-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathstage2.htm
More file actions
164 lines (135 loc) · 5.49 KB
/
stage2.htm
File metadata and controls
164 lines (135 loc) · 5.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
<?php
//
// Variables.
//
$report_folder = '/var/www/html/reports';
$db_file = 'sqlite:' . dirname(__FILE__) . '/db/wer.sqlite';
//
// Open database.
//
try
{
// Be sure database file and the directory are writable by web server user.
$pdo = new PDO($db_file);
$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // ERRMODE_WARNING | ERRMODE_EXCEPTION | ERRMODE_SILENT
}
catch(Exception $e)
{
echo "Unable to open database." . $e->getMessage();
die();
}
//
// Generate id_file_report.
//
// random_bytes() required PHP 7+. For previous versions, replace 'random_bytes(16)' with 'rand()'.
$idRandReport = bin2hex(random_bytes(16));
$subFolder = substr($idRandReport, 0, 2) . '/' . substr($idRandReport, 2, 2) . '/' . $idRandReport;
$reportFolder = $report_folder . '/' . $subFolder;
//
// Insert report into database.
//
$query = 'INSERT INTO reports (id_file_report, date, remote_ip) VALUES (:id_file_report, datetime(), :remote_ip);';
$prep = $pdo->prepare($query);
$prep->bindValue(':id_file_report', $idRandReport, PDO::PARAM_STR);
$prep->bindValue(':remote_ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
$prep->execute();
$idBucket = $pdo->lastInsertId();
//
// Create directory for the report.
// Be sure 'reports' folder is writable by web server user.
//
$result = mkdir($reportFolder, 0755, true);
if ($result === false)
{
die('Unable to create folder.');
}
//
// Write XML report to disk.
//
$postData = fopen("php://input", "r");
file_put_contents($reportFolder . '/report.xml', $postData);
//
// Read XML report and convert it to PHP object.
//
$xml = simplexml_load_file($reportFolder . '/report.xml')
or die("Unable to parse XML.");
//
// Update SQL entry with report information.
//
$query = 'UPDATE reports SET
[event.reporttype]=:e1, [event.type]=:e2, [event.description]=:e3, [event.friendlyname]=:e4, [event.time]=:e5,
[application.name]=:a1, [application.path]=:a2, [application.company]=:a3,
[machine.name]=:m1, [machine.os]=:m2,
[user.name]=:u1,
[files.count]=:files_count
WHERE id_report=:id_report';
$prep = $pdo->prepare($query);
$prep->bindValue(':e1', $xml->EVENTINFO->attributes()->{'reporttype'}, PDO::PARAM_INT);
$prep->bindValue(':e2', $xml->EVENTINFO->attributes()->{'eventtype'}, PDO::PARAM_STR);
$prep->bindValue(':e3', $xml->EVENTINFO->attributes()->{'eventdescription'}, PDO::PARAM_STR);
$prep->bindValue(':e4', $xml->EVENTINFO->attributes()->{'friendlyeventname'}, PDO::PARAM_STR);
$prep->bindValue(':e5', $xml->EVENTINFO->attributes()->{'eventtime'}, PDO::PARAM_INT);
$prep->bindValue(':a1', $xml->APPLICATIONINFO->attributes()->{'appname'}, PDO::PARAM_STR);
$prep->bindValue(':a2', $xml->APPLICATIONINFO->attributes()->{'apppath'}, PDO::PARAM_STR);
$prep->bindValue(':a3', $xml->APPLICATIONINFO->attributes()->{'appcompany'}, PDO::PARAM_STR);
$prep->bindValue(':m1', $xml->MACHINEINFO->attributes()->{'machinename'}, PDO::PARAM_STR);
$prep->bindValue(':m2', $xml->MACHINEINFO->attributes()->{'os'}, PDO::PARAM_STR);
$prep->bindValue(':u1', $xml->USERINFO->attributes()->{'username'}, PDO::PARAM_STR);
$prep->bindValue(':files_count', $xml->FILES->count(), PDO::PARAM_INT);
$prep->bindValue(':id_report', $idBucket, PDO::PARAM_INT);
$prep->execute();
//
// Udapte SQL entry with error signature.
//
$query = 'UPDATE reports SET ';
$id_count = 0;
foreach ($xml->SIGNATURE->PARAMETER as $param)
{
$id = (int)$param['id'];
if ($id_count > 0)
$query .= ", ";
$query .= "[signature.$id.name]=:name$id, [signature.$id.value]=:value$id";
$id_count++;
}
if ($id_count > 0)
{
$query .= ' WHERE id_report=:id_report';
$prep = $pdo->prepare($query);
foreach ($xml->SIGNATURE->PARAMETER as $param)
{
$id = (int)$param['id'];
$prep->bindValue(":name$id", $param['name'], PDO::PARAM_STR);
$prep->bindValue(":value$id", $param['value'], PDO::PARAM_STR);
}
$prep->bindValue(':id_report', $idBucket, PDO::PARAM_INT);
$prep->execute();
}
//
// Send response to client.
//
echo "iData=1\r\n";
printf("Bucket=%d\r\n", $idBucket);
echo "BucketTable=1\r\n";
// Replace 'SERVER_ADDR' with 'HTTP_HOST' for IIS.
printf("DumpServer=%s\r\n", $_SERVER['SERVER_ADDR']);
printf("DumpFile=/reports/%s/report.cab\r\n", $subFolder);
//
// Add supplemental directives (cf. [MS-CER2]).
//
// Add sections of the memory address space of the affected process to the error report.
//printf("MemoryDump=1\r\n");
// Collect loaded modules info (LoadedModules.xml).
//printf("ModuleInfo=1\r\n");
// Include specified files in the report.
//printf("GetFile=c:\\windows\\regedit.exe\r\n");
// Collect file version information (FileVer.txt).
//printf("GetFileVersion=c:\\windows\\notepad.exe\r\n");
// Collect the Windows Management Instrumentation (WMI) objects and include them in this error report (wql.txt).
//printf("WQL=SELECT * FROM Win32_Account\r\n");
// Collect Registry keys (registry.txt).
//printf("RegKey=HKEY_LOCAL_MACHINE\\SYSTEM\\Setup\r\n");
// Contents of any currently open documents in the software that generated the
// error report are to be added to the error report.
//printf("fDoc=1\r\n");
?>