def UpdatePassword(request):#更新密码
RequestLogRecord(request, request_api="update_password")
if request.method == "POST":
try:
UserName=json.loads(request.body)["username"]
OldPasswd=json.loads(request.body)["old_passwd"]
NewPasswd = json.loads(request.body)["new_passwd"]
VerificationCodeKey = json.loads(request.body)["verification_code_key"]#获取验证码关联的KEY
Code = json.loads(request.body)["verification_code"].lower()#获取验证码
if VerificationCodeKey!=None and Code!=None:#判断传入数据不为空
VerificationCodeResult=VerificationCode().Query(code=Code,verification_code_key=VerificationCodeKey)#获取判断
if VerificationCodeResult:#如果为真,进行登录验证
Md5NewPasswd = Md5Encryption().Md5Result(NewPasswd) # 对新密码加密
Md5OldPasswd = Md5Encryption().Md5Result(OldPasswd) # 对旧密码加密
UpdatePassword=UserInfo().UpdatePasswd(name=UserName,old_passwd=Md5OldPasswd,new_passwd=Md5NewPasswd)
if UpdatePassword:
UserOperationLogRecord(request, request_api="update_password", uid=UserName)#如果修改成功写入数据库中
return JsonResponse({'message': '好耶!修改成功~', 'code': 200, })
else:
return JsonResponse({'message': "输入信息有误重新输入", 'code': 404, })
else:
return JsonResponse({'message': "验证码错误或者过期!", 'code': 503, })
else:
return JsonResponse({'message': "验证码或者验证码秘钥不能为空!", 'code': 504, })
except Exception as e:
ErrorLog().Write("Web_BasicFunctions_User_UpdatePassword(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def ReadTemplate(request): #用读取数据库中模板文件
RequestLogRecord(request, request_api="read_cross_site_script_template")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(
request,
request_api="read_cross_site_script_template",
uid=Uid)
TemplateData = CrossSiteScriptTemplate().Query(
uid=Uid) #查询用户自定义的模板数据
return JsonResponse({
'message': TemplateData,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CrossSiteScriptHub_TemplateManagement_ReadTemplate(def)",
e)
return JsonResponse({
'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def PersonalInformation(request):#用户个人信息
RequestLogRecord(request, request_api="personal_information")
if request.method == "POST":
try:
Token=json.loads(request.body)["token"]
Info=UserInfo().QueryUserInfo(Token)
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询用户名
if Uid!=None: # 查到了UID
UserOperationLogRecord(request, request_api="personal_information", uid=Uid)
if Info is None:
return JsonResponse({'message': '搁着闹呢?', 'code': 404, })
elif Info != None:
JsonValues = {}#对数据进行二次处理
JsonValues["id"] = Info["id"]
JsonValues["key"] = Info["key"]
JsonValues["name"] = Info["name"]
JsonValues["token"] = Info["token"]
JsonValues["show_name"] = Info["show_name"]
JsonValues["email"] = Info["email"]
JsonValues["avatar"] = Info["avatar"]
return JsonResponse({'message': JsonValues, 'code': 200, })
except Exception as e:
ErrorLog().Write("Web_Api_User_PersonalInformation(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UpdateKey(request): #更新Key
RequestLogRecord(request, request_api="update_key")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
NewKey = randoms().result(40) #生成随机的key,有可能会重复,这边先暂时不管了,这概论太j8低了
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="update_key",
uid=Uid) # 查询到了在计入
UpdateKeyResult = UserInfo().UpdateKey(uid=Uid,
key=NewKey) #获取值查看是否成功
if UpdateKeyResult:
return JsonResponse({
'message': '呐呐呐呐!修改成功了呢~',
'code': 200,
})
else:
return JsonResponse({
'message': "输入信息有误重新输入",
'code': 404,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_BasicFunctions_User_UpdateKey(def)", e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def QueryMarkdownProject(request): #用来查询用户所有的项目信息
RequestLogRecord(request, request_api="query_markdown_project")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="query_markdown_project",
uid=Uid)
QueryResult = MarkdownRelationship().Query(uid=Uid) #查询的结果返回
return JsonResponse({
'message': QueryResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非操作哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CollaborationPlatform_Markdown_QueryMarkdownProject(def)",
e)
return JsonResponse({
'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def NistStatistics(request): #对当前的CVE个数进行统计
RequestLogRecord(request, request_api="nist_statistics")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="nist_statistics",
uid=Uid) # 查询到了在计入
SearchResult = NistData().StatisticalData() #统计的个数
return JsonResponse({
'message': SearchResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistStatistics(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def GithubQuery(request): #查询github监控数据
RequestLogRecord(request, request_api="github_monitor")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="github_monitor",
uid=Uid) # 查询到了在计入
GithubMonitorResult = GithubCveApi().Query() #获取github数据
return JsonResponse({
'message': GithubMonitorResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityUtilizationMonitoring_Github_GithubQuery(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Statistics(request): #统计邮件获取到的数据
RequestLogRecord(request, request_api="email_receive_data_statistics")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
ProjectKey = json.loads(request.body)["project_key"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(
request,
request_api="email_receive_data_statistics",
uid=Uid) # 查询到了在计入
Result = EmailReceiveData().Statistics(project_key=ProjectKey)
return JsonResponse({
'message': Result,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_Email_ReceiveData_Statistics(def)", e)
return JsonResponse({
'message': '自己去看报错日志!',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Query(request): #数据表格查询
RequestLogRecord(request, request_api="email_data_graph_query")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
ProjectKey = json.loads(request.body)["project_key"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="email_data_graph_query",
uid=Uid) # 查询到了在计入
Result = EmailGraph().Query(project_key=ProjectKey, uid=Uid)
return JsonResponse({
'message': ast.literal_eval(Result),
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_Email_Graph_Statistics(def)", e)
return JsonResponse({
'message': '自己去看报错日志!',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def ActiveScanListQuery(request): #主动扫描列表查询
RequestLogRecord(request, request_api="active_scan_list_query")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="active_scan_list_query",
uid=Uid)
ActiveScanListQueryResult = ActiveScanList().Query(uid=Uid)
if ActiveScanListQueryResult != None:
return JsonResponse({
'message': ActiveScanListQueryResult,
'code': 200,
})
else:
return JsonResponse({
'message': '数据库出问题了🐈',
'code': 404,
})
except Exception as e:
ErrorLog().Write(
"Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e)
return JsonResponse({
'message': '莎酱被玩坏啦(>^ω^<)喵',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def ScanInformationQuery(request): #查询关系表
RequestLogRecord(request, request_api="scan_information_query")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
ActiveScanId = json.loads(request.body)["active_scan_id"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="scan_information_query",
uid=Uid)
MedusaQueryResult = ScanInformation().Query(
uid=Uid, active_scan_id=ActiveScanId)
if MedusaQueryResult != None:
return JsonResponse({
'message': MedusaQueryResult,
'code': 200,
})
else:
return JsonResponse({
'message': '数据库炸了BOOM~🐈',
'code': 404,
})
except Exception as e:
ErrorLog().Write(
"Web_Api_VulnerabilityQuery_ScanInformationQuery(def)", e)
return JsonResponse({
'message': '莎酱被玩坏啦ヽ(・ω・´メ)',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def MedusaValueQuery(request): #查询单个漏洞
RequestLogRecord(request, request_api="medusa_query")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
ScanInfoId = json.loads(request.body)["scan_info_id"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="medusa_query",
uid=Uid)
MedusaQueryResult = MedusaQuery().Query(
uid=Uid, scan_info_id=ScanInfoId)
if MedusaQueryResult != None:
return JsonResponse({
'message': MedusaQueryResult,
'code': 200,
})
else:
return JsonResponse({
'message': '数据库GG了🐈',
'code': 404,
})
except Exception as e:
ErrorLog().Write(
"Web_Api_VulnerabilityQuery_MedusaValueQuery(def)", e)
return JsonResponse({
'message': '莎酱被玩坏啦ヾ(=・ω・=)o',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Statistics(request): #对当前整体数据进行统计
RequestLogRecord(request, request_api="domain_name_system_log_statistics")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(
request,
request_api="domain_name_system_log_statistics",
uid=Uid) # 查询到了在计入
SearchResult = DomainNameSystemLog().StatisticalData() #统计的个数
return JsonResponse({
'message': SearchResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_DomainNameSystemLog_DomainNameSystemData_Statistics(def)",
e)
return JsonResponse({
'message': "呐呐呐!莎酱被玩坏啦(>^ω^<)",
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Query(request): # 用于查询DNSLOG数据
RequestLogRecord(request, request_api="domain_name_system_log")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
NumberOfPages = json.loads(request.body)["number_of_pages"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="domain_name_system_log",
uid=Uid) # 查询到了在计入
DomainNameSystemLogResult = DomainNameSystemLog().Query(
number_of_pages=int(NumberOfPages)) #对解析记录进行查询
return JsonResponse({
'message': DomainNameSystemLogResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_DomainNameSystemLog_DomainNameSystemData_Query(def)", e)
return JsonResponse({
'message': "呐呐呐!莎酱被玩坏啦(>^ω^<)",
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def FishingDataStatistics(request): #统计钓鱼获取到的数据
RequestLogRecord(request, request_api="fishing_data_statistics")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
RequestKey = json.loads(request.body)["request_key"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="fishing_data_statistics",
uid=Uid) # 查询到了在计入
Result = FishingData().Quantity(request_key=RequestKey)
return JsonResponse({
'message': Result,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_Mail_FishingData_FishingDataStatistics(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def UpdatePassword(request): #更新密码
RequestLogRecord(request, request_api="update_password")
if request.method == "POST":
try:
UserName = json.loads(request.body)["username"]
OldPasswd = json.loads(request.body)["old_passwd"]
NewPasswd = json.loads(request.body)["new_passwd"]
UpdatePassword = UserInfo().UpdatePasswd(name=UserName,
old_passwd=OldPasswd,
new_passwd=NewPasswd)
if UpdatePassword:
UserOperationLogRecord(request,
request_api="login",
uid=UserName) #如果修改成功写入数据库中
return JsonResponse({
'message': '修改成功~',
'code': 200,
})
else:
return JsonResponse({
'message': "输入信息有误重新输入",
'code': 404,
})
except Exception as e:
ErrorLog().Write("Web_Api_User_UpdatePassword(def)", e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def GithubMonitor(request): #查询github监控数据
RequestLogRecord(request, request_api="github_monitor")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="github_monitor",
uid=Uid) # 查询到了在计入
GithubMonitorResult = GithubCveApi().Query() #获取github数据
return JsonResponse({
'message': GithubMonitorResult,
'code': 200,
})
else:
return JsonResponse({
'message': "非法查询哦宝贝!",
'code': 404,
})
except Exception as e:
ErrorLog().Write("Web_Api_User_UpdateShowName(def)", e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Scan(request):
RequestLogRecord(request, request_api="vulnerability_scanning")
if request.method == "POST":
try:
ReceiveData=json.loads(request.body)
ScanUrl=ReceiveData["url"]
ScanToken= ReceiveData["token"]
ScanModule = ReceiveData["module"]
ScanProcess = ReceiveData["process"]
ScanAgentHeader = ReceiveData["header"]
ScanProxy = ReceiveData["proxy"]
if ScanProxy==0:#如果传入0表示关闭该功能
ScanProxy=None
if type(ScanProcess)==int:#判断类型
Uid=UserInfo().QueryUidWithToken(ScanToken)#如果登录成功后就来查询用户名
if Uid!=None:
UserOperationLogRecord(request, request_api="vulnerability_scanning", uid=Uid)
ActiveScanId=ActiveScanList().Write(uid=Uid,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,process=ScanProcess)#写入用户关系表,然后返回sid下发给任务
RedisActiveScanTask= MedusaScan.delay(ScanUrl,ScanModule,ScanProcess,ScanAgentHeader,ScanProxy,Uid=Uid,ActiveScanId=ActiveScanId)#调用扫描处理函数
ActiveScanList().UpdateRedisId(uid=Uid,active_scan_id=ActiveScanId,redis_id=RedisActiveScanTask.task_id)
return JsonResponse({'message': '任务下发成功👌', 'code': 200, })
else:
return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, })
else:
return JsonResponse({'message': '类型错误!', 'code': 666, })
except Exception as e:
ErrorLog().Write("Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e)
return JsonResponse({'message': '莎酱被玩坏掉嘞QAQ', 'code': 169, })
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def NistDataDetailedQuery(request): #查询单个CVE细节数据
RequestLogRecord(request, request_api="nist_data_detailed_query")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
CommonVulnerabilitiesAndExposures = json.loads(
request.body)["common_vulnerabilities_and_exposures"] #CVE编号
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="nist_data_detailed_query",
uid=Uid) # 查询到了在计入
SearchResult = NistData().DetailedQuery(
common_vulnerabilities_and_exposures=
CommonVulnerabilitiesAndExposures) #获取数据
return JsonResponse({
'message': SearchResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistDataDetailedQuery(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def GithubSearch(request): #搜索数据接口
RequestLogRecord(request, request_api="github_monitor_search")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Name = json.loads(request.body)["name"] #查询值
NumberOfPages = json.loads(request.body)["number_of_pages"] # 页数
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="github_monitor_search",
uid=Uid) # 查询到了在计入
Data = {} # 最终包含个数和当前页数数据
Data["amount"] = GithubCveApi().SearchStatistics(name=Name)
Data["data"] = GithubCveApi().Search(
name=Name, number_of_pages=int(NumberOfPages)) # 模糊搜索
return JsonResponse({
'message': Data,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityUtilizationMonitoring_Github_GithubSearch(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def UpdateShowName(request): #更新显示名字
RequestLogRecord(request, request_api="update_show_name")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
NewShowName = json.loads(request.body)["new_show_name"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="update_show_name",
uid=Uid) # 查询到了在计入
UpdateShowNameResult = UserInfo().UpdateShowName(
uid=Uid, show_name=NewShowName) #获取值查看是否成功
if UpdateShowNameResult:
return JsonResponse({
'message': '好诶!修改成功~',
'code': 200,
})
else:
return JsonResponse({
'message': "输入信息有误重新输入",
'code': 404,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_BasicFunctions_User_UpdateShowName(def)", e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def Initialization(request):#用于初始化获取基础信息
RequestLogRecord(request, request_api="system_hardware_initialization")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request, request_api="system_hardware_initialization", uid=Uid) # 查询到了在计入
MemoryInfo = psutil.virtual_memory() # 获取完整内存信息
SystemInfo=platform.platform()
SystemName=platform.system()
SystemType=platform.machine()
UserName= platform.node()
CentralProcessingUnitArchitecture=platform.processor()
ServerStartTime = str(int(psutil.boot_time())) # 获取服务器启动时间
MemoryTotal = MemoryInfo.total # 系统内存总数
CentralProcessingUnitCount = psutil.cpu_count() # cpu核数
return JsonResponse({'message': {"central_processing_unit_architecture":CentralProcessingUnitArchitecture,
"system_info":SystemInfo,
"server_start_time":ServerStartTime,
"system_name":SystemName,
"system_type":SystemType,
"user_name":UserName,
"memory_total":MemoryTotal,
"central_processing_unit_count":CentralProcessingUnitCount},'code': 200,})
else:
return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, })
except Exception as e:
ErrorLog().Write("Web_SystemInfo_HardwareInfo_Initialization(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Linux(request): # 用于提取保存文件后调用相应的处理函数
RequestLogRecord(request, request_api="linux_executable_linkable_format_analysis")
if request.method == "POST":
try:
Token =request.headers["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request, request_api="linux_executable_linkable_format_analysis", uid=Uid) # 查询到了在计入
PictureData = request.FILES.get('file', None) # 获取文件数据
if 0>=PictureData.size:#判断是不是空文件
return JsonResponse({'message': "宝贝数据这么小的嘛?", 'code': 400, })
elif portable_execute_file_size < PictureData.size: #和配置文件中做对比
SaveFileName = str(int(time.time())) # 重命名文件
SaveRoute = GetAnalysisFileStoragePath().Result() + SaveFileName # 获得保存路径
with open(SaveRoute, 'wb') as f:
for line in PictureData:
f.write(line)
#接下来调用处理函数,接着再调用删除函数
return JsonResponse({'message': "成功了", 'code': 200, })
else:
return JsonResponse({'message': "文件太大啦~(๑•̀ㅂ•́)و✧", 'code': 501, })
else:
return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, })
except Exception as e:
ErrorLog().Write("Web_ToolsUtility_ExecutableLinkableFormat_Linux(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UsageQuery(request): # 用于查询CPU和硬件的使用情况
RequestLogRecord(request, request_api="system_hardware_usage_query")
if request.method == "POST":
try:
Token = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(
request,
request_api="system_hardware_usage_query",
uid=Uid) # 查询到了在计入
HardwareUsageRateResult = HardwareUsageRateInfo().Query(
) #对CPU和内存信息进行查询
return JsonResponse({
'message': HardwareUsageRateResult,
'code': 200,
})
else:
return JsonResponse({
'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write("Web_SystemInfo_HardwareInfo_Initialization(def)",
e)
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def SaveMarkdownData(request): #用来保存协同作战数据
RequestLogRecord(request, request_api="save_markdown_data")
if request.method == "POST":
try:
UserToken = json.loads(request.body)["token"]
MarkdownData = json.loads(request.body)["markdown_data"] #传入保存的数据
MarkdownName = json.loads(request.body)["markdown_name"] #传入文档名称
MarkdownDataToBast64 = base64.b64encode(
str(MarkdownData).encode('utf-8')).decode(
'utf-8') #转换成base64的数据
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None: # 查到了UID
UserOperationLogRecord(request,
request_api="save_markdown_data",
uid=Uid)
CheckPermissionsResult = MarkdownRelationship(
).CheckPermissions(markdown_name=MarkdownName,
uid=Uid) #检查是否有权限,也就是说这个项目是否属于该用户
if CheckPermissionsResult: #如果属于该用户
CheckConflictResult = MarkdownInfo().CheckConflict(
markdown_name=MarkdownName) #检查数据库这个文件是否存在
if CheckConflictResult: #如果文件已经有数据了
if not MarkdownInfo().Update(
markdown_name=MarkdownName,
markdown_data=MarkdownDataToBast64
): #就对数据进行更新,接着判断更新返回值
return JsonResponse({
'message': "保存失败~玛卡巴卡~~",
'code': 503,
})
else: #如果没有数据
MarkdownInfo().Write(
markdown_name=MarkdownName,
markdown_data=MarkdownDataToBast64) #就对数据进行写入
return JsonResponse({
'message': "保存成功啦~阿巴阿巴~",
'code': 200,
})
else:
return JsonResponse({
'message': "小朋友不是你的东西别乱动哦~~",
'code': 404,
})
else:
return JsonResponse({
'message': "小宝贝这是非法操作哦(๑•̀ㅂ•́)و✧",
'code': 403,
})
except Exception as e:
ErrorLog().Write(
"Web_CollaborationPlatform_Markdown_SaveMarkdownData(def)", e)
return JsonResponse({
'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)',
'code': 169,
})
else:
return JsonResponse({
'message': '请使用Post请求',
'code': 500,
})
def GenerateProject(request):#用来生成项目,并且生成文件和用户绑定
RequestLogRecord(request, request_api="create_cross_site_script_project")
if request.method == "POST":
try:
JavaScriptFileData = json.loads(request.body)["javascript_data"]#获取前端传入的加密过的js文件数据
ProjectName = json.loads(request.body)["project_name"]#项目名
UserToken = json.loads(request.body)["token"]
Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名
if Uid != None and JavaScriptFileData!=None: # 查到了UID,并且js数据不为空
UserOperationLogRecord(request, request_api="create_cross_site_script_project", uid=Uid)
GetJavaScriptFilePath().Result()#获取js文件路径
while True:#如果查询确实冲突了
JavaScriptSaveFileName=randoms().result(5)#文件名
QueryJavaScriptSaveFileNameValidity = CrossSiteScriptProject().RepeatInvestigation(file_name=JavaScriptSaveFileName)#判断文件是否重复
if not QueryJavaScriptSaveFileNameValidity:#如果不冲突的话跳出循环
break
JavaScriptSaveRoute = GetJavaScriptFilePath().Result() + JavaScriptSaveFileName # 获得保存路径
with open(JavaScriptSaveRoute, 'wb') as f:
f.write(base64.b64decode(str(JavaScriptFileData).encode('utf-8')))#文件内容还要加密
CrossSiteScriptProject().Write(file_name=JavaScriptSaveFileName,uid=Uid,project_name=ProjectName)#写到数据库表中
return JsonResponse({'message': "欧拉欧拉欧拉欧拉欧拉欧拉欧拉欧拉(๑•̀ㅂ•́)و✧", 'code': 200, })
else:
return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, })
except Exception as e:
ErrorLog().Write("Web_CrossSiteScriptHub_CrossSiteScript_GenerateProject(def)", e)
return JsonResponse({'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, })
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Login(request):#用户登录,每次登录成功都会刷新一次Token
RequestLogRecord(request, request_api="login")
if request.method == "POST":
try:
Username=json.loads(request.body)["username"]
Passwd=json.loads(request.body)["passwd"]
Md5Passwd=Md5Encryption().Md5Result(Passwd)#对密码加密
UserLogin=UserInfo().UserLogin(Username,Md5Passwd)
if UserLogin is None:
return JsonResponse({'message': '账号或密码错误', 'code': 604, })
else:
while True:#如果查询确实冲突了
Token = randoms().result(250)
QueryTokenValidity = UserInfo().QueryTokenValidity(Token)#用来查询Token是否冲突了
if not QueryTokenValidity:#如果不冲突的话跳出循环
break
UpdateToken=UserInfo().UpdateToken(name=Username, token=Token)#接着更新Token
if UpdateToken:#如果更新成功了
Uid = UserInfo().QueryUidWithToken(Token) # 查询UID
UserOperationLogRecord(request, request_api="login", uid=Uid)
return JsonResponse({'message': Token, 'code': 200, })
except Exception as e:
ErrorLog().Write("Web_Api_User_LogIn(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Scan(request):
RequestLogRecord(request, request_api="scan")
if request.method == "POST":
try:
ReceiveData=json.loads(request.body)
ScanUrl=ReceiveData["url"]
ScanToken= ReceiveData["token"]
ScanModule = ReceiveData["module"]
ScanThreads = ReceiveData["threads"]
ScanAgentHeader = ReceiveData["header"]
ScanProxy = ReceiveData["proxy"]
if type(ScanThreads)==int:#判断类型
TokenQueryReturnValue=UserInfo().TokenAuthentication(token=ScanToken)
if TokenQueryReturnValue:#如果Token存在
UserName=UserInfo().QueryUserNameWithToken(ScanToken)#如果登录成功后就来查询用户名
UserOperationLogRecord(request, request_api="scan", uid=UserName)
if UserName!=None:
Sid=ActiveScanList().Write(uid=UserName,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,threads=ScanThreads)#写入用户关系表,然后返回sid下发给任务
MedusaScan.delay(ScanUrl,ScanModule,ScanThreads,ScanAgentHeader,ScanProxy,Uid=UserName,Sid=Sid)#调用扫描处理函数
return JsonResponse({'message': '任务下发成功👌', 'code': 200, })
else:
return JsonResponse({'message': '诶诶诶诶???怎么会查不到用户名呢????', 'code': 404, })
else:
return JsonResponse({'message': '请登录获取令牌秘钥~', 'code': 404, })
else:
return JsonResponse({'message': '类型错误!', 'code': 500, })
except:
return JsonResponse({'message': '请求不合法!', 'code': 500, })
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UploadAvatar(request):#文件上传功能
RequestLogRecord(request, request_api="upload_avatar")
Token =request.headers["token"]
if request.method == "POST":
try:
Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID
if Uid != None: # 查到了UID
UserOperationLogRecord(request, request_api="upload_avatar", uid=Uid) # 查询到了在计入
PictureData = request.FILES.get('file', None)#获取文件数据
if 10240<PictureData.size:#最大值10MB,最小值10KB
SaveFileName=randoms().result(10)+str(int(time.time()))+".jpg"#重命名文件
SaveRoute=GetImageFilePath().Result()+SaveFileName#获得保存路径
with open(SaveRoute, 'wb') as f:
for line in PictureData:
f.write(line)
UserInfo().UpdateAvatar(avatar=SaveFileName,uid=Uid)#图片写到本地后更新用户头像
return JsonResponse({'message': SaveFileName, 'code': 200,})#返回上传图片名称
else:
return JsonResponse({'message': '它实在是太小了,莎酱真的一点感觉都没有o(TヘTo)', 'code': 603,})
else:
return JsonResponse({'message': '宝贝没有用户你要插到哪里去呢?', 'code': 404, })
except Exception as e:
ErrorLog().Write("Web_Api_User_UploadAvatar(def)", e)
return JsonResponse({'message': '你不对劲!为什么报错了?', 'code': 169,})
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Login(request):#用户登录,每次登录成功都会刷新一次Token
RequestLogRecord(request, request_api="login")
if request.method == "POST":
try:
Username=json.loads(request.body)["username"]
Passwd=json.loads(request.body)["passwd"]
VerificationCodeKey = json.loads(request.body)["verification_code_key"]#获取验证码关联的KEY
Code = json.loads(request.body)["verification_code"].lower()#获取验证码,把验证码全部转换成小写
Md5Passwd=Md5Encryption().Md5Result(Passwd)#对密码加密
if VerificationCodeKey!=None and Code!=None:#判断传入数据不为空
VerificationCodeResult=VerificationCode().Query(code=Code,verification_code_key=VerificationCodeKey)#获取判断
if VerificationCodeResult:#如果为真,进行登录验证
UserLogin=UserInfo().UserLogin(Username,Md5Passwd)
if UserLogin is None:
return JsonResponse({'message': '账号或密码错误', 'code': 604, })
else:
while True:#如果查询确实冲突了
Token = randoms().result(250)
QueryTokenValidity = UserInfo().QueryTokenValidity(Token)#用来查询Token是否冲突了
if not QueryTokenValidity:#如果不冲突的话跳出循环
break
UpdateToken=UserInfo().UpdateToken(name=Username, token=Token)#接着更新Token
if UpdateToken:#如果更新成功了
Uid = UserInfo().QueryUidWithToken(Token) # 查询UID
UserOperationLogRecord(request, request_api="login", uid=Uid)
return JsonResponse({'message': Token, 'code': 200, })
else:
return JsonResponse({'message': "验证码错误或者过期!", 'code': 503, })
else:
return JsonResponse({'message': "验证码或者验证码秘钥不能为空!", 'code': 504, })
except Exception as e:
ErrorLog().Write("Web_BasicFunctions_User_LogIn(def)", e)
else:
return JsonResponse({'message': '请使用Post请求', 'code': 500, })
