def get_person(id):
response.content_type = AppConfig.content_type
person = db(db.person.id == id).select(db.person.ALL).first()
if person:
return str(json.dumps(person.as_dict()))
else:
return str(json.dumps(dict()))
def export_shell_file(filename: str, separator: str = '|') -> [int]:
num, shell_list = 0, db().getall()
with open(filename, "w+") as f:
for shell in shell_list:
f.write(shell['shell'] + separator + shell['passwd'] + "\n")
num = num + 1
return num
def delete_person(id):
response.content_type = AppConfig.content_type
n = db(db.person.id == id).delete()
if n == 1:
db.commit()
return str(json.dumps({u'result': u'success', u'message': u'Person deleted'}))
else:
return str(json.dumps({u'result': u'error', u'message': u'Person does not exists'}))
def __init__(self, id, parent):
super(self_exec_ui, self).__init__(parent)
self.main = parent # 主程序UI
self.ui = uic.loadUi("view/ui/ShowEdit_shellManage.ui", self)
self.main.tabWidget.addTab(self, "self_exec")
self.main.tabWidget.setCurrentWidget(self)
self.db = db()
record = self.db.get(id)
self.siteurl = record.shell
self.sitepass = record.passwd
self.ui.send_pushButton.clicked.connect(self.exc_code)
self.init_linker()
def batch_text(self):
self.successed = 0
self.failed = 0
self.failed_list = []
def result(res):
if res[0]:
self.successed += 1
else:
self.failed += 1
self.failed_list.append(res[1])
self.cls.statusBar.showMessage(
"批量测试中 %s/%s" %
(self.successed + self.failed, len(rows.selectedRows())), 3000)
if self.successed + self.failed >= len(rows.selectedRows()):
QMessageBox.critical(
self.cls, 'pyshell', "批量测试完成,成功%s,失败%s,正在删除失效shell" %
(self.successed, self.failed))
if self.failed_list:
for i in self.failed_list:
id = self.cls.ui.tableWidget.item(i, 0).text()
self.db.delete(int(id))
self.cls.ui.tableWidget.removeRow(i)
else:
QMessageBox.information(self.cls, 'pyshell',
"删除失效shell成功")
rows = self.cls.ui.tableWidget.selectionModel()
for row in rows.selectedRows():
id = self.cls.ui.tableWidget.item(row.row(), 0).text()
url = db().get(int(id)).shell
passwd = db().get(int(id)).passwd
start_runnable(test_shell,
result,
url=url,
passwd=passwd,
type="php",
row=row.row())
def load_from_file(filename: str, separator: str = '|') -> [int, int]:
"""从给定的文件中读取记录并插入数据库中
filename:给定的文件名,绝对路径
separator:每条记录的分隔符,由用户指定
ignore:忽略单行错误,如果某一行出现错误,则跳过不处理。如果为false,则不继续导入,返回已经导入成功的数字和false
返回值 返回元祖,第一项为成功导入的数字,第二项为是否全部导入成功(Ture or False)
例如如果文件100行记录,导入100行全部成功,则返回100,True
如果成功导入90行,则返回90,False
例如
http://www.qq.com/1.php|cmd
则separator为|,前面的为url,后面的为shell的链接密码,如果url没有以http://开头,则给添加上(默认http)
if not url.startWith("http://):
do something
插入数据库,调用model.db,首先实例化,然后调用insert函数
例:
db = db()
db.insert(records)
insert()每个参数的含义(从左到右依次)
types:shell的类型,大写字符串 PHP/ASP/ASPX/CUSTOMER
shell:shell的地址(记得添加http://)
passwd:shell的密码
config:shell的配置,目前留空(空字符串)
remark:shell的备注
type_id:目前为"0"
coding:shell的编码,默认utf-8
createdtime:shell创建日期 字符串类型 time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
updatetime:shell更新日期,目前暂时和createdtime一致即可
"""
num, failed_num, shell_db, created_time = 0, 0, db(), time.strftime(
"%Y-%m-%d %H:%M:%S", time.localtime())
with open(filename, "r") as f:
for num, line in enumerate(f, 1):
shell = line.strip().split(separator)
if not len(shell) == 2:
failed_num += 1
continue
if not shell[0].startswith("http"):
shell[0] = "http://" + shell[0]
shell_type = re.findall("(.php|.aspx|.asp)", shell[0],
re.I) # 识别并添加shell类型
if len(shell_type):
shell_type = shell_type[0].upper().replace('.', '')
else:
shell_type = "CUSTOMER"
shell.insert(0, shell_type)
shell.extend(['', '', 0, 'utf-8', created_time, created_time])
shell_db.insert(*shell)
return num, num ^ failed_num
def refresh_table_item(self):
rows = db().getall()
for row in rows:
i = self.ui.tableWidget.rowCount()
self.ui.tableWidget.insertRow(i)
self.ui.tableWidget.setItem(i, 0, QTableWidgetItem(str(row.id)))
self.ui.tableWidget.setItem(i, 1, QTableWidgetItem(row.types))
self.ui.tableWidget.setItem(i, 2, QTableWidgetItem(row.shell))
self.ui.tableWidget.setItem(
i, 3, QTableWidgetItem(get_location_from_domain(row.shell)))
self.ui.tableWidget.setItem(i, 4, QTableWidgetItem(row.remark))
self.ui.tableWidget.setItem(i, 5,
QTableWidgetItem(row.createdtime))
self.ui.tableWidget.setItem(i, 6, QTableWidgetItem(row.updatetime))
def __init__(self, id, parent):
super(file_ui, self).__init__(parent)
self.main = parent
self.ui = uic.loadUi("view/ui/ShowFileManage.ui", self) # 动态加标签
self.ui.ComPath.setMouseTracking(False)
self.ui.ComPath.setAcceptDrops(False)
self.ui.ComPath.setEditable(True)
self.ui.ComPath.setMaxVisibleItems(15) # 设置下拉最大选项数为15
self.ui.ComPath.installEventFilter(self) # 在窗体上为self.edit安装过滤器
self.ui.file_treeWidget.setColumnCount(1)
self.ui.file_treeWidget.setHeaderLabels(["文件管理"])
self.ui.file_treeWidget.setColumnWidth(0, 700) # 设置列宽
self.ui.file_tableWidget.setColumnCount(5) # 列
self.ui.file_tableWidget.setRowCount(0) # 行 len(node)
self.ui.file_tableWidget.setHorizontalHeaderLabels(
['is_dir', '名称', '时间', '大小', '属性'])
self.ui.file_tableWidget.setColumnWidth(0, 0) # 设置表格的各列的宽度值
self.ui.file_tableWidget.setColumnWidth(1, 320) # 设置表格的各列的宽度值
self.ui.file_tableWidget.setColumnWidth(2, 170) # 设置表格的各列的宽度值
self.ui.file_tableWidget.setColumnWidth(3, 100) # 设置表格的各列的宽度值
self.ui.file_tableWidget.setColumnWidth(4, 160) # 设置表格的各列的宽度值
self.ui.file_tableWidget.setEditTriggers(
QTableWidget.NoEditTriggers) # 设置表格的单元为只读属性,即不能编辑
self.ui.file_tableWidget.setSelectionBehavior(
QTableWidget.SelectRows) # 点击选择是选择行//设置选中时为整行选中
self.ui.file_tableWidget.setSelectionMode(
QTableWidget.SingleSelection) # 禁止多行选择
self.ui.file_tableWidget.setAlternatingRowColors(True) # 还是只可以选择单行(单列)
self.ui.file_tableWidget.verticalHeader().hide() # 隐藏行头
self.ui.file_tableWidget.setAlternatingRowColors(True) # 隔行换色
self.setAcceptDrops(True)
self.main.tabWidget.addTab(self, "File_Manager")
self.main.tabWidget.setCurrentWidget(self)
self.db = db()
record = self.db.get(id)
self.siteurl = record.shell
self.sitepass = record.passwd
self.get_baseinfo_from_server()
self.ui.file_tableWidget.setContextMenuPolicy(Qt.CustomContextMenu)
self.ui.setContextMenuPolicy(Qt.CustomContextMenu)
self.ui.file_tableWidget.customContextMenuRequested.connect(
self.file_tableWidget_menu)
self.ui.file_tableWidget.cellDoubleClicked.connect(
self.tabledoubleclicked)
self.ui.file_treeWidget.itemClicked.connect(self.treeclicked)
self.my = {}
# self.file_tableWidget.dragEnterEvent.connect(self.dragEnterEventxxx) #拖拽接收文件
self.ui.look_Button.clicked.connect(lambda: self.get_item_form_folder(
self.ui.ComPath.currentText().strip()))
def update_person(id):
response.content_type = AppConfig.content_type
person = request.json
record = db(db.person.id == id).validate_and_update(
firstname=person['firstname'],
lastname=person['lastname'],
gender=person['gender'],
phone=person['phone']
)
if not record.errors:
db.commit()
return str(json.dumps({u'result': u'success', u'message': u'Updated person into database'}))
else:
return str(json.dumps({u'result': u'error', u'message': record.errors.as_dict()}))
def __init__(self, id: int, parent):
super(cmd_ui, self).__init__(parent)
self.main_ui = parent
self.ui = uic.loadUi("view/ui/ShowcmdManage.ui", self) # 动态加标签
self.ui.parameter_0.setMouseTracking(False)
self.ui.parameter_0.setAcceptDrops(False)
self.ui.parameter_0.setEditable(True)
self.ui.parameter_0.setMaxVisibleItems(15) # 设置下拉最大选项数为15
self.ui.parameter_0.installEventFilter(self) # 在窗体上为self.edit安装过滤器
self.ui.pushButton.clicked.connect(self.execute_cmd) # shell命令
self.ui.cmd_shell_TextEdit.setStyleSheet("color:rgb(245,245,245)") # 文本颜色
self.ui.cmd_shell_TextEdit.setStyleSheet("background-color:rgb(192,192,192)") # 背景色
self.ui.cmd_shell_TextEdit.setReadOnly(True)
self.main_ui.tabWidget.addTab(self, "cmd")
self.main_ui.tabWidget.setCurrentWidget(self)
self.db = db()
record = self.db.get(id)
self.siteurl = record.shell
self.sitepass = record.passwd
self.get_metadata_from_server()
def tableWidget_ini(self):
self.db = db()
self.tableWidget.setColumnCount(7) # 列
self.tableWidget.setRowCount(0) # 行 len(node)
self.tableWidget.setHorizontalHeaderLabels(
['ID', '-', '网址', 'IP/物理位置', '备注', 'insert', 'update'])
self.tableWidget.setColumnWidth(0, 0) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(1, 40) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(2, 300) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(3, 290) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(4, 90) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(5, 150) # 设置表格的各列的宽度值
self.tableWidget.setColumnWidth(6, 150) # 设置表格的各列的宽度值
self.tableWidget.setRowHeight(0, 23)
self.tableWidget.setEditTriggers(
QTableWidget.NoEditTriggers) # 设置表格的单元为只读属性,即不能编辑
self.tableWidget.setSelectionBehavior(
QTableWidget.SelectRows) # 点击选择是选择行//设置选中时为整行选中
self.tableWidget.setAlternatingRowColors(True) # 还是只可以选择单行(单列)
self.tableWidget.verticalHeader().hide() # 隐藏行头
start_runnable(self.refresh_table_item, lambda x: x)
def all_persons():
response.content_type = AppConfig.content_type
return json.dumps(db().select(db.person.ALL).as_list())
def __init__(self):
self.db = db()