NathanGibbs3 / BASE / 584

pending completion

Build # 584

Build Type

push

travis-ci-com

Committed by

NathanGibbs3

Commit Message

20230412 Fix CI build breakage.
         Related Issue(s) #158

Run Details

2 of 2 new or added lines in 1 file covered. (100.0%)

2594 of 16816 relevant lines covered (15.43%)

20.97 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/base_stat_iplink.php

<?php
/*******************************************************************************
** Basic Analysis and Security Engine (BASE)
** Copyright (C) 2004 BASE Project Team
** Copyright (C) 2000 Carnegie Mellon University
**
** (see the file 'base_main.php' for license details)
**
** Project Leads: Kevin Johnson <kjohnson@secureideas.net>
**                Sean Muller <samwise_diver@users.sourceforge.net>
** Built upon work by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
**
** Purpose: Displays statistics on communication links (IP addresses) 
**
** Input GET/POST variables
**   - caller
**   - submit: 
********************************************************************************
** Authors:
********************************************************************************
** Kevin Johnson <kjohnson@secureideas.net
**
********************************************************************************
*/

include ("base_conf.php");
include_once ("$BASE_path/includes/base_constants.inc.php");
include ("$BASE_path/includes/base_include.inc.php");
include_once ("$BASE_path/base_db_common.php");
include_once ("$BASE_path/base_qry_common.php");
include_once ("$BASE_path/base_stat_common.php");

AuthorizedRole(10000);
$et = new EventTiming($debug_time_mode);
$submit = ImportHTTPVar("submit", VAR_ALPHA | VAR_SPACE, array(_SELECTED, _ALLONSCREEN, _ENTIREQUERY));
$sort_order=ImportHTTPVar("sort_order", VAR_LETTER | VAR_USCORE);
$action = ImportHTTPVar("action", VAR_ALPHA);        
$cs = new CriteriaState("base_stat_iplink.php");
$cs->ReadState();
$qs = new QueryState();
$qs->AddCannedQuery("most_frequent", $freq_num_alerts, _MOSTFREQALERTS, "occur_d"); 
$qs->AddCannedQuery("last_alerts", $last_num_ualerts, _LASTALERTS, "last_d");
$qs->MoveView($submit);             /* increment the view if necessary */
$page_title = _SIPLTITLE;
if ( $qs->isCannedQuery() ){
        if ( $action == '' ){
            PrintBASESubHeader($page_title.": ".$qs->GetCurrentCannedQueryDesc(),
                                $page_title.": ".$qs->GetCurrentCannedQueryDesc(), 
                               $cs->GetBackLink(), 1);
        }else{
                        PrintBASESubHeader($page_title.": ".$qs->GetCurrentCannedQueryDesc(),
                                $page_title.": ".$qs->GetCurrentCannedQueryDesc(), 
                               $cs->GetBackLink(), $refresh_all_pages);
        }
}else{
        if ($action ==  '' ){
                PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1);
        }else{
                PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), $refresh_all_pages);
        }
}
$db = NewBASEDBConnection($DBlib_path, $DBtype); // Connect to the Alert DB.
$db->baseDBConnect(
        $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user,
        $alert_password
);
UpdateAlertCache($db);
$criteria_clauses = ProcessCriteria();
PrintCriteria('');

  $from = " FROM acid_event ".$criteria_clauses[0];
  $where = " WHERE ".$criteria_clauses[1];

  $qs->AddValidAction("ag_by_id");
  $qs->AddValidAction("ag_by_name");
  $qs->AddValidAction("add_new_ag");
  $qs->AddValidAction("del_alert");
  $qs->AddValidAction("email_alert");
  $qs->AddValidAction("email_alert2");
  $qs->AddValidAction("csv_alert");
  $qs->AddValidAction("archive_alert");
  $qs->AddValidAction("archive_alert2");

  $qs->AddValidActionOp(_SELECTED);
  $qs->AddValidActionOp(_ALLONSCREEN);

  $qs->SetActionSQL($from.$where);
  $et->Mark("Initialization");

  $qs->RunAction($submit, PAGE_STAT_IPLINK, $db);
  $et->Mark("Alert Action");

  /* Run the query to determine the number of rows (No LIMIT)*/
  $qs->current_view = 0;
  $qs->num_result_rows = UniqueLinkCnt($db, $criteria_clauses[0], $criteria_clauses[1]);
  $et->Mark("Counting Result size");
// Setup the Query Results Table */
$qro = new QueryResultsOutput("base_stat_iplink.php?caller=".$caller);
$qro->AddTitle('');
$qro->AddTitle(_SIPLSOURCEFGDN);
$qro->AddTitle( _PSSRCIP,
        "sip_a", "", " ORDER BY ip_src ASC",
        "sip_d", "", " ORDER BY ip_src DESC", 'right'
);
$qro->AddTitle(_SIPLDIRECTION);
$qro->AddTitle( _PSDSTIP,
        "dip_a", "", " ORDER BY ip_dst ASC",
        "dip_d", "", " ORDER BY ip_dst DESC", 'right'
);
$qro->AddTitle(_SIPLDESTFGDN);
$qro->AddTitle( _SIPLPROTO, '','','','','','','left' );
$qro->AddTitle(_SIPLUNIDSTPORTS, '','','','','','','right');
$qro->AddTitle(_SIPLUNIEVENTS, '','','','','','','right');
$qro->AddTitle(_SIPLTOTALEVENTS, '','','','','','','right');

// Issue #168
$sql = "SELECT DISTINCT acid_event.ip_src, acid_event.ip_dst, ".
        "acid_event.ip_proto ";
$sqlPFX = $from.$where;
$sort_sql = $qro->GetSortSQL($qs->GetCurrentSort(), $qs->GetCurrentCannedQuerySort());
if ( !is_null($sort_sql) ){
        $sqlPFX = $sort_sql[0].$sqlPFX.$sort_sql[1];
}
$sql .= $sqlPFX;
if ( is_numeric($submit) ){
        $qs->current_view = $submit;
}
// Run the Query again for the actual data (with the LIMIT), if any.
$result = $qs->ExecuteOutputQuery($sql, $db);
$et->Mark("Retrieve Query Data");
if ( $debug_mode > 0 ){
        if ( $qs->isCannedQuery() ){
                $CCF = 'Yes';
                $qs->PrintCannedQueryList();
        }else{
                $CCF = 'No';
        }
        print "Canned Query: $CCF <br/>";
        $qs->DumpState();
        print "SQL Executed: $sql <br/>";
}
$qs->PrintResultCnt(); // Print current view number and # of rows.

  echo '<FORM METHOD="post" NAME="PacketForm" ACTION="base_stat_iplink.php">';
  
  $qro->PrintHeader();

  $i = 0;
  while ( ($myrow = $result->baseFetchRow()) && ($i < $qs->GetDisplayRowCnt()) )
  {
     $sip = $myrow[0];
     $dip = $myrow[1];
     $proto = $myrow[2];  
        if ( $resolve_IP == 1 ){
                $sip_fqdn = baseGetHostByAddr(baseLong2IP($sip), $db, $dns_cache_lifetime);
                $dip_fqdn = baseGetHostByAddr(baseLong2IP($dip), $db, $dns_cache_lifetime);
        }else{
                $sip_fqdn =_PSNODNS;
                $sip_fqdn =_PSNODNS;
        }
        if ( $sip && $dip ){ // Get stats on the link.
        $temp = "SELECT COUNT(DISTINCT layer4_dport), ".
                 "COUNT(acid_event.cid), COUNT(DISTINCT acid_event.signature)  ".
                 $from.$where." AND acid_event.ip_src='".$sip."' AND acid_event.ip_dst='".$dip."' AND acid_event.ip_proto='".$proto."'";

        $result2 = $db->baseExecute($temp);
        $row = $result2->baseFetchRow();
        $num_occurances = $row[1];
        $num_unique_dport = $row[0];
        $num_unique = $row[2];
        $result2->baseFreeRows(); 

        /* Print out */ 
        qroPrintEntryHeader($i);

        $tmp_ip_criteria = 
          '&amp;ip_addr%5B0%5D%5B0%5D=+&amp;ip_addr%5B0%5D%5B1%5D=ip_src&amp;ip_addr%5B0%5D%5B2%5D=%3D'.
          '&amp;ip_addr%5B0%5D%5B3%5D='.baseLong2IP($sip).
          '&amp;ip_addr%5B0%5D%5B8%5D=+&amp;ip_addr%5B0%5D%5B9%5D=AND'.
          '&amp;ip_addr%5B1%5D%5B0%5D=+&amp;ip_addr%5B1%5D%5B1%5D=ip_dst&amp;ip_addr%5B1%5D%5B2%5D=%3D'.
          '&amp;ip_addr%5B1%5D%5B3%5D='.baseLong2IP($dip).
          '&amp;ip_addr%5B1%5D%5B8%5D=+&amp;ip_addr%5B1%5D%5B9%5D=+'.
          '&amp;ip_addr_cnt=2&amp;layer4='.IPProto2str($proto).
          '&amp;sort_order='.$sort_order;

        $tmp_rowid = $sip . "_" . $dip . "_" . $proto;
        echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst['.$i.']" VALUE="'.$tmp_rowid.'"></TD>';
        echo '        <INPUT TYPE="hidden" NAME="action_lst['.$i.']" VALUE="'.$tmp_rowid.'">';
                qroPrintEntry($sip_fqdn, 'right');
                qroPrintEntry(
                        BuildAddressLink(baseLong2IP($sip), 32).baseLong2IP($sip).'</a>',
                        'right'
                );
                qroPrintEntry('-->');
                qroPrintEntry(
                        BuildAddressLink(baseLong2IP($dip), 32).baseLong2IP($dip).'</a>',
                        'right'
                );
                qroPrintEntry($dip_fqdn,'right');
                qroPrintEntry(IPProto2str($proto),'left');
        $tmp = '<A HREF="base_stat_ports.php?port_type=2&amp;proto='.$proto.$tmp_ip_criteria.'">';
                qroPrintEntry($tmp.$num_unique_dport.'</a>','right');
        $tmp = '<A HREF="base_stat_alerts.php?foo=1'.$tmp_ip_criteria.'">';
                qroPrintEntry($tmp.$num_unique.'</a>','right');
        $tmp = '<A HREF="base_qry_main.php?new=1'.
                      '&amp;num_result_rows=-1'.
                      '&amp;submit='._QUERYDBP.'&amp;current_view=-1'.$tmp_ip_criteria.'">'; 
                qroPrintEntry($tmp.$num_occurances.'</a>','right');
                qroPrintEntryFooter();
        }
        $i++;
}
  $result->baseFreeRows();

  $qro->PrintFooter();

  $qs->PrintBrowseButtons();
  $qs->PrintAlertActionButtons();
  $qs->SaveState();
        ExportHTTPVar("sort_order", $sort_order);
  echo "\n</FORM>\n";
$et->Mark("Get Query Elements");
PrintBASESubFooter();
?>

1	<?php
2	/*******************************************************************************
3	** Basic Analysis and Security Engine (BASE)
4	** Copyright (C) 2004 BASE Project Team
5	** Copyright (C) 2000 Carnegie Mellon University
6	**
7	** (see the file 'base_main.php' for license details)
8	**
9	** Project Leads: Kevin Johnson <kjohnson@secureideas.net>
10	** Sean Muller <samwise_diver@users.sourceforge.net>
11	** Built upon work by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12	**
13	** Purpose: Displays statistics on communication links (IP addresses)
14	**
15	** Input GET/POST variables
16	** - caller
17	** - submit:
18	********************************************************************************
19	** Authors:
20	********************************************************************************
21	** Kevin Johnson <kjohnson@secureideas.net
22	**
23	********************************************************************************
24	*/
25
26	include ("base_conf.php");	×
27	include_once ("$BASE_path/includes/base_constants.inc.php");	×
28	include ("$BASE_path/includes/base_include.inc.php");	×
29	include_once ("$BASE_path/base_db_common.php");	×
30	include_once ("$BASE_path/base_qry_common.php");	×
31	include_once ("$BASE_path/base_stat_common.php");	×
32
33	AuthorizedRole(10000);	×
34	$et = new EventTiming($debug_time_mode);	×
35	$submit = ImportHTTPVar("submit", VAR_ALPHA \| VAR_SPACE, array(_SELECTED, _ALLONSCREEN, _ENTIREQUERY));	×
36	$sort_order=ImportHTTPVar("sort_order", VAR_LETTER \| VAR_USCORE);	×
37	$action = ImportHTTPVar("action", VAR_ALPHA);	×
38	$cs = new CriteriaState("base_stat_iplink.php");	×
39	$cs->ReadState();	×
40	$qs = new QueryState();	×
41	$qs->AddCannedQuery("most_frequent", $freq_num_alerts, _MOSTFREQALERTS, "occur_d");	×
42	$qs->AddCannedQuery("last_alerts", $last_num_ualerts, _LASTALERTS, "last_d");	×
43	$qs->MoveView($submit); /* increment the view if necessary */	×
44	$page_title = _SIPLTITLE;	×
45	if ( $qs->isCannedQuery() ){	×
46	if ( $action == '' ){	×
47	PrintBASESubHeader($page_title.": ".$qs->GetCurrentCannedQueryDesc(),	×
48	$page_title.": ".$qs->GetCurrentCannedQueryDesc(),	×
49	$cs->GetBackLink(), 1);	×
50	}else{	×
51	PrintBASESubHeader($page_title.": ".$qs->GetCurrentCannedQueryDesc(),	×
52	$page_title.": ".$qs->GetCurrentCannedQueryDesc(),	×
53	$cs->GetBackLink(), $refresh_all_pages);	×
54	}
55	}else{	×
56	if ($action == '' ){	×
57	PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1);	×
58	}else{	×
59	PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), $refresh_all_pages);	×
60	}
61	}
62	$db = NewBASEDBConnection($DBlib_path, $DBtype); // Connect to the Alert DB.	×
63	$db->baseDBConnect(	×
64	$db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user,
65	$alert_password
66	);
67	UpdateAlertCache($db);	×
68	$criteria_clauses = ProcessCriteria();	×
69	PrintCriteria('');	×
70
71	$from = " FROM acid_event ".$criteria_clauses[0];	×
72	$where = " WHERE ".$criteria_clauses[1];	×
73
74	$qs->AddValidAction("ag_by_id");	×
75	$qs->AddValidAction("ag_by_name");	×
76	$qs->AddValidAction("add_new_ag");	×
77	$qs->AddValidAction("del_alert");	×
78	$qs->AddValidAction("email_alert");	×
79	$qs->AddValidAction("email_alert2");	×
80	$qs->AddValidAction("csv_alert");	×
81	$qs->AddValidAction("archive_alert");	×
82	$qs->AddValidAction("archive_alert2");	×
83
84	$qs->AddValidActionOp(_SELECTED);	×
85	$qs->AddValidActionOp(_ALLONSCREEN);	×
86
87	$qs->SetActionSQL($from.$where);	×
88	$et->Mark("Initialization");	×
89
90	$qs->RunAction($submit, PAGE_STAT_IPLINK, $db);	×
91	$et->Mark("Alert Action");	×
92
93	/* Run the query to determine the number of rows (No LIMIT)*/
94	$qs->current_view = 0;	×
95	$qs->num_result_rows = UniqueLinkCnt($db, $criteria_clauses[0], $criteria_clauses[1]);	×
96	$et->Mark("Counting Result size");	×
97	// Setup the Query Results Table */
98	$qro = new QueryResultsOutput("base_stat_iplink.php?caller=".$caller);	×
99	$qro->AddTitle('');	×
100	$qro->AddTitle(_SIPLSOURCEFGDN);	×
101	$qro->AddTitle( _PSSRCIP,	×
102	"sip_a", "", " ORDER BY ip_src ASC",
103	"sip_d", "", " ORDER BY ip_src DESC", 'right'
104	);
105	$qro->AddTitle(_SIPLDIRECTION);	×
106	$qro->AddTitle( _PSDSTIP,	×
107	"dip_a", "", " ORDER BY ip_dst ASC",
108	"dip_d", "", " ORDER BY ip_dst DESC", 'right'
109	);
110	$qro->AddTitle(_SIPLDESTFGDN);	×
111	$qro->AddTitle( _SIPLPROTO, '','','','','','','left' );	×
112	$qro->AddTitle(_SIPLUNIDSTPORTS, '','','','','','','right');	×
113	$qro->AddTitle(_SIPLUNIEVENTS, '','','','','','','right');	×
114	$qro->AddTitle(_SIPLTOTALEVENTS, '','','','','','','right');	×
115
116	// Issue #168
117	$sql = "SELECT DISTINCT acid_event.ip_src, acid_event.ip_dst, ".	×
118	"acid_event.ip_proto ";
119	$sqlPFX = $from.$where;	×
120	$sort_sql = $qro->GetSortSQL($qs->GetCurrentSort(), $qs->GetCurrentCannedQuerySort());	×
121	if ( !is_null($sort_sql) ){	×
122	$sqlPFX = $sort_sql[0].$sqlPFX.$sort_sql[1];	×
123	}
124	$sql .= $sqlPFX;	×
125	if ( is_numeric($submit) ){	×
126	$qs->current_view = $submit;	×
127	}
128	// Run the Query again for the actual data (with the LIMIT), if any.
129	$result = $qs->ExecuteOutputQuery($sql, $db);	×
130	$et->Mark("Retrieve Query Data");	×
131	if ( $debug_mode > 0 ){	×
132	if ( $qs->isCannedQuery() ){	×
133	$CCF = 'Yes';	×
134	$qs->PrintCannedQueryList();	×
135	}else{	×
136	$CCF = 'No';	×
137	}
138	print "Canned Query: $CCF <br/>";	×
139	$qs->DumpState();	×
140	print "SQL Executed: $sql <br/>";	×
141	}
142	$qs->PrintResultCnt(); // Print current view number and # of rows.	×
143
144	echo '<FORM METHOD="post" NAME="PacketForm" ACTION="base_stat_iplink.php">';	×
145
146	$qro->PrintHeader();	×
147
148	$i = 0;	×
149	while ( ($myrow = $result->baseFetchRow()) && ($i < $qs->GetDisplayRowCnt()) )	×
150	{
151	$sip = $myrow[0];	×
152	$dip = $myrow[1];	×
153	$proto = $myrow[2];	×
154	if ( $resolve_IP == 1 ){	×
155	$sip_fqdn = baseGetHostByAddr(baseLong2IP($sip), $db, $dns_cache_lifetime);	×
156	$dip_fqdn = baseGetHostByAddr(baseLong2IP($dip), $db, $dns_cache_lifetime);	×
157	}else{	×
158	$sip_fqdn =_PSNODNS;	×
159	$sip_fqdn =_PSNODNS;	×
160	}
161	if ( $sip && $dip ){ // Get stats on the link.	×
162	$temp = "SELECT COUNT(DISTINCT layer4_dport), ".	×
163	"COUNT(acid_event.cid), COUNT(DISTINCT acid_event.signature) ".
164	$from.$where." AND acid_event.ip_src='".$sip."' AND acid_event.ip_dst='".$dip."' AND acid_event.ip_proto='".$proto."'";
165
166	$result2 = $db->baseExecute($temp);	×
167	$row = $result2->baseFetchRow();	×
168	$num_occurances = $row[1];	×
169	$num_unique_dport = $row[0];	×
170	$num_unique = $row[2];	×
171	$result2->baseFreeRows();	×
172
173	/* Print out */
174	qroPrintEntryHeader($i);	×
175
176	$tmp_ip_criteria =	×
177	'&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src&ip_addr%5B0%5D%5B2%5D=%3D'.
178	'&ip_addr%5B0%5D%5B3%5D='.baseLong2IP($sip).	×
179	'&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=AND'.
180	'&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst&ip_addr%5B1%5D%5B2%5D=%3D'.
181	'&ip_addr%5B1%5D%5B3%5D='.baseLong2IP($dip).	×
182	'&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+'.
183	'&ip_addr_cnt=2&layer4='.IPProto2str($proto).	×
184	'&sort_order='.$sort_order;
185
186	$tmp_rowid = $sip . "_" . $dip . "_" . $proto;	×
187	echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst['.$i.']" VALUE="'.$tmp_rowid.'"></TD>';	×
188	echo ' <INPUT TYPE="hidden" NAME="action_lst['.$i.']" VALUE="'.$tmp_rowid.'">';	×
189	qroPrintEntry($sip_fqdn, 'right');	×
190	qroPrintEntry(	×
191	BuildAddressLink(baseLong2IP($sip), 32).baseLong2IP($sip).'</a>',	×
192	'right'
193	);
194	qroPrintEntry('-->');	×
195	qroPrintEntry(	×
196	BuildAddressLink(baseLong2IP($dip), 32).baseLong2IP($dip).'</a>',	×
197	'right'
198	);
199	qroPrintEntry($dip_fqdn,'right');	×
200	qroPrintEntry(IPProto2str($proto),'left');	×
201	$tmp = '<A HREF="base_stat_ports.php?port_type=2&proto='.$proto.$tmp_ip_criteria.'">';	×
202	qroPrintEntry($tmp.$num_unique_dport.'</a>','right');	×
203	$tmp = '<A HREF="base_stat_alerts.php?foo=1'.$tmp_ip_criteria.'">';	×
204	qroPrintEntry($tmp.$num_unique.'</a>','right');	×
205	$tmp = '<A HREF="base_qry_main.php?new=1'.	×
206	'&num_result_rows=-1'.
207	'&submit='._QUERYDBP.'&current_view=-1'.$tmp_ip_criteria.'">';
208	qroPrintEntry($tmp.$num_occurances.'</a>','right');	×
209	qroPrintEntryFooter();	×
210	}
211	$i++;	×
212	}
213	$result->baseFreeRows();	×
214
215	$qro->PrintFooter();	×
216
217	$qs->PrintBrowseButtons();	×
218	$qs->PrintAlertActionButtons();	×
219	$qs->SaveState();	×
220	ExportHTTPVar("sort_order", $sort_order);	×
221	echo "\n</FORM>\n";	×
222	$et->Mark("Get Query Elements");	×
223	PrintBASESubFooter();	×
224	?>

NathanGibbs3 / BASE / 584

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous