if host_records:
def host_to_ip(host_rec):
if isinstance(host_rec, (int, str)):
host_rec = get_host_record(host_rec)
if not host_rec:
return None
return host_rec.get('f_ipv4') or host_rec.get('f_ipv6')
target_ips = '\n'.join([host_to_ip(x) for x in host_records.split('|')])
else:
target_ips = ''
module_list = []
alert = False
msf = MetasploitAPI(host=auth.user.f_msf_pro_url, apikey=auth.user.f_msf_pro_key)
try:
module_list = msf.module_list(modtype='exploits').get('modules')
except MSFAPIError, error:
return dict(alert=True, error=str(error), form=None)
form = SQLFORM.factory(
Field('targets', 'text', default=target_ips, label=T('Targets'), requires=IS_NOT_EMPTY(),
comment=T('Targets to scan can be IP Addresses, ranged lists or subnets. One per line.')
),
Field('blacklist_hosts', 'text', label=T('Blacklisted Targets'),
comment=T('Targets to blacklist can be IP Addresses, ranged lists or subnets. One per line.')
),
Field('ports', 'string', default='1-65535', label=T('Ports'), requires=IS_NOT_EMPTY(),
comment=T('List of ports to match exploits to. Example: 21-23,80,443,8000-8999')
),
Field('blacklist_ports', 'string', label=T('Blacklisted Ports'),
comment=T('List of ports to not exploit. Example: 21-23,80,443,8000-8999')
