Oxbian/SIDPS
1
0
Fork 0
mirror of https://github.com/Oxbian/SIDPS.git synced 2025-07-07 12:24:38 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

web2

Browse Source
This commit is contained in:
fra-2107
2024-11-22 13:58:16 -05:00
parent c6cf2b07f6
commit d4ae3c236b
13 changed files with 524 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
sql/sql.sql Normal file
View File

@ -0,0 +1,32 @@
#-----------------------------------------------
# Nettoyage des tables dans la base de données
#-----------------------------------------------
DROP TABLE IF EXISTS alertes;
#-----------------------------------------------
# Table: alertes
#----------------------------------------------
CREATE TABLE alertes (
id SERIAL PRIMARY KEY, -- Identifiant unique pour chaque alerte
cef_version VARCHAR(10) DEFAULT 'CEF:1', -- Version du format CEF utilisé
date_alerte TIMESTAMP(3) NOT NULL, -- Date et heure de l'alerte avec une précision de millisecondes
agent_severity INT CHECK (agent_severity >= 0 AND agent_severity <= 10), -- Niveau de gravité de l'alerte sur une échelle de 0 à 10
device_event_class_id VARCHAR(1023), -- Identifiant de la signature permettant d'aider les moteurs de corrélations
device_product VARCHAR(63), -- Nom du produit à l'origine de l'alerte
device_vendor VARCHAR(63), -- Nom du fournisseur ou fabricant du produit
device_version VARCHAR(31), -- Version du produit ou dispositif ayant généré l'alerte
name VARCHAR(512), -- Nom descriptif de l'alerte
-- Champ d'extension du CEF
dst VARCHAR(45), -- Adresse IP de destination impliquée dans l'alerte
src VARCHAR(45), -- Adresse IP source impliquée dans l'alerte
dpt INT, -- Port de destination utilisé pour l'événement ou l'alerte
spt INT, -- Port source de l'événement ou de l'alerte
msg VARCHAR(1023), -- Champ texte pour des notes ou commentaires additionnels concernant l'alerte
proto VARCHAR(10), -- Protocole réseau impliqué (ex : TCP, UDP)
bytesin INT, -- Quantité de bytes (8 bits ici) entrant (cas de flood ou DOS)
bytesout INT, -- Quantité des bytes (8 bits ici) sortants
reason VARCHAR(1023), -- Description de la raison de l'alerte expliquant pourquoi elle a été générée
act VARCHAR(50) -- Action entreprise en réponse à l'alerte (ex : bloqué, alerté uniquement, ...)
);

0
web/class/Alerts.class.php → web1/class/Alerts.class.php
View File

0
web/class/Database.class.php → web1/class/Database.class.php
View File

0
web/css/styles.css → web1/css/styles.css
View File

0
web/css/styles2.css → web1/css/styles2.css
View File

0
web/index.php → web1/index.php
View File

0
web/tmp.html → web1/tmp.html
View File

172
web2/index.php Normal file
View File

@ -0,0 +1,172 @@
<?php
ini_set('display_errors', 'on');
error_reporting(E_ALL);
spl_autoload_register(function ($class) {
include 'class/' . $class . '.class.php';
});
$db = new Database();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>IDPS visualization</title>
<link rel="icon" type="image/x-icon" href="assets/favicon.ico"><!-- Core theme CSS (includes Bootstrap)-->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link href="/css/styles.css" rel="stylesheet">
<!-- JS Scripts -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.slim.min.js"
integrity="sha256-pasqAKBDmFT4eHoN2ndd6lN370kFiGUFyTiUHWhU7k8=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"
integrity="sha256-x3YZWtRjM8bJqf48dFAv/qmgL68SI4jqNWeSLMZaMGA=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js"
integrity="sha256-WqU1JavFxSAMcLP2WIOI+GB2zWmShMI82mTpLDcqFUg=" crossorigin="anonymous"></script>
<script src="js/ajax.js" defer></script>
<!-- TODO -->
<script src="js/tweets.js" defer></script>
</head>
<body id="page-top">
<!-- Navigation-->
<nav class="navbar navbar-expand-lg navbar-dark bg-dark fixed-top" id="mainNav">
<div class="container px-4"><a class="navbar-brand" href="#page-top">Alerts</a><button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarResponsive" aria-controls="navbarResponsive" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button>
<div class="collapse navbar-collapse" id="navbarResponsive">
<ul class="navbar-nav ms-auto">
<!-- TODO changer ? -->
<!-- <li class="nav-item"><a class="nav-link" href="/">Accueil</a></li>
<li class="nav-item"><a class="nav-link" href="#echouage">Liste des échouages</a></li>
<li class="nav-item"><a class="nav-link" href="add.php">Enregistrer un echouage</a></li>
<li class="nav-item"><a class="nav-link" href="stats.php">statistiques</a></li> -->
</ul>
</div>
</div>
</nav><!-- Header-->
<header class="bg-primary bg-gradient text-white">
<div class="container px-4 text-center">
<h1 class="fw-bolder">Alertes systemes</h1>
<p class="lead">meilleur outil de surveillance du monde</p>
<a class="btn btn-lg btn-light" href="#alertes">Alertes</a>
</div>
</header>
<section class="bg-light" id="alertes">
<div class="container px-4">
<div class="row gx-4 justify-content-center">
<div class="col-lg-8">
<h2>Liste des Attaques</h2>
<p class="lead">veuillez selectionner les filtres de recherche ou parcourez la liste ci-dessous</p>
<!-- ici les filtres -->
<form class="row g-3" method="POST">
<div class="col-auto">
<select class="form-select" aria-label="Choisir un niveau d'alerte" name="event_gravite">
<option selected value="">niveau d'alerte</option>
<?php for ($i = 1; $i <= 10; $i++) : ?>
<option value="<?php echo $i; ?>"><?php echo $i; ?></option>
<?php endfor; ?>
</select>
</div>
<div class="col-auto">
<select class="form-select" aria-label="Chosisir une device" name="device_product">
<option selected value="">Appareil de détection</option>
<?php
$devices = $db->getDevices();
foreach ($devices as $device) : ?>
<option value="<?php echo $device->getDeviceProduct(); ?>"><?php echo $device->getDeviceProduct(); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="col-auto ms-auto me-0">
<button type="submit" class="btn btn-primary mb-3">Filtrer</button>
</div>
</form>
<table class="table table-striped">
<thead class="bg-primary text-white">
<tr>
<th scope="col" class="id">N°</th>
<th scope="col" class="Date">Date</th>
<th scope="col" class="label">Nom alerte</th>
<th scope="col" class="label">Appareil de détection</th>
<th scope="col" class="label">Adresse source</th>
<th scope="col" class="label">Niveau d'alerte</th>
<th scope="col" class="label"></th>
<th scope="col" class="label"></th>
</tr>
</thead>
<tbody style="border: 1px solid black;">
</tbody>
</table>
<nav aria-label="Page navigation">
<ul class="pagination">
<?php
$nb_echouage = $db->getnbAlerts();
$nb_page = ceil($nb_echouage / 20);
if (isset($_GET["page"])) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
if ($nb_page > 1) {
echo "<li class='page-item col-auto'><a class='page-link' href=index.php?page=1'>première page</a></li>";
}
if ($page > 1) {
echo "<li class='page-item col-auto'><a class='page-link' href=index.php?page=" . strval($page - 1) . "'>" . strval($page - 1) . "</a></li>";
}
echo "<li class='page-item col-auto'><a class='page-link' style=href=index.php?page=" . $page . "'>" . $page . "</a></li>";
if (($page) < $nb_page) {
echo "<li class='page-item col-auto'><a class='page-link' href=index.php?page=" . strval($page + 1) . "'>" . strval($page + 1) . "</a></li>";
}
if ($nb_page > 1) {
echo "<li class='page-item col-auto'><a class='page-link' href=index.php?page=" . strval($nb_page) . "'>dernière page</a></li>";
}
?>
</ul>
</nav>
</div>
</div>
</div>
</section><!-- Contact section-->
<footer class="py-5 bg-dark">
<div class="container px-4">
<p class="m-0 text-center text-white">Copyright &copy; CIR2 2023/<a class="text-white" href="https://www.observatoire-pelagis.cnrs.fr/">Pelagis</a></p>
</div>
</footer><!-- Bootstrap core JS-->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script><!-- Core theme JS-->
<!-- <script src="js/scripts.js"></script> -->
</body>
</html>

68
web2/js/ajax.js Normal file
View File

@ -0,0 +1,68 @@
'use strict';
//------------------------------------------------------------------------------
//--- ajaxRequest --------------------------------------------------------------
//------------------------------------------------------------------------------
// Perform an Ajax request.
// \param type The type of the request (GET, DELETE, POST, PUT).
// \param url The url with the data.
// \param callback The callback to call where the request is successful.
// \param data The data associated with the request.
function ajaxRequest(type, url, callback, data = null)
{
let xhr;
// Create XML HTTP request.
xhr = new XMLHttpRequest();
if (type == 'GET' && data != null)
url += '?' + data;
xhr.open(type, url);
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
// Add the onload function.
xhr.onload = () =>
{
switch (xhr.status)
{
case 200:
case 201:
console.log(xhr.responseText);
callback(JSON.parse(xhr.responseText));
break;
default:
httpErrors(xhr.status);
}
};
// Send XML HTTP request.
xhr.send(data);
}
//------------------------------------------------------------------------------
//--- httpErrors ---------------------------------------------------------------
//------------------------------------------------------------------------------
// Display an error message accordingly to an error code.
// \param errorCode The error code (HTTP status for example).
function httpErrors(errorCode)
{
let messages =
{
400: 'Requête incorrecte',
401: 'Authentifiez vous',
403: 'Accès refusé',
404: 'Page non trouvée',
500: 'Erreur interne du serveur',
503: 'Service indisponible'
};
// Display error.
if (errorCode in messages)
{
$('#errors').html('<strong>' + messages[errorCode] + '</strong>');
$('#errors').show();
setTimeout(() =>
{
$('#errors').hide();
}, 5000);
}
}

72
web2/js/tweets.js Normal file
View File

@ -0,0 +1,72 @@
'use strict';
let login = 'cir2';
let currentTitle = 'Liste des tweets';
ajaxRequest('GET', 'php/request.php/tweets/', displayTweets);
$('#all-button').click(() =>
{
currentTitle = 'Liste des tweets';
ajaxRequest('GET', 'php/request.php/tweets/', displayTweets);
}
);
$('#my-button').click(() =>
{
currentTitle = 'Liste de mes tweets';
ajaxRequest('GET', 'php/request.php/tweets/?login=' + login, displayTweets);
}
);
$('#tweet-add').submit((event) =>
{
event.preventDefault();
ajaxRequest('POST', 'php/request.php/tweets/', () =>
{
ajaxRequest('GET', 'php/request.php/tweets/', displayTweets);
}, 'login=' + login + '&text=' + $('#tweet').val());
$('#tweet').val('');
}
);
$('#tweets').on('click', '.mod', () =>
{
ajaxRequest('PUT', 'php/request.php/tweets/' +
$(event.target).closest('.mod').attr('value'), () =>
{
ajaxRequest('GET', 'php/request.php/tweets/', displayTweets);
}, 'login=' + login + '&text=' + prompt('Nouveau tweet :'));
}
);
$('#tweets').on('click', '.del', () =>
{
console.log('delete');
ajaxRequest('DELETE', 'php/request.php/tweets/' +
$(event.target).closest('.del').attr('value') +'?login=' + login, () =>
{
ajaxRequest('GET', 'php/request.php/tweets/', displayTweets);
}
);
}
);
//------------------------------------------------------------------------------
//--- displayTweets ------------------------------------------------------------
//------------------------------------------------------------------------------
// Display tweets.
// \param tweets The tweets data received via the Ajax request.
function displayTweets(tweets)
{
// Fill tweets.
$('#tweets').html('<h3>' + currentTitle + '</h3>');
for (let tweet of tweets)
$('#tweets').append('<div class="card"><div class="card-body">' +
tweet.login + ' : ' + tweet.text +
'<div class="btn-group float-right" role="group">' +
'<button type="button" class="btn btn-light float-right mod"' +
' value="' + tweet.id + '"><i class="fa fa-edit"></i></button>' +
'<button type="button" class="btn btn-light float-right del"' +
' value="' + tweet.id + '"><i class="fa fa-trash"></i></button>' +
'<div></div></div>');
}

7
web2/php/constants.php Normal file
View File

@ -0,0 +1,7 @@
<?php
// Database constants.
define('DB_USER', 'sidps');
define('DB_PASSWORD', 'sidps');
define('DB_NAME', 'sidps');
define('DB_SERVER', 'localhost');
?>

127
web2/php/database.php Normal file
View File

@ -0,0 +1,127 @@
<?php
require_once('constants.php');
//----------------------------------------------------------------------------
//--- dbConnect --------------------------------------------------------------
//----------------------------------------------------------------------------
// Create the connection to the database.
// \return False on error and the database otherwise.
function dbConnect()
{
try
{
$db = new PDO('mysql:host='.DB_SERVER.';dbname='.DB_NAME.';charset=utf8',
DB_USER, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $exception)
{
error_log('Connection error: '.$exception->getMessage());
return false;
}
return $db;
}
//----------------------------------------------------------------------------
//--- dbRequestAlertes --------------------------------------------------------
//----------------------------------------------------------------------------
// Function to get all alertes
// \param db The connected database.
// \return The list of alertes.
function dbRequestAlerts($db)
{
try
{
$request = 'SELECT * FROM alertes';
$statement = $db->prepare($request);
$statement->execute();
$result = $statement->fetchAll(PDO::FETCH_ASSOC);
}
catch (PDOException $exception)
{
error_log('Request error: '.$exception->getMessage());
return false;
}
return $result;
}
//----------------------------------------------------------------------------
//--- dbAddCTweet ------------------------------------------------------------
//----------------------------------------------------------------------------
// Add a tweet.
// \param db The connected database.
// \param login The login of the user.
// \param text The tweet to add.
// \return True on success, false otherwise.
function dbAddTweet($db, $login, $text)
{
try
{
$request = 'INSERT INTO tweets(login, text) VALUES(:login, :text)';
$statement = $db->prepare($request);
$statement->bindParam(':login', $login, PDO::PARAM_STR, 20);
$statement->bindParam(':text', $text, PDO::PARAM_STR, 80);
$statement->execute();
}
catch (PDOException $exception)
{
error_log('Request error: '.$exception->getMessage());
return false;
}
return true;
}
//----------------------------------------------------------------------------
//--- dbModifyTweet ----------------------------------------------------------
//----------------------------------------------------------------------------
// Function to modify a tweet.
// \param db The connected database.
// \param id The id of the tweet to update.
// \param login The login of the user.
// \param text The new tweet.
// \return True on success, false otherwise.
function dbModifyTweet($db, $id, $login, $text)
{
try
{
$request = 'UPDATE tweets SET text=:text WHERE id=:id AND login=:login ';
$statement = $db->prepare($request);
$statement->bindParam(':id', $id, PDO::PARAM_INT);
$statement->bindParam(':login', $login, PDO::PARAM_STR, 20);
$statement->bindParam(':text', $text, PDO::PARAM_STR, 80);
$statement->execute();
}
catch (PDOException $exception)
{
error_log('Request error: '.$exception->getMessage());
return false;
}
return true;
}
//----------------------------------------------------------------------------
//--- dbDeleteTweet ----------------------------------------------------------
//----------------------------------------------------------------------------
// Delete a tweet.
// \param db The connected database.
// \param id The id of the tweet.
// \param login The login of the user.
// \return True on success, false otherwise.
function dbDeleteTweet($db, $id, $login)
{
try
{
$request = 'DELETE FROM tweets WHERE id=:id AND login=:login';
$statement = $db->prepare($request);
$statement->bindParam(':id', $id, PDO::PARAM_INT);
$statement->bindParam(':login', $login, PDO::PARAM_STR, 20);
$statement->execute();
}
catch (PDOException $exception)
{
error_log('Request error: '.$exception->getMessage());
return false;
}
return true;
}
?>

46
web2/php/request.php Normal file
View File

@ -0,0 +1,46 @@
<?php
require_once('database.php');
// Database connexion.
$db = dbConnect();
if (!$db)
{
header ('HTTP/1.1 503 Service Unavailable');
exit;
}
// Check the request.
$requestMethod = $_SERVER['REQUEST_METHOD'];
$request = $_SERVER['PATH_INFO'];
$request = explode('/', $request);
if ($request[1] != 'alertes')
{
header('HTTP/1.1 400 Bad Request');
exit;
}
if ($requestMethod == 'GET')
{
$data = dbRequestAlerts($db);
}
if ($requestMethod == 'PUT')
{
parse_str(file_get_contents('php://input'), $_PUT);
if($id !=''&&isset($_PUT['login'])&&isset($_PUT['text']))
$data = dbModifyTweet($db, $id, $_PUT['login'], strip_tags($_PUT['text']));
}
// Send data to the client.
header('Content-Type: application/json; charset=utf-8');
header('Cache-control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
if($requestMethod == 'POST')
header('HTTP/1.1 201 Created');
else
header('HTTP/1.1 200 OK');
echo json_encode($data);
exit;
?>