Esempio n. 1
0
 def start_scan(self):
     connectiondb(tasks_db).update_one({'_id': ObjectId(self.task_id)},
                                       {'$set': {
                                           'task_status': 'Running'
                                       }})
     for self.plugin_id in self.plugin_list:
         threads = []
         try:
             plugin_info = connectiondb(plugin_db).find_one(
                 {'_id': ObjectId(self.plugin_id)})
             self.plugin_filename = plugin_info['plugin_filename'].encode(
                 "UTF-8")
             self.poc_name = plugin_info['plugin_name'].encode("UTF-8")
             self.poc_vultype = plugin_info['plugin_vultype'].encode(
                 "UTF-8")
             self.poc_mode = 'verify'
             for i in self.target_list:
                 t = threading.Thread(target=self.verify_poc, args=(i, ))
                 threads.append(t)
             for t in threads:
                 t.start()
                 while True:
                     if len(threading.enumerate()) < scanner_thread:
                         break
         except Exception as e:
             print(e)
     connectiondb(tasks_db).update_one({'_id': ObjectId(self.task_id)}, {
         '$set': {
             'task_status': '扫描完成',
             'end_date': time.strftime("%Y-%m-%d %H:%M:%S",
                                       time.localtime())
         }
     })
Esempio n. 2
0
def local_install():
    print("[*]插件初始化...")
    connectiondb(plugin_db).drop()
    path = os.getcwd() + '/../InsectsAwake/views/modules/scanner/pocsuite_plugin/'
    files = os.listdir(path)
    for file_name in files:
        plugin_info = get_plugin_re(path + file_name.strip())
        if plugin_info is None:
            pass
        else:
            var = connectiondb(plugin_db).insert_one(plugin_info).inserted_id
    print("[*]插件初始化完成!")
    print("[*]当前插件数量:", connectiondb(plugin_db).count())
Esempio n. 3
0
def local_install():
    print("[*]扫描插件初始化...")
    connectiondb(plugin_db).drop()
    path = os.getcwd() + '/pocsuite_plugin/'
    files = os.listdir(path)
    for file_name in files:
        plugin_info = get_plugin_re(path + file_name.strip())
        if plugin_info is None:
            pass
        else:
            db_insert = connectiondb(plugin_db).insert_one(
                plugin_info).inserted_id
    print("[*]初始化完成!")
Esempio n. 4
0
def nmap_scanner(target_host):
    target_ports = connectiondb(config_db).find_one()['port_list']
    result_list = []
    port_scanner = nmap.PortScanner()
    try:
        # 从数据库取出的数据要进行转换
        port_scanner.scan(target_host,
                          ','.join('%s' % port for port in target_ports))
        # 遍历存活端口
        for i in port_scanner[target_host].all_tcp():
            if port_scanner[target_host]['tcp'][i]['state'] == 'open':
                # port_server_data = {
                #     'host': 'host:' + target_host,
                #     'port': 'port:' + str(i),
                #     'port_server':  'server:' + port_scanner[target_host]['tcp'][i]['product'],
                #     'banner': port_scanner[target_host]['tcp'][i]['cpe'],
                # }
                port_server_data = {
                    'host': target_host,
                    'port': i,
                    'port_server':
                    port_scanner[target_host]['tcp'][i]['product'],
                    'banner': port_scanner[target_host]['tcp'][i]['cpe'],
                }
                result_list.append(port_server_data)
    except Exception as e:
        print target_host, e
    return result_list
Esempio n. 5
0
 def verify_poc(self, target):
     self.target = target
     info = {
         "pocname": self.poc_name,
         "pocstring": open(self.plugin_filename, 'r').read(),
         "mode": self.poc_mode
     }
     invoker = Cannon(self.target.strip(), info)
     result = invoker.run()
     if result[-3][0] == 1:
         vul_result = {
             "target": result[0],
             "task_name": self.task_name,
             "task_id": self.task_id,
             "poc_name": result[1],
             "appname": result[3],
             "poc_vultype": self.poc_vultype,
             "vulversion": result[4],
             "scan_date": result[-2],
             "scan_result": result[-1],
             "plugin_id": self.plugin_id
         }
         db_insert = connectiondb(vul_db).insert_one(vul_result).inserted_id
         if db_insert:
             pass
Esempio n. 6
0
def setting_view():
    config_info = connectiondb(config_db).find_one()
    config_json = {
        "subdomain": '\n'.join(config_info['subdomain']),
    }
    collections_names = db_management('collection_names')
    return render_template('setting.html', collections_names=collections_names,
                           config_info=config_info, config_json=config_json)
Esempio n. 7
0
 def __init__(self):
     self.target_list = []
     self.server_db = db_name_conf()['server_db']
     self.asset_db = db_name_conf()['asset_db']
     self.processes_count = int(
         connectiondb(config_db).find_one()['port_thread'])
     self.asset_id = ''
     self.asset_name = ''
Esempio n. 8
0
def start_brute(inc_time):
    schedule.enter(inc_time, 1, start_brute, (inc_time, ))
    subdomain_list = connectiondb(config_db).find_one()['subdomain']
    for domain_text in connectiondb(domain_db).find():
        if domain_text['scan_status'] == "Preparation":
            domain_list = domain_text['domain_text']
            domain_id = domain_text['_id']
            domain_name = domain_text['domain_name']
            print("++++++++++ Scan Start! ++++++++++")
            start_date = datetime.now()
            connectiondb(domain_db).update_one(
                {'_id': ObjectId(domain_id)},
                {'$set': {
                    'scan_status': 'Running'
                }})
            for target in domain_list:
                start = DomainsBrute(target, subdomain_list, domain_id,
                                     domain_name)
                start.run_multi()
            if domain_text['scan_option'] == "Enable":
                for result in connectiondb(subdomain_db).find(
                    {'domain_id': ObjectId(domain_id)}):
                    next_subdomain = eval(result['result']).keys()[0]
                    start = DomainsBrute(next_subdomain, subdomain_list,
                                         domain_id, domain_name)
                    start.run_multi()
            connectiondb(domain_db).update_one(
                {'_id': ObjectId(domain_id)},
                {'$set': {
                    'scan_status': 'Done'
                }})
            scan_time = datetime.now() - start_date
            print("++++++++++ Scan Done! ++++++++++",
                  scan_time.total_seconds())
Esempio n. 9
0
def configuration_change():
    # 端口扫描设置
    if request.form.get('source') == 'port_scan':
        scan_port = request.form.get('scan_port')
        port_thread = request.form.get('port_thread')
        update_doc = {
            'port_list': scan_port,
            'port_thread': port_thread,
        }
        connectiondb(config_db).update({'config_name': {'$regex': '.*'}}, {"$set": update_doc})
        return jsonify({'data': 'success'})

    # 漏洞扫描设置
    elif request.form.get('source') == 'scanner_config':
        scanner_time = request.form.get('scanner_time')
        scanner_thread = request.form.get('scanner_thread')
        update_doc = {
            'scanner_time': scanner_time,
            'scanner_thread': scanner_thread,
        }
        print(update_doc)
        connectiondb(config_db).update_one({'config_name': {'$regex': '.*'}}, {"$set": update_doc})
        return jsonify({'data': 'success'})

    elif request.form.get('source') == 'subdomain_scan':
        subdomain_dict = request.form.get('subdomain_dict').split('\n', -1)
        update_doc = {
            'subdomain': subdomain_dict,
        }
        print(update_doc)
        connectiondb(config_db).update_one({'config_name': {'$regex': '.*'}}, {"$set": update_doc})
        return jsonify({'data': 'success'})
Esempio n. 10
0
 def scan_pool(self):
     target_list = []
     for target in self.target_list:
         target_list.append(target.strip())
     scanner_pool = multiprocessing.Pool(processes=self.processes_count)
     # 目前只能等待一个资产库资产扫描完毕返回结果 出现意外中断 结果没有办法保存 后期要解决掉
     result = scanner_pool.map(nmap_scanner, target_list)
     scanner_pool.close()
     scanner_pool.join()
     if result:
         # 删除旧数据
         connectiondb(self.server_db).remove(
             {'asset_id': ObjectId(self.asset_id)})
         for scan_result in result:
             for server_data in scan_result:
                 server_data['asset_id'] = self.asset_id
                 server_data['asset_name'] = self.asset_name
                 server_data['scan_date'] = datetime.now().strftime(
                     "%Y-%m-%d %H:%M:%S")
                 db_insert = connectiondb(
                     self.server_db).insert_one(server_data).inserted_id
                 if db_insert:
                     print('[*]', self.asset_id,
                           'The result was saved successfully')
Esempio n. 11
0
 def save_db(self, result):
     data = {
         'domain': self.target_domain,
         'result': result,
         'domain_id': self.domain_id,
         'domain_name': self.domain_name,
         'date': datetime.now().strftime("%Y-%m-%d %H:%M:%S")
     }
     print(data)
     try:
         inserted = connectiondb(
             self.subdomain_db_name).insert_one(data).inserted_id
         if inserted:
             print inserted
     except Exception as e:
         print("save_db error", e)
Esempio n. 12
0
 def start_port_scan(self):
     print("++++++++++  Port Scan Start! ++++++++++")
     for asset_data in connectiondb(self.asset_db).find():
         if asset_data['scan_option'] == 'Enable':
             target_hosts = asset_data['asset_text']
             self.asset_id = asset_data['_id']
             self.asset_name = asset_data['asset_name']
             for target_host in target_hosts:
                 # 处理资产库中 以URL形式存在的资产
                 if 'http://' in target_host or 'https://' in target_host:
                     target_host = urlparse(target_host).netloc.split(
                         ':')[0]
                     self.target_list.append(target_host)
                 else:
                     self.target_list = target_hosts
             self.scan_pool()
     print("++++++++++ Port Scan Done! ++++++++++")
Esempio n. 13
0

def local_install():
    print("[*]插件初始化...")
    connectiondb(plugin_db).drop()
    path = os.getcwd() + '/../InsectsAwake/views/modules/scanner/pocsuite_plugin/'
    files = os.listdir(path)
    for file_name in files:
        plugin_info = get_plugin_re(path + file_name.strip())
        if plugin_info is None:
            pass
        else:
            var = connectiondb(plugin_db).insert_one(plugin_info).inserted_id
    print("[*]插件初始化完成!")
    print("[*]当前插件数量:", connectiondb(plugin_db).count())


if __name__ == "__main__":
    local_install()
    connectiondb(config_db).drop()
    config_data = {
        'port_thread': 50,
        'scanner_thread': 80,
        'scanner_time': 60,
        'config_name': 'test',
        'port_list': [20, 21, 22, 23, 80, 81, 443, 445, 544, 873, 1080, 1433, 1434, 1521, 2100, 3306, 3389, 4440, 5671,
                      5672, 5900, 5984, 6379, 7001, 8080, 8081, 8089, 8888, 9090, 9200, 11211, 15672, 27017, 50070],
        'subdomain': ''
    }
    db_insert = connectiondb(config_db).insert_one(config_data).inserted_id
Esempio n. 14
0
# @Desc    : ""

import sched
import time
import datetime
from pocsuite.api.cannon import Cannon
from bson.objectid import ObjectId
import threading
from InsectsAwake.views.lib.mongo_db import connectiondb, db_name_conf

schedule = sched.scheduler(time.time, time.sleep)
config_db = db_name_conf()['config_db']
tasks_db = db_name_conf()['tasks_db']
vul_db = db_name_conf()['vul_db']
plugin_db = db_name_conf()['plugin_db']
scanner_thread = int(connectiondb(config_db).find_one()['scanner_thread'])


class PocsuiteScan:
    def __init__(self, inc_time):
        self.inc_time = inc_time
        self.target_list = ''
        self.target = ''
        self.plugin_list = ''
        self.task_name = ''
        self.task_id = ''
        self.task_status = ''
        self.task_plan = ''
        self.poc_name = ''
        self.poc_filename = ''
        self.poc_mode = ''
Esempio n. 15
0
 def periodic_tasks(self):
     schedule.enter(self.inc_time, 1, self.periodic_tasks, ())
     # Timer(5, periodic_tasks, ()).start()
     for task_info in connectiondb(tasks_db).find():
         self.target_list = task_info['scan_target_list']
         self.plugin_list = task_info['plugin_id']
         self.task_name = task_info['task_name']
         self.task_status = task_info['task_status']
         self.task_plan = int(task_info['task_plan'])
         self.task_id = task_info['_id']
         end_date = task_info['end_date']
         # Single task execution immediately
         if self.task_plan == 0 and "Preparation" in self.task_status:
             print("Temporary plan start...",
                   time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
             self.start_scan()
         # 日扫描计划开始
         if self.task_plan == 1:
             if "Preparation" in self.task_status:
                 print("Day plan start......", self.task_name)
                 # The first scan has no end time, start the task directly
                 self.start_scan()
             elif "Running" in self.task_status:
                 pass
             else:
                 start_date = datetime.datetime.strptime(
                     end_date, "%Y-%m-%d %H:%M:%S")
                 plan_time = (datetime.datetime.now() -
                              start_date).total_seconds()
                 if plan_time > 60 * 60 * 24:
                     self.start_scan()
                 else:
                     pass
         # 周扫描计划
         elif self.task_plan == 7:
             if "Preparation" in self.task_status:
                 print("Weekly plan start...", self.task_name)
                 self.start_scan()
             elif "Running" in self.task_status:
                 pass
             else:
                 start_date = datetime.datetime.strptime(
                     end_date, "%Y-%m-%d %H:%M:%S")
                 plan_time = (datetime.datetime.now() -
                              start_date).total_seconds()
                 if plan_time > 60 * 60 * 24 * 7:
                     self.start_scan()
                 else:
                     pass
         # 月扫描计划
         elif self.task_plan == 30:
             if "Preparation" in self.task_status:
                 print("Month plan start...", self.task_name)
                 self.start_scan()
             elif "Running" in self.task_status:
                 pass
             else:
                 start_date = datetime.datetime.strptime(
                     end_date, "%Y-%m-%d %H:%M:%S")
                 plan_time = (datetime.datetime.now() -
                              start_date).total_seconds()
                 if plan_time > 60 * 60 * 24 * 30:
                     self.start_scan()
                 else:
                     pass
Esempio n. 16
0
def scanner():
    config_db = db_name_conf()['config_db']
    scanner_time = int(connectiondb(config_db).find_one()['scanner_time'])
    print('Scanner is start...')
    scanner_loop_execute(scanner_time)
Esempio n. 17
0
def dev_tools():
    if request.method == 'POST':
        collections_name = request.form.get('collections_name')
        db_command = request.form.get('db_command')
        object_id = request.form.get('object_id')
        result_json = {}
        print collections_name, db_command, object_id

        # 单条查询
        if int(db_command) == 1:
            result = connectiondb(collections_name).find_one()
            result_json = {
                'result': str(result)
            }

        # 批量查询
        elif int(db_command) == 2:
            result = []
            if not object_id == "":
                try:
                    result_cursor = connectiondb(collections_name).find(object_id)
                    for i in result_cursor:
                        result.append(i)
                    result_json = {
                        'result': str(result)
                    }
                    print(result_json)
                except Exception as e:
                    print(e)

            # 返回全部数据
            else:
                try:
                    result_cursor = connectiondb(collections_name).find()
                    for i in result_cursor:
                        result.append(i)
                    print(result)
                    result_json = {
                        'result': str(result)
                    }
                    print(result_json)
                except Exception as e:
                    print(e)

        # 删除集合数据
        elif int(db_command) == 3:
            if not object_id == "":
                print collections_name, object_id
                try:
                    connectiondb(collections_name).delete_one({'_id': ObjectId(object_id)})
                    result_json = {
                        'result': "删除" + str(collections_name) + " 成功!"
                    }
                except Exception as e:
                    print(e)
            else:
                try:
                    connectiondb(collections_name).drop()
                    result_json = {
                        'result': "删除" + str(collections_name) + " 成功!"
                    }
                    print(result_json)
                except Exception as e:
                    print(e)

        return jsonify(result_json)
    config_info = connectiondb(config_db).find_one()
    collections_names = db_management('collection_names')
    return render_template('dev-tools.html', collections_names=collections_names, config_info=config_info)