async def handle_request(self, data): """ 请求格式: { "host": "1.2.3.4", "port": 80, "url_only": false } """ try: host = data["host"] port = data.get("port", 80) url_only = data.get("url_only", False) except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: if ScannerManager().is_scanning(host, port): ret = { "status": 2, "description": "目标主机:{}:{}正在被扫描,请先停止!".format(host, port) } else: ScannerManager().clean_target(host, port, url_only) ret = {"status": 0, "description": "ok"} return ret
async def handle_request(self, data): """ 请求格式: { "scanner_id":0 } """ try: scanner_id = data["scanner_id"] except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: try: success = ScannerManager().kill_scanner(scanner_id) except exceptions.InvalidScannerId: ret = { "status": 2, "description": "目标Scanner_id:{} 未在运行!".format(scanner_id) } else: if success: ret = {"status": 0, "description": "ok"} else: ret = {"status": 3, "description": "结束scanner进程失败!"} return ret
async def handle_request(self, data): """ 请求格式: { "host":"1.2.3.4", "port": 80, } 返回的data结构, 获取目标不存在返回default配置: { "scan_plugin_status": { "command_basic": true, "directory_basic": false }, "scan_rate": { "max_concurrent_request": 20, "max_request_interval": 1000, "min_request_interval": 0 } } """ try: module_params = { "host": data["host"], "port": data.get("port", 80) } except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: data = ScannerManager().get_config(module_params) ret = {"status": 0, "description": "ok", "data": data} return ret
async def handle_request(self, data): """ 请求格式: { "host":"1.2.3.4", "port": 80 } """ try: module_params = { "host": data["host"], "port": data.get("port", 80) } except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: try: ScannerManager().new_scanner(module_params) except exceptions.MaximumScannerExceede: ret = {"status": 2, "description": "并行扫描任务数量到达上限!"} except exceptions.TargetIsScanning: ret = { "status": 3, "description": "目标主机:{}:{}正在被扫描,请先停止!".format(module_params["host"], module_params["port"]) } else: ret = {"status": 0, "description": "ok"} return ret
async def handle_request(self, data): """ 请求格式: {} """ status = ScannerManager().get_auto_start() ret = {"status": 0, "description": "ok", "data": {"status": status}} return ret
async def handle_request(self, data): """ 请求格式: { "host":"1.2.3.4", "port": 80, "config": { "scan_plugin_status": { "command_basic": { "enable": true, "show_name": "命令注入检测插件", "description": "xxxx" }, ... }, "scan_rate": { "max_concurrent_request": 20, "max_request_interval": 1000, "min_request_interval": 0 }, "white_url_reg": "^/logout", "scan_proxy": "http://127.0.0.1:8080" } } """ try: module_params = { "host": data["host"], "port": data.get("port", 80), "config": data.get("config", {}) } self.config_validtor.validate(module_params["config"]) if "white_url_reg" in module_params["config"]: re.compile(module_params["config"]["white_url_reg"]) if "scan_proxy" in module_params["config"]: proxy_url = module_params["config"]["scan_proxy"] if proxy_url != "": scheme = urllib.parse.urlparse(proxy_url).scheme if scheme not in ("http", "https"): assert False except (KeyError, TypeError, jsonschema.exceptions.ValidationError): ret = {"status": 1, "description": "请求json格式非法!"} except re.error: ret = {"status": 2, "description": "白名单正则不合法!"} except AssertionError: ret = {"status": 3, "description": "代理协议应为http或https!"} else: ScannerManager().mod_config(module_params) ret = {"status": 0, "description": "ok"} return ret
async def handle_request(self, data): """ 请求格式: { "auto_start": true } """ try: auto_start = data["auto_start"] except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: ScannerManager().set_auto_start(auto_start) ret = {"status": 0, "description": "ok"} return ret
async def handle_request(self, data): """ 请求格式: { "page":1 } """ page = data.get("page", 1) result, total = ScannerManager().get_all_target(page) ret = { "status": 0, "description": "ok", # data 格式参考get_all_target返回值 "data": { "total": total, "result": result } } return ret
async def handle_request(self, data): """ 请求格式: { "host":"1.2.3.4", "port": 80, "config": { "scan_plugin_status": { "command_basic": { "enable": true, "show_name": "命令注入检测插件", "description": "xxxx" }, ... }, "scan_rate": { "max_concurrent_request": 20, "max_request_interval": 1000, "min_request_interval": 0 }, "white_url_reg": "^/logout" } } """ try: module_params = { "host": data["host"], "port": data.get("port", 80), "config": data.get("config", {}) } self.config_validtor.validate(module_params["config"]) if "white_url_reg" in module_params["config"]: re.compile(module_params["config"]["white_url_reg"]) except (KeyError, TypeError, jsonschema.exceptions.ValidationError): ret = {"status": 1, "description": "请求json格式非法!"} except re.error: ret = {"status": 2, "description": "白名单正则不合法!"} else: ScannerManager().mod_config(module_params) ret = {"status": 0, "description": "ok"} return ret
async def handle_request(self, data): """ 请求格式: { "scanner_id":0 } """ try: scanner_id = data["scanner_id"] except (KeyError, TypeError): ret = {"status": 1, "description": "请求json格式非法!"} else: try: ScannerManager().resume_scanner(scanner_id) except exceptions.InvalidScannerId: ret = { "status": 2, "description": "目标Scanner_id:{} 不存在!".format(scanner_id) } else: ret = {"status": 0, "description": "ok"} return ret
def run(self): """ Monitor 主函数 """ # 多线程开始前初始化 RuntimeInfo() if Config().get_config("cloud_api.enable"): self.cloud_thread = threading.Thread(target=self._upload_report, name="upload_report_thread", daemon=True) self.cloud_thread.start() # 初始化调度类 scanner_schedulers = {} for module_name in RuntimeInfo().get_latest_info().keys(): if module_name.startswith("Scanner"): scanner_schedulers[module_name] = ScannerScheduler(module_name) ScannerManager().init_manager(scanner_schedulers) # 启动后台http server # web_console = WebConsole() # self.web_console_thread = threading.Thread( # target=web_console.run, # name="web_console_thread", # daemon=True # ) # self.web_console_thread.start() # 向云控后台发送心跳,用于建立ws连接 transaction = Transaction() self.transaction_thread = threading.Thread(target=transaction.run, name="transaction_thread", daemon=True) self.transaction_thread.start() time.sleep(1) if self._check_alive(): print("[-] OpenRASP-IAST init success!") print("[-] Visit web console in cloud server: {}".format( Config().get_config("cloud_api.backend_url"))) print( "[-] Before start scan task, set OpenRASP agent plugin algorithmConfig option 'fuzz_server' (edit iast.js or use cloud server web console) with url: 'http://{}:{}{}'" .format(self._get_self_ip(), Config().get_config("preprocessor.http_port"), Config().get_config("preprocessor.api_path"))) Logger().info("Monitor init success!") else: self._terminate_modules() sys.exit(1) while True: try: # 执行调度 RuntimeInfo().refresh_info() for module_name in scanner_schedulers: scanner_schedulers[module_name].do_schedule() time.sleep(Config().get_config("monitor.schedule_interval")) # 检测模块存活 if not self._check_alive(): self._terminate_modules() if self.crash_module == "main": Logger().info("OpenRASP-IAST exit!") print("[!] OpenRASP-IAST exit!") self._clean_mei() sys.exit(0) else: Logger().critical( "Detect Module {} down, exit!".format( self.crash_module)) self._clean_mei() sys.exit(1) except Exception as e: Logger().critical("Monitor module crash with unknow error!", exc_info=e) self._terminate_modules() self._clean_mei() sys.exit(2)
def run(self): """ Monitor 主函数 """ # 多线程开始前初始化 RuntimeInfo() # 启动后台http server web_console = WebConsole() self.web_console_thread = threading.Thread(target=web_console.run, name="web_console_thread", daemon=True) self.web_console_thread.start() if Config().get_config("cloud_api.enable"): self.cloud_thread = threading.Thread(target=self._upload_report, name="upload_report_thread", daemon=True) self.cloud_thread.start() # 初始化调度类 scanner_schedulers = {} for module_name in RuntimeInfo().get_latest_info().keys(): if module_name.startswith("Scanner"): scanner_schedulers[module_name] = ScannerScheduler(module_name) ScannerManager().init_manager(scanner_schedulers) time.sleep(1) if self._check_alive(): print("[-] OpenRASP-IAST init success!") print("[-] Visit web console with url: http://{}:{}/".format( self._get_self_ip(), Config().get_config("monitor.console_port"))) print( "[-] Set OpenRASP agent plugin option 'fuzz_server' with url: http://{}:{}{}" .format(self._get_self_ip(), Config().get_config("preprocessor.http_port"), Config().get_config("preprocessor.api_path"))) Logger().info("Monitor init success!") else: self._terminate_modules() exit(1) while True: try: # 执行调度 RuntimeInfo().refresh_info() for module_name in scanner_schedulers: scanner_schedulers[module_name].do_schedule() time.sleep(Config().get_config("monitor.schedule_interval")) # 检测模块存活 if not self._check_alive(): self._terminate_modules() if self.crash_module == "main": Logger().info("OpenRASP-IAST exit!") print("[!] OpenRASP-IAST exit!") os._exit(0) else: Logger().critical( "Detect Module {} down, exit!".format( self.crash_module)) os._exit(1) except Exception as e: Logger().critical("Monitor module crash with unknow error!", exc_info=e) self._terminate_modules() os._exit(2)