Open-AudIT
https://www.open-audit.org/phpBB3/

Easy Audit
https://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=3053
Page 1 of 1

Author:  Slyers [ Tue Nov 04, 2008 10:49 pm ]
Post subject:  Easy Audit

Hello everybody,
I 'm sorry for my english which is very basic (i am French).
I wanna post this topic because i've just find a tips to audit easily Windows computer, and I think it could interest someone.
To my mind, I've installed Open-Audit on Debian and I use the last version.
Okay, With a Domain admin account, on a windows browser, type this:

http://212.15.17.223/OpenAudit/launch_local_audit.php?hostname=NAMEOFCOMPUTER&domain=YOURDOMAIN&application=cmd&ext=vbs&

More fastly:
you must have audited one Windows Computer before,
Then, in the summary page of this computer, go on "Audit now" and realize a right clic, "Copy Shortcut"
After, paste it as an URL, and change the Name of the computer:

As far as i am concerned, it works. :D
Thanks to the people who develop this software.

Author:  A_Hull [ Wed Nov 05, 2008 1:49 am ]
Post subject:  Re: Easy Audit

Thanks for the thanks, and your observation...that's just given me an idea... :D

Author:  Slyers [ Thu Dec 04, 2008 7:35 pm ]
Post subject:  Re: Easy Audit

Hello, I come back. :D
I use the tips to code 2 php pages in order to add computer more easily .
I'm sorry but it's possible that several words been in french.

I change the code of admin_pc_add_1.php for this:

Code:
<?php
$page = "add_pc";
include "include.php";

echo "<td valign=\"top\">\n";
echo "<div class=\"main_each\">";
echo "<p class=\"contenthead\">".__("Add a PC")."</p>\n";
?>


PC Name &nbsp&nbsp&nbsp Domain
<form action="exec.php" method="post">
<p>
<input type="text" name="hostname" />
<input type="text" name="domain" />
<input type="submit" value="let's go" />
</p>
</form>

<?
echo "<table>\n";
include "include_right_column.php";
echo "</body>\n";
echo "</html>\n";
?>


and I create exec.php

Code:
<?php
$host = $_POST['hostname'];
$domain = $_POST['domain'];
echo "PC: $host <br />";
echo "Domain : $domain <br />";
echo '<a href="launch_local_audit.php?hostname=', urlencode($host), '&domain=', urlencode($domain), '&application=cmd&ext=vbs&">Send</a>';
?>


It's not great but It works for me.
Just one question, pages return me audit with an UUID which is not mac address, where can i change it?
(It's not in audit.config because "uuid_type = mac" is already specified here)

I'm sorry for my english, I try to improve it :wink: .

Author:  A_Hull [ Thu Dec 04, 2008 11:54 pm ]
Post subject:  Re: Easy Audit

I like where this is heading... :D

The UUID setting is coming from list_export_config.php but the plan is ultimately to keep these setting in the database.

Author:  Slyers [ Thu Jan 29, 2009 1:47 am ]
Post subject:  Re: Easy Audit

I've written two new pages...

Firstly, admin_pc_add_1.php:

Code:
<?php
$page = "add_pc";
include "include.php";

echo "<td valign=\"top\">\n";
echo "<div class=\"main_each\">";
echo "<p class=\"contenthead\">".__("Add a PC")."</p>\n";
?>


<form action="exec.php" method="post">
<p>
<table>
<tr>
<td></td>
<td></td>
<td>Serveur :</td>
<td><input type="text" name="hostname" size="15"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>Domaine :</td>
<td><input name="domain" type="text" size="15"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>Login :</td>
<td><input type="text" name="login" size="15"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>Password :</td>
<td><input type="password" name="pwd" size="15"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td><input type="submit" value="Envoyer" name="Envoyer"></td>
</tr>
</table>
</form>

<?php
echo "</td>\n";
include "include_right_column.php";
echo "</body>\n";
echo "</html>\n";
?>


Secondly, exec.php :

Code:
<?php
set_time_limit(75);
//Recuperation of values which are sending by admin_pc_add_1.php
$host = $_POST['hostname'];
$domain = $_POST['domain'];
$log = $_POST['login'];
$mdp = $_POST['pwd'];
echo "PC Added : $host with user $domain\\$log .<br />";
//Execution of audit.vbs
exec("cscript c:\wamp\www\OpenAudit\scripts\audit.vbs $host $domain\\$log $mdp");
//Return automatically to index.php
echo "<script type=\"text/javascript\">
window.location.href='http://IP_address/OpenAudit/index.php';
</script>";
exit;
?>


As far i am concerned, i have two Open Audit servers, 1 Linux (for production) , 1 Windows 2000 (for test).
Since my scripts need to execute a vb script, I can't use them on my Debian, but i hope it will able to use by someone.
I've found a solution for Linux:

admin_pc_add_1.php:

Code:
<?php
echo "<script type=\"text/javascript\">
window.location.href='http://172.30.1.161/OpenAudit/launch_local_audit.php';
</script>";
exit;
?>


and uncomment line 199 to 209 in audit.vbs.

Now, when you go on ADD PC, it asks you name, login and password of remote server.

I'm sorry for my english, I try to improve it :D

Author:  A_Hull [ Thu Jan 29, 2009 3:17 am ]
Post subject:  Re: Easy Audit

Might I suggest you code this as a separate page, so there is no risk of breaking the existing auditing (admin_pc_add_from_linux_now.php and admin_pc_add_from_windows_now.php perhaps) and an additional link on the Admin menu.

We would then need to incorporate a bit of "magic" to find out if we are running on Linux or Windows (from the php version or whatever) and launch the correct application.

Loving your work! :D

Author:  Slyers [ Thu Jan 29, 2009 6:09 pm ]
Post subject:  Re: Easy Audit

I am not sure to understand that you've written (I've few difficults with english language, but as i say it often, i try to improve it).

In fact, my 2 code pages depend on OS where Open Audit is installed, and not on OS which is audited...

Author:  A_Hull [ Fri Jan 30, 2009 11:39 pm ]
Post subject:  Re: Easy Audit

Slyers wrote:
In fact, my 2 code pages depend on OS where Open Audit is installed, and not on OS which is audited...


What I mean is that we can execute code on the server to try to work out what OS the server is running on.. and what OS the client is on.
Using this info, we can launch a suitable server process to launch the remote audit.

One of the good things about PHP is most of the hard work has been done for you, for example the code I hacked together below will try to run ver and uname to find out the server OS.

(Any other uniquely DOS and Unix command would work for this type of test).


Code:
<?php
echo '<pre>';

// Outputs all the result of shellcommand "uname", and returns
// the last output line into $last_line. Stores the return value
// of the shell command in $retval.
$last_line = system('uname', $retval);

// Printing additional info
echo '
</pre>

<hr />Return value of uname command: ' . $retval.'<pre>';

// Outputs all the result of shellcommand "ver", and returns
// the last output line into $last_line. Stores the return value
// of the shell command in $retval.

$last_line = system('ver', $retval);

// Printing additional info
echo '
<hr />Return value of ver command: ' . $retval.'</pre>';





?>

Author:  A_Hull [ Fri Jan 30, 2009 11:41 pm ]
Post subject:  Re: Easy Audit

This might help too. (From: http://uk3.php.net/manual/en/function.exec.php )
This will run a command in the background regardless of the underlying server OS.

Code:
<?php
function execInBackground($cmd) {
    if (substr(php_uname(), 0, 7) == "Windows"){
        pclose(popen("start /B ". $cmd, "r"));
    }
    else {
        exec($cmd . " > /dev/null &"); 
    }
}
?>

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/