/** * Set up the audit, reading from cached state if needed * Also handles the uploading of the scanner config * * @param stdClass $request The decrypted request */ public function __construct($request) { $this->_cleanUpStuff(); bfLog::log(_BF_SPEED); if (_BF_API_DEBUG === TRUE) { error_reporting(E_ALL); ini_set('display_errors', 1); } // Check that the permissions are set correctly before proceeding $this->_checkOurPerms(); // Connect to the database $this->initDb(); // init Joomla require 'bfInitJoomla.php'; /** * Should we abandon/clear the current audit and restart * If this is the first time we are running then also reset */ if (property_exists($request, 'forceRestart') && @$request->forceRestart || file_exists('./FIRSTRUN') && TRUE === _BF_CONFIG_RESET_STATE_ON_UPGRADE) { // reset the state $this->resetState(); } // remove the trigger for the first run if (file_exists('./FIRSTRUN')) { $SQLfiles = array(dirname(__FILE__) . '/tmp/large.sql', dirname(__FILE__) . '/tmp/large2.sql', dirname(__FILE__) . '/tmp/large2.sql', dirname(__FILE__) . '/tmp/large3.sql', dirname(__FILE__) . '/tmp/large4.sql', dirname(__FILE__) . '/tmp/speedup.sql'); foreach ($SQLfiles as $SQLfile) { if (file_exists($SQLfile)) { @unlink($SQLfile); } } @unlink('./FIRSTRUN'); } // If there is a non encrypted md5's file then import it to the db if (property_exists($request, 'NOTENCRYPTED') && array_key_exists('md5s', $request->NOTENCRYPTED)) { // clean up first $this->db->setQuery('TRUNCATE bf_core_hashes'); $this->db->query(); // get the data from the request $data = gzinflate(base64_decode($request->NOTENCRYPTED['md5s'])); $dataLines = explode("\n", $data); // Import the md5s to the database - easier to query a db than a // single file $sql = 'INSERT INTO bf_core_hashes (filewithpath, hash) VALUES '; $values = array(); foreach ($dataLines as $line) { $parts = explode("\t", $line); // Do it this way for speed, 1 query instead of 4000+ queries! $values[] = sprintf('("/%s", "%s")', $parts[0], $parts[1]); } // import now! $this->db->setQuery($sql . implode(' , ', $values)); $this->db->query(); // memory cleanup unset($parts); unset($dataLines); unset($data); } // get the base bfnetwork folder $base = dirname(__FILE__); // Save our patterns to a file if (property_exists($request, 'NOTENCRYPTED') && array_key_exists('pattern', $request->NOTENCRYPTED)) { bfLog::log('Saving audit pattern config'); $patterns = gzinflate(base64_decode($request->NOTENCRYPTED['pattern'])); if (FALSE === file_put_contents($base . '/tmp/tmp.pattern', $patterns)) { bfEncrypt::reply(bfReply::ERROR, 'Could not save audit patterns to ' . $base . '/tmp/tmp.pattern'); } } // save false positive hashes if (property_exists($request, 'NOTENCRYPTED') && array_key_exists('falsepositives', $request->NOTENCRYPTED)) { bfLog::log('Saving audit falsepositives config'); if (FALSE === file_put_contents($base . '/tmp/tmp.false', gzinflate(base64_decode($request->NOTENCRYPTED['falsepositives'])))) { bfEncrypt::reply(bfReply::ERROR, 'Could not save audit falsepositives to ' . $base . '/tmp/tmp.false'); } } // save false positive hashes if (property_exists($request, 'NOTENCRYPTED') && array_key_exists('config', $request->NOTENCRYPTED)) { // just in case if (!is_writable($base . '/bfConfig.php')) { @chmod($base . '/bfConfig.php', 0777); } // write config to file file_put_contents($base . '/bfConfig.php', gzinflate(base64_decode($request->NOTENCRYPTED['config']))); // reset permissions to be more secure @chmod($base . '/bfConfig.php', 0644); } // reset permissions - just to be sure! @chmod('tmp/', 0755); // remove all the request unset($request); bfLog::log('Waking the lab rats from their sleep...'); // Get the current status from the database $this->wakeUp(); // init the timer bfLog::log('Priming the lab rats with a timer...'); $this->_timer = bfTimer::getInstance(); // init the steps bfLog::log('Teaching the lab rats to dance...'); $this->_steps = new STEP($this->step); // belt and braces - check we have a step if (!$this->step) { $this->step = STEP::TESTCONNECTION; } }
/** * */ public static function truncate() { bflog::checkPermissions(); @unlink('tmp/log.tmp'); bfLog::log('Log file truncated'); // populate the config into the log bfLog::log('PHP Max Memory = ' . ini_get('memory_limit')); bfLog::log('PHP ini_setted Max Time = ' . ini_get('max_execution_time')); bfLog::log('PHP bfTimer Max Time = ' . bfTimer::getInstance()->getMaxTime()); }
echo '<br/><br/>Debug: We tried the validation with PHP methods: ' . $vMethod; echo '<br/><br/>Debug: env was ' . $APPLICATION_ENV; echo '<br/><br/>Debug: response was ' . print_r($validationResultHash, TRUE); die; } /* IF WE GET HERE THEN THE REQUEST IS VALIDATED AS GENUINE, BUT IS STILL ENCRYPTED */ // Require our config file require 'bfConfig.php'; // Require some logging require 'bfLog.php'; bfLog::init(); // Require special error handling require 'bfError.php'; // Require Timer - will init the logger too require 'bfTimer.php'; bfTimer::getInstance(); // Require decryption classes require 'Crypt/RSA.php'; require 'Crypt/RC4.php'; // Set up the decryption $rsa = new Crypt_RSA(); $rsa->loadKey(file_get_contents('Keys/private.key')); bfLog::log('RSA Key loaded'); // Just in case - crappy servers :-( global $dataObj; global $rc4_key; // Only handle two types of POST switch (@$_POST['METHOD']) { /** * If our method is encrpyted (99.9% of our traffic) then decrypted it */