def destroy(self, request, pk=None, **kwargs):
try:
rport = int(request.query_params.get('rport', None))
except Exception as _:
rport = None
try:
lport = int(request.query_params.get('lport', None))
except Exception as _:
lport = None
try:
sessionid = int(request.query_params.get('sessionid', None))
except Exception as _:
sessionid = None
try:
lhost = request.query_params.get('lhost', None)
rhost = request.query_params.get('rhost', None)
portfwdtype = str(request.query_params.get('type', None))
context = PortFwd.destory(portfwdtype=portfwdtype,
rport=rport, lport=lport,
lhost=lhost, rhost=rhost,
sessionid=sessionid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def add_or_update(hid=None,
port=None,
proxy=None,
banner=None,
service=None):
default_dict = {
'hid': hid,
'proxy': proxy,
'port': port,
'banner': banner,
'service': service,
'update_time': int(time.time())
} # 没有此主机数据时新建
model, created = PortServiceModel.objects.get_or_create(
hid=hid, port=port, defaults=default_dict)
if created is True:
return True # 新建后直接返回
# 有历史数据
with transaction.atomic():
try:
model = PortServiceModel.objects.select_for_update().get(
hid=hid, port=port)
model.proxy = proxy
model.banner = banner
model.service = service
model.save()
return True
except Exception as E:
logger.error(E)
return False
def create(self, request, **kwargs):
moduletype = request.data.get('moduletype', None)
if moduletype is None: # 默认模块
try:
sessionid = int(request.data.get('sessionid', None))
ipaddress = request.data.get('ipaddress', None)
loadpath = str(request.data.get('loadpath', None))
custom_param = str(request.data.get('custom_param', None))
context = PostModuleActuator.create_post(
loadpath=loadpath,
sessionid=sessionid,
ipaddress=ipaddress,
custom_param=custom_param)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
elif moduletype == "Bot":
try:
ipportlist = request.data.get('ipportlist', None)
loadpath = str(request.data.get('loadpath', None))
custom_param = str(request.data.get('custom_param', None))
context = PostModuleActuator.create_bot(
ipportlist=ipportlist,
loadpath=loadpath,
custom_param=custom_param)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
else:
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(sessionid=None):
if sessionid is None or sessionid <= 0:
context = data_return(304, Session_MSG.get(304), {})
return context
else:
params = [sessionid]
try:
result = RpcClient.call(Method.SessionStop, params, timeout=12)
if result is None: # 删除超时
Notice.send_success(
f"{Session_MSG.get(202)} SID: {sessionid}")
context = data_return(202, Session_MSG.get(202), {})
return context
elif result.get('result') == 'success':
Notice.send_success(
f"{Session_MSG.get(201)} SID: {sessionid}")
context = data_return(201, Session_MSG.get(201), {})
return context
else:
Notice.send_warning(
f"{Session_MSG.get(301)} SID: {sessionid}")
context = data_return(301, Session_MSG.get(301), {})
return context
except Exception as E:
logger.error(E)
Notice.send_warning(f"{Session_MSG.get(301)} SID: {sessionid}")
context = data_return(301, Session_MSG.get(301), {})
return context
def destory_host(ipaddress=None):
# 删除相关缓存信息
# 删除缓存的session命令行结果
# 255.255.255.255 特殊处理
if ipaddress == "255.255.255.255":
return False
Xcache.del_sessionio_cache(ipaddress=ipaddress)
# 删除缓存的模块结果
Xcache.del_module_result_by_ipaddress(ipaddress=ipaddress)
# 删除缓存的模块历史结果
Xcache.del_module_result_history_by_ipaddress(ipaddress=ipaddress)
try:
# 删除主表信息
HostModel.objects.filter(ipaddress=ipaddress).delete()
# 删除关联表信息
for OneModel in Host.REGISTER_DESTORY:
OneModel.objects.filter(ipaddress=ipaddress).delete()
# 删除edge表信息
EdgeModel.objects.filter(source=ipaddress).delete()
EdgeModel.objects.filter(target=ipaddress).delete()
return True
except Exception as E:
logger.error(E)
return False
def create(self, request, **kwargs):
try:
lport = int(request.data.get('lport', None))
except Exception as _:
lport = None
try:
rport = int(request.data.get('rport', None))
except Exception as _:
rport = None
try:
sessionid = int(request.data.get('sessionid', None))
except Exception as _:
sessionid = None
try:
portfwdtype = request.data.get('type', None)
lhost = request.data.get('lhost', None)
rhost = request.data.get('rhost', None)
context = PortFwd.create(portfwdtype=portfwdtype,
lhost=lhost, lport=lport, rhost=rhost, rport=rport,
sessionid=sessionid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
try:
context = Credential.list()
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), [])
return Response(context)
def putin_post_python_module_queue(self, post_module_intent=None):
try:
# 存储uuid
tmp_self_uuid = str(uuid.uuid1())
# 清空历史记录
post_module_intent.clean_log()
logger.warning("模块放入列表:{} job_id: {} uuid: {}".format(post_module_intent.NAME, None, tmp_self_uuid))
post_module_intent.module_self_uuid = tmp_self_uuid
self.ModuleJobsScheduler.add_job(func=post_module_intent._thread_run, max_instances=1, id=tmp_self_uuid)
# 放入缓存队列,用于后续删除任务,存储结果等
req = {
'broker': post_module_intent.MODULE_BROKER,
'uuid': tmp_self_uuid,
'module': post_module_intent,
'time': int(time.time()),
'job_id': None,
}
Xcache.create_module_task(req)
Notice.send_info(
"模块: {} {} 开始执行".format(post_module_intent.NAME, post_module_intent.target_str))
return True
except Exception as E:
logger.error(E)
return False
def destroy(self, request, pk=None, **kwargs):
try:
context = Transport.destory(query_params=request.query_params)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
"""查询数据库中的信息"""
try:
enfilename = request.query_params.get('en', None)
filename = FileMsf.decrypt_file_name(enfilename)
if filename is None:
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
binary_data = FileMsf.read_msf_file(filename)
if binary_data is None:
context = data_return(304, HostFile_MSG.get(304), {})
return context
response = HttpResponse(binary_data)
response['Content-Type'] = 'application/octet-stream'
response['Content-Disposition'] = f'attachment;filename="{filename}"'
response['Code'] = 200
response['Message'] = quote(FileMsf_MSG.get(203))
remote_client = request.META.get("HTTP_X_REAL_IP")
Notice.send_info(f"IP: {remote_client} 下载文件 : {filename}")
return response
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
try:
context = Notice.list_notices()
context = data_return(200, CODE_MSG.get(200), context)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
try:
hid = int(request.query_params.get('hid', -1))
context = Vulnerability.list(hid=hid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), [])
return Response(context)
def destory(hid=None, port=None):
try:
PortServiceModel.objects.filter(hid=hid, port=port).delete()
context = data_return(204, PortService_MSG.get(204), {})
except Exception as E:
logger.error(E)
context = data_return(304, PortService_MSG.get(304), {})
return context
def destroy(self, request, pk=None, **kwargs):
try:
jobid = int(request.query_params.get('jobid', None))
context = Handler.destroy(jobid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, pk=None, **kwargs):
try:
loader_uuid = request.query_params.get('uuid', None)
context = LazyLoader.destory(loader_uuid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, pk=None, **kwargs):
try:
filename = str(request.query_params.get('name', None))
context = FileMsf.destory(filename)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, pk=None, **kwargs):
try:
Notice.clean_notices()
context = data_return(201, Notice_MSG.get(201), {})
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, *args, **kwargs):
try:
context = PostModuleResultHistory.destory()
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destory(cid=None):
try:
CredentialModel.objects.filter(id=cid).delete()
context = data_return(204, Credential_MSG.get(204), {})
except Exception as E:
logger.error(E)
context = data_return(304, Credential_MSG.get(304), {})
return context
def list(self, request, **kwargs):
try:
sessionid = int(request.query_params.get('sessionid', None))
context = Transport.list(sessionid=sessionid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def store_log_from_sub(message=None):
body = message.get('data')
try:
msf_module_logs_dict = json.loads(body)
Notice.send(f"MSF> {msf_module_logs_dict.get('content')}", level=msf_module_logs_dict.get("level"))
except Exception as E:
logger.error(E)
return False
def destory(vid=None):
try:
VulnerabilityModel.objects.filter(id=vid).delete()
context = data_return(204, Vulnerability_MSG.get(204), {})
except Exception as E:
logger.error(E)
context = data_return(304, Vulnerability_MSG.get(304), {})
return context
def destroy(self, request, pk=None, **kwargs):
try:
ipaddress = request.query_params.get('ipaddress', None)
context = SessionIO.destroy(ipaddress)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, pk=None, **kwargs):
try:
vid = int(request.query_params.get('id', None))
context = Vulnerability.destory(vid=vid)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
try:
ipaddress = request.query_params.get('ipaddress', None)
context = Vulnerability.list(ipaddress=ipaddress)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), [])
return Response(context)
def list_jobs():
"""获取后台任务列表,包括msf任务及本地多模块任务"""
msf_jobs_dict = Job.list_msfrpc_jobs_no_cache()
if msf_jobs_dict is None: # msfrpc临时异常
uncheck = True # 跳过任务检查
msf_jobs_dict = {}
else:
uncheck = False
reqs = Xcache.list_module_tasks()
reqs_temp = []
for req in reqs:
# post python module
if req.get("job_id") is None:
req["moduleinfo"] = PostModuleSerializer(req.get("module"),
many=False).data
req["moduleinfo"]['_custom_param'] = Job._deal_dynamic_param(
req["moduleinfo"]['_custom_param'])
req.pop("module") # 弹出module实例
reqs_temp.append(req)
continue
# post msf module
# 跳过任务检查
if uncheck:
req["moduleinfo"] = PostModuleSerializer(req.get("module"),
many=False).data
req.pop("module") # 弹出module实例
req["moduleinfo"]['_custom_param'] = Job._deal_dynamic_param(
req["moduleinfo"]['_custom_param'])
reqs_temp.append(req)
continue
elif msf_jobs_dict.get(str(req.get("job_id"))) is not None:
req["moduleinfo"] = PostModuleSerializer(req.get("module"),
many=False).data
req["moduleinfo"]['_custom_param'] = Job._deal_dynamic_param(
req["moduleinfo"]['_custom_param'])
req.pop("module") # 弹出module实例
reqs_temp.append(req)
continue
else:
# 清除失效的任务
if int(time.time()) - req.get("time") >= 30:
logger.error(f"清除失效的任务: {req.get('module').NAME}")
logger.error(req)
Xcache.del_module_task_by_uuid(req.get("uuid"))
else:
# 如果创建时间不足30秒,则等待callback处理数据
req["moduleinfo"] = PostModuleSerializer(req.get("module"),
many=False).data
req["moduleinfo"][
'_custom_param'] = Job._deal_dynamic_param(
req["moduleinfo"]['_custom_param'])
req.pop("module")
reqs_temp.append(req)
continue
return reqs_temp
def list(ipaddress=None):
data = Vulnerability.list_vulnerability(ipaddress=ipaddress)
try:
format_data = Vulnerability.format_source_module(data)
except Exception as E:
format_data = data
logger.error(E)
context = data_return(200, CODE_MSG.get(200), format_data)
return context
def create(self, request, **kwargs):
try:
file = request.FILES['file']
context = FileMsf.create(file=file)
return Response(context)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def destroy(self, request, pk=None, **kwargs):
try:
ipaddress = request.query_params.get('ipaddress', None)
port = int(request.query_params.get('port', None))
context = PortService.destory(ipaddress=ipaddress, port=port)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)
def list(self, request, **kwargs):
try:
hid = int(request.query_params.get('hid', None))
loadpath = str(request.query_params.get('loadpath', None))
context = PostModuleResult.list(hid=hid, loadpath=loadpath)
except Exception as E:
logger.error(E)
context = data_return(500, CODE_MSG.get(500), {})
return Response(context)