def get(self, request, *args, **kwargs):
filename = self.request.query_params.get('std', None)
is_html = self.request.query_params.get('html', False)
if not filename:
return common.message(500, 'stdout not found')
options = dbutils.get_stateless_options()
wss = options.get('WORKSPACES')
filename = utils.clean_path(filename).strip('/')
p = pathlib.Path(filename)
# we don't want a LFI here even when we're admin
if p.parts[0] not in os.listdir(wss):
return common.message(500, 'Workspace not found ')
stdout = utils.join_path(wss, filename)
content = utils.just_read(stdout)
if not content:
return HttpResponse("No result found")
if filename.endswith('.html') or is_html:
return HttpResponse(content)
try:
# convert console output to html
conv = Ansi2HTMLConverter(scheme='mint-terminal')
html = conv.convert(content)
return HttpResponse(html)
# return Response(html)
except:
return HttpResponse(content)
def gen_default_config(config_path):
config_path = utils.absolute_path(config_path)
utils.file_copy(utils.TEMPLATE_SERVER_CONFIG, config_path)
configs = utils.just_read_config(config_path, raw=True)
workspaces = utils.join_path(utils.get_parent(utils.DEAFULT_CONFIG_PATH),
'workspaces')
plugins_path = utils.join_path(utils.ROOT_PATH, 'plugins')
go_path = utils.join_path(utils.ROOT_PATH, 'plugins/go')
data_path = utils.join_path(utils.ROOT_PATH, 'data')
alias_path = utils.join_path(utils.ROOT_PATH, 'lib/alias')
# set some path
configs.set('Enviroments', 'workspaces', workspaces)
configs.set('Enviroments', 'plugins_path', plugins_path)
configs.set('Enviroments', 'data_path', data_path)
configs.set('Enviroments', 'alias_path', alias_path)
configs.set('Enviroments', 'go_path', go_path)
# set some tokens
github_api_key = utils.get_enviroment("GITHUB_API_KEY")
slack_bot_token = utils.get_enviroment("SLACK_BOT_TOKEN")
log_channel = utils.get_enviroment("LOG_CHANNEL")
status_channel = utils.get_enviroment("STATUS_CHANNEL")
report_channel = utils.get_enviroment("REPORT_CHANNEL")
stds_channel = utils.get_enviroment("STDS_CHANNEL")
verbose_report_channel = utils.get_enviroment("VERBOSE_REPORT_CHANNEL")
configs.set('Enviroments', 'github_api_key', github_api_key)
configs.set('Slack', 'slack_bot_token', slack_bot_token)
configs.set('Slack', 'log_channel', log_channel)
configs.set('Slack', 'status_channel', status_channel)
configs.set('Slack', 'report_channel', report_channel)
configs.set('Slack', 'stds_channel', stds_channel)
configs.set('Slack', 'verbose_report_channel', verbose_report_channel)
# write it again
with open(config_path, 'w+') as configfile:
configs.write(configfile)
# read it again and return
options = utils.just_read_config(config_path)
return options
def get(self, request, *args, **kwargs):
workspaces = list(Workspaces.objects.all().values_list('workspace',
flat=True))
options = dbutils.get_stateless_options()
wss = options.get('WORKSPACES')
# remove blank workspace
for ws in workspaces:
real_ws = utils.join_path(wss, ws)
if not utils.not_empty_dir(real_ws):
workspaces.remove(ws)
return common.returnJSON({
"workspaces": workspaces,
}, 200)
def get(self, request, *args, **kwargs):
workspace = request.query_params.get('workspace', None)
module = request.query_params.get('module', None)
full = request.query_params.get('full', None)
grouped = request.query_params.get('grouped', None)
# workspace validate
if not workspace or workspace == 'null':
return common.message(500, "Workspace not specifed")
obj = Workspaces.objects.filter(workspace=workspace)
if not obj.first():
return common.message(404, "Workspace not found")
# get options
ws = obj.first().as_json().get('workspace')
options = dbutils.get_stateful_options(ws)
real_workspace = utils.join_path(options.get(
'WORKSPACES'), options.get('WORKSPACE'))
options['WORKSPACE'] = real_workspace
reports = self.get_reports(options, module, full, grouped)
content = {'reports': reports}
return Response(content)
def post(self, request, *args, **kwargs):
serializer = WorkspacesSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
# just some verbose options
mode = data.get('mode')
verbose = data.get('verbose')
speed = data.get('speed')
forced = data.get('forced')
arch = data.get('arch')
# input part
raw_target = data.get('raw_target')
target = dbutils.clean_input(raw_target)
# resolve IP if possible
ip_address = utils.resolve_input(target)
# strip slash for saving it as path
workspace = utils.get_ws(target)
# output and plugin part
options = dbutils.get_stateless_options()
workspaces = options.get('WORKSPACES')
data_path = options.get('DATA_PATH')
plugin_path = options.get('PLUGINS_PATH')
modules = utils.set_value(dbutils.get_modules(mode),
data.get('modules'))
# set if defined or get it as default
workspace = utils.set_value(workspace, data.get('workspace'))
output = utils.set_value(workspace, data.get('output'))
# data part
workspaces = utils.set_value(workspaces, data.get('workspaces'))
data_path = utils.set_value(data_path, data.get('data_path'))
plugin_path = utils.set_value(plugin_path, data.get('plugin_path'))
target = utils.set_value(target, data.get('target'))
ip_address = utils.set_value(ip_address, data.get('ip_address'))
# store it to db
item = {
'raw_target': raw_target,
'target': target,
'ip_address': ip_address,
'workspace': workspace,
'output': output,
'workspaces': workspaces,
'modules': modules,
'arch': arch,
'mode': mode,
'speed': speed,
'forced': forced,
'verbose': verbose,
}
instance, created = Workspaces.objects.get_or_create(
workspace=workspace)
Workspaces.objects.filter(workspace=workspace).update(**item)
real_workspace = utils.join_path(workspaces, workspace)
if created:
if instance.arch == 'server':
utils.make_directory(real_workspace)
return common.returnJSON(
{
"workspace": workspace,
"msg": "Workspaces created Successfully"
}, 200)
else:
# person object already exists
return common.returnJSON(
{
"workspace": workspace,
"msg": "Workspaces already exists"
}, 442)
def gen_output_path(self):
outdir = utils.get_parent(self.options.get('output'))
basename = utils.get_filename(self.options.get('output'))
self.options['repo_output'] = utils.join_path(outdir, f'repo-{basename}')
self.options['user_output'] = utils.join_path(outdir, f'user-{basename}')
self.options['org_output'] = utils.join_path(outdir, f'org-{basename}')
def gen_default_config(config_path):
config_path = utils.absolute_path(config_path)
utils.file_copy(utils.TEMPLATE_SERVER_CONFIG, config_path)
configs = utils.just_read_config(config_path, raw=True)
workspaces = utils.join_path(utils.get_parent(
utils.DEAFULT_CONFIG_PATH), 'workspaces')
plugins_path = utils.join_path(utils.ROOT_PATH, 'plugins')
go_path = utils.join_path(utils.ROOT_PATH, 'plugins/go')
data_path = utils.join_path(utils.ROOT_PATH, 'data')
alias_path = utils.join_path(utils.ROOT_PATH, 'lib/alias')
# set some path
configs.set('Enviroments', 'workspaces', workspaces)
configs.set('Enviroments', 'plugins_path', plugins_path)
configs.set('Enviroments', 'data_path', data_path)
configs.set('Enviroments', 'alias_path', alias_path)
configs.set('Enviroments', 'go_path', go_path)
# set some tokens
github_api_key = utils.get_enviroment("GITHUB_API_KEY")
slack_bot_token = utils.get_enviroment("SLACK_BOT_TOKEN")
log_channel = utils.get_enviroment("LOG_CHANNEL")
status_channel = utils.get_enviroment("STATUS_CHANNEL")
report_channel = utils.get_enviroment("REPORT_CHANNEL")
stds_channel = utils.get_enviroment("STDS_CHANNEL")
verbose_report_channel = utils.get_enviroment("VERBOSE_REPORT_CHANNEL")
configs.set('Enviroments', 'github_api_key', github_api_key)
configs.set('Slack', 'slack_bot_token', slack_bot_token)
configs.set('Slack', 'log_channel', log_channel)
configs.set('Slack', 'status_channel', status_channel)
configs.set('Slack', 'report_channel', report_channel)
configs.set('Slack', 'stds_channel', stds_channel)
configs.set('Slack', 'verbose_report_channel', verbose_report_channel)
telegram_bot_token = utils.get_enviroment("TELEGRAM_BOT_TOKEN")
telegram_log_channel = utils.get_enviroment("TELEGRAM_LOG_CHANNEL")
telegram_status_channel = utils.get_enviroment("TELEGRAM_STATUS_CHANNEL")
telegram_report_channel = utils.get_enviroment("TELEGRAM_REPORT_CHANNEL")
telegram_stds_channel = utils.get_enviroment("TELEGRAM_STDS_CHANNEL")
telegram_verbose_report_channel = utils.get_enviroment("TELEGRAM_VERBOSE_REPORT_CHANNEL")
configs.set('Telegram', 'telegram_bot_token', telegram_bot_token)
configs.set('Telegram', 'telegram_log_channel', telegram_log_channel)
configs.set('Telegram', 'telegram_status_channel', telegram_status_channel)
configs.set('Telegram', 'telegram_report_channel', telegram_report_channel)
configs.set('Telegram', 'telegram_stds_channel', telegram_stds_channel)
configs.set('Telegram', 'telegram_verbose_report_channel', telegram_verbose_report_channel)
# monitor mode
backups = utils.join_path(utils.get_parent(
utils.DEAFULT_CONFIG_PATH), 'backups')
utils.make_directory(backups)
monitors = utils.join_path(utils.get_parent(
utils.DEAFULT_CONFIG_PATH), 'monitors')
utils.make_directory(monitors)
configs.set('Monitor', 'monitors', monitors)
configs.set('Monitor', 'backups', backups)
monitor_level = utils.get_enviroment("monitor_level", 'final')
configs.set('Monitor', 'monitor_level', monitor_level)
# monitor bot
slack_monitor_token = utils.get_enviroment("SLACK_MONITOR_TOKEN")
new_channel = utils.get_enviroment("NEW_CHANNEL")
new_name = utils.get_enviroment("NEW_NAME")
missing_channel = utils.get_enviroment("MISSING_CHANNEL")
missing_name = utils.get_enviroment("MISSING_NAME")
configs.set('Monitor', 'slack_monitor_token', slack_monitor_token)
configs.set('Monitor', 'new_channel', new_channel)
configs.set('Monitor', 'new_name', new_name)
configs.set('Monitor', 'missing_channel', missing_channel)
configs.set('Monitor', 'missing_name', missing_name)
# write it again
with open(config_path, 'w+') as configfile:
configs.write(configfile)
# read it again and return
options = utils.just_read_config(config_path)
return options