function nmap_scan_results() { if (!is_file("/etc/artica-postfix/nmap.map")) { return; } $f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map")); while (list($index, $ligne) = each($f)) { if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) { $ipaddr = $re[2]; $computer[$ipaddr]["IPADDR"] = $re[2]; $computer[$ipaddr]["HOSTNAME"] = trim($re[1]); $LOGS[] = "Found {$ipaddr} hostname= {$re[1]}"; continue; } if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) { $ipaddr = $re[1]; $computer[$ipaddr]["IPADDR"] = $re[1]; $LOGS[] = "Found {$ipaddr} without computername "; continue; } if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) { if (isset($MACSSCAN[trim($re[1])])) { continue; } $computer[$ipaddr]["MAC"] = trim($re[1]); $LOGS[] = "Found {$ipaddr} with mac {$re[1]} "; $MACSSCAN[trim($re[1])] = true; continue; } if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) { if (isset($MACSSCAN[trim($re[1])])) { continue; } $MACSSCAN[trim($re[1])] = true; $computer[$ipaddr]["MAC"] = trim($re[1]); $computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]); $LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}"; continue; } if (preg_match("#^Running:(.+)#", $ligne, $re)) { $computer[$ipaddr]["RUNNING"] = trim($re[1]); continue; } if (preg_match("#^OS details:(.+)#", $ligne, $re)) { $LOGS[] = "Found {$ipaddr} with OS {$re[1]}"; $computer[$ipaddr]["OS"] = trim($re[1]); continue; } } nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS)); $c = 0; while (list($ipaddr, $array) = each($computer)) { if (isset($already[$mac])) { continue; } $mac = trim($array["MAC"]); if ($mac == null) { continue; } $c++; $already[$mac] = true; $ldap_ipaddr = null; $ComputerRealName = null; $uid = null; $RAISON = array(); if (!isset($array["HOSTNAME"])) { $array["HOSTNAME"] = null; } if (!isset($array["OS"])) { $array["OS"] = null; } if (!isset($array["RUNNING"])) { $array["RUNNING"] = null; } if (!isset($array["MACHINE_TYPE"])) { $array["MACHINE_TYPE"] = null; } $cmp = new computers(null); $uid = $cmp->ComputerIDFromMAC($mac); if ($uid != null) { if ($GLOBALS["VERBOSE"]) { echo "{$mac} = {$uid}\n"; } $cmp = new computers($uid); $ldap_ipaddr = $cmp->ComputerIP; $ComputerRealName = $cmp->ComputerRealName; if ($GLOBALS["VERBOSE"]) { echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}"; } if ($array["HOSTNAME"] != null) { $EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$"; if ($EXPECTED_UID != $uid) { $RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}"; nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); $cmp->update_uid($EXPECTED_UID); } } if ($ldap_ipaddr != $ipaddr) { writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__); $RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}"; $RAISON[] = "DN: {$cmp->dn}"; $RAISON[] = "UID: {$cmp->uid}"; $RAISON[] = "MAC: {$cmp->ComputerMacAddress}"; if (!$cmp->update_ipaddr($ipaddr)) { $RAISON[] = "ERROR:{$cmp->ldap_last_error}"; } nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); } if ($array["OS"] != null) { if (strtolower($cmp->ComputerOS == "Unknown")) { $cmp->ComputerOS = null; } if ($cmp->ComputerOS == null) { $RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}"; nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); $cmp->update_OS($array["OS"]); } } } else { if ($array["HOSTNAME"] != null) { $uid = "{$array["HOSTNAME"]}\$"; } else { $uid = "{$ipaddr}\$"; } nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}"); $cmp = new computers(); $cmp->ComputerIP = $ipaddr; $cmp->ComputerMacAddress = $mac; $cmp->uid = "{$uid}"; $cmp->ComputerOS = $array["OS"]; $cmp->ComputerRunning = $array["RUNNING"]; $cmp->ComputerMachineType = $array["MACHINE_TYPE"]; $cmp->Add(); } } nmap_logs("{$c} hosts analyzed in databases"); @unlink("/etc/artica-postfix/nmap.map"); //print_r($computer); }
function computer_list() { $tofindorg = $_POST["query"]; $tpl = new templates(); $_GET["tofind"] = $_POST["query"]; $MyPage = CurrentPageName(); if ($_GET["tofind"] == '*') { $_GET["tofind"] = null; } if ($_GET["tofind"] == null) { $tofind = "*"; } else { $tofind = "*{$_GET["tofind"]}*"; } $tofind = str_replace("**", "*", $tofind); $filter_search = "(&(objectClass=ArticaComputerInfos)(|(cn={$tofind})(ComputerIP={$tofind})(uid={$tofind}))(gecos=computer))"; $ldap = new clladp(); $attrs = array("uid", "ComputerIP", "ComputerOS", "ComputerMachineType", "ComputerMacAddress"); $dn = "{$ldap->suffix}"; $hash = $ldap->Ldap_search($dn, $filter_search, $attrs, $_POST["rp"]); if (IsPhysicalAddress($tofindorg)) { $tofind = strtolower($tofindorg); $tofind = str_replace('-', ":", $tofind); $patternMac = "(&(objectclass=posixAccount)(ComputerMacAddress={$tofind}))"; $hash2 = $ldap->Ldap_search($dn, $patternMac, $attrs, $_POST["rp"]); } $spanStyle = "<span style='font-size:14px;font-weight:bold'>"; $data['page'] = 1; $data['total'] = $hash["count"]; $data['rows'] = array(); $c = 0; $unknown = $tpl->_ENGINE_parse_body("{unknown}"); for ($i = 0; $i < $hash["count"]; $i++) { $realuid = $hash[$i]["uid"][0]; $hash[$i]["uid"][0] = str_replace('$', '', $hash[$i]["uid"][0]); $js = MEMBER_JS($realuid, 1); $Alreadyrealuid[$realuid] = true; if ($_GET["mode"] == "dansguardian-ip-group") { $js_add = "<td width=1%>" . imgtootltip('add-18.png', "{add_computer}", "AddComputerToDansGuardian('{$realuid}','{$_GET["value"]}')") . "</td>"; } if ($_GET["mode"] == "selection") { $js = "{$_GET["callback"]}('{$realuid}');"; } $ip = $hash[$i][strtolower("ComputerIP")][0]; $os = $hash[$i][strtolower("ComputerOS")][0]; $type = $hash[$i][strtolower("ComputerMachineType")][0]; $name = $hash[$i]["uid"][0]; if ($os == "Unknown") { if ($type != "Unknown") { $os = $type; } } $js = str_replace("javascript:", '', $js); $md5S = md5(serialize($hash[$i])); if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ip)) { $ip = gethostbyname($hash[$i]["uid"][0]); if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ip)) { $ip = $unknown; } else { $computer = new computers($realuid); $computer->update_ipaddr($ip); } } if ($os == "UnKnown") { $os = $unknown; } $c++; $delete = imgsimple("delete-24.png", null, "Loadjs('{$MyPage}?computer-delete-js=yes&uid={$realuid}&id={$md5S}')"); $data['rows'][] = array('id' => $md5S, 'cell' => array("<img src='img/computer-32.png'>", "<a href='#' OnClick=\"javascript:{$js}\" style='font-size:14px;text-decoration:underline;font-weight:bold'>{$name}</a>", "{$spanStyle}{$ip}</span>", "{$spanStyle}{$os}</span>", $delete)); } if (is_array($hash2)) { for ($i = 0; $i < $hash2["count"]; $i++) { $realuid = $hash2[$i]["uid"][0]; if (isset($Alreadyrealuid[$realuid])) { continue; } $hash2[$i]["uid"][0] = str_replace('$', '', $hash2[$i]["uid"][0]); $js = MEMBER_JS($realuid, 1); $Alreadyrealuid[$realuid] = true; if ($_GET["mode"] == "dansguardian-ip-group") { $js_add = "<td width=1%>" . imgtootltip('add-18.png', "{add_computer}", "AddComputerToDansGuardian('{$realuid}','{$_GET["value"]}')") . "</td>"; } if ($_GET["mode"] == "selection") { $js = "{$_GET["callback"]}('{$realuid}');"; } $ip = $hash2[$i][strtolower("ComputerIP")][0]; $os = $hash2[$i][strtolower("ComputerOS")][0]; $type = $hash2[$i][strtolower("ComputerMachineType")][0]; $name = $hash2[$i]["uid"][0]; if (strlen($name) > 25) { $name = substr($name, 0, 23) . "..."; } if ($os == "Unknown") { if ($type != "Unknown") { $os = $type; } } if (strlen($os) > 20) { $os = texttooltip(substr($os, 0, 17) . '...', $os, null, null, 1); } if (strlen($ip) > 20) { $ip = texttooltip(substr($ip, 0, 17) . '...', $ip, null, null, 1); } $js = str_replace("javascript:", '', $js); $md5S = md5(serialize($hash2[$i])); $delete = imgsimple("delete-24.png", null, "Loadjs('{$MyPage}?computer-delete-js=yes&uid={$realuid}&id={$md5S}');"); $c++; $data['rows'][] = array('id' => $md5S, 'cell' => array("<img src='img/computer-32.png'>", "<a href='#' OnClick=\"javascript:{$js}\" style='font-size:13px;text-decoration:underline'>{$name}</a>", "{$spanStyle}{$ip}</span>", "{$spanStyle}{$os}</span>", $delete)); } } $data['total'] = $c; if ($c == 0) { json_error_show("no item"); } echo json_encode($data); }
function nmap_scan_results() { if (!is_file("/etc/artica-postfix/nmap.map")) { return; } $f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map")); $ipaddr = null; $computer = array(); while (list($index, $ligne) = each($f)) { $ligne = trim($ligne); if ($ligne == null) { continue; } if ($ligne == "PORT STATE SERVICE") { continue; } if (strpos(" {$ligne}", "Network Distance:") > 0) { continue; } if (strpos(" {$ligne}", "tcp closed tcpmux") > 0) { continue; } if (strpos(" {$ligne}", "Too many fingerprints match") > 0) { continue; } if (strpos(" {$ligne}", "OS detection performed. Please report") > 0) { continue; } if (strpos(" {$ligne}", "OSScan results may be unreliable") > 0) { continue; } if (strpos(" {$ligne}", "/tcp filtered") > 0) { continue; } if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) { $ipaddr = $re[2]; $computer[$ipaddr]["IPADDR"] = $re[2]; $computer[$ipaddr]["HOSTNAME"] = trim($re[1]); if ($GLOBALS["VERBOSE"]) { echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} hostname= {$re[1]}"; continue; } if (preg_match("#Interesting ports on (.*?)\\s+\\(([0-9\\.]+)\\)#", $ligne, $re)) { $ipaddr = $re[2]; $computer[$ipaddr]["IPADDR"] = $re[2]; $computer[$ipaddr]["HOSTNAME"] = trim($re[1]); if ($GLOBALS["VERBOSE"]) { echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} hostname= {$re[1]}"; continue; } if (preg_match("#Interesting ports on ([0-9\\.]+):#", $ligne, $re)) { $ipaddr = $re[1]; $computer[$ipaddr]["IPADDR"] = $re[1]; if ($GLOBALS["VERBOSE"]) { echo "Found IP:{$ipaddr} only in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} only"; continue; } if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) { $ipaddr = $re[1]; $computer[$ipaddr]["IPADDR"] = $re[1]; if ($GLOBALS["VERBOSE"]) { echo "[{$ipaddr}]: Found IP address `{$ipaddr}` without computername in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} without computername "; continue; } if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) { if (trim($ipaddr) == null) { continue; } if (isset($MACSSCAN[trim($re[1])])) { continue; } $computer[$ipaddr]["MAC"] = trim($re[1]); $LOGS[] = "Found {$ipaddr} with mac {$re[1]} "; if ($GLOBALS["VERBOSE"]) { echo "[{$ipaddr}]: Found mac {$re[1]} in `{$ligne}`\n"; } $MACSSCAN[trim($re[1])] = true; continue; } if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) { if (trim($ipaddr) == null) { continue; } if (isset($MACSSCAN[trim($re[1])])) { continue; } $MACSSCAN[trim($re[1])] = true; $computer[$ipaddr]["MAC"] = trim($re[1]); $computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]); if ($GLOBALS["VERBOSE"]) { echo "[{$ipaddr}]: Found mac {$re[1]} and machine type {$re[2]} in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}"; continue; } if (preg_match("#^Running:(.+)#", $ligne, $re)) { if (trim($ipaddr) == null) { continue; } if ($GLOBALS["VERBOSE"]) { echo "Found running in `{$line}`\n"; } $computer[$ipaddr]["RUNNING"] = trim($re[1]); continue; } if (preg_match("#^OS details:(.+)#", $ligne, $re)) { if ($GLOBALS["VERBOSE"]) { echo "[{$ipaddr}]: Found OS {$re[1]} in `{$ligne}`\n"; } $LOGS[] = "Found {$ipaddr} with OS {$re[1]}"; $computer[$ipaddr]["OS"] = trim($re[1]); continue; } if ($GLOBALS["VERBOSE"]) { echo "[{$ipaddr}]: Not understood in `{$ligne}`\n"; } } nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS)); $c = 0; $prefix_sql = "INSERT IGNORE INTO computers_lastscan (`MAC`, `zDate`,`ipaddr`,`hostname`,`Info`) VALUES "; while (list($ipaddr, $array) = each($computer)) { if (!isset($array["MAC"])) { continue; } $mac = trim($array["MAC"]); if (isset($already[$mac])) { continue; } if ($mac == null) { continue; } $c++; $already[$mac] = true; $ldap_ipaddr = null; $ComputerRealName = null; $uid = null; $RAISON = array(); if (!isset($array["HOSTNAME"])) { $array["HOSTNAME"] = null; } if (!isset($array["OS"])) { $array["OS"] = null; } if (!isset($array["RUNNING"])) { $array["RUNNING"] = null; } if (!isset($array["MACHINE_TYPE"])) { $array["MACHINE_TYPE"] = null; } $date = date('Y-m-d H:i:s'); $infos = addslashes($array["OS"] . " Type:{$array["MACHINE_TYPE"]} "); $SQLAD[] = "('{$mac}','{$date}','{$ipaddr}','{$array["HOSTNAME"]}','{$infos}')"; $cmp = new computers(null); $uid = $cmp->ComputerIDFromMAC($mac); if ($uid != null) { if ($GLOBALS["VERBOSE"]) { echo "{$mac} = {$uid}\n"; } $cmp = new computers($uid); $ldap_ipaddr = $cmp->ComputerIP; $ComputerRealName = $cmp->ComputerRealName; if ($GLOBALS["VERBOSE"]) { echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}"; } if ($array["HOSTNAME"] != null) { $EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$"; if ($EXPECTED_UID != $uid) { $RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}"; nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); $cmp->update_uid($EXPECTED_UID); } } if ($ldap_ipaddr != $ipaddr) { writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__); $RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}"; $RAISON[] = "DN: {$cmp->dn}"; $RAISON[] = "UID: {$cmp->uid}"; $RAISON[] = "MAC: {$cmp->ComputerMacAddress}"; if (!$cmp->update_ipaddr($ipaddr)) { $RAISON[] = "ERROR:{$cmp->ldap_last_error}"; } nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); } if ($array["OS"] != null) { if (strtolower($cmp->ComputerOS == "Unknown")) { $cmp->ComputerOS = null; } if ($cmp->ComputerOS == null) { $RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}"; nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid); $cmp->update_OS($array["OS"]); } } } else { if ($array["HOSTNAME"] != null) { $uid = "{$array["HOSTNAME"]}\$"; } else { continue; } nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}"); $cmp = new computers(); $cmp->ComputerIP = $ipaddr; $cmp->ComputerMacAddress = $mac; $cmp->uid = "{$uid}"; $cmp->ComputerOS = $array["OS"]; $cmp->ComputerRunning = $array["RUNNING"]; $cmp->ComputerMachineType = $array["MACHINE_TYPE"]; $cmp->Add(); } } if ($GLOBALS["VERBOSE"]) { echo "*** " . count($SQLAD) . " MYsql queries...***\n"; } system_admin_events("{$c} hosts analyzed in networks", __FUNCTION__, __FILE__, __LINE__, "nmap"); nmap_logs("{$c} hosts analyzed in networks", @file_get_contents("/etc/artica-postfix/nmap.map"), null); if (count($SQLAD) > 0) { $q = new mysql(); $q->QUERY_SQL("DROP TABLE computers_lastscan", "artica_backup"); $q->check_storage_table(true); $final = $prefix_sql . @implode(",", $SQLAD); if ($GLOBALS["VERBOSE"]) { echo "*** {$final} ***\n"; } $q->QUERY_SQL($prefix_sql . @implode(",", $SQLAD), "artica_backup"); if (!$q->ok) { echo $q->mysql_error . "\n"; } } @unlink("/etc/artica-postfix/nmap.map"); //print_r($computer); }