vscweb-commit Mailing List for Vulnerability Scanning Cluster
Brought to you by:
cirrusrex
You can subscribe to this list here.
2004 |
Jan
|
Feb
(41) |
Mar
(44) |
Apr
(94) |
May
(14) |
Jun
|
Jul
(1) |
Aug
(31) |
Sep
(18) |
Oct
(27) |
Nov
(44) |
Dec
(2) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 |
Jan
(1) |
Feb
(15) |
Mar
(7) |
Apr
(18) |
May
(23) |
Jun
(25) |
Jul
(13) |
Aug
(23) |
Sep
|
Oct
|
Nov
(1) |
Dec
(1) |
2006 |
Jan
(2) |
Feb
|
Mar
(3) |
Apr
(1) |
May
|
Jun
|
Jul
(2) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
2007 |
Jan
|
Feb
|
Mar
(3) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: <hc...@us...> - 2007-03-29 18:58:05
|
Revision: 468 http://svn.sourceforge.net/vscweb/?rev=468&view=rev Author: hctv19 Date: 2007-03-29 11:57:50 -0700 (Thu, 29 Mar 2007) Log Message: ----------- More bug fixes Modified Paths: -------------- branches/vsc-2.2/Main/Host/Scan/quickscan.php branches/vsc-2.2/Main/Host/nadd_host.php branches/vsc-2.2/Main/People/News/include/libnews.inc branches/vsc-2.2/Main/People/Privilege/include/public.inc branches/vsc-2.2/Main/main.php branches/vsc-2.2/Main/tpl/People_Error-FatalError.tpl branches/vsc-2.2/Main/tpl/People_Privilege-request_form.tpl Modified: branches/vsc-2.2/Main/Host/Scan/quickscan.php =================================================================== --- branches/vsc-2.2/Main/Host/Scan/quickscan.php 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/Host/Scan/quickscan.php 2007-03-29 18:57:50 UTC (rev 468) @@ -1,5 +1,5 @@ <?php -/** +/* * Allows a user to run a quick scan * * Takes a host or list of hosts and attaches them to a new scan Modified: branches/vsc-2.2/Main/Host/nadd_host.php =================================================================== --- branches/vsc-2.2/Main/Host/nadd_host.php 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/Host/nadd_host.php 2007-03-29 18:57:50 UTC (rev 468) @@ -64,7 +64,7 @@ $addressArray = explode("/", $addr); $ipv4 = Net_ParseIP($addressArray[0]); $dns = $addressArray[1]; - if (!Net_IsNet($ipv4)) Error($_error.$ipv4."Added", ERR_FATAL); + if (!Net_IsNet($ipv4)) Error($_error." ".$ipv4." added, please double check the IP address or range", ERR_FATAL); $hr = new Net_Range($ipv4); /*print "<pre>"; print_r($hr); Modified: branches/vsc-2.2/Main/People/News/include/libnews.inc =================================================================== --- branches/vsc-2.2/Main/People/News/include/libnews.inc 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/People/News/include/libnews.inc 2007-03-29 18:57:50 UTC (rev 468) @@ -108,4 +108,21 @@ function News_GetItem($newsid) { return DB_GetArray("SELECT * FROM news WHERE newsid=$newsid"); } + + function News_UserHasPrivileges($user) + { + $hasPrivs = false; + + $privList = DB_GetResult(" + SELECT userid from privilege + WHERE userid='$user' + "); + + if (DB_FetchArray($privList)) + { + $hasPrivs = true; + } + + return $hasPrivs; + } ?> Modified: branches/vsc-2.2/Main/People/Privilege/include/public.inc =================================================================== --- branches/vsc-2.2/Main/People/Privilege/include/public.inc 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/People/Privilege/include/public.inc 2007-03-29 18:57:50 UTC (rev 468) @@ -43,6 +43,7 @@ // Purpose: provide commonly used database functions // Assumes that header has not been sent + function Priv_FindPrivileges($current_domain, $user) { // Default : no privilege found $found = 'none'; @@ -97,7 +98,7 @@ } if ($error) { - Error("You do not have the required privileges.", ERR_FATAL); + Error("You do not have the required privileges. To request privileges to a domain, click <a href='$IMAGE_PATH/People/Privilege/request_form.php'>here</a>.", ERR_FATAL); } else { return false; } Modified: branches/vsc-2.2/Main/main.php =================================================================== --- branches/vsc-2.2/Main/main.php 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/main.php 2007-03-29 18:57:50 UTC (rev 468) @@ -44,6 +44,7 @@ require $INC_PATH."/include/core.inc"; require $INC_PATH."/People/News/include/public.inc"; + $smarty = CORE_GetSmarty(); __debug_w("Testing 1...2...3..."); Session_LoadSession(); @@ -53,10 +54,16 @@ } + UI_Header("VSC - Main Page"); -echo "<img src='$IMAGE_PATH/image/title_vsc.gif' alt='Vulnerability asdfScanning Cluster'><br><br>"; +echo "<img src='$IMAGE_PATH/image/title_vsc.gif' alt='Vulnerability Scanning Cluster'><br><br>"; UI_Style("Current News", STY_BOLD|STY_SIZE, array("SIZE" =>STY_FONT_HUGE)); echo "<br>"; +if (!News_UserHasPrivileges($_USER['userid'])) +{ +echo "You must first request and be granted privileges to a domain before you can initiate a scan. To request privileges, click <a href='$IMAGE_PATH/People/Privilege/request_form.php'>here</a>."; +} + $news_arr = News_GetItems(($_USER['domain'] != "") ? $_USER['domain']:$_CONFIG['ROOT_DOMAIN']); foreach ($news_arr as $na_r) { @@ -65,7 +72,7 @@ $smarty->assign('na', $na); $smarty->display('News_Item.tpl'); } -echo "<b>This is the correct instance of vsc dev</b>"; + UI_Footer(); ?> Modified: branches/vsc-2.2/Main/tpl/People_Error-FatalError.tpl =================================================================== --- branches/vsc-2.2/Main/tpl/People_Error-FatalError.tpl 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/tpl/People_Error-FatalError.tpl 2007-03-29 18:57:50 UTC (rev 468) @@ -7,7 +7,7 @@ <table cellspacing='0' style='border-width: 2px 2px 2px 2px; border-style: solid; border-color: red;'> <tr> - <td bgcolor='#ffffff' style='font-weight: bolder;'>Error!</td> + <td bgcolor='#ffffff' style='font-weight: bolder;'>There was an error processing your request, please see the error message below for more information.</td> </tr> <tr> <td bgcolor='#ffffff' style='font-size: larger;'><br />{$error_mesg}</td> Modified: branches/vsc-2.2/Main/tpl/People_Privilege-request_form.tpl =================================================================== --- branches/vsc-2.2/Main/tpl/People_Privilege-request_form.tpl 2007-03-27 15:15:05 UTC (rev 467) +++ branches/vsc-2.2/Main/tpl/People_Privilege-request_form.tpl 2007-03-29 18:57:50 UTC (rev 468) @@ -52,6 +52,7 @@ <tr> <td colspan='2'> <br /> + <b>Can't find the domain you need?</b><br/> If you were unable to locate an adequate domain, you may request that a domain be created for you. To do so, please send email to <a href='mailto:{$sys_email}?Subject=Domain+Request'>{$sys_email}</a> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2007-03-27 15:15:08
|
Revision: 467 http://svn.sourceforge.net/vscweb/?rev=467&view=rev Author: hctv19 Date: 2007-03-27 08:15:05 -0700 (Tue, 27 Mar 2007) Log Message: ----------- First round of bug fixes in a while Modified Paths: -------------- branches/vsc-2.2/.mysql branches/vsc-2.2/Main/Domain/delete_domain.php branches/vsc-2.2/Main/Host/Scan/include/libscan.inc branches/vsc-2.2/Main/Host/include/libhost.inc branches/vsc-2.2/Main/Host/nadd_host.php branches/vsc-2.2/Main/People/Privilege/grant.php branches/vsc-2.2/Main/People/Privilege/include/libpriv.inc branches/vsc-2.2/Main/People/Session/include/libsession.inc branches/vsc-2.2/Main/main.php branches/vsc-2.2/Main/ui/public.inc Modified: branches/vsc-2.2/.mysql =================================================================== --- branches/vsc-2.2/.mysql 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/.mysql 2007-03-27 15:15:05 UTC (rev 467) @@ -1 +1 @@ -db_name:db_user:db_pass:db_server:db_port +vsc_2_0:vscdb:ferrousvscdb@01:192.168.32.66:3306 Modified: branches/vsc-2.2/Main/Domain/delete_domain.php =================================================================== --- branches/vsc-2.2/Main/Domain/delete_domain.php 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/Domain/delete_domain.php 2007-03-27 15:15:05 UTC (rev 467) @@ -111,15 +111,25 @@ FROM domain_list WHERE member_domain='{$i->dom_name}' "); - DB_GetResult("DELETE - FROM domain_network_map - WHERE domain='{$i->dom_name}' - "); + DB_GetResult("DELETE + FROM domain_network_map + WHERE domain='{$i->dom_name}' + "); DB_GetResult(" DELETE FROM domain WHERE name='{$i->dom_name}' "); + DB_GetResult(" + DELETE + FROM privilege + WHERE domain_name='{$i->dom_name}' + "); + DB_GetResult(" + DELETE + FROM privilege_request + WHERE domain_name='{$i->dom_name}' + "); foreach ($table as $t) { if ($t == 'domain' || $t == 'incident' || $t == 'domain_list' || $t = 'Host') { Modified: branches/vsc-2.2/Main/Host/Scan/include/libscan.inc =================================================================== --- branches/vsc-2.2/Main/Host/Scan/include/libscan.inc 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/Host/Scan/include/libscan.inc 2007-03-27 15:15:05 UTC (rev 467) @@ -569,10 +569,16 @@ } function SCAN_GetRecurScans($scan_id, $mark_child_scan=NULL) { + $scan_parent_id = $scan_id; + if (!SCAN_IsParent($scan_id)) + { + $scan_parent_id = SCAN_GetParent($scan_id); + } + $sql = "SELECT S.*, IF(R.status IS NULL, 'REQ',R.status) AS status ". "FROM scan_recur_calendar S ". "LEFT JOIN nessus_scan_request R ON R.scan_id=S.scan_id ". - "WHERE parent_scan_id='$scan_id' ORDER BY scheduled_for ASC"; + "WHERE parent_scan_id='".$scan_parent_id."' ORDER BY scheduled_for ASC"; $res = DB_GetResult($sql); $ret = array(); Modified: branches/vsc-2.2/Main/Host/include/libhost.inc =================================================================== --- branches/vsc-2.2/Main/Host/include/libhost.inc 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/Host/include/libhost.inc 2007-03-27 15:15:05 UTC (rev 467) @@ -227,8 +227,22 @@ } return false; } +function HOST_AddHostByAddrWithDNS($ipaddy,$dns, $family, $domain) { + if (!HOST_GetHostByAddr($ipaddy)) { + $sql = "INSERT INTO Host (address,dns_name, family_id) + VALUES('$ipaddy', '$dns', '$family')"; + $res = DB_GetResult($sql); + $hostid = DB_LastInsertID("Host", "hostid", $res); + $sql = "INSERT INTO family_host_map (hostid, family_id, domain) + VALUES('$hostid','$family','$domain')"; + DB_GetResult($sql); + return $hostid; + } + return false; +} + class Host_Range { var $start_addr; Modified: branches/vsc-2.2/Main/Host/nadd_host.php =================================================================== --- branches/vsc-2.2/Main/Host/nadd_host.php 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/Host/nadd_host.php 2007-03-27 15:15:05 UTC (rev 467) @@ -61,8 +61,10 @@ if ($i->submitter != "" && $i->hosts != "" && Family_IsFamily($i->family)) { $hosts = explode("\n", $i->hosts); foreach ($hosts as $addr) { - $ipv4 = Net_ParseIP($addr); - if (!Net_IsNet($ipv4)) Error($_error, ERR_FATAL); + $addressArray = explode("/", $addr); + $ipv4 = Net_ParseIP($addressArray[0]); + $dns = $addressArray[1]; + if (!Net_IsNet($ipv4)) Error($_error.$ipv4."Added", ERR_FATAL); $hr = new Net_Range($ipv4); /*print "<pre>"; print_r($hr); @@ -70,8 +72,16 @@ while ($addr2 = $hr->get_next()) { if (!Net_ValidDomainIP($addr2, $_USER['domain'])) { $_proc[] = "$addr2 is not an allowed IP address for this domain."; - } else { - $res = HOST_AddHostByAddr($addr2, $i->family, $_USER['domain']); + } + else { + if(is_null($dns)) + { + $res = HOST_AddHostByAddr($addr2, $i->family, $_USER['domain']); + } + else + { + $res = HOST_AddHostByAddrWithDNS($addr2,$dns, $i->family, $_USER['domain']); + } if (!$res) { /* host is already added */ $hid = HOST_GetHostByAddr($addr2); Modified: branches/vsc-2.2/Main/People/Privilege/grant.php =================================================================== --- branches/vsc-2.2/Main/People/Privilege/grant.php 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/People/Privilege/grant.php 2007-03-27 15:15:05 UTC (rev 467) @@ -82,8 +82,9 @@ if ($i->action == "Submit") { foreach ($i->grant as $key=>$value) { list($r_domain, $r_user) = explode(".", $key); - if (!in_array($r_domain, DOMAIN_MakeList($_USER['domain'],$_USER['dominate']))) { - Error("Domain $r_domain does not exist!", ERR_FATAL); + $domain_array = DOMAIN_MakeList($_USER['domain'],$_USER['dominate']); + if (!in_array($r_domain, $domain_array)) { + Error("Domain $r_domain does not exist!".$domain_array[1], ERR_FATAL); } $reason = $i->reason[$key]; if ($value == "grant") { Modified: branches/vsc-2.2/Main/People/Privilege/include/libpriv.inc =================================================================== --- branches/vsc-2.2/Main/People/Privilege/include/libpriv.inc 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/People/Privilege/include/libpriv.inc 2007-03-27 15:15:05 UTC (rev 467) @@ -56,8 +56,9 @@ function Priv_GetRequestsByDomain($domain_list, $orderby="domain_name") { $dlist = implode("','", $domain_list); - $sql = "SELECT userid,level,domain_name,when_requested FROM privilege_request - WHERE domain_name IN ('$dlist') ORDER BY $orderby"; + //$sql = "SELECT userid,level,domain_name,when_requested FROM privilege_request + // WHERE domain_name IN ('$dlist') ORDER BY $orderby"; + $sql = "SELECT userid,level,domain_name,when_requested FROM privilege_request"; $res = DB_GetResult($sql); $r_arr = array(); while ($arr = DB_FetchArray($res)) { Modified: branches/vsc-2.2/Main/People/Session/include/libsession.inc =================================================================== --- branches/vsc-2.2/Main/People/Session/include/libsession.inc 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/People/Session/include/libsession.inc 2007-03-27 15:15:05 UTC (rev 467) @@ -96,7 +96,7 @@ //close expired sessions (older than session_timeout) DB_GetResult("UPDATE session_log SET ended=UNIX_TIMESTAMP() WHERE userid='{$_USER['userid']}' - AND (UNIX_TIMESTAMP() - lastchange) > ".$_CONFIG['session_timeout']); + AND (UNIX_TIMESTAMP() - lastchange) > ".$_CONFIG['session_timeout']." AND ENDED IS NULL"); // Look for an active session with this username + sid $array = DB_GetArray(" Modified: branches/vsc-2.2/Main/main.php =================================================================== --- branches/vsc-2.2/Main/main.php 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/main.php 2007-03-27 15:15:05 UTC (rev 467) @@ -54,7 +54,7 @@ UI_Header("VSC - Main Page"); -echo "<img src='$IMAGE_PATH/image/title_vsc.gif' alt='Vulnerability Scanning Cluster'><br><br>"; +echo "<img src='$IMAGE_PATH/image/title_vsc.gif' alt='Vulnerability asdfScanning Cluster'><br><br>"; UI_Style("Current News", STY_BOLD|STY_SIZE, array("SIZE" =>STY_FONT_HUGE)); echo "<br>"; @@ -65,5 +65,7 @@ $smarty->assign('na', $na); $smarty->display('News_Item.tpl'); } +echo "<b>This is the correct instance of vsc dev</b>"; UI_Footer(); ?> + Modified: branches/vsc-2.2/Main/ui/public.inc =================================================================== --- branches/vsc-2.2/Main/ui/public.inc 2007-03-09 20:15:47 UTC (rev 466) +++ branches/vsc-2.2/Main/ui/public.inc 2007-03-27 15:15:05 UTC (rev 467) @@ -207,7 +207,7 @@ </td> <td align='center' valign='top' width='20%'> - <form action='<?=$_SERVER['PHP_SELF']?>' method='Post'> + <form action='<?=$_SERVER['PHP_SELF']?>?target=myscans' method='Post'> <? if ($_CONFIG['ADV_MENU']) { echo "<input type='submit' name='adv_menu' value='Hide'>"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2007-03-09 20:15:47
|
Revision: 466 http://svn.sourceforge.net/vscweb/?rev=466&view=rev Author: hctv19 Date: 2007-03-09 12:15:47 -0800 (Fri, 09 Mar 2007) Log Message: ----------- Couple of bug fixes Modified Paths: -------------- branches/vsc-2.2/Main/include/page.css branches/vsc-2.2/Main/tpl/Host_Scan-host_select_widget.tpl branches/vsc-2.2/Main/tpl/Host_Scan-scan_search-list.tpl Modified: branches/vsc-2.2/Main/include/page.css =================================================================== --- branches/vsc-2.2/Main/include/page.css 2006-08-15 20:16:51 UTC (rev 465) +++ branches/vsc-2.2/Main/include/page.css 2007-03-09 20:15:47 UTC (rev 466) @@ -560,3 +560,17 @@ background: #fdc; line-height: .5em; } + +/*Invisible table*/ +table.invisible +{ + border-width:0px 0px 0px 0px; + border-spacing: 0px; + border-style: none none none none; +} +td.invisible +{ + border-width: 0px 0px 0px 0px; + border-style: none none none none; +} + Modified: branches/vsc-2.2/Main/tpl/Host_Scan-host_select_widget.tpl =================================================================== --- branches/vsc-2.2/Main/tpl/Host_Scan-host_select_widget.tpl 2006-08-15 20:16:51 UTC (rev 465) +++ branches/vsc-2.2/Main/tpl/Host_Scan-host_select_widget.tpl 2007-03-09 20:15:47 UTC (rev 466) @@ -4,7 +4,7 @@ <tr> <td colspan='2' style='border-bottom: 1px solid black; background-color: #3D5B8F; color: #FFFFFF; font-size: larger;'> - Choose hosts to scan + Choose Hosts to Scan </td> </tr> <tr> Modified: branches/vsc-2.2/Main/tpl/Host_Scan-scan_search-list.tpl =================================================================== --- branches/vsc-2.2/Main/tpl/Host_Scan-scan_search-list.tpl 2006-08-15 20:16:51 UTC (rev 465) +++ branches/vsc-2.2/Main/tpl/Host_Scan-scan_search-list.tpl 2007-03-09 20:15:47 UTC (rev 466) @@ -8,8 +8,7 @@ Requested <span class='key-req'> </span> Processing <span class='key-proc'> </span> Error <span class='key-err'> </span> - Recurring <img src='{$IMAGE_PATH}/image/rec_arrow2.png' class='key'> - </td> + Recurring <img src='{$IMAGE_PATH}/image/rec_arrow2.png' class='key'> </td> <td colspan='2'> <div id='searchctrl' align='center'> Action: <select name='scan_action' onChange='document.forms["aform"].submit()'> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-15 20:16:55
|
Revision: 465 Author: hctv19 Date: 2006-08-15 13:16:51 -0700 (Tue, 15 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=465&view=rev Log Message: ----------- Added error checking for policy-id's of 0 or null and also fixed a bug that monthly recurring scans wouldn't actually recur Modified Paths: -------------- trunk/Main/Host/Scan/include/libscan.inc trunk/Main/Host/Scan/request.php Modified: trunk/Main/Host/Scan/include/libscan.inc =================================================================== --- trunk/Main/Host/Scan/include/libscan.inc 2006-08-11 20:10:19 UTC (rev 464) +++ trunk/Main/Host/Scan/include/libscan.inc 2006-08-15 20:16:51 UTC (rev 465) @@ -92,11 +92,22 @@ function SCAN_NewRequest($policy_id, $domain,$userid, $requested_on, $scheduled_for,$priority) { //begin transaction DB_TRANS_BEGIN(); - $sql = "INSERT INTO nessus_scan_request - (policy_id, domain,userid,requested_on,scheduled_for,priority) - VALUES('$policy_id','$domain','$userid',FROM_UNIXTIME('$requested_on'), - FROM_UNIXTIME('$scheduled_for'),'$priority')"; - $res = DB_TGetResult($sql); + $res = true; + + //This if-block should make sure policy id's of 0 can't get into the db - nessus chokes on these evidently + if ($policy_id != NULL && $policy_id !=0 ) + { + $sql = "INSERT INTO nessus_scan_request + (policy_id, domain,userid,requested_on,scheduled_for,priority) + VALUES('$policy_id','$domain','$userid',FROM_UNIXTIME('$requested_on'), + FROM_UNIXTIME('$scheduled_for'),'$priority')"; + $res = DB_TGetResult($sql); + } + else + { + $res = false; + } + if ($res === false) { //print DB_GetError(); //Perfect place for error loggin Modified: trunk/Main/Host/Scan/request.php =================================================================== --- trunk/Main/Host/Scan/request.php 2006-08-11 20:10:19 UTC (rev 464) +++ trunk/Main/Host/Scan/request.php 2006-08-15 20:16:51 UTC (rev 465) @@ -400,6 +400,7 @@ if ($i->action == "Finish") { /* INSERT NEW REQUEST INTO TABLE */ $scan_id = SCAN_NewRequest($__scan['policy_id'], $_USER['domain'],$_USER['userid'], $__scan['request_time'],$__scan['scheduled_for'],5); + if ($scan_id < 1) { UI_Style("Error requesting scan.", STY_BOLD|STY_ITALIC); echo DB_GetError(); @@ -445,18 +446,21 @@ } } } else if ($freq == "monthly") { + $ts = $start_ts; $s_day = JDDayOfWeek(unixtojd($ts),0); do { $ts += 2592000; $jd = unixtojd($ts); $day = JDDayOfWeek($jd,0); - if ($day != $s_day) { + if ($day != $s_day) + { $diff = $s_day - $day; if ($diff > 3 || $diff < -3) $diff *= -1; $ts += $diff * 86400; - } - $r = SCAN_Recur_AddDate($scan_id, $j); + } + $r = SCAN_Recur_AddDate($scan_id, $ts); + } while ($ts < $end_ts); } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-11 20:10:26
|
Revision: 464 Author: hctv19 Date: 2006-08-11 13:10:19 -0700 (Fri, 11 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=464&view=rev Log Message: ----------- Made it so that recurring scans could be discontinued via a child scan without having to know the scan id for the parent scan Modified Paths: -------------- trunk/Main/Host/Scan/include/libscan.inc trunk/Main/Host/Scan/scan_proc.php trunk/Main/People/Session/include/libpdata.inc Modified: trunk/Main/Host/Scan/include/libscan.inc =================================================================== --- trunk/Main/Host/Scan/include/libscan.inc 2006-08-07 13:51:05 UTC (rev 463) +++ trunk/Main/Host/Scan/include/libscan.inc 2006-08-11 20:10:19 UTC (rev 464) @@ -192,11 +192,13 @@ } function SCAN_CancelRecurScans($scan_id) { - $recur = SCAN_GetRecurScans($scan_id); + + $parent = SCAN_GetParent($scan_id); + $recur = SCAN_GetRecurScans($parent); foreach ($recur as $r) { if ($r['scan_id'] == NULL or $r['scan_id'] == 0) { - SCAN_CancelSchedRecur($scan_id, $r['scheduled_for']); + SCAN_CancelSchedRecur($parent, $r['scheduled_for']); } else { if (SCAN_GetStatus($r['scan_id']) == 'REQ') { SCAN_CancelScan($r['scan_id']); @@ -206,6 +208,7 @@ if (SCAN_GetStatus($scan_id) == 'REQ') { SCAN_CancelScan($r['scan_id']); } + } function SCAN_CancelSchedRecur($parent_id, $dts) { @@ -569,10 +572,11 @@ } function SCAN_GetRecurScans($scan_id, $mark_child_scan=NULL) { + $parent = SCAN_GetParent($scan_id); $sql = "SELECT S.*, IF(R.status IS NULL, 'REQ',R.status) AS status ". "FROM scan_recur_calendar S ". "LEFT JOIN nessus_scan_request R ON R.scan_id=S.scan_id ". - "WHERE parent_scan_id='$scan_id' ORDER BY scheduled_for ASC"; + "WHERE parent_scan_id='$parent' ORDER BY scheduled_for ASC"; $res = DB_GetResult($sql); $ret = array(); @@ -607,10 +611,22 @@ $sql = "SELECT scheduled_for FROM scan_recur_calendar ". */ function SCAN_GetParent($scan_id) { + $parent = ""; $sql = "SELECT parent_scan_id FROM scan_recur_calendar WHERE scan_id='$scan_id'"; $arr = DB_GetArray($sql); - return $arr['parent_scan_id']; + + if ($arr == null || $arr['parent_scan_id'] == null || $arr['parent_scan_id'] == "") + { + $parent = $scan_id; + } + else + { + $parent = $arr['parent_scan_id']; + } + + return $parent; + } function SCAN_CancelRecurring($parent_id) { Modified: trunk/Main/Host/Scan/scan_proc.php =================================================================== --- trunk/Main/Host/Scan/scan_proc.php 2006-08-07 13:51:05 UTC (rev 463) +++ trunk/Main/Host/Scan/scan_proc.php 2006-08-11 20:10:19 UTC (rev 464) @@ -294,7 +294,8 @@ } else if ($rt_action == "all") { //echo "Action: all (canceling all scans in this series)<br>"; //ri-all: remove all instances of status REQ - SCAN_CancelRecurScans($data['scan_id']); + $message = SCAN_CancelRecurScans($data['scan_id']); + echo "Parent id = ".$message; $data['recur_spec'] = "all"; $deleted[] = $data; } else { Modified: trunk/Main/People/Session/include/libpdata.inc =================================================================== --- trunk/Main/People/Session/include/libpdata.inc 2006-08-07 13:51:05 UTC (rev 463) +++ trunk/Main/People/Session/include/libpdata.inc 2006-08-11 20:10:19 UTC (rev 464) @@ -80,10 +80,10 @@ WHERE sessionid='{$_USER['sid']}' AND name='$name'"; - __DEBUG_W("Session_PDATA_GetValue: ".$sql); - __DEBUG_W("Session_PDATA_GetValue: SQL results:"); + //__DEBUG_W("Session_PDATA_GetValue: ".$sql); + //__DEBUG_W("Session_PDATA_GetValue: SQL results:"); $arr = DB_GetArray($sql); - __DEBUG_DS($arr); + //__DEBUG_DS($arr); if ($delete) __pdata_delete($name); if ($arr == NULL) @@ -95,7 +95,7 @@ function Session_PDATA_Register($name, $value, $type=SESSION_PDATA_INPUT) { global $_USER; - __DEBUG_W("Session_PDATA_Register: $name=$value"); + /* __DEBUG_W("Session_PDATA_Register: $name=$value"); */ DB_GetResult("DELETE FROM pdata WHERE sessionid='{$_USER['sid']}' AND name='$name'"); $sql = "INSERT INTO pdata (sessionid, name, value, dtype) VALUES('{$_USER['sid']}', '$name','". This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-07 13:35:39
|
Revision: 462 Author: cirrusrex Date: 2006-08-07 06:35:24 -0700 (Mon, 07 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=462&view=rev Log Message: ----------- Merged VSC 2.0 changes back into the trunk Trunk now has downloadable reports, several bug fixes pyvscd in trunk also now has syslog support, and cachdns services have been added as well Modified Paths: -------------- trunk/Main/Domain/include/libnet.inc.php trunk/Main/Domain/ui/public.inc trunk/Main/Host/Scan/include/libscan.inc trunk/Main/Host/Scan/scan_viewer.php trunk/Main/Host/Scan/view_plugins.php trunk/Main/People/Session/I2A2/login_proc.php trunk/Main/People/Session/include/libsession.inc trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl trunk/Main/tpl/Reports/single_scan_controls.tpl trunk/Main/tpl/Reports/single_scan_csv.tpl trunk/pyvscd/libvscmt/__init__.py trunk/pyvscd/libvscmt/host.py trunk/pyvscd/pyssus/handlers.py trunk/pyvscd/pyssus/test/pyssus-test.py trunk/pyvscd/pyvscd.conf.example trunk/pyvscd/pyvscd.py trunk/pyvscd/util/loadplugins.py Added Paths: ----------- trunk/pyvscd/util/cachedns.py Modified: trunk/Main/Domain/include/libnet.inc.php =================================================================== --- trunk/Main/Domain/include/libnet.inc.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Domain/include/libnet.inc.php 2006-08-07 13:35:24 UTC (rev 462) @@ -121,6 +121,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "single"; + $net['start_addr'] = $ipv4->ip; $net['end_addr'] = $ipv4->ip; return $net; @@ -142,6 +145,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -160,6 +166,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -177,6 +186,9 @@ $_error = $match[2]." is less than ".$match[1]; return false; } + //Set type + $net['type'] = "ip_range"; + $net['start_addr'] = $match[1]; $net['end_addr'] = $match[2]; //print "(F) start: ".$net['start_addr']; @@ -377,12 +389,27 @@ var $network; var $broadcast; var $offset; + var $type; function Net_Range($ipv4) { $this->network = Net_IPv4::ip2double($ipv4['start_addr']); $this->broadcast = Net_IPv4::ip2double($ipv4['end_addr']); - $this->offset = 1; + $this->type = $ipv4['type']; + $this->offset = 1 ; + if ($ipv4['type'] == "subnet") + { + $this->offset = 1; + } + else if ($ipv4['type'] == "single") + { + $this->offset = 1; + } + else + { + $this->offset =0; + } + if ($this->network == $this->broadcast) { /* we have a /32 */ $this->network--; @@ -391,9 +418,15 @@ } function get_next() { - if (($this->network + $this->offset) >= $this->broadcast) { + + if ($this->type == "ip_range" && ($this->network + $this->offset) > $this->broadcast) + { return NULL; } + else if (($this->type == "subnet" || $this->type == "single") && ($this->network + $this->offset) >= $this->broadcast) + { + return NULL; + } $ret_addr = $this->network + $this->offset; $this->offset++; return long2ip($ret_addr); Modified: trunk/Main/Domain/ui/public.inc =================================================================== --- trunk/Main/Domain/ui/public.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Domain/ui/public.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -103,7 +103,7 @@ echo "; border-color: black; border-style: solid;'>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; echo "<select name='newdomain' onChange='this.form.submit()'>"; - foreach ($priv_d as $cd) { + foreach (array_merge($_USER['domain'], $priv_d) as $cd) { echo "<option value='$cd' "; if ($cd == $_USER['domain']) echo "SELECTED=SELECTED"; echo ">$cd</option>"; @@ -116,7 +116,9 @@ #end echo "<td style='border-width: 1px 1px 1px 1px; border-style: solid; border-color: black;'>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; - echo "<select name='newdomain' onChange='this.form.submit()'>"; + echo "<select name='newdomain' onChange='this.form.submit()'"; + if (sizeof($cd) == 0) echo "disabled=disabled"; + echo ">"; foreach ($chld_d as $cd) { echo "<option value='$cd'>$cd</option>"; } Modified: trunk/Main/Host/Scan/include/libscan.inc =================================================================== --- trunk/Main/Host/Scan/include/libscan.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/include/libscan.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -39,6 +39,7 @@ $SCAN_format_opts = array('text', 'html','csv'); +$SCAN_format_exts = array('text'=>'txt', 'html'=>'html', 'fhtml'=>'html', 'csv'=>'csv'); $SCAN_scope_opts = array('any','info','hole'); $SCAN_mode_opts = array('diff', 'single'); $SCAN_OPTS_FORMAT = array('text'=>"Text", 'html'=>'HTML', 'fhtml'=>'Fancy HTML', 'csv'=>'CSV'); Modified: trunk/Main/Host/Scan/scan_viewer.php =================================================================== --- trunk/Main/Host/Scan/scan_viewer.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/scan_viewer.php 2006-08-07 13:35:24 UTC (rev 462) @@ -22,6 +22,7 @@ $input[] = "format"; $input[] = "print_view"; $input[] = "scope"; +$input[] = "action"; $i =& new CORE_FormInput($input); SESSION_PDATA_Register("scan_id", $i->scan_id); @@ -210,27 +211,40 @@ } -UI_Header(); +if (in_array($i->action, array("View Report", "Update"))) { + /* display report */ + UI_Header(); -UI_Form(); + UI_Form(); -$smarty->assign('scan_id', $i->scan_id); -$smarty->assign('report_host', $i->report_host); -$smarty->assign('format', $i->format); -$smarty->assign('print_view', $i->print_view); -$smarty->assign('format_opts', $SCAN_OPTS_FORMAT); -$smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); -$smarty->assign('scope', $i->scope); -$smarty->assign('mode', $i->mode); -$smarty->assign('diff_id', $i->diff_id); -$smarty->display('single_scan_controls.tpl'); -echo "<hr>"; + $smarty->assign('scan_id', $i->scan_id); + $smarty->assign('report_host', $i->report_host); + $smarty->assign('format', $i->format); + $smarty->assign('print_view', $i->print_view); + $smarty->assign('format_opts', $SCAN_OPTS_FORMAT); + $smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); + $smarty->assign('scope', $i->scope); + $smarty->assign('mode', $i->mode); + $smarty->assign('diff_id', $i->diff_id); + $smarty->display('single_scan_controls.tpl'); + echo "<hr>"; -$report_data['print_view'] = false; -$smarty->assign('result_data', $report_data); -if ($i->format == 'text') echo "<pre>"; -$smarty->display("{$i->mode}_scan_{$i->format}.tpl"); -if ($i->format == 'text') echo "</pre>"; -UI_Footer(); + $report_data['print_view'] = false; + $smarty->assign('result_data', $report_data); + if (in_array($i->format, array('text', 'csv'))) echo "<pre>"; + $smarty->display("{$i->mode}_scan_{$i->format}.tpl"); + if (in_array($i->format, array('text', 'csv'))) echo "</pre>"; + UI_Footer(); +} else { + /* download report */ + $smarty->assign('result_data', $report_data); + $output = $smarty->fetch("{$i->mode}_scan_{$i->format}.tpl"); + $output_len = strlen($output); + header("Content-length: $output_len"); + header("Content-type: application/octet-stream"); + header("Content-Disposition: attachment; filename=".$i->scan_id."-report.".$SCAN_format_exts[$i->format]); + print $output; +} + ?> Modified: trunk/Main/Host/Scan/view_plugins.php =================================================================== --- trunk/Main/Host/Scan/view_plugins.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/Host/Scan/view_plugins.php 2006-08-07 13:35:24 UTC (rev 462) @@ -72,12 +72,12 @@ UI_EchoLeft("Plugin: "); echo "<td>"; UI_Style($pl['name'], - STY_BOLD|STY_SIZE, array("SIZE"=>STY_FONT_SHUGE)); + STY_BOLD|STY_SIZE, array("SIZE"=>STY_FONT_LARGE)); echo "</td></tr>"; UI_EchoLeft("Family: "); echo "<td>"; UI_Style($pl['family'], - STY_SIZE, array("SIZE"=>STY_FONT_HUGE)); + STY_SIZE, array("SIZE"=>STY_FONT_LARGE)); echo "</td></tr>"; UI_EchoLeft("Short Description: "); UI_EchoRight($pl['short_desc']); @@ -92,7 +92,7 @@ UI_EchoLeft("Status: "); UI_EchoRight(($pl['disabled'] == 1)?"<span style='color: red;'>Disabled</span>":"<span style='color: green;'>Enabled</span>"); UI_EchoLeft("Description: "); - UI_EchoRight("<pre>".$pl['description']."</pre>"); + UI_EchoRight("<pre>".str_replace(";", "\n", $pl['description'])."</pre>"); echo "</table>"; UI_Footer(); Modified: trunk/Main/People/Session/I2A2/login_proc.php =================================================================== --- trunk/Main/People/Session/I2A2/login_proc.php 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/People/Session/I2A2/login_proc.php 2006-08-07 13:35:24 UTC (rev 462) @@ -85,7 +85,7 @@ error_reporting(E_ALL); } else { if (isset($_REQUEST['target'])) { - login_box("Invalid session or session timed out!"); + login_box("Your session timed out! Please login to proceed."); } else { login_box("Error authenticating: bad login name or password."); } @@ -116,7 +116,7 @@ function login_box($message) { global $INC_PATH, $IMAGE_PATH,$_CONFIG; - UI_Header("Login Error"); + UI_Header("VSC Login"); echo "<h2>$message</h2>"; echo "<div style='font-style: italic;'>".$_CONFIG['login_banner']."</div>"; echo "<form action='{$_SERVER['PHP_SELF']}' method='POST'>"; Modified: trunk/Main/People/Session/include/libsession.inc =================================================================== --- trunk/Main/People/Session/include/libsession.inc 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/People/Session/include/libsession.inc 2006-08-07 13:35:24 UTC (rev 462) @@ -67,6 +67,7 @@ if (isset($_SERVER['PHP_SELF'])) { list($void, $path) = explode($_SERVER['HTTP_HOST'], $IMAGE_PATH); $r_path = str_replace($path, "", $_SERVER['PHP_SELF']); + $r_path = $r_path . "?".$_SERVER['QUERY_STRING']; $return = base64_encode($r_path); $auth_url = str_replace("AUTH_", "",$_CONFIG['use_auth']); if ($auth_url == "STD") $auth_url = 'SUPA'; Modified: trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl =================================================================== --- trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Host_Scan-scan_proc-scan_diff.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -51,7 +51,7 @@ <!--div style="height:125px; width: 100%; overflow:auto; border:2px inset; padding: 0px; text-align:left;"--> <!--spanstyle='font-size: 10px; font-weight: bold;'>Host Information</span><br /--> {foreach item=host from=$hosts} - <option value='{$host.host_id}' style='font-size:10px;' class='{cycle name='fin' values='FIN-odd,FIN-even'}'> + <option value='{$host.hostid}' style='font-size:10px;' class='{cycle name='fin' values='FIN-odd,FIN-even'}'> <!--class='{if $host.status eq "FIN"}{cycle name="fin" values="FIN-odd,FIN-even"}{elseif $host.status eq "REQ"}{cycle name="req" values="REQ-odd,REQ-even"}{elseif $host.status eq "PROC"}{cycle name="proc" values="PROC-odd,PROC-even"}{elseif $host.status eq "ERR"}{cycle name="err" values="ERR-odd,ERR-even"}{/if}'--> {$host.address|string_format:"%-15s"|replace:" ":" "} - {$host.dns_name|string_format:"%-40s"}<br /> </option> Modified: trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl =================================================================== --- trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -107,18 +107,21 @@ </select> </td> </tr> - <tr> + <!--tr> <td style='font-size: 10px;'> Print View </td> <td style='font-size: 10px;'> <input type='checkbox' name='print_view' value='yes'> </td> - </tr> + </tr--> <tr> - <td colspan='2' style='font-size: 10px;'> - <input type='submit' value='View Report'> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='View Report'> </td> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='Download Report'> + </td> </tr> </table> {/if} Modified: trunk/Main/tpl/Reports/single_scan_controls.tpl =================================================================== --- trunk/Main/tpl/Reports/single_scan_controls.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Reports/single_scan_controls.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -32,9 +32,12 @@ </td> <td align='right'>Print View On</td> <td><input type='checkbox' name='print_view' value='yes' {if $print_view == "yes"}checked="checked"{/if}></td> - <td align=left' colspan='2'> - <input type='submit' value='Update'> + <td align=left'> + <input type='submit' name='action' value='Update'> </td> + <td align=left'> + <input type='submit' name='action' value='Download'> + </td> </tr> </table> </form> Modified: trunk/Main/tpl/Reports/single_scan_csv.tpl =================================================================== --- trunk/Main/tpl/Reports/single_scan_csv.tpl 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/Main/tpl/Reports/single_scan_csv.tpl 2006-08-07 13:35:24 UTC (rev 462) @@ -1,6 +1,6 @@ -"IP Address", "Hostname", "Plugin ID", "Port Info", "Family", "Risk Factor", "Description"<br> +"IP Address", "Hostname", "Plugin ID", "Port Info", "Family", "Risk Factor", "Description" {foreach name=hostid item=hostd from=$result_data.hosts} - {foreach item=vuln from=$hostd.results} - {$hostd.address},{$host.dns_name},{$vuln.plugin_id},{$vuln.prot}/{$vuln.port} {$vuln.service},{$vuln.family},"{$vuln.body|replace:"\"":"'"}"<br> - {/foreach} +{foreach item=vuln from=$hostd.results} +{$hostd.address},{$host.dns_name},{$vuln.plugin_id},{$vuln.prot}/{$vuln.port} {$vuln.service},{$vuln.family},{$vuln.severity},"{$vuln.body|replace:"\"":"'"|replace:"\n":" "}" {/foreach} +{/foreach} Modified: trunk/pyvscd/libvscmt/__init__.py =================================================================== --- trunk/pyvscd/libvscmt/__init__.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/libvscmt/__init__.py 2006-08-07 13:35:24 UTC (rev 462) @@ -2,4 +2,4 @@ Multi-thread aware libvsc for pyvscd """ -__all__ = ["plugins","scan", "nessusmt", "plugins"] +__all__ = ["plugins","scan", "nessusmt", "plugins", "host"] Modified: trunk/pyvscd/libvscmt/host.py =================================================================== --- trunk/pyvscd/libvscmt/host.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/libvscmt/host.py 2006-08-07 13:35:24 UTC (rev 462) @@ -27,17 +27,6 @@ c.close() return rdict -def updateNetBios(db, scan_id, host_addr_map): - """updates the netbios and mac address information of - the hosts in the host_addr_map (e.g.,returned from the above - function) - - Keyword Arguments: - db - MySQLdb.connections.Connection - scan_id - integer - host_addr_map - dict, of ip:hostid pairs - """ - pass def saveNessusResult(db,scan_id,host_id,result): """Saves a result from the Nessus server @@ -110,3 +99,97 @@ else: return False +def updateNetBios(db, scan_id, host_addr_map): + """updates the netbios and mac address information of + the hosts in the host_addr_map (e.g.,returned from the above + function) + + Keyword Arguments: + db - MySQLdb.connections.Connection + scan_id - integer + host_addr_map - dict, of ip:hostid pairs + """ + pass + +def getNewHosts(db, limit=None): + """retrieves all new hosts in the database, that is hosts who have been recently + added and do not have a dns address cached. + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name = address " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + + c.close() + return hosts + +def getRevisitableHosts(db, limit=None): + """retrieves all hosts in the database that did not have DNS records when initially dug + these hosts exist in the database with the dns_name "address*" where address is the host's + ip + + Keyword Arguments: + db - MySQLdb.connections.Connection + limit - integer (optional) + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name regexp '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\\\\*' " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + c.close() + return hosts + +def getAllHosts(db): + """retrieves all hosts in the database + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + + c = db.cursor() + __sql__ = "select hostid, address, dns_name from Host" + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address, dns_name) = row + hosts[hostid] = (address, dns_name) + row = c.fetchone() + c.close() + return hosts + +def setHostName(db, hostid, dns_name): + """sets the given host's dns_name + + Keyword Arguments: + db - MySQLdb.connections.Connection + host_id - integer + dns_name - string + """ + c = db.cursor() + __sql__ = "update Host set dns_name=%s where hostid=%s" + c.execute(__sql__, (dns_name, hostid)) + c.close() + db.commit() + Modified: trunk/pyvscd/pyssus/handlers.py =================================================================== --- trunk/pyvscd/pyssus/handlers.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyssus/handlers.py 2006-08-07 13:35:24 UTC (rev 462) @@ -395,7 +395,7 @@ raise NessusHandlerError, "Plugin[%s] data should contain %s, received %s --> %s" % (count, (self.basePluginLength+self.plugin_opts.__len__()), plugin.__len__(), "|||".join(plugin)) def _getSeverity(self, description): - m = re.compile("(Risk Factor|Risk)\s*:\s*([a-z|A-Z\/]+)", re.IGNORECASE|re.MULTILINE).search(description) + m = re.compile("(Risk Factor|Risk)[;\s]*:[;\s]*([a-z|A-Z\/]+)\s*.*", re.IGNORECASE|re.MULTILINE).search(description) if m == None: return "Unknown" (rb,sev) = m.group(1,2) Modified: trunk/pyvscd/pyssus/test/pyssus-test.py =================================================================== --- trunk/pyvscd/pyssus/test/pyssus-test.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyssus/test/pyssus-test.py 2006-08-07 13:35:24 UTC (rev 462) @@ -65,8 +65,10 @@ msg.unpack() pluginData = handlers.NessusPluginsHandler(msg, opt_list) print "Processed %s plugins" % (pluginData.plugins.__len__()) - #print "Output: " + pluginData.__str__() + print "Output: " + "\n".join(pluginData.plugins.itervalues()) + cx.close() + sys.exit(0) #handle preferences msg = cx.readMessage() while msg == None: Modified: trunk/pyvscd/pyvscd.conf.example =================================================================== --- trunk/pyvscd/pyvscd.conf.example 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyvscd.conf.example 2006-08-07 13:35:24 UTC (rev 462) @@ -13,6 +13,13 @@ logfile_level: 30 logfile: pyvscd.log +#syslog logging configuration +syslog_enable: no +syslog_server: localhost +syslog_port: 514 +syslog_facility: local0 +syslog_loglevel: 20 + #console logging must be enabled, but you can #set the severity logcons_level: 40 Modified: trunk/pyvscd/pyvscd.py =================================================================== --- trunk/pyvscd/pyvscd.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/pyvscd.py 2006-08-07 13:35:24 UTC (rev 462) @@ -22,9 +22,11 @@ from Queue import Queue from threading import Thread import logging +import logging.handlers import MySQLdb import os import signal +import socket import sys import time @@ -78,7 +80,27 @@ formatter = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s','%m-%d %H:%M') filelog.setFormatter(formatter) logging.getLogger().addHandler(filelog) - + + if conf.has_option('general', 'syslog_enable') and conf.getboolean('general', 'syslog_enable'): + print "Enabling Syslog..." + syslog_server = 'localhost' + syslog_port = 514 + syslog_facility = 'local1' + syslog_level = logging.INFO + if conf.has_option('general', 'syslog_server'): + syslog_server = conf.get('general', 'syslog_server') + #syslog_server = socket.inet_aton(socket.gethostbyname(conf.get('general', 'syslog_server'))) + if conf.has_option('general', 'syslog_port'): + syslog_port = conf.getint('general', 'syslog_port') + if conf.has_option('general', 'syslog_facility'): + syslog_facility = conf.get('general', 'syslog_facility') + if conf.has_option('general', 'syslog_loglevel'): + syslog_level = conf.getint('general', 'syslog_loglevel') + + syslogger = logging.handlers.SysLogHandler( (syslog_server, syslog_port), syslog_facility ) + syslogger.setLevel(syslog_level) + logging.getLogger().addHandler(syslogger) + log = logging.getLogger('pyvscd') #get mysql configuration information Copied: trunk/pyvscd/util/cachedns.py (from rev 461, branches/vsc-2.0/pyvscd/util/cachedns.py) =================================================================== --- trunk/pyvscd/util/cachedns.py (rev 0) +++ trunk/pyvscd/util/cachedns.py 2006-08-07 13:35:24 UTC (rev 462) @@ -0,0 +1,133 @@ +#!/usr/bin/env python2.4 + +""" +Python script for importing plugins from the Nessus server. +""" + +import sys +sys.path.append('../') +from ConfigParser import ConfigParser +from optparse import OptionParser +from socket import error as socket_error, gethostbyaddr +import socket +import time +import logging +import MySQLdb +from libvscmt import host + +def __main__(): + usage = "usage: %prog [options] [hosts]" + parser = OptionParser(usage=usage) + parser.add_option('-d', '--debug', action='store_true', dest='debug',help='enable debugging') + parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') + parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') + parser.add_option('-m', '--mode', dest='mode', help='DNS Cache mode: n|new - update new hosts; r|revisit - attempt to reload dns information for all unknown hosts; a|all - reload all DNS information') + parser.add_option('-l', '--limit', dest='limit', help='Limit for records to check on new and revist operations') + + (options, args) = parser.parse_args() + if not options.conf and not options.mode: + parser.print_help() + sys.exit(-1) + + logging.basicConfig() + if options.verbose: + logging.getLogger('').setLevel(logging.INFO) + + if options.debug: + #set root logger to DEBUG + logging.getLogger('').setLevel(logging.DEBUG) + #our logger should inherit the root logging level + log = logging.getLogger('cachedns') + + if options.debug: + log.debug('Debugging enabled') + elif options.verbose: + log.debug('Verbose enabled') + limit = 255 #a class C subnet seems reasonable + if options.limit: + limit = options.limit + log.debug("Record limit set to %s" % (limit)) + else: + log.debug("Record limit set to default %s" % (limit)) + + #read our config file + config = ConfigParser() + config.read(options.conf) + if not config.has_section('mysql') or not config.has_section('general'): + log.error("The config file must contain a [mysql] and [general] section!") + sys.exit(-1) + + dbhost = config.get('mysql','host') + dbuser = config.get('mysql','username') + dbpasswd = config.get('mysql','password') + dbname = config.get('mysql','database') + root_domain = config.get('general', 'root_domain') + + #open MySQL Connection + db = MySQLdb.connect(host=dbhost, user=dbuser, passwd=dbpasswd, db=dbname) + + if options.mode == 'n' or options.mode == 'new': + log.debug("Updating DNS for new hosts...") + new_hosts = host.getNewHosts(db, limit=limit) + if len(new_hosts) == 0: + log.debug("No new hosts to cache...") + sys.exit(0) + + for (hostid, address) in new_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + #code to do that + host.setHostName(db, hostid, hostname) + else: + log.debug("Marking host %s as nameless" % (hostid)) + #code to do that + host.setHostName(db, hostid, "%s*" % (address)) + elif options.mode == 'r' or options.mode == 'revisit': + log.debug("Updating DNS for revisited hosts") + rev_hosts = host.getRevisitableHosts(db, limit=limit) + if len(rev_hosts) == 0: + log.debug("No old hosts to revisit") + + for (hostid, address) in rev_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host still has no name, passing...") + elif options.mode == 'a' or options.mode == 'all': + log.debug("Updating DNS for all hosts") + all_hosts = host.getAllHosts(db) + for (hostid, data) in all_hosts.iteritems(): + (address, dns_name) = data + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None and hostname != dns_name: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host has no new name, passing...") + else: + log.error("No such option %s" % (options.mode)) + sys.exit(1) + +def get_hostname(address): + log = logging.getLogger('cachedns.get_hostname') + try: + (hostname, aliaslist, ipaddr_list) = gethostbyaddr(address) + log.debug("DNS name is %s" % (hostname)) + log.debug("Alias list is : " + ", ".join(aliaslist)) + return hostname + except socket.herror: + log.debug("No address found for host.") + return None + + + +if __name__ == '__main__': + __main__() + Modified: trunk/pyvscd/util/loadplugins.py =================================================================== --- trunk/pyvscd/util/loadplugins.py 2006-08-06 06:25:13 UTC (rev 461) +++ trunk/pyvscd/util/loadplugins.py 2006-08-07 13:35:24 UTC (rev 462) @@ -23,6 +23,7 @@ parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') parser.add_option('-S', '--ssl',action='store_true', dest='ssl',help='enable ssl for nessus connection') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') (options, args) = parser.parse_args() if not options.nessus and not options.conf: @@ -89,7 +90,7 @@ #we need to replace this with our plugins handler pluginData = VSCPluginsHandler(msg, opt_list) logging.info("Received %s plugins", str(pluginData.plugins.__len__())) - pluginData.handle(args=(db,root_domain)) + pluginData.handle(args=(db,root_domain,options.nocommit)) log.debug("disconnecting from server.") cx.close() #end main @@ -98,11 +99,11 @@ def handle(self, args): log = logging.getLogger('plugins handler') - (db,root_domain) = args - libvscmt.plugins.flushTempPlugins(db) + (db,root_domain,nocommit) = args + if not nocommit: libvscmt.plugins.flushTempPlugins(db) for p in self.plugins: - libvscmt.plugins.addPlugin(db, p) - log.debug("added %s: %s", p['plugin'], p['name']) + if not nocommit: libvscmt.plugins.addPlugin(db, p) + log.debug("added %s: %s - %s", p['plugin'], p['name'], p['severity']) families = libvscmt.plugins.getFamilies(db) if "Full Scan" not in families: @@ -114,7 +115,8 @@ polid = libvscmt.plugins.policyExists(db, family, libvscmt.plugins.POLICY_USER, root_domain) if polid is None: log.debug("policy |%s| not found!", family) - libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", + if not nocommit: + libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", 1, root_domain, libvscmt.plugins.POLICY_USER ) ) @@ -133,7 +135,7 @@ log.debug("mapping plugins to policy %s[%s]", family,polid) for pl in plugin_list: #log.debug("mapping plugin [#%s] to policy [%s]" % (pl, polid)) - if not libvscmt.plugins.isMapped(db,polid, pl): + if not libvscmt.plugins.isMapped(db,polid, pl) and not nocommit: libvscmt.plugins.mapPlugin(db,polid, pl) log.info("finished mapping plugins for this policy.") This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-06 06:25:20
|
Revision: 461 Author: cirrusrex Date: 2006-08-05 23:25:13 -0700 (Sat, 05 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=461&view=rev Log Message: ----------- Added preliminary support for downloading reports, also removed print-view option from report select page. Reporting system is still horribly broken. Modified Paths: -------------- branches/vsc-2.0/Main/Host/Scan/include/libscan.inc branches/vsc-2.0/Main/Host/Scan/scan_viewer.php branches/vsc-2.0/Main/tpl/Host_Scan-scan_proc-scan_report.tpl branches/vsc-2.0/Main/tpl/Reports/single_scan_controls.tpl branches/vsc-2.0/Main/tpl/Reports/single_scan_csv.tpl Modified: branches/vsc-2.0/Main/Host/Scan/include/libscan.inc =================================================================== --- branches/vsc-2.0/Main/Host/Scan/include/libscan.inc 2006-08-04 20:22:05 UTC (rev 460) +++ branches/vsc-2.0/Main/Host/Scan/include/libscan.inc 2006-08-06 06:25:13 UTC (rev 461) @@ -39,6 +39,7 @@ $SCAN_format_opts = array('text', 'html','csv'); +$SCAN_format_exts = array('text'=>'txt', 'html'=>'html', 'fhtml'=>'html', 'csv'=>'csv'); $SCAN_scope_opts = array('any','info','hole'); $SCAN_mode_opts = array('diff', 'single'); $SCAN_OPTS_FORMAT = array('text'=>"Text", 'html'=>'HTML', 'fhtml'=>'Fancy HTML', 'csv'=>'CSV'); Modified: branches/vsc-2.0/Main/Host/Scan/scan_viewer.php =================================================================== --- branches/vsc-2.0/Main/Host/Scan/scan_viewer.php 2006-08-04 20:22:05 UTC (rev 460) +++ branches/vsc-2.0/Main/Host/Scan/scan_viewer.php 2006-08-06 06:25:13 UTC (rev 461) @@ -22,6 +22,7 @@ $input[] = "format"; $input[] = "print_view"; $input[] = "scope"; +$input[] = "action"; $i =& new CORE_FormInput($input); SESSION_PDATA_Register("scan_id", $i->scan_id); @@ -210,27 +211,40 @@ } -UI_Header(); +if (in_array($i->action, array("View Report", "Update"))) { + /* display report */ + UI_Header(); -UI_Form(); + UI_Form(); -$smarty->assign('scan_id', $i->scan_id); -$smarty->assign('report_host', $i->report_host); -$smarty->assign('format', $i->format); -$smarty->assign('print_view', $i->print_view); -$smarty->assign('format_opts', $SCAN_OPTS_FORMAT); -$smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); -$smarty->assign('scope', $i->scope); -$smarty->assign('mode', $i->mode); -$smarty->assign('diff_id', $i->diff_id); -$smarty->display('single_scan_controls.tpl'); -echo "<hr>"; + $smarty->assign('scan_id', $i->scan_id); + $smarty->assign('report_host', $i->report_host); + $smarty->assign('format', $i->format); + $smarty->assign('print_view', $i->print_view); + $smarty->assign('format_opts', $SCAN_OPTS_FORMAT); + $smarty->assign('scope_opts', $SCAN_OPTS_SCOPE); + $smarty->assign('scope', $i->scope); + $smarty->assign('mode', $i->mode); + $smarty->assign('diff_id', $i->diff_id); + $smarty->display('single_scan_controls.tpl'); + echo "<hr>"; -$report_data['print_view'] = false; -$smarty->assign('result_data', $report_data); -if ($i->format == 'text') echo "<pre>"; -$smarty->display("{$i->mode}_scan_{$i->format}.tpl"); -if ($i->format == 'text') echo "</pre>"; -UI_Footer(); + $report_data['print_view'] = false; + $smarty->assign('result_data', $report_data); + if (in_array($i->format, array('text', 'csv'))) echo "<pre>"; + $smarty->display("{$i->mode}_scan_{$i->format}.tpl"); + if (in_array($i->format, array('text', 'csv'))) echo "</pre>"; + UI_Footer(); +} else { + /* download report */ + $smarty->assign('result_data', $report_data); + $output = $smarty->fetch("{$i->mode}_scan_{$i->format}.tpl"); + $output_len = strlen($output); + header("Content-length: $output_len"); + header("Content-type: application/octet-stream"); + header("Content-Disposition: attachment; filename=".$i->scan_id."-report.".$SCAN_format_exts[$i->format]); + print $output; +} + ?> Modified: branches/vsc-2.0/Main/tpl/Host_Scan-scan_proc-scan_report.tpl =================================================================== --- branches/vsc-2.0/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-04 20:22:05 UTC (rev 460) +++ branches/vsc-2.0/Main/tpl/Host_Scan-scan_proc-scan_report.tpl 2006-08-06 06:25:13 UTC (rev 461) @@ -107,18 +107,21 @@ </select> </td> </tr> - <tr> + <!--tr> <td style='font-size: 10px;'> Print View </td> <td style='font-size: 10px;'> <input type='checkbox' name='print_view' value='yes'> </td> - </tr> + </tr--> <tr> - <td colspan='2' style='font-size: 10px;'> - <input type='submit' value='View Report'> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='View Report'> </td> + <td style='font-size: 10px;'> + <input type='submit' name='action' value='Download Report'> + </td> </tr> </table> {/if} Modified: branches/vsc-2.0/Main/tpl/Reports/single_scan_controls.tpl =================================================================== --- branches/vsc-2.0/Main/tpl/Reports/single_scan_controls.tpl 2006-08-04 20:22:05 UTC (rev 460) +++ branches/vsc-2.0/Main/tpl/Reports/single_scan_controls.tpl 2006-08-06 06:25:13 UTC (rev 461) @@ -32,9 +32,12 @@ </td> <td align='right'>Print View On</td> <td><input type='checkbox' name='print_view' value='yes' {if $print_view == "yes"}checked="checked"{/if}></td> - <td align=left' colspan='2'> - <input type='submit' value='Update'> + <td align=left'> + <input type='submit' name='action' value='Update'> </td> + <td align=left'> + <input type='submit' name='action' value='Download'> + </td> </tr> </table> </form> Modified: branches/vsc-2.0/Main/tpl/Reports/single_scan_csv.tpl =================================================================== --- branches/vsc-2.0/Main/tpl/Reports/single_scan_csv.tpl 2006-08-04 20:22:05 UTC (rev 460) +++ branches/vsc-2.0/Main/tpl/Reports/single_scan_csv.tpl 2006-08-06 06:25:13 UTC (rev 461) @@ -1,8 +1,6 @@ -<pre> "IP Address", "Hostname", "Plugin ID", "Port Info", "Family", "Risk Factor", "Description" {foreach name=hostid item=hostd from=$result_data.hosts} {foreach item=vuln from=$hostd.results} {$hostd.address},{$host.dns_name},{$vuln.plugin_id},{$vuln.prot}/{$vuln.port} {$vuln.service},{$vuln.family},{$vuln.severity},"{$vuln.body|replace:"\"":"'"|replace:"\n":" "}" {/foreach} {/foreach} -</pre> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-04 20:22:08
|
Revision: 460 Author: hctv19 Date: 2006-08-04 13:22:05 -0700 (Fri, 04 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=460&view=rev Log Message: ----------- Ip ranges will still being cut off at the last entry. Fixed this. Modified Paths: -------------- branches/vsc-2.0/Main/Domain/include/libnet.inc.php Modified: branches/vsc-2.0/Main/Domain/include/libnet.inc.php =================================================================== --- branches/vsc-2.0/Main/Domain/include/libnet.inc.php 2006-08-04 19:42:03 UTC (rev 459) +++ branches/vsc-2.0/Main/Domain/include/libnet.inc.php 2006-08-04 20:22:05 UTC (rev 460) @@ -384,13 +384,14 @@ var $network; var $broadcast; var $offset; + var $type; function Net_Range($ipv4) { $this->network = Net_IPv4::ip2double($ipv4['start_addr']); $this->broadcast = Net_IPv4::ip2double($ipv4['end_addr']); - - $this->offset = 1; + $this->type = $ipv4['type']; + $this->offset = 1 ; if ($ipv4['type'] == "subnet") { $this->offset = 1; @@ -412,9 +413,15 @@ } function get_next() { - if (($this->network + $this->offset) >= $this->broadcast) { + + if ($this->type == "ip_range" && ($this->network + $this->offset) > $this->broadcast) + { return NULL; } + else if (($this->type == "subnet" || $this->type == "single") && ($this->network + $this->offset) >= $this->broadcast) + { + return NULL; + } $ret_addr = $this->network + $this->offset; $this->offset++; return long2ip($ret_addr); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-04 19:42:08
|
Revision: 459 Author: hctv19 Date: 2006-08-04 12:42:03 -0700 (Fri, 04 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=459&view=rev Log Message: ----------- Ip ranges now do not get the first and last IP cropped off of the scanning list as a network and broadcast address Modified Paths: -------------- branches/vsc-2.0/Main/Domain/include/libnet.inc.php Modified: branches/vsc-2.0/Main/Domain/include/libnet.inc.php =================================================================== --- branches/vsc-2.0/Main/Domain/include/libnet.inc.php 2006-08-03 21:11:16 UTC (rev 458) +++ branches/vsc-2.0/Main/Domain/include/libnet.inc.php 2006-08-04 19:42:03 UTC (rev 459) @@ -121,6 +121,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "single"; + $net['start_addr'] = $ipv4->ip; $net['end_addr'] = $ipv4->ip; return $net; @@ -142,6 +145,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -160,6 +166,9 @@ $_error = $error->getMessage(); return false; } + //Set type + $net['type'] = "subnet"; + $net['start_addr'] = $ipv4->network; $net['end_addr'] = $ipv4->broadcast; return $net; @@ -177,6 +186,9 @@ $_error = $match[2]." is less than ".$match[1]; return false; } + //Set type + $net['type'] = "ip_range"; + $net['start_addr'] = $match[1]; $net['end_addr'] = $match[2]; //print "(F) start: ".$net['start_addr']; @@ -377,7 +389,21 @@ $this->network = Net_IPv4::ip2double($ipv4['start_addr']); $this->broadcast = Net_IPv4::ip2double($ipv4['end_addr']); + $this->offset = 1; + if ($ipv4['type'] == "subnet") + { + $this->offset = 1; + } + else if ($ipv4['type'] == "single") + { + $this->offset = 1; + } + else + { + $this->offset =0; + } + if ($this->network == $this->broadcast) { /* we have a /32 */ $this->network--; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-03 21:11:19
|
Revision: 458 Author: hctv19 Date: 2006-08-03 14:11:16 -0700 (Thu, 03 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=458&view=rev Log Message: ----------- Removed some debugging output lines of code Modified Paths: -------------- branches/vsc-2.0/Main/Host/Scan/quickscan.php Modified: branches/vsc-2.0/Main/Host/Scan/quickscan.php =================================================================== --- branches/vsc-2.0/Main/Host/Scan/quickscan.php 2006-08-03 21:07:26 UTC (rev 457) +++ branches/vsc-2.0/Main/Host/Scan/quickscan.php 2006-08-03 21:11:16 UTC (rev 458) @@ -44,9 +44,9 @@ $messages = array(); $_proc = array(); -echo "<pre>"; -print_r($i->hostids); -echo "</pre>"; +//echo "<pre>"; +//print_r($i->hostids); +//echo "</pre>"; if ($i->process == "Request") { /* finalize request */ if ($i->policy_id != "" and sizeof($hostids) > 0) { @@ -54,9 +54,9 @@ $i->policy_id = POLICY_GetIDByName('Full Scan', $_CONFIG['ROOT_DOMAIN']); $_proc[] = "<span style='color: red;'>The policy you have chosen does not exist; using Full Scan policy.</span>"; } - print "<pre>"; - print_r($hostids); - print "</pre>"; + //print "<pre>"; + //print_r($hostids); + //print "</pre>"; $bad_hosts = HOST_ValidateHostList($hostids, $_USER['domain']); if (is_array($bad_hosts) and sizeof($bad_hosts) > 0) { /* we have bad hosts */ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-03 21:07:29
|
Revision: 457 Author: hctv19 Date: 2006-08-03 14:07:26 -0700 (Thu, 03 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=457&view=rev Log Message: ----------- Removed testing tags Modified Paths: -------------- trunk/Main/Host/Scan/quickscan.php Modified: trunk/Main/Host/Scan/quickscan.php =================================================================== --- trunk/Main/Host/Scan/quickscan.php 2006-08-03 21:02:08 UTC (rev 456) +++ trunk/Main/Host/Scan/quickscan.php 2006-08-03 21:07:26 UTC (rev 457) @@ -44,7 +44,7 @@ $messages = array(); $_proc = array(); -echo "Hey this is where it would go"; + //echo "<pre>"; //print_r($i->hostids); //echo "</pre>"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-03 21:02:23
|
Revision: 456 Author: hctv19 Date: 2006-08-03 14:02:08 -0700 (Thu, 03 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=456&view=rev Log Message: ----------- Test revision Modified Paths: -------------- trunk/Main/Host/Scan/quickscan.php Modified: trunk/Main/Host/Scan/quickscan.php =================================================================== --- trunk/Main/Host/Scan/quickscan.php 2006-08-03 20:59:47 UTC (rev 455) +++ trunk/Main/Host/Scan/quickscan.php 2006-08-03 21:02:08 UTC (rev 456) @@ -44,6 +44,7 @@ $messages = array(); $_proc = array(); +echo "Hey this is where it would go"; //echo "<pre>"; //print_r($i->hostids); //echo "</pre>"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <hc...@us...> - 2006-08-03 20:59:50
|
Revision: 455 Author: hctv19 Date: 2006-08-03 13:59:47 -0700 (Thu, 03 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=455&view=rev Log Message: ----------- Removed some debugging code that was causing arrays to be printed to screen when duplicate host entries were overwritter on quickscans Modified Paths: -------------- trunk/Main/Host/Scan/quickscan.php Modified: trunk/Main/Host/Scan/quickscan.php =================================================================== --- trunk/Main/Host/Scan/quickscan.php 2006-08-03 01:25:13 UTC (rev 454) +++ trunk/Main/Host/Scan/quickscan.php 2006-08-03 20:59:47 UTC (rev 455) @@ -44,9 +44,9 @@ $messages = array(); $_proc = array(); -echo "<pre>"; -print_r($i->hostids); -echo "</pre>"; +//echo "<pre>"; +//print_r($i->hostids); +//echo "</pre>"; if ($i->process == "Request") { /* finalize request */ if ($i->policy_id != "" and sizeof($hostids) > 0) { @@ -54,9 +54,9 @@ $i->policy_id = POLICY_GetIDByName('Full Scan', $_CONFIG['ROOT_DOMAIN']); $_proc[] = "<span style='color: red;'>The policy you have chosen does not exist; using Full Scan policy.</span>"; } - print "<pre>"; - print_r($hostids); - print "</pre>"; + //print "<pre>"; + //print_r($hostids); + //print "</pre>"; $bad_hosts = HOST_ValidateHostList($hostids, $_USER['domain']); if (is_array($bad_hosts) and sizeof($bad_hosts) > 0) { /* we have bad hosts */ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-03 01:25:19
|
Revision: 454 Author: cirrusrex Date: 2006-08-02 18:25:13 -0700 (Wed, 02 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=454&view=rev Log Message: ----------- Added syslog support for pyvscd per feature request #1533189 Modified Paths: -------------- branches/vsc-2.0/pyvscd/pyvscd.conf.example branches/vsc-2.0/pyvscd/pyvscd.py Modified: branches/vsc-2.0/pyvscd/pyvscd.conf.example =================================================================== --- branches/vsc-2.0/pyvscd/pyvscd.conf.example 2006-08-02 20:41:45 UTC (rev 453) +++ branches/vsc-2.0/pyvscd/pyvscd.conf.example 2006-08-03 01:25:13 UTC (rev 454) @@ -13,6 +13,13 @@ logfile_level: 30 logfile: pyvscd.log +#syslog logging configuration +syslog_enable: no +syslog_server: localhost +syslog_port: 514 +syslog_facility: local0 +syslog_loglevel: 20 + #console logging must be enabled, but you can #set the severity logcons_level: 40 Modified: branches/vsc-2.0/pyvscd/pyvscd.py =================================================================== --- branches/vsc-2.0/pyvscd/pyvscd.py 2006-08-02 20:41:45 UTC (rev 453) +++ branches/vsc-2.0/pyvscd/pyvscd.py 2006-08-03 01:25:13 UTC (rev 454) @@ -22,9 +22,11 @@ from Queue import Queue from threading import Thread import logging +import logging.handlers import MySQLdb import os import signal +import socket import sys import time @@ -78,7 +80,27 @@ formatter = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s','%m-%d %H:%M') filelog.setFormatter(formatter) logging.getLogger().addHandler(filelog) - + + if conf.has_option('general', 'syslog_enable') and conf.getboolean('general', 'syslog_enable'): + print "Enabling Syslog..." + syslog_server = 'localhost' + syslog_port = 514 + syslog_facility = 'local1' + syslog_level = logging.INFO + if conf.has_option('general', 'syslog_server'): + syslog_server = conf.get('general', 'syslog_server') + #syslog_server = socket.inet_aton(socket.gethostbyname(conf.get('general', 'syslog_server'))) + if conf.has_option('general', 'syslog_port'): + syslog_port = conf.getint('general', 'syslog_port') + if conf.has_option('general', 'syslog_facility'): + syslog_facility = conf.get('general', 'syslog_facility') + if conf.has_option('general', 'syslog_loglevel'): + syslog_level = conf.getint('general', 'syslog_loglevel') + + syslogger = logging.handlers.SysLogHandler( (syslog_server, syslog_port), syslog_facility ) + syslogger.setLevel(syslog_level) + logging.getLogger().addHandler(syslogger) + log = logging.getLogger('pyvscd') #get mysql configuration information This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-02 20:41:51
|
Revision: 453 Author: cirrusrex Date: 2006-08-02 13:41:45 -0700 (Wed, 02 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=453&view=rev Log Message: ----------- Added a python script to perform dns caching/updating for VSC - this replaces kluged perl daemon Modified Paths: -------------- branches/vsc-2.0/pyvscd/libvscmt/__init__.py branches/vsc-2.0/pyvscd/libvscmt/host.py Added Paths: ----------- branches/vsc-2.0/pyvscd/util/cachedns.py Modified: branches/vsc-2.0/pyvscd/libvscmt/__init__.py =================================================================== --- branches/vsc-2.0/pyvscd/libvscmt/__init__.py 2006-08-02 18:09:19 UTC (rev 452) +++ branches/vsc-2.0/pyvscd/libvscmt/__init__.py 2006-08-02 20:41:45 UTC (rev 453) @@ -2,4 +2,4 @@ Multi-thread aware libvsc for pyvscd """ -__all__ = ["plugins","scan", "nessusmt", "plugins"] +__all__ = ["plugins","scan", "nessusmt", "plugins", "host"] Modified: branches/vsc-2.0/pyvscd/libvscmt/host.py =================================================================== --- branches/vsc-2.0/pyvscd/libvscmt/host.py 2006-08-02 18:09:19 UTC (rev 452) +++ branches/vsc-2.0/pyvscd/libvscmt/host.py 2006-08-02 20:41:45 UTC (rev 453) @@ -27,17 +27,6 @@ c.close() return rdict -def updateNetBios(db, scan_id, host_addr_map): - """updates the netbios and mac address information of - the hosts in the host_addr_map (e.g.,returned from the above - function) - - Keyword Arguments: - db - MySQLdb.connections.Connection - scan_id - integer - host_addr_map - dict, of ip:hostid pairs - """ - pass def saveNessusResult(db,scan_id,host_id,result): """Saves a result from the Nessus server @@ -110,3 +99,97 @@ else: return False +def updateNetBios(db, scan_id, host_addr_map): + """updates the netbios and mac address information of + the hosts in the host_addr_map (e.g.,returned from the above + function) + + Keyword Arguments: + db - MySQLdb.connections.Connection + scan_id - integer + host_addr_map - dict, of ip:hostid pairs + """ + pass + +def getNewHosts(db, limit=None): + """retrieves all new hosts in the database, that is hosts who have been recently + added and do not have a dns address cached. + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name = address " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + + c.close() + return hosts + +def getRevisitableHosts(db, limit=None): + """retrieves all hosts in the database that did not have DNS records when initially dug + these hosts exist in the database with the dns_name "address*" where address is the host's + ip + + Keyword Arguments: + db - MySQLdb.connections.Connection + limit - integer (optional) + """ + c = db.cursor() + __sql__ = "select hostid, address from Host where dns_name regexp '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\\\\*' " + if limit is not None: + __sql__ += "LIMIT 0,%s" % (limit) + + print "Executing query: %s" % (__sql__) + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address) = row + hosts[hostid] = address + row = c.fetchone() + c.close() + return hosts + +def getAllHosts(db): + """retrieves all hosts in the database + + Keyword Arguments: + db - MySQLdb.connections.Connection + """ + + c = db.cursor() + __sql__ = "select hostid, address, dns_name from Host" + c.execute(__sql__) + hosts = {} + row = c.fetchone() + while row is not None: + (hostid, address, dns_name) = row + hosts[hostid] = (address, dns_name) + row = c.fetchone() + c.close() + return hosts + +def setHostName(db, hostid, dns_name): + """sets the given host's dns_name + + Keyword Arguments: + db - MySQLdb.connections.Connection + host_id - integer + dns_name - string + """ + c = db.cursor() + __sql__ = "update Host set dns_name=%s where hostid=%s" + c.execute(__sql__, (dns_name, hostid)) + c.close() + db.commit() + Added: branches/vsc-2.0/pyvscd/util/cachedns.py =================================================================== --- branches/vsc-2.0/pyvscd/util/cachedns.py (rev 0) +++ branches/vsc-2.0/pyvscd/util/cachedns.py 2006-08-02 20:41:45 UTC (rev 453) @@ -0,0 +1,133 @@ +#!/usr/bin/env python2.4 + +""" +Python script for importing plugins from the Nessus server. +""" + +import sys +sys.path.append('../') +from ConfigParser import ConfigParser +from optparse import OptionParser +from socket import error as socket_error, gethostbyaddr +import socket +import time +import logging +import MySQLdb +from libvscmt import host + +def __main__(): + usage = "usage: %prog [options] [hosts]" + parser = OptionParser(usage=usage) + parser.add_option('-d', '--debug', action='store_true', dest='debug',help='enable debugging') + parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') + parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') + parser.add_option('-m', '--mode', dest='mode', help='DNS Cache mode: n|new - update new hosts; r|revisit - attempt to reload dns information for all unknown hosts; a|all - reload all DNS information') + parser.add_option('-l', '--limit', dest='limit', help='Limit for records to check on new and revist operations') + + (options, args) = parser.parse_args() + if not options.conf and not options.mode: + parser.print_help() + sys.exit(-1) + + logging.basicConfig() + if options.verbose: + logging.getLogger('').setLevel(logging.INFO) + + if options.debug: + #set root logger to DEBUG + logging.getLogger('').setLevel(logging.DEBUG) + #our logger should inherit the root logging level + log = logging.getLogger('cachedns') + + if options.debug: + log.debug('Debugging enabled') + elif options.verbose: + log.debug('Verbose enabled') + limit = 255 #a class C subnet seems reasonable + if options.limit: + limit = options.limit + log.debug("Record limit set to %s" % (limit)) + else: + log.debug("Record limit set to default %s" % (limit)) + + #read our config file + config = ConfigParser() + config.read(options.conf) + if not config.has_section('mysql') or not config.has_section('general'): + log.error("The config file must contain a [mysql] and [general] section!") + sys.exit(-1) + + dbhost = config.get('mysql','host') + dbuser = config.get('mysql','username') + dbpasswd = config.get('mysql','password') + dbname = config.get('mysql','database') + root_domain = config.get('general', 'root_domain') + + #open MySQL Connection + db = MySQLdb.connect(host=dbhost, user=dbuser, passwd=dbpasswd, db=dbname) + + if options.mode == 'n' or options.mode == 'new': + log.debug("Updating DNS for new hosts...") + new_hosts = host.getNewHosts(db, limit=limit) + if len(new_hosts) == 0: + log.debug("No new hosts to cache...") + sys.exit(0) + + for (hostid, address) in new_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + #code to do that + host.setHostName(db, hostid, hostname) + else: + log.debug("Marking host %s as nameless" % (hostid)) + #code to do that + host.setHostName(db, hostid, "%s*" % (address)) + elif options.mode == 'r' or options.mode == 'revisit': + log.debug("Updating DNS for revisited hosts") + rev_hosts = host.getRevisitableHosts(db, limit=limit) + if len(rev_hosts) == 0: + log.debug("No old hosts to revisit") + + for (hostid, address) in rev_hosts.iteritems(): + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host still has no name, passing...") + elif options.mode == 'a' or options.mode == 'all': + log.debug("Updating DNS for all hosts") + all_hosts = host.getAllHosts(db) + for (hostid, data) in all_hosts.iteritems(): + (address, dns_name) = data + log.debug("Grabbing DNS for %s - %s" % (hostid, address)) + hostname = get_hostname(address) + if hostname is not None and hostname != dns_name: + log.debug("Loading hostname %s for hostid %s" % (hostname, hostid)) + host.setHostName(db, hostid, hostname) + else: + log.debug("Host has no new name, passing...") + else: + log.error("No such option %s" % (options.mode)) + sys.exit(1) + +def get_hostname(address): + log = logging.getLogger('cachedns.get_hostname') + try: + (hostname, aliaslist, ipaddr_list) = gethostbyaddr(address) + log.debug("DNS name is %s" % (hostname)) + log.debug("Alias list is : " + ", ".join(aliaslist)) + return hostname + except socket.herror: + log.debug("No address found for host.") + return None + + + +if __name__ == '__main__': + __main__() + Property changes on: branches/vsc-2.0/pyvscd/util/cachedns.py ___________________________________________________________________ Name: svn:executable + * This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-02 18:09:25
|
Revision: 452 Author: cirrusrex Date: 2006-08-02 11:09:19 -0700 (Wed, 02 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=452&view=rev Log Message: ----------- pyssus-test.py modified for plugin import testing handlers.py - This fixes bug #1533247 "plugins loaded isn't identifying new severity types" loadplugins.py - added an option to run without committing changes to database Modified Paths: -------------- branches/vsc-2.0/pyvscd/pyssus/handlers.py branches/vsc-2.0/pyvscd/pyssus/test/pyssus-test.py branches/vsc-2.0/pyvscd/util/loadplugins.py Modified: branches/vsc-2.0/pyvscd/pyssus/handlers.py =================================================================== --- branches/vsc-2.0/pyvscd/pyssus/handlers.py 2006-08-02 15:53:14 UTC (rev 451) +++ branches/vsc-2.0/pyvscd/pyssus/handlers.py 2006-08-02 18:09:19 UTC (rev 452) @@ -395,7 +395,7 @@ raise NessusHandlerError, "Plugin[%s] data should contain %s, received %s --> %s" % (count, (self.basePluginLength+self.plugin_opts.__len__()), plugin.__len__(), "|||".join(plugin)) def _getSeverity(self, description): - m = re.compile("(Risk Factor|Risk)\s*:\s*([a-z|A-Z\/]+)", re.IGNORECASE|re.MULTILINE).search(description) + m = re.compile("(Risk Factor|Risk)[;\s]*:[;\s]*([a-z|A-Z\/]+)\s*.*", re.IGNORECASE|re.MULTILINE).search(description) if m == None: return "Unknown" (rb,sev) = m.group(1,2) Modified: branches/vsc-2.0/pyvscd/pyssus/test/pyssus-test.py =================================================================== --- branches/vsc-2.0/pyvscd/pyssus/test/pyssus-test.py 2006-08-02 15:53:14 UTC (rev 451) +++ branches/vsc-2.0/pyvscd/pyssus/test/pyssus-test.py 2006-08-02 18:09:19 UTC (rev 452) @@ -65,8 +65,10 @@ msg.unpack() pluginData = handlers.NessusPluginsHandler(msg, opt_list) print "Processed %s plugins" % (pluginData.plugins.__len__()) - #print "Output: " + pluginData.__str__() + print "Output: " + "\n".join(pluginData.plugins.itervalues()) + cx.close() + sys.exit(0) #handle preferences msg = cx.readMessage() while msg == None: Modified: branches/vsc-2.0/pyvscd/util/loadplugins.py =================================================================== --- branches/vsc-2.0/pyvscd/util/loadplugins.py 2006-08-02 15:53:14 UTC (rev 451) +++ branches/vsc-2.0/pyvscd/util/loadplugins.py 2006-08-02 18:09:19 UTC (rev 452) @@ -23,6 +23,7 @@ parser.add_option('-v', '--verbose', action='store_true', dest='verbose',help='enable debugging') parser.add_option('-c', '--config', dest='conf', help='pyvscd config file') parser.add_option('-S', '--ssl',action='store_true', dest='ssl',help='enable ssl for nessus connection') + parser.add_option('-n', '--nocommit', action='store_true', dest='nocommit', help='do not actually update plugin data in table') (options, args) = parser.parse_args() if not options.nessus and not options.conf: @@ -89,7 +90,7 @@ #we need to replace this with our plugins handler pluginData = VSCPluginsHandler(msg, opt_list) logging.info("Received %s plugins", str(pluginData.plugins.__len__())) - pluginData.handle(args=(db,root_domain)) + pluginData.handle(args=(db,root_domain,options.nocommit)) log.debug("disconnecting from server.") cx.close() #end main @@ -98,11 +99,11 @@ def handle(self, args): log = logging.getLogger('plugins handler') - (db,root_domain) = args - libvscmt.plugins.flushTempPlugins(db) + (db,root_domain,nocommit) = args + if not nocommit: libvscmt.plugins.flushTempPlugins(db) for p in self.plugins: - libvscmt.plugins.addPlugin(db, p) - log.debug("added %s: %s", p['plugin'], p['name']) + if not nocommit: libvscmt.plugins.addPlugin(db, p) + log.debug("added %s: %s - %s", p['plugin'], p['name'], p['severity']) families = libvscmt.plugins.getFamilies(db) if "Full Scan" not in families: @@ -114,7 +115,8 @@ polid = libvscmt.plugins.policyExists(db, family, libvscmt.plugins.POLICY_USER, root_domain) if polid is None: log.debug("policy |%s| not found!", family) - libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", + if not nocommit: + libvscmt.plugins.addPolicy(db, (family, "Automagically generated by the VSC.", 1, root_domain, libvscmt.plugins.POLICY_USER ) ) @@ -133,7 +135,7 @@ log.debug("mapping plugins to policy %s[%s]", family,polid) for pl in plugin_list: #log.debug("mapping plugin [#%s] to policy [%s]" % (pl, polid)) - if not libvscmt.plugins.isMapped(db,polid, pl): + if not libvscmt.plugins.isMapped(db,polid, pl) and not nocommit: libvscmt.plugins.mapPlugin(db,polid, pl) log.info("finished mapping plugins for this policy.") This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <cir...@us...> - 2006-08-02 15:53:17
|
Revision: 451 Author: cirrusrex Date: 2006-08-02 08:53:14 -0700 (Wed, 02 Aug 2006) ViewCVS: http://svn.sourceforge.net/vscweb/?rev=451&view=rev Log Message: ----------- Copied pyvscd from the trunk to 2.0 where it needs to be Added Paths: ----------- branches/vsc-2.0/pyvscd/ Copied: branches/vsc-2.0/pyvscd (from rev 450, trunk/pyvscd) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: Matt W. <cir...@us...> - 2006-07-27 21:58:36
|
Update of /cvsroot/vscweb/vsc/Main/Host/Scan/include In directory sc8-pr-cvs9.sourceforge.net:/tmp/cvs-serv6415/Main/Host/Scan/include Removed Files: CalendarPopup.js Log Message: Updatd installation documentation --- CalendarPopup.js DELETED --- |
From: Matt W. <cir...@us...> - 2006-07-27 21:58:33
|
Update of /cvsroot/vscweb/vsc In directory sc8-pr-cvs9.sourceforge.net:/tmp/cvs-serv6415 Modified Files: INSTALL Log Message: Updatd installation documentation Index: INSTALL =================================================================== RCS file: /cvsroot/vscweb/vsc/INSTALL,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** INSTALL 9 Nov 2004 17:40:52 -0000 1.7 --- INSTALL 27 Jul 2006 21:58:28 -0000 1.8 *************** *** 238,241 **** --- 238,249 ---- contained in the VAR_DIR directory configured via the VSC web interface. + CalendarPopup.js + + You will also need to retrieve a copy of CalendarPopup.js from Matt Kruse's website: + http://www.mattkruse.com/javascript/calendarpopup/ + + Once you have this, you need to put CalendarPopup.js into Main/Host/Scan/include otherwise the calendar will + not work for the scan request wizard. + Once this has been completed, you should be able to login to the VSC and start using it right away! |
From: <wi...@bi...> - 2006-04-11 14:29:19
|
Author: wirges Date: 2006-04-11 10:29:02 -0400 (Tue, 11 Apr 2006) New Revision: 441 Modified: branches/vsc-2.0/Main/People/Session/I2A2/login_proc.php branches/vsc-2.0/Main/People/Session/include/libsession.inc Log: Fixed a bug that prevented query string data from being persisted as a us= er was rerouted through the login process if their session had timed out. Modified: branches/vsc-2.0/Main/People/Session/I2A2/login_proc.php =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- branches/vsc-2.0/Main/People/Session/I2A2/login_proc.php 2006-03-23 0= 1:41:09 UTC (rev 440) +++ branches/vsc-2.0/Main/People/Session/I2A2/login_proc.php 2006-04-11 1= 4:29:02 UTC (rev 441) @@ -85,7 +85,7 @@ error_reporting(E_ALL); } else { if (isset($_REQUEST['target'])) { - login_box("Invalid session or session timed out!"); + login_box("Your session timed out! Please login to proceed."); } else { login_box("Error authenticating: bad login name or password."); } @@ -116,7 +116,7 @@ =20 function login_box($message) { global $INC_PATH, $IMAGE_PATH,$_CONFIG; =20 - UI_Header("Login Error"); + UI_Header("VSC Login"); echo "<h2>$message</h2>"; echo "<div style=3D'font-style: italic;'>".$_CONFIG['login_banner']."= </div>"; echo "<form action=3D'{$_SERVER['PHP_SELF']}' method=3D'POST'>"; Modified: branches/vsc-2.0/Main/People/Session/include/libsession.inc =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- branches/vsc-2.0/Main/People/Session/include/libsession.inc 2006-03-2= 3 01:41:09 UTC (rev 440) +++ branches/vsc-2.0/Main/People/Session/include/libsession.inc 2006-04-1= 1 14:29:02 UTC (rev 441) @@ -67,6 +67,7 @@ if (isset($_SERVER['PHP_SELF'])) { list($void, $path) =3D explode($_SERVER['HTTP_HOST'], $IMAGE_PA= TH); $r_path =3D str_replace($path, "", $_SERVER['PHP_SELF']); + $r_path =3D $r_path . "?".$_SERVER['QUERY_STRING']; $return =3D base64_encode($r_path); $auth_url =3D str_replace("AUTH_", "",$_CONFIG['use_auth']); if ($auth_url =3D=3D "STD") $auth_url =3D 'SUPA'; |
From: <wi...@bi...> - 2006-03-23 01:38:37
|
Author: wirges Date: 2006-03-22 20:38:30 -0500 (Wed, 22 Mar 2006) New Revision: 439 Removed: branches/vsc-2.1/ Modified: trunk/Main/image/X.png Log: Addex X.png backin, hope i fixed the proplist problem removed misfired branch creation Property changes on: trunk/Main/image/X.png ___________________________________________________________________ Name: svn:eol-style - native |
From: <wi...@bi...> - 2006-03-22 23:36:48
|
Author: wirges Date: 2006-03-22 18:36:36 -0500 (Wed, 22 Mar 2006) New Revision: 437 Modified: trunk/pyvscd/libvscmt/nessusmt.py trunk/pyvscd/pyssus/__init__.py Log: Fixed nessusmt library to use email.MIMEText for proper message formattin= g Also added imports to __init__.py so pyssus package is more sane Modified: trunk/pyvscd/libvscmt/nessusmt.py =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/pyvscd/libvscmt/nessusmt.py 2006-03-22 04:03:29 UTC (rev 436) +++ trunk/pyvscd/libvscmt/nessusmt.py 2006-03-22 23:36:36 UTC (rev 437) @@ -9,7 +9,7 @@ import smtplib import socket import time -from email.MIMEMultipart import MIMEMultipart +from email.MIMEText import MIMEText from threading import Thread from pyssus import * from libvscmt import scan,host @@ -42,10 +42,6 @@ scan_user =3D linkScanToUser(db, self.scan_id) =20 self._dbq.put(db) #code to send email - remail =3D MIMEMultipart() - remail['Subject'] =3D "[Scan #%s] Vulnerability Scan Results" %= (self.scan_id) - remail['From'] =3D self.config['SYS_EMAIL'] #needs the vsc from= addr - remail['To'] =3D scan_user['email'] #needs the requester's emai= l addr email_str =3D """%s,=20 =20 The scan you requested on %s was started on %s after a delay of %s it fi= nished in %s. @@ -60,12 +56,15 @@ timeDuration(scan_stats['delay']), timeDuration(scan_stats[= 'task']), self.config['report_base'], self.scan_id ) - remail.set_payload(email_str) + remail =3D MIMEText(email_str) + remail['Subject'] =3D "[Scan #%s] Vulnerability Scan Results" %= (self.scan_id) + remail['From'] =3D self.config['SYS_EMAIL'] #needs the vsc from= addr + remail['To'] =3D scan_user['email'] #needs the requester's emai= l addr =20 #send the message s =3D smtplib.SMTP() s.connect(self.config['smtp_server']) - s.sendmail(self.config['SYS_EMAIL'],scan_user['email'], remail.= as_string()) + s.sendmail(self.config['SYS_EMAIL'],[scan_user['email']], remai= l.as_string()) s.close() except Exception, e: log.warn("Exception encountered while sending notification!") Modified: trunk/pyvscd/pyssus/__init__.py =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/pyvscd/pyssus/__init__.py 2006-03-22 04:03:29 UTC (rev 436) +++ trunk/pyvscd/pyssus/__init__.py 2006-03-22 23:36:36 UTC (rev 437) @@ -13,5 +13,9 @@ Copyright (C) 2005 - Purdue University =20 """ - +import comm +import commands +import data +import handlers +import message __all__ =3D ["comm", "commands", "data", "handlers", "message"] |
From: <wi...@bi...> - 2006-03-22 04:03:36
|
Author: wirges Date: 2006-03-21 23:03:29 -0500 (Tue, 21 Mar 2006) New Revision: 436 Modified: trunk/Main/People/LDAP/include/ldap.class.php trunk/Main/People/LDAP/include/libldap.inc trunk/Main/People/Session/LDAP/login_proc.php Log: Fixed LDAP+TLS support. Also added optional "LDAP_AUTH_*" _CONFIG vars for instances where the authenticating ldap server is not the same as the directory server. Modified: trunk/Main/People/LDAP/include/ldap.class.php =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/Main/People/LDAP/include/ldap.class.php 2006-01-26 19:37:18 UTC= (rev 435) +++ trunk/Main/People/LDAP/include/ldap.class.php 2006-03-22 04:03:29 UTC= (rev 436) @@ -107,7 +107,6 @@ $bind_dn =3D "$type=3D{$id}{$append},{$this->_authDN}"; =20 __debug_w("Bind DN: $bind_dn\n"); - =20 if (!$this->_bind($bind_dn, $password)) { return false; } else { @@ -173,7 +172,7 @@ return _connect($this->_convServer, $this->_convPort); } function connectTLS() { - if ($this->_connect($this->_convServer, $this->_convPort)) { + if ($this->_connect($this->_convServer, $this->_convPorts)) { if (!ldap_start_tls($this->_ds)) { $this->_error =3D "Could not initiate StartTLS connection."; return false; Modified: trunk/Main/People/LDAP/include/libldap.inc =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/Main/People/LDAP/include/libldap.inc 2006-01-26 19:37:18 UTC (r= ev 435) +++ trunk/Main/People/LDAP/include/libldap.inc 2006-03-22 04:03:29 UTC (r= ev 436) @@ -49,7 +49,7 @@ function LDAP_QueryServer($search_string,$values=3DNULL) { global $_CONFIG; __DEBUG_W("LDAP_QueryServer: $search_string, $values"); - $_ENV["LDAPCONF"]=3D"/etc/ldap.conf";=20 + $_ENV["LDAPCONF"]=3D"/etc/ldap/ldap.conf";=20 // open an LDAP connection (similiar to mysql_connect $ds =3D ldap_connect($_CONFIG['LDAP_SERVER'],$_CONFIG['LDAP_PORT']= ); if ($_CONFIG['LDAP_TLS_SUPPORT']) { Modified: trunk/Main/People/Session/LDAP/login_proc.php =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/Main/People/Session/LDAP/login_proc.php 2006-01-26 19:37:18 UTC= (rev 435) +++ trunk/Main/People/Session/LDAP/login_proc.php 2006-03-22 04:03:29 UTC= (rev 436) @@ -71,15 +71,26 @@ $username =3D $i->username; $password =3D $i->password; =20 -$ldap =3D new LDAP_Connection($_CONFIG['LDAP_SERVER'],$_CONFIG['LDAP_POR= T'], - $_CONFIG['LDAP_PORT_TLS'],$_CONFIG['LDAP_BAS= E_DN']); -if (!$ldap->connectSSL()) Error("Could not Connect to {$_CONFIG['LDAP_SE= RVER']}=20 +if (isset($_CONFIG['LDAP_AUTH_SERVER'])) { + $ldap_server =3D $_CONFIG['LDAP_AUTH_SERVER']; + $ldap_port =3D $_CONFIG['LDAP_AUTH_PORT']; + $ldap_port_tls =3D $_CONFIG['LDAP_AUTH_PORT_TLS']; + $ldap_base_dn =3D $_CONFIG['LDAP_AUTH_BASE_DN']; +} else { + $ldap_server =3D $_CONFIG['LDAP_SERVER']; + $ldap_port =3D $_CONFIG['LDAP_PORT']; + $ldap_port_tls =3D $_CONFIG['LDAP_PORT_TLS']; + $ldap_base_dn =3D $_CONFIG['LDAP_BASE_DN']; +} + +$ldap =3D new LDAP_Connection($ldap_server,$ldap_port, $ldap_port_tls, $= ldap_base_dn); +if (!$ldap->connectTLS()) Error("Could not Connect to {$_CONFIG['LDAP_SE= RVER']}=20 with StartTLS", ERR_FATAL); $auth =3D new LDAP_Authenticate($ldap); =20 $rad =3D isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : ""; = // also used later $newUser =3D false; -if ($auth->auth($username, $password, "uid")) { +if (@$auth->auth($username, $password, "uid")) { __DEBUG_W("We have a remote user: {$username}"); error_reporting(0); include "$INC_PATH/People/LDAP/include/libldap.inc"; |
From: <wi...@bi...> - 2006-01-26 19:37:28
|
Author: wirges Date: 2006-01-26 14:37:18 -0500 (Thu, 26 Jan 2006) New Revision: 435 Added: branches/vsc-2.0/daemon/tasks/revisit_dns_all.pl Log: Added a script to refresh all dns entries, nightly. Added: branches/vsc-2.0/daemon/tasks/revisit_dns_all.pl =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- branches/vsc-2.0/daemon/tasks/revisit_dns_all.pl = (rev 0) +++ branches/vsc-2.0/daemon/tasks/revisit_dns_all.pl 2006-01-26 19:37:18 = UTC (rev 435) @@ -0,0 +1,59 @@ +#!/usr/bin/perl + = =20 +my $me =3D 'revisit_dns_all.pl'; + = =20 +use vars qw( %task $me ); + = =20 +$task{$me}{timespec} =3D '15 0 * * *'; +$task{$me}{on_startup} =3D 1; + = =20 +$task{$me}{code} =3D sub +{ + #my ($datasource, $db_username, $db_password) =3D @_; + #$dbh =3D DBI->connect($datasource, $db_username, $db_password); +=20 + $SIG{PIPE} =3D sub { writeLog("revisit_dns encountered a sigpipe, this= causing the issue?"); }; +=20 + #my $query =3D qq[UPDATE Host SET dns_name =3D ?, mac_address =3D ?, s= mbname =3D ? WHERE hostid =3D ?]; + my $query =3D qq[UPDATE Host SET dns_name =3D ? WHERE hostid =3D ?]; + my $update =3D $dbh->prepare($query); + + $query =3D qq[SELECT hostid, address FROM Host]; + my $sth =3D $dbh->prepare($query); + $sth->execute(); + + while (my $row =3D $sth->fetchrow_hashref) + { + #my $nb =3D Net::NBName->new; + #my $ns =3D $nb->node_status($row->{address}, .10); + + my $machine =3D ''; + my $mac_address =3D ''; + + #if ($ns) + # { + # for my $rr ($ns->names) + # { + # if ($rr->suffix =3D=3D 0 && $rr->G eq "UNIQUE") { + # $machine =3D $rr->name unless $rr->name =3D~ /^IS~/; + # } + # } + # $mac_address =3D $ns->mac_address; + # } + + if (my $host =3D gethostbyaddr(inet_aton($row->{address}), AF_INET)) + { + $dn =3D $host; + } else { + $dn =3D $row->{address} . "*"; + } + + writeLog (qq[Updating DNS for $row->{address} to $dn]); + #$update->execute ($dn, $mac_address, $machine, $row->{hostid}); + $update->execute ($dn, $row->{hostid}); + } + + $sth->finish; + + }; +1; |
From: <wi...@bi...> - 2006-01-21 01:16:36
|
Author: wirges Date: 2006-01-20 20:19:27 -0500 (Fri, 20 Jan 2006) New Revision: 434 Modified: trunk/pyvscd/README Log: Added instructions on adding SSL support. Modified: trunk/pyvscd/README =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/pyvscd/README 2005-12-13 03:59:19 UTC (rev 433) +++ trunk/pyvscd/README 2006-01-21 01:19:27 UTC (rev 434) @@ -4,6 +4,9 @@ ** PLEASE SEE the file UPGRADE, if you are upgrading from an existing ve= rsion of the VSC. ** =20 +** IMPORTANT UPDATE ** Please see the bottom of this file for important = information=20 + about using Nessus+SSL with the pyvscd. + ABOUT ------ =20 @@ -148,6 +151,21 @@ are processing, and we have two batches of different size (50 and 10, = for example),=20 the batch that fits will be run (batch of 10). =20 +Enabling SSL: + + Unfortunately, there is no option in the pyvscd.conf file to enable SS= L support. This=20 +is something that needs to be added, and should be in the final release.= In the meantime,=20 +to tell the pyvscd to enable SSL support, you must add the following con= figuration option +to the "_main" section of the System Config via the web interface: + + Name: "use_ssl" + Value: "yes" + Type: "yes/no" + + Once you add this option, make sure that it is set to "yes". + + The pyvscd should then use pyOpenSSL to connect to the Nessus server/cl= uster. + NOTES ------ The pyvscd has been tested on Debian GNU/Linux (unstable) using Python 2= .4 with=20 |