Child pages
  • Errata - 3.3.2 Discoveries

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Add the below code after line 80 (after the index function, before the base function), and continue reading below.

Note that you must have

Code Block
    public function discoveries_fix()
    {
        $this->load->model('m_configuration');
        $this->m_configuration->load();
        $sql = 'SELECT * FROM discovery_scan_options WHERE id = ' . intval($this->config->config['discovery_default_scan_option']);
        $query = $this->db->query($sql);
        $result = $query->result();
        if ( ! empty($result)) {
            $scan_options = $result[0];
        } else {
            $sql = 'SELECT * FROM discovery_scan_options WHERE name LIKE "%fast" ORDER BY `name` DESC LIMIT 1';
            $query = $this->db->query($sql);
            $result = $query->result();
            if ( ! empty($result)) {
                $scan_options = $result[0];
            } else {
                echo '<h1>ERROR</h1><br /><p>There are no discovery scan options in the database we can use, please run the below in the MySQL client or contact <a href="https://opmantek.com">Opmantek</a> if you are a supported customer.';
                echo "<br /><br /><pre>\n";
                echo "INSERT INTO `discovery_scan_options` VALUES (1,'UltraFast',1,'Approximately 1 second per target. Scan only the ports that Open-AudIT needs to use to talk to the device and detect an IOS device (WMI, SSH, SNMP, Apple Sync). An open|filtered port is considered closed. Device must respond to an Nmap ping. Use aggressive timing.','y','n','n','n',0,4,0,0,'22,135,62078','161','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (2,'SuperFast',1,'Approximately 5 seconds per target. Scan the top 10 TCP and UDP ports, as well as port 62078 (Apple IOS detection). An open|filtered port is considered closed. Device must respond to an Nmap ping. Use aggressive timing.','y','n','n','n',0,4,10,10,'62078','','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (3,'Fast',1,'Approximately 40 seconds per target. Scan the top 100 TCP and UDP ports, as well as port 62078 (Apple IOS detection). An open|filtered port is considered closed. Device must respond to an Nmap ping. Use aggressive timing.','y','n','n','n',0,4,100,100,'62078','','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (4,'Medium (Classic)',1,'Approximately 90 seconds per target. As close to a traditional Open-AudIT scan as we can make it. Scan the top 1000 TCP ports, as well as 62078 (Apple IOS detection) and UDP 161 (SNMP). An open|filtered port is considered open (and will trigger device detection). Devices are scanned regardless of a response to an Nmap ping. Use aggressive timing.','n','n','y','y',0,4,1000,0,'62078','161','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (5,'Medium',1,'Approximately 100 seconds per target. Scan the top 1000 TCP and top 100 UDP ports, as well as port 62078 (Apple IOS detection). An open|filtered port is not considered open. Device must respond to an Nmap ping. Use aggressive timing.','y','n','n','n',0,4,1000,100,'62078','','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (6,'Slow',1,'Approximately 4 minutes per target. Scan the top 1000 TCP and top 100 UDP ports, as well as port 62078 (Apple IOS detection). Version detection enabled. An open|filtered port is considered open (and will trigger device detection). Device must respond to an Nmap ping. Use normal timing.','y','y','y','y',0,3,1000,100,'62078','','','','','22','','system','2000-01-01 00:00:00');\n\n
INSERT INTO `discovery_scan_options` VALUES (7,'UltraSlow',1,'Approximately 20 minutes. Not recommended. Scan the top 1000 TCP and UDP ports, as well as port 62078 (Apple IOS detection). Devices are scanned regardless of a response to an Nmap ping. Version detection enabled. An open|filtered port is considered open (and will trigger device detection). Use polite timing.','n','y','y','y',0,2,1000,1000,'62078','','','','','22','','system','2000-01-01 00:00:00');\n\n</pre>";
                exit;
            }
        }
        echo "<h3>Please save this page for reference</h3>\n";
        echo '<hr /><pre>';
        $other = new stdCLass();
        $other->ad_domain = '';
        $other->ad_server = '';
        $other->subnet = '';
        $other->nmap = new stdClass();
        $other->nmap->discovery_scan_option_id = intval($scan_options->id);
        $other->nmap->filtered = $scan_options->filtered;
        $other->nmap->{'open|filtered'} = $scan_options->{'open|filtered'};
        $other->nmap->ping = $scan_options->ping;
        $other->nmap->service_version = $scan_options->service_version;
        $other->nmap->ssh_ports = $scan_options->ssh_ports;
        $other->nmap->tcp_ports = $scan_options->tcp_ports;
        $other->nmap->timing = $scan_options->timing;
        $other->nmap->udp_ports = $scan_options->udp_ports;
        $other->nmap->timeout = $scan_options->timeout;
        $other->nmap->nmap_tcp_ports = $scan_options->nmap_tcp_ports;
        $other->nmap->nmap_udp_ports = $scan_options->nmap_udp_ports;
        $other->match = new stdClass();
        $warning = '<b>WARNING</b>';
        $error = '<b>ERROR</b>';
        $sql = 'SELECT * FROM discoveries';
        $query = $this->db->query($sql);
        $result = $query->result();
        foreach ($result as $discovery) {
            echo 'Checking discovery named: ' . htmlentities($discovery->name);
            $original_discovery = clone $discovery;
            $original_discovery->other = @json_decode($original_discovery->other);
            $output = '';
            if (empty($discovery->other)) {
                $output .= $error . " - There is no discoveries.other attribute. This discovery will never run. Please delete it.\n";
                $discovery->other = $other;
            } else {
                $discovery->other = json_decode($discovery->other);
            }
            if (empty($discovery->other->subnet) && $discovery->type === 'subnet') {
                $output .= $error . " - There is no discoveries.other.subnet attribute, although the discoveries.type is subnet. This discovery will never run. Please delete it.\n";
            }
            if ((empty($discovery->other->ad_server) OR empty($discovery->other->ad_domain)) && $discovery->type === 'active directory') {
                $output .= $error . " - There is no discoveries.other.ad_server or discoveries.other.ad_domain attribute, although the discoveries.type is active directory. This discovery will never run. Please delete it.\n";
            }
            if (empty($discovery->other->nmap)) {
                $discovery->other->nmap = $other->nmap;
                $output .= $warning . " - No discoveries.other.nmap, populating with default.\n";
            }
            if (empty($discovery->other->match)) {
                $discovery->other->match = $other->match;
                $output .= $warning . " - No discoveries.other.match, populating with default.\n";
            }
            if ($output !== '') {
                echo "\n{$output}\n";
                $sql = "UPDATE discoveries SET other = '" . json_encode($discovery->other) . "' WHERE id = " . intval($discovery->id);
                echo $sql . "\n";
                $query = $this->db->query($sql);
                echo "</pre>\n";
                echo "<table><tr><td style=\"vertical-align:text-top\"><b>Original</b>\n<pre>\n";
                print_r($original_discovery);
                echo "</pre></td><td style=\"vertical-align:text-top\"><b>Modified</b>\n<pre>\n";
                print_r($discovery);
                echo "</pre></td></tr></table>\n<pre>\n\n<hr />\n";
            } else {
                echo " - PASSED.\n\n<hr />\n";
            }
        }
    }

...

Once that code has been added, call the below URL in your browser (after logging in to Open-AudIT). Note that you must have the 'admin' role to access the below page.

http://YOUR_SERVER/open-audit/index.php/test/discoveries_fix

...

Checking discovery named: Test Bad JSON Discovery
WARNING - No discoveries.other.nmap, populating with default.
WARNING - No discoveries.other.match, populating with default.

UPDATE discoveries SET other = '{"ad_domain":"","ad_server":"","subnet":"192.168.1.0\/24","nmap":{"discovery_scan_option_id":1,"filtered":"n","open|filtered":"n","ping":"y","service_version":"n","ssh_ports":"22","tcp_ports":"22,135,62078","timing":"4","udp_ports":"161","timeout":"0","nmap_tcp_ports":"0","nmap_udp_ports":"0"},"match":{}}' WHERE id = 23
Original
stdClass Object
(
    [id] => 23
    [name] => Test Bad JSON Discovery
    [org_id] => 1
    [description] => Subnet - 192.168.1.0/24
    [type] => subnet
    [devices_assigned_to_org] => 1
    [devices_assigned_to_location] => 1
    [network_address] => 
    [system_id] => 0
    [other] => stdClass Object
        (
            [ad_domain] => 
            [ad_server] => 
            [subnet] => 192.168.1.0/24
        )

    [options] => 
    [discard] => n
    [last_run] => 2001-01-01 00:00:00
    [last_finished] => 2001-01-01 00:00:00
    [duration] => 00:00:00
    [status] => 
    [ip_all_count] => 0
    [ip_responding_count] => 0
    [ip_scanned_count] => 0
    [ip_discovered_count] => 0
    [ip_audited_count] => 0
    [edited_by] => Admin
    [edited_date] => 2020-05-21 15:26:22
)
Modified
stdClass Object
(
    [id] => 23
    [name] => Test Bad JSON Discovery
    [org_id] => 1
    [description] => Subnet - 192.168.1.0/24
    [type] => subnet
    [devices_assigned_to_org] => 1
    [devices_assigned_to_location] => 1
    [network_address] => 
    [system_id] => 0
    [other] => stdClass Object
        (
            [ad_domain] => 
            [ad_server] => 
            [subnet] => 192.168.1.0/24
            [nmap] => stdClass Object
                (
                    [discovery_scan_option_id] => 1
                    [filtered] => n
                    [open|filtered] => n
                    [ping] => y
                    [service_version] => n
                    [ssh_ports] => 22
                    [tcp_ports] => 22,135,62078
                    [timing] => 4
                    [udp_ports] => 161
                    [timeout] => 0
                    [nmap_tcp_ports] => 0
                    [nmap_udp_ports] => 0
                )

            [match] => stdClass Object
                (
                )

        )

    [options] => 
    [discard] => n
    [last_run] => 2001-01-01 00:00:00
    [last_finished] => 2001-01-01 00:00:00
    [duration] => 00:00:00
    [status] => 
    [ip_all_count] => 0
    [ip_responding_count] => 0
    [ip_scanned_count] => 0
    [ip_discovered_count] => 0
    [ip_audited_count] => 0
    [edited_by] => Admin
    [edited_date] => 2020-05-21 15:26:22
)

...