示例#1
0
*   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
*   MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
****************************************************************************/
/**
* Class and Function List:
* Function list:
* Classes list:
*/
require_once 'classes/Session.inc';
Session::logcheck("MenuMonitors", "MonitorsNetwork");
?>


<html>
<head>
  <title> <?php 
echo gettext("OSSIM Framework");
?>
 </title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
  <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
  <link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>
<body>
*/
/************************************************************************************/
/************************************************************************************/
/***                                                                              ***/
/***  IF YOU MODIFY THIS FILE, PLEASE CHECK IT WORKS RIGHT IN THE WELCOME WIZARD  ***/
/***                                                                              ***/
/************************************************************************************/
/************************************************************************************/
/**
* Function list:
* - function print_form($msg_errors = '')
* - function clean_iic($string)
* - function import_assets_from_csv($filename, $iic, $ctx, $import_type)
*/
require_once 'av_init.php';
Session::logcheck('environment-menu', 'PolicyNetworks');
//Functions
function print_form($import_type)
{
    $config = array('networks' => array('contexts' => array('show_tree' => Session::show_entities(), 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => TRUE, 'checked' => FALSE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"479D45C0BBF22B4458BD2F8EE09ECAC2"'), 'Version 3.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"192.168.10.2,192.168.10.3"'))), 'welcome_wizard_nets' => array('contexts' => array('show_tree' => FALSE, 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => FALSE, 'checked' => TRUE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '"'))));
    if (!array_key_exists($import_type, $config)) {
        echo ossim_error(_('Error! Import Type not found'));
    } else {
        ?>
    	<div id='av_info'></div>
    	
    	<form name='form_csv' id='form_csv' method='POST' action='import_all_nets_ajax.php' enctype='multipart/form-data' target='iframe_upload'>        
			
			<input type="hidden" name="ctx" id="ctx" value="<?php 
        echo $config[$import_type]['contexts']['default_value'];
        ?>
示例#3
0
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
require_once 'ossim_db.inc';
require_once 'general.php';
Session::logcheck("analysis-menu", "EventsForensics");
$it_security = "";
$address = "";
$tlfn = "";
$tz = Util::get_timezone();
$date = gmdate("Y-m-d H:i:s", gmdate("U") + 3600 * $tz);
$maintitle = $report_data['report_name'];
$db = new ossim_db();
$conn = $db->connect();
$t_params = array();
$t_params[] = $user;
$t_query = "SELECT dataV1, dataV2 \r\n\t\t  FROM datawarehouse.report_data \r\n\t\t  WHERE id_report_data_type=35 and user=?";
$conn->SetFetchMode(ADODB_FETCH_ASSOC);
$t_rs = $conn->Execute($t_query, $t_params);
if (!$t_rs) {
    $filter = '';
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'CorrelationCrossCorrelation');
$action = 'insert';
$url_form = 'newpluginref.php';
$button_text = Util::js_entities(_("Create rule"));
$plugin_id1 = REQUEST('plugin_id1');
$plugin_id2 = REQUEST('plugin_id2');
$plugin_sid1 = REQUEST('plugin_sid1');
$plugin_sid2 = REQUEST('plugin_sid2');
if ($plugin_id1 != '' || $plugin_id2 != '' || $plugin_sid1 != '' || $plugin_sid2 != '') {
    $action = 'modify';
    $url_form = 'modifypluginref.php';
    $button_text = Util::js_entities(_('Save rule'));
    ossim_valid($plugin_id1, OSS_DIGIT, 'illegal:' . _('Plugin ID1'));
    ossim_valid($plugin_id2, OSS_DIGIT, 'illegal:' . _('Plugin ID2'));
    ossim_valid($plugin_sid1, OSS_DIGIT, 'illegal:' . _('Plugin SID1'));
    ossim_valid($plugin_sid2, OSS_DIGIT, 'illegal:' . _('Plugin SID2'));
示例#5
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('environment-menu', 'PolicyHosts');
//CPE Types
$_cpe_types = array('os' => 'o', 'hardware' => 'h', 'software' => 'a');
$_cpe = GET('q');
$_cpe_type = GET('cpe_type');
ossim_valid($_cpe, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC_EXT, 'illegal:' . _('CPE'));
ossim_valid($_cpe_type, 'os | software | hardware', 'illegal:' . _('CPE Type'));
if (ossim_error() || !array_key_exists($_cpe_type, $_cpe_types)) {
    exit;
}
$db = new Ossim_db();
$conn = $db->connect();
$_cpe = escape_sql($_cpe, $conn);
$filters = array('where' => "`cpe` LIKE 'cpe:/" . $_cpe_types[$_cpe_type] . "%' AND `line` LIKE '%{$_cpe}%'", 'limit' => 20);
$software = new Software($conn, $filters);
$db->close();
示例#6
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("dashboard-menu", "IPReputation");
$perms = array('admin' => Session::am_i_admin());
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <title><?php 
echo _('Open Threat Exchange Configuration');
?>
</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
    <meta http-equiv="Pragma" content="no-cache"/>

    <?php 
//CSS Files
示例#7
0
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
/**
* Function list:
* - get_policy_entities
* - message_ok()
* - email_form()
* - exec_form()
* - ticket_form()
* - submit()
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyActions');
function get_policy_entities($conn)
{
    $entities = $entities_all = array();
    $entities_all = Acl::get_entities_to_assign($conn);
    foreach ($entities_all as $k => $v) {
        if (Acl::is_logical_entity($conn, $k)) {
            $parent_id = Acl::get_logical_ctx_id($conn, $k);
            $parent_id = $parent_id[0];
            // first
            $parent_name = Acl::get_entity_name($conn, $parent_id);
            $entities[$parent_id] = $parent_name;
        } else {
            $entities[$k] = $v;
        }
    }
示例#8
0
文件: save.php 项目: jackpf/ossim-arc
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$data['status'] = 'success';
$data['data'] = NULL;
$file = $_SESSION['_current_file'];
$sensor_id = POST('sensor_id');
$new_xml_data = $_POST['data'];
$token = POST('token');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (ossim_error()) {
    $data['status'] = 'error';
    $data['data'] = ossim_get_error_clean();
} else {
    if (!Token::verify('tk_f_rules', $token)) {
        $data['status'] = 'error';
        $data['data'] = Token::create_error_message();
示例#9
0
*   MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
****************************************************************************/
/**
* Class and Function List:
* Function list:
* Classes list:
*/
require_once 'classes/Session.inc';
require_once 'classes/Util.inc';
Session::logcheck("MenuPolicy", "PolicyHosts");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title> <?php 
echo gettext("OSSIM Framework");
?>
 </title>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
	<meta http-equiv="Pragma" CONTENT="no-cache"/>
	<link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>

<body>
示例#10
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("dashboard-menu", "ControlPanelExecutive");
$min_font_size = 10;
$max_font_size = 35;
$maximum_count = max(array_values($data));
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	<?php 
if (isset($widget_refresh) && $widget_refresh != 0) {
    echo '<meta http-equiv="refresh" content="' . $widget_refresh . '">';
}
?>
	
示例#11
0
/***********************************************************/
/* See the README.txt and/or help files for more           */
/* information on how to use & config.                     */
/* See the LICENSE.txt file for more information on the    */
/* License this software is distributed under.             */
/*                                                         */
/* This program is intended for use in an authorized       */
/* manner only, and the author can not be held liable for  */
/* anything done with this program, code, or items         */
/* discovered with this program's use.                     */
/***********************************************************/
require_once 'av_init.php';
require_once 'config.php';
require_once 'functions.inc';
require_once 'ossim_sql.inc';
Session::logcheck("environment-menu", "EventsVulnerabilities");
$pageTitle = "Lookup";
$getParams = array("disp", "id", "op", "nid", "lookup", "eventid", "org", "site", "showlive", "last30");
$db = new ossim_db();
$conn = $db->connect();
switch ($_SERVER['REQUEST_METHOD']) {
    case "GET":
        foreach ($getParams as $gp) {
            if (isset($_GET[$gp])) {
                ${$gp} = Util::htmlentities(escape_sql(trim($_GET[$gp]), $conn));
            } else {
                ${$gp} = "";
            }
        }
        break;
}
示例#12
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "ConfigurationUserActionLog");
$update = isset($_POST['update']) && POST('update') != '' ? true : false;
/* connect to db */
$db = new ossim_db();
$conn = $db->connect();
$status = true;
$ua_items = array();
$ua_logged = array();
$ua_not_logged = array();
if ($log_conf_list = Log_config::get_list($conn, "")) {
    foreach ($log_conf_list as $log_conf) {
        $descr = preg_replace('|%.*?%|', " ", $log_conf->get_descr());
        $descr = trim($descr) == '' ? _("Various") : $descr;
        $code = $log_conf->get_code();
        $ua_items[$code] = array("descr" => $descr, "log" => $log_conf->get_log());
        if ($log_conf->get_log()) {
示例#13
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "PolicyServers");
$validate = array("id" => array("validation" => "OSS_HEX", "e_message" => 'illegal:' . _("ID")), "sname" => array("validation" => "OSS_ALPHA, OSS_PUNC", "e_message" => 'illegal:' . _("Name")), "ip" => array("validation" => "OSS_IP_ADDR", "e_message" => 'illegal:' . _("Ip")), "port" => array("validation" => "OSS_PORT", "e_message" => 'illegal:' . _("Port number")), "descr" => array("validation" => "OSS_ALL, OSS_NULLABLE", "e_message" => 'illegal:' . _("Description")), "correlate" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Correlation")), "cross_correlate" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Cross Correlation")), "store" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Store")), "reputation" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Reputation")), "qualify" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Qualify")), "resend_alarms" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Resend Alarms")), "resend_events" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Resend Events")), "sign" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Sign")), "multi" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Multilevel")), "sem" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Log")), "sim" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Security Events")), "alarm_to_syslog" => array("validation" => "OSS_ALPHA, OSS_NULLABLE", "e_message" => 'illegal:' . _("Alarm to Syslog")), "remoteadmin" => array("validation" => "OSS_ALPHA, OSS_PUNC, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote Admin")), "remotepass" => array("validation" => "OSS_PASSWORD, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote Password")), "remoteurl" => array("validation" => "OSS_ALPHA, OSS_PUNC, OSS_NULLABLE", "e_message" => 'illegal:' . _("Remote URL")), "setssh" => array("validation" => "OSS_DIGIT, OSS_NULLABLE", "e_message" => 'illegal:' . _("setssh")));
if (GET('ajax_validation') == TRUE) {
    $data['status'] = 'OK';
    $validation_errors = array();
    if (GET('name') == 'rservers[]' && !empty($_GET['rservers'])) {
        $rservers = $_GET['rservers'];
        foreach ($rservers as $rserver) {
            $rserver = explode('@', $rserver);
            $fwr_ser = $rserver[0];
            $fwr_prio = $rserver[1];
            ossim_valid($fwr_ser, OSS_HEX, 'illegal:' . _("Forward Servers"));
            ossim_valid($fwr_prio, OSS_DIGIT, 'illegal:' . _("Forward Priority"));
            if (ossim_error()) {
                $validation_errors['rservers[]'] = ossim_get_error_clean();
                ossim_clean_error();
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
set_time_limit(180);
ini_set('memory_limit', '1024M');
ini_set('session.bug_compat_warn', 'off');
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsReport");
$by = GET('by');
ossim_valid($by, OSS_ALPHA, OSS_SPACE, OSS_SCORE, 'illegal:' . _("Target"));
if (ossim_error()) {
    die(ossim_error());
}
// Define colors
$color_list = array('#D6302C', '#3933FC', 'green', 'yellow', 'pink', '#40E0D0', '#00008B', '#800080', '#FFA500', '#A52A2A', '#228B22', '#D3D3D3');
$conf = $GLOBALS["CONF"];
$jpgraph = $conf->get_conf("jpgraph_path");
require "{$jpgraph}/jpgraph.php";
require "{$jpgraph}/jpgraph_bar.php";
$db = new ossim_db();
$conn = $db->connect();
$shared = new DBA_shared(GET('shared'));
if ($by == "ticketsByTypePerMonth") {
示例#15
0
*/
/*******************************************************************************
** OSSIM Forensics Console
** Copyright (C) 2009 OSSIM/AlienVault
** Copyright (C) 2004 BASE Project Team
** Copyright (C) 2000 Carnegie Mellon University
**
** (see the file 'base_main.php' for license details)
**
** Built upon work by Roman Danyliw <*****@*****.**>, <*****@*****.**>
** Built upon work by the BASE Project Team <*****@*****.**>
*/
/* OSSIM session */
if ($use_ossim_session) {
    require_once 'classes/Session.inc';
    Session::logcheck($ossim_acid_aco_section, $ossim_acid_aco, $ossim_login_path);
}
function GetSensorIDs($db)
{
    $result = $db->baseExecute("SELECT sid FROM sensor;");
    while ($myrow = $result->baseFetchRow()) {
        $sensor_ids[] = $myrow[0];
    }
    $result->baseFreeRows();
    return $sensor_ids;
}
function GetSensorName($sid, $db)
{
    $name = "";
    $multiple = preg_match("/\\,/", $sid) ? true : false;
    if ($multiple) {
示例#16
0
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
require_once 'av_init.php';
$m_perms = array('analysis-menu', 'analysis-menu');
$sm_perms = array('EventsForensics', 'ControlPanelAlarms');
Session::logcheck($m_perms, $sm_perms);
list($ip, $ctx) = explode('-', GET('ip'));
ossim_valid($ip, OSS_IP_ADDR_0, 'illegal:' . _('Ip'));
ossim_valid($ctx, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Ctx'));
// Maybe nullable from Logger resolves
if (ossim_error()) {
    die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
$net = array_shift(Asset_host::get_closest_net($conn, $ip, $ctx));
if (is_array($net)) {
    if ($net['icon'] != '') {
        echo "<img class='asset_icon w16' src='data:image/png;base64," . base64_encode($net['icon']) . "' border='0'/> ";
    }
    echo '<strong>' . $net['name'] . '</strong> (' . $net['ips'] . ')';
示例#17
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "CorrelationDirectives");
$directive_id = GET('directive_id');
$file = GET('file');
$engine_id = GET('engine_id');
$rule = GET('rule');
$mode = GET('mode');
ossim_valid($directive_id, OSS_DIGIT, 'illegal:' . _("Directive ID"));
ossim_valid($file, OSS_ALPHA, OSS_DOT, OSS_SCORE, 'illegal:' . _("XML File"));
ossim_valid($engine_id, OSS_HEX, OSS_SCORE, 'illegal:' . _("Engine ID"));
ossim_valid($rule, OSS_DIGIT, '\\-', OSS_NULLABLE, 'illegal:' . _("Rule ID"));
ossim_valid($mode, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Mode"));
if (ossim_error()) {
    die(ossim_error());
}
$directive_editor = new Directive_editor($engine_id);
$filepath = file_exists($directive_editor->engine_path . "/" . $file) ? $directive_editor->engine_path . "/" . $file : $directive_editor->main_path . "/" . $file;
示例#18
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "PolicyPolicy");
require_once 'policy_common.php';
?>

<html>
<head>

  <title> <?php 
echo _("OSSIM Framework");
?>
 </title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
  <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
  
  <link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php 
echo Util::get_css_id();
示例#19
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "Osvdb");
$sintax = new KDB_Sintax();
$labels_condition = $sintax->_labels_condition;
$labels_actions = $sintax->_labels_actions;
$labels_operators = $sintax->_labels_operators;
$labels_variables = $sintax->_labels_variables;
$labels_sections = $sintax->_labels_sections;
$title_desc = _('Description');
$title_example = _('Example');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title> <?php 
echo gettext("OSSIM Framework");
?>
示例#20
0
 *
 *
 * On Debian GNU/Linux systems, the complete text of the GNU General
 * Public License can be found in `/usr/share/common-licenses/GPL-2'.
 *
 * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
 *
 * @package    ossim-framework\Assets
 * @autor      AlienVault INC
 * @license    http://www.gnu.org/licenses/gpl-2.0.txt
 * @copyright  2003-2006 ossim.net
 * @copyright  2007-2013 AlienVault
 * @link       https://www.alienvault.com/
 */
require_once 'av_init.php';
Session::logcheck("environment-menu", "PolicyHosts");
// Close session write for real background loading
session_write_close();
$group_id = GET('group_id');
$asset_type = GET('asset_type');
$maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 15;
$search_str = POST('sSearch') != '' ? POST('sSearch') : '';
$from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0;
$order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : '';
$torder = POST('sSortDir_0');
$sec = POST('sEcho');
switch ($order) {
    case 0:
        $order = 'hostname';
        break;
        /*
示例#21
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("environment-menu", "ReportsWireless");
require_once 'Wireless.inc';
$sensor = GET('sensor');
$file = str_replace("../", "", GET('file'));
ossim_valid($sensor, OSS_IP_ADDR, 'illegal: sensor');
ossim_valid($file, OSS_TEXT, 'illegal: file');
if (ossim_error()) {
    die(ossim_error());
}
# sensor list with perms
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
if (!validate_sensor_perms($conn, $sensor, ", sensor_properties WHERE sensor.id=sensor_properties.sensor_id AND sensor_properties.has_kismet=1")) {
    echo ossim_error($_SESSION["_user"] . " have not privileges for {$sensor}");
    $db->close();
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("analysis-menu", "IncidentsIncidents");
$id = GET('id');
$incident_id = GET('incident_id');
ossim_valid($id, OSS_DIGIT, 'illegal:' . _("Id"));
ossim_valid($incident_id, OSS_DIGIT, 'illegal:' . _("Incident Id"));
if (ossim_error()) {
    die(ossim_error());
}
/* database connect */
$db = new ossim_db();
$conn = $db->connect();
list($output_name, $content) = Incident::get_custom_content($conn, $id, $incident_id);
$conn->disconnect();
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
示例#23
0
/* http://inprotect.sourceforge.net/                       */
/***********************************************************/
/* See the README.txt and/or help files for more           */
/* information on how to use & config.                     */
/* See the LICENSE.txt file for more information on the    */
/* License this software is distributed under.             */
/*                                                         */
/* This program is intended for use in an authorized       */
/* manner only, and the author can not be held liable for  */
/* anything done with this program, code, or items         */
/* discovered with this program's use.                     */
/***********************************************************/
require_once 'av_init.php';
require_once 'config.php';
require_once 'functions.inc';
Session::logcheck('environment-menu', 'EventsVulnerabilitiesScan');
$db = new ossim_db();
$conn = $db->connect();
$conn->SetFetchMode(ADODB_FETCH_BOTH);
// check the number of plugins
$query = 'select count(*) as total_plugins from vuln_nessus_plugins';
$result = $conn->execute($query);
if ($result->fields['total_plugins'] == 0) {
    die('<h2>Please run updateplugins.pl script first before using web interface.</h2>');
}
$tz = Util::get_timezone();
$force = FALSE;
$close = FALSE;
// get parameters
$parameters = array('action', 'job_name', 'targets', 'schedule_type', 'ROYEAR', 'ROMONTH', 'ROday', 'time_hour', 'time_min', 'dayofweek', 'dayofmonth', 'timeout', 'SVRid', 'sid', 'targets', 'job_id', 'sched_id', 'user', 'entity', 'hosts_alive', 'scan_locally', 'nthweekday', 'nthdayofweek', 'time_interval', 'biyear', 'bimonth', 'biday', 'not_resolve', 'send_email', 'ssh_credential', 'smb_credential', 'hosts_alive', '$scan_locally', 'not_resolve', 'type', 'total_assets');
foreach ($parameters as $variable) {
示例#24
0
     $rg = $conn->CacheExecute($sqlgraph);
     if (!$rg) {
         print $conn->ErrorMsg();
     } else {
         while (!$rg->EOF) {
             $data[] = $rg->fields["num_events"];
             $label[] = inet_ntop($rg->fields["name"]);
             $links[] = $forensic_link . '&ip_addr[0][0]=+&ip_addr[0][1]=ip_src&ip_addr[0][2]=%3D&ip_addr[0][3]=' . inet_ntop($rg->fields["name"]) . '&ip_addr[0][8]=+&ip_addr[0][9]=+&ip_addr_cnt=1';
             $rg->MoveNext();
         }
     }
     $colors = get_widget_colors(count($data));
     break;
 case "alarms":
     //Checking if we have permissions to go through this section
     Session::logcheck("analysis-menu", "ControlPanelAlarms");
     //Filters of sensors.
     list($ajoin, $awhere) = Security_report::make_where_alarm($conn, '', '', array(), $assets_filters);
     $awhere = preg_replace('/AND \\(a\\.timestamp.*/', '', $awhere);
     //Limit of alarms to show in the widget.
     $limit = $chart_info['top'] != '' ? $chart_info['top'] : 5;
     //Sql Query
     //TO DO: Use parameters in the query.
     $sqlgraph = "select count(*) as num_events,p.name from alienvault.plugin_sid p, alienvault.alarm a {$ajoin} WHERE p.plugin_id=a.plugin_id AND p.sid=a.plugin_sid {$awhere} group by p.name order by num_events desc limit {$limit}";
     $rg = $conn->CacheExecute($sqlgraph);
     if (!$rg) {
         print $conn->ErrorMsg();
     } else {
         while (!$rg->EOF) {
             $data[] = $rg->fields["num_events"];
             $name = Util::signaturefilter($rg->fields["name"]);
示例#25
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("report-menu", "ReportsReportServer");
$year = GET('year') != "" ? intval(GET('year')) : date("Y");
$user = Session::get_session_user();
// define colors
define('COLOR1', '#D6302C');
define('COLOR2', '#3933FC');
define('COLOR3', 'green');
define('COLOR4', 'yellow');
define('COLOR5', 'pink');
define('COLOR6', '#40E0D0');
define('COLOR7', '#00008B');
define('COLOR8', '#800080');
define('COLOR9', '#FFA500');
define('COLOR10', '#A52A2A');
define('COLOR11', '#228B22');
define('COLOR12', '#D3D3D3');
示例#26
0
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
require_once 'os_report_common.php';
Session::logcheck('report-menu', 'ReportsReportServer');
$action = POST('action');
$data = POST('data');
if ($action == 'check_file') {
    $data = explode('###', base64_decode($data));
    $report_name = trim($data[0]);
    $filename = trim($data[1]);
    ossim_valid($report_name, OSS_SCORE, OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Report name'));
    if (ossim_error()) {
        echo 'error###' . ossim_get_error_clean();
        exit;
    }
    // Init PDF Report
    $pdfReport = new Pdf_report($report_name, 'P', 'A4', NULL, FALSE);
    if (isset($filename) && !empty($filename)) {
        ossim_valid($filename, OSS_FILENAME, 'illegal:' . _('Filename'));
示例#27
0
/*                                                         */
/* This program is intended for use in an authorized       */
/* manner only, and the author can not be held liable for  */
/* anything done with this program, code, or items         */
/* discovered with this program's use.                     */
/***********************************************************/
require_once 'classes/Session.inc';
require_once 'ossim_conf.inc';
require_once 'classes/OMP.inc';
require_once 'classes/Util.inc';
require_once 'functions.inc';
$conf = $GLOBALS["CONF"];
$version = $conf->get_conf("ossim_server_version", FALSE);
$nessus_path = $conf->get_conf("nessus_path", FALSE);
$pro = preg_match("/pro|demo/i", $version) ? true : false;
Session::logcheck("MenuEvents", "EventsVulnerabilities");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <title> <?php 
echo gettext("Vulnmeter");
?>
 </title>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
	<meta http-equiv="Pragma" content="no-cache">
	<link rel="stylesheet" type="text/css" href="../style/style.css"/>
	<script type="text/javascript" src="../js/jquery-1.3.2.min.js"></script>
	<script type="text/javascript" src="../js/jquery.simpletip.js"></script>
	<script type="text/javascript" src="../js/vulnmeter.js"></script>
	<?php 
示例#28
0
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
include_once 'riskmaps_functions.php';
Session::logcheck('dashboard-menu', 'BusinessProcesses');
$infolog = array('Indicator Risk Maps');
Log_action::log(49, $infolog);
if (!Session::menu_perms('dashboard-menu', 'BusinessProcessesEdit')) {
    echo ossim_error(_("You don't have permissions to edit risk indicators"));
    exit;
}
$data = array('status' => 'success', 'data' => '');
$db = new ossim_db();
$conn = $db->connect();
$map = GET('map');
$ri_positions = GET('data');
$name = GET('alarm_name');
$icon = GET('icon');
$url = GET('url');
$ri_id = GET('id');
示例#29
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'PolicyServers');
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
$ip = GET('ip');
$sname = GET('name');
$update = intval(GET('update'));
$opensource = Session::is_pro() ? FALSE : TRUE;
$mssp = intval($conf->get_conf("alienvault_mssp"));
$local_id = $conf->get_conf("server_id");
ossim_valid($ip, OSS_IP_ADDR, OSS_NULLABLE, 'illegal:' . _('Server IP'));
ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Server Name'));
ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Server ID'));
if (ossim_error()) {
    die(ossim_error());
}
示例#30
0
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA  02110-1301  USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("environment-menu", "PolicyNetworks");
$validate = array('ngname' => array('validation' => 'OSS_NOECHARS, OSS_ALPHA, OSS_PUNC', 'e_message' => 'illegal:' . _('Group Name')), 'descr' => array('validation' => 'OSS_NULLABLE, OSS_ALL', 'e_message' => 'illegal:' . _('Description')), 'ctx' => array('validation' => 'OSS_HEX', 'e_message' => 'illegal:' . _('Entity')), 'nets[]' => array('validation' => 'OSS_ALPHA', 'e_message' => 'illegal:' . _('Networks')), 'rrd_profile' => array('validation' => 'OSS_ALPHA, OSS_NULLABLE, OSS_PUNC', 'e_message' => 'illegal:' . _('RRD Profile')), 'nagios' => array('validation' => 'OSS_NULLABLE, OSS_DIGIT', 'e_message' => 'illegal:' . _('Availability Monitoring')));
if (GET('ajax_validation') == TRUE) {
    $data['status'] = 'OK';
    $validation_errors = validate_form_fields('GET', $validate);
    if (is_array($validation_errors) && !empty($validation_errors)) {
        $data['status'] = 'error';
        $data['data'] = $validation_errors;
    }
    echo json_encode($data);
    exit;
}
if (!isset($_POST['ajax_validation_all']) || POST('ajax_validation_all') == FALSE) {
    if (!Token::verify('tk_ng_form', POST('token'))) {
        Token::show_error();
        exit;