include 'functions/config.php';
require_once 'functions/functions.php';
if (!check_session()) {
header("Location: {$serviceurl}/?error=1");
exit;
}
$vm = addslashes($_GET['vm']);
$hypervisor = addslashes($_GET['hypervisor']);
if (empty($vm) || empty($hypervisor)) {
exit;
}
$h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'");
$v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'");
$source_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$v_reply['4']}'");
ssh_connect($h_reply[2] . ":" . $h_reply[3]);
$source_path = str_replace("\n", "", ssh_command("sudo virsh domblklist {$source_reply['0']}|grep vda| awk '{print \$2}' ", true));
$dest_path = str_replace("\n", "", ssh_command("sudo virsh domblklist {$v_reply['1']}|grep vda| awk '{print \$2}' ", true));
$filekey = uniqid();
add_SQL_line("UPDATE vms SET filecopy='{$filekey}' WHERE id='{$vm}'");
add_SQL_line("UPDATE vms SET maintenance='true' WHERE source_volume='{$vm}'");
#destroy all runing child vms
$child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'");
$x = 0;
while ($child_vms[$x]['name']) {
ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true);
++$x;
}
ssh_command("sudo /usr/local/VDI/copy-file {$source_path} {$dest_path} {$filekey}", false);
header("Location: {$serviceurl}/dashboard.php");
exit;
if ($action == "mass_on" || $action == "mass_off" || $action == "mass_destroy") {
$child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'");
$x = 0;
while ($child_vms[$x]['name']) {
if ($action == "mass_on") {
ssh_command("sudo virsh start " . $child_vms[$x]['name'], true);
}
if ($action == "mass_off") {
ssh_command("sudo virsh shutdown " . $child_vms[$x]['name'], true);
}
if ($action == "mass_destroy") {
ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true);
}
++$x;
}
}
if ($action == "single") {
$v_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$vm}'");
$state = addslashes($_GET['state']);
if ($state == "up") {
ssh_command("sudo virsh start " . $v_reply[0], true);
}
if ($state == "down") {
ssh_command("sudo virsh shutdown " . $v_reply[0], true);
}
if ($state == "destroy") {
ssh_command("sudo virsh destroy " . $v_reply[0], true);
}
}
header("Location: {$serviceurl}/reload_vm_info.php");
exit;
<?php
require_once 'functions/config.php';
require_once 'functions/functions.php';
if (!check_session()) {
header("Location: {$serviceurl}/?error=1");
exit;
}
$vm = addslashes($_GET['vm']);
$hypervisor = addslashes($_GET['hypervisor']);
if (empty($vm) || empty($hypervisor)) {
exit;
}
$h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'");
$v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'");
$filepath = $temp_folder . '/' . $v_reply[1] . ".ppm";
ssh_connect($h_reply[2] . ":" . $h_reply[3]);
ssh_command("sudo virsh screenshot " . $v_reply[1] . " " . $filepath, true);
$im = ssh_command("cat " . $filepath, true);
$image = new Imagick();
$image->readImageBlob($im);
$image->setImageFormat("png");
$image->scaleImage(865, 865, true);
header("Content-type: image/png");
echo $image->getImageBlob();
ssh_command("rm " . $filepath, true);
function reload_vm_info()
{
include 'config.php';
$x = 0;
while ($hypervizors[$x]) {
$tmp = explode(":", $hypervizors[$x]);
$ip = $tmp[0];
$port = $tmp[1];
$sql_reply = get_SQL_line("SELECT id FROM hypervisors WHERE ip='{$ip}'");
if (empty($sql_reply[0])) {
add_SQL_line("INSERT INTO hypervisors (ip,port) VALUES ('{$ip}','{$port}')");
} else {
add_SQL_line("UPDATE hypervisors SET ip='{$ip}', port='{$port}' WHERE id='{$sql_reply['0']}'");
}
$sql_reply = get_SQL_line("SELECT id FROM hypervisors WHERE ip='{$ip}'");
$hyper_id = $sql_reply[0];
ssh_connect($ip . ":" . $port);
$output = ssh_command("sudo virsh list --all |tail -n +3|head -n -1|awk '{print \$2" . '" "' . "\$3}'", true);
$vms = array();
$output = str_replace("\n", " ", $output);
$vms = explode(" ", $output);
$y = 0;
while ($vms[$y]) {
$sql_reply = get_SQL_line("SELECT id FROM vms WHERE name='{$vms[$y]}' AND hypervisor='{$hyper_id}'");
$state = $vms[$y + 1];
if (empty($sql_reply[0])) {
add_SQL_line("INSERT INTO vms (name,hypervisor,state) VALUES ('{$vms[$y]}','{$hyper_id}','{$state}')");
} else {
add_SQL_line("UPDATE vms SET name='{$vms[$y]}', hypervisor='{$hyper_id}', state='{$state}' WHERE id='{$sql_reply['0']}'");
}
$y = $y + 2;
}
++$x;
}
}
public function process_subnet()
{
// accept or process the output of the discover subnet script - nmap details
if (!isset($_POST['form_details'])) {
$this->load->view('v_process_subnet', $this->data);
} else {
$display = '';
if ($this->input->post('debug') and strpos($_SERVER['HTTP_ACCEPT'], 'html')) {
$display = 'y';
echo "<pre>\n";
echo "DEBUG - Starting process_subnet.\n";
echo "***********************************************************************************\n";
echo "* NOTE - THIS PAGE WILL CONTINUOUSLY RENDER UNTIL THE DISCOVERY HAS FINISHED *\n";
echo "* WATCH YOUR BROSWER TO SEE WHEN THE PAGE FINISHES RENDERING *\n";
echo "* DO NOT REFRESH THIS PAGE OR ATTEMPT TO GO 'back' UNTIL THE PAGE HAS COMPLETED *\n";
echo "***********************************************************************************\n";
}
$this->load->model('m_oa_user');
$this->load->model('m_scripts');
if (isset($this->session->userdata['user_id']) and is_numeric($this->session->userdata['user_id'])) {
$this->user = $this->m_oa_user->get_user_details($this->session->userdata['user_id']);
}
// all logging will be as below, only the message will change
$log_details = new stdClass();
$log_details->severity = 7;
$log_details->file = 'system';
$log_details->display = $display;
if (!$this->m_oa_config->check_blessed($_SERVER['REMOTE_ADDR'], '')) {
if ($display == 'y') {
$log_details->message = "Audit submission from an IP (" . $_SERVER['REMOTE_ADDR'] . ") not in the list of blessed subnets, exiting.";
echo "\n" . $log_details->message . "\n";
stdlog($log_details);
}
exit;
}
$this->load->helper('url');
$this->load->model('m_credentials');
if ($display == 'y') {
echo 'DEBUG - <a href=\'' . base_url() . "index.php/discovery/discover_subnet'>Back to input page</a>\n";
echo 'DEBUG - <a href=\'' . base_url() . "index.php'>Front Page</a>\n";
}
if (php_uname('s') != 'Windows NT') {
$filepath = $this->config->config['base_path'] . '/other';
} else {
$filepath = $this->config->config['base_path'] . '\\other';
}
$this->load->helper('xml');
$xml_input = $_POST['form_details'];
try {
$xml = new SimpleXMLElement($xml_input);
} catch (Exception $error) {
// not a valid XML string
$log_details->message = 'Invalid XML input for discovery from ' . $_SERVER['REMOTE_ADDR'];
stdlog($log_details);
exit;
}
$this->load->helper('url');
$this->load->library('encrypt');
$this->load->helper('ipmi');
if (extension_loaded('snmp')) {
$this->load->helper('snmp');
$this->load->helper('snmp_oid');
}
$this->load->model('m_system');
$this->load->model('m_oa_group');
$this->load->model('m_audit_log');
$this->load->model('m_change_log');
$this->load->model('m_devices_components');
$this->load->model('m_devices');
$timestamp = $this->config->config['timestamp'];
$count = 0;
foreach ($xml->children() as $details) {
$details = (object) $details;
if (isset($details->complete) and $details->complete == 'y') {
// delete the credential set
if ($display == 'y') {
echo "DEBUG - ----------------------------------------------------\n";
}
$this->echo_details($details);
sleep(5);
$log_details->message = 'Deleting credential set for ' . $details->subnet_range . ' submitted on ' . $details->subnet_timestamp;
stdlog($log_details);
$sql = '/* discovery::process_subnet */ DELETE FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' ';
$query = $this->db->query($sql);
} else {
$skip = false;
if (stripos(' ' . $this->config->config['discovery_ip_exclude'] . ' ', ' ' . $details->ip . ' ') !== false) {
# Our ip address matched an ip in the discovery_ip_exclude list - exit
$log_details->message = $details->ip . ' is in the list of excluded ip addresses - skipping.';
stdlog($log_details);
$skip = true;
}
if (!$skip) {
$log_details->message = 'Start processing ' . $details->ip;
stdlog($log_details);
$count++;
$details->last_seen = $timestamp;
$details->last_user = '';
$details->last_seen_by = 'nmap';
$details->domain = '';
$details->audits_ip = ip_address_to_db($_SERVER['REMOTE_ADDR']);
$details->hostname = '';
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, $display);
}
$details->id = '';
$details->id = $this->m_system->find_system($details);
$details->last_seen_user = '';
$details->network_address = '';
$details->limit = 1000000;
$details->count = 0;
$details->use_https = '';
// # 1.12.6
$credentials = array();
// If we find a device and we're in DEBUG, output a result line.
if ($display == 'y') {
if (!empty($details->id)) {
echo 'DEBUG - Device found with ID: <a href=\'' . base_url() . 'index.php/main/system_display/' . $details->id . '\'>' . $details->id . "</a>.\n";
}
}
// Device specific credentials
if (!empty($details->id)) {
$temp = $this->m_devices_components->read(intval($details->id), 'y', 'credential', '', '*');
if (count($temp) > 0) {
foreach ($temp as $credential) {
$credentials[] = $credential;
}
}
unset($temp);
}
// Credential Sets
$temp = $this->m_credentials->collection();
if (count($temp) > 0) {
$credentials = array_merge($credentials, $temp);
}
unset($temp);
// supplied credentials
$sql = '/* discovery::process_subnet */ SELECT temp_value FROM oa_temp WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\' ORDER BY temp_id DESC LIMIT 1';
$query = $this->db->query($sql);
$row = $query->row();
$supplied_credentials = @$row->temp_value;
$supplied = new stdClass();
if (isset($supplied_credentials) and $supplied_credentials > '') {
$supplied_credentials = $this->encrypt->decode($supplied_credentials);
$supplied_credentials = json_decode($supplied_credentials);
$details->last_seen_user = @$supplied_credentials->last_user;
$details->network_address = @$supplied_credentials->network_address;
$details->limit = (int) @$supplied_credentials->limit;
$details->count = (int) @$supplied_credentials->count;
$details->org_id = (int) @$supplied_credentials->org;
$details->location_id = (int) @$supplied_credentials->location;
$details->org_id = (int) @$supplied_credentials->org;
$details->location_id = (int) @$supplied_credentials->location;
$details->use_https = (string) @$supplied_credentials->use_https;
}
# TODO - replace the ugly code below
$creds = array();
foreach ($credentials as $credential) {
$creds[] = $credential->attributes;
}
unset($credentials);
$credentials = $creds;
unset($creds);
// default Open-AudIT credentials
// $default = $this->m_oa_config->get_credentials();
// unset($default);
if (intval($details->count) >= intval($details->limit)) {
# we have discovered the requested number of devcies
$log_details->message = 'Count from DB is higher than requested limit, exiting. Count: ' . $details->count . ' Limit: ' . $details->limit;
stdlog($log_details);
return;
}
if (empty($supplied_credentials)) {
$supplied_credentials = new stdClass();
}
if (empty($supplied_credentials->count)) {
$supplied_credentials->count = 0;
} else {
$supplied_credentials->count++;
}
$sql = '/* discovery::process_subnet */ UPDATE oa_temp SET temp_value = ? WHERE temp_name = \'Subnet Credentials - ' . $details->subnet_range . '\' and temp_timestamp = \'' . $details->subnet_timestamp . '\'';
$data_in = json_encode($supplied_credentials);
$data_in = $this->encrypt->encode($data_in);
$data = array("{$data_in}");
$query = $this->db->query($sql, $data);
$details->last_user = $details->last_seen_user;
$log_details->user = $details->last_seen_user;
// create the URL for use by the audit scripts
# use $_POST if supplied
if (isset($_POST['network_address']) and $_POST['network_address'] > '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $_POST['network_address'], base_url());
# use $details->network_address if stored in DB
} elseif (isset($details->network_address) and $details->network_address != '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $details->network_address, base_url());
# use the open-audit default config value
} elseif (isset($this->config->config['default_network_address']) and $this->config->config['default_network_address'] > '') {
$temp = explode('/', base_url());
$url = str_replace($temp[2], $this->config->config['default_network_address'], base_url());
# use the PHP function to guess as a last resort
} else {
$url = base_url();
}
unset($details->network_address);
if ($details->use_https == 'on') {
$url = str_ireplace('http://', 'https://', $url);
}
if (isset($supplied->snmp_community) and $supplied->snmp_community != '') {
$details->snmp_community = $supplied->snmp_community;
}
// output to log file and DEBUG the status of the three main services
$log_details->message = 'WMI Status is ' . $details->wmi_status . ' on ' . $details->ip;
stdlog($log_details);
// On OSX we cannot run Nmap and get a UDP port result for 161 as 'You requested a scan type which requires root privileges.' So just set the snmp_status to true and attempt to snmp_audit the target device
if (php_uname('s') == 'Darwin') {
$details->snmp_status = 'true';
$details->nmap_ports .= ',161/udp/snmp';
}
$log_details->message = 'SNMP Status is ' . $details->snmp_status . ' on ' . $details->ip;
stdlog($log_details);
$log_details->message = 'SSH Status is ' . $details->ssh_status . ' on ' . $details->ip;
stdlog($log_details);
// get rid of os_* as nmap only guesses
unset($details->os_group);
unset($details->os_family);
unset($details->os_name);
# IPMI audit
# TODO - make a ipmi_helper::ipmi_credentials function
// if (isset($this->config->config['discovery_use_ipmi']) and $this->config->config['discovery_use_ipmi'] == 'y') {
// $credentials_ipmi = new stdClass();
// $credentials_ipmi->type = 'ipmi';
// $credentials_ipmi->credentials = new stdClass();
// $credentials_ipmi->credentials->username = $this->config->config['default_ipmi_username'];
// $credentials_ipmi->credentials->password = $this->config->config['default_ipmi_username'];
// $credentials[] = $credentials_ipmi;
// $ipmi_details = ipmi_audit($details->ip, $credentials_ipmi, $display);
// if (!empty($ipmi_details)) {
// foreach ($ipmi_details as $key => $value) {
// if (!empty($value)) {
// $details->key = $value;
// }
// }
// }
// if ($details->serial) {
// $details->last_seen_by = 'ipmi';
// $details->audits_ip = '127.0.0.1';
// }
// }
// SNMP audit
if (!extension_loaded('snmp') and $details->snmp_status == 'true') {
$log_details->message = 'PHP extension not loaded, skipping SNMP data retrieval for ' . $details->ip;
stdlog($log_details);
}
if (extension_loaded('snmp') and $details->snmp_status == 'true') {
$log_details->message = 'Testing SNMP credentials for ' . $details->ip;
stdlog($log_details);
$credentials_snmp = snmp_credentials($details->ip, $credentials, $display);
} else {
$credentials_snmp = false;
}
if ($credentials_snmp) {
$temp_array = snmp_audit($details->ip, $credentials_snmp, $display);
if (!empty($temp_array['details'])) {
foreach ($temp_array['details'] as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
$details->last_seen_by = 'snmp';
$details->audits_ip = '127.0.0.1';
}
if (!empty($temp_array['interfaces'])) {
$network_interfaces = $temp_array['interfaces'];
}
if (!empty($temp_array['modules'])) {
$modules = $temp_array['modules'];
}
if (!empty($temp_array['ip'])) {
$ip = $temp_array['ip'];
}
if (!empty($temp_array['guests'])) {
$guests = $temp_array['guests'];
}
}
// new for 1.8.4 - if we have a non-computer, do not attempt to connect using SSH
if ($details->type != 'computer' and $details->type != '' and $details->type != 'unknown' and $details->os_family != 'DD-WRT' and stripos($details->sysDescr, 'dd-wrt') === false) {
$log_details->message = 'Not a computer and not a DD-WRT device, setting SSH status to false for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$details->ssh_status = 'false';
}
# test for working SSH credentials
if ($details->ssh_status == 'true') {
$log_details->message = 'Testing SSH credentials for ' . $details->ip;
stdlog($log_details);
$credentials_ssh = ssh_credentials($details->ip, $credentials, $display);
} else {
$credentials_ssh = false;
}
# run SSH audit commands
if ($details->ssh_status == 'true' and $credentials_ssh) {
$ssh_details = ssh_audit($details->ip, $credentials_ssh, $display);
if (!empty($ssh_details)) {
$details->last_seen_by = 'ssh';
$details->audits_ip = '127.0.0.1';
foreach ($ssh_details as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
}
}
// test for working Windows credentials
if ($details->wmi_status == 'true') {
$log_details->message = 'Testing Windows credentials for ' . $details->ip;
stdlog($log_details);
$credentials_windows = windows_credentials($details->ip, $credentials, $display);
} else {
$credentials_windows = false;
}
# run Windows audit commands
if ($details->wmi_status == 'true' and $credentials_windows) {
$windows_details = wmi_audit($details->ip, $credentials_windows, $display);
if (!empty($windows_details)) {
$details->last_seen_by = 'windows';
$details->audits_ip = '127.0.0.1';
foreach ($windows_details as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
}
}
# in the case where port 5060 is detected and we have no other information, assign type 'voip phone'
if (empty($details->type) and empty($details->snmp_oid) and empty($details->uuid) and stripos($details->nmap_result, '5060/') !== false) {
$details->type = 'voip phone';
}
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, $display);
}
$details->id = $this->m_system->find_system($details, $display);
if ($display == 'y') {
$details->show_output = true;
echo "=======DETAILS======\n";
foreach ($details as $key => $value) {
echo "DEBUG - " . $key . ": " . (string) $value . "\n";
}
echo "====================\n";
ob_flush();
flush();
}
// insert or update the device
if (isset($details->id) and $details->id != '') {
// we have a system id - UPDATE
$log_details->message = strtoupper($details->last_seen_by) . " update for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$details->original_last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->original_last_seen_by = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen_by');
$this->m_system->update_system($details, $display);
} else {
// we have a new system - INSERT
$log_details->message = strtoupper($details->last_seen_by) . " insert for {$details->ip}";
stdlog($log_details);
$details->id = $this->m_system->insert_system($details, $display);
}
// grab some timestamps
$details->last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->first_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'first_seen');
// Insert an audit log
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($details->id, $temp_user, $details->last_seen_by, $details->audits_ip, '', '', $details->last_seen);
unset($temp_user);
// Update the groups
if ($this->config->config['discovery_update_groups'] == 'y') {
$this->m_oa_group->update_system_groups($details);
}
// update any network interfaces and ip addresses retrieved by SNMP
if (isset($network_interfaces) and is_array($network_interfaces) and count($network_interfaces) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $network_interfaces;
$this->m_devices_components->process_component('network', $details, $input, $display);
}
// insert any ip addresses
if (isset($ip->item) and count($ip->item) > 0) {
$this->m_devices_components->process_component('ip', $details, $ip, $display);
}
// finish off with updating any network IPs that don't have a matching interface
$this->m_devices_components->update_missing_interfaces($details->id);
// insert any modules
if (isset($modules) and count($modules) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $modules;
$this->m_devices_components->process_component('module', $details, $input, $display);
}
// insert any found virtual machines
if (isset($guests) and is_array($guests) and count($guests) > 0) {
$vm = new stdClass();
$vm->item = array();
$vm->item = $guests;
$this->m_devices_components->process_component('vm', $details, $vm, $display);
}
if (!empty($credentials_snmp) and $details->snmp_status == 'true') {
$log_details->message = 'SNMP credential update for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_snmp);
}
if (!empty($credentials_ssh) and $details->ssh_status == 'true') {
$log_details->message = 'SSH credential update for ' . $details->ip . ' (System ID ' . $details->id . ')';
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_ssh);
}
if (isset($credentials_windows) and $details->wmi_status == 'true') {
$log_details->message = "Windows credential update for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$this->m_devices->sub_resource_create($details->id, 'credential', $credentials_windows);
}
// $details->id is now set
if ($display == 'y') {
echo "DEBUG - System ID <a href='" . base_url() . "index.php/devices/" . $details->id . "'>" . $details->id . "</a>\n";
}
// process and store the Nmap result
$nmap_result = array();
foreach (explode(',', $details->nmap_ports) as $port) {
$temp = explode('/', $port);
$nmap_item = new stdClass();
$nmap_item->ip = (string) $details->ip;
$nmap_item->port = $temp[0];
$nmap_item->protocol = $temp[1];
$nmap_item->program = $temp[2];
if ($nmap_item->port != '') {
$nmap_result[] = $nmap_item;
}
unset($nmap_item);
unset($temp);
}
if (count($nmap_result) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $nmap_result;
$this->m_devices_components->process_component('nmap', $details, $input, $display);
}
// insert a blank to indicate we're finished this part of the discovery
// if required, the audit scripts will insert their own audit logs
$this->m_audit_log->update('debug', '', $details->id, $details->last_seen);
# Audit Windows
if ($details->wmi_status == "true" and $credentials_windows) {
$log_details->message = "Starting windows audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$share = '\\admin$';
$destination = 'audit_windows.vbs';
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
$sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = 'audit_windows.vbs' AND `based_on` = 'audit_windows.vbs' ORDER BY `id` LIMIT 1";
$query = $this->db->query($sql);
$result = $query->result();
if (!empty($result[0])) {
$script_details = $result[0];
# Just ensure we delete any audit scripts that might exist.
# Shouldn't be required because we're creating based on the timestamp
# Then open the file for writing
$ts = date('y_m_d_H_i_s');
if (php_uname('s') == 'Windows NT') {
$source_name = 'scripts\\audit_windows_' . $ts . '.vbs';
@unlink($this->config->config['base_path'] . '\\other\\' . $source_name);
try {
$fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
} else {
$source_name = 'scripts/audit_windows_' . $ts . '.vbs';
@unlink($this->config->config['base_path'] . '/other/' . $source_name);
try {
$fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
}
$script = $this->m_scripts->download($script_details->id);
fwrite($fp, $script);
fclose($fp);
} else {
$source_name = 'audit_windows.vbs';
}
if (php_uname('s') != 'Windows NT') {
$source = $this->config->config['base_path'] . '/other/' . $source_name;
$command = "cscript c:\\windows\\audit_windows.vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " last_seen_by=audit_wmi";
if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) {
if (execute_windows($details->ip, $credentials_windows, $command, $display)) {
# All complete!
} else {
# run audit script failed
}
} else {
# copy audit script to Windows failed
}
if ($source_name != 'audit_windows.vbs') {
unlink($this->config->config['base_path'] . '/other/' . $source_name);
}
} else {
#if (strtolower($_SERVER['USERPROFILE']) == 'c:\windows\system32\config\systemprofile') {
if (exec('whoami') == 'nt authority\\system') {
# We're running on the LocalSystem account.
# We cannot copy the audit script to the target and then run it,
# We _must_ run the script locally and use $details->ip as the script target
# We will loose the ability to retrieve certain items like files, netstat, tasks, etc
$log_details->message = "Windows audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
$username = $credentials_windows->credentials->username;
$temp = explode('@', $username);
$username = $temp[0];
if (count($temp) > 1) {
$domain = $temp[1] . '\\';
} else {
$domain = '';
}
unset($temp);
if ($display == 'y') {
$script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=3 system_id=" . $details->id . " last_seen_by=audit_wmi";
$command_string = "%comspec% /c start /b cscript //nologo " . $script_string;
exec($command_string, $output, $return_var);
$command_string = str_replace($credentials_windows->credentials->password, '******', $command_string);
echo 'DEBUG - Command Executed: ' . $command_string . "\n";
echo 'DEBUG - Return Value: ' . $return_var . "\n";
echo "DEBUG - Command Output:\n";
print_r($output);
if ($return_var != '0') {
$error = "Attempt to run audit_windows.vbs on {$details->ip} has failed";
$log_details->message = $error;
stdlog($log_details);
} else {
$log_details->message = "Attempt to run audit_windows.vbs on {$details->ip} has succeeded";
stdlog($log_details);
}
$output = null;
$return_var = null;
} else {
$script_string = "{$filepath}\\" . $source_name . " strcomputer=" . $details->ip . " submit_online=y create_file=n struser="******" strpass="******" url=" . $url . "index.php/system/add_system debugging=0 system_id=" . $details->id . " last_seen_by=audit_wmi";
$command_string = "%comspec% /c start /b cscript //nologo " . $script_string . " &";
pclose(popen($command_string, "r"));
}
$command_string = null;
if ($source_name != 'audit_windows.vbs') {
unlink($this->config->config['base_path'] . '/other/' . $source_name);
}
} else {
# We are running as something other than the LocalSystem account.
# Therefore we _should_ be able to copy the audit script to tthe target and start it there
# and therefore retrieve ALL information
$source = $this->config->config['base_path'] . '\\other\\' . $source_name;
rename($source, 'c:\\windows\\audit_windows_' . $ts . '.vbs');
$source = 'audit_windows_' . $ts . '.vbs';
$command = "cscript \\\\" . $details->ip . "\\admin\$\\audit_windows_" . $ts . ".vbs submit_online=y create_file=n strcomputer=. url=" . $url . "index.php/system/add_system debugging=" . $debugging . " system_id=" . $details->id . " self_delete=y last_seen_by=audit_wmi";
if (copy_to_windows($details->ip, $credentials_windows, $share, $source, $destination, $display)) {
if (execute_windows($details->ip, $credentials_windows, $command, $display)) {
# All complete!
} else {
# run audit script failed
}
} else {
# copy audit script to Windows failed
}
if ($source_name != 'audit_windows.vbs') {
unlink('c:\\windows\\audit_windows_' . $ts . '.vbs');
}
}
}
}
# Audit SSH
if ($details->ssh_status == "true" and $details->os_family != 'DD-WRT' and $credentials_ssh) {
$log_details->message = "Starting ssh audit for {$details->ip} (System ID {$details->id})";
stdlog($log_details);
// $command = 'uname';
// $ssh_result = ssh_command($details->ip, $credentials_ssh, $command, $display);
// if ($ssh_result['status'] == 0) {
// $remote_os = $ssh_result['output'][0];
// }
// switch (strtolower($remote_os)) {
switch (strtolower($details->os_group)) {
case 'aix':
$audit_script = 'audit_aix.sh';
break;
case 'vmkernel':
$audit_script = 'audit_esxi.sh';
break;
case 'linux':
$audit_script = 'audit_linux.sh';
break;
case 'darwin':
$audit_script = 'audit_osx.sh';
break;
case 'windows':
$audit_script = '';
break;
default:
$audit_script = '';
break;
}
$destination = $audit_script;
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
$sql = "/* discovery::process_subnet */ SELECT * FROM `scripts` WHERE `name` = '{$audit_script}' AND `based_on` = '{$audit_script}' ORDER BY `id` LIMIT 1";
$query = $this->db->query($sql);
$result = $query->result();
if (!empty($result[0])) {
$script_details = $result[0];
# Just ensure we delete any audit scripts that might exist.
# Shouldn't be required because we're creating based on the timestamp
# Then open the file for writing
$ts = date('y_m_d_H_i_s');
if (php_uname('s') == 'Windows NT') {
$source_name = 'scripts\\' . str_replace('.sh', '_' . $ts . '.sh', $audit_script);
$unlink = $this->config->config['base_path'] . '\\other\\' . $source_name;
@unlink($unlink);
$fp = fopen($this->config->config['base_path'] . '\\other\\' . $source_name, 'w');
} else {
$source_name = 'scripts/' . str_replace('.sh', '_' . $ts . '.sh', $audit_script);
$unlink = $this->config->config['base_path'] . '/other/' . $source_name;
@unlink($unlink);
try {
$fp = fopen($this->config->config['base_path'] . '/other/' . $source_name, 'w');
} catch (Exception $e) {
print_r($e);
}
}
$script = $this->m_scripts->download($script_details->id);
fwrite($fp, $script);
fclose($fp);
} else {
$unlink = '';
$source_name = $audit_script;
}
unset($temp);
if ($audit_script != '') {
# copy the audit script to the target ip
if (php_uname('s') == 'Windows NT') {
$source = $filepath . '\\' . $source_name;
} else {
$source = $filepath . '/' . $source_name;
}
$destination = $this->config->item('discovery_linux_script_directory');
if (substr($destination, -1) != '/') {
$destination .= '/';
}
$destination .= $audit_script;
if ($ssh_result = scp($details->ip, $credentials_ssh, $source, $destination, $display)) {
# Successfully copied the audit script
$command = 'chmod ' . $this->config->item('discovery_linux_script_permissions') . ' ' . $destination;
$temp = ssh_command($details->ip, $credentials_ssh, $command, $display);
}
if ($display = 'y') {
$debugging = 3;
} else {
$debugging = 0;
}
}
# audit anything that's not ESX
if ($audit_script != 'audit_esxi.sh' and $audit_script != '') {
# successfully copied and chmodded the audit script
if (!empty($credentials_ssh->sudo)) {
# run the audit script as a normal user, using sudo
$command = 'echo "' . $credentials_ssh->credentials->password . '" | ' . $credentials_ssh->sudo . ' -S ' . $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh';
} else {
# run the script without using sudo
$command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y create_file=n url=' . $url . 'index.php/system/add_system debugging=' . $debugging . ' system_id=' . $details->id . ' display=' . $display . ' last_seen_by=audit_ssh';
}
$result = ssh_command($details->ip, $credentials_ssh, $command, $display);
if ($unlink != '') {
unlink($unlink);
}
}
# audit ESX
if ($audit_script == 'audit_esxi.sh') {
$command = $this->config->item('discovery_linux_script_directory') . $audit_script . ' submit_online=y last_seen_by=audit_ssh create_file=n debugging=0 echo_output=y system_id=' . $details->id . ' 2>/dev/null';
if ($result = ssh_command($details->ip, $credentials_ssh, $command, $display)) {
if ($result['status'] == 0) {
$script_result = '';
foreach ($result['output'] as $line) {
$script_result .= $line . "\n";
}
$script_result = preg_replace('/\\s+/', ' ', $script_result);
$script_result = str_replace("> <", "><", $script_result);
$esx_input = trim($script_result);
try {
$esx_xml = new SimpleXMLElement($esx_input);
} catch (Exception $error) {
// not a valid XML string
$log_details->message = 'Invalid XML input for ESX audit script';
stdlog($log_details);
exit;
}
$count = 0;
foreach ($esx_xml->children() as $child) {
if ($child->getName() === 'sys') {
$esx_details = (object) $esx_xml->sys;
if (!isset($esx_details->ip) or $esx_details->ip == '') {
$esx_details->ip = $details->ip;
}
$esx_details->system_id = $this->m_system->find_system($esx_details, $display);
$esx_details->last_seen = $details->last_seen;
if (isset($esx_details->system_id) and $esx_details->system_id != '') {
// we have an existing device
$esx_details->original_last_seen_by = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen_by');
$esx_details->original_last_seen = $this->m_devices_components->read($esx_details->system_id, 'y', 'system', '', 'last_seen');
$this->m_system->update_system($esx_details);
$log_details->message = "ESX update for {$esx_details->ip} (System ID {$esx_details->system_id})";
stdlog($log_details);
} else {
// we have a new system
$esx_details->system_id = $this->m_system->insert_system($esx_details);
$log_details->message = "ESX insert for {$esx_details->ip} (System ID {$esx_details->system_id})";
stdlog($log_details);
}
if (!isset($esx_details->audits_ip)) {
$esx_details->audits_ip = $details->audits_ip;
}
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($esx_details->system_id, $temp_user, $esx_details->last_seen_by, $esx_details->audits_ip, '', '', $esx_details->last_seen);
unset($temp_user);
}
}
$this->m_devices_components->process_component('network', $esx_details, $esx_xml->network, $display);
$this->m_devices_components->process_component('software', $esx_details, $esx_xml->software, $display);
$this->m_devices_components->process_component('processor', $esx_details, $esx_xml->processor, $display);
$this->m_devices_components->process_component('bios', $esx_details, $esx_xml->bios, $display);
$this->m_devices_components->process_component('memory', $esx_details, $esx_xml->memory, $display);
$this->m_devices_components->process_component('motherboard', $esx_details, $esx_xml->motherboard, $display);
$this->m_devices_components->process_component('video', $esx_details, $esx_xml->video, $display);
$this->m_devices_components->process_component('vm', $esx_details, $esx_xml->vm, $display);
$this->m_devices_components->process_component('ip', $esx_details, $esx_xml->ip, $display);
}
}
}
$log_details->message = "Completed processing {$details->ip} (System ID {$details->id})";
stdlog($log_details);
}
// close the 'skip'
}
// close the device / complete switch
unset($details);
}
// close for each device in XML
}
// close for form submission
}
// close function
}
?>
</label>
<div class="input-group">
<span class="input-group-addon" style="min-width:40px;">
<input type="checkbox" name="iso_image" id="iso_image">
</span>
<select class="form-control" name="iso_path" id="iso_path" disabled>
<option value=""><?php
echo _("Select ISO image");
?>
</option>
<?php
$x = 0;
while ($h_reply[$x]['id']) {
ssh_connect($h_reply[$x]['ip'] . ":" . $h_reply[$x]['port']);
$files = explode("\n", ssh_command("sudo ls " . $default_iso_path . "|grep -i .iso", true));
foreach ($files as &$value) {
if (!empty($value)) {
echo '<option class="iso_option hypervisor_iso-' . $h_reply[$x]['id'] . '" value="' . $value . '">' . $value . '</option>' . "\n";
}
}
++$x;
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-4">
include 'functions/config.php';
require_once 'functions/functions.php';
if (!check_session()) {
header("Location: {$serviceurl}/?error=1");
exit;
}
$vm = addslashes($_GET['vm']);
$hypervisor = addslashes($_GET['hypervisor']);
if (empty($vm) || empty($hypervisor)) {
exit;
}
$h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'");
$v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'");
ssh_connect($h_reply[2] . ":" . $h_reply[3]);
#$filekey= uniqid();
#add_SQL_line("UPDATE vms SET filecopy='$filekey' WHERE id='$vm'");
add_SQL_line("UPDATE vms SET maintenance='true' WHERE source_volume='{$vm}'");
add_SQL_line("UPDATE vms SET snapshot='false' WHERE source_volume='{$vm}'");
$source_path = str_replace("\n", "", ssh_command("sudo virsh domblklist " . $v_reply[1] . "|grep vda| awk '{print \$2}' ", true));
#destroy all runing child vms
$child_vms = get_SQL_array("SELECT name FROM vms WHERE source_volume='{$vm}'");
$x = 0;
while ($child_vms[$x]['name']) {
ssh_command("sudo virsh destroy " . $child_vms[$x]['name'], true);
$dest_path = str_replace("\n", "", ssh_command("sudo virsh domblklist " . $child_vms[$x]['name'] . "|grep vda| awk '{print \$2}' ", true));
ssh_command("sudo qemu-img create -f qcow2 -b {$source_path} {$dest_path}", true);
ssh_command("sudo virsh start " . $child_vms[$x]['name'], true);
++$x;
}
header("Location: {$serviceurl}/reload_vm_info.php");
exit;
$json_reply = json_encode(array('status' => "OK", 'protocol' => $protocol, 'address' => $vmView_server, 'pool' => $pool));
}
if ($protocol == "SPICE") {
$vm = get_SQL_line("SELECT hypervisor,maintenance FROM vms WHERE name='{$machine_name}'");
$h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$vm['0']}'");
if ($vm[1] == "true") {
echo json_encode(array('status' => "MAINTENANCE"));
exit;
}
ssh_connect($h_reply[2] . ":" . $h_reply[3]);
$status = ssh_command("sudo virsh domdisplay " . $machine_name, true);
$status = str_replace("spice://", "", $status);
$status = str_replace("\n", "", $status);
$status = str_replace("localhost", $h_reply[2], $status);
if (empty($status)) {
$status = 'BOOTUP';
ssh_command("sudo virsh start " . $machine_name, true);
reload_vm_info();
}
if ($status == "BOOTUP") {
$json_reply = json_encode(array('status' => "BOOTUP", 'protocol' => $protocol, 'address' => ''));
} else {
if ($status) {
$json_reply = json_encode(array('status' => "OK", 'protocol' => $protocol, 'address' => $status));
} else {
$json_reply = json_encode(array('status' => "FAIL", 'protocol' => $protocol, 'address' => ''));
}
}
}
echo $json_reply;
add_sql_line("INSERT INTO log (ip,message) VALUES ('{$client}','{$json_reply}')");
function ssh_audit($ip = '', $credentials, $display = 'n')
{
if (strtolower($display) != 'y') {
$display = 'n';
} else {
$display = 'y';
}
$log = new stdClass();
$log->severity = 7;
$log->file = 'system';
$log->display = $display;
if (empty($ip)) {
$log->message = 'No IP supplied to ssh_audit function.';
stdlog($log);
return false;
}
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
$log->message = 'No valid IP supplied to ssh_audit function.';
stdlog($log);
return false;
}
if (!is_object($credentials)) {
$log->message = 'No credentials supplied to ssh_audit function.';
stdlog($log);
return false;
}
$details = new stdClass();
$command = 'uname';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
if (!empty($ssh_result['output'][0])) {
$details->os_group = $ssh_result['output'][0];
if ($details->os_group == 'WindowsNT') {
$details->os_group = 'Windows';
}
}
} else {
# Windows doesn't have a uname so the above may fail (it might have unix tools installed)
$command = 'wmic os get name';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
foreach ($ssh_result['output'] as $line) {
if (stripos($line, 'Windows') !== false) {
$details->os_group = 'Windows';
}
}
}
unset($ssh_result);
if ($details->os_group == 'Windows') {
# We don't support SSH auditing to Windows at the moment
return($details);
}
# DD-WRT specific test
$command = 'cat /etc/motd | grep -i DD-WRT';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
if (stripos($ssh_result['output'][0], 'dd-wrt') !== false) {
$details->os_family = 'DD-WRT';
$details->os_name = trim($ssh_result['output'][0]);
$details->type = 'router';
}
}
# Hostname
$command = 'hostname -s';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->hostname = $ssh_result['output'][0];
}
# FQDN
$command = 'hostname -f | grep -F .';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->fqdn = $ssh_result['output'][0];
}
if (empty($details->hostname) and !empty($details->fqdn)) {
$temp = explode('.', $details->fqdn);
$details->hostname = $temp[0];
unset($temp);
}
# UUID on Linux
if ($details->os_group == 'Linux') {
if ($credentials->credentials->username == 'root') {
$command = 'dmidecode -s system-uuid';
} elseif (!empty($credentials->sudo) and $credentials->sudo) {
$command = 'echo ' . $credentials->credentials->password . ' | sudo -S dmidecode -s system-uuid';
} else {
$command = '';
}
if ($command != '') {
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->uuid = $ssh_result['output'][0];
}
} else {
$details->uuid = '';
}
if (empty($details->uuid)) {
if ($credentials->credentials->username == 'root') {
$command = 'cat /sys/class/dmi/id/product_uuid';
} elseif (!empty($credentials->sudo) and $credentials->sudo) {
$command = 'echo ' . $credentials->credentials->password . ' | sudo -S cat /sys/class/dmi/id/product_uuid';
} else {
$command = '';
}
if ($command != '') {
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->uuid = $ssh_result['output'][0];
}
}
}
}
# DBUS identifier on Linux (no need for sudo/root)
if ($details->os_group == 'Linux') {
$command = 'cat /var/lib/dbus/machine-id';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->dbus_identifier = $ssh_result['output'][0];
}
}
# UUID on ESX
if ($details->os_group == 'VMkernel') {
$command = "vim-cmd hostsvc/hostsummary | sed -n '/^ hardware = (vim.host.Summary.HardwareSummary) {/,/^ \},/p' | grep uuid | cut -d= -f2 | sed 's/,//g' | sed 's/\\\"//g'";
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->uuid = $ssh_result['output'][0];
}
}
# UUID on OSX
if ($details->os_group == 'Darwin') {
$command = 'system_profiler SPHardwareDataType | grep UUID | cut -d: -f2';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->uuid = $ssh_result['output'][0];
}
}
# Model and Manufuacturer (maybe) on DD-WRT
if (isset($details->os_family) and $details->os_family == 'DD-WRT') {
$command = 'nvram get DD_BOARD';
$ssh_result = ssh_command($ip, $credentials, $command, $display);
if ($ssh_result['status'] == 0) {
$details->model = $ssh_result['output'][0];
}
if (stripos($details->model, "tplink") !== false) {
$details->manufacturer = "TP-Link Technology";
}
}
return $details;
}
}
}
if ($machine_type == 'initialmachine') {
$name = $machinename;
$disk = $source_drivepath . '/' . $name . "-" . uniqid() . ".qcow2";
$vm_cmd = "sudo virt-install --name=" . $name . " --disk path=" . $disk . ",format=qcow2,bus=virtio,cache=none --soundhw=ac97 --vcpus=" . $numcpu . ",cores=" . $numcore . " --ram=" . $numram . " --network bridge=" . $network . ",model=virtio --os-type=" . $os_type . " --os-variant=" . $os_version . " --graphics spice,listen=0.0.0.0 --redirdev usb,type=spicevmc --video qxl --import --noreboot";
$drive_cmd = "sudo qemu-img create -f qcow2 -o size=1G " . $disk;
ssh_command($drive_cmd, true);
ssh_command($vm_cmd, true);
add_SQL_line("INSERT INTO vms (name,hypervisor,machine_type,source_volume) VALUES ('{$name}','{$hypervisor}','{$machine_type}','{$source_volume}')");
$v_reply = get_SQL_line("SELECT id FROM vms WHERE name='{$name}'");
header("Location: {$serviceurl}/copy_disk.php?vm=" . $v_reply[0]);
exit;
}
if ($machine_type == 'vdimachine') {
$source_reply = get_SQL_line("SELECT name FROM vms WHERE id='{$source_volume}'");
$source_disk = str_replace("\n", "", ssh_command("sudo virsh domblklist {$source_reply['0']}|grep vda| awk '{print \$2}' ", true));
$x = 0;
while ($x < $machinecount) {
$name = $machinename . sprintf("%0" . strlen($machinecount) . "s", $x + 1);
$disk = $source_drivepath . '/' . $name . "-" . uniqid() . ".qcow2";
$vm_cmd = "sudo virt-install --name=" . $name . " --disk path=" . $disk . ",format=qcow2,bus=virtio,cache=none --soundhw=ac97 --vcpus=" . $numcpu . ",cores=" . $numcore . " --ram=" . $numram . " --network bridge=" . $network . ",model=virtio --os-type=" . $os_type . " --os-variant=" . $os_version . " --graphics spice,listen=0.0.0.0 --redirdev usb,type=spicevmc --video qxl --noreboot --import";
$drive_cmd = "sudo qemu-img create -f qcow2 -b " . $source_disk . " " . $disk;
ssh_command($drive_cmd, true);
ssh_command($vm_cmd, true);
add_SQL_line("INSERT INTO vms (name,hypervisor,machine_type,source_volume) VALUES ('{$name}','{$hypervisor}','{$machine_type}','{$source_volume}')");
++$x;
}
}
header("Location: {$serviceurl}/reload_vm_info.php");
exit;
*/
include 'functions/config.php';
require_once 'functions/functions.php';
if (!check_session()) {
header("Location: {$serviceurl}/?error=1");
exit;
}
$vm = addslashes($_GET['vm']);
$hypervisor = addslashes($_GET['hypervisor']);
if (empty($vm) || empty($hypervisor)) {
exit;
}
$h_reply = get_SQL_line("SELECT * FROM hypervisors WHERE id='{$hypervisor}'");
$v_reply = get_SQL_line("SELECT * FROM vms WHERE id='{$vm}'");
ssh_connect($h_reply[2] . ":" . $h_reply[3]);
$address = ssh_command("sudo virsh domdisplay " . $v_reply[1], true);
$address = str_replace("localhost", $remote_spice_substitute[$h_reply[2]], $address);
$rnd = uniqid();
set_lang();
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title><?php
echo _("VM screen");
?>
</title>
</head>
<body>
<div class="modal-content">
