Ejemplo n.º 1
0
 def __init__(self):
     mysql = MySQLHander()
     sql = "select writelist,blacklist,rootdomain,blackdomain from settings where id=1"
     mysql.query(sql)
     resource = mysql.fetchOneRow()
     self.writelist,self.blacklist,self.rootdomain,self.blackdomain = list(resource)
     mysql.close()
Ejemplo n.º 2
0
 def GetStatusInfo(taskid):
     '''
     :param taskid:
     :return: status,success
     '''
     mysql = MySQLHander()
     sql = "select target,status,success from task where taskid=\"{0}\" ".format(taskid)
     mysql.query(sql)
     data = mysql.fetchOneRow()
     result = {"target":data[0], "status":data[1], "success":data[2]}
     mysql.close()
     return result
Ejemplo n.º 3
0
class SqlMapAction(object):
    def __init__(self):
        xml = XMLDOM()
        self.db = MySQLHander()
        self.address = xml.GetElementByName('sqlmap').strip()

    def _get_server(self):
        sql = "select server from settings where id = 1"
        self.db.query(sql)
        server = self.db.fetchOneRow()[0]
        if server == None:
            return False
        return server

    def NewTaskId(self, **kwargs):
        url = "{0}/task/new".format(self.address)
        response = json.loads(requests.get(url).text)
        if response['success']:
            db = MySQLHander()
            taskid = response['taskid']
            sql = "insert into task(`target`, `taskid`, `server`) VALUES (\"{0}\", \"{1}\", \"{2}\")"\
            .format(kwargs['target'], taskid, self.address)
            if db.insert(sql) == 0L:
                print "Apply New TaskId Success!"
            else:
                print "Apply New Task Fail"
            del db
            return taskid
        else:
            return False

    def Set_Options(self, **kwargs):
        server = self._get_server()
        if server == False:
            return False
        url = "{0}/option/{1}/set".format(server, kwargs['taskid'])
        if "options" in kwargs:
            data = json.dumps(kwargs['options'])
        else:
            data = json.dumps({})
        response = json.loads(requests.post(url, data=data, headers=HEADER).text)
        if response['success']:
            message = "{0} Set Options successfully".format(time.strftime("[*%H:%M:%S]"))
            print(message)
            return True
        else:
            return False

    def update_settings(self, kwargs):
        mysql = MySQLHander()
        sql = "update settings set server=\"{0}\", writelist=\"{1}\", blacklist=\"{2}\", proxyaddr=\"{3}\"," \
              "rootdomain=\"{4}\", blackdomain = \"{5}\" where id=1 ".format(kwargs.form['sqlmapaddr'], \
              kwargs.form['writelist'],kwargs.form['blacklist'],\
              kwargs.form['proxyaddr'], getrootdomain(kwargs.form['target']), getrootdomain(kwargs.url))
        mysql.update(sql)
        mysql.close()

    def start_scan(self, taskid, target):
        server = self._get_server()
        url = "{0}/scan/{1}/start".format(server, taskid)
        data = json.dumps({"url":target})
        response = json.loads(requests.post(url,data=data, headers=HEADER).text)
        if response['success'] == True:
            print "[!] start task {0} sucess".format(taskid)
            t = multiprocessing.Process(target=Thread_Handle,args=(taskid,target,))
            taskid_thread_Dict.append(taskid)
            t.start()
            return True
        else:
            return False

    def StopTask(self, tasklist):
        if isinstance(tasklist, list) == False:
            return False
        return True
        flag = True
        for taskid in tasklist:
            server = self._get_server()
            url = "{0}/scan/{1}/stop".format(server, taskid)
            response = json.loads(requests.get(url,None).text)
            print "-----------\n",response
            if requests['success'] == True:
                print "[!] stop task {0} ok!".format(taskid)
            else:
                flag = False
                print "[!] stop task {0} failed!".format(taskid)
        return flag      

    def Start_Spider(self, taskid, target):
        t = threading.Thread(target=Spider_Handle,args=(taskid,target,))
        t.start()

    def DeleteAllTask(self):
        mysql = MySQLHander()
        sql = "select target,data from task where success=1"
        mysql.query(sql)
        slist = mysql.fetchAllRows()
        for line in slist:
            sql = "insert into successlist(`target` ,`data`) values (\"{0}\")".format(line[0], line[1])
            mysql.insert(sql)
        sql = "delete from task"
        mysql.update(sql)
        mysql.close()
        print "[!] task schedule has been clear!"