diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php
index 69ec49cfce..7722463c65 100644
--- a/pandora_console/godmode/menu.php
+++ b/pandora_console/godmode/menu.php
@@ -200,11 +200,18 @@ if (check_acl($config['id_user'], 0, 'AW') || check_acl($config['id_user'], 0, '
$menu_godmode['gservers']['id'] = 'god-servers';
$sub = [];
+ if (check_acl($config['id_user'], 0, 'PM')) {
+ $sub['godmode/servers/discovery']['text'] = __('Discover');
+ $sub['godmode/servers/discovery']['id'] = 'Discover';
+ }
+
if (check_acl($config['id_user'], 0, 'AW')) {
$sub['godmode/servers/modificar_server']['text'] = __('Manage servers');
$sub['godmode/servers/modificar_server']['id'] = 'Manage servers';
}
+
+
// This subtabs are only for Pandora Admin
if (check_acl($config['id_user'], 0, 'PM')) {
enterprise_hook('ha_cluster');
diff --git a/pandora_console/godmode/servers/discovery.php b/pandora_console/godmode/servers/discovery.php
new file mode 100755
index 0000000000..557b7bf5b3
--- /dev/null
+++ b/pandora_console/godmode/servers/discovery.php
@@ -0,0 +1,67 @@
+run();
+ // TODO: Here we'll controlle if return is a valid recon task id.
+ exit();
+}
+
+if ($classname_selected === null) {
+ // Load classes and print selector.
+ echo '';
+ foreach ($classes as $classpath) {
+ $classname = basename($classpath, '.class.php');
+ $obj = new $classname();
+ $wiz_data = $obj->load();
+
+ hd($wiz_data);
+ ?>
+ -
+
+
+
+
+
+
+ ';
+}
diff --git a/pandora_console/godmode/wizards/HostDevices.class.php b/pandora_console/godmode/wizards/HostDevices.class.php
new file mode 100755
index 0000000000..b41788f344
--- /dev/null
+++ b/pandora_console/godmode/wizards/HostDevices.class.php
@@ -0,0 +1,835 @@
+id = null;
+ $this->msg = $msg;
+ $this->icon = $icon;
+ $this->label = $label;
+ $this->page = $page;
+ $this->url = ui_get_full_url(
+ 'index.php?sec=gservers&sec2=godmode/servers/discovery&wiz=hd'
+ );
+
+ return $this;
+ }
+
+
+ /**
+ * Undocumented function
+ *
+ * @return void
+ */
+ public function run()
+ {
+ global $config;
+ $mode = get_parameter('mode', null);
+
+ if ($mode === null) {
+ echo 'Importar csv';
+ echo 'Escanear red';
+ return;
+ }
+
+ if ($mode == 'importcsv') {
+ return $this->runCSV();
+ }
+
+ if ($mode == 'netscan') {
+ return $this->runNetScan();
+ }
+
+ return null;
+ }
+
+
+ /**
+ * Checks if environment is ready,
+ * returns array
+ * icon: icon to be displayed
+ * label: label to be displayed
+ *
+ * @return array With data.
+ **/
+ public function load()
+ {
+ return [
+ 'icon' => $this->icon,
+ 'label' => $this->label,
+ 'url' => $this->url,
+ ];
+ }
+
+
+ // extra methods
+
+
+ /**
+ * Undocumented function
+ *
+ * @return void
+ */
+ public function runCSV()
+ {
+ global $config;
+ echo 'formulario csv';
+ if (isset($this->page) === false || $this->page === 0) {
+ $this->page = 0;
+
+ $test = get_parameter('test', null);
+
+ // Check user answers.
+ if ($test !== null) {
+ // $this->process_page_0($respuestas_usuario)
+ $this->page++;
+ header(
+ 'Location: '.$this->url.'&page='.$this->page
+ );
+ } else {
+ // Mostrar pagina 0.
+ echo 'Aqui vamos a empezar a construir el formulario.';
+ ?>
+
+ page == 1) {
+ // Code...
+ $this->page++;
+ return;
+ header('Location: index.php?class=HostDevices&page='.$this->page);
+ } else if ($this->page == 2) {
+ // Code...
+ $this->page++;
+ header('Location: index.php?class=HostDevices&page='.$this->page);
+ } else if ($this->page == 3) {
+ // Code...
+ $this->page++;
+ header('Location: /XXX/discovery/index.php?class=HostDevices&page='.$this->page);
+ }
+
+ // Page 4, last.
+ return [
+ 'result' => $this->result,
+ 'id' => $this->id,
+ 'msg' => $this->msg,
+ ];
+
+ }
+
+
+ /**
+ * Undocumented function
+ *
+ * @return void
+ */
+ public function runNetScan()
+ {
+ global $config;
+
+ echo 'formulario netscan';
+ check_login();
+
+ if (! check_acl($config['id_user'], 0, 'PM')) {
+ db_pandora_audit(
+ 'ACL Violation',
+ 'Trying to access Agent Management'
+ );
+ include 'general/noaccess.php';
+ return;
+ }
+
+ include_once $config['homedir'].'/include/functions_users.php';
+
+ $user_groups = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
+ $user_groups = array_keys($user_groups);
+
+ if (is_ajax()) {
+ $get_explanation = (bool) get_parameter('get_explanation', 0);
+
+ if ($get_explanation) {
+ $id = (int) get_parameter('id', 0);
+
+ $explanation = db_get_value('description', 'trecon_script', 'id_recon_script', $id);
+
+ echo io_safe_output($explanation);
+
+ return;
+ }
+
+ $get_recon_script_macros = get_parameter('get_recon_script_macros');
+ if ($get_recon_script_macros) {
+ $id_recon_script = (int) get_parameter('id');
+ $id_recon_task = (int) get_parameter('id_rt');
+
+ if (!empty($id_recon_task) && empty($id_recon_script)) {
+ $recon_script_macros = db_get_value('macros', 'trecon_task', 'id_rt', $id_recon_task);
+ } else if (!empty($id_recon_task)) {
+ $recon_task_id_rs = (int) db_get_value('id_recon_script', 'trecon_task', 'id_rt', $id_recon_task);
+
+ if ($id_recon_script == $recon_task_id_rs) {
+ $recon_script_macros = db_get_value('macros', 'trecon_task', 'id_rt', $id_recon_task);
+ } else {
+ $recon_script_macros = db_get_value('macros', 'trecon_script', 'id_recon_script', $id_recon_script);
+ }
+ } else if (!empty($id_recon_script)) {
+ $recon_script_macros = db_get_value('macros', 'trecon_script', 'id_recon_script', $id_recon_script);
+ } else {
+ $recon_script_macros = [];
+ }
+
+ $macros = [];
+ $macros['base64'] = base64_encode($recon_script_macros);
+ $macros['array'] = json_decode($recon_script_macros, true);
+
+ echo io_json_mb_encode($macros);
+ return;
+ }
+
+ return;
+ }
+
+ // Edit mode.
+ if (isset($_GET['update']) || (isset($_GET['upd']))) {
+ $update_recon = true;
+ if (isset($_GET['upd'])) {
+ if ($_GET['upd'] != 'update') {
+ $update_recon = false;
+ } else {
+ $id_rt = get_parameter('upd');
+ }
+ }
+
+ if ($update_recon) {
+ if (!isset($id_rt)) {
+ $id_rt = (int) get_parameter_get('update');
+ }
+
+ $row = db_get_row('trecon_task', 'id_rt', $id_rt);
+ $name = $row['name'];
+ $network = $row['subnet'];
+ $id_recon_server = $row['id_recon_server'];
+ $description = $row['description'];
+ $interval = $row['interval_sweep'];
+ $id_group = $row['id_group'];
+ $create_incident = $row['create_incident'];
+ $id_network_profile = $row['id_network_profile'];
+ $id_os = $row['id_os'];
+ $recon_ports = $row['recon_ports'];
+ $snmp_community = $row['snmp_community'];
+ $snmp_version = $row['snmp_version'];
+ $snmp3_auth_user = $row['snmp_auth_user'];
+ $snmp3_auth_pass = $row['snmp_auth_pass'];
+ $snmp3_privacy_method = $row['snmp_privacy_method'];
+ $snmp3_privacy_pass = $row['snmp_privacy_pass'];
+ $snmp3_auth_method = $row['snmp_auth_method'];
+ $snmp3_security_level = $row['snmp_security_level'];
+ $id_recon_script = $row['id_recon_script'];
+ $field1 = $row['field1'];
+ $field2 = $row['field2'];
+ $field3 = $row['field3'];
+ $field4 = $row['field4'];
+ if ($id_recon_script == 0) {
+ $mode = 'network_sweep';
+ } else {
+ $mode = 'recon_script';
+ }
+
+ $os_detect = $row['os_detect'];
+ $resolve_names = $row['resolve_names'];
+ $os_detect = $row['os_detect'];
+ $parent_detection = $row['parent_detection'];
+ $parent_recursion = $row['parent_recursion'];
+ $macros = $row['macros'];
+ $alias_as_name = $row['alias_as_name'];
+ $snmp_enabled = $row['snmp_enabled'];
+ $vlan_enabled = $row['vlan_enabled'];
+
+ $name_script = db_get_value(
+ 'name',
+ 'trecon_script',
+ 'id_recon_script',
+ $id_recon_script
+ );
+
+ if (! in_array($id_group, $user_groups)) {
+ db_pandora_audit(
+ 'ACL Violation',
+ 'Trying to access Recon Task Management'
+ );
+ include 'general/noaccess.php';
+ return;
+ }
+ }
+ } else if (isset($_GET['create']) || isset($_GET['crt'])) {
+ $create_recon = true;
+ if (isset($_GET['crt'])) {
+ if ($_GET['crt'] != 'Create') {
+ $create_recon = false;
+ }
+ }
+
+ if ($create_recon) {
+ $id_rt = -1;
+ $name = get_parameter('name');
+ $network = get_parameter('network');
+ $description = get_parameter('description');
+ $id_recon_server = 0;
+ $interval = 0;
+ $id_group = 0;
+ $create_incident = 1;
+ $snmp_community = 'public';
+ $snmp3_auth_user = '';
+ $snmp3_auth_pass = '';
+ $snmp_version = 1;
+ $snmp3_privacy_method = '';
+ $snmp3_privacy_pass = '';
+ $snmp3_auth_method = '';
+ $snmp3_security_level = '';
+ $id_network_profile = 0;
+ $id_os = -1;
+ // Any
+ $recon_ports = '';
+ // Any
+ $field1 = '';
+ $field2 = '';
+ $field3 = '';
+ $field4 = '';
+ $id_recon_script = 0;
+ $mode = 'network_sweep';
+ $os_detect = 0;
+ $resolve_names = 0;
+ $parent_detection = 1;
+ $parent_recursion = 5;
+ $macros = '';
+ $alias_as_name = 0;
+ $snmp_enabled = 0;
+ $vlan_enabled = 0;
+ }
+
+ $modify = false;
+ if (($name != '') || ($network != '')) {
+ $modify = true;
+ }
+ }
+
+ $is_windows = strtoupper(substr(PHP_OS, 0, 3)) == 'WIN';
+ if ($is_windows) {
+ echo '';
+ echo __('Warning').': '.__('By default, in Windows, %s only support Standard network sweep, not custom scripts', get_product_name());
+ echo '
';
+ }
+
+ $table = new stdClass();
+ $table->id = 'table_recon';
+ $table->width = '100%';
+ $table->cellspacing = 4;
+ $table->cellpadding = 4;
+ $table->class = 'databox filters';
+
+ $table->rowclass[3] = 'network_sweep';
+ $table->rowclass[5] = 'network_sweep';
+ $table->rowclass[7] = 'network_sweep';
+ $table->rowclass[8] = 'network_sweep';
+ $table->rowclass[11] = 'network_sweep';
+ $table->rowclass[12] = 'network_sweep';
+ $table->rowclass[18] = 'network_sweep';
+ $table->rowclass[19] = 'network_sweep';
+ $table->rowclass[20] = 'network_sweep';
+ $table->rowclass[21] = 'network_sweep';
+ $table->rowclass[22] = 'network_sweep';
+ $table->rowclass[23] = 'network_sweep';
+ $table->rowclass[24] = 'network_sweep';
+ $table->rowclass[25] = 'network_sweep recon_v3';
+ $table->rowclass[26] = 'network_sweep recon_v3';
+ $table->rowclass[27] = 'network_sweep recon_v3';
+ $table->rowclass[28] = 'network_sweep recon_v3';
+ $table->rowclass[29] = 'network_sweep recon_v3';
+ $table->rowclass[30] = 'network_sweep recon_v3';
+
+ $table->rowclass[6] = 'recon_script';
+ $table->rowclass[13] = 'recon_script';
+ $table->rowclass[14] = 'recon_script';
+ $table->rowclass[15] = 'recon_script';
+ $table->rowclass[16] = 'recon_script';
+ $table->rowclass[17] = 'recon_script';
+ // Name.
+ $table->data[0][0] = ''.__('Task name').'';
+ $table->data[0][1] = html_print_input_text('name', $name, '', 25, 0, true);
+
+ // Recon server.
+ $table->data[1][0] = ''.__('Recon server').ui_print_help_tip(
+ __('You must select a Recon Server for the Task, otherwise the Recon Task will never run'),
+ true
+ );
+
+ $sql = 'SELECT id_server, name
+ FROM tserver
+ WHERE server_type = 3
+ ORDER BY name';
+ $table->data[1][1] = html_print_select_from_sql($sql, 'id_recon_server', $id_recon_server, '', '', '', true);
+
+ $fields['network_sweep'] = __('Network sweep');
+ if (!$is_windows) {
+ $fields['recon_script'] = __('Custom script');
+ }
+
+ $table->data[2][0] = ''.__('Mode').'';
+ $table->data[2][1] = html_print_select($fields, 'mode', $mode, '', '', 0, true);
+
+ // Network.
+ $table->data[3][0] = ''.__('Network').'';
+ $table->data[3][0] .= ui_print_help_tip(__('You can specify several networks, separated by commas, for example: 192.168.50.0/24,192.168.60.0/24'), true);
+ $table->data[3][1] = html_print_input_text('network', $network, '', 25, 0, true);
+
+ // Interval.
+ $interv_manual = 0;
+ if ((int) $interval == 0) {
+ $interv_manual = 1;
+ }
+
+ $table->data[4][0] = ''.__('Interval');
+ $table->data[4][0] .= ui_print_help_tip(__('Manual interval means that it will be executed only On-demand'), true);
+
+ $values = [
+ 0 => __('Defined'),
+ 1 => __('Manual'),
+ ];
+ $table->data[4][1] = html_print_select($values, 'interval_manual_defined', $interv_manual, '', '', '', true);
+
+ $table->data[4][1] .= '';
+ $table->data[4][1] .= html_print_extended_select_for_time('interval', $interval, '', '', '0', false, true, false, false);
+ $table->data[4][1] .= ui_print_help_tip(__('The minimum recomended interval for Recon Task is 5 minutes'), true);
+ $table->data[4][1] .= '';
+
+ // Module template.
+ $table->data[5][0] = ''.__('Module template').'';
+
+ $sql = 'SELECT id_np, name
+ FROM tnetwork_profile
+ ORDER BY name';
+ $table->data[5][1] = html_print_select_from_sql($sql, 'id_network_profile', $id_network_profile, '', __('None'), 0, true);
+
+ // Recon script.
+ $data[1] = '';
+ $table->data[6][0] = ''.__('Recon script').'';
+
+ $sql = "SELECT id_recon_script, name
+ FROM trecon_script
+ WHERE name <> 'IPAM Recon'
+ ORDER BY name";
+ if ($name_script != 'IPAM Recon') {
+ $table->data[6][1] = html_print_select_from_sql($sql, 'id_recon_script', $id_recon_script, '', '', '', true);
+ $table->data[6][1] .= "".html_print_image('images/spinner.gif', true).'';
+ $table->data[6][1] .= $data[1] .= html_print_input_hidden('macros', base64_encode($macros), true);
+ } else {
+ $table->data[6][1] = 'IPAM Recon';
+ }
+
+ // OS.
+ $table->data[7][0] = ''.__('OS').'';
+
+ $sql = 'SELECT id_os, name
+ FROM tconfig_os
+ ORDER BY name';
+ $table->data[7][1] = html_print_select_from_sql($sql, 'id_os', $id_os, '', __('Any'), -1, true);
+
+ // Recon ports.
+ $table->data[8][0] = ''.__('Ports').'';
+ $table->data[8][1] = html_print_input_text('recon_ports', $recon_ports, '', 25, 0, true);
+ $table->data[8][1] .= ui_print_help_tip(
+ __('Ports defined like: 80 or 80,443,512 or even 0-1024 (Like Nmap command line format). If dont want to do a sweep using portscan, left it in blank'),
+ true
+ );
+
+ // Group.
+ $table->data[9][0] = ''.__('Group');
+ $groups = users_get_groups(false, 'PM', false);
+ $table->data[9][1] = html_print_select_groups(false, 'PM', false, 'id_group', $id_group, '', '', 0, true);
+
+ // Incident.
+ $values = [
+ 0 => __('No'),
+ 1 => __('Yes'),
+ ];
+ $table->data[10][0] = ''.__('Incident');
+ $table->data[10][1] = html_print_select(
+ $values,
+ 'create_incident',
+ $create_incident,
+ '',
+ '',
+ '',
+ true
+ ).' '.ui_print_help_tip(__('Choose if the discovery of a new system creates an incident or not.'), true);
+
+ // snmp_enabled.
+ $table->data[11][0] = ''.__('SNMP enabled');
+ $table->data[11][1] = html_print_checkbox('snmp_enabled', 1, $snmp_enabled, true);
+
+ // SNMP default community.
+ $table->data[12][0] = ''.__('SNMP Default community');
+ $table->data[12][0] .= ui_print_help_tip(__('You can specify several values, separated by commas, for example: public,mysecret,1234'), true);
+ $table->data[12][1] = html_print_input_text('snmp_community', $snmp_community, '', 35, 0, true);
+
+ // SNMP version.
+ $snmp_versions['1'] = 'v. 1';
+ $snmp_versions['2'] = 'v. 2';
+ $snmp_versions['2c'] = 'v. 2c';
+ $snmp_versions['3'] = 'v. 3';
+ $table->data[24][0] = ''._('SNMP version');
+ $table->data[24][1] = html_print_select($snmp_versions, 'snmp_version', $snmp_version, '', '', 0, true);
+
+ $table->data[25][0] = ''.__('Auth user');
+ $table->data[25][1] = html_print_input_text(
+ 'snmp_auth_user',
+ $snmp3_auth_user,
+ '',
+ 15,
+ 60,
+ true,
+ '',
+ false,
+ '',
+ ''
+ );
+ $table->data[26][0] = ''.__('Auth password').ui_print_help_tip(__('The pass length must be eight character minimum.'), true);
+ $table->data[26][1] = html_print_input_password(
+ 'snmp_auth_pass',
+ $snmp3_auth_pass,
+ '',
+ 15,
+ 60,
+ true,
+ '',
+ false,
+ ''
+ );
+ $table->data[26][1] .= html_print_input_hidden_extended('active_snmp_v3', 0, 'active_snmp_v3_mmen', true);
+
+ $table->data[27][0] = ''.__('Privacy method');
+ $table->data[27][1] = html_print_select(['DES' => __('DES'), 'AES' => __('AES')], 'snmp_privacy_method', $snmp3_privacy_method, '', '', '', true, false, false, '', '');
+ $table->data[28][0] = ''.__('Privacy pass').ui_print_help_tip(__('The pass length must be eight character minimum.'), true);
+ $table->data[28][1] = html_print_input_password(
+ 'snmp_privacy_pass',
+ $snmp3_privacy_pass,
+ '',
+ 15,
+ 60,
+ true,
+ '',
+ false,
+ ''
+ );
+ $table->data[29][0] = ''.__('Auth method');
+ $table->data[29][1] = html_print_select(['MD5' => __('MD5'), 'SHA' => __('SHA')], 'snmp_auth_method', $snmp3_auth_method, '', '', '', true, false, false, '', '');
+ $table->data[30][0] = ''.__('Security level');
+ $table->data[30][1] = html_print_select(
+ [
+ 'noAuthNoPriv' => __('Not auth and not privacy method'),
+ 'authNoPriv' => __('Auth and not privacy method'),
+ 'authPriv' => __('Auth and privacy method'),
+ ],
+ 'snmp_security_level',
+ $snmp3_security_level,
+ '',
+ '',
+ '',
+ true,
+ false,
+ false,
+ '',
+ ''
+ );
+
+ // Explanation.
+ $explanation = db_get_value('description', 'trecon_script', 'id_recon_script', $id_recon_script);
+
+ $table->data[13][0] = ''.__('Explanation').'';
+ $table->data[13][1] = "".html_print_image('images/spinner.gif', true).''.html_print_textarea('explanation', 4, 60, $explanation, 'style="width: 388px;"', true);
+
+ // A hidden "model row" to clone it from javascript to add fields dynamicaly.
+ $data = [];
+ $data[0] = 'macro_desc';
+ $data[0] .= ui_print_help_tip('macro_help', true);
+ $data[1] = html_print_input_text('macro_name', 'macro_value', '', 100, 255, true);
+ $table->colspan['macro_field'][1] = 3;
+ $table->rowstyle['macro_field'] = 'display:none';
+ $table->data['macro_field'] = $data;
+
+ // If there are $macros, we create the form fields.
+ if (!empty($macros)) {
+ $macros = json_decode($macros, true);
+
+ foreach ($macros as $k => $m) {
+ $data = [];
+ $data[0] = ''.$m['desc'].'';
+ if (!empty($m['help'])) {
+ $data[0] .= ui_print_help_tip($m['help'], true);
+ }
+
+ if ($m['hide']) {
+ $data[1] = html_print_input_password($m['macro'], $m['value'], '', 100, 255, true);
+ } else {
+ $data[1] = html_print_input_text($m['macro'], $m['value'], '', 100, 255, true);
+ }
+
+ $table->colspan['macro'.$m['macro']][1] = 3;
+ $table->rowclass['macro'.$m['macro']] = 'macro_field';
+
+ $table->data['macro'.$m['macro']] = $data;
+ }
+ }
+
+ // Comments.
+ $table->data[18][0] = ''.__('Comments');
+ $table->data[18][1] = html_print_input_text('description', $description, '', 45, 0, true);
+
+ // OS detection.
+ $table->data[19][0] = ''.__('OS detection');
+ $table->data[19][1] = html_print_checkbox('os_detect', 1, $os_detect, true);
+
+ // Name resolution.
+ $table->data[20][0] = ''.__('Name resolution');
+ $table->data[20][1] = html_print_checkbox('resolve_names', 1, $resolve_names, true);
+
+ // Parent detection.
+ $table->data[21][0] = ''.__('Parent detection');
+ $table->data[21][1] = html_print_checkbox('parent_detection', 1, $parent_detection, true);
+
+ // Parent recursion.
+ $table->data[22][0] = ''.__('Parent recursion');
+ $table->data[22][1] = html_print_input_text('parent_recursion', $parent_recursion, '', 5, 0, true).ui_print_help_tip(__('Maximum number of parent hosts that will be created if parent detection is enabled.'), true);
+
+ // Is vlan_enabled.
+ $table->data[23][0] = ''.__('Vlan enabled');
+ $table->data[23][1] = html_print_checkbox('vlan_enabled', 1, $vlan_enabled, true);
+
+ // Alias as name
+ // NOTE: The 7.0NG Recon Server will not generate random names, since IP
+ // address collisions could have other consequences.
+ // $table->data[22][0] = "".__('Alias as Name');
+ // $table->data[22][1] = html_print_checkbox ('alias_as_name', 1, $alias_as_name, true);
+ // Different Form url if it's a create or if it's a update form.
+ echo '';
+
+ ui_require_javascript_file('pandora_modules');
+ ?>
+
+ $this->result,
+ 'id' => $this->id,
+ 'msg' => $this->msg,
+ ];
+ */
+
+ }
+
+
+}
diff --git a/pandora_console/godmode/wizards/Wizard.interface.php b/pandora_console/godmode/wizards/Wizard.interface.php
new file mode 100755
index 0000000000..6d1ac73783
--- /dev/null
+++ b/pandora_console/godmode/wizards/Wizard.interface.php
@@ -0,0 +1,16 @@
+load();