def tasks_view():
# delete task
if request.args.get('delete'):
task_id = request.args.get('delete')
connectiondb(tasks_db).delete_one({'_id': ObjectId(task_id)})
connectiondb(vul_db).update({'task_id': ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True)
return "success"
# rescan
elif request.args.get('rescan'):
task_id = request.args.get('rescan')
connectiondb(tasks_db).update_one({'_id': ObjectId(task_id)}, {'$set': {'task_status': 'Preparation'}})
if connectiondb(vul_db).find_one({"task_id": ObjectId(task_id)}):
connectiondb(vul_db).update({'task_id': ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True)
try:
scanner = PocsuiteScanner(ObjectId(task_id))
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return "success"
except Exception as e:
raise e
# get task info for edit (get)
elif request.args.get('edit'):
task_id = request.args.get('edit')
task_edit_data = connectiondb(tasks_db).find_one({'_id': ObjectId(task_id)})
task_edit_data_json = {
'task_name': task_edit_data['task_name'],
'scan_target': '\n'.join(task_edit_data['scan_target']),
}
return jsonify(task_edit_data_json)
# default task view
task_data = connectiondb(tasks_db).find().sort('end_date', -1)
return render_template('task-management.html', task_data=task_data)
def tasks_edit():
# task update
task_name = request.form.get('taskname_val')
task_plan = request.form.get('recursion_val')
target_text = request.form.get('target_val').split('\n', -1)
task_id = request.form.get('task_id')
update_task_data = connectiondb(tasks_db).update_one(
{'_id': ObjectId(task_id)}, {
'$set': {
'task_name': task_name,
'task_recursion': task_plan,
'scan_target': target_text,
}
})
if update_task_data:
scanner = PocsuiteScanner(ObjectId(task_id))
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return 'success'
def add_customer():
# create task from new scan view (post)
if request.form.get('source') == 'add_cus':
cus_data = {
"cus_name":
request.form.get('cus_name'),
"cus_contact":
request.form.get('cus_contact'),
"cus_phone":
request.form.get('cus_phone'),
"cus_email":
request.form.get('cus_email').strip(),
"cus_zhouqi_start":
request.form.get('cus_zhouqi_start'),
"cus_zhouqi_end":
request.form.get('cus_zhouqi_end'),
"cus_serv_type":
request.form.get('cus_serv_type'),
# "cus_serv_zhouqi": request.form.get('cus_serv_zhouqi'),
"cus_other":
request.form.get('cus_other'),
"cus_add_time":
time.strftime('%Y-%m-%d %X', time.localtime(time.time())),
}
if cus_data:
existe_cus_datas = connectiondb(cus_db).find_one(
{'cus_name': cus_data['cus_name']})
if not existe_cus_datas:
cus_id = connectiondb(cus_db).insert_one(cus_data).inserted_id
# print cus_data
if cus_id:
# scanner = PocsuiteScanner(cus_id)
# t1 = Thread(target=scanner.set_scanner, args=())
# t1.start()
return "success"
else:
return 'repeat'
else:
return 'error'
# create task from asset (post)
elif request.form.get('source') == 'asset':
task_data = {
"task_name":
time.strftime("%y%m%d", time.localtime()) + "_" +
request.form.get('taskname_val'),
"task_recursion":
request.form.get('recursion_val'),
"scan_target":
request.form.get('target_val').replace('\r', '').split('\n', -1),
"plugin_id":
request.form.get('plugin_val').split(',', -1),
"start_date":
time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"end_date":
"-",
"task_status":
"Preparation"
}
if task_data:
task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id
if task_id:
scanner = PocsuiteScanner(task_id)
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return 'success'
else:
return 'error'
# create task from sub domain (post)
elif request.form.get('source') == 'subdomain':
task_data = {
"task_name":
time.strftime("%y%m%d", time.localtime()) + "_" +
request.form.get('taskname_val'),
"task_recursion":
request.form.get('recursion_val'),
"scan_target":
request.form.get('target_val').replace('\r', '').split('\n', -1),
"plugin_id":
request.form.get('plugin_val').split(',', -1),
"start_date":
time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"end_date":
"-",
"task_status":
"Preparation"
}
if task_data:
task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id
if task_id:
scanner = PocsuiteScanner(task_id)
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return 'success'
else:
return 'error'
def add_task():
# create task from new scan view (post)
if request.form.get('source') == 'scan_view':
server_target_tmp = []
asset_id_val = request.form.get('asset_id_val').split(',', -1)
for id_tmp in asset_id_val:
server_info_tmp = connectiondb(server_db).find(
{'asset_task_id': id_tmp}, {
"_id": 0,
"target": 1
})
for tmp_1 in server_info_tmp:
if tmp_1.has_key('target'):
server_target_tmp.append(tmp_1['target'])
# asset_target_val = ','.join(server_target_tmp)
scan_target_tmp = request.form.get('target_val').replace('\r',
'').split(
'\n', -1)
for tmp_2 in scan_target_tmp:
if tmp_2:
server_target_tmp.append(tmp_2)
task_data = {
"task_name":
time.strftime("%y%m%d", time.localtime()) + "_" +
request.form.get('taskname_val'),
"task_recursion":
request.form.get('recursion_val'),
"scan_target":
server_target_tmp,
"plugin_id":
request.form.get('plugin_val').split(',', -1),
"start_date":
time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"end_date":
"-",
"task_status":
"new"
}
# print task_data
if task_data:
task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id
if task_id:
scanner = PocsuiteScanner(task_id)
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return "success"
else:
return 'error'
# create task from asset (post)
elif request.form.get('source') == 'asset':
task_data = {
"task_name":
time.strftime("%y%m%d", time.localtime()) + "_" +
request.form.get('taskname_val'),
"task_recursion":
request.form.get('recursion_val'),
"scan_target":
request.form.get('target_val').replace('\r', '').split('\n', -1),
"plugin_id":
request.form.get('plugin_val').split(',', -1),
"start_date":
time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"end_date":
"-",
"task_status":
"Preparation"
}
if task_data:
task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id
if task_id:
scanner = PocsuiteScanner(task_id)
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return 'success'
else:
return 'error'
# create task from sub domain (post)
elif request.form.get('source') == 'subdomain':
task_data = {
"task_name":
time.strftime("%y%m%d", time.localtime()) + "_" +
request.form.get('taskname_val'),
"task_recursion":
request.form.get('recursion_val'),
"scan_target":
request.form.get('target_val').replace('\r', '').split('\n', -1),
"plugin_id":
request.form.get('plugin_val').split(',', -1),
"start_date":
time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"end_date":
"-",
"task_status":
"Preparation"
}
if task_data:
task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id
if task_id:
scanner = PocsuiteScanner(task_id)
t1 = Thread(target=scanner.set_scanner, args=())
t1.start()
return 'success'
else:
return 'error'