor = $name;
if ($type == "host") {
require_once 'classes/Host.inc';
$sensors = Host::get_related_sensors($conn, $name, false);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
} elseif ($type == "net") {
$query = "select ips from net where name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$ips = $rs3->fields["ips"];
if ($rs3->EOF) {
$in_assets = 0;
}
}
// related sensor
require_once 'classes/Net.inc';
$sensors = Net::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : "";
} elseif ($type == "host_group") {
$query = "select host_ip from host_group_reference where host_group_name = ?";
$params = array($name);
if ($rs3 =& $conn->Execute($query, $params)) {
$iphg = array();
while (!$rs3->EOF) {
$iphg[] = "'" . $rs3->fields["host_ip"] . "'";
$rs3->MoveNext();
}
$ips = count($iphg) > 0 ? implode(",", $iphg) : "'0.0.0.0'";
if (count($iphg) == 0) {
$in_assets = 0;
}
}
// related sensor{
require_once 'classes/Host_group.inc';
$sensors = Host_group::get_related_sensors($conn, $name);
$sensor = $sensors[0] != "" ? $sensors[0] : $name;
}
return array($name, $sensor, $type, $ips, $what, $in_assets);
}
