def list(self, request): data = self.request.QUERY_PARAMS os = {0: {"id": 0, "name": "台湾行政区划", "expanded": True, "loaded": True}} # 存放上级索引 key=id value= ds = District.objects.all().order_by("parentId", "id") for d in ds: did = d.id pid = d.parentId # 处理当前节点 if not os.get(did, None): os[did] = {} os[did]["id"] = did os[did]["parentId"] = pid os[did]["name"] = d.name # 子节点伪装成已展开、加载的父节点,可以实现拖拽到叶节点上 os[did]["leaf"] = False # leaf = true 时,叶节点不可以被drag child os[did]["loaded"] = True # 不再加载,否则会循环加载子节点 # 处理父节点 if not os.get(pid, None): os[pid] = {} if not os[pid].get("children", None): os[pid]["children"] = [] os[pid]["children"].append(os[did]) os[pid]["leaf"] = False os[pid]["expanded"] = True return Response([os[0]])
def _retrieve_adviser_inputs_statistics( adviser_files: Dict[str, Any], ) -> List[Dict[str, Any]]: """Retrieve adviser inputs statistics. :param adviser_files: adviser documents """ adviser_inputs_collected: List[Dict[str, Any]] = [] for document_id, document in adviser_files.items(): datetime_advise_run = document["metadata"].get("datetime") datetime_object = datetime.strptime(datetime_advise_run, "%Y-%m-%dT%H:%M:%S.%f") cli_arguments = document["metadata"]["arguments"]["thoth-adviser"] source_type = (cli_arguments.get("metadata") or {}).get("source_type") source_type = source_type.upper() if source_type else None parameters = document["result"]["parameters"] runtime_environment = parameters["project"].get( "runtime_environment") os = runtime_environment.get("operating_system", {}) if os: os_name = runtime_environment["operating_system"].get("name") if os_name: runtime_environment["operating_system"][ "name"] = map_os_name( os_name=runtime_environment["operating_system"] ["name"], ) # Recommendation type recommendation_type = parameters["recommendation_type"].upper() # Solver os = runtime_environment.get("operating_system", {}) os_name = os.get("name") os_version = normalize_os_version(os.get("name"), os.get("version")) python_interpreter = runtime_environment.get("python_version") # Base image base_image = runtime_environment.get("base_image", None) # Hardware hardware = runtime_environment.get("hardware", {}) adviser_inputs_collected.append( { "document_id": document_id, "date": datetime_object, "source_type": source_type, "recommendation_type": recommendation_type, "base_image": base_image, "solver": f'{os_name}-{os_version}-py{python_interpreter.replace(".", "")}', "cpu_model": hardware.get("cpu_model", None), "cpu_family": hardware.get("cpu_family", None), }, ) return adviser_inputs_collected
def hello(): try: r = requests.get("http://%s" % os.environ['BACKEND']) if r.status_code == 200: return "frontend:v1 - %s\n" % r.text else: return "frontend:v1 failed to contact %s" % os.get('BACKEND') except: return "frontend:v1 failed to contact %s" % os.get('BACKEND')
def get_items(self, tree, vulns): """ @return hosts A list of Host instances """ hosts = list() for nodes in tree.iter('nodes'): for node in nodes.iter('node'): host = dict() host['name'] = node.get('address') host['hostnames'] = set() host['os'] = "" host['services'] = list() host['vulns'] = self.parse_tests_type(node, vulns) for names in node.iter('names'): for name in list(names): host['hostnames'].add(name.text) for fingerprints in node.iter('fingerprints'): os = fingerprints.find('os') if os is not None: host['os'] = os.get('product', "") if os.get('version') is not None: host['os'] += " " + os.get('version') for endpoints in node.iter('endpoints'): for endpoint in list(endpoints): svc = { 'protocol': endpoint.get('protocol'), 'port': endpoint.get('port'), 'status': endpoint.get('status'), } for services in endpoint.iter('services'): for service in list(services): svc['name'] = service.get('name') svc['vulns'] = self.parse_tests_type( service, vulns) for configs in service.iter('configurations'): for config in list(configs): if "banner" in config.get('name'): svc['version'] = config.get('name') host['services'].append(svc) hosts.append(host) return hosts
def get_items(self, tree, vulns): """ @return hosts A list of Host instances """ hosts = list() for nodes in tree.iter('nodes'): for node in nodes.iter('node'): host = dict() host['name'] = node.get('address') host['hostnames'] = list() host['os'] = "" host['services'] = list() host['vulns'] = self.parse_tests_type(node, vulns) for names in node.iter('names'): for name in list(names): host['hostnames'].append(name.text) for fingerprints in node.iter('fingerprints'): os = fingerprints.find('os') if os is not None: host['os'] = os.get('product', "") if os.get('version') is not None: host['os'] += " " + os.get('version') for endpoints in node.iter('endpoints'): for endpoint in list(endpoints): svc = { 'protocol': endpoint.get('protocol'), 'port': endpoint.get('port'), 'status': endpoint.get('status'), } for services in endpoint.iter('services'): for service in list(services): svc['name'] = service.get('name') svc['vulns'] = self.parse_tests_type( service, vulns) for configs in service.iter('configurations'): for config in list(configs): if "banner" in config.get('name'): svc['version'] = config.get('name') host['services'].append(svc) hosts.append(host) return hosts
def main(rastro: str): """ Função principal que roda o código. """ texto_efeito_pausa('Conectando a matrix...') sleep(1) matrix = Arquiteto(rastro) try: matrix.rain() except KeyboardInterrupt: while matrix.condicoes(*get()): try: matrix.rain(True) except KeyboardInterrupt: pass print('\n' * get()[1]) texto_efeito_pausa(attr(0) + '\nDesconectado.')
def main(): entrada = int(input('digite o número da coluna: ')) for a in range(10): sy('clear') print(' ' * get()[0] + '\n' * a) print(f"\r{' ' * entrada}O") input('pressione enter para continuar.')
def __init__(self): self._credentials = { "host": os.getenv("REDIS_HOST"), "port": os.getenv("REDIS_PORT"), "password": os.get("REDIS_PASSWORD"), } self.cache = StrictRedis(**self._credentials)
def main(rastro: str) -> NoReturn: """ Função principal que roda o código. """ texto_efeito_pausa('Conectando a matrix...') sleep(1) matrix = Arquiteto(rastro) matrix.rain() print('\n' * get()[1]) texto_efeito_pausa(attr(0) + '\nDesconectado.')
def main(): colunas = get()[0] print('Tabela de temperaturas.'.center(colunas)) print('-' * colunas) for celsius in range(1, 101): fahrenheit = celsius * 9 / 5 + 32 print(f"celcius: {celsius} | fahrenheit: {fahrenheit}") input('aperte enter.')
def main(): colunas, linhas = get() linha = int(input('linha: ')) if not 0 <= linha <= linhas: raise ValueError('erro: linha fora do intervalo permitido') caracteres = input('caracteres: ') sy('clear') print('\n' * (linha - 1)) print(caracteres.center(colunas))
def get_slug_tag(os): tag = os.get("image_tag") if not tag: tag = "" try: os_slug = os["os_slug"] except KeyError as ke: raise AttributeError("required key missing from cacher data, key=%s" % (ke.args[0])) return os_slug + ":" + tag
def main(): linha = int(input('linha: ')) coluna = int(input('coluna: ')) b, a = get() intervalos = (0 <= linha <= a - 5, 0 <= coluna <= b - 5) if not all(intervalos): raise ValueError('linha e/ou coluna fora do intervalo permitido') sy('clear') print('\n' * linha) print('\n'.join(f"{' ' * coluna}{a}" for a in quadrado))
def __init__(self, rastro: str) -> NoReturn: self.c, _ = get() self.colunas = [Coluna(rastro=rastro, arq=self) for a in range(self.c)] self._rastro = True if rastro else False if rastro: rastro = enumerate(rastro[:self.c].center(self.c)) rastro = list(dropwhile(lambda x: x[1] == ' ', rastro)) rastro = list(dropwhile(lambda x: x[1] == ' ', rastro[::-1])) rastro = list(map(lambda x: x[0], rastro[::-1])) self._marcar_rastro(rastro)
def main(): colunas = get()[0] inicial = int(input('inicial: ')) final = int(input('final: ')) variação = int(input('variação: ')) print('Tabela de temperaturas.'.center(colunas)) print('-' * colunas) for celsius in range(inicial, final, variação): fahrenheit = celsius * 9 / 5 + 32 print(f"celcius: {celsius} | fahrenheit: {fahrenheit}") input('aperte enter.')
def main(): coluna = get()[0] if coluna % 2 == 0: coluna -= 1 entradas = [] entrada = input('digite uma frase: ') while entrada: string = f"{entrada} {entrada[::-1]}" entradas.append(string.center(coluna)) entrada = input('digite uma frase: ') print(*entradas)
def main(): colunas, linhas = get() for a in range(0, linhas, 2): if a != linhas // 2: print(f'/{" " * a}\\'.center(colunas)) else: t = (a - 7) // 2 t2 = t + (1 if (a - 7) / 2 != (a - 7) // 2 else 0) print(f"/{' ' * t + 'anonimo' + ' ' * t2}\\".center(colunas)) print(('-' * (a + 2)).center(colunas)) input('digite ENTER para sair.')
def allpxeos(self, request): data = request.data for os in data: pxe_server_id = os.get('pxe_server_id') profile_ks_content_list = os.get("profile_ks_content_list") for profile_ks_content in profile_ks_content_list: profile = profile_ks_content.get("profile") if not profile: continue profile = profile.replace(" ", "") ks_content = profile_ks_content.get("ks_content") PxeServerOs.objects.update_or_create( profile=profile, pxe_server_id=pxe_server_id, is_delete=0, defaults={ "pxe_server_id": pxe_server_id, "profile": profile, "ks_content": ks_content }) return Response({'msg': "添加成功"}, status=status.HTTP_201_CREATED)
def send_email_with_text(text, email_from, email_to): message = Mail( from_email=email_from, to_emails=email_to, subject='Email from the past', html_content=f'<strong>{text}</strong>') try: sg = SendGridAPIClient(os.get('SENDGRID_API_KEY')) response = sg.send(message) return response except Exception as e: print(e.message)
def _rodar(self, stop=False) -> NoReturn: """ Método que imprime o efeito matrix na tela. """ colunas, linhas = get() if not self._rastro: choice(self.colunas).ativo = True # precisa iniciar a primeira while self._condicoes(colunas, linhas): # por frames if not stop: self._sortear() gerador = zip(*self.colunas) gerador = (reduce(lambda x, y: x + y, z) for z in gerador) print(*gerador, sep='\n') sleep(0.04) # velocidade dos frames
def handle_name(self, o, SurfaceCases, struct_data_list, namespaces): new_possibile_sets = list() if str(o)[:5] == "path:": path_to_name = str(o)[5:] if str( path_to_name )[1] == ":": # This case needs to be added where there are several steps to find data print "here add lines to handle several parts to the path" elif str( path_to_name )[1] == "*": # Check if it is a back-up, match, & continue path indicated with an * path_to_name = str(o)[7:] levels_back_up = int(str(o)[5]) for os in SurfaceCases: ref_to_match = os.get("ref") if ref_to_match is not None: new_add_on = "" counter = levels_back_up while counter > 0: new_add_on += "../" counter -= 1 new_add_on = new_add_on[0:-1] new_possibilities = os.xpath(new_add_on + path_to_name, namespaces=namespaces) #print "new_possibilities", new_possibilities #print new_add_on+path_to_name for i in new_possibilities: direct_parent = i.getparent() #print direct_parent if direct_parent.get("id") == ref_to_match: #print "ref_to_match", ref_to_match new_possibile_sets.append((os, direct_parent)) name_options = str(i.text) if name_options is not None: if "Column" in name_options or "Beam" in str( str(o).split(" ")[1]).split( "}")[1]: struct_data_list.append( (os, name_options, "name")) #print "appendedNameA: ", (os, name_options, "name") else: # So it must be a direct path for o in SurfaceCases: name_options = str( o.xpath("." + path_to_name, namespaces=namespaces)[0].text) if name_options is not None: if "Column" in name_options or "Beam" in str( str(o).split(" ")[1]).split("}")[1]: struct_data_list.append((o, name_options, "name")) #print "appendedNameB: ", (o, name_options, "name") return struct_data_list, new_possibile_sets
def _mapped_config(config): mapped_config = copy.deepcopy(config) mapped_config['customerApps'] = [] for app in mapped_config.get('apps') or []: mapped_config['customerApps'].append({ 'name': app.get('package_name'), 'version': str(app.get('version_code')) }) mapped_config.pop('apps', None) anim = (mapped_config.get('media') or {}).get('bootanimation') if anim: mapped_config['bootanimation'] = [{ 'name': anim.get('name'), 'version': str(anim.get('version')) }] splash = (mapped_config.get('media') or {}).get('splash') if splash: mapped_config['splash'] = [{ 'name': splash.get('name'), 'version': str(splash.get('version')) }] mapped_config.pop('media', None) os = mapped_config.get('os') or {} os_configs = os.get('configurations') or {} mapped_config['name'] = os.get('name') mapped_config['version'] = str(os.get('version')) MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'mason-management') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'mason-core') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'mason-fota') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'mason-app-updater') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'android') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'settings') MasonAnalytics._map_os_config_items(mapped_config, os_configs, 'systemui') mapped_config.pop('os', None) return mapped_config
def main(): opção = int(input('triângulo, quadrado, sair [1/2/3]?: ')) if opção == 3: return print('tchau!') linha = int(input('linha: ')) coluna = int(input('coluna: ')) b, a = get() intervalos = (0 <= linha <= a - 7, 0 <= coluna <= b - 12) if not all(intervalos): raise ValueError('linha e/ou coluna fora do intervalo permitido') sy('clear') print('\n' * linha) objeto = triângulo if opção == 1 else quadrado print('\n'.join(f"{' ' * coluna}{a}" for a in objeto))
def parse_agent(agent): from httpagentparser import detect result = detect(agent) os = result.get("os", {}) os_name = os.get("name", "?") os_version = os.get("version", "?") browser = result.get("browser", {}) browser_name = browser.get("name", "?") browser_version = browser.get("version", "?") while browser_name.lower().startswith("microsoft"): browser_name = " ".join(browser_name.split()[1:]) while browser_name.lower().startswith("internet explorer"): browser_name = " ".join(browser_name.split()[1:]) if os_name.lower() == "linux": dist = result.get("dist", {}) os_name = dist.get("name", os_name) os_version = dist.get("version", os_version) return os_name, os_version, browser_name, browser_version
def __init__(self, ativo=False, cor=3, rastro='', arq=''): colunas, linhas = get() self.intervalo = range(choice(range(4, linhas))) self.cha = list(map(PulseCaracter, (self, ) * 3)) if rastro: self.rastro = rastro.center(colunas) self.cha += list(map(Caracter, (self, ) * (linhas - 6))) shuffle(self.cha) self.cha.insert((linhas - 6) // 2, RastroCaracter(self)) else: self.cha += list(map(Caracter, (self, ) * (linhas - 5))) shuffle(self.cha) self.cha.append(UltimoCaracter(self)) for numero, character in enumerate(self.cha): character.cont = -numero self.ativo = ativo self.cor = cor self.arq = arq
def updateDomainBackup(vm_json): domain = vm_json.get('domain') if domain: os = domain.get('os') if os: boot = os.get('boot') if boot: os['boot'] = _addListToSpecificField(boot) domain['os'] = os sec_label = domain.get('seclabel') if sec_label: domain['seclabel'] = _addListToSpecificField(sec_label) devices = domain.get('devices') if devices: channel = devices.get('channel') if channel: devices['channel'] = _addListToSpecificField(channel) graphics = devices.get('graphics') if graphics: devices['graphics'] = _addListToSpecificField(graphics) video = devices.get('video') if video: devices['video'] = _addListToSpecificField(video) _interface = devices.get('_interface') if _interface: devices['_interface'] = _addListToSpecificField(_interface) console = devices.get('console') if console: devices['console'] = _addListToSpecificField(console) controller = devices.get('controller') if controller: devices['controller'] = _addListToSpecificField(controller) rng = devices.get('rng') if rng: devices['rng'] = _addListToSpecificField(rng) serial = devices.get('serial') if serial: devices['serial'] = _addListToSpecificField(serial) disk = devices.get('disk') if disk: devices['disk'] = _addListToSpecificField(disk) domain['devices'] = devices return vm_json
def arch_chroot(path_dir): """replicate arch-chroot functionality in Python""" real_root = get("/", O_RDONLY) if path_dir[len(path_dir) - 1] == "/": path_dir = path_dir[0:len(path_dir) - 2] __mount__("proc", path_dir + "/proc", "proc", "nosuid,noexec,nodev") __mount__("sys", path_dir + "/sys", "sysfs", "nosuid,noexec,nodev,ro") if path.exists(path_dir + "/sys/firmware/efi/efivars"): __mount__("efivars", path_dir + "/sys/firmware/efi/efivars", "efivarfs", "nosuid,noexec,nodev") __mount__("udev", path_dir + "/dev", "devtmpfs", "mode=0755,nosuid") __mount__("devpts", path_dir + "/dev/pts", "devpts", "mode=0620,gid=5,nosuid,noexec") __mount__("shm", path_dir + "/dev/shm", "tmpfs", "nosuid,noexec,nodev") __mount__("/run", path_dir + "/run") __mount__("tmp", path_dir + "/tmp", "tmpfs", "mode=1777,strictatime,nodev,nosuid") chdir(path_dir) chroot(path_dir) return real_root
def get_os(user_agent_string): '''Return operating system name. It pre-populates the bug reporting form. ''' ua_dict = user_agent_parser.Parse(user_agent_string) os = ua_dict.get('os') version = os.get('major', u'Unknown') if version != u'Unknown' and os.get('major'): version = version + "." + os.get('minor') if os.get('patch'): version = version + "." + os.get('patch') else: version = '' return '{0} {1}'.format(os.get('family'), version)
def get_os(user_agent_string): """Return operating system name. It pre-populates the bug reporting form. """ ua_dict = user_agent_parser.Parse(user_agent_string) os = ua_dict.get("os") version = os.get("major", u"Unknown") if version != u"Unknown" and os.get("major"): version = version + "." + os.get("minor") if os.get("patch"): version = version + "." + os.get("patch") else: version = "" return "{0} {1}".format(os.get("family"), version)
def workLocationCostWorker(): """ call amap api to calculate how long will it take from room to work location """ workLocation = '121.3859800000,31.1690700000' apiUri = "http://restapi.amap.com/v3/direction/transit/integrated?origin=%s&destination=%s&city=020&output=json&key=%s" apiKey = os.get('API_KEY') headers = { 'Accept': 'application/json', 'Content-Type': 'application/json' } connection = pymongo.MongoClient(*MONGO_URI) tdb = connection[MONGO_DB] blocks = tdb.blocks count = 0 for block in blocks.find(): if 'duration' in block: continue if count == 2000: break response = requests.get( apiUri % ','.join([block['lng'], block['lat']], workLocation, apiKey), headers=headers) result = response.json() transits = result.get('route', {}).get('transits', []) if transits: fastDuration = float(transits[0].get('duration')) / 60 else: fastDuration = -1 block['duration'] = fastDuration block.save(block) count += 1
def get_os(user_agent_string=None): '''Return operating system name. It pre-populates the bug reporting form. ''' if user_agent_string and isinstance(user_agent_string, basestring): ua_dict = user_agent_parser.Parse(user_agent_string) os = ua_dict.get('os') version = os.get('major', u'Unknown') if version != u'Unknown' and os.get('minor'): version = version + "." + os.get('minor') if os.get('patch'): version = version + "." + os.get('patch') else: version = '' rv = '{0} {1}'.format(os.get('family'), version).rstrip() if rv.strip().lower() == "other": return "Unknown" return rv return "Unknown"
def pie_os(q, clip, legend): """Evaluates OS statistics.""" os = {} for k in q: os[k.os_family] = os.get(k.os_family, 0) + 1 clutter(os, clip, ugettext(u'others').encode('utf-8')) return pie_chart(os.values(), os.keys(), legend)
def _user_agent(self, agent_string): "Get or create a UserAgent record for the given string" user_agent = UserAgent() # Store the full string for later analysis user_agent.full_string = agent_string # Create some defaults that we'll likely overwrite. OS and UA can be null, so ignore. user_agent.type = "" # Attempt to locate in memory cache for item in self.cache_user_agent: if item.full_string == user_agent.full_string: return item # Parse the string to extract the easy bits try: uas_dict = self.uasp.parse(user_agent.full_string) #Set the type string user_agent.type = uas_dict.get('typ')[:50] # Deal with the OS record os = {} os['company'] = uas_dict.get('os_company')[:200] os['family'] = uas_dict.get('os_family')[:100] os['name'] = uas_dict.get('os_name')[:200] # Now get or create an OS record user_agent.os, created = OS.objects.get_or_create( company = os.get('company'), family = os.get('family'), name = os.get('name'), defaults = os) if created: user_agent.os.save() # Deal with the UA record ua = {} ua['company'] = uas_dict.get('ua_company')[:200] ua['family'] = uas_dict.get('ua_family')[:100] ua['name'] = uas_dict.get('ua_name')[:200] # Now get or create an UA record user_agent.ua, created = UA.objects.get_or_create( company = ua.get('company'), family = ua.get('family'), name = ua.get('name'), defaults = ua) if created: user_agent.ua.save() except UASException: debug.errorlog('_user_agent() parsing FAILED. agent_string=' + str(agent_string) + "\n") #Not there, so write to database user_agent.save() # Update the cache self.cache_user_agent.insert(0,user_agent) return user_agent
def CollectHostInfo(req): if req.method == 'POST': data = simplejson.loads(req.body) host = data.get('hostname') ip = data.get('ip') os = data.get('os') cpunum = data.get('cpu') memtotal = data.get('mem') disk = data.get('disk') tags = data.get('tags') pd = PD(Name=tags.get('pd'), Contact=tags.get('pd_contact')) pd.save() if ip and host: ser = Server(HostName=host.strip(), IPAddress=ip.strip(), CPUInfo=cpunum, MemInfo=memtotal, OSInfo=os.get('release'), DiskTotal=disk.get('total'), DiskInfo=simplejson.dumps(disk.get('info')), Role=tags.get('role'), Comments=tags.get('comments'), Pd=PD.objects.get(Name=tags.get('pd'))) ser.save() #如果model里没有设置primary_key,save()方法将默认执行insert动作。 return HttpResponse('Information has been posted.') else: return HttpResponse('No data post.')
def __get_from_args_or_env(self, arg_name, env_name): val = self.__spec.get(arg_name) if val is None: val = os.get(env_name) return val
class ProductionConfig(BaseConfig): SQLALCHEMY_DATABASE_URI = os.environ.get("DATABASE_URL") SECRET_KEY = os.get("SECRET_KEY", "my_precious")
def customer_xml(): """ Generates an XML file suitable for Customer usage """ from lxml import etree # grab the filter type and value if provided or from the session if session.hostfilter is None: f_type = request.vars.f_type or None f_value = request.vars.f_value or None else: f_type = session.hostfilter[0] f_value = session.hostfilter[1] location_attribute = '{%s}noNameSpaceSchemaLocation' % "http://www.w3.org/2001/XMLSchema-instance" kvasir_results_xml = etree.Element('KvasirResults', attrib={ location_attribute: 'kvasir.xsd', }) summary_xml = etree.SubElement(kvasir_results_xml, 'summary') customer = etree.SubElement(summary_xml, 'customer') customer.text = settings.customer or 'CUSTOMER NAME' assessment = etree.SubElement(summary_xml, 'assessment') assessment.set('type', settings.assessment_type) start_date = etree.SubElement(assessment, 'start-date') start_date.text = settings.start_date or 'START DATE' end_date = etree.SubElement(assessment, 'end-date') end_date.text = settings.end_date or 'END DATE' hosts_xml = etree.SubElement(kvasir_results_xml, 'hosts') os_xml = etree.SubElement(kvasir_results_xml, 'os_records') vulns_xml = etree.SubElement(kvasir_results_xml, 'vulns') # this is a little hack to ensure a record is either blank or None # use it as "if variable not in notin:" notin = [ None, '' ] unknown_cpeid_counter = 0 # go through each host, adding the os, services and vulns accordingly query = create_hostfilter_query([(f_type, f_value), False]) for host_rec in db(query).select(): host_xml = etree.SubElement(hosts_xml, 'host') host_xml.set('ipv4', host_rec.f_ipv4) host_xml.set('assetgroup', host_rec.f_asset_group) if host_rec.f_ipv6: host_xml.set('ipv6', host_rec.f_ipv6) if host_rec.f_macaddr: host_xml.set('macaddr', host_rec.f_macaddr) if host_rec.f_hostname: host_xml.set('hostname', host_rec.f_hostname.decode('utf-8')) if host_rec.f_netbios_name: host_xml.set('netbios', host_rec.f_netbios_name.decode('utf-8')) # build the os information using the highest certainty record highest = (0, None) for os_rec in db(db.t_host_os_refs.f_hosts_id == host_rec.id).select(): if os_rec.f_certainty > highest[0]: highest = (os_rec.f_certainty, os_rec) if highest[0] > 0: # add os element to the host record = highest[1] os = etree.SubElement(host_xml, 'os') os.set('certainty', str(highest[0])) if record.f_class not in notin: os.set('class', record.f_class) if record.f_family not in notin: os.set('family', record.f_family) # since some os records may not have a cpe id we'll mask them with # using their title, replacing spaces with underscores t_os_rec = db.t_os[record.f_os_id] if t_os_rec.f_cpename in notin: cpeid = t_os_rec.f_title.replace(' ', '_') else: cpeid = t_os_rec.f_cpename os.set('id', cpeid) # if the id isn't in os_records, add it if len(os_xml.findall('.//os[@id="%s"]' % (os.get('id', None)))) < 1: os_info_xml = etree.SubElement(os_xml, 'os') os_rec = db.t_os[highest[1].f_os_id] os_info_xml.set('id', cpeid) os_info_xml.set('title', os_rec.f_title) if os_rec.f_vendor not in notin: vendor = etree.SubElement(os_info_xml, 'vendor') vendor.text = os_rec.f_vendor if os_rec.f_product not in notin: product = etree.SubElement(os_info_xml, 'product') product.text = os_rec.f_product if os_rec.f_version not in notin: version = etree.SubElement(os_info_xml, 'version') version.text = os_rec.f_version if os_rec.f_update not in notin: update = etree.SubElement(os_info_xml, 'update') update.text = os_rec.f_update if os_rec.f_edition not in notin: edition = etree.SubElement(os_info_xml, 'edition') edition.text = os_rec.f_edition if os_rec.f_language not in notin: language = etree.SubElement(os_info_xml, 'language') language.text = os_rec.f_language # snmp strings snmp_recs = db(db.t_snmp.f_hosts_id == host_rec.id).select() if len(snmp_recs) > 0: snmp_top_xml = etree.SubElement(hosts_xml, 'snmps') for record in snmp_recs: snmp_xml = etree.SubElement(snmp_top_xml, 'snmp') if record.f_community not in notin: snmp_xml.set('community', record.f_community.decode('utf-8')) snmp_xml.set('version', record.f_version) snmp_xml.set('access', record.f_access) # netbios information netb_record = db(db.t_netbios.f_hosts_id == host_rec.id).select().first() or None if netb_record: netbios_xml = etree.SubElement(hosts_xml, 'netbios') if netb_record.f_type not in notin: netbios_xml.set('type', netb_record.f_type) if netb_record.f_domain not in notin: netbios_xml.set('domain', netb_record.f_domain.decode('utf-8')) if netb_record.f_lockout_limit not in notin: netbios_xml.set('lockout_limit', str(netb_record.f_lockout_limit)) if netb_record.f_lockout_duration not in notin: netbios_xml.set('lockout_duration', str(netb_record.f_lockout_duration)) if netb_record.f_advertised_names is not None: adv_names_xml = etree.SubElement(netbios_xml, 'advertised_names') for name in netb_record.f_advertised_names: name_xml = etree.SubElement(adv_names_xml, 'name') name.text = name.decode('utf-8') # build the services and vulnerabilities services_xml = etree.SubElement(host_xml, 'services') for svc_rec in db(db.t_services.f_hosts_id == host_rec.id).select(): service_xml = etree.SubElement(services_xml, 'service') service_xml.set('proto', svc_rec.f_proto) service_xml.set('number', svc_rec.f_number) if svc_rec.f_name not in notin: name = etree.SubElement(service_xml, 'name') name.text = svc_rec.f_name.decode('utf-8') if svc_rec.f_banner not in notin: banner = etree.SubElement(service_xml, 'banner') banner.text = svc_rec.f_banner.decode('utf-8') # service configuration records svc_info_recs = db(db.t_service_info.f_services_id == svc_rec.id).select() if len(svc_info_recs) > 0: config_xml = etree.SubElement(service_xml, 'configuration') for info_rec in svc_info_recs: rec_xml = etree.SubElement(config_xml, 'config') if info_rec.f_name not in notin: rec_xml.set('name', info_rec.f_name) if info_rec.f_text not in notin: rec_xml.text = info_rec.f_text.decode('utf-8') # vulnerabilities svc_vuln_recs = db(db.t_service_vulns.f_services_id == svc_rec.id).select() if len(svc_vuln_recs) > 0: svc_vulns_xml = etree.SubElement(service_xml, 'vulns') for vuln_rec in svc_vuln_recs: vuln_xml = etree.SubElement(svc_vulns_xml, 'vuln') vuln_xml.set('status', vuln_rec.f_status) vuln_xml.set('id', db.t_vulndata[vuln_rec.f_vulndata_id].f_vulnid) proof = etree.SubElement(vuln_xml, 'proof') proof.text = etree.CDATA(unicode(MARKMIN(vuln_rec.f_proof).xml(), 'utf-8')) # search for the nexpose id in vulns_xml if len(vuln_xml.findall('.//vuln[@id="%s"]' % vuln_xml.get('id', None))) < 1: new_vuln_xml = etree.SubElement(vulns_xml, 'vuln') vulndata = db.t_vulndata[vuln_rec.f_vulndata_id] new_vuln_xml.set('id', vulndata.f_vulnid) new_vuln_xml.set('title', vulndata.f_title) new_vuln_xml.set('severity', str(vulndata.f_severity)) new_vuln_xml.set('pci_sev', str(vulndata.f_pci_sev)) new_vuln_xml.set('cvss_score', str(vulndata.f_cvss_score)) new_vuln_xml.set('cvss_metric', cvss_metrics(vulndata)) description = etree.SubElement(new_vuln_xml, 'description') description.text = etree.CDATA(unicode(MARKMIN(vulndata.f_description).xml(), 'utf-8')) solution = etree.SubElement(new_vuln_xml, 'solution') solution.text = etree.CDATA(unicode(MARKMIN(vulndata.f_solution).xml(), 'utf-8')) # find vulnerability references and add them vuln_refs = db(db.t_vuln_references.f_vulndata_id == vulndata.id).select() if len(vuln_refs) > 0: refs_xml = etree.SubElement(new_vuln_xml, 'references') for ref_rec in vuln_refs: record = db.t_vuln_refs[ref_rec.f_vuln_ref_id] ref_xml = etree.SubElement(refs_xml, 'reference') ref_xml.set('source', record.f_source) ref_xml.text = record.f_text.decode('utf-8') # accounts accounts = db(db.t_accounts.f_services_id == svc_rec.id).select() if len(accounts) > 0: accounts_xml = etree.SubElement(service_xml, 'accounts') for acct_rec in accounts: acct_xml = etree.SubElement(accounts_xml, 'account') if acct_rec.f_username not in notin: elem = etree.SubElement(acct_xml, 'username') elem.text = acct_rec.f_username.decode('utf-8') if acct_rec.f_fullname not in notin: elem = etree.SubElement(acct_xml, 'fullname') elem.text = acct_rec.f_fullname.decode('utf-8') if acct_rec.f_password not in notin: elem = etree.SubElement(acct_xml, 'password') elem.text = acct_rec.f_password.decode('utf-8') if acct_rec.f_hash1 not in notin: elem = etree.SubElement(acct_xml, 'hash1') elem.text = acct_rec.f_hash1 if acct_rec.f_hash1_type not in notin: elem = etree.SubElement(acct_xml, 'hash1_type') elem.text = acct_rec.f_hash1_type if acct_rec.f_hash2 not in notin: elem = etree.SubElement(acct_xml, 'hash2') elem.text = acct_rec.f_hash2 if acct_rec.f_hash2_type not in notin: elem = etree.SubElement(acct_xml, 'hash2_type') elem.text = acct_rec.f_hash2_type if acct_rec.f_uid not in notin: elem = etree.SubElement(acct_xml, 'uid') elem.text = acct_rec.f_uid if acct_rec.f_gid not in notin: elem = etree.SubElement(acct_xml, 'gid') elem.text = acct_rec.f_gid if acct_rec.f_level not in notin: elem = etree.SubElement(acct_xml, 'level') elem.text = acct_rec.f_level if acct_rec.f_domain not in notin: elem = etree.SubElement(acct_xml, 'domain') elem.text = acct_rec.f_domain.decode('utf-8') if acct_rec.f_description not in notin: elem = etree.SubElement(acct_xml, 'description') elem.text = acct_rec.f_description.decode('utf-8') result = etree.tostring(kvasir_results_xml, pretty_print=True, encoding=unicode) return result
import os os.getcwd() os.get()
def customer_xml(): """ Generates an XML file suitable for Customer usage """ from lxml import etree location_attribute = '{%s}noNameSpaceSchemaLocation' % "http://www.w3.org/2001/XMLSchema-instance" kvasir_results_xml = etree.Element('KvasirResults', attrib={ location_attribute: 'kvasir.xsd', }) summary_xml = etree.SubElement(kvasir_results_xml, 'summary') customer = etree.SubElement(summary_xml, 'customer') customer.text = settings.customer or 'CUSTOMER NAME' assessment = etree.SubElement(summary_xml, 'assessment') assessment.set('type', settings.assessment_type) start_date = etree.SubElement(assessment, 'start-date') start_date.text = settings.start_date or 'START DATE' end_date = etree.SubElement(assessment, 'end-date') end_date.text = settings.end_date or 'END DATE' hosts_xml = etree.SubElement(kvasir_results_xml, 'hosts') os_xml = etree.SubElement(kvasir_results_xml, 'os_records') vulns_xml = etree.SubElement(kvasir_results_xml, 'vulns') # this is a little hack to ensure a record is either blank or None # use it as "if variable not in notin:" notin = [None, ''] unknown_cpeid_counter = 0 # go through each host, adding the os, services and vulns accordingly query = create_hostfilter_query(session.hostfilter) for host_rec in db(query).select(): host_xml = etree.SubElement(hosts_xml, 'host') host_xml.set('ipaddr', host_rec.f_ipaddr) host_xml.set('assetgroup', host_rec.f_asset_group) if host_rec.f_macaddr: host_xml.set('macaddr', host_rec.f_macaddr) if host_rec.f_hostname: host_xml.set('hostname', host_rec.f_hostname.decode('utf-8')) if host_rec.f_netbios_name: host_xml.set('netbios', host_rec.f_netbios_name.decode('utf-8')) # build the os information using the highest certainty record highest = (0, None) for os_rec in db(db.t_host_os_refs.f_hosts_id == host_rec.id).select(): if os_rec.f_certainty > highest[0]: highest = (os_rec.f_certainty, os_rec) if highest[0] > 0: # add os element to the host record = highest[1] os = etree.SubElement(host_xml, 'os') os.set('certainty', str(highest[0])) if record.f_class not in notin: os.set('class', record.f_class) if record.f_family not in notin: os.set('family', record.f_family) # since some os records may not have a cpe id we'll mask them with # using their title, replacing spaces with underscores t_os_rec = db.t_os[record.f_os_id] if t_os_rec.f_cpename in notin: cpeid = t_os_rec.f_title.replace(' ', '_') else: cpeid = t_os_rec.f_cpename os.set('id', cpeid) # if the id isn't in os_records, add it if len(os_xml.findall('.//os[@id="%s"]' % (os.get('id', None)))) < 1: os_info_xml = etree.SubElement(os_xml, 'os') os_rec = db.t_os[highest[1].f_os_id] os_info_xml.set('id', cpeid) os_info_xml.set('title', os_rec.f_title) if os_rec.f_vendor not in notin: vendor = etree.SubElement(os_info_xml, 'vendor') vendor.text = os_rec.f_vendor if os_rec.f_product not in notin: product = etree.SubElement(os_info_xml, 'product') product.text = os_rec.f_product if os_rec.f_version not in notin: version = etree.SubElement(os_info_xml, 'version') version.text = os_rec.f_version if os_rec.f_update not in notin: update = etree.SubElement(os_info_xml, 'update') update.text = os_rec.f_update if os_rec.f_edition not in notin: edition = etree.SubElement(os_info_xml, 'edition') edition.text = os_rec.f_edition if os_rec.f_language not in notin: language = etree.SubElement(os_info_xml, 'language') language.text = os_rec.f_language # snmp strings snmp_recs = db(db.t_snmp.f_hosts_id == host_rec.id).select() if len(snmp_recs) > 0: snmp_top_xml = etree.SubElement(hosts_xml, 'snmps') for record in snmp_recs: snmp_xml = etree.SubElement(snmp_top_xml, 'snmp') if record.f_community not in notin: snmp_xml.set('community', record.f_community.decode('utf-8')) snmp_xml.set('version', record.f_version) snmp_xml.set('access', record.f_access) # netbios information netb_record = db( db.t_netbios.f_hosts_id == host_rec.id).select().first() or None if netb_record: netbios_xml = etree.SubElement(hosts_xml, 'netbios') if netb_record.f_type not in notin: netbios_xml.set('type', netb_record.f_type) if netb_record.f_domain not in notin: netbios_xml.set('domain', netb_record.f_domain.decode('utf-8')) if netb_record.f_lockout_limit not in notin: netbios_xml.set('lockout_limit', str(netb_record.f_lockout_limit)) if netb_record.f_lockout_duration not in notin: netbios_xml.set('lockout_duration', str(netb_record.f_lockout_duration)) if netb_record.f_advertised_names is not None: adv_names_xml = etree.SubElement(netbios_xml, 'advertised_names') for name in netb_record.f_advertised_names: name_xml = etree.SubElement(adv_names_xml, 'name') name.text = name.decode('utf-8') # build the services and vulnerabilities services_xml = etree.SubElement(host_xml, 'services') for svc_rec in db(db.t_services.f_hosts_id == host_rec.id).select(): service_xml = etree.SubElement(services_xml, 'service') service_xml.set('proto', svc_rec.f_proto) service_xml.set('number', svc_rec.f_number) if svc_rec.f_name not in notin: name = etree.SubElement(service_xml, 'name') name.text = svc_rec.f_name.decode('utf-8') if svc_rec.f_banner not in notin: banner = etree.SubElement(service_xml, 'banner') banner.text = svc_rec.f_banner.decode('utf-8') # service configuration records svc_info_recs = db( db.t_service_info.f_services_id == svc_rec.id).select() if len(svc_info_recs) > 0: config_xml = etree.SubElement(service_xml, 'configuration') for info_rec in svc_info_recs: rec_xml = etree.SubElement(config_xml, 'config') if info_rec.f_name not in notin: rec_xml.set('name', info_rec.f_name) if info_rec.f_text not in notin: rec_xml.text = info_rec.f_text.decode('utf-8') # vulnerabilities svc_vuln_recs = db( db.t_service_vulns.f_services_id == svc_rec.id).select() if len(svc_vuln_recs) > 0: svc_vulns_xml = etree.SubElement(service_xml, 'vulns') for vuln_rec in svc_vuln_recs: vuln_xml = etree.SubElement(svc_vulns_xml, 'vuln') vuln_xml.set('status', vuln_rec.f_status) vuln_xml.set( 'id', db.t_vulndata[vuln_rec.f_vulndata_id].f_vulnid) proof = etree.SubElement(vuln_xml, 'proof') proof.text = etree.CDATA( unicode(MARKMIN(vuln_rec.f_proof).xml(), 'utf-8')) # search for the nexpose id in vulns_xml if len( vuln_xml.findall('.//vuln[@id="%s"]' % vuln_xml.get('id', None))) < 1: new_vuln_xml = etree.SubElement(vulns_xml, 'vuln') vulndata = db.t_vulndata[vuln_rec.f_vulndata_id] new_vuln_xml.set('id', vulndata.f_vulnid) new_vuln_xml.set('title', vulndata.f_title) new_vuln_xml.set('severity', str(vulndata.f_severity)) new_vuln_xml.set('pci_sev', str(vulndata.f_pci_sev)) new_vuln_xml.set('cvss_score', str(vulndata.f_cvss_score)) new_vuln_xml.set('cvss_metric', cvss_metrics(vulndata)) description = etree.SubElement(new_vuln_xml, 'description') description.text = etree.CDATA( unicode( MARKMIN(vulndata.f_description).xml(), 'utf-8')) solution = etree.SubElement(new_vuln_xml, 'solution') solution.text = etree.CDATA( unicode( MARKMIN(vulndata.f_solution).xml(), 'utf-8')) # find vulnerability references and add them vuln_refs = db(db.t_vuln_references.f_vulndata_id == vulndata.id).select() if len(vuln_refs) > 0: refs_xml = etree.SubElement( new_vuln_xml, 'references') for ref_rec in vuln_refs: record = db.t_vuln_refs[ref_rec.f_vuln_ref_id] ref_xml = etree.SubElement( refs_xml, 'reference') ref_xml.set('source', record.f_source) ref_xml.text = record.f_text.decode('utf-8') # accounts accounts = db(db.t_accounts.f_services_id == svc_rec.id).select() if len(accounts) > 0: accounts_xml = etree.SubElement(service_xml, 'accounts') for acct_rec in accounts: acct_xml = etree.SubElement(accounts_xml, 'account') if acct_rec.f_username not in notin: elem = etree.SubElement(acct_xml, 'username') elem.text = acct_rec.f_username.decode('utf-8') if acct_rec.f_fullname not in notin: elem = etree.SubElement(acct_xml, 'fullname') elem.text = acct_rec.f_fullname.decode('utf-8') if acct_rec.f_password not in notin: elem = etree.SubElement(acct_xml, 'password') elem.text = acct_rec.f_password.decode('utf-8') if acct_rec.f_hash1 not in notin: elem = etree.SubElement(acct_xml, 'hash1') elem.text = acct_rec.f_hash1 if acct_rec.f_hash1_type not in notin: elem = etree.SubElement(acct_xml, 'hash1_type') elem.text = acct_rec.f_hash1_type if acct_rec.f_hash2 not in notin: elem = etree.SubElement(acct_xml, 'hash2') elem.text = acct_rec.f_hash2 if acct_rec.f_hash2_type not in notin: elem = etree.SubElement(acct_xml, 'hash2_type') elem.text = acct_rec.f_hash2_type if acct_rec.f_uid not in notin: elem = etree.SubElement(acct_xml, 'uid') elem.text = acct_rec.f_uid if acct_rec.f_gid not in notin: elem = etree.SubElement(acct_xml, 'gid') elem.text = acct_rec.f_gid if acct_rec.f_level not in notin: elem = etree.SubElement(acct_xml, 'level') elem.text = acct_rec.f_level if acct_rec.f_domain not in notin: elem = etree.SubElement(acct_xml, 'domain') elem.text = acct_rec.f_domain.decode('utf-8') if acct_rec.f_description not in notin: elem = etree.SubElement(acct_xml, 'description') elem.text = acct_rec.f_description.decode('utf-8') result = etree.tostring(kvasir_results_xml, pretty_print=True, encoding=unicode) return result
# Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(__file__)) # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = os.getenv( 'SECRET_KEY', '3hla%03=fk)zgzk-o&r2-b=76cw^)4xropk$k79d2czond_y@@' ) # SECURITY WARNING: don't run with debug turned on in production! if os.getenv('DEBUG') or os.get('DEBUG') != "False": DEBUG = True else: DEBUG = False ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', ['localhost']) # Application definition DJANGO_APPS = ( # Default Django apps: 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages',