"; $text .=" "; $snf=0; $undec=0; $safe=0; $reff=0; $inactive=0; $avlab=0; while(odbc_fetch_row($cnt)){ $snf +=odbc_result($cnt,"Sha1_SiteNotFound"); $undec +=odbc_result($cnt,"Sha1_Undecided"); $safe +=odbc_result($cnt,"Sha1_Safe"); $reff +=odbc_result($cnt,"Sha1_Reffered"); $inactive +=odbc_result($cnt,"Sha1_SiteInActive"); $avlab +=odbc_result($cnt,"AVLab"); $text .=""; } $text .= "

Analist Name	Sha1 he marked as SiteNotFound	Sha1 he marked as Undecided	Sha1 he marked as Safe	Sha1 he marked as Reffered	Sha1 he marked as SiteInActive	AVLab analyst marked from Referred to Lab-Completed-Safe or Lab-Completed-Malware
".odbc_result($cnt,"Analist")."	".odbc_result($cnt,"Sha1_SiteNotFound")."	".odbc_result($cnt,"Sha1_Undecided")."	".odbc_result($cnt,"Sha1_Safe")."	".odbc_result($cnt,"Sha1_Reffered")."	".odbc_result($cnt,"Sha1_SiteInActive")."	".odbc_result($cnt,"AVLab")."
Total	$snf	$undec	$safe	$reff	$inactive	$avlab

"; return $text; //return $sql; } function rep_class_site($range){ global $db_conn; set_range($range); global $from; global $to; $sql = 'select (SELECT count("SiteId") FROM "WhiteListing"."Sites" where "VerdictId" = 3 and "DateLastModified" between \''.$from.'\' and \''.$to.'\') as "Safe", (SELECT count("SiteId") FROM "WhiteListing"."Sites" where "VerdictId" = 4 and "DateLastModified" between \''.$from.'\' and \''.$to.'\') as "Malware", (SELECT count("SiteId") FROM "WhiteListing"."Sites" where "VerdictId" = 1 and "DateLastModified" between \''.$from.'\' and \''.$to.'\') as "Unknown", count("SiteId") as "Referred" FROM "WhiteListing"."Sites" where "VerdictId" = 4 and "DateLastModified" between \''.$from.'\' and \''.$to.'\''; $cl_site = odbc_exec($db_conn,$sql); $text= " "; while(odbc_fetch_row($cl_site)){ $text .=""; } $text .= "

Safe	Malware	Unknown	Referred
".odbc_result($cl_site,"Safe")."	".odbc_result($cl_site,"Malware")."	".odbc_result($cl_site,"Unknown")."	".odbc_result($cl_site,"Referred")."

"; return $text; } function set_rep_personal(){ return "

Analist Name	Sha1 he marked as SiteNotFound	Sha1 he marked as Undecided	Sha1 he marked as Safe	Sha1 he marked as Reffered	Sha1 he marked as SiteInActive	AVLab analyst marked from Referred to Lab-Completed-Safe or Lab-Completed-Malware

"; } function set_rep_class_site(){ return "

Safe	Malware	Unknown	Referred

"; } function lab_head(){ $text = "

LAB STATUS

NULL Do_Not_Submit_To_Crawler Submit_To_Crawler Submitted_To_Crawler Crawler_Failed Referred_Delayed Crawler_Completed_Safe Crawler_Completed_But_Did_Not_Find_Samples Under_Processing_By_Analyst Analyst_Completed_Safe

Get Report

"; return $text; } function crwl_head(){ $text = "

CRAWLER STATUS

NULL Cancel Pending Crawling Done

Get Report

"; return $text; } function rep_head($who){ $text = " "; switch ($who){ case 'user': // $text .="get_user_reports()"; break; case 'class_site': // $text .="get_site_class()"; break; case 'all_site': // $text .="get_all_site()"; break; case 'site_stat_chg': $text .=""; break; } $text .="

Lab/Crawler status changes

Today Yesterday This Week Last Week This Month Last Month This Year Last Year

th {padding-top:3px;padding-bottom:3px; text-align:center;color:#000; background-color:#DCDCDC;font-size:1.1em;} td { background-color:#FFFAF0;font-size:1.0em;} } "; } function lab_status($stat){ global $db_conn; $text =''; if($stat !='NULL'){ $sql = "SELECT \"SiteId\",\"SiteURL\",\"LabVerdictDesc\" from \"WhiteListing\".\"Sites\" left join \"WhiteListing\".\"LabVerdicts\" on(\"LabStatus\" =\"LabVerdictId\") where \"VerdictId\" =3 and \"LabStatus\" =$stat order by \"DateAdded\""; } else{ $sql = "SELECT \"SiteId\", \"SiteURL\",\"LabVerdictDesc\" from \"WhiteListing\".\"Sites\" left join \"WhiteListing\".\"LabVerdicts\" on(\"LabStatus\" =\"LabVerdictId\") where \"VerdictId\" =3 and \"LabStatus\" isnull order by \"DateAdded\""; } $lab_res = odbc_exec($db_conn,$sql); $i = 1; $text = " # Site Name "; if(odbc_num_rows($lab_res)>0){ while(odbc_fetch_row($lab_res)){ $text .= ""; $text .= ""; $i++; } $text .= " # Site Name $i ".odbc_result($lab_res,"SiteURL")." "; } return $text; } function crwls_status($stat){ global $db_conn; $text =''; if($stat !='NULL'){ $sql = "SELECT \"SiteId\",\"SiteURL\",\"CrawlerVerdictDesc\" from \"WhiteListing\".\"Sites\" left join \"WhiteListing\".\"CrawlerVerdicts\" on(\"CrawlerStatus\" =\"CrawlerVerdictId\") where \"VerdictId\" =3 and \"CrawlerVerdictId\" =$stat order by \"DateAdded\""; } else{ $sql = "SELECT \"SiteId\",\"SiteURL\",\"CrawlerVerdictDesc\" from \"WhiteListing\".\"Sites\" left join \"WhiteListing\".\"CrawlerVerdicts\" on(\"CrawlerStatus\" =\"CrawlerVerdictId\") where \"VerdictId\" =3 and \"CrawlerVerdictId\" isnull order by \"DateAdded\""; } $lab_res = odbc_exec($db_conn,$sql); $i = 1; $text = " "; if(odbc_num_rows($lab_res)>0){ while(odbc_fetch_row($lab_res)){ $text .= ""; $text .= ""; $i++; } $text .= " # Site Name $i ".odbc_result($lab_res,"SiteURL")." "; } return $text; } function set_site_trac(){ return " "; } function get_site_trac($range){ global $db_conn; global $from; global $to; set_range($range); $sql = "SELECT \"Ts\", \"Status Changed\", \"Login\", \"ObjectDesc\" FROM \"WhiteListing\".\"Site_Tracking\" join \"WhiteListing\".\"Users\" on \"UserId\" = userid join \"WhiteListing\".\"Objects\" on \"ObjectId\" = objectid where \"Ts\" between '$from' and '$to'"; $trac = odbc_exec($db_conn,$sql); $text = ''; $text .= " Time Stamp Status Changed Changed By "; while(odbc_fetch_row($trac)){ $text .= ""; } return $text; } function set_all_sites(){ return " Time Stamp Status Changed Changed By ".odbc_result($trac,"Ts")." ".(odbc_result($trac,"ObjectDesc").":".odbc_result($trac,"Status Changed"))." ".odbc_result($trac,"Login")." "; } function get_trust_vendr_list($vname){ $ret = 'No'; $db_sigdb = pg_connect('host=192.168.9.25 user=flsuser dbname=signerdb'); $sql = "SELECT count(*)as c_vendor from data where md5(signer_name)='$vname'"; $result = pg_query($sql); $cnt_vendor = pg_fetch_assoc($result); if($cnt_vendor['c_vendor']>0){$ret = "Yes";} return $ret; } function all_sites($range,$opt,$sort){ global $db_conn; set_range($range); global $from; global $to; switch($sort){ case 0: $sortBy = "DateAdded"; break; } switch($opt){ case 'all'; $sql = " SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"VerdictDesc\" from \"WhiteListing\".\"Verdicts\" where \"VerdictId\" = \"PreviousVerdictId\") as \"PreviousVerdict\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserLastModified\" )as \"User Last Modified\", \"DateAdded\", \"DateLastModified\",\"Comments\" FROM \"WhiteListing\".\"Sites\" join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"DateAdded\" between '$from' and '$to' order by \"$sortBy\""; break; case 'isoem'; $sql = " SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"VerdictDesc\" from \"WhiteListing\".\"Verdicts\" where \"VerdictId\" = \"PreviousVerdictId\") as \"PreviousVerdict\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserLastModified\" )as \"User Last Modified\", \"DateAdded\", \"DateLastModified\",\"Comments\" FROM \"WhiteListing\".\"Sites\" join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"DateAdded\" between '$from' and '$to' and \"IsOEM\" =1 order by \"$sortBy\""; break; case 'ispop'; $sql = " SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"VerdictDesc\" from \"WhiteListing\".\"Verdicts\" where \"VerdictId\" = \"PreviousVerdictId\") as \"PreviousVerdict\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserLastModified\" )as \"User Last Modified\", \"DateAdded\", \"DateLastModified\",\"Comments\" FROM \"WhiteListing\".\"Sites\" join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"DateAdded\" between '$from' and '$to' and \"Popler\" =1 order by \"$sortBy\""; break; case 'issig'; $sql = " SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"VerdictDesc\" from \"WhiteListing\".\"Verdicts\" where \"VerdictId\" = \"PreviousVerdictId\") as \"PreviousVerdict\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserLastModified\" )as \"User Last Modified\", \"DateAdded\", \"DateLastModified\",\"Comments\" FROM \"WhiteListing\".\"Sites\" join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"DateAdded\" between '$from' and '$to' and \"IsCodeSigned\" =1 order by \"$sortBy\""; break; case 'fp'; $sql = " SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"VerdictDesc\" from \"WhiteListing\".\"Verdicts\" where \"VerdictId\" = \"PreviousVerdictId\") as \"PreviousVerdict\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserLastModified\" )as \"User Last Modified\", \"DateAdded\", \"DateLastModified\",\"Comments\" FROM \"WhiteListing\".\"Sites\" join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"DateAdded\" between '$from' and '$to' and \"LastFPDate\" is not null order by \"$sortBy\""; break; } $all_sites = odbc_exec($db_conn,$sql); $text= " # Site Name Source Verdict User Added Data Added Sha1 Count Sha1 "; if ($opt=='issig'){ $text .=""; } $text.=""; $i=1; while(odbc_fetch_row($all_sites)){ $text .=""; if ($opt=='issig'){ $text .= ""; } $text .= ""; $i++; } //get_trust_vendr_list(odbc_result($sha1_sites,"Name")) $text .= " # Site Name Source Verdict User Added Data Added Sha1 Count Sha1 Count Sha1 Signer Name Is In Trusted Vendor List ".$i." ".odbc_result($all_sites,"SiteURL")." ".odbc_result($all_sites,"Source")." ".odbc_result($all_sites,"VerdictDesc")." ".odbc_result($all_sites,"User Added")." ".odbc_result($all_sites,"DateAdded")." show/hide sha1 "; $sql_sha1="select \"SHA1\",cert_subjects.\"Name\"::character varying(250),md5(cert_subjects.\"Name\")::character varying as v_name from \"WhiteListing\".\"FileSource\" join samples on (lower(\"SampleSha1\")=lower(\"SHA1\")) join samples_authcodes using (\"SampleId\") join certs using(\"CertId\") join cert_subjects using(\"SubjectId\") where \"ChildAuthcodeId\" isnull and \"SiteId\"=".odbc_result($all_sites,"SiteId").""; // $sql_sha1="select \"SHA1\",'test' as \"Name\" from \"WhiteListing\".\"FileSource\" where \"SiteId\"=".odbc_result($all_sites,"SiteId").""; $sha1_sites = odbc_exec($db_conn,$sql_sha1); $j=0; while(odbc_fetch_row($sha1_sites)){ $text .=odbc_result($sha1_sites,"SHA1")." "; $j++; } $text.=" $j ".odbc_result($sha1_sites,"Name")." ".get_trust_vendr_list(odbc_result($sha1_sites,"v_name"))." "; return $text; //return $sql_sha1; } function prnUnlock_sha1(){ global $db_conn; $sql = "SELECT count(\"SHA1\") as \"FLS_Sha1\", (SELECT count(\"SHA1\") FROM \"WhiteListing\".\"FileSource\" where \"isLock\" isnull and \"SourceId\" = 2) as \"Camdpams_Sha1\" FROM \"WhiteListing\".\"FileSource\" where \"isLock\" isnull and \"SourceId\" = 1;"; $all_sites = odbc_exec($db_conn,$sql); $text= " "; $all=0; while(odbc_fetch_row($all_sites)){ $all = odbc_result($all_sites,"FLS_SHA1") + odbc_result($all_sites,"Camdpams_Sha1"); $text .=""; } $text .= " Priotiy 1 Unlocked SHA1 Count Priotiy 2 Unlocked SHA1 Count Total ".odbc_result($all_sites,"FLS_SHA1")." ".odbc_result($all_sites,"Camdpams_Sha1")." $all "; return $text; } function prnlock_sha1(){ global $db_conn; $sql = " SELECT \"SHA1\", fs.\"DateAdded\",\"SourceName\",\"Login\", \"DateTimeLock\" FROM \"WhiteListing\".\"FileSource\" as fs join \"WhiteListing\".\"Sources\" using (\"SourceId\") join \"WhiteListing\".\"Users\" on (\"isLock\" = \"UserId\") where \"isLock\" is not null;"; $all_sites = odbc_exec($db_conn,$sql); $text= " "; $i=1; while(odbc_fetch_row($all_sites)){ $text .=""; $i++; } $text .= " # Sha1 DateAdded SourceName Login DateTimeLock ".$i." ".odbc_result($all_sites,"SHA1")." ".odbc_result($all_sites,"DateAdded")." ".odbc_result($all_sites,"SourceName")." ".odbc_result($all_sites,"Login")." ".odbc_result($all_sites,"DateTimeLock")." "; return $text; } function whois(){ $login = $_SESSION['login']; return $login; } function whoisId(){ global $db_conn; $login = $_SESSION['login']; $usrquery = odbc_exec($db_conn,"select \"UserId\" from \"WhiteListing\".\"Users\" where \"Login\" ='$login'"); $usrid = odbc_result($usrquery, "UserId"); return $usrid; } function addemail($email,$site){ global $db_conn; $site_rep = cut_site($site); $sql = "select \"WhiteListing\".add_email('$email','$site_rep')"; $eml_add = odbc_exec($db_conn,$sql); if ($eml_add) return "email added"; else return "Changes not save"; } function add_email_s($email,$siteid){ global $db_conn; $mail_sql = "select \"WhiteListing\".add_email_s('$email',$siteid )"; $add_mail = odbc_exec($db_conn,$mail_sql); if ($add_mail) return odbc_result($add_mail,1); else return "-1"; } function del_email_s($emailid){ global $db_conn; $mail_sql = "select \"WhiteListing\".del_email_s($emailid )"; $add_mail = odbc_exec($db_conn,$mail_sql); if ($add_mail) return "del email"; else return "-1"; } function change_URL($curr_url,$new_url){ global $db_conn; $login = $_SESSION['login']; $usrquery = odbc_exec($db_conn,"select \"UserId\" from \"WhiteListing\".\"Users\" where \"Login\" ='$login'"); $usrid = odbc_result($usrquery, "UserId"); $url = "select \"WhiteListing\".change_url('$curr_url','$new_url',$usrid)"; $ch_url= odbc_exec($db_conn,$url); if ($ch_url) return "1";//"select \"WhiteListing\".change_url('$curr_url','$new_url',$usrid)"; else return "-1"; } function del_site_url($siteid){ global $db_conn; $sql = "select \"WhiteListing\".del_site($siteid)"; $del_site = odbc_exec($db_conn,$sql); if ($del_site) return "del $site"; else return $sql; } function empty_sha1($fileid){ global $db_conn; $sql = "select \"WhiteListing\".empty_sha1($fileid )"; $empty_sha1 = odbc_exec($db_conn,$sql); if ($empty_sha1) return "$fileid - not associated with site"; else return $sql; } function add_site_atrib($isoem,$iscodesigner,$popler,$lastfp,$site,$comm){ global $db_conn; $site_rep = cut_site($site); if($lastfp=='' ){ $sql = "select \"WhiteListing\".add_site_atrib($isoem,$iscodesigner,$popler,'$site_rep','$comm')"; } else{ $sql = "select \"WhiteListing\".add_site_atrib($isoem,$iscodesigner,$popler,'$lastfp','$site_rep','$comm')"; } $atr_add = odbc_exec($db_conn,$sql); if ($atr_add) return "atributes added"; // else return "Changes not save"; else return $sql; } function lock_sha1($source){ global $db_conn; $usrid=whoisId(); $sql = "select \"WhiteListing\".lock_sha1($usrid,$source)"; $locks=odbc_exec($db_conn,$sql); if($locks) return "sha1 locks"; else return $sql; } function unlock_sha1($fileid){ global $db_conn; $sql = "select \"WhiteListing\".unlock_sha1($fileid)"; $unlocks=odbc_exec($db_conn,$sql); if($unlocks) return "sha1 unlocks"; else return $sql; } function unlock_all_sha1(){ global $db_conn; $usrid=whoisId(); $sql = "select \"WhiteListing\".unlock_all_sha1($usrid)"; $unlocks=odbc_exec($db_conn,$sql); if($unlocks) return "sha1 unlocks"; else return $sql; } function search_site(){ return " Enter Site Find "; } function search_sha1_head(){ return " Search Site Related to SHA1: Find "; } function set_search_sha1(){ return " "; } function search_sha1($sha1){ global $db_conn; $sql = "SELECT \"SiteURL\", \"PriorityDesc\" as \"Source\", \"VerdictDesc\", \"SiteId\", (select \"Login\" from \"WhiteListing\".\"Users\" where \"UserId\"=\"UserAdded\" )as \"User Added\", \"Sites\".\"DateAdded\", \"Sites\".\"Comments\" FROM \"WhiteListing\".\"FileSource\" join \"WhiteListing\".\"Sites\" as \"Sites\" using(\"SiteId\") join \"WhiteListing\".\"Verdicts\" using (\"VerdictId\") join \"WhiteListing\".\"Prioritytes\" using (\"PriorityId\") where \"SHA1\" ='$sha1'"; $site = odbc_exec($db_conn,$sql); $text = " Site Name Source Verdict User Added Data Added Comments "; while(odbc_fetch_row($site)){ $text .=""; $text .=""; $text .=""; $text .=""; $text .=""; $text .=""; } $text .=" Site Name Source Verdict User Added Data Added Comments ".odbc_result($site,"SiteURL")." ".odbc_result($site,"Source")." ".odbc_result($site,"VerdictDesc")." ".odbc_result($site,"User Added")." ".odbc_result($site,"DateAdded")." ".odbc_result($site,"Comments")." "; return $text; } ?>