def __session_kill(): res = make_response( jsonify(__structure(status="ok", msg=messages(__language(), 166)))) res.set_cookie("key", value="expired") return res
def error_400(error): return jsonify(__structure(status="error", msg=error.description)), 400
def __search_logs(language, page, query): """ search in events (host, date, port, module, category, description, username, password, scan_id, scan_cmd) Args: language: language page: page number query: query to search Returns: an array with JSON structure of founded events or an empty array """ session = create_connection(language) page = int(page * 10 if page > 0 else page * -10) - 10 data_structure = { "host": "", "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected = [] try: for host in session.query(HostsLog).filter( (HostsLog.host.like("%" + str(query) + "%")) | (HostsLog.date.like("%" + str(query) + "%")) | (HostsLog.port.like("%" + str(query) + "%")) | (HostsLog.type.like("%" + str(query) + "%")) | (HostsLog.category.like("%" + str(query) + "%")) | (HostsLog.description.like("%" + str(query) + "%")) | (HostsLog.username.like("%" + str(query) + "%")) | (HostsLog.password.like("%" + str(query) + "%")) | (HostsLog.scan_id.like("%" + str(query) + "%")) | (HostsLog.scan_cmd.like("%" + str(query) + "%"))).group_by( HostsLog.host).order_by(HostsLog.id.desc())[page:page + 11]: for data in session.query(HostsLog).filter( HostsLog.host == str(host.host)).group_by( HostsLog.type, HostsLog.port, HostsLog.username, HostsLog.password, HostsLog.description).order_by( HostsLog.id.desc()).all(): n = 0 capture = None for selected_data in selected: if selected_data["host"] == host.host: capture = n n += 1 if capture is None: tmp = { # fix later, junks "host": data.host, "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected.append(tmp) n = 0 for selected_data in selected: if selected_data["host"] == host.host: capture = n n += 1 if data.host == selected[capture]["host"]: if data.port not in selected[capture]["info"][ "open_ports"] and isinstance(data.port, int): selected[capture]["info"]["open_ports"].append( data.port) if data.type not in selected[capture]["info"][ "scan_methods"]: selected[capture]["info"]["scan_methods"].append( data.type) if data.category not in selected[capture]["info"][ "category"]: selected[capture]["info"]["category"].append( data.category) if data.description not in selected[capture]["info"][ "descriptions"]: selected[capture]["info"]["descriptions"].append( data.description) except Exception as _: return __structure(status="error", msg="database error!") if len(selected) == 0: return __structure(status="finished", msg="No more search results") return selected
def __session_check(): __api_key_check(app, flask_request, __language()) return jsonify(__structure(status="ok", msg=messages(__language(), 165))), 200
def error_404(error): return jsonify( __structure(status="error", msg=messages( app.config["OWASP_NETTACKER_CONFIG"]["language"], 162))), 404
def __last_host_logs(language, page): """ this function created to select the last 10 events from the database. you can goto next page by changing page value. Args: language: language page: page number Returns: an array of events in JSON type if success otherwise an error in JSON type """ session = create_connection(language) page = int(page * 10 if page > 0 else page * -10) - 10 data_structure = { "host": "", "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected = [] try: for host in session.query(HostsLog).group_by(HostsLog.host).order_by( HostsLog.id.desc())[page:page + 11]: for data in session.query(HostsLog).filter( HostsLog.host == host).group_by( HostsLog.type, HostsLog.port, HostsLog.username, HostsLog.password, HostsLog.description).order_by(HostsLog.id.desc()): n = 0 capture = None for selected_data in selected: if selected_data["host"] == host.host: capture = n n += 1 if capture is None: tmp = { # fix later, junks "host": data.host, "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected.append(tmp) n = 0 for selected_data in selected: if selected_data["host"] == host.host: capture = n n += 1 if data.host == selected[capture]["host"]: if data.port not in selected[capture]["info"][ "open_ports"] and isinstance(data.port, int): selected[capture]["info"]["open_ports"].append( data.port) if data.type not in selected[capture]["info"][ "scan_methods"]: selected[capture]["info"]["scan_methods"].append( data.type) if data.category not in selected[capture]["info"][ "category"]: selected[capture]["info"]["category"].append( data.category) if data.description not in selected[capture]["info"][ "descriptions"]: selected[capture]["info"]["descriptions"].append( data.description) except Exception as _: return __structure(status="error", msg="database error!") if len(selected) == 0: return __structure(status="finished", msg="No more search results") return selected
def __session_kill(): language = app.config["OWASP_NETTACKER_CONFIG"]["language"] res = make_response( jsonify(__structure(status="ok", msg=messages(language, 166)))) res.set_cookie("key", value="expired") return res
def __session_check(): language = app.config["OWASP_NETTACKER_CONFIG"]["language"] __api_key_check(app, flask_request, language) return jsonify(__structure(status="ok", msg=messages(language, 165))), 200
def __search_logs(language, page, query): page = int(page * 10 if page > 0 else page * -10) - 10 data_structure = { "host": "", "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected = [] try: for host in send_read_query( """select host from hosts_log where host like \"%%{0}%%\" or date like \"%%{0}%%\" or port like \"%%{0}%%\" or type like \"%%{0}%%\" or category like \"%%{0}%%\" or description like \"%%{0}%%\" or username like \"%%{0}%%\" or password like \"%%{0}%%\" or scan_id like \"%%{0}%%\" or scan_cmd like \"%%{0}%%\" group by host order by id desc limit {1},10""".format( query, page), language): for data in send_read_query( """select host,port,type,category,description from hosts_log where host="{0}" group by type,port,username,""" \ """password,description order by id desc""".format(host[0]), language): n = 0 capture = None for selected_data in selected: if selected_data["host"] == host[0]: capture = n n += 1 if capture is None: tmp = { # fix later, junks "host": data[0], "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected.append(tmp) n = 0 for selected_data in selected: if selected_data["host"] == host[0]: capture = n n += 1 if data[0] == selected[capture]["host"]: if data[1] not in selected[capture]["info"][ "open_ports"] and type(data[1]) is int: selected[capture]["info"]["open_ports"].append(data[1]) if data[2] not in selected[capture]["info"][ "scan_methods"]: selected[capture]["info"]["scan_methods"].append( data[2]) if data[3] not in selected[capture]["info"]["category"]: selected[capture]["info"]["category"].append(data[3]) if data[4] not in selected[capture]["info"][ "descriptions"]: selected[capture]["info"]["descriptions"].append( data[4]) except: return __structure(status="error", msg="database error!") return selected
def __last_host_logs(language, page): """ this function created to select the last 10 events from the database. you can goto next page by changing page value. Args: language: language page: page number Returns: an array of events in JSON type if success otherwise an error in JSON type """ page = int(page * 10 if page > 0 else page * -10) - 10 data_structure = { "host": "", "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected = [] try: for host in send_read_query( """select host from hosts_log where 1 group by host order by id desc limit {0},10""" .format(page), language): for data in send_read_query( """select host,port,type,category,description from hosts_log where host="{0}" group by type,port,username,""" """password,description order by id desc""".format( host[0]), language): n = 0 capture = None for selected_data in selected: if selected_data["host"] == host[0]: capture = n n += 1 if capture is None: tmp = { # fix later, junks "host": data[0], "info": { "open_ports": [], "scan_methods": [], "category": [], "descriptions": [] } } selected.append(tmp) n = 0 for selected_data in selected: if selected_data["host"] == host[0]: capture = n n += 1 if data[0] == selected[capture]["host"]: if data[1] not in selected[capture]["info"][ "open_ports"] and type(data[1]) is int: selected[capture]["info"]["open_ports"].append(data[1]) if data[2] not in selected[capture]["info"][ "scan_methods"]: selected[capture]["info"]["scan_methods"].append( data[2]) if data[3] not in selected[capture]["info"]["category"]: selected[capture]["info"]["category"].append(data[3]) if data[4] not in selected[capture]["info"][ "descriptions"]: selected[capture]["info"]["descriptions"].append( data[4]) except: return __structure(status="error", msg="database error!") if len(selected) == 0: return __structure(status="finished", msg="No more search results") return selected
def __session_set(): language = app.config["OWASP_NETTACKER_CONFIG"]["language"] __api_key_check(app, flask_request, language) res = make_response(jsonify(__structure(status="ok", msg=messages(language, 165)))) res.set_cookie("key", value=app.config["OWASP_NETTACKER_CONFIG"]["api_access_key"]) return res