def do_desc(cls, request):
rule_id = request.GET.get('id')
rule = Rule.objects.get(rule_id=rule_id)
record= {'name':rule.rule_name, 'description':rule.description, 'solution':rule.solution }
for k, v in record.iteritems():
record[k] = escape(v).replace('\r\n','<br />')
return HttpResponse(json_success(record))
def do_basic(cls, request):
task_id = request.GET.get('task_id')
task = Task.objects.get(id=task_id)
pro = task.progress.split('|')
if pro[-1] == '':
progress = '0%'
if task.reachable:
rule_name = '扫描引擎初始化'
else:
rule_name = '请确认目标网站是否可以访问'
elif pro[-1] != 'END':
rules_count = Rule.objects.count()
progress = "%d%%" % (float(len(pro)) / (rules_count + 2) * 100)
rule = Rule.objects.get(rule_id=pro[-1])
rule_name = rule.rule_name
else:
progress = '100%'
rule_name = ''
result = {
'progress': progress,
'rule_name': rule_name,
'spider_flag': task.spider_flag,
'task_status': task.status
}
return HttpResponse(json_success(result))
def do_start(cls, request):
task_id = request.POST.get("task_id")
try:
int(task_id)
except ValueError:
return HttpResponse(json_error('任务id格式有误'))
try:
task = Task.objects.get(id=task_id)
if task.status == TASK.RUNNING:
return HttpResponse(json_error('该任务正在运行,请先停止'))
except Exception:
return HttpResponse(json_error('该任务已不存在,请刷新重试'))
else:
cmd = {'action':'start','task_ids':task_id}
res = send_request(cls.MODULE_NAME, cmd)
if res['success']:
task.status = TASK.RUNNING
task.progress = ''
task.spider_flag = TASK.WAIT
task.start_time = datetime.now()
task.end_time = None
task.save()
msg = json_success('start')
else:
msg = json_error('命令执行失败')
return HttpResponse(msg)
def do_start(cls, request):
task_id = request.POST.get("task_id")
try:
int(task_id)
except ValueError:
return HttpResponse(json_error('任务id格式有误'))
try:
task = Task.objects.get(id=task_id)
if task.status == TASK.RUNNING:
return HttpResponse(json_error('该任务正在运行,请先停止'))
except Exception:
return HttpResponse(json_error('该任务已不存在,请刷新重试'))
else:
cmd = {'action': 'start', 'task_ids': task_id}
res = send_request(cls.MODULE_NAME, cmd)
if res['success']:
task.status = TASK.RUNNING
task.progress = ''
task.spider_flag = TASK.WAIT
task.start_time = datetime.now()
task.end_time = None
task.save()
msg = json_success('start')
else:
msg = json_error('命令执行失败')
return HttpResponse(msg)
def do_get(cls,request):
task_id = request.POST.get("task_id")
task = Task.objects.get(id=task_id)
_ = copy.deepcopy(task.__dict__)
_.pop('_state')
_.pop('start_time')
_.pop('end_time')
return HttpResponse(json_success(_))
def do_get(cls, request):
task_id = request.POST.get("task_id")
task = Task.objects.get(id=task_id)
_ = copy.deepcopy(task.__dict__)
_.pop('_state')
_.pop('start_time')
_.pop('end_time')
return HttpResponse(json_success(_))
def do_vul(cls, request):
task_id = request.GET.get('task_id')
result_id = request.GET.get('id')
result = Result.objects.get(task_id=task_id, id=result_id)
record = {'url':result.url, 'detail':result.detail, 'request':result.request, 'response':result.response}
rule = Rule.objects.get(rule_id=result.rule_id)
for k, v in record.iteritems():
record[k] = escape(v).replace('\r\n','<br />')
return HttpResponse(json_success(record))
def do_edit(cls,request):
task_id = request.POST.get("task_id")
task_name = request.POST.get("task_name")
task_starturl = request.POST.get("task_starturl")
task_base = request.POST.get("task_base")
task_urlcount = request.POST.get("task_urlcount")
Task.objects.filter(id=task_id).update(name=task_name, start_url=task_starturl,
base=task_base, url_count=task_urlcount)
return HttpResponse(json_success(''))
def do_delete(cls, request, delete_task=True):
task_ids = request.POST.get("task_id").split(',')
if Task.objects.filter(id__in=task_ids).filter(status=TASK.RUNNING).count()>0:
msg = json_error('任务正在运行,请重新选择!')
else:
if delete_task:
Task.objects.filter(id__in=task_ids).delete()
Result.objects.filter(task_id__in=task_ids).delete()
Url.objects.filter(task_id__in=task_ids).delete()
msg = json_success('success')
return HttpResponse(msg)
def do_desc(cls, request):
rule_id = request.GET.get('id')
rule = Rule.objects.get(rule_id=rule_id)
record = {
'name': rule.rule_name,
'description': rule.description,
'solution': rule.solution
}
for k, v in record.iteritems():
record[k] = escape(v).replace('\r\n', '<br />')
return HttpResponse(json_success(record))
def do_edit(cls, request):
task_id = request.POST.get("task_id")
task_name = request.POST.get("task_name")
task_starturl = request.POST.get("task_starturl")
task_base = request.POST.get("task_base")
task_urlcount = request.POST.get("task_urlcount")
Task.objects.filter(id=task_id).update(name=task_name,
start_url=task_starturl,
base=task_base,
url_count=task_urlcount)
return HttpResponse(json_success(''))
def do_delete(cls, request, delete_task=True):
task_ids = request.POST.get("task_id").split(',')
if Task.objects.filter(id__in=task_ids).filter(
status=TASK.RUNNING).count() > 0:
msg = json_error('任务正在运行,请重新选择!')
else:
if delete_task:
Task.objects.filter(id__in=task_ids).delete()
Result.objects.filter(task_id__in=task_ids).delete()
Url.objects.filter(task_id__in=task_ids).delete()
msg = json_success('success')
return HttpResponse(msg)
def do_vul(cls, request):
task_id = request.GET.get('task_id')
result_id = request.GET.get('id')
result = Result.objects.get(task_id=task_id, id=result_id)
record = {
'url': result.url,
'detail': result.detail,
'request': result.request,
'response': result.response
}
rule = Rule.objects.get(rule_id=result.rule_id)
for k, v in record.iteritems():
record[k] = escape(v).replace('\r\n', '<br />')
return HttpResponse(json_success(record))
def do_basic(cls, request):
task_id = request.GET.get('task_id')
task = Task.objects.get(id=task_id)
pro = task.progress.split('|')
if pro[-1] == '':
progress = '0%'
if task.reachable:
rule_name = '扫描引擎初始化'
else:
rule_name = '请确认目标网站是否可以访问'
elif pro[-1] != 'END':
rules_count = Rule.objects.count()
progress = "%d%%" % (float(len(pro))/(rules_count+2)*100)
rule = Rule.objects.get(rule_id=pro[-1])
rule_name = rule.rule_name
else:
progress = '100%'
rule_name = ''
result = {'progress':progress, 'rule_name':rule_name, 'spider_flag':task.spider_flag,
'task_status':task.status
}
return HttpResponse(json_success(result))
def do_stop(cls, request):
task_id = request.POST.get("task_id")
try:
int(task_id)
except ValueError:
return HttpResponse(json_error('任务id格式有误'))
try:
task = Task.objects.get(id=task_id)
if task.status != TASK.RUNNING:
return HttpResponse(json_error('该任务已经停止'))
except Exception:
return HttpResponse(json_error('该任务已不存在,请刷新重试'))
else:
cmd = {'action':'stop','task_ids':task_id}
res = send_request(cls.MODULE_NAME, cmd)
if res['success']:
task.status = TASK.STOP
task.save()
msg = json_success('stop')
else:
msg = json_error('命令执行失败')
return HttpResponse(msg)
def do_stop(cls, request):
task_id = request.POST.get("task_id")
try:
int(task_id)
except ValueError:
return HttpResponse(json_error('任务id格式有误'))
try:
task = Task.objects.get(id=task_id)
if task.status != TASK.RUNNING:
return HttpResponse(json_error('该任务已经停止'))
except Exception:
return HttpResponse(json_error('该任务已不存在,请刷新重试'))
else:
cmd = {'action': 'stop', 'task_ids': task_id}
res = send_request(cls.MODULE_NAME, cmd)
if res['success']:
task.status = TASK.STOP
task.save()
msg = json_success('stop')
else:
msg = json_error('命令执行失败')
return HttpResponse(msg)
