Ejemplo n.º 1
0
    def port_scan(self):
        scan_port_map = {
            "test": ScanPortType.TEST,
            "top100": ScanPortType.TOP100,
            "top1000": ScanPortType.TOP1000,
            "all": ScanPortType.ALL
        }
        option_scan_port_type = self.options.get("port_scan_type", "test")
        scan_port_option = {
            "ports": scan_port_map.get(option_scan_port_type,
                                       ScanPortType.TEST),
            "service_detect": self.options.get("service_detection", False),
            "os_detect": self.options.get("os_detection", False)
        }
        targets = self.ip_target.split()
        ip_port_result = services.port_scan(targets, **scan_port_option)
        self.ip_info_list.extend(ip_port_result)

        for ip_info in ip_port_result:
            self.ip_set.add(ip_info["ip"])
            if not utils.not_in_black_ips(ip_info["ip"]):
                continue

            ip_info["task_id"] = self.task_id
            ip_info["ip_type"] = utils.get_ip_type(ip_info["ip"])
            ip_info["geo_asn"] = {}
            ip_info["geo_city"] = {}

            if ip_info["ip_type"] == "PUBLIC":
                ip_info["geo_asn"] = utils.get_ip_asn(ip_info["ip"])
                ip_info["geo_city"] = utils.get_ip_city(ip_info["ip"])

            utils.conn_db('ip').insert_one(ip_info)
Ejemplo n.º 2
0
    def port_scan(self):
        scan_port_map = {
            "test": ScanPortType.TEST,
            "top100": ScanPortType.TOP100,
            "top1000": ScanPortType.TOP1000,
            "all": ScanPortType.ALL
        }
        option_scan_port_type = self.options.get("port_scan_type", "test")
        scan_port_option = {
            "ports": scan_port_map.get(option_scan_port_type,
                                       ScanPortType.TEST),
            "service_detect": self.options.get("service_detection", False),
            "os_detect": self.options.get("os_detection", False)
        }
        targets = self.ip_target.split()
        ip_port_result = services.port_scan(targets, **scan_port_option)
        self.ip_info_list.extend(ip_port_result)

        if self.task_tag == 'monitor':
            self.set_asset_ip()

        for ip_info in ip_port_result:
            curr_ip = ip_info["ip"]
            self.ip_set.add(curr_ip)
            if not utils.not_in_black_ips(curr_ip):
                continue

            ip_info["task_id"] = self.task_id
            ip_info["ip_type"] = utils.get_ip_type(curr_ip)
            ip_info["geo_asn"] = {}
            ip_info["geo_city"] = {}

            if ip_info["ip_type"] == "PUBLIC":
                ip_info["geo_asn"] = utils.get_ip_asn(curr_ip)
                ip_info["geo_city"] = utils.get_ip_city(curr_ip)

            # 仅仅资产发现任务将IP全部存储起来
            if self.task_tag == 'task':
                utils.conn_db('ip').insert_one(ip_info)

        # 监控任务同步IP信息
        if self.task_tag == 'monitor':
            self.async_ip_info()
Ejemplo n.º 3
0
    def _get_ip_domain_list(self, target_lists):
        ip_list = set()
        domain_list = set()
        for item in target_lists:
            if not item:
                continue

            if utils.is_vaild_ip_target(item):
                if not utils.not_in_black_ips(item):
                    raise Exception("{} 在黑名单IP中".format(item))
                ip_list.add(item)

            elif utils.is_valid_domain(item):
                domain_list.add(item)

            else:
                raise Exception("{} 无效的目标".format(item))

        return ip_list, domain_list
Ejemplo n.º 4
0
    def post(self):
        """
        任务提交
        """
        args = self.parse_args(add_task_fields)

        name = args.pop('name')
        target = args.pop('target')
        target = target.strip().lower()

        task_data = {
            "name": name,
            "target": target,
            "start_time": "-",
            "end_time": "-",
            "task_tag": "task",  #标记为正常下发的任务
            "service": [],
            "status": "waiting",
            "options": args,
            "type": "domain"
        }

        logger.info(task_data)

        target_lists = re.split(r",|\s", target)
        # 清除空白符
        target_lists = list(filter(None, target_lists))
        ip_target_list = []
        ret_items = []

        for item in target_lists:
            if not utils.is_valid_domain(
                    item) and not utils.is_vaild_ip_target(item):
                return utils.build_ret(ErrorMsg.TargetInvalid,
                                       data={"target": item})

            if utils.is_vaild_ip_target(item):
                if not utils.not_in_black_ips(item):
                    return utils.build_ret(ErrorMsg.IPInBlackIps,
                                           data={"ip": item})

        for item in target_lists:
            if utils.is_valid_domain(item):
                ret_item = {"target": item, "type": "domain"}
                domain_task_data = task_data.copy()
                domain_task_data["target"] = item
                _task_data = submit_task(domain_task_data)
                ret_item["task_id"] = _task_data.get("task_id", "")
                ret_item["celery_id"] = _task_data.get("celery_id", "")
                ret_items.append(ret_item)

            elif utils.is_vaild_ip_target(item):
                if utils.not_in_black_ips(item):
                    ip_target_list.append(item)
                else:
                    ret_item = {
                        "target": item,
                        "type": "in black ip list",
                        "task_id": "",
                        "celery_id": ""
                    }
                    ret_items.append(ret_item)

            else:
                ret_item = {
                    "target": item,
                    "type": "unknown",
                    "task_id": "",
                    "celery_id": ""
                }
                ret_items.append(ret_item)

        if ip_target_list:
            ip_task_data = task_data.copy()
            ip_task_data["target"] = " ".join(ip_target_list)
            ip_task_data["type"] = "ip"

            ret_item = {
                "target": ip_task_data["target"],
                "type": ip_task_data["type"]
            }

            _task_data = submit_task(ip_task_data)

            ret_item["task_id"] = _task_data.get("task_id", "")
            ret_item["celery_id"] = _task_data.get("celery_id", "")
            ret_items.append(ret_item)

        ret_data = {
            "items": ret_items,
            "options": args,
            "message": "success",
            "code": 200
        }

        return ret_data