# @Author : yds # @Time : 18-5-15 # @File : dashboard.py # @Desc : "" import datetime import re from collections import Counter from flask import Blueprint, render_template from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from yandi.views.authenticate import login_check dashboard = Blueprint('dashboard', __name__) vul_db = db_name_conf()['vul_db'] plugin_db = db_name_conf()['plugin_db'] tasks_db = db_name_conf()['tasks_db'] asset_db = db_name_conf()['asset_db'] weekpasswd_db = db_name_conf()['weekpasswd_db'] server_db = db_name_conf()['server_db'] subgithub_db=db_name_conf()['subgithub_db'] mail_db=db_name_conf()['mail_db'] @dashboard.route('/dashboard') @login_check def view_dashboard(): dashboard_data = { "vul_count": get_count()['vul_count'], "plugin_count": get_count()['plugin_count'],
# @Author : jeffzhang # @Time : 18-5-23 # @File : auth_tester.py # @Desc : "" import time from threading import Thread from flask import Blueprint, render_template, request from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from instance import config_name from fuxi.views.modules.auth_tester.auth_scanner import AuthCrack auth_tester = Blueprint('auth_tester', __name__) auth_db = db_name_conf()['auth_db'] weekpasswd_db = db_name_conf()['weekpasswd_db'] config_db = db_name_conf()['config_db'] @auth_tester.route('/new-auth-tester') @login_check def view_new_auth_tester(): # default view config_info = connectiondb(config_db).find_one({"config_name": config_name}) username_list = "\n".join(config_info['username_dict']) password_list = "\n".join(config_info['password_dict']) protocols = config_info['auth_service'] return render_template('new-auth-tester.html', username_list=username_list, password_list=password_list, protocols=protocols)
# @Author : jeffzhang # @Time : 18-5-18 # @File : subdomain_brute.py # @Desc : "" import time import os from threading import Thread from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from fuxi.views.modules.subdomain import domain_brute subdomain_brute = Blueprint('subdomain_brute', __name__) domain_db = db_name_conf()['domain_db'] plugin_db = db_name_conf()['plugin_db'] subdomain_db = db_name_conf()['subdomain_db'] @subdomain_brute.route('/subdomain-brute', methods=['POST', 'GET']) @login_check def subdomain_view(): if request.method == 'GET': # task delete if request.args.get('delete'): domain_id = request.args.get('delete') connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)}) connectiondb(subdomain_db).remove( {'domain_id': ObjectId(domain_id)}) return redirect(url_for('subdomain_brute.subdomain_view'))
# @Author : jeffzhang # @Time : 18-5-18 # @File : subdomain_brute.py # @Desc : "" import time import os from threading import Thread from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from fuxi.views.modules.subdomain import domain_brute subdomain_brute = Blueprint('subdomain_brute', __name__) domain_db = db_name_conf()['domain_db'] plugin_db = db_name_conf()['plugin_db'] subdomain_db = db_name_conf()['subdomain_db'] @subdomain_brute.route('/subdomain-brute', methods=['POST', 'GET']) @login_check def subdomain_view(): if request.method == 'GET': # task delete if request.args.get('delete'): domain_id = request.args.get('delete') connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)}) connectiondb(subdomain_db).remove({'domain_id': ObjectId(domain_id)}) return redirect(url_for('subdomain_brute.subdomain_view'))
# @Time : 18-5-15 # @File : dashboard.py # @Desc : "" import datetime import re from collections import Counter from flask import Blueprint, render_template from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from yandi.views.authenticate import login_check from flask import Blueprint, render_template, request from instance import config_name todo = Blueprint('todo', __name__) config_db = db_name_conf()['config_db'] @todo.route('/todo', methods=['GET', 'POST']) @login_check def view_todo(): if request.method == "GET": config_data = connectiondb(config_db).find_one( {"config_name": config_name}) config_info = { "todotext": config_data['todo'], } return render_template("todo.html", config_info=config_info) else: # update thread config if request.form.get("source") == "todo":
#!/usr/bin/env python # -*- coding: utf-8 -*- # @Author : jeffzhang # @Time : 18-5-15 # @File : settings.py # @Desc : "" from flask import Blueprint, render_template, request from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from instance import config_name settings = Blueprint('settings', __name__) config_db = db_name_conf()['config_db'] # system-config @settings.route('/system-config', methods=['GET', 'POST']) @login_check def config_view(): return render_template("system-config.html") @settings.route('/advanced-option', methods=['GET', 'POST']) @login_check def option_view(): if request.method == "GET": config_data = connectiondb(config_db).find_one({"config_name": config_name}) config_info = { "poc_thread": config_data['poc_thread'], "discovery_thread": config_data['discovery_thread'],
# @Author : jeffzhang # @Time : 18-5-15 # @File : dashboard.py # @Desc : "" import datetime import re from collections import Counter from flask import Blueprint, render_template from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check dashboard = Blueprint('dashboard', __name__) vul_db = db_name_conf()['vul_db'] plugin_db = db_name_conf()['plugin_db'] tasks_db = db_name_conf()['tasks_db'] asset_db = db_name_conf()['asset_db'] weekpasswd_db = db_name_conf()['weekpasswd_db'] server_db = db_name_conf()['server_db'] @dashboard.route('/dashboard') @login_check def view_dashboard(): dashboard_data = { "vul_count": get_count()['vul_count'], "plugin_count": get_count()['plugin_count'], "week_passwd_count": get_count()['week_passwd_count'], "server_count": get_count()['server_count'],
# @Author : yds # @Time : 18-5-17 # @File : port_scanner.py # @Desc : "" import threading import time from flask import Blueprint, render_template, request, redirect, url_for, jsonify from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from yandi.views.authenticate import login_check from yandi.views.modules.port_scanner.nmap_scanner import nmap_scanner from instance import config_name port_scanner = Blueprint('port_scanner', __name__) config_db = db_name_conf()['config_db'] port_db = db_name_conf()['port_db'] # port_scanner @port_scanner.route('/port-scanner', methods=['GET', 'POST']) @login_check def port_view(): if request.method == "GET": if request.args.get("scan_id"): # default port scan result target_id = request.args.get("scan_id") db_course = connectiondb(port_db).find_one( {"_id": ObjectId(target_id)}) host = db_course['host'] port = db_course['port']
#!/usr/bin/env python # -*- coding: utf-8 -*- # @Author : jeffzhang # @Time : 2018/04/03 # @File : task_management.py # @Desc : "" import time from flask import Blueprint, render_template, request, redirect, url_for, jsonify from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from InsectsAwake.views.authenticate import login_check task_management = Blueprint('task_management', __name__) tasks_db = db_name_conf()['tasks_db'] asset_db = db_name_conf()['asset_db'] server_db = db_name_conf()['server_db'] subdomain_db = db_name_conf()['subdomain_db'] @task_management.route('/task-management') @login_check def tasks_list(): # 删除任务 if request.args.get('trash'): task_id = request.args.get('trash') connectiondb('test_tasks').delete_one({'_id': ObjectId(task_id)}) return redirect(url_for('task_management.tasks_list')) # 任务重扫 elif request.args.get('refresh'):
# @Author : yds # @Time : 18-5-18 # @File : subdomain_brute.py # @Desc : "" import time import os from threading import Thread from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from yandi.views.authenticate import login_check from yandi.views.modules.email import memail_brute email_brute = Blueprint('email_brute', __name__) email_db = db_name_conf()['mail_task_db'] subemail_db = db_name_conf()['mail_db'] @email_brute.route('/email-brute', methods=['POST', 'GET']) @login_check def email_view(): if request.method == 'GET': # task delete if request.args.get('delete'): email_id = request.args.get('delete') connectiondb(email_db).delete_one({'_id': ObjectId(email_id)}) connectiondb(subemail_db).remove({'email_id': ObjectId(email_id)}) return redirect(url_for('email_brute.email_view')) # result download
# @Author : jeffzhang # @Time : 18-5-17 # @File : port_scanner.py # @Desc : "" import threading import time from flask import Blueprint, render_template, request, redirect, url_for, jsonify from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from fuxi.views.modules.port_scanner.nmap_scanner import nmap_scanner from instance import config_name port_scanner = Blueprint('port_scanner', __name__) config_db = db_name_conf()['config_db'] port_db = db_name_conf()['port_db'] # port_scanner @port_scanner.route('/port-scanner', methods=['GET', 'POST']) @login_check def port_view(): if request.method == "GET": if request.args.get("scan_id"): # default port scan result target_id = request.args.get("scan_id") db_course = connectiondb(port_db).find_one({"_id": ObjectId(target_id)}) host = db_course['host'] port = db_course['port'] if db_course['status'] == "Done":
# @Author : yds # @Time : 18-5-18 # @File : subdomain_brute.py # @Desc : "" import time import os from threading import Thread from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from yandi.views.authenticate import login_check from yandi.views.modules.github import mgithub_brute github_brute = Blueprint('gitub_brute', __name__) github_db = db_name_conf()['github_db'] subgithub_db = db_name_conf()['subgithub_db'] @github_brute.route('/github-brute', methods=['POST', 'GET']) @login_check def github_view(): if request.method == 'GET': # task delete if request.args.get('delete'): github_id = request.args.get('delete') connectiondb(github_db).delete_one({'_id': ObjectId(github_id)}) connectiondb(subgithub_db).remove( {'github_id': ObjectId(github_id)}) return redirect(url_for('github_brute.github_view'))
#!/usr/bin/env python # -*- coding: utf-8 -*- # @Author : jeffzhang # @Time : 2018/04/03 # @File : asset_management.py # @Desc : "" import time from flask import Blueprint, render_template, request, redirect, url_for, jsonify from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from InsectsAwake.views.authenticate import login_check asset_management = Blueprint('asset_management', __name__) asset_db = db_name_conf()['asset_db'] plugin_db = db_name_conf()['plugin_db'] server_db = db_name_conf()['server_db'] # 资产库操作 @asset_management.route('/asset-management', methods=['POST', 'GET']) @login_check def asset_view(): if request.method == 'GET': # 资产库 删 if request.args.get('delete'): asset_id = request.args.get('delete') connectiondb(asset_db).delete_one({'_id': ObjectId(asset_id)}) return redirect(url_for('asset_management.asset_view')) # 资产库 改
import time from flask import Blueprint, render_template, request, redirect, url_for, Flask, jsonify from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from werkzeug.utils import secure_filename from InsectsAwake.views.modules.scanner.vulnerability_plugin import get_plugin_re from instance import config from InsectsAwake.views.authenticate import login_check ProductionConfig = config.ProductionConfig app = Flask(__name__) app.config.from_object(ProductionConfig) plugin_management = Blueprint('plugin_management', __name__) asset_db = db_name_conf()['asset_db'] plugin_db = db_name_conf()['plugin_db'] # 资产库操作 @plugin_management.route('/plugin-management', methods=['POST', 'GET']) @login_check def plugin_list(): if request.method == 'GET': if request.args.get('delete'): plugin_id = request.args.get('delete') connectiondb(plugin_db).delete_one({'_id': ObjectId(plugin_id)}) return redirect(url_for('plugin_management.plugin_list')) # 文件上传接口 新增插件 elif request.method == 'POST':
# @Author : jeffzhang # @Time : 18-5-23 # @File : auth_tester.py # @Desc : "" import time from threading import Thread from flask import Blueprint, render_template, request from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.authenticate import login_check from instance import config_name from fuxi.views.modules.auth_tester.auth_scanner import AuthCrack auth_tester = Blueprint('auth_tester', __name__) auth_db = db_name_conf()['auth_db'] weekpasswd_db = db_name_conf()['weekpasswd_db'] config_db = db_name_conf()['config_db'] @auth_tester.route('/new-auth-tester') @login_check def view_new_auth_tester(): # default view config_info = connectiondb(config_db).find_one( {"config_name": config_name}) username_list = "\n".join(config_info['username_dict']) password_list = "\n".join(config_info['password_dict']) protocols = config_info['auth_service'] return render_template('new-auth-tester.html', username_list=username_list,
#!/usr/bin/env python # -*- coding: utf-8 -*- # @Author : jeffzhang # @Time : 2018/04/20 # @File : weak_passwd_test.py # @Desc : "" import time import os from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from InsectsAwake.views.authenticate import login_check weak_passwd_test = Blueprint('weak_passwd_test', __name__) domain_db = db_name_conf()['domain_db'] plugin_db = db_name_conf()['plugin_db'] subdomain_db = db_name_conf()['subdomain_db'] weekpasswd_db = db_name_conf()['weekpasswd_db'] @weak_passwd_test.route('/week-passwd-test', methods=['POST', 'GET']) @login_check def task_view(): if request.method == 'GET': # 任务 删 if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(weekpasswd_db).delete_one({'_id': ObjectId(task_id)}) return redirect(url_for('weak_passwd_test.task_view'))
# @Author : jeffzhang # @Time : 18-5-10 # @File : vul_scanner.py # @Desc : "" import time from flask import Blueprint, render_template, request, redirect, url_for, jsonify from bson import ObjectId from threading import Thread from lib.mongo_db import connectiondb, db_name_conf from fuxi.views.modules.scanner.poc_scanner import PocsuiteScanner from fuxi.views.authenticate import login_check vul_scanner = Blueprint('vul_scanner', __name__) tasks_db = db_name_conf()['tasks_db'] asset_db = db_name_conf()['asset_db'] server_db = db_name_conf()['server_db'] subdomain_db = db_name_conf()['subdomain_db'] vul_db = db_name_conf()['vul_db'] plugin_db = db_name_conf()['plugin_db'] # tasks view @vul_scanner.route('/task-management') @login_check def tasks_view(): # delete task if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(tasks_db).delete_one({'_id': ObjectId(task_id)})
# @Desc : "" import datetime import re from collections import Counter from flask import Blueprint, render_template from bson import ObjectId from lib.mongo_db import connectiondb, db_name_conf from InsectsAwake.views.authenticate import login_check dashboard = Blueprint('dashboard', __name__, template_folder='templates', static_folder='static') vul_db = db_name_conf()['vul_db'] plugin_db = db_name_conf()['plugin_db'] tasks_db = db_name_conf()['tasks_db'] asset_db = db_name_conf()['asset_db'] @dashboard.route('/dashboard') @login_check def view_dashboard(): # 获取漏洞数 插件数 任务数 资产数 vul_count = connectiondb(vul_db).count() plugin_count = connectiondb(plugin_db).count() task_count = connectiondb(tasks_db).count() asset_count = 0 for i in connectiondb(asset_db).find():