def scan(self):
MP = models.Project
MH = models.HostResult
MR = models.PortResult
ping = int(self.args.get('ping',0))
for target in [self.target] if ping else gethosts(self.target):
self.portscan(target)
ret = []
payloads = BaseHostPlugin.payloads() + BaseWebPlugin.payloads()
for plug in payloads:
for H in gethosts(self.target):
for P in MR.select().join(MH).where((MH.host_ip == H)&(MH.projectid == self.Q.projectid)):
if isinstance(plug,BaseHostPlugin):
host = BaseHost(str(P.host),str(P.port),service=str(P.service_name))
ret.append((plug,host))
elif str(P.service_name) == 'http':
hp = 'https' if '443' in str(P.port) else 'http'
url = '%s://%s:%s/'%(hp,str(P.host),str(P.port))
host = BaseWebSite(url)
ret.append((plug,host))
pool = CoroutinePool(len(payloads))
for plug,host in ret:
pool.spawn(self.payloadverify,plug,host)
pool.join()
def init(self):
'''更新任务类型'''
MT = models.TaskType
for name, f in self.tasklist.items():
try:
R = MT.get(MT.task_name == f['name'])
except MT.DoesNotExist:
R = MT(task_name=f['name'])
R.task_desc = f['doc']
R.task_type = f['type']
R.save()
'''更新插件'''
PluginsManage.load('./payloads')
MP = models.TaskPlugins
MV = models.Vulnerable
for plug in BaseHostPlugin.payloads() + BaseWebPlugin.payloads():
if plug.bugname == ('', ):
continue
RV, cd = MV.get_or_create(vul_name=plug.bugname)
if cd:
RV.vul_rank = plug.bugrank
RV.vul_desc = plug.bugdesc
RV.vul_plan = plug.bugplan
RV.vul_number = plug.bugnumber
RV.save()
R, cd = MP.get_or_create(plug_name=plug.__class__.__name__)
if cd:
R.updatedate = datetime.datetime.now()
R.vulid = RV
R.plug_desc = plug.bugname
R.plug_type = plug.__class__.__base__
R.plug_file = plug.__class__
R.save()
def webscan(self):
pool = CoroutinePool(3)
for payload in BaseWebPlugin.payloads():
pool.spawn(self.payloadverify,payload,self.crawle.website)
pool.join()
def webscan(self):
for payload in BaseWebPlugin.payloads():
self.payloadverify(payload, self.crawle.website)