Python crearContextBase Examples, Core.views.crearContextBase Python Examples

Example #1

0

Show file

def sqlmap_task(request, id):
    context = crearContextBase(request)
    task = sqlmap_requests.objects.get(id=id)
    aux = task
    results = sqlmap_results.objects.get(id=task.id)
    context.update({'task': aux, 'results': results})
    return render(request, 'sqlmap_task.html', context)

Example #2

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def openvas_download(request, id):
    scanner = VulnscanManager("localhost", openvas_username, openvas_password)
    task = openvas_requests.objects.get(id=id)
    if task.state == "Finished":
        result = openvas_results.objects.get(id=task.id)
        print(result.report)
        # Retornant pdf
        report = scanner.get_report_pdf(str(result.report))
        nomArxiu = "Report_" + task.name.replace(
            " ", "-") + "_" + datetime.strftime(result.finish_date,
                                                "%Y%m%d%H%M") + ".pdf"
        #print("Report:" + report)
        reportXML = ElementTree.tostring(report.find("report"),
                                         encoding='utf-8',
                                         method='xml')
        print("ReportXML:" + str(reportXML).split(">")[-2].split("<")[0])
        #fullReport = ElementTree.fromstring(reportXML)
        #response = HttpResponse(base64.b64decode(fullReport.find("in_use").tail), content_type='application/pdf')
        response = HttpResponse(base64.b64decode(
            str(reportXML).split(">")[-2].split("<")[0]),
                                content_type='application/pdf')
        response['Content-Disposition'] = 'attachment; filename=' + nomArxiu
        return response
    else:
        context = crearContextBase(request)
        context.update({'openvas_tasks': "active"})
        results = "fail"
        context.update({'task': task, 'results': results})
        return render(request, 'openvas_task.html', context)

Example #3

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def openvas_task(request, id):
    context = crearContextBase(request)
    context.update({'openvas_tasks': "active"})
    task = openvas_requests.objects.get(id=id)
    results = openvas_results.objects.get(id=task.id)
    context.update({'task': task, 'results': results})
    return render(request, 'openvas_task.html', context)

Example #4

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def w3af_new(request):
    context = crearContextBase(request)
    u = request.user
    userid = u.id
    if request.method == 'POST':
        form = forms.w3afForm(request.POST, user=u)
        if form.is_valid():
            n = form.cleaned_data['name']
            # target
            t = form.cleaned_data['target']
            to = form.cleaned_data['target_os']
            tf = form.cleaned_data['target_framework']
            # auth
            lu = form.cleaned_data['login_url']
            lun = form.cleaned_data['login_username']
            lp = form.cleaned_data['login_password']
            luf = form.cleaned_data['login_userfield']
            lpf = form.cleaned_data['login_passwordfield']
            lm = form.cleaned_data['login_method']
            # basic auth
            hd = form.cleaned_data['http_domain']
            hu = form.cleaned_data['http_user']
            hp = form.cleaned_data['http_password']
            # parameters
            p = form.cleaned_data['profile']
            m = form.cleaned_data['mail']
            mf = form.cleaned_data['mail_field']
            if 'save' in request.POST:
                e = "Saved"
            elif 'cue' in request.POST:
                e = "On Hold"

            if p == "Fast Scan":
                pb = "fast_scan"
            elif p == "Full Audit":
                pb = "full_audit"
            elif p == "OWASP Top 10":
                pb = "OWASP_TOP10"

            if m:
                p = models.w3af_requests.objects.create(name=n, target=t, target_os = to, target_framework = tf, login_url = lu, login_username = lun, login_password = lp,
                                                        login_userfield = luf, login_passwordfield = lpf, login_method = lm, user=request.user, state=e, profile=pb,
                                                          mail=mf, http_user= hu, http_password=hp, http_domain=hd)  # crear la request
            else:
                p = models.w3af_requests.objects.create(name=n, target=t, target_os = to, target_framework = tf, login_url = lu, login_username = lun, login_password = lp,
                                                        login_userfield = luf, login_passwordfield = lpf, login_method = lm, user=request.user, profile=pb,
                                                          state=e, http_user= hu, http_password=hp, http_domain=hd)  # crear la request
            r = models.w3af_results.objects.create(id=p.id)
            return HttpResponseRedirect('/w3af/tasks/')
        else:
            print(form.errors)
    else:
        form = forms.w3afForm(user=u)
    context.update({"initial": 0})
    context.update({"form": form})
    return render(request, 'w3af_new.html', context)

Example #5

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def openvas_new(request):
    context = crearContextBase(request)
    context.update({'openvas_new': "active"})
    u = request.user
    if request.method == 'POST':
        form = forms.OpenVASForm(request.POST, user=u)
        if form.is_valid():
            ips = form.cleaned_data['ips']
            urls = form.cleaned_data['urls']
            m = form.cleaned_data['mail']
            mf = form.cleaned_data['mail_field']
            c = form.cleaned_data['config']
            if 'save' in request.POST:
                e = "Saved"
            elif 'cue' in request.POST:
                e = "On Hold"

            # Treiem els espais entre hostnames
            urls = urls.replace(" ", "")
            ips = ips.replace(" ", "")

            if ips != "" and urls != "":
                t = ips + "," + urls
            elif ips != "":
                t = ips
            else:
                t = urls

            n = form.cleaned_data['name']
            if m:
                p = models.openvas_requests.objects.create(
                    name=n,
                    target=t,
                    user=request.user,
                    state=e,
                    percentage=0,
                    mail=mf,
                    config=c)  # crear la request
            else:
                p = models.openvas_requests.objects.create(
                    name=n,
                    target=t,
                    user=request.user,
                    state=e,
                    percentage=0,
                    config=c)  # crear la request
            r = models.openvas_results.objects.create(id=p.id)
            return HttpResponseRedirect('/OpenVAS/tasks/')
        else:
            print(form.errors)
    else:
        form = forms.OpenVASForm(user=u)
    context.update({"form": form})
    return render(request, 'openvas_new.html', context)

Example #6

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def w3af_download(request, id):
    task = w3af_requests.objects.get(id=id)
    if task.state == "Finished":
        result = w3af_results.objects.get(id=task.id)
        #print(result.report)
        # Retornant fitxer
        nomArxiu = "Report_" + task.name.replace(" ","-") + "_" + datetime.strftime(result.finish_date, "%Y%m%d%H%M") + ".html"
        response = HttpResponse(result.report, content_type='text/html')
        response['Content-Disposition'] = 'attachment; filename=' + nomArxiu
        return response
    else:
        context = crearContextBase(request)
        results = "fail"
        context.update({'task': task, 'results': results})
        return render(request, 'w3af_task.html', context)

Example #7

0

Show file

def sqlmap_howto(request):
    context = crearContextBase(request)
    context.update({'sqlmap_howto': "active"})
    return render(request, 'sqlmap_howto.html', context)

Example #8

0

Show file

def sqlmap_new(request):
    context = crearContextBase(request)
    u = request.user
    userid = u.id
    if request.method == 'POST':
        form = forms.SQLmapForm(request.POST, user=u)
        if form.is_valid():
            # url
            target_url = form.cleaned_data['url']
            # direct connection
            target_dbms = form.cleaned_data['dbms']
            target_user = form.cleaned_data['user']
            target_password = form.cleaned_data['password']
            target_ip = form.cleaned_data['ip']
            target_port = form.cleaned_data['port']
            target_db_name = form.cleaned_data['db_name']
            # parameters
            c = form.cleaned_data['charset']
            v = form.cleaned_data['verbosity']
            l = form.cleaned_data['level']
            r = form.cleaned_data['risk']
            d = form.cleaned_data['depth']
            n = form.cleaned_data['name']
            m = form.cleaned_data['mail']
            mf = form.cleaned_data['mail_field']
            if 'save' in request.POST:
                e = "Saved"
            elif 'cue' in request.POST:
                e = "On Hold"

            if target_url == "":
                t = "-d " + target_dbms + "://" + target_user + ":" + target_password + "@" + target_ip + ":" + \
                    str(target_port) + "/" + target_db_name
            else:
                t = "-u " + target_url

            if m:
                p = models.sqlmap_requests.objects.create(
                    name=n,
                    target=t,
                    level=l,
                    verbosity=v,
                    risk=r,
                    depth=d,
                    charset=c,
                    user=request.user,
                    state=e,
                    mail=mf)  # crear la request
            else:
                p = models.sqlmap_requests.objects.create(
                    name=n,
                    target=t,
                    level=l,
                    verbosity=v,
                    risk=r,
                    depth=d,
                    charset=c,
                    user=request.user,
                    state=e)  # crear la request
            r = models.sqlmap_results.objects.create(id=p.id)
            return HttpResponseRedirect('/SQLmap/tasks/')
        else:
            print(form.errors)
    else:
        form = forms.SQLmapForm(user=u)
    context.update({"initial": 0})
    context.update({"form": form})
    return render(request, 'sqlmap_new.html', context)

Example #9

0

Show file

def sqlmap_tasks(request):
    context = crearContextBase(request)
    return render(request, 'sqlmap_tasks.html', context)

Example #10

0

Show file

def sqlmap_modify(request, id):
    context = crearContextBase(request)
    u = request.user
    task = sqlmap_requests.objects.get(id=id)
    context.update({"task": task, "notModify": False})
    if task.state != "Running" and task.state != "Blocked":
        if request.method == 'POST':
            form = forms.SQLmapForm(request.POST, user=u)
            if form.is_valid():
                # url
                target_url = form.cleaned_data['url']
                # direct connection
                target_dbms = form.cleaned_data['dbms']
                target_user = form.cleaned_data['user']
                target_password = form.cleaned_data['password']
                target_ip = form.cleaned_data['ip']
                target_port = form.cleaned_data['port']
                target_db_name = form.cleaned_data['db_name']
                # parameters
                c = form.cleaned_data['charset']
                v = form.cleaned_data['verbosity']
                l = form.cleaned_data['level']
                r = form.cleaned_data['risk']
                d = form.cleaned_data['depth']
                n = form.cleaned_data['name']
                m = form.cleaned_data['mail']
                mf = form.cleaned_data['mail_field']
                if 'save' in request.POST:
                    e = "Saved"
                elif 'cue' in request.POST:
                    e = "On Hold"

                if target_url == "":
                    t = "-d " + target_dbms + "://" + target_user + ":" + target_password + "@" + target_ip + ":" + \
                        str(target_port) + "/" + target_db_name
                else:
                    t = "-u " + target_url
                if task.state != "Running" and task.state != "Blocked":
                    task.name = n
                    task.target = t
                    task.level = l
                    task.verbosity = v
                    task.risk = r
                    task.depth = d
                    task.charset = c
                    task.user = u
                    task.state = e
                    task.modify_date = datetime.now()
                    if m:
                        task.mail = mf
                    else:
                        task.mail = None
                    task.save()
                else:
                    context.update({"notModify": True})
                    return render(request, 'sqlmap_new.html', context)
                return HttpResponseRedirect('/SQLmap/tasks/')
            else:
                print(form.errors)
        else:
            form = forms.SQLmapForm(user=u)
            form.fields["name"].initial = task.name
            if task.target[0:3] == "-u ":
                form.fields["url"].initial = task.target[3:]
            elif task.target[0:3] == "-d ":
                text = task.target[3:].partition("://")
                form.fields["dbms"].initial = text[0]
                text = text[2].partition(":")
                form.fields["user"].initial = text[0]
                text = text[2].partition("@")
                # La password no la aprofitem
                text = text[2].partition(":")
                form.fields["ip"].initial = text[0]
                text = text[2].partition(":")
                form.fields["port"].initial = text[0]
                form.fields["db_name"].initial = text[2]
            context.update({
                "initial": 1,
                "verbosity": task.verbosity,
                "level": task.level,
                "risk": task.risk,
                "depth": task.depth
            })
            form.fields["charset"].initial = task.charset
            if task.mail:
                form.fields["mail_field"].initial = task.mail
                form.fields["mail"].initial = True
            context.update({"form": form})
            return render(request, 'sqlmap_new.html', context)
    else:
        context.update({"notModify": True})
        return render(request, 'sqlmap_new.html', context)

Example #11

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def w3af_tasks(request):
    context = crearContextBase(request)
    return render(request, 'w3af_tasks.html', context)

Example #12

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def w3af_modify(request, id):
    context = crearContextBase(request)
    u = request.user
    task = w3af_requests.objects.get(id=id)
    context.update({"task": task, "notModify": False})
    if task.state != "Running" and task.state != "Blocked":
        if request.method == 'POST':
            form = forms.w3afForm(request.POST, user=u)
            if form.is_valid():
                n = form.cleaned_data['name']
                # target
                t = form.cleaned_data['target']
                to = form.cleaned_data['target_os']
                tf = form.cleaned_data['target_framework']
                # auth
                lu = form.cleaned_data['login_url']
                lun = form.cleaned_data['login_username']
                lp = form.cleaned_data['login_password']
                luf = form.cleaned_data['login_userfield']
                lpf = form.cleaned_data['login_passwordfield']
                lm = form.cleaned_data['login_method']
                # basic auth
                hd = form.cleaned_data['http_domain']
                hu = form.cleaned_data['http_user']
                hp = form.cleaned_data['http_password']
                # parameters
                p = form.cleaned_data['profile']
                m = form.cleaned_data['mail']
                mf = form.cleaned_data['mail_field']
                if 'save' in request.POST:
                    e = "Saved"
                elif 'cue' in request.POST:
                    e = "On Hold"

                if p == "Fast Scan":
                    pb = "fast_scan"
                elif p == "Full Audit":
                    pb = "full_scan"
                elif p == "OWASP Scan":
                    pb = "OWASP_TOP10"

                if task.state != "Running" and task.state != "Blocked":
                    task.name = n
                    task.target = t
                    task.target_os = to
                    task.target_framework = tf
                    task.login_url = lu
                    task.login_username = lun
                    task.login_password = lp
                    task.login_userfield = luf
                    task.login_passwordfield = lpf
                    task.login_method = lm
                    task.profile = pb
                    task.user = u
                    task.state = e
                    task.http_domain = hd
                    task.http_user = hu
                    task.http_password = hp
                    task.modify_date = datetime.now()
                    if m:
                        task.mail = mf
                    else:
                        task.mail = None
                    task.save()
                else:
                    context.update({"notModify": True})
                    return render(request, 'w3af_new.html', context)
                return HttpResponseRedirect('/w3af/tasks/')
            else:
                print(form.errors)
        else:
            form = forms.w3afForm(user=u)
            form.fields["name"].initial = task.name
            form.fields["target"].initial = task.target
            form.fields["target_os"].initial = task.target_os
            form.fields["target_framework"].initial = task.target_framework
            if task.login_url:
                form.fields["target_login_url"].initial = task.login_url
            if task.login_username:
                form.fields["login_username"].initial = task.login_username
            if task.login_password:
                form.fields["login_password"].initial = task.login_password
            if task.login_userfield:
                form.fields["login_userfield"].initial = task.login_userfield
            if task.login_passwordfield:
                form.fields["login_passwordfield"].initial = task.login_passwordfield
            if task.http_domain:
                form.fields["http_domain"].initial = task.http_domain
            if task.http_user:
                form.fields["http_user"].initial = task.http_user
            if task.http_password:
                form.fields["http_password"].initial = task.http_password
            form.fields["login_method"].initial = task.login_method
            form.fields["profile"].initial = task.profile
            context.update({"initial": 1})
            if task.mail:
                form.fields["mail_field"].initial = task.mail
                form.fields["mail"].initial = True
            context.update({"form": form})
            return render(request, 'w3af_new.html', context)
    else:
        context.update({"notModify": True})
        return render(request, 'w3af_new.html', context)

Example #13

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def openvas_tasks(request):
    context = crearContextBase(request)
    context.update({'openvas_tasks': "active"})
    return render(request, 'openvas_tasks.html', context)

Example #14

0

Show file

File: views.py Project: CarlesLlobet/CoSA

def openvas_modify(request, id):
    context = crearContextBase(request)
    context.update({'openvas_tasks': "active"})
    u = request.user
    task = openvas_requests.objects.get(id=id)
    context.update({"task": task, "notModify": False})
    if task.state != "Running" and task.state != "Blocked":
        if request.method == 'POST':
            form = forms.OpenVASForm(request.POST, user=u)
            if form.is_valid():
                ips = form.cleaned_data['ips']
                urls = form.cleaned_data['urls']
                m = form.cleaned_data['mail']
                mf = form.cleaned_data['mail_field']
                c = form.cleaned_data['config']
                if 'save' in request.POST:
                    e = "Saved"
                elif 'cue' in request.POST:
                    e = "On Hold"

                # Treiem els espais entre hostnames
                urls = urls.replace(" ", "")
                ips = ips.replace(" ", "")

                if ips != "" and urls != "":
                    t = ips + "," + urls
                elif ips != "":
                    t = ips
                else:
                    t = urls

                n = form.cleaned_data['name']
                if task.state != "Running" and task.state != "Blocked":
                    task.name = n
                    task.target = t
                    task.user = u
                    task.state = e
                    task.percentage = 0
                    task.config = c
                    task.modify_date = timezone.now()
                    if m:
                        task.mail = mf
                    else:
                        task.mail = None
                    task.save()
                else:
                    context.update({"notModify": True})
                    return render(request, 'openvas_new.html', context)
                return HttpResponseRedirect('/OpenVAS/tasks/')
            else:
                print(form.errors)
        else:
            form = forms.OpenVASForm(user=u)
            form.fields["name"].initial = task.name
            tasks = task.target.split(",")
            urls = ""
            ips = ""
            try:
                IPNetwork(tasks[0])
            except:
                urls += tasks[0]
            else:
                ips += tasks[0]
            for t in tasks[1:]:
                try:
                    IPNetwork(t)
                except:
                    urls += "," + t
                else:
                    ips += "," + t
            form.fields["urls"].initial = urls
            form.fields["ips"].initial = ips
            if task.mail != "" or task.mail is not None:
                form.fields["mail_field"].initial = task.mail
                form.fields["mail"].initial = True
            form.fields["config"].initial = task.config
            context.update({"form": form})
            return render(request, 'openvas_new.html', context)
    else:
        context.update({"notModify": True})
        return render(request, 'openvas_new.html', context)