fix vulnerabilities events and api and fixed metaconsole responses pandora_enterprise#13728
This commit is contained in:
parent
f00dc40f2d
commit
36c972c175
|
@ -1205,13 +1205,8 @@ if ($get_response === true) {
|
|||
|
||||
if (empty($event_id) === false) {
|
||||
try {
|
||||
$target_metaconsole = '';
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$target_metaconsole = io_safe_output(db_get_value('target', 'tevent_response', 'id', $event_response['id']));
|
||||
if (is_metaconsole() === true && $server_id > 0) {
|
||||
$node = new Node($server_id);
|
||||
$node->connect();
|
||||
}
|
||||
|
||||
$event_response['target'] = events_get_response_target(
|
||||
|
@ -1220,28 +1215,13 @@ if ($get_response === true) {
|
|||
$response_parameters,
|
||||
$server_id,
|
||||
($server_id !== 0) ? $node->server_name() : 'Metaconsole',
|
||||
$target_metaconsole
|
||||
);
|
||||
} catch (\Exception $e) {
|
||||
// Unexistent agent.
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$node->disconnect();
|
||||
}
|
||||
|
||||
return;
|
||||
} finally {
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$node->disconnect();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode($event_response);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -1313,23 +1293,29 @@ if ($get_response_massive === true) {
|
|||
|
||||
if ($get_row_response_action === true) {
|
||||
$response_id = get_parameter('response_id');
|
||||
$response = json_decode(
|
||||
io_safe_output(
|
||||
get_parameter('response', '')
|
||||
),
|
||||
$server_id = get_parameter('server_id');
|
||||
$event_id = get_parameter('event_id');
|
||||
$response_parameters = (array) json_decode(
|
||||
io_safe_output(get_parameter('response_parameters', '')),
|
||||
true
|
||||
);
|
||||
|
||||
$end = (bool) get_parameter('end', false);
|
||||
$index = $response['event_id'];
|
||||
$event_response = db_get_row(
|
||||
'tevent_response',
|
||||
'id',
|
||||
$response_id
|
||||
);
|
||||
|
||||
$index = $event_id;
|
||||
if (is_metaconsole() === true) {
|
||||
$index .= '-'.$response['server_id'];
|
||||
$index .= '-'.$server_id;
|
||||
}
|
||||
|
||||
echo get_row_response_action(
|
||||
$response,
|
||||
$response_id,
|
||||
$end,
|
||||
$event_response,
|
||||
$event_id,
|
||||
$server_id,
|
||||
$response_parameters,
|
||||
$index
|
||||
);
|
||||
|
||||
|
@ -1344,34 +1330,31 @@ if ($perform_event_response === true) {
|
|||
return;
|
||||
}
|
||||
|
||||
$target = get_parameter('target', '');
|
||||
$response_id = get_parameter('response_id');
|
||||
$response_id = (int) get_parameter('response_id', 0);
|
||||
$event_id = (int) get_parameter('event_id');
|
||||
$server_id = (int) get_parameter('server_id', 0);
|
||||
$response = json_decode(
|
||||
io_safe_output(
|
||||
get_parameter('response', '')
|
||||
),
|
||||
$response_parameters = (array) json_decode(
|
||||
io_safe_output(get_parameter('response_parameters', '')),
|
||||
true
|
||||
);
|
||||
|
||||
$event_response = $response;
|
||||
$event_response = db_get_row(
|
||||
'tevent_response',
|
||||
'id',
|
||||
$response_id
|
||||
);
|
||||
if (empty($event_response) === true) {
|
||||
echo __('No data');
|
||||
return;
|
||||
}
|
||||
|
||||
$command = $event_response['target'];
|
||||
|
||||
// Prevent OS command injection.
|
||||
$prev_command = get_events_get_response_target($event_id, $event_response, $server_id);
|
||||
|
||||
if ($command !== $prev_command) {
|
||||
echo __('unauthorized');
|
||||
return;
|
||||
}
|
||||
|
||||
$command_timeout = ($event_response !== false) ? $event_response['command_timeout'] : 90;
|
||||
$command = get_events_get_response_target(
|
||||
$event_id,
|
||||
$event_response,
|
||||
$server_id,
|
||||
$response_parameters
|
||||
);
|
||||
$command_timeout = (empty($event_response['command_timeout']) === false) ? $event_response['command_timeout'] : 90;
|
||||
if (enterprise_installed() === true) {
|
||||
if ($event_response !== false
|
||||
&& (int) $event_response['server_to_exec'] !== 0
|
||||
|
@ -1470,21 +1453,33 @@ if ($dialogue_event_response) {
|
|||
return;
|
||||
}
|
||||
|
||||
$event_id = get_parameter('event_id');
|
||||
$response_id = get_parameter('response_id');
|
||||
$command = get_parameter('target');
|
||||
$event_response = json_decode(
|
||||
io_safe_output(
|
||||
get_parameter('response', '')
|
||||
),
|
||||
$event_id = (int) get_parameter('event_id', 0);
|
||||
$response_id = (int) get_parameter('response_id', 0);
|
||||
$server_id = (int) get_parameter('server_id', 0);
|
||||
$response_parameters = (array) json_decode(
|
||||
io_safe_output(get_parameter('response_parameters', '')),
|
||||
true
|
||||
);
|
||||
|
||||
$event_response = db_get_row(
|
||||
'tevent_response',
|
||||
'id',
|
||||
$response_id
|
||||
);
|
||||
$command = get_events_get_response_target(
|
||||
$event_id,
|
||||
$event_response,
|
||||
$server_id,
|
||||
$response_parameters
|
||||
);
|
||||
|
||||
switch ($event_response['type']) {
|
||||
case 'command':
|
||||
echo get_row_response_action(
|
||||
$event_response,
|
||||
$response_id
|
||||
$event_id,
|
||||
$server_id,
|
||||
$response_parameters
|
||||
);
|
||||
break;
|
||||
|
||||
|
|
|
@ -83,7 +83,7 @@ $apiPassword = io_output_password(
|
|||
$apiTokenValid = false;
|
||||
// Try getting bearer token from header.
|
||||
// TODO. Getting token from url will be removed.
|
||||
$apiToken = (string) getBearerToken();
|
||||
$apiToken = (string) io_safe_input(getBearerToken());
|
||||
if (empty($apiToken) === true) {
|
||||
// Legacy user/pass token.
|
||||
// TODO. Revome in future.
|
||||
|
|
|
@ -631,7 +631,10 @@ function events_update_status($id_evento, $status, $filter=null)
|
|||
break;
|
||||
}
|
||||
|
||||
$result = db_process_sql($update_sql);
|
||||
$result = false;
|
||||
if (empty($update_sql) === false) {
|
||||
$result = db_process_sql($update_sql);
|
||||
}
|
||||
|
||||
if ($result !== false) {
|
||||
switch ($status) {
|
||||
|
@ -3827,8 +3830,7 @@ function events_get_response_target(
|
|||
array $event_response,
|
||||
?array $response_parameters=null,
|
||||
?int $server_id=0,
|
||||
?string $server_name='',
|
||||
?string $target_metaconsole=''
|
||||
?string $server_name=''
|
||||
) {
|
||||
global $config;
|
||||
|
||||
|
@ -3842,9 +3844,6 @@ function events_get_response_target(
|
|||
|
||||
$event = db_get_row('tevento', 'id_evento', $event_id);
|
||||
$target = io_safe_output(db_get_value('target', 'tevent_response', 'id', $event_response['id']));
|
||||
if (empty($target) === true && $target_metaconsole !== '') {
|
||||
$target = io_safe_output($target_metaconsole);
|
||||
}
|
||||
|
||||
// Replace parameters response.
|
||||
if (isset($response_parameters) === true
|
||||
|
@ -5994,9 +5993,10 @@ function events_get_criticity_class($criticity)
|
|||
*/
|
||||
function get_row_response_action(
|
||||
array $event_response,
|
||||
?int $response_id,
|
||||
$end=false,
|
||||
$index=null
|
||||
?int $id_event,
|
||||
?int $server_id,
|
||||
?array $response_parameters=[],
|
||||
?string $index=null
|
||||
) {
|
||||
$output = '<div class="container-massive-events-response-cell">';
|
||||
$display_command = (bool) $event_response['display_command'];
|
||||
|
@ -6005,7 +6005,7 @@ function get_row_response_action(
|
|||
// String command.
|
||||
$output .= '<div class="container-massive-events-response-command">';
|
||||
$output .= '<b>';
|
||||
$output .= __('Event # %d', $event_response['event_id']);
|
||||
$output .= __('Event # %d', $id_event);
|
||||
if (empty($command_str) === false) {
|
||||
$output .= ' ';
|
||||
$output .= __('Executing command: ');
|
||||
|
@ -6028,11 +6028,18 @@ function get_row_response_action(
|
|||
|
||||
// Butom.
|
||||
$output .= '<div id="re_exec_command'.$index.'" style="display:none" class="container-massive-events-response-execute">';
|
||||
$info = [
|
||||
'response_id' => $event_response['id'],
|
||||
'server_id' => $server_id,
|
||||
'event_id' => $id_event,
|
||||
'response_parameters' => $response_parameters,
|
||||
];
|
||||
|
||||
$output .= html_print_button(
|
||||
__('Execute again'),
|
||||
'btn_str',
|
||||
false,
|
||||
'perform_response("'.base64_encode(json_encode($event_response)).'",'.$response_id.',"'.trim($index).'")',
|
||||
'perform_response("'.base64_encode(json_encode($info)).'","'.trim($index).'")',
|
||||
[
|
||||
'icon' => 'next',
|
||||
'mode' => 'mini secondary',
|
||||
|
@ -6063,13 +6070,8 @@ function get_events_get_response_target(
|
|||
$response_parameters=[]
|
||||
) {
|
||||
try {
|
||||
$target_metaconsole = '';
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$target_metaconsole = io_safe_output(db_get_value('target', 'tevent_response', 'id', $event_response['id']));
|
||||
if (is_metaconsole() === true && $server_id > 0) {
|
||||
$node = new Node($server_id);
|
||||
$node->connect();
|
||||
}
|
||||
|
||||
return events_get_response_target(
|
||||
|
@ -6077,24 +6079,10 @@ function get_events_get_response_target(
|
|||
$event_response,
|
||||
$response_parameters,
|
||||
$server_id,
|
||||
($server_id !== 0) ? $node->server_name() : 'Metaconsole',
|
||||
$target_metaconsole
|
||||
($server_id !== 0) ? $node->server_name() : 'Metaconsole'
|
||||
);
|
||||
} catch (\Exception $e) {
|
||||
// Unexistent agent.
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$node->disconnect();
|
||||
}
|
||||
|
||||
return '';
|
||||
} finally {
|
||||
if (is_metaconsole() === true
|
||||
&& $server_id > 0
|
||||
) {
|
||||
$node->disconnect();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -143,7 +143,14 @@ function execute_response(event_id, server_id) {
|
|||
if (response["type"] == "url" && response["new_window"] == 1) {
|
||||
window.open(response["target"], "_blank");
|
||||
} else {
|
||||
show_response_dialog(response_id, response);
|
||||
var data = {};
|
||||
data.response_id = response_id;
|
||||
data.server_id = server_id;
|
||||
data.event_id = event_id;
|
||||
data.response_parameters = response_parameters;
|
||||
data.modal_width = response["modal_width"];
|
||||
data.modal_height = response["modal_height"];
|
||||
show_response_dialog(data);
|
||||
}
|
||||
}
|
||||
});
|
||||
|
@ -173,12 +180,10 @@ function execute_response_massive(events, response_id, response_parameters) {
|
|||
|
||||
// Convert to array.
|
||||
var array_data = Object.entries(data.event_response_targets);
|
||||
var total_count = array_data.length;
|
||||
|
||||
// Each input checkeds.
|
||||
array_data.forEach(function(element, index) {
|
||||
var id = element[0];
|
||||
var target = element[1].target;
|
||||
var meta = $("#hidden-meta").val();
|
||||
var event_id = id;
|
||||
var server_id = 0;
|
||||
|
@ -188,25 +193,22 @@ function execute_response_massive(events, response_id, response_parameters) {
|
|||
server_id = split_id[1];
|
||||
}
|
||||
|
||||
var end = 0;
|
||||
if (total_count - 1 === index) {
|
||||
end = 1;
|
||||
}
|
||||
|
||||
var response = data.event_response;
|
||||
response["event_id"] = event_id;
|
||||
response["server_id"] = server_id;
|
||||
response["target"] = target;
|
||||
if (response["type"] == "url" && response["new_window"] == 1) {
|
||||
window.open(response["target"], "_blank");
|
||||
if (
|
||||
data.event_response["type"] == "url" &&
|
||||
data.event_response["new_window"] == 1
|
||||
) {
|
||||
window.open(data.event_response["target"], "_blank");
|
||||
} else {
|
||||
var params = [];
|
||||
params.push({ name: "page", value: "include/ajax/events" });
|
||||
params.push({ name: "get_row_response_action", value: 1 });
|
||||
params.push({ name: "response_id", value: response_id });
|
||||
params.push({ name: "server_id", value: response.server_id });
|
||||
params.push({ name: "end", value: end });
|
||||
params.push({ name: "response", value: JSON.stringify(response) });
|
||||
params.push({ name: "server_id", value: server_id });
|
||||
params.push({ name: "event_id", value: event_id });
|
||||
params.push({
|
||||
name: "response_parameters",
|
||||
value: response_parameters
|
||||
});
|
||||
|
||||
jQuery.ajax({
|
||||
data: params,
|
||||
|
@ -215,20 +217,17 @@ function execute_response_massive(events, response_id, response_parameters) {
|
|||
dataType: "html",
|
||||
success: function(data) {
|
||||
$(".container-massive-events-response").append(data);
|
||||
response["event_id"] = event_id;
|
||||
response["server_id"] = server_id;
|
||||
response["target"] = target;
|
||||
|
||||
var indexstr = event_id;
|
||||
if (meta != 0) {
|
||||
indexstr += "-" + server_id;
|
||||
}
|
||||
|
||||
perform_response(
|
||||
btoa(JSON.stringify(response)),
|
||||
response_id,
|
||||
indexstr
|
||||
);
|
||||
var info = {};
|
||||
info.response_id = response_id;
|
||||
info.server_id = server_id;
|
||||
info.event_id = event_id;
|
||||
info.response_parameters = JSON.parse(response_parameters);
|
||||
perform_response(btoa(JSON.stringify(info)), indexstr);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
@ -238,15 +237,17 @@ function execute_response_massive(events, response_id, response_parameters) {
|
|||
}
|
||||
|
||||
//Show the modal window of an event response
|
||||
function show_response_dialog(response_id, response) {
|
||||
function show_response_dialog(info) {
|
||||
var params = [];
|
||||
params.push({ name: "page", value: "include/ajax/events" });
|
||||
params.push({ name: "dialogue_event_response", value: 1 });
|
||||
params.push({ name: "event_id", value: response.event_id });
|
||||
params.push({ name: "target", value: response.target });
|
||||
params.push({ name: "response_id", value: response_id });
|
||||
params.push({ name: "server_id", value: response.server_id });
|
||||
params.push({ name: "response", value: JSON.stringify(response) });
|
||||
params.push({ name: "event_id", value: info.event_id });
|
||||
params.push({ name: "response_id", value: info.response_id });
|
||||
params.push({ name: "server_id", value: info.server_id });
|
||||
params.push({
|
||||
name: "response_parameters",
|
||||
value: JSON.stringify(info.response_parameters)
|
||||
});
|
||||
|
||||
var view = ``;
|
||||
|
||||
|
@ -272,10 +273,10 @@ function show_response_dialog(response_id, response) {
|
|||
draggable: true,
|
||||
modal: false,
|
||||
open: function() {
|
||||
perform_response(btoa(JSON.stringify(response)), response_id, "");
|
||||
perform_response(btoa(JSON.stringify(info)));
|
||||
},
|
||||
width: response["modal_width"],
|
||||
height: response["modal_height"],
|
||||
width: info.modal_width,
|
||||
height: info.modal_height,
|
||||
buttons: []
|
||||
})
|
||||
.show();
|
||||
|
@ -284,26 +285,22 @@ function show_response_dialog(response_id, response) {
|
|||
}
|
||||
|
||||
// Perform a response and put the output into a div
|
||||
function perform_response(response, response_id, index = "") {
|
||||
function perform_response(info, index = "") {
|
||||
info = JSON.parse(atob(info));
|
||||
$("#re_exec_command" + index).hide();
|
||||
$("#response_loading_command" + index).show();
|
||||
$("#response_out" + index).html("");
|
||||
|
||||
try {
|
||||
response = JSON.parse(atob(response));
|
||||
} catch (e) {
|
||||
console.error(e);
|
||||
return;
|
||||
}
|
||||
|
||||
var params = [];
|
||||
params.push({ name: "page", value: "include/ajax/events" });
|
||||
params.push({ name: "perform_event_response", value: 1 });
|
||||
params.push({ name: "target", value: response["target"] });
|
||||
params.push({ name: "response_id", value: response_id });
|
||||
params.push({ name: "event_id", value: response["event_id"] });
|
||||
params.push({ name: "server_id", value: response["server_id"] });
|
||||
params.push({ name: "response", value: JSON.stringify(response) });
|
||||
params.push({ name: "response_id", value: info.response_id });
|
||||
params.push({ name: "event_id", value: info.event_id });
|
||||
params.push({ name: "server_id", value: info.server_id });
|
||||
params.push({
|
||||
name: "response_parameters",
|
||||
value: JSON.stringify(info.response_parameters)
|
||||
});
|
||||
|
||||
jQuery.ajax({
|
||||
data: params,
|
||||
|
|
Loading…
Reference in New Issue