Beispiel #1
0
 def get(self):
     try:
         request_hash = self.get_argument("hash")
         request = json.loads(
             base64.b64decode(conn.hget("request", request_hash)))
         if conn.hget("results", request_hash):
             results = {}
             stat = "success"
         else:
             results = json.loads(
                 base64.b64decode(conn.hget("results", request_hash)))
             stat = results['stat']
             stats = ['success', 'info', 'warning', "danger"]
             stat = stats[stat]
             if results['stat'] == 0:
                 results = {}
             else:
                 del results['stat']
                 for rule in results.keys():
                     if results[rule]['stat'] == 0:
                         del results[rule]
                     else:
                         results[rule]['stat'] = stats[results[rule]
                                                       ['stat']]
                         messages = []
                         for message in results[rule]['message']:
                             if message != "":
                                 messages.append(message)
                             results[rule]['message'] = messages
         return self.render("req.html",
                            request=request,
                            results=results,
                            stat=stat)
     except Exception, e:
         out.error(str(e))
         return self.write(str(e))
Beispiel #2
0
def scan_start():
    while config.load()['scan_stat'].lower() == "true":
        try:
            while thread_filled():
                time.sleep(5)
            reqhash = conn.rpoplpush("waiting", "running")
            if not reqhash:
                time.sleep(10)
                continue
            reqed = conn.hget("request", reqhash)
            request = json.loads(ds(reqed))
            rules = config.load_rule()['scan_type']
            url = urlparse.urlparse(request['url']).query
            if (request['method'] == "GET" and url != "") or (request['method'] == "POST" and (request["postdata"] != "" or url != "")):
                t = threading.Thread(target=new_scan, args=(reqhash, requests_convert(request), rules))
                t.start()
            else:
                conn.lrem("running", 1, reqhash)
                conn.lpush("finished", reqhash)
        except Exception,e:
            out.error(str(e))
Beispiel #3
0
 def get(self):
     list_type = self.get_argument("type")
     try:
         start = int(self.get_argument("start"))
     except:
         start = 0
     page_num = int(config.load()['page_num'])
     length = conn.llen(list_type)
     last = start + page_num - 1
     page_now = start / page_num + 1
     end_page = -1 * ((-1 * length) / page_num)
     end_num = end_page * page_num - page_num
     if page_now - 2 >= 1:
         pages_first = page_now - 2
     else:
         pages_first = 1
     if page_now + 2 <= end_page:
         pages_last = page_now + 2
     else:
         pages_last = end_page
     pages = range(pages_first, pages_last + 1)
     content = conn.lrange(list_type, start, last)
     req_content = {}
     for reqhash in content:
         request_content = json.loads(
             base64.b64decode(conn.hget("request", reqhash)))
         req_content[reqhash] = request_content[
             'method'] + "|" + request_content['url']
     return self.render("list.html",
                        page_now=page_now,
                        page_num=page_num,
                        pages=pages,
                        content=content,
                        list_type=list_type,
                        length=length,
                        req_content=req_content,
                        end_num=end_num)