def main():
'''策略执行入口'''
args = None
parser = create_parser()
try:
args = parser.parse_args()
except:
return
if not args.strategy_id:
parser.print_usage()
sys.exit(1)
setup_cscan_poc_logger(verbose=args.verbose,
very_verbose=args.very_verbose)
(strategy_id, index_dir) = (args.strategy_id, args.index_dir)
strategy = None
try:
logger.debug('查找 Strategy[id=%s] index_dir=%s', strategy_id, index_dir)
strategy = find_strategy(strategy_id, index_dir)
except:
logger.exception('Strategy[id=%s, index_dir=%s]加载失败,退出执行', strategy_id,
index_dir)
raise
try:
if args.component:
strategy.component_name = args.component
strategy.run(args=args)
except:
logger.exception('%s执行异常', strategy)
def indexing_strategies(strategy_dir, index_dir=None):
strategy_ind_file = INDEX_CONFIG.get_strategy_index_file(index_dir)
with open(strategy_ind_file, 'w') as strategy_ind:
mod_count = 0
successful_count = 0
strategy_ids = {}
for (mod, dirpath, filename) in iter_modules(strategy_dir):
pth = os.path.join(dirpath, filename)
mod_count += 1
progress(mod_count, successful_count, '处理模块', pth)
strategy = None
try:
strategy = load_strategy_mod(mod)
except:
logger.exception('模块加载出错: %s', pth)
continue
if strategy.strategy_id in strategy_ids:
logger.warning('相同 id 的策略在 %s 已经出现: %s',
strategy_ids[strategy.strategy_id], pth)
continue
strategy_ids[strategy.strategy_id] = pth
strategy_dict = dump_strategy_to_dict(strategy)
strategy_dict['__file__'] = pth
strategy_dict['__class__'] = strategy.__class__.__name__
_write_obj(strategy_ind, strategy_dict)
successful_count += 1
logger.info('*********** 成功加载 %s 个模块【共计 %s 个】**********', successful_count,
mod_count)
def indexing_pocs(poc_dir, index_dir=None):
(vuln_ind_file,
poc_ind_file) = (INDEX_CONFIG.get_vuln_index_file(index_dir),
INDEX_CONFIG.get_poc_index_file(index_dir))
vuln_ids = set({})
poc_ids = set({})
logger.info('开始查找 %s 下的 POC 信息', poc_dir)
with open(poc_ind_file, 'w') as poc_ind, \
open(vuln_ind_file, 'w') as vuln_ind:
mod_count = 0
successful_count = 0
for (mod, poc_dir, poc_file) in iter_modules(poc_dir):
poc_path = os.path.join(poc_dir, poc_file)
mod_count += 1
progress(mod_count, successful_count, '处理POC模块', poc_path)
(vuln, pocs) = (None, None)
try:
(vuln, pocs) = load_poc_mod(mod)
except:
logger.exception('模块加载出错: %s', poc_path)
if vuln is not None and vuln.vuln_id not in vuln_ids:
vuln_ids.add(vuln.vuln_id)
_write_obj(vuln_ind, dump_vuln_to_dict(vuln))
for poc in pocs:
if poc.poc_id not in poc_ids:
poc_ids.add(poc.poc_id)
poc_dict = dump_poc_to_dict(poc)
poc_dict['__file__'] = os.path.join(poc_dir, poc_file)
poc_dict['__class__'] = poc.__class__.__name__
_write_obj(poc_ind, poc_dict)
successful_count += 1
logger.info('*********** 成功加载 %s 个模块【共计 %s 个】**********', successful_count,
mod_count)
def main():
args = None
parser = create_cmd_parser()
try:
args = parser.parse_args()
except:
logger.exception('解析错误')
raise
setup_cscan_poc_logger(verbose=args.verbose,
very_verbose=args.very_verbose)
logger.debug('解析组件属性')
components_properties = {}
parse_properties(args, components_properties=components_properties)
logger.info('开始尝试推荐任务')
recommend(components_properties)
def main():
'''POC 执行入口'''
args = None
parser = create_parser()
try:
args = parser.parse_args()
except:
logger.exception('解析错误')
raise
if not args.poc_id:
parser.print_usage()
logger.warning('参数解析错误: poc-id 为空')
return
if not args.url:
parser.print_usage()
logger.warning('参数解析错误: url 为空')
return
setup_cscan_poc_logger(verbose=args.verbose,
very_verbose=args.very_verbose)
(poc_id, index_dir) = (args.poc_id, args.index_dir)
poc = None
try:
logger.debug('查找 POC[id=%s] index_dir=%s', poc_id, index_dir)
poc = find_poc(poc_id, index_dir)
except:
logger.exception('POC[id=%s, index_dir=%s]加载失败,退出执行', poc_id,
index_dir)
raise
try:
poc.run(args=args)
except:
logger.exception('%s执行异常', poc)
logger.info('开始索引 POC ...')
indexing_pocs(args.poc_dir, args.index_dir)
if not args.skip_indexing_strategy and args.strategy_dir:
logger.info('开始索引策略 ...')
indexing_strategies(args.strategy_dir, args.index_dir)
if args.vuln_detail_dir or not args.skip_syncing:
cnx = mysql.connector.connect(user=args.user,
password=args.passwd,
host=args.host,
database=args.db,
port=args.port,
charset='utf8')
cscan_db = CScanDb(cnx, args.index_dir, args.update)
if args.vuln_detail_dir:
logger.info('同步漏洞详情...')
cscan_db.sync_vuln_detail(args.vuln_detail_dir,
args.vuln_detail_static_dir,
args.vuln_ids)
else:
logger.info('开始同步数据...')
cscan_db.sync_poc()
cscan_db.sync_strategy()
if __name__ == '__main__':
try:
main()
except:
logger.exception('执行出错')