Example #1
0
def getwork():
	manual = request.args.get('target', '')
	if "natlas-agent" in request.headers["user-agent"]:
		verstr = request.headers["user-agent"].split('/')[1]
		if verstr != current_app.config["NATLAS_VERSION"]:
			errmsg = "The server detected you were running version {} but the server is running {}".format(verstr, current_app.config["NATLAS_VERSION"])
			response_body = json.dumps({'status': 400, 'message': errmsg, 'retry': False})
			response = Response(response=response_body, status=400, content_type=json_content)
			return response
	work = {}

	if manual:
		canTarget = current_app.ScopeManager.is_acceptable_target(manual)
		if canTarget:
			work['scan_reason'] = 'manual'
			work['target'] = manual
			work = prepare_work(work)
			response = Response(response=json.dumps(work), status=200, content_type=json_content)
		else:
			errmsg = "{} is not a valid target for this server.".format(manual)
			response_body = json.dumps({'status': 400, 'message': errmsg, 'retry': False})
			response = Response(response=response_body, status=400, content_type=json_content)
		return response

	rescans = current_app.ScopeManager.get_pending_rescans()
	if len(rescans) == 0: # If there aren't any rescans, update the Rescan Queue and get it again, because of lazy loading
		current_app.ScopeManager.update_pending_rescans()
		rescans = current_app.ScopeManager.get_pending_rescans()

	if len(rescans) == 0: # if we don't have rescans, use the ScanManager
		scanmanager = current_app.ScopeManager.get_scan_manager()
		if not scanmanager:
			current_app.ScopeManager.update()
			scanmanager = current_app.ScopeManager.get_scan_manager()

			if not scanmanager:
				response_body = json.dumps({'status': 404, 'message': 'No scope is currently configured.', "retry": True})
				response = Response(response=response_body, status=404, content_type=json_content)
				return response

		work['target'] = str(scanmanager.get_next_ip())
		work['scan_reason'] = 'auto'

	else: # Get the ip from the rescan queue, mark the job as dispatched, update the PendingRescans for other requests
		work['target'] = rescans[0].target
		work['scan_reason'] = 'requested'
		mark_scan_dispatched(rescans[0])

	work = prepare_work(work)
	response_body = json.dumps(work)
	response = Response(response=response_body, status=200, content_type=json_content)
	return response
Example #2
0
def getwork():
    manual = request.args.get("target", "")
    if "natlas-agent" in request.headers["user-agent"]:
        verstr = request.headers["user-agent"].split("/")[1]
        if verstr != current_app.config["NATLAS_VERSION"]:
            errmsg = f"The server detected you were running version {verstr} but the server is running {current_app.config['NATLAS_VERSION']}"
            response_body = json.dumps({
                "status": 400,
                "message": errmsg,
                "retry": False
            })
            response = Response(response=response_body,
                                status=400,
                                content_type=json_content)
            return response
    work = {}

    if manual:
        canTarget = current_app.ScopeManager.is_acceptable_target(manual)
        if canTarget:
            work["scan_reason"] = "manual"
            work["target"] = manual
            work = prepare_work(work)
            response = Response(response=json.dumps(work),
                                status=200,
                                content_type=json_content)
        else:
            errmsg = f"{manual} is not a valid target for this server."
            response_body = json.dumps({
                "status": 400,
                "message": errmsg,
                "retry": False
            })
            response = Response(response=response_body,
                                status=400,
                                content_type=json_content)
        return response

    rescans = current_app.ScopeManager.get_pending_rescans()
    if (
            len(rescans) == 0
    ):  # If there aren't any rescans, update the Rescan Queue and get it again, because of lazy loading
        current_app.ScopeManager.update_pending_rescans()
        rescans = current_app.ScopeManager.get_pending_rescans()

    if len(rescans) == 0:  # if we don't have rescans, use the ScanManager
        scanmanager = current_app.ScopeManager.get_scan_manager()
        if not scanmanager:
            current_app.ScopeManager.update()
            scanmanager = current_app.ScopeManager.get_scan_manager()

        if not scanmanager:
            response_body = json.dumps({
                "status": 404,
                "message": "No scope is currently configured.",
                "retry": True,
            })
            response = Response(response=response_body,
                                status=404,
                                content_type=json_content)
            return response

        work["target"] = str(scanmanager.get_next_ip())
        work["scan_reason"] = "auto"

    else:  # Get the ip from the rescan queue, mark the job as dispatched, update the PendingRescans for other requests
        work["target"] = rescans[0].target
        work["scan_reason"] = "requested"
        mark_scan_dispatched(rescans[0])

    work = prepare_work(work)
    response_body = json.dumps(work)
    response = Response(response=response_body,
                        status=200,
                        content_type=json_content)
    return response