if host_records: def host_to_ip(host_rec): if isinstance(host_rec, (int, str)): host_rec = get_host_record(host_rec) if not host_rec: return None return host_rec.get('f_ipv4') or host_rec.get('f_ipv6') target_ips = '\n'.join([host_to_ip(x) for x in host_records.split('|')]) else: target_ips = '' module_list = [] alert = False msf = MetasploitAPI(host=auth.user.f_msf_pro_url, apikey=auth.user.f_msf_pro_key) try: module_list = msf.module_list(modtype='exploits').get('modules') except MSFAPIError, error: return dict(alert=True, error=str(error), form=None) form = SQLFORM.factory( Field('targets', 'text', default=target_ips, label=T('Targets'), requires=IS_NOT_EMPTY(), comment=T('Targets to scan can be IP Addresses, ranged lists or subnets. One per line.') ), Field('blacklist_hosts', 'text', label=T('Blacklisted Targets'), comment=T('Targets to blacklist can be IP Addresses, ranged lists or subnets. One per line.') ), Field('ports', 'string', default='1-65535', label=T('Ports'), requires=IS_NOT_EMPTY(), comment=T('List of ports to match exploits to. Example: 21-23,80,443,8000-8999') ), Field('blacklist_ports', 'string', label=T('Blacklisted Ports'), comment=T('List of ports to not exploit. Example: 21-23,80,443,8000-8999')