def get_scan_results(self):
log.debug(">>> Getting scan results stored in data base")
u = UmitDB()
for scan in u.get_scans():
log.debug(">>> Retrieving result of scans_id %s" % scan.scans_id)
log.debug(">>> Nmap xml output: %s" % scan.nmap_xml_output)
temp_file = mktemp(".usr", "umit_")
tmp = open(temp_file, "w")
tmp.write(scan.nmap_xml_output)
tmp.close()
try:
parsed = NmapParser()
parsed.set_xml_file(temp_file)
parsed.parse()
# Remove temporary file reference
parsed.nmap_xml_file = ""
except:
pass
else:
yield parsed
def get_scan_results(self):
log.debug(">>> Getting scan results stored in data base")
u = UmitDB()
for scan in u.get_scans():
log.debug(">>> Retrieving result of scans_id %s" % scan.scans_id)
log.debug(">>> Nmap xml output: %s" % scan.nmap_xml_output)
temp_file = mktemp(".usr", "umit_")
tmp = open(temp_file, "w")
tmp.write(scan.nmap_xml_output)
tmp.close()
try:
parsed = NmapParser()
parsed.set_xml_file(temp_file)
parsed.parse()
# Remove temporary file reference
parsed.nmap_xml_file = ""
except:
pass
else:
yield parsed
def delete_scan(req, scan_id):
db = UmitDB()
cursor = db.cursor
if int(scan_id) not in db.get_scans_ids():
raise Http404
try:
cursor.execute("DELETE FROM scans WHERE scans_id=%d" % int(scan_id))
except Exception, e:
return HttpResponse("{'result': 'FAIL', 'error': '%s'}" % str(e))
def delete_scan(req, scan_id):
db = UmitDB()
cursor = db.cursor
if int(scan_id) not in db.get_scans_ids():
raise Http404
try:
cursor.execute("DELETE FROM scans WHERE scans_id=%d" % int(scan_id))
except Exception, e:
return HttpResponse("{'result': 'FAIL', 'error': '%s'}" % str(e))
def get_saved_scans(req):
db = UmitDB()
data = [{
"id":
str(s.scans_id),
"name":
str(s.scan_name).replace("'", "\\'"),
"date":
datetime.datetime.fromtimestamp(s.date).strftime("%Y-%m-%d %H:%M:%S")
} for s in db.get_scans()
if req.POST.get("search", "").lower() in s.scan_name.lower()]
return HttpResponse(str(data))
def get_saved_scans(req):
db = UmitDB()
data = [
{
"id": str(s.scans_id),
"name": str(s.scan_name).replace("'", "\\'"),
"date": datetime.datetime.fromtimestamp(s.date).strftime("%Y-%m-%d %H:%M:%S"),
}
for s in db.get_scans()
if req.POST.get("search", "").lower() in s.scan_name.lower()
]
return HttpResponse(str(data))
def get_scan(req, scan_id):
db = UmitDB()
if scan_id not in [str(sid) for sid in db.get_scans_ids()]:
raise Http404
scan = Scans(scans_id=scan_id)
ftemp = open(mktemp(), "w", 0)
ftemp.write(scan.nmap_xml_output)
ftemp.flush()
parser = NmapParser(ftemp.name)
parser.parse()
return HttpResponse("{'result': 'OK', 'output': '%s', 'xml': '%s'}" % \
(parser.get_nmap_output().replace("'", "\\'").\
replace("\r", "").replace("\n", "\\n' + \n'"),
open(ftemp.name).read().replace('"', "'").\
replace("'", "\\'").\
replace("\n", "\\n' + \n'")),
"text/plain")
def upload_result(req):
if req.POST:
if req.POST['type'] == "file":
try:
parser = NmapParser()
parser.set_xml_file(req.FILES['scan_result']['temp_file'])
parser.parse()
parsed_scan = ScanJsonParser(parser).parse()
junk = r"odpojfsdkjfpisudŕij208u-0w9rsdnfkdfçwrtwqr/fsasd~/???çds"
key = md5.new(str(random.randint(0, sys.maxint-1)) \
+ str(random.randint(1, sys.maxint-1)//2) \
+ junk).hexdigest()
req.session['scan_result_' + key] = open(
req.FILES['scan_result']['temp_name'], 'r').read()
text_out = parser.nmap_output.replace("'", "\\'").replace(
"\r", "").replace("\n", "\\n' + \n'")
parsed_scan = parsed_scan.replace("\n", "\\n' + \n'")
return HttpResponse(("{'result': 'OK', 'id': '%s', 'output': " + \
"{'plain': '%s', 'full': %s}}") % \
(key, text_out, parsed_scan), "text/plain")
except Exception, ex:
logger.error("ERROR PARSING SCAN: %s" % str(ex))
return HttpResponse(
"{'result': 'FAIL', 'output': '%s'}" %
str(ex).replace("'", "\\'"), "text/plain")
else:
scan_id = req.POST['scanId']
db = UmitDB()
if scan_id not in [str(sid) for sid in db.get_scans_ids()]:
return HttpResponse(
"{'result': 'FAIL', 'output': 'Scan not found!'}")
scan = Scans(scans_id=scan_id)
ftemp = open(mktemp(), "w", 0)
ftemp.write(scan.nmap_xml_output)
ftemp.flush()
parser = NmapParser(ftemp.name)
parser.parse()
return HttpResponse("{'result': 'OK', 'output': {'plain': '%s', 'full': %s}}" % \
(parser.get_nmap_output().replace("'", "\\'").\
replace("\r", "").replace("\n", "\\n' + \n'"),
ScanJsonParser(parser).parse()),
"text/plain")
def get_scan(req, scan_id):
db = UmitDB()
if scan_id not in [str(sid) for sid in db.get_scans_ids()]:
raise Http404
scan = Scans(scans_id=scan_id)
ftemp = open(mktemp(), "w", 0)
ftemp.write(scan.nmap_xml_output)
ftemp.flush()
parser = NmapParser(ftemp.name)
parser.parse()
return HttpResponse(
"{'result': 'OK', 'output': '%s', 'xml': '%s'}"
% (
parser.get_nmap_output().replace("'", "\\'").replace("\r", "").replace("\n", "\\n' + \n'"),
open(ftemp.name).read().replace('"', "'").replace("'", "\\'").replace("\n", "\\n' + \n'"),
),
"text/plain",
)
def upload_result(req):
if req.POST:
if req.POST["type"] == "file":
try:
parser = NmapParser()
parser.set_xml_file(req.FILES["scan_result"]["temp_file"])
parser.parse()
parsed_scan = ScanJsonParser(parser).parse()
junk = r"odpojfsdkjfpisudŕij208u-0w9rsdnfkdfçwrtwqr/fsasd~/???çds"
key = md5.new(
str(random.randint(0, sys.maxint - 1)) + str(random.randint(1, sys.maxint - 1) // 2) + junk
).hexdigest()
req.session["scan_result_" + key] = open(req.FILES["scan_result"]["temp_name"], "r").read()
text_out = parser.nmap_output.replace("'", "\\'").replace("\r", "").replace("\n", "\\n' + \n'")
parsed_scan = parsed_scan.replace("\n", "\\n' + \n'")
return HttpResponse(
("{'result': 'OK', 'id': '%s', 'output': " + "{'plain': '%s', 'full': %s}}")
% (key, text_out, parsed_scan),
"text/plain",
)
except Exception, ex:
logger.error("ERROR PARSING SCAN: %s" % str(ex))
return HttpResponse("{'result': 'FAIL', 'output': '%s'}" % str(ex).replace("'", "\\'"), "text/plain")
else:
scan_id = req.POST["scanId"]
db = UmitDB()
if scan_id not in [str(sid) for sid in db.get_scans_ids()]:
return HttpResponse("{'result': 'FAIL', 'output': 'Scan not found!'}")
scan = Scans(scans_id=scan_id)
ftemp = open(mktemp(), "w", 0)
ftemp.write(scan.nmap_xml_output)
ftemp.flush()
parser = NmapParser(ftemp.name)
parser.parse()
return HttpResponse(
"{'result': 'OK', 'output': {'plain': '%s', 'full': %s}}"
% (
parser.get_nmap_output().replace("'", "\\'").replace("\r", "").replace("\n", "\\n' + \n'"),
ScanJsonParser(parser).parse(),
),
"text/plain",
)