def domain_analyse_start(target): ''' C段查询与子域名收集 :param target: :return: ''' domain = target domain_type = get_domain_type(domain) domain_plugin_ctrl = DomainPluginController(domain,domain_type) domain_plugin_ctrl.plugin_init() #发送到各个扫描节点中去并存入数据库 db_core = DomainDB().getConn() producer = ActiveMQProducer() domainscan_dic = {} domainscan_dic['domain'] = domain domainscan_dic['scan_type'] = 'subdomain' domainscan_dic['first_time'] = getCurTime() taskid = db_core.insert_by_dict(DOMAIN_SCAN_TABLE, domainscan_dic) #获取当前的任务ID for domain_item in domain_plugin_ctrl.domain_url: domainUrlDic = {} domainUrlDic['sid'] = taskid domainUrlDic['subdomain'] = domain_item domainUrlDic['active'] = 1 domainUrlDic['first_time'] = getCurTime() db_core.insert_by_dict(DOMAIN_URL_TABLE, domainUrlDic) #send activemq message domain_json = json.dumps({'type':DOMAIN_TYPE[0], 'url':domain_item, 'taskid':taskid}) producer.send2msg(domain_json, 'scan_info') for ip_item in domain_plugin_ctrl.domain_ip: ipUrlDic = {} ipUrlDic['sid'] = taskid ipUrlDic['ips'] = ip_item ipUrlDic['first_time'] = getCurTime() db_core.insert_by_dict(DOMAIN_IP_TABLE, ipUrlDic) cip_json = json.dumps({'type': DOMAIN_TYPE[1], 'ip':ip_item, 'taskid':taskid}) producer.send2msg(cip_json, 'scan_info') logger.info('%s domain analyse done..' % domain) #关闭activemq producer producer.close() db_core.close() #发送邮件 pass
def async_deal_into_db(self, bdomain, taskid): ''' 入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get(block=False) figerinfo = result_dit['figerinfo'] exist_result_list = result_dit['result_list'] for exist_result in exist_result_list: vulurl = {} vulurl['sid'] = taskid vulurl['url'] = exist_result['url'] vulurl['title'] = exist_result['title'] vulurl['keyword'] = '' vulurl['code'] = exist_result['http_code'] vulurl['figerinfo'] = figerinfo vulurl['first_time'] = getCurTime() if bdomain == DOMAIN_TYPE[0]: #sql = "insert into t_web_vulurl(`sid`, `url`, `title`, `keyword`, `code`, `figerinfo`, `first_time`) values('%s', '%s', '%s', '%s', '%s', '%s', '%s')" % (str(taskid), str(exist_result['url']) , str(exist_result['title']), '', str(exist_result['http_code']), figerinfo, getCurTime()) self.plugin_db.insert_by_dict(WEBVUL_TABLE, vulurl) elif bdomain == DOMAIN_TYPE[1]: self.plugin_db.insert_by_dict(WEBIPVUL_TABLE, vulurl) except Exception, e: logger.error(str(e)) break
def async_deal_into_db(self, bdomain, taskid): ''' 入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get(block = False) figerinfo = result_dit['figerinfo'] exist_result_list = result_dit['result_list'] for exist_result in exist_result_list: vulurl = {} vulurl['sid'] = taskid vulurl['url'] = exist_result['url'] vulurl['title'] = exist_result['title'] vulurl['keyword'] = '' vulurl['code'] = exist_result['http_code'] vulurl['figerinfo'] = figerinfo vulurl['first_time'] = getCurTime() if bdomain == DOMAIN_TYPE[0]: #sql = "insert into t_web_vulurl(`sid`, `url`, `title`, `keyword`, `code`, `figerinfo`, `first_time`) values('%s', '%s', '%s', '%s', '%s', '%s', '%s')" % (str(taskid), str(exist_result['url']) , str(exist_result['title']), '', str(exist_result['http_code']), figerinfo, getCurTime()) self.plugin_db.insert_by_dict(WEBVUL_TABLE , vulurl) elif bdomain == DOMAIN_TYPE[1]: self.plugin_db.insert_by_dict(WEBIPVUL_TABLE, vulurl) except Exception,e: logger.error(str(e)) break
def async_deal_into_db(self, taskid): while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get_nowait() if result_dit['status']: sysvul_dic = {} sysvul_dic['sid'] = taskid sysvul_dic['ip'] = result_dit['ip'] sysvul_dic['port'] = result_dit['port'] sysvul_dic['service'] = self.service sysvul_dic['first_time'] = getCurTime() self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic) except: break
def async_deal_into_db(self, bdomain, taskid): ''' 入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get_nowait() if result_dit['status']: iis_vulurl = {} iis_vulurl['sid'] = taskid iis_vulurl['url'] = result_dit['url'] iis_vulurl['first_time'] = getCurTime() self.plugin_db.insert_by_dict(IISPUTVUL_TABLE, iis_vulurl) except: break
def async_deal_into_db(self, taskid): ''' 异步入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get_nowait() if result_dit['status']: sysvul_dic = {} sysvul_dic['sid'] = taskid sysvul_dic['ip'] = result_dit['ip'] sysvul_dic['port'] = result_dit['port'] sysvul_dic['service'] = self.service sysvul_dic['first_time'] = getCurTime() self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic) except: break
def async_deal_into_db(self, taskid): ''' 异步入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get_nowait() portcrack_dic = {} portcrack_dic['sid'] = taskid portcrack_dic['host'] = result_dit['ip'] portcrack_dic['port'] = result_dit['port'] portcrack_dic['username'] = result_dit['username'] portcrack_dic['password'] = result_dit['password'] portcrack_dic['service'] = self.service portcrack_dic['first_time'] = getCurTime() self.plugin_db.insert_by_dict(PORTCRACK_TABLE, portcrack_dic) except: break
def insert_db(self): ''' 结果导入数据库 ''' while self.threadpool.resultQueue.qsize() > 0: result = self.threadpool.resultQueue.get_nowait() for item in result: for port, service in item['scan_result'].iteritems(): if service is None or service == '': service = 'unknown' domainPortDic = {} domainPortDic['sid'] = self.taskid domainPortDic['ip'] = item['ip'] domainPortDic['port'] = port domainPortDic['service'] = service domainPortDic['first_time'] = getCurTime() self.ps_db.insert_by_dict(DOMAIN_PORT_TABLE, domainPortDic) #存入redis 队列 self.portScanDispatch(item['ip'], port)
def async_deal_into_db(self, taskid): ''' 异步入库 :return: ''' while not self.threadpool.resultQueue.empty(): try: result_dit = self.threadpool.resultQueue.get_nowait() if result_dit['status']: sysvul_dic = {} sysvul_dic['sid'] = taskid sysvul_dic['ip'] = result_dit['ip'] sysvul_dic['port'] = result_dit['port'] sysvul_dic['service'] = self.service sysvul_dic['first_time'] = getCurTime() self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic) #self.plugin_db.executeUpdate("insert into t_sys_vul(`sid`, `ip`, `port`, `first_time`, `service`) " # "values('%s', '%s', '%s', '%s', '%s')" % (taskid, result_dit['ip'] , result_dit['port'], getCurTime(), self.service)) except: break