NathanGibbs3 / BASE / 625

625

push

travis-ci-com

NathanGibbs3 
20230512 Standardized BASE Iconography.
         Using 3dicons from @realvjy
         https://github.com/realvjy/3dicons
         Thank You. :smile:

33 of 33 new or added lines in 3 files covered. (100.0%)

648 of 10178 relevant lines covered (6.37%)

71.31 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0
/base_maintenance.php
1 
<?php
2 
// Basic Analysis and Security Engine (BASE)
3 
// Copyright (C) 2019-2023 Nathan Gibbs
4 
// Copyright (C) 2004 BASE Project Team
5 
// Copyright (C) 2000 Carnegie Mellon University
6 
//
7 
//   For license info: See the file 'base_main.php'
8 
//
9 
//       Project Lead: Nathan Gibbs
10 
// Built upon work by: Kevin Johnson & the BASE Project Team
11 
//                     Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12 
//
13 
//            Purpose: status and event/dns/whois cache maintenance
14 
//
15 
//          Author(s): Nathan Gibbs
16 
//                     Kevin Johnson
17 









18



$sc = DIRECTORY_SEPARATOR;




×







19



require_once("includes$sc" . 'base_krnl.php');




×







20



include("$BASE_path/includes/base_include.inc.php");




×







21



include_once("$BASE_path/base_db_common.php");




×







22



include_once("$BASE_path/base_stat_common.php");




×







23



include_once("$BASE_path/setup/setup_db.inc.php");




×







24












25



$roleneeded = 10000;




×







26



$BUser = new BaseUser();




×







27



$AdminAuth = false; // Admin Actions Not Authorized by default.




×







28



if( $Use_Auth_System == 1 ){




×







29



        if( is_key('standalone', $_POST) ){




×







30



                $SaM = $_POST['standalone'];




×







31



        }else{




×







32



                $SaM = 'no';




×







33



        }










34



        if( $SaM == 'yes' ){




×







35



                $usrrole = $BUser->AuthenticateNoCookie(




×







36



                        filterSql($_POST['user']), filterSql($_POST['pwd'])




×







37



                );










38



                if( $usrrole == 'Failed' ){




×







39



                        HTTP_header('HTTP/1.0 401');




×







40



                }elseif( $usrrole > $roleneeded ){




×







41



                        HTTP_header('HTTP/1.0 403');




×







42



                }elseif( $usrrole == 1 ){




×







43



                        $AdminAuth = true;




×







44



                }










45



                $BCR->AddCap('UIMode', 'Con');




×







46



        }else{




×







47



                AuthorizedRole($roleneeded);




×







48



                $AdminAuth = AuthorizedRole(1);




×







49



        }










50



}










51



$cs = new CriteriaState("base_maintenance.php");




×







52



$cs->ReadState();




×







53



$db = NewBASEDBConnection($DBlib_path, $DBtype); // Connect to the Alert DB.




×







54



$db->baseDBConnect(




×







55



        $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user,










56



        $alert_password










57



);










58












59



// UI Presentation(s) Web & CLI.










60



$page_title = _MAINTTITLE;




×







61



if ($SaM == 'yes'){




×







62



        // Limit run time. PrintBASESubHeader() does this for the Web UI.










63



        if ( ini_get('safe_mode') != true ){




×







64



                set_time_limit($max_script_runtime);




×







65



        }










66



        NLIO("BASE $page_title - Logged in as: ".XSSPrintSafe($_POST['user']));




×







67



}else{




×







68



        PrintBASESubHeader(




×







69



                $page_title, $page_title, $cs->GetBackLink(), $refresh_all_pages




×







70



        );










71



        print '<br/>';




×







72



}










73












74



$submit = ImportHTTPVar("submit", VAR_ALPHA | VAR_SPACE);




×







75



if ( $AdminAuth ){ // Issue #146 Fix




×







76



        // Lockout non admin users from admin commands










77



        if ($SaM != 'yes'){




×







78



                print '<FORM METHOD="POST" ACTION="base_maintenance.php">';




×







79



        }










80



        if ( $debug_mode > 0 ){




×







81



                NLIO("submit = '$submit'");




×







82



        }










83



  $repair_output = NULL;




×







84



  if ( $submit == "Update Alert Cache" )




×







85



  {










86



     UpdateAlertCache($db);




×







87



  }










88



  else if ( $submit == "Rebuild Alert Cache" )




×







89



  {










90



     DropAlertCache($db);




×







91



     UpdateAlertCache($db);




×







92



  }










93



  else if ( $submit == "Update IP Cache" )




×







94



  {










95



     UpdateDNSCache($db);     




×







96



  }










97



  else if ( $submit == "Rebuild IP Cache" )




×







98



  {










99



     DropDNSCache($db);




×







100



     UpdateDNSCache($db);




×







101



  }










102



  else if ( $submit == "Update Whois Cache" )




×







103



  {










104



     UpdateWhoisCache($db);     




×







105



  }










106



  else if ( $submit == "Rebuild Whois Cache" )




×







107



  {










108



     DropWhoisCache($db);




×







109



     UpdateWhoisCache($db);




×







110



  }










111



  else if ( $submit == "Repair Tables")




×







112



  {










113



     //$repair_output = RepairDBTables($db);










114



     CreateBASEAG($db);




×







115



  }










116



  else if ( $submit == "Clear Data Tables")




×







117



  {










118



     ClearDataTables($db);




×







119



  }










120



        if( $SaM == 'yes' ){




×







121



                if( LoadedString($submit) ){




×







122



                        NLIO('Executed command: ' . XSSPrintSafe($submit));




×







123



                }










124



        }










125



}










126



NLIO();




×







127












128



$SW_Cli = 'unknown';




×







129



if( is_key('HTTP_USER_AGENT', $_SERVER) ){




×







130



        $SW_Cli = $_SERVER['HTTP_USER_AGENT'];




×







131



}










132



$title = _MNTCLIENT;




×







133



if( $AdminAuth ){ // Issue #146 Fix




×







134



        $title = _MNTPHP;




×







135



        $SW_Svr = 'unknown';




×







136



        if( is_key('SERVER_SOFTWARE', $_SERVER) ){




×







137



                $SW_Svr = $_SERVER['SERVER_SOFTWARE'];




×







138



        }










139



}










140



if ($SaM == 'yes'){




×







141



        if ($submit == 'status'){




×







142



                if ($AdminAuth){




×







143



                        NLIO($title);




×







144



                }










145



                NLIO(_MNTCLIENT.' '.XSSPrintSafe($SW_Cli));




×







146



        }










147



}else{




×







148



        PrintFramedBoxHeader($title, '#669999', 1,3,'left');




×







149



        NLIO('<b>'._MNTCLIENT.'</b> '.XSSPrintSafe($SW_Cli).'<br/>',4);




×







150



}










151



if ( $AdminAuth ){ // Issue #146 Fix




×







152



        $imgc = NLI('', 6);




×








153



        $imgc .= "<img class='icon' src='$BASE_urlpath" . '/images/';




×







154



        $PF_lst = array('Mail', 'GD', 'GMP');




×







155



        foreach( $PF_lst as $val ){




×







156



                $PF_St[$val] = $BCR->GetCap("PHP_$val");




×







157



        }










158



        $IER = ini_get('error_reporting');




×







159



        $ER_lst = array();




×







160



        if ( ($IER & E_ERROR) > 0 ){




×







161



                array_push($ER_lst, 'E_ERROR');




×







162



        }










163



        if ( ($IER & E_WARNING) > 0 ){




×







164



                array_push($ER_lst, 'E_WARNING');




×







165



        }










166



        if ( ($IER & E_PARSE) > 0 ){




×







167



                array_push($ER_lst, 'E_PARSE');




×







168



        }










169



        if ( ($IER & E_NOTICE) > 0 ){




×







170



                array_push($ER_lst, 'E_NOTICE');




×







171



        }










172



        if ( ($IER & E_CORE_WARNING) > 0 ){




×







173



                array_push($ER_lst, 'E_CORE_WARNING');




×







174



        }










175



        if ( ($IER & E_CORE_ERROR) > 0 ){




×







176



                array_push($ER_lst, 'E_CORE_ERROR');




×







177



        }










178



        if ( ($IER & E_COMPILE_ERROR) > 0 ){




×







179



                array_push($ER_lst, 'E_COMPILE_ERROR');




×







180



        }










181



        if ( ($IER & E_COMPILE_WARNING) > 0 ){




×







182



                array_push($ER_lst, 'E_COMPILE_WARNING');




×







183



        }










184



        $module_lst = get_loaded_extensions();




×







185



        foreach( $module_lst as $key => $val ){




×







186



                if ( preg_match("/ /", $val) ){




×







187



                        $module_lst[$key] = "'$val'";




×







188



                }










189



        }










190



        $PERL = ' '. implode(', ', $ER_lst);




×







191



        $PLM = ' ' . implode(', ', $module_lst);




×







192



        if ($SaM == 'yes'){




×







193



                if ($submit == 'status'){




×







194



                        NLIO(_MNTSERVER . ' ' . XSSPrintSafe($SW_Svr));




×







195



                        NLIO(_MNTSERVERHW .' ' . php_uname());




×







196



                        NLIO(_MNTPHPVER . ' ' . phpversion());




×







197



                        NLIO('PHP API: ' . php_sapi_name());




×







198



                        NLIO(




×







199



                                _MNTPHPLOGLVL . ' (' . $IER . ')' . $PERL




×







200



                        );










201



                        NLIO(_MNTPHPMODS . $PLM);




×







202



                        NLIO('PHP Capabilities: ');




×







203



                        foreach( $PF_St as $key => $val ){




×







204



                                $tmp = "$key ";




×







205



                                if ( !$val ){




×







206



                                        $tmp .= 'not ';




×







207



                                }










208



                                $tmp .= 'installed.';




×







209



                                NLIO($tmp);




×







210



                        }










211



                        NLIO();




×







212



                }










213



        }else{




×







214



print'         <B>'._MNTSERVER.'</B> '.XSSPrintSafe($SW_Svr).'<BR>




×







215



         <B>'._MNTSERVERHW.'</B> '.php_uname().'<BR>




×







216



         <B>'._MNTPHPVER.'</B> '.phpversion().'<BR>




×







217



         <B>PHP API:</B> '.php_sapi_name().'<BR>';




×







218












219



                NLIO(




×







220



                        '<b>' ._MNTPHPLOGLVL . ': </b> (' . $IER . ')' . $PERL . '<br/>', 




×







221



                        6










222



                );










223



                NLIO('<b>' . _MNTPHPMODS . ': </b>' . $PLM . '<br/>', 6);




×







224



                NLIO('<b>PHP Capabilities: </b>', 6);




×







225



                foreach( $PF_St as $key => $val ){




×








226



                        $FI = "base_icon_yes.png' alt='installed";




×







227



                        $tmp = "<b>$key: </b>";




×







228



                        if ( !$val ){




×







229



                                $tmp .= 'not ';




×








230



                                $FI = "base_icon_no.png' alt='not installed";




×







231



                        }










232



                        $FI .= "'/>";




×







233



                        if ( LoadedString($val) ){




×







234



                                $tmp .= " $val ";




×







235



                        };










236



                        $tmp .= 'installed.';




×







237



                        NLIO("$tmp$imgc$FI", 6);




×







238



                }










239



        }










240



}










241



if ($SaM == 'yes'){




×







242



        if ($submit == 'status'){




×







243



                NLIO();




×







244



        }










245



}else{




×







246



        PrintFramedBoxFooter(1,3);




×







247



        NLIO ('<br/>',3);




×







248



}










249



if ( $AdminAuth ){ // Issue #146 Fix




×







250



        $BV = $BCR->GetCap('BASE_Ver');




×







251



        $BInID = $BCR->GetCap('BASE_InID');




×







252



        $BK = $BCR->GetCap('BASE_Kernel');




×







253



        $BR = $BCR->GetCap('BASE_RTL');




×







254



        $BDev = $BCR->GetCap('BASE_Dev');




×







255



        $BF_lst = array('Mail', 'Mime', 'Graph');




×







256



        foreach( $BF_lst as $val ){




×







257



                $BF_St[$val] = $BCR->GetCap($val);




×







258



        }










259



        $BDevI = $imgc;




×







260



        if ( $BDev ){ // TD These.




×







261



                $BDevStatus = 'Development';




×








262



                $BDevI .= "base_icon_exclamation.png' alt='Developement Version.";




×







263



        }else{




×







264



                $BDevStatus = 'Official';




×








265



                $BDevI .=  "base_icon_yes.png' alt='Official Release";




×







266



        }










267



        $BDevI .= "'/>";




×







268



        $BADB = $BCR->GetCap('BASE_ADB');




×







269



        if ($SaM == 'yes'){




×







270



                if ($submit == 'status'){




×







271



                        NLIO("BASE Version: $BV");




×







272



                        if ( LoadedString($BInID) ){




×







273



                                NLIO("Install ID: $BInID");




×







274



                        }










275



                        NLIO("Kernel: $BK Runtime: $BR");




×







276



                        NLIO("Release: $BDevStatus");




×







277



                        NLIO("Features:");




×







278



                        foreach( $BF_St as $key => $val ){




×







279



                                $tmp = "$key ";




×







280



                                if ( !$val ){




×







281



                                        $tmp .= 'not ';




×







282



                                }










283



                                $tmp .= 'installed.';




×







284



                                NLIO($tmp);




×







285



                        }










286



                        NLIO();




×







287



                        NLIO(_DATABASE);




×







288



                        NLIO(_MNTDBALV." $ADODB_vers");




×







289



                        NLIO(_MNTDBTYPE." $DBtype");




×







290



                        NLIO(_MNTDBALERTNAME." $alert_dbname");




×







291



                        if ( $BADB ){




×







292



                                $ADBStatus = _MNTDBARCHNAME." $archive_dbname";




×







293



                        }else{




×







294



                                $ADBStatus = 'Archive DB: not enabled.'; // TD This.




×







295



                        }










296



                        NLIO($ADBStatus);




×







297



                        if ( $repair_output != '' ){




×







298



                                NLIO($repair_output);




×







299



                        }










300



                        NLIO();




×







301



                }










302



        }else{




×







303



                $ADBI = $imgc;




×







304



                $ADBStatus = '<b>';




×







305



                if ( $BADB ){




×







306



                        $ADBStatus .= _MNTDBARCHNAME




×







307



                        . ": </b>$archive_dbname";




×








308



                        $ADBI .=  "base_icon_yes.png' alt='Enabled.";




×







309



                }else{ // TD This.




×







310



                        $ADBStatus .= 'Archive DB: </b>not enabled.';




×








311



                        $ADBI .=  "base_icon_no.png' alt='Not enabled.";




×







312



                }










313



                $ADBI .= "'/>";




×







314



                PrintFramedBoxHeader('BASE Build:', '#669999', 1, 3, 'left');




×







315



                NLIO('<b>Version: </b>' . XSSPrintSafe($BV) . $BDevI . '<br/>', 6);




×







316



                if ( LoadedString($BInID) ){




×







317



                        NLIO('<b>Install ID: </b>' . XSSPrintSafe($BInID) . '<br/>', 6);




×







318



                }










319



                NLIO(




×







320



                        '<b>Kernel: </b>' . XSSPrintSafe($BK)




×







321



                        . ' <b>Runtime: </b>' . XSSPrintSafe($BR) . '<br/>',




×







322



                        6










323



                );










324



                NLIO(




×







325



                        '<b>Release: </b>' . XSSPrintSafe($BDevStatus) . $BDevI . '<br/>',




×







326



                        6










327



                );










328



                NLIO('<b>Features: </b>', 6);




×







329



                foreach( $BF_St as $key => $val ){




×








330



                        $FI = "base_icon_yes.png' alt='Installed";




×







331



                        $tmp = "<b>$key: </b>";




×







332



                        if ( !$val ){




×







333



                                $tmp .= 'not ';




×








334



                                $FI = "base_icon_no.png' alt='Not installed";




×







335



                        }










336



                        $FI .= "'/>";




×







337



                        $tmp .= 'installed.';




×







338



                        NLIO("$tmp$imgc$FI", 6);




×







339



                }










340



                PrintFramedBoxFooter(1,3);




×







341



                NLIO ('<br/>',3);




×







342



                PrintFramedBoxHeader(_DATABASE, '#669999', 1,3,'left');




×







343



                NLIO( '<b>' . _MNTDBALV . ": </b>$ADODB_vers" . '<br/>', 6);




×







344



  echo "<B>"._MNTDBTYPE."</B> $DBtype <BR>  




×







345



        <B>"._MNTDBALERTNAME."</B> $alert_dbname <BR>




×







346



";










347



                NLIO("$ADBStatus$ADBI" . '<br/>', 6);




×







348



                NLIO(




×







349



                        "<input class='admin' type='submit' name='submit'"










350



                        . " value='Repair Tables'>",










351



                        6










352



                );










353



                NLIO(




×







354



                        "<input class='admin' type='submit' name='submit'"










355



                        . " value='Clear Data Tables'>",










356



                        6










357



                );










358



  echo $repair_output;




×







359



                PrintFramedBoxFooter(1,3);




×







360



                NLIO ('<br/>',3);




×







361



        }










362



}










363



  $event_cnt_lst = $db->baseExecute("SELECT COUNT(*) FROM event");




×







364



  $event_cnt_row = $event_cnt_lst->baseFetchRow();




×







365



  $event_cnt = $event_cnt_row[0];




×







366



  $event_cnt_lst->baseFreeRows();




×







367












368



  $cache_event_cnt_lst = $db->baseExecute("SELECT COUNT(*) FROM acid_event");




×







369



  $cache_event_cnt_row = $cache_event_cnt_lst->baseFetchRow();




×







370



  $cache_event_cnt = $cache_event_cnt_row[0];




×







371



  $cache_event_cnt_lst->baseFreeRows();




×







372












373



  $uncached_sip_cnt = UniqueSrcIPCnt($db);




×







374



  $uncached_dip_cnt = UniqueDstIPCnt($db);




×







375



  










376



  $ip_result = $db->baseExecute("SELECT COUNT(DISTINCT ip_src) FROM acid_event ".




×







377



                                "INNER JOIN acid_ip_cache ON ipc_ip = ip_src ".










378



                                "WHERE ipc_fqdn is not NULL");










379



  $row = $ip_result->baseFetchRow();




×







380



  $ip_result->baseFreeRows();




×







381



  $cached_sip_cnt = $row[0];




×







382












383



  $ip_result = $db->baseExecute("SELECT COUNT(DISTINCT ip_dst) FROM acid_event ".




×







384



                                "INNER JOIN acid_ip_cache ON ipc_ip = ip_dst ".










385



                                "WHERE ipc_fqdn is not NULL");










386



  $row = $ip_result->baseFetchRow();




×







387



  $ip_result->baseFreeRows();




×







388



  $cached_dip_cnt = $row[0];




×







389












390



  $ip_result = $db->baseExecute("SELECT COUNT(DISTINCT ip_src) FROM acid_event ".




×







391



                                "INNER JOIN acid_ip_cache ON ipc_ip = ip_src ".










392



                                "WHERE ipc_whois is not NULL");










393



  $row = $ip_result->baseFetchRow();




×







394



  $ip_result->baseFreeRows();




×







395



  $cached_swhois_cnt = $row[0];




×







396












397



  $ip_result = $db->baseExecute("SELECT COUNT(DISTINCT ip_dst) FROM acid_event ".




×







398



                                "INNER JOIN acid_ip_cache ON ipc_ip = ip_dst ".










399



                                "WHERE ipc_whois is not NULL");










400



  $row = $ip_result->baseFetchRow();




×







401



  $ip_result->baseFreeRows();




×







402



  $cached_dwhois_cnt = $row[0];




×







403












404



if ($SaM == 'yes'){




×







405



        if ($submit == 'status'){




×







406



                NLIO(_MNTAIC);




×







407



                NLIO(_MNTAICTE.' '.$event_cnt);




×







408



                NLIO(_MNTAICCE.' '.$cache_event_cnt);




×







409



                NLIO();




×







410



                NLIO(_MNTIPAC.':');




×







411



                NLIO(




×







412



                        _MNTIPACUSIP.' '.$uncached_sip_cnt.' '.




×







413



                        _MNTIPACDNSC.' '.$cached_sip_cnt.' '.










414



                        _MNTIPACWC.' '.$cached_swhois_cnt










415



                );










416



                NLIO(




×







417



                        _MNTIPACUDIP.' '.$uncached_dip_cnt.' '.




×







418



                        _MNTIPACDNSC.' '.$cached_dip_cnt.' '.










419



                        _MNTIPACWC.' '.$cached_dwhois_cnt);










420



                NLIO();




×







421



        }










422



}else{




×







423



        PrintFramedBoxHeader(_MNTAIC, '#669999', 0,3,'left');




×







424



        NLIO("<td style='text-align: left; width: 25%;'>",5);




×







425












426



  echo '<B>'._MNTAICTE.'</B> '.$event_cnt.'&nbsp&nbsp




×







427



        <B>'._MNTAICCE.'</B> '.$cache_event_cnt;










428












429



        if ( $AdminAuth ){ // Issue #146 Fix




×







430



                NLIO(




×







431



                        "<input type='submit' name='submit' value='Update Alert Cache'>",










432



                        6










433



                );










434



                NLIO(




×







435



                        "<input class='admin' type='submit' name='submit'"










436



                        . " value='Rebuild Alert Cache'>",










437



                        6










438



                );










439



        }










440



        PrintFramedBoxFooter(1,3);




×







441



        NLIO ('<br/>',3);




×







442



        PrintFramedBoxHeader(_MNTIPAC, '#669999', 1,3,'left');




×







443












444



  echo '<B>'._MNTIPACUSIP.'</B> '.$uncached_sip_cnt.'&nbsp;&nbsp&nbsp;'.




×







445



       '<B>'._MNTIPACDNSC.'</B> '.$cached_sip_cnt.'&nbsp;&nbsp;&nbsp;'.










446



       '<B>'._MNTIPACWC.'</B> '.$cached_swhois_cnt.'<BR>'.










447



       '<B>'._MNTIPACUDIP.'</B> '.$uncached_dip_cnt.'&nbsp;&nbsp&nbsp;'.










448



       '<B>'._MNTIPACDNSC.'</B> '.$cached_dip_cnt.'&nbsp;&nbsp;&nbsp;'.










449



       '<B>'._MNTIPACWC.':</B> '.$cached_dwhois_cnt.'<BR>';










450



        if ( $AdminAuth ){ // Issue #146 Fix




×







451



                NLIO(




×







452



                        "<input type='submit' name='submit' value='Update IP Cache'>",










453



                        6










454



                );










455



                NLIO(




×







456



                        "<input type='submit' name='submit' value='Update Whois Cache'>",










457



                        6










458



                );










459



                NLIO(




×







460



                        "<input class='admin' type='submit' name='submit'"










461



                        . " value='Rebuild IP Cache'>",










462



                        6










463



                );










464



                NLIO(




×







465



                        "<input class='admin' type='submit' name='submit'"










466



                        . " value='Rebuild Whois Cache'>",










467



                        6










468



                );










469



        }










470



        PrintFramedBoxFooter(1,3);




×







471



        NLIO ('<br/>',3);




×







472



        if ( $AdminAuth ){ // Issue #146 Fix




×







473



                NLIO('</form>',2);




×







474



        }










475



        PrintBASESubFooter();




×







476



}










477



?>
























    

  • 

    •