Example #1
0
def main():
    define("port", default=int(config.load()["port"]), type=int)
    define("address", default=config.load()["ip"])
    tornado.options.parse_command_line()
    path = lambda root, *a: os.path.join(root, *a)
    ROOT = os.path.dirname(os.path.abspath(__file__))
    settings = {}
    settings['static_path'] = path(ROOT, "web", "static")
    settings['template_loader'] = tornado.template.Loader(
        path(ROOT, "web", "templates"))
    settings['login_url'] = "/login"
    settings['debug'] = True
    site.addsitedir(path(ROOT, 'handlers'))
    conf = config.load()
    conf['scapy_stat'] = 'false'
    conf['tornado_stat'] = 'false'
    conf['scan_stat'] = 'false'
    conf['mix_stat'] = 'false'
    conf['tornado_run_stat'] = 'false'
    config.update(conf)
    app = make_app(settings)
    app.listen(port=options.port, address=options.address)
    out.good("Web app start at: http://%s:%s" %
             (options.address, options.port))
    tornado.ioloop.IOLoop.current().start()
Example #2
0
def check_update():
    out.good("Checking update...")
    try:
        res = requests.get(config.load()['check_url'], timeout=10)
        version = res.content
        if version != config.load()['version']:
            update()
            return True
        else:
            return False
    except:
        out.error("Can not connect to update server!")
        return False
Example #3
0
def new_scan(reqhash, request, rules):
    out.good("start new mission: %s" % reqhash)
    request_stat = 0
    request_message = []
    request_result = {}
    vulnerable = 0
    for rule in rules:
        if config.load()['scan_stat'].lower() == "true":
            message = eval(rule + "_scan")(request, int(config.load()['scan_level']))
            request_stat = message['request_stat']
            if request_stat > vulnerable:
                vulnerable = request_stat
            request_message = message['message'].split("|,|")
            request_result[rule] = {"stat": request_stat, "message": request_message}
    request_result['stat'] = vulnerable
    if vulnerable > 0:
        conn.lpush("vulnerable", reqhash)
    conn.hset("results", reqhash, base64.b64encode(json.dumps(request_result).encode()))
    conn.lrem("running", 1, reqhash)
    conn.lpush("finished", reqhash)
Example #4
0
def new_scan(reqhash, item, rules):
    request = requests_convert(item.data_obj['request'])
    out.good("start new mission: %s" % reqhash)
    request_stat = 0
    request_message = []
    request_result = {}
    vulnerable = 0
    for rule in rules:
        if config.load()['scan_stat'].lower() == "true":
            message = eval(rule + "_scan")(request,
                                           int(config.load()['scan_level']))
            request_stat = message['request_stat']
            if request_stat > vulnerable:
                vulnerable = request_stat
            request_message = message['message'].split("|,|")
            request_result[rule] = {
                "stat": request_stat,
                "message": request_message
            }
    request_result['stat'] = vulnerable
    if vulnerable > 0:
        item.mark_vulnerable()  # 标记为存在漏洞
    item.set_result(request_result)  # 响应数据入库
    item.set_status(ITEM_STATUS.FINISHED)  # 更新任务状态