def query_plugins(self, weapon_system, rpc): if 0 < len(weapon_system.plugins): self.output += "[-] Clearing old plugin(s) ...\n" for old_plugin in weapon_system.plugins: dbsession.delete(old_plugin) dbsession.flush() self.output += "[*] Attempting to detect remote plugin(s) ...\n" for algo in Algorithm.all(): self.output += "[+] Looking for %s plugins ..." % algo plugin_names = rpc.root.exposed_get_category_plugins(algo.name) self.output += " found %d\n" % len(plugin_names) for plugin_name in plugin_names: self.output += "[+] Query info from remote plugin '%s'\n" % plugin_name details = rpc.root.exposed_get_plugin_details(algo.name, plugin_name) plugin = PluginDetails( name=unicode(plugin_name), author=unicode(details['author']), website=unicode(details['website']), version=unicode(details['version']), description=unicode(details['description']), copyright=unicode(details['copyright']), ) plugin.precomputation = details['precomputation'] plugin.algorithm_id = algo.id weapon_system.plugins.append(plugin)
def query_plugins(self, weapon_system, rpc): if 0 < len(weapon_system.plugins): self.output += "[-] Clearing old plugin(s) ...\n" for old_plugin in weapon_system.plugins: dbsession.delete(old_plugin) dbsession.flush() self.output += "[*] Attempting to detect remote plugin(s) ...\n" for algo in Algorithm.all(): self.output += "[+] Looking for %s plugins ..." % algo plugin_names = rpc.root.exposed_get_category_plugins(algo.name) self.output += " found %d\n" % len(plugin_names) for plugin_name in plugin_names: self.output += "[+] Query info from remote plugin '%s'\n" % plugin_name details = rpc.root.exposed_get_plugin_details( algo.name, plugin_name) plugin = PluginDetails( name=unicode(plugin_name), author=unicode(details['author']), website=unicode(details['website']), version=unicode(details['version']), description=unicode(details['description']), copyright=unicode(details['copyright']), ) plugin.precomputation = details['precomputation'] plugin.algorithm_id = algo.id weapon_system.plugins.append(plugin)
def post(self, *args, **kwargs): uuid = self.get_argument('uuid', '') payload = Payload.by_uuid(uuid) user = self.get_current_user() if payload is not None and payload in user.history: dbsession.delete(payload) dbsession.flush() self.redirect('/history')
def post(self, *args, **kwargs): ''' AJAX // Delete a paste object from the database ''' paste_uuid = self.get_argument("uuid", "") paste = PasteBin.by_uuid(paste_uuid) user = self.get_current_user() if paste is not None and paste.team_id == user.team.id: dbsession.delete(paste) dbsession.flush() self.redirect("/user/share/pastebin")
def deleteUser(): data = request.get_json(force=True) print('data:',data, type(data)) query = None try: query = dbsession.query(models.User).filter_by(email=data['email'], password=data['password']).one() except: return jsonify({'status':'error', 'error':'The user is not registered!'}) dbsession.delete(query) dbsession.commit() return jsonify({'status': 'success'})
def get(self, *args, **kwargs): ''' AJAX // Delete a paste object from the database ''' form = Form(paste_uuid="Paste does not exist.", ) if form.validate(self.request.arguments): paste_uuid = self.get_argument("paste_uuid") paste = PasteBin.by_uuid(paste_uuid) user = self.get_current_user() if paste is not None and paste.team_id == user.team.id: dbsession.delete(paste) dbsession.flush() self.redirect("/user/share/pastebin")
def post(self, *args, **kwargs): ''' Used to delete regtokens ''' token_value = self.get_argument('token_value', '') reg_token = RegistrationToken.by_value(token_value) if reg_token is not None: dbsession.delete(reg_token) dbsession.flush() self.redirect('/admin/regtoken/view') else: self.render('admin/view/token.html', errors=["Token does not exist"])
def post(self, *args, **kwargs): ''' Used to delete regtokens ''' token_value = self.get_argument('token_value', '') reg_token = RegistrationToken.by_value(token_value) if reg_token is not None: dbsession.delete(reg_token) dbsession.flush() self.redirect('/admin/regtoken/view') else: self.render('admin/view/token.html', errors=["Token does not exist"] )
def del_ip(self): ''' Delete an ip address object ''' ip = IpAddress.by_address(self.get_argument('ip', '')) if ip is not None: logging.info("Deleted IP address: '%s'" % str(ip)) dbsession.delete(ip) dbsession.flush() self.redirect("/admin/view/game_objects") else: logging.info("IP address (%r) does not exist in database" % self.get_argument('ip', '')) self.render("admin/view/game_objects.html", errors=["IP does not exist in database"])
def get(self, *args, **kwargs): ''' AJAX // Delete a paste object from the database ''' form = Form( paste_uuid="Paste does not exist.", ) if form.validate(self.request.arguments): paste_uuid = self.get_argument("paste_uuid") paste = PasteBin.by_uuid(paste_uuid) user = self.get_current_user() if paste is not None and paste.team_id == user.team.id: dbsession.delete(paste) dbsession.flush() self.redirect("/user/share/pastebin")
def del_flag(self): ''' Delete a flag object from the database ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: logging.info("Deleted flag: %s " % flag.name) dbsession.delete(flag) dbsession.flush() self.redirect('/admin/view/game_objects') else: logging.info("Flag (%r) does not exist in the database" % self.get_argument('uuid', '')) self.render("admin/view/game_objects.html", errors=["Flag does not exist in database"])
def del_ip(self): ''' Delete an ip address object ''' ip = IpAddress.by_address(self.get_argument('ip', '')) if ip is not None: logging.info("Deleted IP address: '%s'" % str(ip)) dbsession.delete(ip) dbsession.flush() self.redirect("/admin/view/game_objects") else: logging.info("IP address (%r) does not exist in database" % self.get_argument('ip', '') ) self.render("admin/view/game_objects.html", errors=["IP does not exist in database"] )
def del_flag(self): ''' Delete a flag object from the database ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: logging.info("Deleted flag: %s " % flag.name) dbsession.delete(flag) dbsession.flush() self.redirect('/admin/view/game_objects') else: logging.info("Flag (%r) does not exist in the database" % self.get_argument('uuid', '') ) self.render("admin/view/game_objects.html", errors=["Flag does not exist in database"] )
def do_strip(self, username): ''' Strip a user of all permissions Usage: strip <handle> ''' user = User.by_handle(username) if user is None: print(WARN + "'%s' user not found in database." % username) else: username = user.handle permissions = Permission.by_user_id(user.id) if len(permissions) == 0: print(WARN + "%s has no permissions." % user.handle) else: for perm in permissions: print(INFO + "Removing permission: " + perm.name) dbsession.delete(perm) dbsession.commit() print(INFO + "Successfully removed %s's permissions." % user.handle)
def delete_source_code(self): ''' Delete source code file ''' uuid = self.get_argument('box_uuid', '') box = Box.by_uuid(uuid) if box is not None and box.source_code is not None: source_code_uuid = box.source_code.uuid dbsession.delete(box.source_code) dbsession.flush() root = self.application.settings['source_code_market_dir'] source_code_path = root + '/' + source_code_uuid logging.info("Delete souce code market file: %s (box: %s)" % (source_code_path, box.name,) ) if os.path.exists(source_code_path): os.unlink(source_code_path) errors = None else: errors = ["Box does not exist, or contains no source code"] self.render('admin/upgrades/source_code_market.html', errors=errors)
def delete_source_code(self): ''' Delete source code file ''' uuid = self.get_argument('box_uuid', '') box = Box.by_uuid(uuid) if box is not None and box.source_code is not None: source_code_uuid = box.source_code.uuid dbsession.delete(box.source_code) dbsession.flush() root = self.application.settings['source_code_market_dir'] source_code_path = root + '/' + source_code_uuid logging.info("Delete souce code market file: %s (box: %s)" % ( source_code_path, box.name, )) if os.path.exists(source_code_path): os.unlink(source_code_path) errors = None else: errors = ["Box does not exist, or contains no source code"] self.render('admin/upgrades/source_code_market.html', errors=errors)
def do_strip(self, username): """ Strip a user of all permissions Usage: strip <handle> """ user = User.by_handle(username) if user is None: print(WARN + "'%s' user not found in database." % username) else: username = user.handle permissions = Permission.by_user_id(user.id) if len(permissions) == 0: print(WARN + "%s has no permissions." % user.handle) else: for perm in permissions: print(INFO + "Removing permission: " + perm.name) dbsession.delete(perm) dbsession.commit() print(INFO + "Successfully removed %s's permissions." % user.handle)
def do_rmuser(self, username): ''' Delete a user from the database Usage: delete <handle> ''' user = User.by_handle(username) if user is None: print(WARN + "'%s' user not found in database." % username) else: username = user.handle print(WARN + str("Are you sure you want to delete %s?" % username)) if raw_input(PROMPT + "Delete [y/n]: ").lower() == 'y': permissions = Permission.by_user_id(user.id) for perm in permissions: print(INFO + "Removing permission: " + perm.name) dbsession.delete(perm) dbsession.flush() dbsession.delete(user) dbsession.commit() print(INFO + "Successfully deleted %s from database." % username)
def do_strip(self, username): ''' Strip a user of all permissions Usage: strip <user name> ''' user = User.by_user_name(username) if user == None: print(WARN + str("%s user not found in database." % username)) else: username = user.user_name permissions = Permission.by_user_id(user.id) if len(permissions) == 0: print(WARN + str("%s has no permissions." % user.user_name)) else: for perm in permissions: print(INFO + "Removing permission: " + perm.permission_name) dbsession.delete(perm) dbsession.flush() print(INFO + "Successfully removed %s's permissions." % user.user_name)
def do_strip(self, username): ''' Strip a user of all permissions Usage: strip <user name> ''' user = User.by_user_name(username) if user == None: print(WARN + str("%s user not found in database." % username)) else: username = user.user_name permissions = Permission.by_user_id(user.id) if len(permissions) == 0: print(WARN + str("%s has no permissions." % user.user_name)) else: for perm in permissions: print( INFO + "Removing permission: " + perm.permission_name) dbsession.delete(perm) dbsession.flush() print(INFO + "Successfully removed %s's permissions." % user.user_name)
def do_rmuser(self, username): """ Delete a user from the database Usage: delete <handle> """ user = User.by_handle(username) if user is None: print(WARN + "'%s' user not found in database." % username) else: username = user.handle print(WARN + str("Are you sure you want to delete %s?" % username)) if raw_input(PROMPT + "Delete [y/n]: ").lower() == "y": permissions = Permission.by_user_id(user.id) for perm in permissions: print(INFO + "Removing permission: " + perm.name) dbsession.delete(perm) dbsession.flush() dbsession.delete(user) dbsession.commit() print(INFO + "Successfully deleted %s from database." % username)
def do_delete(self, username): ''' Delete a user from the database Usage: delete <user name> ''' user = User.by_user_name(username) if user == None: print(WARN + str("%s user not found in database." % username)) else: username = user.user_name print(WARN + str("Are you sure you want to delete %s?" % username)) if raw_input(PROMPT + "Delete [y/n]: ").lower() == 'y': permissions = Permission.by_user_id(user.id) for perm in permissions: print(INFO + "Removing permission: " + perm.permission_name) dbsession.delete(perm) dbsession.flush() dbsession.delete(user) dbsession.flush() print(INFO + str("Successfully deleted %s from database." % username))
def fetch(table_name, id): print("verb: %s, table: %s, id: %s" % (request.method, table_name, id)) if request.method == "GET": try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) if id == None: #all data object = dbsession.query(TableClass).all() data = [object_as_dict(t) for t in object] else: object = dbsession.query(TableClass).filter_by(**{ "id": id }).first() if object == None: raise Exception("No data found.") data = object_as_dict(object) return jsonify({ "status": "success", "verb": request.method, "data": data }) except Exception as e: return jsonify({ "status": "error", "verb": request.method, "error": str(e), }) elif request.method == "POST" or request.method == "PUT": data = request.get_json(force=True) print("data:", data) try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) if request.method == "POST": #insert data object = TableClass(**data) dbsession.add(object) dbsession.commit() else: #update data object = dbsession.query(TableClass).filter_by(**{ "id": id }).first() if object == None: raise Exception("No data found.") #object.update(**data) for key in data.keys(): setattr(object, key, data[key]) #dbsession.add(object) dbsession.commit() return jsonify({ "status": "success", "verb": request.method, "id": object.id, }) except Exception as e: return jsonify({ "status": "error", "verb": request.method, "error": str(e), }) elif request.method == "DELETE": try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) object = dbsession.query(TableClass).filter_by(**{ "id": id }).first() if object == None: raise Exception("No data found.") dbsession.delete(object) dbsession.commit() return jsonify({ "status": "success", "verb": request.method, "id": object.id, }) except Exception as e: return jsonify({ "status": "error", "verb": request.method, "error": str(e), }) else: return jsonify({ "status": "error", "error": "Unrecognized verb.", })
def fetch(table_name): print("verb: %s, tablename: %s" % (request.method, table_name)) if config['auth'] and not is_login_valid(): print("Unauthorized Access.") return jsonify({ "status": "error", "error": "Unauthorized Access." }) if request.method == "GET": try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) if id == None: #all data object = dbsession.query(TableClass).all() data = [object_as_dict(t) for t in object] else: object = dbsession.query(TableClass).filter_by(**{"id":id}).first() if object == None: raise Exception("No data found.") data = object_as_dict(object) return jsonify({ "status": "success", "data": data }) except Exception as e: return jsonify({ "status": "error", "error": str(e), }) elif request.method == "POST" or request.method == "PUT": data = request.get_json(force=True) print("data:", data) try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) if request.method == "POST": #insert data object = TableClass(**data) dbsession.add(object) dbsession.commit() else: #update data object = dbsession.query(TableClass).filter_by(**{"id":id}).first() if object == None: raise Exception("No data found.") #object.update(**data) for key in data.keys(): setattr(object, key, data[key]) #dbsession.add(object) dbsession.commit() return jsonify({ "status": "success", "id": object.id, }) except Exception as e: return jsonify({ "status": "error", "error": str(e), }) elif request.method == "DELETE": try: TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) object = dbsession.query(TableClass).filter_by(**{"id":id}).first() if object == None: raise Exception("No data found.") dbsession.delete(object) dbsession.commit() return jsonify({ "status": "success", "id": object.id, }) except Exception as e: return jsonify({ "status": "error", "error": str(e), }) elif request.method == "FETCH": try: data = request.get_json(force=True) data = json.loads(data) print("data: ", data) print("data-type: ", type(data)) TableClass = models.get_class_by_tablename(table_name) if TableClass == None: raise Exception("Table not found: %s" % table_name) query = dbsession.query(TableClass).filter_by(**data['where']) if 'orderby' in data: for cname in data['orderby'].split(','): reverse = False if cname.endswith(' desc'): reverse = True cname = cname[:-5] elif cname.endswith(' asc'): cname = cname[:-4] print("cname: ", cname) column = getattr(TableClass, cname) if reverse: column = desc(column) query = query.order_by(column) if 'limit' in data: query = query.limit(data['limit']) query = query.offset(data['offset']) object = query.all() data = [object_as_dict(t) for t in object] return jsonify({ "status": "success", "data": data }) except Exception as e: return jsonify({ "status": "error", "error": str(e), }) else: return jsonify({ "status": "error", "error": "Unrecognized verb.", })
def tearDown(self): dbsession.delete(self.user) dbsession.commit()
def tearDown(self): dbsession.delete(self.game_level) dbsession.commit()
def test_login_post(self): user = create_user() self._login_failure() self._login_success() dbsession.delete(user) dbsession.commit()