require_once 'av_init.php';
if (!Session::am_i_admin()) {
$error = _("You do not have permission to see this section");
Util::response_bad_request($error);
}
// Close session write for real background loading
session_write_close();
/**
Job ID is optional, when empty we must lookup for any backup job (Pending in the API)
*/
$job_id = POST('job_id');
$system_id = POST('system_id');
ossim_valid($job_id, OSS_UUID, OSS_NULLABLE, 'illegal: Job ID');
ossim_valid($system_id, OSS_UUID, 'illegal: System ID');
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
$backup_list = array();
$data = array();
try {
$backup_object = new Av_backup($system_id, 'configuration');
$backup_status = $backup_object->get_backup_status($job_id);
} catch (Exception $e) {
$exp_msg = $e->getMessage();
Util::response_bad_request($exp_msg);
}
$response['status'] = 'success';
$response['data'] = $backup_status;
echo json_encode($response);
/* End of file get_backup_status.php */
/* Location: /av_backup/providers/get_backup_status.php */
}
break;
case 'download_backup':
//Validate Form token
$token = POST('token');
if (Token::verify('tk_backup_action', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$validate = array('system_id' => array('validation' => 'OSS_UUID', 'e_message' => 'illegal:' . _('System ID')), 'backup_file' => array('validation' => 'OSS_ALPHA, OSS_SCORE, OSS_DOT', 'e_message' => 'illegal:' . _('Backup File')));
$system_id = POST('system_id');
$backup_file = POST('backup_file');
$validation_errors = validate_form_fields('POST', $validate);
if (!empty($validation_errors)) {
Util::response_bad_request(_('Validation error - unable to download backup file. Please try again.'));
} else {
try {
$backup_object = new Av_backup($system_id, 'configuration');
$download_response = $backup_object->download_backup($backup_file);
$data['status'] = 'success';
$data['data']['msg'] = _('Backup file is ready for download.');
$data['data']['job_id'] = $download_response['job_id'];
} catch (Exception $e) {
Util::response_bad_request(_('An API error occurred - backup could not be downloaded. Please try again.'));
}
}
break;
}
echo json_encode($data);
/* End of file backup_actions.php */
/* Location: /av_backup/controllers/backup_actions.php */
/**
* @param $conn
* @param $asset_id
*
* @return array
*/
function get_asset_tags($conn, $asset_id)
{
if (!Asset_host::is_allowed($conn, $asset_id)) {
$error = _('Asset Not Allowed');
Util::response_bad_request($error);
}
return get_tags($conn, $asset_id);
}
function check_ossim_error($throw_excep = TRUE)
{
if (ossim_error()) {
$error = ossim_get_error();
ossim_clean_error();
if ($throw_excep) {
Av_exception::throw_error(Av_exception::USER_ERROR, $error);
} else {
Util::response_bad_request($error);
}
}
}
function get_asset_groups($conn, $asset_id)
{
if (!Asset_host::is_allowed($conn, $asset_id)) {
$error = _('Asset Not Allowed');
Util::response_bad_request($error);
}
try {
$asset = Asset_host::get_object($conn, $asset_id);
$num = $asset->get_num_group($conn);
} catch (Exception $e) {
$num = '-';
}
return $num;
}
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('environment-menu', 'PolicyHosts');
session_write_close();
/****************************************************
****************** POST validation *****************
****************************************************/
$validate = array('is_editable' => array('validation' => 'OSS_LETTER, OSS_SCORE', 'e_message' => 'illegal:' . _('Edit permission')));
$is_editable = POST('is_editable');
$validation_errors = validate_form_fields('POST', $validate);
if (!empty($validation_errors)) {
Util::response_bad_request(_('Tab could not be loaded'));
}
?>
<div id="tsw_container">
<?php
if ($is_editable != 'no') {
?>
<div id='tsw_av_info'></div>
<div class='swf_container'>
<form method="POST" name="software_form" id="software_form" action="" enctype="multipart/form-data">
<fieldset>
<legend><?php
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyHosts');
session_write_close();
$validate = array('asset_type' => array('validation' => 'OSS_LETTER', 'e_message' => 'illegal:' . _('Asset Type')));
$asset_type = POST('asset_type');
$validation_errors = validate_form_fields('POST', $validate);
if (!empty($validation_errors)) {
Util::response_bad_request(_('Sorry, asset data was not loaded due to a validation error'));
}
$db = new ossim_db();
$conn = $db->connect();
$ctx = Asset_host::get_common_ctx($conn);
if (!empty($ctx)) {
$ctx_name = Session::get_entity_name($conn, $ctx);
$ctx_name = Util::utf8_encode2($ctx_name);
//Check asset context
$ext_ctxs = Session::get_external_ctxs($conn);
if (!empty($ext_ctxs[$ctx])) {
// CTX is external, this CTX could not be edited
$ctx = NULL;
} else {
//Server related to CTX
$server_obj = Server::get_server_by_ctx($conn, $ctx);
$total_deployed++;
}
}
if ($total_deployed == $total_windows) {
$data = array('status' => 'success', 'data' => _('Deployment job/s scheduled successfully.
<br/>Check out the <span class="bold" id="go_to_mc">Message Center</span> for more details'));
} else {
if ($total_deployed == 0) {
$data = array('status' => 'warning', 'data' => _('Unable to deploy HIDS agents due to an internal error. Please try again'), 'stats' => $deployment_stats);
} else {
$total_not_deployed = $total_windows - $total_deployed;
$data = array('status' => 'warning', 'data' => sprintf(_('Unable to deploy HIDS agents to %s assets.
<br/>Please check the <span class="bold" id="go_to_mc">Message Center</span> for details of other jobs'), $total_not_deployed), 'stats' => $deployment_stats);
}
}
} else {
$data = array('status' => 'error', 'data' => _('Unable to deploy HIDS agents due to an internal error. Please try again'));
}
} catch (Exception $e) {
$db->close();
if (preg_match('/^Warning!/', $e->getMessage())) {
$error_msg = '<div style="padding-left:10px">' . $e->getMessage() . '</div>';
} else {
$error_msg = '<div style="padding-left:5px">' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px 5px 5px 15px;'>" . $e->getMessage() . '</div>';
}
Util::response_bad_request($error_msg);
}
break;
}
$db->close();
echo json_encode($data);
}
$class_name = $asset_types[$asset_type];
// Check Asset Permission
if (method_exists($class_name, 'is_allowed') && !$class_name::is_allowed($conn, $asset_id)) {
$error = sprintf(_('Error! %s is not allowed'), ucwords($asset_type));
Av_exception::throw_error(Av_exception::USER_ERROR, $error);
}
$asset_object = $class_name::get_object($conn, $asset_id);
list($availability_value, $availability_level) = $asset_object->get_availability($conn);
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information'));
}
} catch (Exception $e) {
$db->close();
$error = _('Impossible to load the asset info') . ': ' . $e->getMessage();
Util::response_bad_request($error);
}
switch ($availability_level) {
case 1:
if ($asset_type == 'asset') {
$tooltip = _("Availability status for this asset is up.");
} else {
$tooltip = _("Availability status is up for 95-100%% of assets in this %s.");
}
break;
case 2:
if ($asset_type == 'asset') {
$tooltip = _("Availability status for this asset is unreachable.");
} else {
$tooltip = _("Availability status is up for 75-95%% of assets in this %s.");
}
array_push($parameters, $v_data['e_message']);
call_user_func_array('ossim_valid', $parameters);
if (ossim_error()) {
$exp_msg = ossim_get_error();
Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg);
}
}
//Update Nagios
$parameters = array();
$parameters = array_values($s_data);
//Adding BD connection
array_unshift($parameters, $conn);
call_user_func_array($p_function, $parameters);
} catch (Exception $e) {
$data['status'] = 'error';
}
}
}
if ($data['status'] == 'error') {
$db->close();
Util::response_bad_request(_('Some of your changes could not be saved'));
}
//Add host to nagios
Asset_host_scan::save_plugin_in_db($conn, $asset_id, 2007);
//report changes
Asset_host::report_changes($conn, 'hosts');
}
$db->close();
break;
}
echo json_encode($data);
$e_message = _('Error! Operation cannot be completed');
switch ($action) {
case 'enable_scan':
$e_message = _('Error! Task could not be enabled');
$parameters = array($conn, $task_id);
$function = 'Inventory::toggle_scan';
case 'disable_scan':
$e_message = _('Error! Task could not be disabled');
$parameters = array($conn, $task_id);
$function = 'Inventory::toggle_scan';
break;
case 'delete_scan':
$e_message = _('Error! Task could not be deleted');
$parameters = array($conn, $task_id);
$function = 'Inventory::delete';
break;
}
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
//Formatted message
$error_msg = '<div>' . _('The following errors occurred') . ":</div>\n <div style='padding: 5px;'>" . implode('<br/>', $validation_errors) . '</div>';
Av_exception::throw_error(Av_exception::USER_ERROR, $error_msg);
} else {
call_user_func_array($function, $parameters);
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e_message . ': ' . $e->getMessage());
}
$db->close();
echo json_encode($data);
$asset_group = new Asset_group($group_id);
$asset_group->save_assets_from_search($conn);
$db->close();
$data['status'] = 'success';
$data['data'] = sprintf(_("%s assets have been added to group"), $num_assets);
} catch (Exception $e) {
Util::response_bad_request(_('Error! Selected assets could not be added') . ': ' . $e->getMessage());
}
}
break;
case 'delete_assets':
$group_id = POST('asset_id');
if (!valid_hex32($group_id)) {
Util::response_bad_request(_('Error! Asset group ID not allowed. Selected assets could not be removed'));
} else {
try {
$db = new ossim_db();
$conn = $db->connect();
$num_assets = Filter_list::get_total_selection($conn, 'asset');
$asset_group = new Asset_group($group_id);
$asset_group->delete_selected_assets($conn);
$db->close();
$data['status'] = 'success';
$data['data'] = sprintf(_("%s assets have been deleted from group"), $num_assets);
} catch (Exception $e) {
Util::response_bad_request(_('Error! Selected assets could not be deleted') . ': ' . $e->getMessage());
}
}
break;
}
echo json_encode($data);
if (Token::verify('tk_net_form', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
switch ($action) {
case 'delete_net':
$net_id = POST('asset_id');
if (!valid_hex32($net_id)) {
Util::response_bad_request(_('Error! Network ID not allowed. Network could not be deleted'));
}
$db = new ossim_db();
$conn = $db->connect();
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
$db->close();
if ($can_i_modify_ips == FALSE) {
Util::response_bad_request(_('Error! Network ID not allowed. Network could not be deleted'));
}
try {
$db = new ossim_db();
$conn = $db->connect();
Asset_net::delete_from_db($conn, $net_id, TRUE);
$db->close();
$data['status'] = 'success';
$data['data'] = sprintf(_('Network has been permanently deleted from %s'), $app_name);
} catch (Exception $e) {
Util::response_bad_request(_('Error! Network could not be deleted') . ': ' . $e->getMessage());
}
break;
}
echo json_encode($data);
// Close session write for real background loading
session_write_close();
$maxrows = POST('iDisplayLength') != '' ? POST('iDisplayLength') : 8;
$from = POST('iDisplayStart') != '' ? POST('iDisplayStart') : 0;
$order = POST('iSortCol_0') != '' ? POST('iSortCol_0') : '';
$torder = POST('sSortDir_0');
$search_str = POST('sSearch') != '' ? POST('sSearch') : '';
$sec = POST('sEcho');
ossim_valid($maxrows, OSS_DIGIT, 'illegal: iDisplayLength');
ossim_valid($from, OSS_DIGIT, 'illegal: iDisplayStart');
ossim_valid($order, OSS_ALPHA, 'illegal: iSortCol_0');
ossim_valid($torder, OSS_LETTER, 'illegal: sSortDir_0');
ossim_valid($search_str, OSS_INPUT, OSS_NULLABLE, 'illegal: sSearch');
ossim_valid($sec, OSS_DIGIT, 'illegal: sEcho');
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
$db = new ossim_db();
$conn = $db->connect();
// Order by column
$orders_by_columns = array('1' => 'banner', '2' => 'source_name');
if (array_key_exists($order, $orders_by_columns)) {
$order = $orders_by_columns[$order];
} else {
$order = 'banner';
}
// Property filter
$filters = array('where' => "`cpe` LIKE 'cpe:/a%'", 'limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}");
if ($search_str != '') {
$search_str = escape_sql($search_str, $conn);
$filters['where'] .= ' AND (banner LIKE "%' . $search_str . '%" OR cpe LIKE "%' . $search_str . '%")';
function get_pulse_summary()
{
session_write_close();
$otx = new Otx();
//This exception is an special exception to handle when OTX is not registered.
try {
$stats = $otx->get_pulse_stats();
} catch (Exception $e) {
if (preg_match('/OTX is not activated/', $e->getMessage())) {
Util::response_bad_request('OTX_NOT_ACTIVE');
} else {
Util::response_bad_request($e->getMessage());
}
}
return $stats;
}
} else {
$order = "lr.risk";
}
// Property filter
$filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}");
if ($search_str != '') {
$search_str = escape_sql($search_str, $conn);
$filters['where'] = 'p.name LIKE "%' . $search_str . '%"';
}
list($vulns, $total) = $asset_object->get_vulnerabilities($conn, '', $filters);
} else {
Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information'));
}
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
// DATA
$data = array();
foreach ($vulns as $_asset_id => $asset_vulns) {
$_host_aux = Asset_host::get_object($conn, $_asset_id);
foreach ($asset_vulns as $vuln) {
$_host = $class_name == 'asset_host' ? $vuln['ip'] : $_host_aux->get_name() . " (" . $_host_aux->get_ips()->get_ips('string') . ")";
$data[] = array(date("Y-m-d H:i:s", strtotime($vuln['date'])), $_host, $vuln['plugin'], $vuln['plugin_id'], $vuln['service'], Vulnerabilities::get_severity_by_risk($vuln['risk']));
}
}
$response['sEcho'] = $sec;
$response['iTotalRecords'] = $total;
$response['iTotalDisplayRecords'] = $total;
$response['aaData'] = $data;
echo json_encode($response);
break;
case 'get_agentless_status':
$validate = array('sensor' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor')));
break;
}
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
$error_message = _('The following errors occurred') . ": <br/>" . implode("<br/>", $validation_errors);
Util::response_bad_request($error_message);
}
$data = array();
$data['status'] = 'success';
switch ($action) {
case 'get_agentless_status':
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
Util::response_bad_request(_('Error! Sensor not allowed'));
} else {
$sensor_status = Ossec_control::execute_action($sensor_id, 'status');
$data['data']['status'] = $sensor_status['service_status']['agentless'];
$data['data']['reload'] = file_exists("/var/tmp/.reload_{$sensor_id}") ? 'reload_red' : 'reload';
//Logged user
$user = Session::get_session_user();
//Error file
$agenteless_error_log = "/var/tmp/_agentless_error_{$user}" . '.log';
if (file_exists($agenteless_error_log)) {
$msgs = file($agenteless_error_log);
$data['data']['log'] = '';
foreach ($msgs as $msg) {
if (trim($msg) == '') {
continue;
}