$hosts = array();
try {
$_hosts_data = Asset_host::get_basic_list($conn);
$hosts = $_hosts_data[1];
} catch (Exception $e) {
$hosts = array();
}
foreach ($hosts as $host) {
$_ip = $host['ips'];
$_hostname = $host['name'];
if (Session::hostAllowed($conn, $_ip)) {
//Load available hosts (Autocompleted)
if ($_hostname != $_ip) {
$h_list .= '{ txt:"' . $_hostname . ' [Host:' . $_ip . ']", id: "' . Asset_host_ips::ip2ulong($_ip) . '" },';
} else {
$h_list .= '{ txt:"' . $_ip . '", id: "' . Asset_host_ips::ip2ulong($_ip) . '" },';
}
}
}
// Protocol list
if ($protocol_list = Protocol::get_list()) {
echo "var protocols = new Array(" . count($protocol_list) . ")\n";
foreach ($protocol_list as $proto) {
//$_SESSION[$id] = $plugin->get_name();
echo "protocols['proto_" . $proto['id'] . "'] = '" . $proto['name'] . "'\n";
//Load available protocols (Autocompleted)
$p_list .= '{ txt: "Protocol:' . $proto['name'] . '", id: "' . $proto['id'] . '" },';
}
}
//Port list (Autocompleted)
if ($port_list = Port::get_list($conn, " AND protocol_name='tcp'")) {
function draw_hosts_by_nets_os($conn, $data)
{
global $empty_tree;
$tree = array();
$os = $data['os'];
$id = $data['net'];
ossim_valid($os, "windows|linux", 'illegal:' . _("Operating System"));
ossim_valid($id, OSS_HEX, 'illegal:' . _("Network"));
if (ossim_error()) {
ossim_clean_error();
return $empty_tree;
}
$prm = array('%"' . $os . '%');
if ($id == '0') {
$id_sql = ' AND n.id IS NULL';
} else {
$id_sql = ' AND n.id = UNHEX(?)';
$prm[] = $id;
}
$sql = "SELECT DISTINCT hex(h.id) AS id , h.hostname AS name\n FROM host_properties hp, host h\n LEFT JOIN host_net_reference hn ON hn.host_id=h.id\n LEFT JOIN net n ON n.id=hn.net_id\n WHERE h.id=hp.host_id AND hp.property_ref=3 AND hp.value LIKE ? {$id_sql}";
//Always cached
$rs = $conn->CacheExecute($sql, $prm);
if (!$rs || $rs->EOF) {
return $empty_tree;
}
while (!$rs->EOF) {
$tooltip = 'IPs: ' . Asset_host_ips::get_ips_to_string($conn, $rs->fields['id']);
$_aux = array('key' => 'host_' . $rs->fields['id'], 'title' => $rs->fields['name'], 'isFolder' => FALSE, 'icon' => FALSE, 'type' => 'host', 'host_id' => $rs->fields['id'], 'tooltip' => $tooltip);
$tree[] = $_aux;
$rs->MoveNext();
}
return $tree;
}
$sensor_ip = $system_info['data']['admin_ip'];
}
$ip_cidr = empty($sensor_ip) ? $agent['ip'] : $sensor_ip;
} else {
$agent_idm_data = Ossec_agent::get_idm_data($sensor_id, $agent['ip']);
$agent_idm_ip = $agent_idm_data['ip'];
if (empty($agent_idm_ip)) {
try {
$agent_idm_ip = Ossec_agent::get_last_ip($sensor_id, $agent);
} catch (Exception $e) {
}
}
$ip_cidr = Asset_host_ips::valid_ip($agent_idm_ip) ? $agent_idm_ip : $agent['ip'];
}
$data = array();
if (!preg_match('/Never connected/i', $agent['status']) && Asset_host_ips::valid_ip($ip_cidr)) {
$data = Ossec_utilities::SIEM_trends_hids($conn, $ip_cidr);
}
$trend_plot = "<div style='color:gray; margin:15px; text-align:center;'>" . _('Trend chart not available') . "</div>";
if (is_array($data) && !empty($data)) {
$trend = '';
$max = 7;
for ($ii = $max - 1; $ii >= 0; $ii--) {
$d = gmdate("j M", $timetz - 86400 * $ii);
$trend[$d] = $data[$d] != '' ? $data[$d] : 0;
}
$i = 0;
foreach ($trend as $k => $v) {
$x[$k] = $i;
$i++;
}
$s_data = Ossec_utilities::get_sensors($conn);
$hids_sensors = $s_data['sensors'];
foreach ($assets_w_os as $asset_id => $a_data) {
$deployment_stats[$asset_id] = array('status' => 'success', 'data' => '');
//Getting HIDS sensor and Windows IP
$sensor_id = NULL;
$hids_agents = Asset_host::get_related_hids_agents($conn, $asset_id);
$aux_ip_address = explode(',', $a_data['ips']);
$aux_ip_address = array_flip($aux_ip_address);
$default_ip_address = array_pop(array_keys($aux_ip_address));
if (is_array($hids_agents) && !empty($hids_agents)) {
//Case 1: HIDS Agents was previously deployed
$hids_agent = array_pop($hids_agents);
$sensor_id = $hids_agent['sensor_id'];
$agent_id = $hids_agent['agent_id'];
if (Asset_host_ips::valid_ip($hids_agent['ip_cidr']) && array_key_exists($hids_agent['ip_cidr'], $aux_ip_address)) {
$ip_address = $hids_agent['ip_cidr'];
} else {
$ip_address = $default_ip_address;
}
} else {
//Case 2: Not HIDS Agent deployed
$asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
foreach ($asset_sensors as $asset_sensor_id => $s_data) {
//Checking HIDS Sensor
$cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $asset_sensor_id) == TRUE;
$cnd_2 = !empty($asset_sensors[$asset_sensor_id]);
if ($cnd_1 && $cnd_2) {
$sensor_id = $asset_sensor_id;
break;
}
$id = GET('id');
ossim_valid($id, OSS_HEX, 'illegal:' . _("Network ID"));
ossim_valid($type, "network", "server", 'illegal:' . _("Asset Type"));
if (ossim_error()) {
$error_msg = "Error: " . ossim_get_error();
$error = true;
ossim_clean_error();
}
$type = $type == 'server' ? 1 : 4;
$sql = "SELECT distinct HEX(h.id) as id, h.hostname, MAX(DATE(ac.timestamp)) as log\n\t\t\t\tFROM alienvault.host_types t, alienvault.host_net_reference hn, alienvault.host h \n\t\t\t\tLEFT JOIN alienvault_siem.ac_acid_event ac ON ac.src_host = h.id\n\t\t\t\tWHERE h.id=hn.host_id AND h.id=t.host_id AND t.type=? AND hn.net_id=UNHEX(?)\n\t\t\t\tGROUP BY h.id\n\t\t\t\t";
$params = array($type, $id);
$asset_list = array();
if ($rs = $conn->Execute($sql, $params)) {
while (!$rs->EOF) {
try {
$ips = Asset_host_ips::get_ips_to_string($conn, $rs->fields['id']);
} catch (Exception $e) {
$ips = '';
}
$asset_list[] = array('id' => $rs->fields['id'], 'name' => $rs->fields["hostname"], 'ip' => $ips, 'log' => $rs->fields["log"]);
$rs->MoveNext();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _("OSSIM Framework");
?>
</title>
ossim_valid($agent_id, OSS_DIGIT, 'illegal:' . _('Agent ID'));
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if ($agent_ip != 'any') {
ossim_valid($agent_ip, OSS_IP_CIDR_0, 'illegal:' . _('Agent IP'));
}
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Sensor not allowed'));
}
$db->close();
}
$more_info = Ossec_agent::get_info($sensor_id, $agent_id);
$last_scan_dates = '';
if (Asset_host_ips::valid_ip($agent_ip)) {
$last_scan_dates = Ossec_agent::get_last_scans($sensor_id, $agent_ip);
}
if (is_array($more_info) && !empty($more_info)) {
$syscheck_date = empty($last_scan_dates['syscheck']) ? $more_info[7] : $last_scan_dates['syscheck'];
$rootcheck_date = empty($last_scan_dates['rootcheck']) ? $more_info[8] : $last_scan_dates['rootcheck'];
?>
<table class='t_agent_mi'>
<tr><td colspan='2' style='text-align: center;'><?php
echo _('Agent information');
?>
</td></tr>
<tr>
<td><?php
echo _('Agent ID');
?>
$validate['ip_cidr'] = array('validation' => 'any', 'e_message' => 'illegal:' . _('Agent IP'));
}
$validation_errors = validate_form_fields('POST', $validate);
if (empty($validation_errors['sensor_id'])) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$validation_errors['sensor_id'] = _('Error! Sensor not allowed');
}
$db->close();
}
if (empty($validation_errors)) {
//IDM Info
$agent_idm_data = Ossec_agent::get_idm_data($sensor_id, $agent_ip);
if (empty($agent_idm_data)) {
$agent = array('ip' => $agent_ip, 'name' => $agent_name);
$last_ip = Ossec_agent::get_last_ip($sensor_id, $agent);
if (Asset_host_ips::valid_ip($last_ip)) {
$agent_idm_data = array('userdomain' => '-', 'ip' => $last_ip);
} else {
$agent_idm_data = array('userdomain' => '-', 'ip' => '-');
}
}
$data['status'] = 'success';
$data['data'] = $agent_idm_data;
} else {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
echo json_encode($data);
exit;
$error = Token::create_error_message();
Util::response_bad_request($error_msg);
}
$warning_msg = '';
//Validate IP/CIDR
if ($ip_cidr != 'any' && $ip_cidr != '0.0.0.0/0') {
if (Asset_host_ips::valid_ip($ip_cidr)) {
//Agent IP/CIDR is an IP address
$asset_ips = Asset_host_ips::get_ips_to_string($conn, $asset_id);
if (preg_match('/' . $ip_cidr . '/', $asset_ips) == FALSE) {
$warning_msg = _('The asset IP and IP/CIDR do not match');
}
} else {
//Agent IP/CIDR is an CIDR
$ip_range = CIDR::expand_cidr($ip_cidr, 'SHORT', 'LONG');
$asset_ips_obj = new Asset_host_ips($asset_id);
$asset_ips_obj->load_from_db($conn);
$asset_ips = $asset_ips_obj->get_ips();
$valid_ip_range = FALSE;
foreach ($asset_ips as $a_data) {
$ip = Asset_host_ips::ip2ulong($a_data['ip']);
if ($ip >= $ip_range[0] && $ip <= $ip_range[1]) {
$valid_ip_range = TRUE;
break;
}
}
if ($valid_ip_range == FALSE) {
$warning_msg = _('The selected asset IP is out of the IP/CIDR range');
}
}
}
if ($agent_status > 1) {
if (Asset_host::is_in_db($conn, $asset_id)) {
$data = Ossec_utilities::hids_trend_by_id($conn, $asset_id);
} else {
if ($ip_cidr == '127.0.0.1') {
// Getting default sensor IP
$sensor_ip = Av_sensor::get_ip_by_id($conn, $sensor_id);
$ip_cidr = empty($sensor_ip) ? $ip_cidr : $sensor_ip;
} else {
try {
$agent = array('name' => $agent_name, 'ip_cidr' => $ip_cidr);
$ip_cidr = Ossec_agent::get_last_ip($sensor_id, $agent);
} catch (Exception $e) {
}
}
if (Asset_host_ips::valid_ip($ip_cidr)) {
$data = Ossec_utilities::hids_trend_by_ip($conn, $ip_cidr);
}
}
}
$trend_plot = "<div style='color:gray; margin:15px; text-align:center;'>" . _('Trend chart not available') . "</div>";
if (is_array($data) && !empty($data)) {
$trend = '';
$max = 7;
for ($ii = $max - 1; $ii >= 0; $ii--) {
$d = gmdate("j M", $timetz - 86400 * $ii);
$trend[$d] = $data[$d] != '' ? $data[$d] : 0;
}
$i = 0;
foreach ($trend as $k => $v) {
$x[$k] = $i;
function deploy_agents($conn, $wizard)
{
//Aux variable that is returned
$data = array();
//If we have already initialized the deploy, we return true to check the status
$started = $wizard->get_step_data('deploy_initialized');
if ($started === TRUE) {
$response['error'] = FALSE;
$response['data'] = $data;
return $response;
}
//Retrieving the params
$os = $wizard->get_step_data('deploy_os');
$username = $wizard->get_step_data('deploy_username');
$domain = $wizard->get_step_data('deploy_domain');
//Getting the array of hosts
$hosts = $wizard->get_step_data('deploy_hosts');
$hosts = is_array($hosts) ? $hosts : array();
//Getting the password and decrypting
$password = $wizard->get_step_data('deploy_password');
$password = Util::decrypt($password, Util::get_system_uuid());
$total_ip = 0;
//Performing linux deployment --> Agentless
if ($os == 'linux') {
$sensor_id = get_sensor_id();
$deploy = 0;
//Num of successful deployments --> Initially 0
//Arguments for the agentless entries
$arguments = '/etc /usr/bin /usr/sbin /bin /sbin';
foreach ($hosts as $h) {
$ips = Asset_host_ips::get_ips_to_string($conn, $h);
$ips = explode(',', $ips);
$hostname = Asset_host::get_name_by_id($conn, $h);
foreach ($ips as $ip) {
try {
//Adding Aggentless
Ossec_agentless::save_in_db($conn, $ip, $sensor_id, $hostname, $username, $password, '', FALSE, '');
//Adding Aggentless Entries
Ossec_agentless::add_monitoring_entry($conn, $ip, $sensor_id, 'ssh_integrity_check_bsd', 3600, 'periodic', $arguments);
Ossec_agentless::add_monitoring_entry($conn, $ip, $sensor_id, 'ssh_integrity_check_linux', 3600, 'periodic', $arguments);
$deploy++;
} catch (Exception $e) {
Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage());
}
$total_ip++;
}
}
//Saving the number of the successful deployments
$wizard->set_step_data('deploy_success', $deploy);
} elseif ($os == 'windows') {
$jobs = array();
foreach ($hosts as $h) {
$ips = Asset_host_ips::get_ips_to_string($conn, $h);
$ips = explode(',', $ips);
foreach ($ips as $ip) {
try {
//Adding job to deploy ossec.
$name = 'Windows-' . str_replace('.', '-', $ip);
$job = Welcome_wizard::launch_ossec_deploy($name, $ip, $username, $domain, $password);
$jid = md5($h . $ip);
$jobs[$jid] = array('job_id' => $job['job_id'], 'agent' => $name . '(' . $ip . ')');
} catch (Exception $e) {
Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage());
}
$total_ip++;
}
}
//Saving the jobs IDs in the wizard object
$wizard->set_step_data('deploy_jobs', $jobs);
}
$total_ip = $total_ip > count($hosts) ? $total_ip : count($hosts);
$data['total_ips'] = $total_ip;
//Setting the total of ips.
$wizard->set_step_data('deploy_total_ips', $total_ip);
//Setting to true the flag that warns that the deploy has been already initialized.
$wizard->set_step_data('deploy_initialized', TRUE);
//Saving the wizard status
$wizard->save_status();
$response['error'] = FALSE;
$response['data'] = $data;
return $response;
}
}
if (Token::verify($tk_key, $token) == FALSE) {
$db->close();
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$data['status'] = 'success';
$data['data'] = _('Your changes have been saved');
if ($delete_all == TRUE) {
if (!valid_hex32($asset_id)) {
$db->close();
Util::response_bad_request(_('Error! Asset ID not allowed. Your changes could not be saved'));
} else {
try {
if ($action == 'delete_properties') {
Asset_host_ips::delete_all_from_db($conn, $asset_id, TRUE);
Asset_host_properties::delete_all_from_db($conn, $asset_id);
} elseif ($action == 'delete_software') {
Asset_host_software::delete_all_from_db($conn, $asset_id);
} else {
Asset_host_services::delete_all_from_db($conn, $asset_id, TRUE);
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
}
} else {
if (is_array($p_list) && !empty($p_list)) {
foreach ($p_list as $p_values) {
try {
$domain = POST('domain');
//Extra validations
if (empty($validation_errors)) {
//Checking Asset ID
if (Asset_host::is_allowed($conn, $asset_id) == FALSE) {
$validation_errors['asset_id'] = _('You do not have permission to deploy HIDS agent to this asset. Please check with your account admin for more information');
}
//Checking HIDS Sensor
$cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $sensor_id) == FALSE;
$asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
$cnd_2 = empty($asset_sensors[$sensor_id]);
if ($cnd_1 || $cnd_2) {
$validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id));
}
//Checking IP Address
$aux_asset_ips = Asset_host_ips::get_ips_to_string($conn, $asset_id);
if (preg_match('/' . $ip_address . '/', $aux_asset_ips) == FALSE) {
$validation_errors['ip_address'] = _("The IP address you enter is not valid. Please check your asset and network settings and try again");
}
}
break;
case 'deploy_agentless':
/***********************************************
******************* TO DO ******************
************************************************/
break;
}
//AJAX validator: Return validation results
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
if (empty($validation_errors)) {
$current_user = '******';
$current_ip = '-';
//Current user
if (valid_hex32($asset_id)) {
$q_filters = array('limit' => "1");
list($users, $total_users) = Asset_host_properties::get_users_by_host($conn, $asset_id, $filters);
if ($total_users > 0) {
$_current_user = array_pop($users[$asset_id]);
if (!empty($_current_user)) {
$current_user = $_current_user['user'];
$current_user .= !empty($_current_user['domain']) ? '@' . $_current_user['domain'] : '';
}
}
}
//Current IP
$agent = array('ip_cidr' => $agent_ip, 'name' => $agent_name);
$_current_ip = Ossec_agent::get_last_ip($sensor_id, $agent);
if (Asset_host_ips::valid_ip($_current_ip)) {
$current_ip = $_current_ip;
}
$agent_idm_data = array('current_ip' => $current_ip, 'current_user' => $current_user);
$data['status'] = 'success';
$data['data'] = $agent_idm_data;
} else {
$data['status'] = 'error';
$data['data'] = $validation_errors;
}
$db->close();
echo json_encode($data);
exit;
function draw_html_content($conn, $ri_data, $edit_mode = FALSE)
{
$ri_html = '';
if ($ri_data['type'] == 'indicator') {
//Allowed host types
$host_types = array('host', 'server', 'sensor');
//Getting indicator values
if (preg_match("/view\\.php\\?map\\=([a-fA-F0-9]*)/", $ri_data['url'], $found)) {
// Linked to another map: loop by this map indicators
list($r_value, $v_value, $a_value, $ri_data['asset_id'], $related_sensor, , $ips, $in_assets) = get_map_values($conn, $found[1], $ri_data['asset_id'], $ri_data['asset_type'], $host_types);
} else {
// Asset Values
list(, $related_sensor, , $ips, $in_assets) = get_assets($conn, $ri_data['asset_id'], $ri_data['asset_type'], $host_types);
list($r_value, $v_value, $a_value) = get_values($conn, $host_types, $ri_data['asset_type'], $ri_data['asset_id'], FALSE);
}
// Getting indacator links
if ($edit_mode == TRUE) {
$linked_url = "javascript:void(0);";
$r_url = "javascript:void(0);";
$v_url = "javascript:void(0);";
$a_url = "javascript:void(0);";
} else {
// Risk link
$alarm_query = '';
if ($ri_data['asset_type'] == 'host') {
$alarm_query .= "&host_id=" . $ri_data['asset_id'];
} elseif ($ri_data['asset_type'] == 'net') {
$alarm_query .= "&net_id=" . $ri_data['asset_id'];
} elseif ($ri_data['asset_type'] == 'sensor') {
$alarm_query .= "&sensor_query=" . $ri_data['asset_id'];
} elseif ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') {
$alarm_query .= "&asset_group=" . $ri_data['asset_id'];
}
$r_url = Menu::get_menu_url("/ossim/alarm/alarm_console.php?hide_closed=1" . $alarm_query, 'analysis', 'alarms', 'alarms');
// Vulnerability link
if ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') {
$v_data = '';
if (valid_hex32($ri_data['asset_id'])) {
$_group_object = Asset_group::get_object($conn, $ri_data['asset_id']);
if ($_group_object != NULL) {
$_assets_aux = $_group_object->get_hosts($conn, '', array(), TRUE);
foreach ($_assets_aux[0] as $_host_data) {
if ($v_data != '') {
$v_data .= ',';
}
$v_data .= $_host_data[2];
// IP
}
}
}
} else {
$v_data = $ips;
}
$v_url = Menu::get_menu_url("/ossim/vulnmeter/index.php?value={$v_data}&type=hn", 'environment', 'vulnerabilities', 'overview');
// Availability link
if (!empty($related_sensor)) {
$conf = $GLOBALS['CONF'];
$conf = !$conf ? new Ossim_conf() : $conf;
$nagios_link = $conf->get_conf('nagios_link');
$scheme = empty($_SERVER['HTTPS']) ? 'http://' : 'https://';
$path = !empty($nagios_link) ? $nagios_link : '/nagios3/';
$port = !empty($_SERVER['SERVER_PORT']) ? ':' . $_SERVER['SERVER_PORT'] : "";
$nagios_url = $scheme . $related_sensor . $port . $path;
if ($ri_data['asset_type'] == 'host') {
$hostname = Asset_host::get_name_by_id($conn, $ri_data['asset_id']);
if (preg_match('/\\,/', $ips)) {
$hostname .= '_' . preg_replace('/\\,.*/', '', $ips);
}
$a_url = Menu::get_menu_url("/ossim/nagios/index.php?sensor={$related_sensor}&nagios_link=" . urlencode($nagios_url . "cgi-bin/status.cgi?host=" . $hostname), 'environment', 'availability');
} else {
$a_url = Menu::get_menu_url("/ossim/nagios/index.php?sensor={$related_sensor}&nagios_link=" . urlencode($nagios_url . "cgi-bin/status.cgi?hostgroup=all"), 'environment', 'availability');
}
} else {
$a_url = 'javascript:void(0);';
}
//Report link or map link
if ($ri_data['url'] == 'REPORT') {
$linked_url = "javascript:void(0);";
if ($ri_data['asset_type'] == 'sensor') {
try {
//Special case 1: Sensors don't have detail view
$sensor_ip = Av_sensor::get_ip_by_id($conn, $ri_data['asset_id']);
if (Asset_host_ips::valid_ip($sensor_ip)) {
$filters = array('where' => "host.id = hi.host_id AND hi.ip = INET6_ATON('{$sensor_ip}')\n AND hi.host_id = hs.host_id AND hs.sensor_id = UNHEX('" . $ri_data['asset_id'] . "')");
list($hosts, $total) = Asset_host::get_list($conn, ', host_sensor_reference hs, host_ip hi', $filters);
if ($total == 1) {
$ri_data['asset_id'] = key($hosts);
$linked_url = Menu::get_menu_url("/ossim/av_asset/common/views/detail.php?asset_id=" . $ri_data['asset_id'], 'environment', 'assets', 'assets');
} elseif ($total > 1) {
$linked_url = Menu::get_menu_url("/ossim/av_asset/asset/index.php?filter_id=11&filter_value={$sensor_ip}", 'environment', 'assets', 'assets');
}
}
} catch (Exception $e) {
}
} elseif ($ri_data['asset_type'] == 'net_group' || $ri_data['asset_type'] == 'netgroup') {
//Special case 2: Net groups don't have detail view
$_sm_option = 'assets';
$_h_option = 'network_groups';
$linked_url = Menu::get_menu_url("/ossim/netgroup/netgroup_form.php?id=" . $ri_data['asset_id'], 'environment', $_sm_option, $_h_option);
} else {
if ($ri_data['asset_type'] == 'host') {
$_sm_option = 'assets';
$_h_option = 'assets';
} elseif ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') {
$_sm_option = 'assets';
$_h_option = 'asset_groups';
} else {
$_sm_option = 'assets';
$_h_option = 'networks';
}
$linked_url = Menu::get_menu_url("/ossim/av_asset/common/views/detail.php?asset_id=" . $ri_data['asset_id'], 'environment', $_sm_option, $_h_option);
}
} else {
$linked_url = $ri_data['url'] != '' ? Menu::get_menu_url($ri_data['url'], 'dashboard', 'riskmaps', 'overview') : "javascript:void(0);";
}
}
//Special image when linked asset has been removed
if ($ri_data['asset_type'] != '' && !$in_assets) {
$ri_data['icon'] = "/ossim/pixmaps/marker--exclamation.png";
$ri_data['icon_size'] = "16";
$ri_data['icon_bg'] = 'transparent';
}
$ri_data['icon_size'] = $ri_data['icon_size'] >= 0 || $ri_data['icon_size'] == -1 ? $ri_data['icon_size'] : '';
$ri_html .= "<input type='hidden' name='dataname" . $ri_data['id'] . "' id='dataname" . $ri_data['id'] . "' value='" . $ri_data['name'] . "'/>\n <input type='hidden' name='datatype" . $ri_data['id'] . "' id='datatype" . $ri_data['id'] . "' value='" . $ri_data['asset_type'] . "'/>\n <input type='hidden' name='type_name" . $ri_data['id'] . "' id='type_name" . $ri_data['id'] . "' value='" . $ri_data['asset_id'] . "'/>\n <input type='hidden' name='type_name_show" . $ri_data['id'] . "' id='type_name_show" . $ri_data['id'] . "' value='" . $ri_data['asset_name'] . "'/>\n <input type='hidden' name='dataurl" . $ri_data['id'] . "' id='dataurl" . $ri_data['id'] . "' value='" . $ri_data['url'] . "'/>\n <input type='hidden' name='dataicon" . $ri_data['id'] . "' id='dataicon" . $ri_data['id'] . "' value='" . $ri_data['icon'] . "'/>\n <input type='hidden' name='dataiconsize" . $ri_data['id'] . "' id='dataiconsize" . $ri_data['id'] . "' value='" . $ri_data['icon_size'] . "'/>\n <input type='hidden' name='dataiconbg" . $ri_data['id'] . "' id='dataiconbg" . $ri_data['id'] . "' value='" . $ri_data['icon_bg'] . "'/>";
$ri_html .= '<table width="100%" border="0" cellspacing="0" cellpadding="1" style="padding:2px; background-color:' . $ri_data['icon_bg'] . '; text-align:center; margin-left:2px; margin-right:2px">';
if (!preg_match("/#NONAME/", $ri_data['name'])) {
$ri_html .= '<tr>
<td align="center" nowrap="nowrap">
<a href="' . $linked_url . '" class="ne"><i>' . $ri_data['name'] . '</i></a>
</td>
</tr>';
}
if ($ri_data['icon_size'] != -1) {
$ri_data['icon_size'] = $ri_data['icon_size'] > 0 ? 'width="' . $ri_data['icon_size'] . '"' : '';
$ri_html .= '<tr>
<td align="center" style="white-space: nowrap;">
<a href="' . $linked_url . '" class="ne">
<img src="' . $ri_data['icon'] . '" ' . $ri_data['icon_size'] . ' border="0"/>
</a>
</td>
</tr>';
}
$ri_html .= '<tr align="center">
<td style="margin-left:2px; margin-right:2px">';
if ($ri_data['icon_size'] == -1 && preg_match("/#NONAME/", $ri_data['name'])) {
$ri_html .= '<table border="0" cellspacing="0" cellpadding="2" style="text-align:center; margin:auto;">
<tr>
<td><a class="ne11" href="' . $r_url . '"><img src="images/' . $r_value . '.gif" border="0"/></a></td>
<td><a class="ne11" href="' . $v_url . '"><img src="images/' . $v_value . '.gif" border="0"/></a></td>
<td><a class="ne11" href="' . $a_url . '"><img src="images/' . $a_value . '.gif" border="0"/></a></td>
</tr>
</table>';
} else {
$ri_html .= '
<table border="0" cellspacing="0" cellpadding="2" style="text-align:center; margin:auto;">
<tr>
<td><a class="ne11" href="' . $r_url . '">R</a></td>
<td><a class="ne11" href="' . $v_url . '">V</a></td>
<td><a class="ne11" href="' . $a_url . '">A</a></td>
</tr>
<tr>
<td><img src="images/' . $r_value . '.gif" border="0"/></td>
<td><img src="images/' . $v_value . '.gif" border="0"/></td>
<td><img src="images/' . $a_value . '.gif" border="0"/></td>
</tr>
</table>';
}
$ri_html .= ' </td>
</tr>';
if ($edit_mode == TRUE) {
$ri_html .= '
<tr align="center">
<td class="noborder">
<div id="indicator_edit" style="float:left;" onclick="load_indicator_info(this);">
<img src="images/edit.png" title="' . _("Edit Indicator") . '" class="ind_help" height="15px" border="0"/>
</div>
<div id="indicator_trash" style="float:right;" onclick="delete_indicator(this);">
<img src="../pixmaps/trash.png" title="' . _("Delete Indicator") . '" class="ind_help" height="15px" border="0"/>
</div>
</td>
</tr>';
}
$ri_html .= '</table>';
} elseif ($ri_data['type'] == 'rectangle') {
$ri_html = "<input type='hidden' name='dataname" . $ri_data['id'] . "' id='dataname" . $ri_data['id'] . "' value='" . $ri_data['name'] . "'/>\n\n <input type='hidden' name='dataurl" . $ri_data['id'] . "' id='dataurl" . $ri_data['id'] . "' value='" . $ri_data['url'] . "'/>\n";
if ($edit_mode == TRUE) {
$ri_html .= '<div class="itcanberesized" style="position:absolute; bottom:0px; right:0px; cursor:nw-resize;">
<img src="../pixmaps/resize.gif" border="0"/>
</div>';
}
$ri_html .= '<table border="0" cellspacing="0" cellpadding="0" width="100%" height="100%" style="border:0px;">
<tr>
<td style="border:1px dotted black" valign="bottom">';
if ($edit_mode == TRUE) {
$ri_html .= '<div id="indicator_edit" style="float:left;padding:2px;" onclick="load_indicator_info(this);">
<img src="images/edit.png" title="' . _("Edit Rectangle") . '" class="ind_help" height="15px" border="0"/>
</div>
<div id="indicator_trash" style="float:right;padding:2px;" onclick="delete_indicator(this);">
<img src="../pixmaps/trash.png" title="' . _("Delete Rectangle") . '" class="ind_help" height="15px" border="0"/>
</div>';
}
$ri_html .= ' </td>
</tr>
</table>';
}
return $ri_html;
}
$validate = array('host_id' => array('validation' => 'OSS_HEX', 'e_message' => 'illegal:' . _('Host ID')), 'sensor' => array('validation' => 'OSS_LETTER', 'e_message' => 'illegal:' . _('Sensor')), 'scan_type' => array('validation' => 'OSS_LETTER', 'e_message' => 'illegal:' . _('Scan Mode')), 'timing_template' => array('validation' => 'OSS_TIMING_TEMPLATE', 'e_message' => 'illegal:' . _('Timing Template')), 'autodetected' => array('validation' => 'OSS_BINARY', 'e_message' => 'illegal:' . _('Autodetected services and OS')), 'rdns' => array('validation' => 'OSS_BINARY', 'e_message' => 'illegal:' . _('Reverse DNS ')));
$validation_errors = validate_form_fields('POST', $validate);
//Extra validations
if (empty($validation_errors)) {
if (!array_key_exists(POST('scan_type'), $scan_types)) {
$validation_errors['status'] = 'error';
$validation_errors['scan_type'] = _('Error! Scan type not allowed');
}
if (!array_key_exists(POST('timing_template'), $time_templates)) {
$validation_errors['status'] = 'error';
$validation_errors['timing_template'] = _('Error! Timing template not allowed');
}
if (empty($validation_errors)) {
$host_id = POST('host_id');
$_hostname = Asset_host::get_name_by_id($conn, $host_id);
$_host_ips = Asset_host_ips::get_ips_to_string($conn, $host_id);
$sensor = POST('sensor');
$scan_type = POST('scan_type');
$ttemplate = POST('timing_template');
$autodetected = POST('autodetected');
$rdns = POST('rdns');
}
}
}
//Close DB connection
$db->close();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
$asset_type = REQUEST('asset_type');
//Database connection
$db = new ossim_db();
$conn = $db->connect();
if ($edition_type == 'single') {
// Single edition
$id = GET('id');
$_ip = GET('ip');
$_ctx = GET('ctx');
//Getting host by IP and CTX
if (empty($id) && !empty($_ctx) && !empty($_ip)) {
$entity_type = Session::get_entity_type($conn, $_ctx);
$entity_type = strtolower($entity_type);
//Sometimes CTX is an engine instead of context
$_ctx = $entity_type == 'context' ? $_ctx : Session::get_default_ctx();
if (Asset_host_ips::valid_ip($_ip) && valid_hex32($_ctx)) {
$aux_ids = Asset_host::get_id_by_ips($conn, $_ip, $_ctx);
$aux_id = key($aux_ids);
if (Asset_host::is_in_db($conn, $aux_id)) {
$id = $aux_id;
}
} else {
unset($_ip);
unset($_ctx);
}
}
if (!empty($id) && Asset_host::is_in_db($conn, $id)) {
ossim_valid($id, OSS_HEX, 'illegal:' . _('Asset ID'));
if (ossim_error()) {
echo ossim_error(_('Error! Asset not found'));
exit;
