Ejemplo n.º 1
0
    def list(loadpath=None):
        all_modules_config = Xcache.list_moduleconfigs()
        if all_modules_config is None:
            PostModuleConfig.load_all_modules_config()
            all_modules_config = Xcache.list_moduleconfigs()

        # 删除内部模块
        for one in all_modules_config[:]:
            if one.get('MODULETYPE') == TAG2CH.internal:
                all_modules_config.remove(one)

        if loadpath is None:
            for one in all_modules_config:
                one['OPTIONS'] = []
            context = data_return(200, CODE_MSG.get(200), all_modules_config)
            return context
        else:
            for one_module_config in all_modules_config:
                if one_module_config.get('loadpath') == loadpath:
                    # 动态处理handler和凭证选项
                    new_module_config = PostModuleConfig._deal_dynamic_option(
                        one_module_config=one_module_config)
                    context = data_return(200, CODE_MSG.get(200),
                                          new_module_config)
                    return context
            # 没有找到模块
            context = data_return(200, CODE_MSG.get(200), {})
            return context
Ejemplo n.º 2
0
 def create(self, request, **kwargs):
     moduletype = request.data.get('moduletype', None)
     if moduletype is None:  # 默认模块
         try:
             sessionid = int(request.data.get('sessionid', None))
             ipaddress = request.data.get('ipaddress', None)
             loadpath = str(request.data.get('loadpath', None))
             custom_param = str(request.data.get('custom_param', None))
             context = PostModuleActuator.create_post(
                 loadpath=loadpath,
                 sessionid=sessionid,
                 ipaddress=ipaddress,
                 custom_param=custom_param)
         except Exception as E:
             logger.error(E)
             context = data_return(500, CODE_MSG.get(500), {})
         return Response(context)
     elif moduletype == "Bot":
         try:
             ipportlist = request.data.get('ipportlist', None)
             loadpath = str(request.data.get('loadpath', None))
             custom_param = str(request.data.get('custom_param', None))
             context = PostModuleActuator.create_bot(
                 ipportlist=ipportlist,
                 loadpath=loadpath,
                 custom_param=custom_param)
         except Exception as E:
             logger.error(E)
             context = data_return(500, CODE_MSG.get(500), {})
         return Response(context)
     else:
         context = data_return(500, CODE_MSG.get(500), {})
         return Response(context)
Ejemplo n.º 3
0
    def create(socks_type=None, port=None):
        if socks_type == "msf_socks4a":
            opts = {'SRVHOST': '0.0.0.0', 'SRVPORT': port}
            flag, lportsstr = is_empty_ports(port)
            if flag is not True:
                # 端口已占用
                context = data_return(408, CODE_MSG.get(408), {})
                return context

            result = MSFModule.run(module_type="auxiliary",
                                   mname="server/socks4a_api",
                                   opts=opts,
                                   runasjob=True)
            if isinstance(result,
                          dict) is not True or result.get('job_id') is None:
                opts['job_id'] = None
                context = data_return(303, Socks_MSG.get(303), opts)
            else:
                job_id = int(result.get('job_id'))
                if Job.is_msf_job_alive(job_id):
                    opts['job_id'] = int(result.get('job_id'))
                    Notice.send_success("新建msf_socks4a代理成功,Port: {}".format(
                        opts.get('SRVPORT'), opts.get('job_id')))
                    context = data_return(201, Socks_MSG.get(201), opts)
                else:
                    context = data_return(306, Socks_MSG.get(306), opts)
            return context
        elif socks_type == "msf_socks5":
            opts = {'SRVHOST': '0.0.0.0', 'SRVPORT': port}
            flag, lportsstr = is_empty_ports(port)
            if flag is not True:
                # 端口已占用
                context = data_return(408, CODE_MSG.get(408), {})
                return context

            result = MSFModule.run(module_type="auxiliary",
                                   mname="server/socks5_api",
                                   opts=opts,
                                   runasjob=True)
            if isinstance(result,
                          dict) is not True or result.get('job_id') is None:
                opts['job_id'] = None
                context = data_return(303, Socks_MSG.get(303), opts)
            else:
                job_id = int(result.get('job_id'))
                if Job.is_msf_job_alive(job_id):
                    opts['job_id'] = int(result.get('job_id'))
                    Notice.send_success("新建msf_socks5代理成功,Port: {}".format(
                        opts.get('SRVPORT'), opts.get('job_id')))
                    context = data_return(201, Socks_MSG.get(201), opts)
                else:
                    context = data_return(306, Socks_MSG.get(306), opts)
            return context
Ejemplo n.º 4
0
    def list(engine, querystr, page=1, size=100):
        if engine == "FOFA":
            client = FOFAClient()
            flag = client.init_conf_from_cache()
            if flag is not True:
                context = data_return(301, NetworkSearch_MSG.get(301), {})
                return context

        else:
            context = data_return(304, NetworkSearch_MSG.get(304), {})
            return context

        try:
            flag, data = client.get_data(query_str=querystr,
                                         page=page,
                                         size=size)
            if flag is not True:
                context = data_return(303, NetworkSearch_MSG.get(303),
                                      {"errmsg": data})
            else:
                context = data_return(200, CODE_MSG.get(200), data)
            return context

        except Exception as E:
            logger.exception(E)
            context = data_return(303, NetworkSearch_MSG.get(303),
                                  {"errmsg": NetworkSearch_MSG.get(303)})
            return context
Ejemplo n.º 5
0
    def destory(subnet=None, netmask=None, sessionid=None):
        opts = {
            'CMD': 'delete',
            'SUBNET': subnet,
            'NETMASK': netmask,
            'SESSION': sessionid
        }
        result = MSFModule.run(module_type="post",
                               mname="multi/manage/routeapi",
                               opts=opts)
        if result is None:
            context = data_return(505, CODE_MSG.get(505), [])
            return context
        try:
            result_dict = json.loads(result)
        except Exception as E:
            logger.warning(E)
            context = data_return(306, Route_MSG.get(306), {})
            return context

        if result_dict.get('status') is True:
            Notice.send_info(f"删除路由,SID:{sessionid} {subnet}/{netmask}")
            context = data_return(204, Route_MSG.get(204), {})
            return context
        else:
            context = data_return(304, Route_MSG.get(304), {})
            return context
Ejemplo n.º 6
0
    def list():
        hosts = Host.list_hosts()
        for host in hosts:
            hid = host.get('id')
            host['portService'] = PortService.list_by_hid(hid)

        context = data_return(200, CODE_MSG.get(200), hosts)
        return context
Ejemplo n.º 7
0
    def list(sessionid=None):
        result_list = PortFwd.list_portfwd()
        if sessionid is None or sessionid == -1:

            context = data_return(200, CODE_MSG.get(200), result_list)
            return context
        else:
            tmplist = []
            try:
                for one in result_list:
                    if one.get('sessionid') == sessionid:
                        tmplist.append(one)
            except Exception as E:
                logger.warning(E)

            context = data_return(200, CODE_MSG.get(200), tmplist)
            return context
Ejemplo n.º 8
0
    def list():
        hosts = Host.list_hosts()
        for host in hosts:
            ipaddress = host.get('ipaddress')
            host['portService'] = PortService.list_by_ipaddress(ipaddress)

        context = data_return(200, CODE_MSG.get(200), hosts)
        return context
Ejemplo n.º 9
0
    def destroy(self, request, *args, **kwargs):
        try:

            context = PostModuleResultHistory.destory()
        except Exception as E:
            logger.error(E)
            context = data_return(500, CODE_MSG.get(500), {})
        return Response(context)
Ejemplo n.º 10
0
 def list(ipaddress=None):
     data = Vulnerability.list_vulnerability(ipaddress=ipaddress)
     try:
         format_data = Vulnerability.format_source_module(data)
     except Exception as E:
         format_data = data
         logger.error(E)
     context = data_return(200, CODE_MSG.get(200), format_data)
     return context
Ejemplo n.º 11
0
 def list(self, request, **kwargs):
     try:
         hid = int(request.query_params.get('hid', None))
         loadpath = str(request.query_params.get('loadpath', None))
         context = PostModuleResult.list(hid=hid, loadpath=loadpath)
     except Exception as E:
         logger.error(E)
         context = data_return(500, CODE_MSG.get(500), {})
     return Response(context)
Ejemplo n.º 12
0
 def list():
     from Msgrpc.Handle.handler import Handler
     data = Xcache.list_lazyloader()
     handlers = Handler.list_handler_config()
     context = data_return(200, CODE_MSG.get(200), {
         "lazyloaders": data,
         "handlers": handlers
     })
     return context
Ejemplo n.º 13
0
    def list(sessionid=None):

        if sessionid is None or sessionid == -1:
            context = data_return(306, TRANSPORT_MSG.get(306), {})
            return context
        else:
            result_list = Transport.list_transport(sessionid)

            context = data_return(200, CODE_MSG.get(200), result_list)
            return context
Ejemplo n.º 14
0
 def list():
     orm_models = CredentialModel.objects.all().order_by('username')
     data = CredentialSerializer(orm_models, many=True).data
     try:
         format_data = Credential.format_tag(data)
     except Exception as E:
         format_data = data
         logger.error(E)
     context = data_return(200, CODE_MSG.get(200), format_data)
     return context
Ejemplo n.º 15
0
    def list(filename=None, action=None):
        if filename is None:  # 列出所有文件
            result = FileMsf.list_msf_files()
            for one in result:
                one['format_size'] = FileSession.get_size_in_nice_string(one.get('size'))

            def sort_files(a, b):
                if a['mtime'] < b['mtime']:
                    return 1
                if a['mtime'] > b['mtime']:
                    return -1
                return 0

            # 根据时间排序
            result_sorted = sorted(result, key=functools.cmp_to_key(sort_files))
            context = data_return(200, CODE_MSG.get(200), result_sorted)
            return context
        else:  # 下载文件
            binary_data = FileMsf.read_msf_file(filename)
            if binary_data is None:
                context = data_return(303, FileMsf_MSG.get(303), {})
                return context

            if action == "view":
                b64data = base64.b64encode(binary_data)
                ext = os.path.splitext(filename)[-1]
                if ext in ['.jpeg', '.png', '.jpg']:
                    context = data_return(200, CODE_MSG.get(200), {"type": "img", "data": b64data})
                    return context
                else:
                    context = data_return(200, CODE_MSG.get(200), {"type": "txt", "data": b64data})
                    return context

            response = HttpResponse(binary_data)
            response['Content-Type'] = 'application/octet-stream'
            response['Code'] = 200
            response['Message'] = parse.quote(FileMsf_MSG.get(203))
            # 中文特殊处理
            urlpart = parse.quote(os.path.splitext(filename)[0], 'utf-8')
            leftpart = os.path.splitext(filename)[-1]
            response['Content-Disposition'] = f"{urlpart}{leftpart}"
            return response
Ejemplo n.º 16
0
 def list(sessionid=None):
     if sessionid is None or sessionid <= 0:
         context = data_return(304, Session_MSG.get(304), {})
         return context
     session_interface = SessionLib(sessionid,
                                    rightinfo=True,
                                    uacinfo=True,
                                    pinfo=True)
     result = SessionLibSerializer(session_interface).data
     context = data_return(200, CODE_MSG.get(200), result)
     return context
Ejemplo n.º 17
0
    def list(ipaddress=None, loadpath=None):
        result = Xcache.get_module_result(ipaddress=ipaddress,
                                          loadpath=loadpath)
        result_dict = {
            "ipaddress": ipaddress,
            "loadpath": loadpath,
            "update_time": result.get("update_time"),
            "result": result.get("result")
        }

        context = data_return(200, CODE_MSG.get(200), result_dict)
        return context
Ejemplo n.º 18
0
    def destroy_adv_job(task_uuid=None, job_id=None, broker=None):
        try:

            if broker == BROKER.post_python_job:
                flag = aps_module.delete_job_by_uuid(task_uuid)
                if flag is not True:
                    context = data_return(304, Job_MSG.get(304), {})
                    return context
                else:
                    context = data_return(204, Job_MSG.get(204), {
                        "uuid": task_uuid,
                        "job_id": job_id
                    })
                    return context
            elif broker == BROKER.post_msf_job:
                req = Xcache.get_module_task_by_uuid(task_uuid=task_uuid)
                common_module_instance = req.get("module")
                Xcache.del_module_task_by_uuid(task_uuid)
                params = [job_id]
                result = RpcClient.call(Method.JobStop, params)
                if result is None:
                    context = data_return(305, Job_MSG.get(305), {})
                    return context
                if result.get('result') == 'success':
                    # 发送通知
                    Notice.send_info("模块: {} {} 手动删除完成".format(
                        common_module_instance.NAME,
                        common_module_instance.target_str))
                    context = data_return(204, Job_MSG.get(204), {
                        "uuid": task_uuid,
                        "job_id": job_id
                    })
                    return context
                else:
                    context = data_return(304, Job_MSG.get(304), {})
                    return context
            elif broker == BROKER.bot_msf_job:
                flag = Xcache.del_bot_wait_by_group_uuid(task_uuid)
                if flag is not True:
                    context = data_return(304, Job_MSG.get(304), {})
                    return context
                else:
                    context = data_return(204, Job_MSG.get(204),
                                          {"uuid": task_uuid})
                    return context
            else:
                context = data_return(304, Job_MSG.get(304), {})
                return context

        except Exception as E:
            logger.error(E)
            context = data_return(500, CODE_MSG.get(500), {})
            return context
Ejemplo n.º 19
0
    def list(hid=None, loadpath=None):
        host = Host.get_by_hid(hid)
        result = Xcache.get_module_result(ipaddress=host.get("ipaddress"),
                                          loadpath=loadpath)
        result_dict = {
            "hid": hid,
            "loadpath": loadpath,
            "update_time": result.get("update_time"),
            "result": result.get("result")
        }

        context = data_return(200, CODE_MSG.get(200), result_dict)
        return context
Ejemplo n.º 20
0
    def list(sessionid=None):
        result = Route.list_route()

        if isinstance(result, list):
            if sessionid is not None or sessionid == -1:
                tmproutes = []
                for route in result:
                    if sessionid == route.get('session'):
                        tmproutes.append(route)

                context = data_return(200, CODE_MSG.get(200),
                                      {"route": tmproutes})
                return context
            else:

                context = data_return(200, CODE_MSG.get(200),
                                      {"route": result})
                return context
        else:
            logger.warning(result)
            context = data_return(306, Route_MSG.get(306), {})
            return context
Ejemplo n.º 21
0
    def list(kind=None):

        if kind == "lhost":
            # 获取pem秘钥文件,用于https监听配置
            files = FileMsf.list_msf_files()
            pem_files = []
            for file in files:
                name = file.get("name")
                if name.lower().endswith(".pem"):
                    pem_files.append(name)

            conf = Xcache.get_lhost_config()
            if conf is None:
                conf = {'lhost': None, "pem_files": pem_files}
            else:
                conf["pem_files"] = pem_files

        elif kind == "telegram":
            conf = Xcache.get_telegram_conf()
            if conf is None:
                conf = {
                    "token": "",
                    "chat_id": [],
                    "proxy": "",
                    "alive": False
                }

        elif kind == "dingding":
            conf = Xcache.get_dingding_conf()
            if conf is None:
                conf = {"access_token": "", "keyword": "", "alive": False}
        elif kind == "serverchan":
            conf = Xcache.get_serverchan_conf()
            if conf is None:
                conf = {"sendkey": "", "alive": False}
        elif kind == "FOFA":
            conf = Xcache.get_fofa_conf()
            if conf is None:
                conf = {"email": "", "key": "", "alive": False}
        elif kind == "sessionmonitor":
            conf = Xcache.get_sessionmonitor_conf()
        else:
            context = data_return(301, Setting_MSG.get(301), {})
            return context

        context = data_return(200, CODE_MSG.get(200), conf)
        return context
Ejemplo n.º 22
0
 def update(ipaddress=None, sessionid=None):
     old_result = Xcache.get_sessionio_cache(ipaddress)
     if sessionid is None or sessionid == -1:
         context = data_return(202, SessionIO_MSG.get(202), old_result)
         return context
     try:
         params = [sessionid]
         result = RpcClient.call(Method.SessionMeterpreterRead, params)
         if result is None or (isinstance(result, dict) is not True):
             context = data_return(303, SessionIO_MSG.get(303), old_result)
             return context
         new_bufer = result.get('data')
         result = Xcache.add_sessionio_cache(ipaddress, new_bufer)
         context = data_return(200, CODE_MSG.get(200), result)  # code特殊处理
     except Exception as E:
         logger.error(E)
         context = data_return(306, SessionIO_MSG.get(405), old_result)
     return context
Ejemplo n.º 23
0
    def create(subnet=None, netmask=None, sessionid=None, autoroute=None):
        if autoroute is True:
            # 调用autoroute
            opts = {'CMD': 'autoadd', 'SESSION': sessionid}
        else:
            opts = {
                'CMD': 'add',
                'SUBNET': subnet,
                'NETMASK': netmask,
                'SESSION': sessionid
            }
        result = MSFModule.run(module_type="post",
                               mname="multi/manage/routeapi",
                               opts=opts)
        if result is None:
            context = data_return(505, CODE_MSG.get(505), [])
            return context
        try:
            result_dict = json.loads(result)
        except Exception as E:
            logger.warning(E)
            context = data_return(306, Route_MSG.get(306), [])
            return context
        if result_dict.get('status') is True:
            if isinstance(result_dict.get('data'), list):
                if autoroute:
                    Notice.send_success(f"新增路由,SID:{sessionid} 自动模式")
                else:
                    Notice.send_success(
                        f"新增路由,SID:{sessionid} {subnet}/{netmask}")

                context = data_return(201, Route_MSG.get(201),
                                      result_dict.get('data'))
            else:
                context = data_return(305, Route_MSG.get(305), [])
            return context
        else:
            context = data_return(305, Route_MSG.get(305), [])
            return context
Ejemplo n.º 24
0
    def list():
        route_list = Route.list_route()
        socks_list = Socks.list_msf_socks()
        portfwds = PortFwd.list_portfwd()
        # 检查host对应的路由信息
        ipaddresses = []

        hosts = Host.list_hosts()
        for onehost in hosts:
            ipaddresses.append(onehost.get("ipaddress"))
        route_session_list = Route.get_match_route_for_ipaddress_list(
            ipaddresses)
        if route_session_list is None:
            for host in hosts:
                host['route'] = {'type': 'DIRECT', 'data': None}
        else:
            try:
                for host, route_session in zip(hosts, route_session_list):
                    sessionid = route_session.get('session')
                    if sessionid is None:
                        # TODO 处理socks代理类型
                        host['route'] = {'type': 'DIRECT', 'data': None}
                    else:
                        host['route'] = {'type': 'ROUTE', 'data': sessionid}
            except Exception as E:
                logger.error(E)

        result = {
            'socks': socks_list,
            'routes': route_list,
            'portfwds': portfwds,
            'hostsRoute': hosts
        }

        context = data_return(200, CODE_MSG.get(200), result)
        return context
Ejemplo n.º 25
0
 def list():
     handlers = Handler.list_handler()
     context = data_return(200, CODE_MSG.get(200), handlers)
     return context
Ejemplo n.º 26
0
 def list(ipaddress=None):
     result = PortService.list_by_ipaddress(ipaddress)
     context = data_return(200, CODE_MSG.get(200), result)
     return context
Ejemplo n.º 27
0
 def set_cache(cache_data):
     Xcache.set_network_topology_cache(cache_data)
     context = data_return(201, CODE_MSG.get(201), {})
     return context
Ejemplo n.º 28
0
 def load_cache():
     cache_data = Xcache.get_network_topology_cache()
     if cache_data is None:
         cache_data = {}
     context = data_return(200, CODE_MSG.get(200), cache_data)
     return context
Ejemplo n.º 29
0
 def list(hid=None):
     result = PortService.list_by_hid(hid)
     context = data_return(200, CODE_MSG.get(200), result)
     return context
Ejemplo n.º 30
0
    def list(sessionid=None,
             filepath=None,
             dirpath=None,
             operation=None,
             arg=""):

        if operation == "list" and sessionid is not None and dirpath is not None:  # 列目录
            formatdir = FileSession.deal_path(dirpath)
            opts = {
                'OPERATION': 'list',
                'SESSION': sessionid,
                'SESSION_DIR': formatdir
            }
            result = MSFModule.run('post',
                                   'multi/manage/file_system_operation_api',
                                   opts,
                                   runasjob=False,
                                   timeout=12)
            if result is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            try:
                result = json.loads(result)
            except Exception as E:
                logger.warning(E)
                context = data_return(302, FileSession_MSG.get(302), {})
                return context

            if result.get('status') is not True:
                context = data_return(303, FileSession_MSG.get(303), {})
                return context
            else:
                data = result.get('data')
                entries = data.get('entries')
                path = data.get('path')
                for one in entries:
                    if len(one.get('mode').split('/')) > 1:
                        one['format_mode'] = one.get('mode').split('/')[1]
                    else:
                        one['format_mode'] = ''

                    if one.get('total_space') is not None and one.get(
                            'free_space') is not None:
                        use_space = one.get('total_space') - one.get(
                            'free_space')
                        one['format_size'] = FileSession.get_size_in_nice_string(
                            use_space)
                        one['format_mode'] = '{}|{}'.format(
                            FileSession.get_size_in_nice_string(
                                one.get('free_space')),
                            FileSession.get_size_in_nice_string(
                                one.get('total_space')))
                    else:
                        one['format_size'] = FileSession.get_size_in_nice_string(
                            one.get('size'))

                    if one.get('size') is None or one.get(
                            'size') >= 1024 * 100:
                        one['cat_able'] = False
                    else:
                        one['cat_able'] = True

                    if one.get('type') in [
                            'directory', 'file', 'fixed', "remote"
                    ]:
                        one['absolute_path'] = os.path.join(
                            path,
                            one.get('name')).replace('\\\\',
                                                     '/').replace('\\', '/')
                    elif one.get('type') in ['fix', 'cdrom']:
                        one['absolute_path'] = "{}".format(one.get('name'))
                    else:
                        one['absolute_path'] = "{}".format(path)

                context = data_return(200, CODE_MSG.get(200), data)
                return context
        elif operation == 'pwd' and sessionid is not None:  # 列当前目录
            opts = {'OPERATION': 'pwd', 'SESSION': sessionid}
            result = MSFModule.run('post',
                                   'multi/manage/file_system_operation_api',
                                   opts,
                                   runasjob=False,
                                   timeout=12)
            if result is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            try:
                result = json.loads(result)
            except Exception as E:
                logger.warning(E)
                context = data_return(302, FileSession_MSG.get(302), {})
                return context

            if result.get('status') is not True:
                context = data_return(303, FileSession_MSG.get(303), {})
                return context
            else:
                data = result.get('data')
                entries = data.get('entries')
                path = data.get('path')
                for one in entries:
                    one['format_size'] = FileSession.get_size_in_nice_string(
                        one.get('size'))
                    if one.get('size') >= 1024 * 100:
                        one['cat_able'] = False
                    else:
                        one['cat_able'] = True
                    if one.get('type') in ['directory', 'file']:
                        one['absolute_path'] = os.path.join(
                            path,
                            one.get('name')).replace('\\\\',
                                                     '/').replace('\\', '/')
                    elif one.get('type') in ['fix', 'cdrom']:
                        one['absolute_path'] = "{}".format(one.get('name'))
                    else:
                        one['absolute_path'] = "{}".format(path)
                    if len(one.get('mode').split('/')) > 1:
                        one['format_mode'] = one.get('mode').split('/')[1]
                    else:
                        one['format_mode'] = ''
                context = data_return(200, CODE_MSG.get(200), data)
                return context
        elif operation == 'download' and sessionid is not None and filepath is not None:  # 下载文件
            opts = {
                'OPERATION': 'download',
                'SESSION': sessionid,
                'SESSION_FILE': filepath
            }
            result = MSFModule.run('post',
                                   'multi/manage/file_system_operation_api',
                                   opts,
                                   runasjob=True)  # 后台运行
            if result is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            else:
                context = data_return(200, CODE_MSG.get(200), result)
                return context
        elif operation == "run":  # 执行文件
            opts = {
                'OPERATION': 'execute',
                'SESSION': sessionid,
                'SESSION_FILE': filepath,
                'ARGS': arg
            }
            result = MSFModule.run('post',
                                   'multi/manage/file_system_operation_api',
                                   opts,
                                   runasjob=True)  # 后台运行
            if result is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            else:
                context = data_return(202, FileSession_MSG.get(202), result)
                return context
        elif operation == "cat":  # 查看文件
            opts = {
                'OPERATION': 'cat',
                'SESSION': sessionid,
                'SESSION_FILE': filepath
            }
            moduleresult = MSFModule.run(
                'post',
                'multi/manage/file_system_operation_api',
                opts,
                runasjob=False,
                timeout=12)  # 后台运行
            if moduleresult is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            else:
                try:
                    moduleresult = json.loads(moduleresult)
                except Exception as E:
                    logger.warning(E)
                    context = data_return(302, FileSession_MSG.get(302), {})
                    return context

                if moduleresult.get("status"):
                    filedata = base64.b64decode(
                        moduleresult.get("data")).decode("utf-8", 'ignore')
                    result = {"data": filedata, "reason": filepath}
                    context = data_return(200, CODE_MSG.get(200), result)
                    return context
                else:
                    result = {
                        "data": None,
                        "reason": moduleresult.get("message")
                    }
                    context = data_return(303, FileSession_MSG.get(303),
                                          result)
                    return context

        elif operation == "cd":  # 查看文件
            formatdir = FileSession.deal_path(dirpath)
            opts = {
                'OPERATION': 'cd',
                'SESSION': sessionid,
                'SESSION_DIR': formatdir
            }
            moduleresult = MSFModule.run(
                'post',
                'multi/manage/file_system_operation_api',
                opts,
                runasjob=False,
                timeout=12)  # 后台运行
            if moduleresult is None:
                context = data_return(301, FileSession_MSG.get(301), {})
                return context
            else:
                try:
                    moduleresult = json.loads(moduleresult)
                except Exception as E:
                    logger.warning(E)
                    context = data_return(302, FileSession_MSG.get(302), {})
                    return context

                if moduleresult.get("status"):
                    result = {}
                    context = data_return(203, FileSession_MSG.get(203),
                                          result)
                    return context
                else:
                    result = {
                        "data": None,
                        "reason": moduleresult.get("message")
                    }
                    context = data_return(303, FileSession_MSG.get(303),
                                          result)
                    return context
        else:
            context = data_return(306, FileSession_MSG.get(306), {})
            return context