Beispiel #1
0
def scan_output(taskid):
    """
    Read the standard output of sqlmap core execution
    """
    global procs
    global tasks

    json_stdout_message = []
    json_stderr_message = []

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Read all stdout messages from the temporary I/O database
    procs[taskid].ipc_database_cursor.execute("SELECT message FROM stdout")
    db_stdout_messages = procs[taskid].ipc_database_cursor.fetchall()

    for message in db_stdout_messages:
        json_stdout_message.append(message)

    # Read all stderr messages from the temporary I/O database
    procs[taskid].ipc_database_cursor.execute("SELECT message FROM stderr")
    db_stderr_messages = procs[taskid].ipc_database_cursor.fetchall()

    for message in db_stderr_messages:
        json_stderr_message.append(message)

    return jsonize({"stdout": json_stdout_message, "stderr": json_stderr_message})
Beispiel #2
0
def scan_start(taskid):
    """
    Launch a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    tasks[taskid].reset_options()

    # Initialize sqlmap engine's options with user's provided options, if any
    for option, value in request.json.items():
        tasks[taskid].set_option(option, value)

    # Overwrite output directory value to a temporary directory
    tasks[taskid].set_output_directory()

    # Launch sqlmap engine in a separate process
    tasks[taskid].engine_start()

    logger.debug("Started scan for task ID %s" % taskid)
    return jsonize({
        "success": True,
        "engineid": tasks[taskid].engine_get_id()
    })
Beispiel #3
0
def scan_log_limited(taskid, start, end):
    """
    Retrieve a subset of log messages
    """
    global procs

    json_log_messages = {}

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Temporary "protection" against SQL injection FTW ;)
    if not start.isdigit() or not end.isdigit() or end <= start:
        abort(500, "Invalid start or end value, must be digits")

    start = max(1, int(start))
    end = max(1, int(end))

    # Read a subset of log messages from the temporary I/O database
    procs[taskid].ipc_database_cursor.execute("SELECT id, time, level, message FROM logs WHERE id >= %d AND id <= %d" % (start, end))
    db_log_messages = procs[taskid].ipc_database_cursor.fetchall()

    for (id_, time_, level, message) in db_log_messages:
        json_log_messages[id_] = {"time": time_, "level": level, "message": message}

    return jsonize({"log": json_log_messages})
Beispiel #4
0
def scan_log_limited(taskid, start, end):
    """
    Retrieve a subset of log messages
    """
    global db
    global tasks
    json_log_messages = list()

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    if not start.isdigit() or not end.isdigit() or end < start:
        abort(500, "Invalid start or end value, must be digits")

    start = max(1, int(start))
    end = max(1, int(end))

    # Read a subset of log messages from the IPC database
    for time_, level, message in db.execute(
            "SELECT time, level, message FROM logs WHERE taskid = ? AND id >= ? AND id <= ? ORDER BY id ASC",
        (taskid, start, end)):
        json_log_messages.append({
            "time": time_,
            "level": level,
            "message": message
        })

    logger.debug("Retrieved subset of log messages for scan for task ID %s" %
                 taskid)
    return jsonize({"log": json_log_messages})
Beispiel #5
0
def scan_data(taskid):
    """
    Retrieve the data of a scan
    """
    global db
    global tasks
    json_data_message = list()
    json_errors_message = list()

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Read all data from the IPC database for the taskid
    for status, content_type, value in db.execute(
            "SELECT status, content_type, value FROM data WHERE taskid = ? ORDER BY id ASC",
        (taskid, )):
        json_data_message.append({
            "status": status,
            "type": content_type,
            "value": dejsonize(value)
        })

    # Read all error messages from the IPC database
    for error in db.execute(
            "SELECT error FROM errors WHERE taskid = ? ORDER BY id ASC",
        (taskid, )):
        json_errors_message.append(error)

    logger.debug("Retrieved data and error messages for scan for task ID %s" %
                 taskid)
    return jsonize({"data": json_data_message, "error": json_errors_message})
Beispiel #6
0
def scan_start(taskid):
    """
    Launch a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Initialize sqlmap engine's options with user's provided options
    # within the JSON request
    for key, value in request.json.items():
        tasks[taskid][key] = value

    # Overwrite output directory (oDir) value to a temporary directory
    tasks[taskid].oDir = tempfile.mkdtemp(prefix="sqlmap-")

    # Launch sqlmap engine in a separate thread
    logger.debug("starting a scan for task ID %s" % taskid)

    if _multiprocessing:
        #_multiprocessing.log_to_stderr(logging.DEBUG)
        p = _multiprocessing.Process(name=taskid, target=start_scan)
        p.daemon = True
        p.start()
        p.join()

    return jsonize({"success": True})
Beispiel #7
0
def scan_start(taskid):
    """
    Launch a scan
    """
    global tasks
    global procs
    global pipes

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Initialize sqlmap engine's options with user's provided options
    # within the JSON request
    for key, value in request.json.items():
        tasks[taskid][key] = value

    # Overwrite output directory (oDir) value to a temporary directory
    tasks[taskid].oDir = tempfile.mkdtemp(prefix="sqlmap-")

    # Launch sqlmap engine in a separate thread
    logger.debug("starting a scan for task ID %s" % taskid)

    pipes[taskid] = os.pipe()

    # Provide sqlmap engine with the writable pipe for logging
    tasks[taskid]["fdLog"] = pipes[taskid][1]

    # Launch sqlmap engine
    procs[taskid] = execute("python sqlmap.py --pickled-options %s" % base64pickle(tasks[taskid]), shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=False)

    return jsonize({"success": True})
Beispiel #8
0
def option_list(taskid):
    """
    List options for a certain task ID
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    return jsonize({"options": tasks[taskid].get_options()})
def task_list(taskid):
    """
    List all active tasks
    """
    if is_admin(taskid):
        return jsonize({"tasks": tasks})
    else:
        abort(401)
Beispiel #10
0
def task_list(taskid):
    """
    List all active tasks
    """
    if is_admin(taskid):
        return jsonize({"tasks": tasks})
    else:
        abort(401)
Beispiel #11
0
def option_list(taskid):
    """
    List options for a certain task ID
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    return jsonize(tasks[taskid])
Beispiel #12
0
def scan_logstruct(taskid):
    """
    Generic function to return the last N lines of structured output
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    output = LOG_RECORDER.get_logs(request.GET.get('start'),request.GET.get('end'))
    return jsonize({"logstruct": output})
def task_destroy(taskid):
    """
    Destroy own task ID
    """
    if taskid in tasks and not is_admin(taskid):
        tasks.pop(taskid)
        return jsonize({"success": True})
    else:
        abort(500, "Invalid task ID")
Beispiel #14
0
def task_list(taskid):
    """
    List task pull
    """
    if is_admin(taskid):
        logger.debug("Listed task pull")
        return jsonize({"tasks": tasks, "tasks_num": len(tasks)})
    else:
        abort(401)
Beispiel #15
0
def task_destroy(taskid):
    """
    Destroy own task ID
    """
    if taskid in tasks and not is_admin(taskid):
        tasks.pop(taskid)
        return jsonize({"success": True})
    else:
        abort(500, "Invalid task ID")
Beispiel #16
0
def task_list(taskid):
    """
    List task pull
    """
    if is_admin(taskid):
        logger.debug("Listed task pull")
        return jsonize({"tasks": tasks, "tasks_num": len(tasks)})
    else:
        abort(401)
def status(taskid):
    """
    Verify the status of the API as well as the core
    """

    if is_admin(taskid):
        tasks_num = len(tasks)
        return jsonize({"tasks": tasks_num})
    else:
        abort(401)
Beispiel #18
0
def status(taskid):
    """
    Verify the status of the API as well as the core
    """

    if is_admin(taskid):
        tasks_num = len(tasks)
        return jsonize({"tasks": tasks_num})
    else:
        abort(401)
Beispiel #19
0
def scan_kill(taskid):
    """
    Kill a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    return jsonize({"success": tasks[taskid].engine_kill()})
Beispiel #20
0
def task_destroy(taskid):
    """
    Destroy own task ID
    """
    if taskid in tasks:
        tasks[taskid].clean_filesystem()
        tasks.pop(taskid)
        return jsonize({"success": True})
    else:
        abort(500, "Invalid task ID")
Beispiel #21
0
def status(taskid):
    """
    Verify the status of the API as well as the core
    """

    if is_admin(taskid):
        busy = kb.get("busyFlag")
        tasks_num = len(tasks)
        return jsonize({"busy": busy, "tasks": tasks_num})
    else:
        abort(401)
Beispiel #22
0
def task_delete(taskid):
    """
    Delete own task ID
    """
    if taskid in tasks:
        tasks[taskid].clean_filesystem()
        tasks.pop(taskid)

        logger.debug("Deleted task ID: %s" % taskid)
        return jsonize({"success": True})
    else:
        abort(500, "Invalid task ID")
Beispiel #23
0
def task_delete(taskid):
    """
    Delete own task ID
    """
    if taskid in tasks:
        tasks[taskid].clean_filesystem()
        tasks.pop(taskid)

        logger.debug("Deleted task ID: %s" % taskid)
        return jsonize({"success": True})
    else:
        abort(500, "Invalid task ID")
Beispiel #24
0
def scan_log(taskid):
    """
    Retrieve the log messages
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    LOGGER_OUTPUT.seek(0)
    output = LOGGER_OUTPUT.read()
    LOGGER_OUTPUT.flush()
    LOGGER_OUTPUT.truncate(0)

    return jsonize({"log": output})
def option_get(taskid):
    """
    Get the value of an option (command line switch) for a certain task ID
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    option = request.json.get("option", "")

    if option in tasks[taskid]:
        return jsonize({option: tasks[taskid][option]})
    else:
        return jsonize({option: None})
Beispiel #26
0
def scan_delete(taskid):
    """
    Delete a scan and corresponding temporary output directory
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    if "oDir" in tasks[taskid] and tasks[taskid].oDir is not None:
        shutil.rmtree(tasks[taskid].oDir)

    return jsonize({"success": True})
Beispiel #27
0
def scan_delete(taskid):
    """
    Delete a scan and corresponding temporary output directory and IPC database
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    scan_stop(taskid)
    tasks[taskid].clean_filesystem()

    return jsonize({"success": True})
Beispiel #28
0
def scan_kill(taskid):
    """
    Kill a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    tasks[taskid].engine_kill()

    logger.debug("Killed scan for task ID %s" % taskid)
    return jsonize({"success": True})
Beispiel #29
0
def option_set(taskid):
    """
    Set an option (command line switch) for a certain task ID
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    for key, value in request.json.items():
        tasks[taskid][key] = value

    return jsonize({"success": True})
Beispiel #30
0
def option_set(taskid):
    """
    Set an option (command line switch) for a certain task ID
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    for option, value in request.json.items():
        tasks[taskid].set_option(option, value)

    return jsonize({"success": True})
def scan_delete(taskid):
    """
    Delete a scan and corresponding temporary output directory
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    if "oDir" in tasks[taskid] and tasks[taskid].oDir is not None:
        shutil.rmtree(tasks[taskid].oDir)

    return jsonize({"success": True})
Beispiel #32
0
def option_get(taskid):
    """
    Get the value of an option (command line switch) for a certain task ID
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    option = request.json.get("option", "")

    if option in tasks[taskid]:
        return jsonize({option: tasks[taskid][option]})
    else:
        return jsonize({option: None})
Beispiel #33
0
def scan_kill(taskid):
    """
    Kill a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    tasks[taskid].engine_kill()

    logger.debug("Killed scan for task ID %s" % taskid)
    return jsonize({"success": True})
Beispiel #34
0
def scan_status(taskid):
    """
    Returns status of a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    status = "terminated" if tasks[taskid].engine_has_terminated() is True else "running"

    logger.debug("Requested status of scan for task ID %s" % taskid)
    return jsonize({"status": status, "returncode": tasks[taskid].engine_get_returncode()})
def scan_output(taskid):
    """
    Read the standard output of sqlmap core execution
    """
    global pipes
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    stdout = recv_some(procs[taskid], t=1, e=0, stderr=0)
    stderr = recv_some(procs[taskid], t=1, e=0, stderr=1)

    return jsonize({"stdout": stdout, "stderr": stderr})
Beispiel #36
0
def task_flush(taskid):
    """
    Flush task spool (destroy all tasks)
    """
    global tasks

    if is_admin(taskid):
        for task in tasks:
            tasks[task].clean_filesystem()

        tasks = dict()
        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #37
0
def scan_output(taskid):
    """
    Read the standard output of sqlmap core execution
    """
    global pipes
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    stdout = recv_some(procs[taskid], t=1, e=0, stderr=0)
    stderr = recv_some(procs[taskid], t=1, e=0, stderr=1)

    return jsonize({"stdout": stdout, "stderr": stderr})
Beispiel #38
0
def task_flush(taskid):
    """
    Flush task spool (delete all tasks)
    """
    global tasks

    if is_admin(taskid):
        for task in tasks:
            tasks[task].clean_filesystem()

        tasks = dict()
        logger.debug("Flushed task pull")
        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #39
0
def task_flush(taskid):
    """
    Flush task spool (delete all tasks)
    """
    global tasks

    if is_admin(taskid):
        for task in tasks:
            tasks[task].clean_filesystem()

        tasks = dict()
        logger.debug("Flushed task pull")
        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #40
0
def option_get(taskid):
    """
    Get the value of an option (command line switch) for a certain task ID
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    option = request.json.get("option", "")

    if option in tasks[taskid]:
        return jsonize({option: tasks[taskid].get_option(option)})
    else:
        return jsonize({option: "not set"})
Beispiel #41
0
def scan_output(taskid):
    """
    Read the standard output of sqlmap core execution
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    sys.stdout.seek(0)
    output = sys.stdout.read()
    sys.stdout.flush()
    sys.stdout.truncate(0)

    return jsonize({"output": output})
Beispiel #42
0
def scan_log(taskid):
    """
    Retrieve the log messages
    """
    log = None

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    pickledLog = os.read(pipes[taskid][0], 100000)

    try:
        log = base64unpickle(pickledLog)
    except (KeyError, IndexError, TypeError), e:
        logger.error("handled exception when trying to unpickle logger dictionary in scan_log(): %s" % str(e))
def task_flush(taskid):
    """
    Flush task spool (destroy all tasks except admin)
    """
    global adminid
    global tasks

    if is_admin(taskid):
        admin_task = tasks[adminid]
        tasks = AttribDict()
        tasks[adminid] = admin_task

        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #44
0
def task_flush(taskid):
    """
    Flush task spool (destroy all tasks except admin)
    """
    global adminid
    global tasks

    if is_admin(taskid):
        admin_task = tasks[adminid]
        tasks = AttribDict()
        tasks[adminid] = admin_task

        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #45
0
def option_get(taskid):
    """
    Get the value of an option (command line switch) for a certain task ID
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    option = request.json.get("option", "")

    if option in tasks[taskid]:
        return jsonize({option: tasks[taskid].get_option(option)})
    else:
        return jsonize({option: "not set"})
Beispiel #46
0
def scan_log(taskid):
    """
    Retrieve the log messages
    """
    global db
    global tasks
    json_log_messages = list()

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Read all log messages from the IPC database
    for time_, level, message in db.execute("SELECT time, level, message FROM logs WHERE taskid = ? ORDER BY id ASC", (taskid,)):
        json_log_messages.append({"time": time_, "level": level, "message": message})

    return jsonize({"log": json_log_messages})
Beispiel #47
0
def scan_status(taskid):
    """
    Returns status of a scan
    """
    global tasks

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    status = "terminated" if tasks[taskid].engine_has_terminated(
    ) is True else "running"

    logger.debug("Requested status of scan for task ID %s" % taskid)
    return jsonize({
        "status": status,
        "returncode": tasks[taskid].engine_get_returncode()
    })
def scan_log(taskid):
    """
    Retrieve the log messages
    """
    log = None

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    pickledLog = os.read(pipes[taskid][0], 100000)

    try:
        log = base64unpickle(pickledLog)
    except (KeyError, IndexError, TypeError), e:
        logger.error(
            "handled exception when trying to unpickle logger dictionary in scan_log(): %s"
            % str(e))
def cleanup(taskid):
    """
    Destroy all sessions except admin ID and all output directories
    """
    global tasks

    if is_admin(taskid):
        for task, options in tasks.items():
            if "oDir" in options and options.oDir is not None:
                shutil.rmtree(options.oDir)

        admin_task = tasks[adminid]
        tasks = AttribDict()
        tasks[adminid] = admin_task

        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #50
0
def cleanup(taskid):
    """
    Destroy all sessions except admin ID and all output directories
    """
    global tasks

    if is_admin(taskid):
        for task, options in tasks.items():
            if "oDir" in options and options.oDir is not None:
                shutil.rmtree(options.oDir)

        admin_task = tasks[adminid]
        tasks = AttribDict()
        tasks[adminid] = admin_task

        return jsonize({"success": True})
    else:
        abort(401)
Beispiel #51
0
def scan_log(taskid):
    """
    Retrieve the log messages
    """
    global db
    global tasks
    json_log_messages = list()

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Read all log messages from the IPC database
    for time_, level, message in db.execute(
            "SELECT time, level, message FROM logs WHERE taskid = ? ORDER BY id ASC",
        (taskid, )):
        json_log_messages.append({
            "time": time_,
            "level": level,
            "message": message
        })

    logger.debug("Retrieved log messages for scan for task ID %s" % taskid)
    return jsonize({"log": json_log_messages})
def scan_log_limited(taskid, start, end):
    """
    Retrieve the log messages
    """
    log = None

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    if not start.isdigit() or not end.isdigit() or end <= start:
        abort(500, "Invalid start or end value, must be digits")

    start = max(0, int(start) - 1)
    end = max(1, int(end))
    pickledLog = os.read(pipes[taskid][0], 100000)

    try:
        log = base64unpickle(pickledLog)
        log = log[slice(start, end)]
    except (KeyError, IndexError, TypeError), e:
        logger.error(
            "handled exception when trying to unpickle logger dictionary in scan_log_limited(): %s"
            % str(e))
def scan_start(taskid):
    """
    Launch a scan
    """
    global tasks
    global procs
    global pipes

    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Initialize sqlmap engine's options with user's provided options
    # within the JSON request
    for key, value in request.json.items():
        tasks[taskid][key] = value

    # Overwrite output directory (oDir) value to a temporary directory
    tasks[taskid].oDir = tempfile.mkdtemp(prefix="sqlmap-")

    # Launch sqlmap engine in a separate thread
    logger.debug("starting a scan for task ID %s" % taskid)

    pipes[taskid] = os.pipe()

    # Provide sqlmap engine with the writable pipe for logging
    tasks[taskid]["fdLog"] = pipes[taskid][1]

    # Launch sqlmap engine
    procs[taskid] = execute("python sqlmap.py --pickled-options %s" %
                            base64pickle(tasks[taskid]),
                            shell=True,
                            stdin=PIPE,
                            stdout=PIPE,
                            stderr=PIPE,
                            close_fds=False)

    return jsonize({"success": True})
def download(taskid, target, filename):
    """
    Download a certain file from the file system
    """
    if taskid not in tasks:
        abort(500, "Invalid task ID")

    # Prevent file path traversal - the lame way
    if target.startswith("."):
        abort(500)

    path = os.path.join(paths.SQLMAP_OUTPUT_PATH, target)
    if os.path.exists(path):
        return static_file(filename, root=path)
    else:
        abort(500)