2010-10-20 Sergio Martin <sergio.martin@artica.es>
* godmode/servers/manage_export_form.php godmode/servers/manage_recontask.php godmode/servers/manage_recontask_form.php: Improved and fixed little bugs into the custom recon scripts interface git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3436 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
fbf3188cad
commit
3f317d8f04
|
@ -1,3 +1,10 @@
|
|||
2010-10-20 Sergio Martin <sergio.martin@artica.es>
|
||||
|
||||
* godmode/servers/manage_export_form.php
|
||||
godmode/servers/manage_recontask.php
|
||||
godmode/servers/manage_recontask_form.php: Improved and fixed
|
||||
little bugs into the custom recon scripts interface
|
||||
|
||||
2010-10-20 Sergio Martin <sergio.martin@artica.es>
|
||||
|
||||
* godmode/alerts/alert_list.list.php: Clean the code
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
|
||||
|
||||
// Load global vars
|
||||
global $config;
|
||||
|
||||
|
@ -20,112 +21,181 @@ check_login ();
|
|||
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
audit_db ($config['id_user'], $_SERVER['REMOTE_ADDR'], "ACL Violation",
|
||||
"Trying to access Export Server Management");
|
||||
"Trying to access Agent Management");
|
||||
require ("general/noaccess.php");
|
||||
return;
|
||||
}
|
||||
|
||||
$update = (int) get_parameter ("update");
|
||||
|
||||
if ($update) {
|
||||
$row = get_db_row ("tserver_export", "id", $update);
|
||||
if (isset (get_parameter("update")) { // Edit mode
|
||||
$id_rt = (int) get_parameter_get ("update");
|
||||
$row = get_db_row ("trecon_task","id_rt",$id_rt);
|
||||
$name = $row["name"];
|
||||
$export_server = $row["id_export_server"];
|
||||
$preffix = $row["preffix"];
|
||||
$interval = $row["interval"];
|
||||
$ip_server = $row["ip_server"];
|
||||
$connect_mode = $row["connect_mode"];
|
||||
$user = $row["user"];
|
||||
$password = $row["pass"];
|
||||
$port = $row["port"];
|
||||
$directory = $row["directory"];
|
||||
$options = $row["options"];
|
||||
}
|
||||
else {
|
||||
$name = '';
|
||||
$export_server = 0;
|
||||
$preffix = '';
|
||||
$interval = 300;
|
||||
$ip_server = '';
|
||||
$connect_mode = 'tentacle';
|
||||
$user = '';
|
||||
$password = '';
|
||||
$port = 41121;
|
||||
$directory = '/var/spool/pandora/data_in';
|
||||
$options = '';
|
||||
$network = $row["subnet"];
|
||||
$id_recon_server = $row["id_recon_server"];
|
||||
$description = $row["description"];
|
||||
$interval = $row["interval_sweep"];
|
||||
$id_group = $row["id_group"];
|
||||
$create_incident = $row["create_incident"];
|
||||
$id_network_profile = $row["id_network_profile"];
|
||||
$id_os = $row["id_os"];
|
||||
$recon_ports = $row["recon_ports"];
|
||||
$snmp_community = $row["snmp_community"];
|
||||
$id_recon_script = $row["id_recon_script"];
|
||||
$field1 = $row["field1"];
|
||||
$field2 = $row["field2"];
|
||||
$field3 = $row["field3"];
|
||||
$field4 = $row["field4"];
|
||||
if ($id_recon_script == 0)
|
||||
$mode = "network_sweep";
|
||||
else
|
||||
$mode = "recon_script";
|
||||
|
||||
} elseif (isset (get_parameter("create"))) {
|
||||
$id_rt = -1;
|
||||
$name = "";
|
||||
$network = "";
|
||||
$description = "";
|
||||
$id_recon_server = 0;
|
||||
$interval = 43200;
|
||||
$id_group = 0;
|
||||
$create_incident = 1;
|
||||
$snmp_community = "public";
|
||||
$id_network_profile = 1;
|
||||
$id_os = -1; // Any
|
||||
$recon_ports = ""; // Any
|
||||
$field1 = "";
|
||||
$field2 = "";
|
||||
$field3 = "";
|
||||
$field4 = "";
|
||||
$id_recon_script = 0;
|
||||
$mode = "network_sweep";
|
||||
}
|
||||
|
||||
// Headers
|
||||
print_page_header (__('Export targets'), "", false, "", true);
|
||||
print_page_header (__('Manage recontask')." ".print_help_icon ("recontask", true), "", false, "", true);
|
||||
|
||||
$table->width=700;
|
||||
|
||||
$table->width=600;
|
||||
$table->cellspacing=4;
|
||||
$table->cellpadding=4;
|
||||
$table->class="databox_color";
|
||||
|
||||
echo '<form name="modulo" method="POST" action="index.php?sec=gservers&sec2=godmode/servers/manage_export&' . ($update ? "update=$update" : 'create=1') . '">';
|
||||
|
||||
$table->rowclass[12] = "recon_script";
|
||||
$table->rowclass[13] = "recon_script";
|
||||
$table->rowclass[14] = "recon_script";
|
||||
$table->rowclass[15] = "recon_script";
|
||||
|
||||
// Name
|
||||
$table->data[0][0] = __('Name');
|
||||
$table->data[0][0] = "<b>".__('Task name')."</b>";
|
||||
$table->data[0][1] = print_input_text ('name', $name, '', 25, 0, true);
|
||||
|
||||
// Export server
|
||||
$table->data[1][0] = __('Export server');
|
||||
$table->data[1][1] = print_select_from_sql ('SELECT id_server, name FROM tserver WHERE server_type = 7 ORDER BY name',
|
||||
'export_server', $export_server, '', __('None'), 0, true);
|
||||
// Recon server
|
||||
$table->data[1][0] = "<b>".__('Recon server').'<a href="#" class="tip"> <span>'.__('You must select a Recon Server for the Task, otherwise the Recon Task will never run').'</span></a>';
|
||||
|
||||
// Preffix
|
||||
$table->data[2][0] = __('Preffix');
|
||||
$table->data[2][1] = print_input_text ('preffix', $preffix, '', 25, 0, true);
|
||||
$table->data[1][1] = print_select_from_sql ('SELECT id_server, name FROM tserver WHERE server_type = 3 ORDER BY name', "id_recon_server", $id_recon_server, '', '', '', true);
|
||||
|
||||
|
||||
$fields['network_sweep'] = __("Network sweep");
|
||||
$fields['recon_script'] = __("Custom script");
|
||||
|
||||
|
||||
$table->data[2][0] = "<b>".__('Mode')."</b>";
|
||||
$table->data[2][1] = print_select ($fields, "mode", $mode, '', '', 0, true);
|
||||
|
||||
|
||||
// Network
|
||||
$table->data[3][0] = "<b>".__('Network');
|
||||
$table->data[3][1] = print_input_text ('network', $network, '', 25, 0, true);
|
||||
|
||||
// Interval
|
||||
$table->data[3][0] = __('Interval');
|
||||
$table->data[3][1] = print_input_text ('interval', $interval, '', 25, 0, true);
|
||||
$values = array ();
|
||||
$values[3600] = __('%d hour', 1);
|
||||
$values[7200] = __('%d hours', 2);
|
||||
$values[21600] = __('%d hours', 6);
|
||||
$values[43200] = __('%d hours', 12);
|
||||
$values[86400] = __('%d day', 1);
|
||||
$values[432000] = __('%d days', 5);
|
||||
$values[604800] = __('%d week', 1);
|
||||
$values[1209600] = __('%d weeks', 2);
|
||||
$values[2592000] = __('%d month', 1);
|
||||
|
||||
// Address
|
||||
$table->data[4][0] = __('Address');
|
||||
$table->data[4][1] = print_input_text ('ip_server', $ip_server, '', 25, 0, true);
|
||||
$table->data[4][0] = "<b>".__('Interval');
|
||||
$table->data[4][1] = print_select ($values, "interval", $interval, '', '', '', true);
|
||||
|
||||
// Transfer mode
|
||||
$table->data[5][0] = __('Transfer mode');
|
||||
$transfer_mode_select = array (
|
||||
'tentacle' => 'tentacle',
|
||||
'ssh' => 'ssh',
|
||||
'ftp' => 'ftp',
|
||||
'local' => 'local');
|
||||
$table->data[5][1] = print_select ($transfer_mode_select, "connect_mode", $connect_mode, '', '', '', true);
|
||||
// Module template
|
||||
$table->data[5][0] = "<b>".__('Module template');
|
||||
$table->data[5][1] = print_select_from_sql ('SELECT id_np, name FROM tnetwork_profile',
|
||||
"id_network_profile", $id_network_profile, '', '', '', true);
|
||||
|
||||
// User
|
||||
$table->data[6][0] = __('User');
|
||||
$table->data[6][1] = print_input_text ('user', $user, '', 25, 0, true);
|
||||
// Recon script
|
||||
$table->data[6][0] = "<b>".__('Recon script');
|
||||
$table->data[6][1] = print_select_from_sql ('SELECT id_recon_script, name FROM trecon_script', "id_recon_script", $id_recon_script, '', '', '', true);
|
||||
|
||||
// Password
|
||||
$table->data[7][0] = __('Password');
|
||||
$table->data[7][1] = print_input_password ('password', $password, '', 25, 0, true);
|
||||
|
||||
// Port
|
||||
$table->data[8][0] = __('Port');
|
||||
$table->data[8][1] = print_input_text ('port', $port, '', 25, 0, true);
|
||||
// OS
|
||||
$table->data[7][0] = "<b>".__('OS');
|
||||
$table->data[7][1] = print_select_from_sql ('SELECT id_os, name FROM tconfig_os ORDER BY name',
|
||||
"id_os", $id_os, '', __('Any'), -1, true);
|
||||
|
||||
// Directory
|
||||
$table->data[9][0] = __('Target directory');
|
||||
$table->data[9][1] = print_input_text ('directory', $directory, '', 25, 0, true);
|
||||
// Recon ports
|
||||
$table->data[8][0] = "<b>".__('Ports');
|
||||
$table->data[8][1] = print_input_text ('recon_ports', $recon_ports, '', 25, 0, true);
|
||||
$table->data[8][1] .= '<a href="#" class="tip"> <span>'.__('Ports defined like: 80 or 80,443,512 or even 0-1024 (Like Nmap command line format). If dont want to do a sweep using portscan, left it in blank').'</span></a>';
|
||||
|
||||
// Options
|
||||
$table->data[10][0] = __('Extra options');
|
||||
$table->data[10][1] = print_input_text ('options', $options, '', 25, 0, true);
|
||||
// Group
|
||||
$table->data[9][0] = "<b>".__('Group');
|
||||
$groups = get_user_groups (false, "AR", false);
|
||||
$table->data[9][1] = print_select_groups(false, "AR", false, 'id_group', $id_group, '', '', 0, true);
|
||||
|
||||
// Incident
|
||||
$values = array (0 => __('No'), 1 => __('Yes'));
|
||||
$table->data[10][0] = "<b>".__('Incident');
|
||||
$table->data[10][1] = print_select ($values, "create_incident", $create_incident,
|
||||
'','','',true);
|
||||
|
||||
// SNMP default community
|
||||
$table->data[11][0] = "<b>".__('SNMP Default community');
|
||||
$table->data[11][1] = print_input_text ('snmp_community', $snmp_community, '', 35, 0, true);
|
||||
|
||||
// Field1
|
||||
$table->data[12][0] = "<b>".__('Script field #1');
|
||||
$table->data[12][1] = print_input_text ('field1', $field1, '', 40, 0, true);
|
||||
|
||||
// Field2
|
||||
$table->data[13][0] = "<b>".__('Script field #2');
|
||||
$table->data[13][1] = print_input_text ('field2', $field2, '', 40, 0, true);
|
||||
|
||||
// Field3
|
||||
$table->data[14][0] = "<b>".__('Script field #3');
|
||||
$table->data[14][1] = print_input_text ('field3', $field3, '', 40, 0, true);
|
||||
|
||||
// Field4
|
||||
$table->data[15][0] = "<b>".__('Script field #4');
|
||||
$table->data[15][1] = print_input_text ('field4', $field4, '', 40, 0, true);
|
||||
|
||||
|
||||
// Comments
|
||||
$table->data[16][0] = "<b>".__('Comments');
|
||||
$table->data[16][1] = print_input_text ('description', $description, '', 45, 0, true);
|
||||
|
||||
|
||||
// Different Form url if it's a create or if it's a update form
|
||||
echo '<form name="modulo" method="post" action="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&'.(($id_rt != -1) ? 'update='.$id_rt : 'create=1').'">';
|
||||
|
||||
print_table ($table);
|
||||
|
||||
echo '<div class="action-buttons" style="width: 700px">';
|
||||
if ($update)
|
||||
echo print_submit_button (__('Update'),"crt",false,'class="sub upd"',true);
|
||||
echo '<div class="action-buttons" style="width: 620px">';
|
||||
if ($id_rt != -1)
|
||||
print_submit_button (__('Update'), "crt", false, 'class="sub upd"');
|
||||
else
|
||||
echo print_submit_button (__('Add'),"crt",false,'class="sub wand"',true);
|
||||
echo '</form>';
|
||||
print_submit_button (__('Add'), "crt", false, 'class="sub wand"');
|
||||
echo "</div>";
|
||||
|
||||
|
||||
echo "</form>";
|
||||
|
||||
?>
|
||||
|
||||
<script type="text/javascript">
|
||||
/* <![CDATA[ */
|
||||
$(document).ready (function () {
|
||||
alert("perro");
|
||||
});
|
||||
/* ]]> */
|
||||
</script>
|
||||
|
|
|
@ -58,14 +58,14 @@ if ((isset ($_GET["update"])) OR ((isset ($_GET["create"])))) {
|
|||
$recon_ports = get_parameter_post ("recon_ports", "");
|
||||
$id_os = get_parameter_post ("id_os", 10);
|
||||
$snmp_community = get_parameter_post ("snmp_community", "public");
|
||||
$id_recon_script = get_parameter ("id_recon_script", 0);
|
||||
$id_recon_script = get_parameter ("id_recon_script", 'NULL');
|
||||
$mode = get_parameter ("mode", "");
|
||||
$field1 = get_parameter ("field1", "");
|
||||
$field2 = get_parameter ("field2", "");
|
||||
$field3 = get_parameter ("field3", "");
|
||||
$field4 = get_parameter ("field4", "");
|
||||
if ($mode == "network_sweep")
|
||||
$id_recon_script = 0;
|
||||
$id_recon_script = 'NULL';
|
||||
else
|
||||
$id_network_profile = 0;
|
||||
|
||||
|
@ -101,8 +101,8 @@ if (isset($_GET["update"])) {
|
|||
if (isset($_GET["create"])) {
|
||||
$sql = sprintf ("INSERT INTO trecon_task
|
||||
(name, subnet, description, id_recon_server, create_incident, id_group, id_network_profile, interval_sweep, id_os, recon_ports, snmp_community, id_recon_script, field1, field2, field3, field4)
|
||||
VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d, '%s', '%s', '%d', '%s', '%s', '%s', '%s')",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os, $recon_ports, $snmp_community,$id_recon_script, $field1, $field2, $field3, $field4);
|
||||
|
||||
VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d, '%s', '%s', %s, '%s', '%s', '%s', '%s')",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os, $recon_ports, $snmp_community,$id_recon_script, $field1, $field2, $field3, $field4);
|
||||
|
||||
if ($name != "") {
|
||||
if (($id_recon_script == 0) && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
|
||||
$result = process_sql ($sql);
|
||||
|
|
|
@ -75,11 +75,21 @@ if (isset ($_GET["update"])) { // Edit mode
|
|||
print_page_header (__('Manage recontask')." ".print_help_icon ("recontask", true), "", false, "", true);
|
||||
|
||||
|
||||
$table->width=600;
|
||||
$table->width='90%';
|
||||
$table->cellspacing=4;
|
||||
$table->cellpadding=4;
|
||||
$table->class="databox_color";
|
||||
$table->rowclass[3]="network_sweep";
|
||||
$table->rowclass[5]="network_sweep";
|
||||
$table->rowclass[7]="network_sweep";
|
||||
$table->rowclass[8]="network_sweep";
|
||||
$table->rowclass[11]="network_sweep";
|
||||
|
||||
$table->rowclass[6]="recon_script";
|
||||
$table->rowclass[12]="recon_script";
|
||||
$table->rowclass[13]="recon_script";
|
||||
$table->rowclass[14]="recon_script";
|
||||
$table->rowclass[15]="recon_script";
|
||||
// Name
|
||||
$table->data[0][0] = "<b>".__('Task name')."</b>";
|
||||
$table->data[0][1] = print_input_text ('name', $name, '', 25, 0, true);
|
||||
|
@ -178,7 +188,7 @@ $table->data[16][1] = print_input_text ('description', $description, '', 45, 0,
|
|||
echo '<form name="modulo" method="post" action="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&'.(($id_rt != -1) ? 'update='.$id_rt : 'create=1').'">';
|
||||
|
||||
print_table ($table);
|
||||
echo '<div class="action-buttons" style="width: 620px">';
|
||||
echo '<div class="action-buttons" style="width: '.$table->width.'">';
|
||||
if ($id_rt != -1)
|
||||
print_submit_button (__('Update'), "crt", false, 'class="sub upd"');
|
||||
else
|
||||
|
@ -188,3 +198,28 @@ echo "</div>";
|
|||
echo "</form>";
|
||||
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
/* <![CDATA[ */
|
||||
$(document).ready (function () {
|
||||
if($('#mode').val() == 'recon_script') {
|
||||
$(".recon_script").attr ('style', '');
|
||||
$(".network_sweep").attr ('style', 'display:none');
|
||||
}
|
||||
else if($('#mode').val() == 'network_sweep') {
|
||||
$(".network_sweep").attr ('style', '');
|
||||
$(".recon_script").attr ('style', 'display:none');
|
||||
}
|
||||
|
||||
$('#mode').change(function() {
|
||||
if(this.value == 'recon_script') {
|
||||
$(".recon_script").attr ('style', '');
|
||||
$(".network_sweep").attr ('style', 'display:none');
|
||||
}
|
||||
else if(this.value == 'network_sweep') {
|
||||
$(".network_sweep").attr ('style', '');
|
||||
$(".recon_script").attr ('style', 'display:none');
|
||||
}
|
||||
});
|
||||
});
|
||||
/* ]]> */
|
||||
</script>
|
||||
|
|
Loading…
Reference in New Issue