Skip to content

Commit

Permalink
Merge branch 'dev'
Browse files Browse the repository at this point in the history
  • Loading branch information
mark-unwin committed Oct 20, 2017
2 parents c01574d + 4f89aa8 commit bfb7791
Show file tree
Hide file tree
Showing 342 changed files with 1,182 additions and 550 deletions.
4 changes: 2 additions & 2 deletions code_igniter/application/config/config.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
if (! defined('BASEPATH')) {
exit('No direct script access allowed');
}
$config['web_internal_version'] = '20170919';
$config['web_display_version'] = '2.0.8';
$config['web_internal_version'] = '20171010';
$config['web_display_version'] = '2.0.10';
# $config['debug'] = false;
/*
|--------------------------------------------------------------------------
Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/agents.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/attributes.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/charts.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/collectors.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/configuration.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/connections.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/credentials.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/custom.php
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
* @author Mark Unwin <[email protected]>
*
*
* @version 2.0.8
* @version 2.0.10
*
* @copyright Copyright (c) 2014, Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
Expand Down
7 changes: 6 additions & 1 deletion code_igniter/application/controllers/database.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down Expand Up @@ -677,6 +677,11 @@ public function update()
include "db_upgrades/db_2.0.8.php";
}

if (($db_internal_version < '20171010') and ($this->db->platform() == 'mysql')) {
# upgrade for 2.0.10
include "db_upgrades/db_2.0.10.php";
}

$this->data['include'] = 'v_database_update';
$this->data['heading'] = 'Database Upgrade';
$this->data['success'] = "Database upgraded successfully. New database version is ".$this->config->config['display_version']." (".$this->config->config['internal_version'].")";
Expand Down
73 changes: 73 additions & 0 deletions code_igniter/application/controllers/db_upgrades/db_2.0.10.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
<?php
/**
# Copyright 2003-2015 Opmantek Limited (www.opmantek.com)
#
# ALL CODE MODIFICATIONS MUST BE SENT TO [email protected]
#
# This file is part of Open-AudIT.
#
# Open-AudIT is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Open-AudIT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with Open-AudIT (most likely in a file named LICENSE).
# If not, see <http://www.gnu.org/licenses/>
#
# For further information on Open-AudIT or for a license other than AGPL please see
# www.opmantek.com or email [email protected]
#
# *****************************************************************************
*
**/

$this->log_db('Upgrade database to 2.0.10 commenced');

$sql = "DELETE FROM `configuration` WHERE name = 'discovery_linux_use_sudo'";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "INSERT INTO `configuration` VALUES (NULL,'discovery_linux_use_sudo','y','bool','y','system','2000-01-01 00:00:00','When running discovery commands on a Linux target, should we use sudo.')";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "DELETE FROM `configuration` WHERE name = 'delete_noncurrent_netstat'";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "INSERT INTO `configuration` VALUES (NULL,'delete_noncurrent_netstat','y','bool','y','system','2000-01-01 00:00:00','Should we store non-current netstat data and generate change logs.')";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "DELETE FROM `configuration` WHERE name = 'delete_noncurrent_variable'";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "INSERT INTO `configuration` VALUES (NULL,'delete_noncurrent_variable','y','bool','y','system','2000-01-01 00:00:00','Should we store non-current environment variable data and generate change logs.')";
$this->db->query($sql);
$this->log_db($this->db->last_query());

# fields
alter_table('fields', 'type', "`type` enum('varchar','list','date') NOT NULL DEFAULT 'varchar'");

# ldap_servers
alter_table('ldap_servers', 'port', "`port` varchar(200) NOT NULL DEFAULT '389'");

# set our versions
$sql = "UPDATE `configuration` SET `value` = '20171010' WHERE `name` = 'internal_version'";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$sql = "UPDATE `configuration` SET `value` = '2.0.10' WHERE `name` = 'display_version'";
$this->db->query($sql);
$this->log_db($this->db->last_query());

$this->log_db("Upgrade database to 2.0.10 completed");
$this->config->config['internal_version'] = '20171010';
$this->config->config['display_version'] = '2.0.10';
24 changes: 23 additions & 1 deletion code_igniter/application/controllers/devices.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down Expand Up @@ -191,6 +191,28 @@ private function create()
$device->last_seen = $this->config->config['timestamp'];
$this->load->model('m_devices');
$id = $this->m_devices->create($device);
$device->id = $id;
if (!empty($device->ip) and !empty($device->netmask)) {
$this->load->helper('network');
$network = network_details($device->ip . ' ' . $device->netmask);
if (empty($network->error)) {
$this->load->model('m_devices_components');
$device_ip = new stdClass();
$device_ip->mac = '';
$device_ip->net_index = '';
$device_ip->ip = $network->address;
$device_ip->netmask = $network->netmask;
$device_ip->cidr = $network->network_slash;
$device_ip->version = 4;
$device_ip->network = $network->network . '/' . $network->network_slash;
$device_ip->set_by = '';
$input = new stdClass();
$input->item = array();
$input->item[] = $device_ip;
$error = $this->m_devices_components->process_component('ip', $device, $input);
}
}

if ($this->response->meta->format == 'screen') {
redirect('devices/' . $id);
} else {
Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/discoveries.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/discovery.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/errors.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/fields.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/files.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/groups.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/help.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
2 changes: 1 addition & 1 deletion code_igniter/application/controllers/home.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
* @author Mark Unwin <[email protected]>
* @copyright 2014 Opmantek
* @license http://www.gnu.org/licenses/agpl-3.0.html aGPL v3
* @version 2.0.8
* @version 2.0.10
* @link http://www.open-audit.org
*/

Expand Down
22 changes: 17 additions & 5 deletions code_igniter/application/controllers/include_input_devices.php
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,6 @@
}

$details = $json->system;
$ids[] = discovery_log($log);
$json->system->mac_addresses = array();
if (!empty($json->network->item) and count($json->network->item) > 0) {
foreach ($json->network->item as $card) {
Expand All @@ -203,6 +202,22 @@

$received_system_id = '';
$received_status = "";

if (empty($details->id) and empty($details->ip) and empty($details->hostname)) {
$sql = "DELETE FROM discovery_log WHERE id IN (" . implode(',', $ids) . ")";
$query = $this->db->query($sql);
$log->summary = "Invalid audit result submitted";
$log->detail = "Audit result submitted, but no device id, ip or name received from " . $_SERVER['REMOTE_ADDR'] . " - NOT inserting or updating.";
$log->type = 'system';
$log->collection = 'input';
$log->action = 'create';
$log->function = 'devices';
$log->function = 'fail';
$log->severity = 3;
stdlog($log);
exit;
}

if (empty($details->id)) {
$details->id = '';
$log->message = "No system_id provided.";
Expand Down Expand Up @@ -308,9 +323,6 @@
$sql = "/* include_input_device */" . " DELETE FROM `discovery_log` WHERE `system_id` = ? AND `command` = 'process audit' AND pid != ?";
$data = array(intval($details->id), intval(getmypid()));
$query = $this->db->query($sql, $data);
// if ($this->response->meta->format == 'screen') {
// echo $this->db->last_query();
// }
} else {
# we were supplied an audit result, but no discovery_id
# delete all dicovery logs where system_id = our ID and log.pid != our pid
Expand All @@ -325,7 +337,7 @@

foreach ($json as $key => $value) {
if ($key != 'system' and $key != 'audit_wmi_fail' and $key != 'dns') {
if (!empty($json->{$key}->item)) {
if (!empty($json->{$key}->item) or $key == 'netstat') {
$this->m_devices_components->process_component($key, $details, $json->{$key});
}
}
Expand Down
25 changes: 12 additions & 13 deletions code_igniter/application/controllers/include_input_discoveries.php
Original file line number Diff line number Diff line change
Expand Up @@ -1042,7 +1042,7 @@
break;

case 'vmkernel':
case 'vmware' :
case 'vmware':
$audit_script = 'audit_esxi.sh';
break;

Expand Down Expand Up @@ -1135,7 +1135,7 @@
$unlink = '';
$source_name = $audit_script;
$log->message = 'Could not retrieve script from database for ' . $device->os_group;
$log->command = 'Nothing returned from database';
$log->command = $sql;
$log->status = 'fail';
discovery_log($log);
unset($log->command, $log->message, $log->status);
Expand Down Expand Up @@ -1184,16 +1184,17 @@

# audit anything that's not ESX
if ($audit_script != 'audit_esxi.sh' and $audit_script != '') {
# successfully copied and chmodded the audit script
// if (!empty($credentials_ssh->sudo)) {
// # run the audit script as a normal user, using sudo
// $command = 'echo "'.$credentials_ssh->credentials->password.'" | '.$credentials_ssh->sudo.' -S '.$this->config->item('discovery_linux_script_directory').$audit_script.' submit_online=y create_file=n url='.$discovery->network_address.'index.php/input/devices debugging='.$debugging.' system_id='.$device->id.' display=' . $display . ' last_seen_by=audit_ssh discovery_id='.$discovery->id;
// } else {
// # run the script without using sudo
// $command = $this->config->item('discovery_linux_script_directory').$audit_script.' submit_online=y create_file=n url='.$discovery->network_address.'index.php/input/devices debugging='.$debugging.' system_id='.$device->id.' display=' . $display . ' last_seen_by=audit_ssh discovery_id='.$discovery->id;
// }
$command = $this->config->item('discovery_linux_script_directory').$audit_script.' submit_online=y create_file=n url='.$discovery->network_address.'index.php/input/devices debugging='.$debugging.' system_id='.$device->id.' display=' . $display . ' last_seen_by=audit_ssh discovery_id='.$discovery->id;
$result = ssh_command($device->ip, $credentials_ssh, $command, $log, 'y');
if (!empty($this->config->item('discovery_linux_use_sudo')) and
$this->config->item('discovery_linux_use_sudo') !== 'y' and
strtolower($device->os_group) == 'linux') {
# Running linux audit without sudo
$log->message = 'Running Linux audit without sudo, as per config.';
discovery_log($log);
$result = ssh_command($device->ip, $credentials_ssh, $command, $log, 'n');
} else {
$result = ssh_command($device->ip, $credentials_ssh, $command, $log, 'y');
}
}
# audit ESX
# TODO - Cannot copy audit_esxi.sh - more work required to fix
Expand Down Expand Up @@ -1282,7 +1283,6 @@
unset($log->command, $log->message, $log->status);
$log->severity = 7;
}

}
}
}
Expand All @@ -1301,7 +1301,6 @@
unset($log->command, $log->message, $log->status);
$log->severity = 7;
}

} // close the 'skip'
#if ($audit_script != '') {
# $log->message = "Discovery has completed processing $device->ip (System ID $device->id) but an audit script result may be incoming.";
Expand Down
Loading

0 comments on commit bfb7791

Please sign in to comment.