Add Nagios XI exploit

Author: wvu

data/exploits/nagios_xi/profile.zip

@@ -0,0 +1,9 @@
+02-19-2013 1.2
+------------
+- Added New functionality to download LOG files and latest snapshots in a zip for support. - SL
+- Added ps -aef to the log list - SL
+
+
+08-28-2012 1.1
+----------
+- Added XI Version -SW

data/exploits/nagios_xi/profile/CHANGES.txt

@@ -0,0 +1,64 @@
+#!/bin/bash
+
+
+echo "-------------------Fetching Information-------------------"
+
+echo "Please wait......."
+
+tail -100 /usr/local/nagios/var/nagios.log &> /usr/local/nagiosxi/var/components/profile/nagios.txt;
+
+echo "Creating nagios.txt...";
+
+tail -100 /usr/local/nagios/var/perfdata.log &> /usr/local/nagiosxi/var/components/profile/perfdata.txt;
+
+echo "Creating perfdata.txt...";
+
+tail -100 /usr/local/nagios/var/npcd.log &> /usr/local/nagiosxi/var/components/profile/npcd.txt;
+
+echo "Creating npcd.txt...";
+
+tail -100 /usr/local/nagiosxi/var/cmdsubsys.log > /usr/local/nagiosxi/var/components/profile/cmdsubsys.txt;
+
+echo "Creating cmdsubsys.txt...";
+
+tail -100 /usr/local/nagiosxi/var/eventman.log > /usr/local/nagiosxi/var/components/profile/eventman.txt;
+
+echo "Creating eventman.txt...";
+
+############ We'll need a sudoers rule for these, only root can read them
+
+#tail -100 /var/log/messages > /usr/local/nagiosxi/var/components/profile/systemlog.txt;
+
+#echo "Creating systemlog.txt...";
+
+#tail -100 /var/log/httpd/error_log > /usr/local/nagiosxi/var/components/profile/apacheerrors.txt;
+
+#echo "Creating apacheerrors.txt...";
+
+#tail -100 /var/log/mysqld.log > /usr/local/nagiosxi/var/components/profile/mysqllog.txt;
+
+#echo "Creating mysqllog.txt...";
+
+df -h > /usr/local/nagiosxi/var/components/profile/filesystem.txt;
+
+echo "Creating filesystem.txt...";
+
+ps -aef > /usr/local/nagiosxi/var/components/profile/psaef.txt;
+
+echo "Dumping PS - AEF to psaef.txt...";
+
+top -b -n 1 > /usr/local/nagiosxi/var/components/profile/top.txt;
+
+echo "Creating top log...";
+
+FILE=$(ls /usr/local/nagiosxi/nom/checkpoints/nagioscore/ | sort -n -t _ -k 2 | grep .gz | tail -1); cp /usr/local/nagiosxi/nom/checkpoints/nagioscore/$FILE /usr/local/nagiosxi/var/components/profile/;
+
+echo "Adding latest snapshot to: `pwd`"
+
+## temporarily change to that directory, zip, then leave
+(
+	cd /usr/local/nagiosxi/var/components/ && zip -r profile.zip profile
+)
+echo "Zipping logs directory...";
+
+echo "Backup and Zip complete!";

data/exploits/nagios_xi/profile/getprofile.sh

@@ -0,0 +1,106 @@
+<?php 
+// MASS ACKNOWLEDGE COMPONENT
+//
+// Copyright (c) 2010 Nagios Enterprises, LLC.  All rights reserved.
+//  
+// $Id: profile.inc.php 115 2010-08-16 16:15:26Z mguthrie $
+
+//include the helper file
+require_once(dirname(__FILE__).'/../componenthelper.inc.php');
+
+// respect the name
+$profile_component_name="profile";
+
+// run the initialization function
+profile_component_init();
+
+////////////////////////////////////////////////////////////////////////
+// COMPONENT INIT FUNCTIONS
+////////////////////////////////////////////////////////////////////////
+
+function profile_component_init(){
+	global $profile_component_name;
+	
+	//boolean to check for latest version
+	$versionok=profile_component_checkversion();
+	
+	//component description
+	$desc=gettext("This component creates a system profile menu in the Admin panel 
+	which can be used for troubleshooting purposes.");
+	
+	if(!$versionok)
+		$desc="<b>".gettext("Error: This component requires Nagios XI 20011R1.1 or later.")."</b>";
+	
+	//all components require a few arguments to be initialized correctly.  
+	$args=array(
+
+		// need a name
+		COMPONENT_NAME => $profile_component_name,
+		COMPONENT_VERSION => '1.1', 
+		COMPONENT_DATE => '8/28/2012',
+
+		// informative information
+		COMPONENT_AUTHOR => "Nagios Enterprises, LLC",
+		COMPONENT_DESCRIPTION => $desc,
+		COMPONENT_TITLE => "System Profile",
+
+		);
+	
+	//register this component with XI 
+	register_component($profile_component_name,$args);
+	
+	// register the addmenu function
+	if($versionok)
+		register_callback(CALLBACK_MENUS_INITIALIZED,'profile_component_addmenu');
+	}
+	
+
+
+
+///////////////////////////////////////////////////////////////////////////////////////////
+// MISC FUNCTIONS
+///////////////////////////////////////////////////////////////////////////////////////////
+
+function profile_component_checkversion(){
+
+	if(!function_exists('get_product_release'))
+		return false;
+	//requires greater than 2011R1
+	if(get_product_release()<201)
+		return false;
+
+	return true;
+	}
+	
+function profile_component_addmenu($arg=null){
+	global $profile_component_name;
+	//retrieve the URL for this component
+	$urlbase=get_component_url_base($profile_component_name);
+	//figure out where I'm going on the menu	
+	$mi=find_menu_item(MENU_ADMIN,"menu-admin-managesystemconfig","id");
+	if($mi==null) //bail if I didn't find the above menu item 
+		return;
+		
+	$order=grab_array_var($mi,"order","");  //extract this variable from the $mi array 
+	if($order=="")
+		return;
+		
+	$neworder=$order+0.1; //determine my menu order 
+
+	//add this to the main home menu 
+	add_menu_item(MENU_ADMIN,array(
+		"type" => "link",
+		"title" => "System Profile",
+		"id" => "menu-admin-profile",
+		"order" => $neworder,
+		"opts" => array(
+			//this is the page the menu will actually point to.
+			//all of my actual component workings will happen on this script
+			"href" => $urlbase."/profile.php",      
+			)
+		));
+
+	}
+
+
+?>