def domain_analyse_start(target):
'''
C段查询与子域名收集
:param target:
:return:
'''
domain = target
domain_type = get_domain_type(domain)
domain_plugin_ctrl = DomainPluginController(domain,domain_type)
domain_plugin_ctrl.plugin_init()
#发送到各个扫描节点中去并存入数据库
db_core = DomainDB().getConn()
producer = ActiveMQProducer()
domainscan_dic = {}
domainscan_dic['domain'] = domain
domainscan_dic['scan_type'] = 'subdomain'
domainscan_dic['first_time'] = getCurTime()
taskid = db_core.insert_by_dict(DOMAIN_SCAN_TABLE, domainscan_dic) #获取当前的任务ID
for domain_item in domain_plugin_ctrl.domain_url:
domainUrlDic = {}
domainUrlDic['sid'] = taskid
domainUrlDic['subdomain'] = domain_item
domainUrlDic['active'] = 1
domainUrlDic['first_time'] = getCurTime()
db_core.insert_by_dict(DOMAIN_URL_TABLE, domainUrlDic)
#send activemq message
domain_json = json.dumps({'type':DOMAIN_TYPE[0], 'url':domain_item, 'taskid':taskid})
producer.send2msg(domain_json, 'scan_info')
for ip_item in domain_plugin_ctrl.domain_ip:
ipUrlDic = {}
ipUrlDic['sid'] = taskid
ipUrlDic['ips'] = ip_item
ipUrlDic['first_time'] = getCurTime()
db_core.insert_by_dict(DOMAIN_IP_TABLE, ipUrlDic)
cip_json = json.dumps({'type': DOMAIN_TYPE[1], 'ip':ip_item, 'taskid':taskid})
producer.send2msg(cip_json, 'scan_info')
logger.info('%s domain analyse done..' % domain)
#关闭activemq producer
producer.close()
db_core.close()
#发送邮件
pass
def async_deal_into_db(self, bdomain, taskid):
'''
入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get(block=False)
figerinfo = result_dit['figerinfo']
exist_result_list = result_dit['result_list']
for exist_result in exist_result_list:
vulurl = {}
vulurl['sid'] = taskid
vulurl['url'] = exist_result['url']
vulurl['title'] = exist_result['title']
vulurl['keyword'] = ''
vulurl['code'] = exist_result['http_code']
vulurl['figerinfo'] = figerinfo
vulurl['first_time'] = getCurTime()
if bdomain == DOMAIN_TYPE[0]:
#sql = "insert into t_web_vulurl(`sid`, `url`, `title`, `keyword`, `code`, `figerinfo`, `first_time`) values('%s', '%s', '%s', '%s', '%s', '%s', '%s')" % (str(taskid), str(exist_result['url']) , str(exist_result['title']), '', str(exist_result['http_code']), figerinfo, getCurTime())
self.plugin_db.insert_by_dict(WEBVUL_TABLE, vulurl)
elif bdomain == DOMAIN_TYPE[1]:
self.plugin_db.insert_by_dict(WEBIPVUL_TABLE, vulurl)
except Exception, e:
logger.error(str(e))
break
def async_deal_into_db(self, bdomain, taskid):
'''
入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get(block = False)
figerinfo = result_dit['figerinfo']
exist_result_list = result_dit['result_list']
for exist_result in exist_result_list:
vulurl = {}
vulurl['sid'] = taskid
vulurl['url'] = exist_result['url']
vulurl['title'] = exist_result['title']
vulurl['keyword'] = ''
vulurl['code'] = exist_result['http_code']
vulurl['figerinfo'] = figerinfo
vulurl['first_time'] = getCurTime()
if bdomain == DOMAIN_TYPE[0]:
#sql = "insert into t_web_vulurl(`sid`, `url`, `title`, `keyword`, `code`, `figerinfo`, `first_time`) values('%s', '%s', '%s', '%s', '%s', '%s', '%s')" % (str(taskid), str(exist_result['url']) , str(exist_result['title']), '', str(exist_result['http_code']), figerinfo, getCurTime())
self.plugin_db.insert_by_dict(WEBVUL_TABLE , vulurl)
elif bdomain == DOMAIN_TYPE[1]:
self.plugin_db.insert_by_dict(WEBIPVUL_TABLE, vulurl)
except Exception,e:
logger.error(str(e))
break
def async_deal_into_db(self, taskid):
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
if result_dit['status']:
sysvul_dic = {}
sysvul_dic['sid'] = taskid
sysvul_dic['ip'] = result_dit['ip']
sysvul_dic['port'] = result_dit['port']
sysvul_dic['service'] = self.service
sysvul_dic['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic)
except:
break
def async_deal_into_db(self, bdomain, taskid):
'''
入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
if result_dit['status']:
iis_vulurl = {}
iis_vulurl['sid'] = taskid
iis_vulurl['url'] = result_dit['url']
iis_vulurl['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(IISPUTVUL_TABLE, iis_vulurl)
except:
break
def async_deal_into_db(self, bdomain, taskid):
'''
入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
if result_dit['status']:
iis_vulurl = {}
iis_vulurl['sid'] = taskid
iis_vulurl['url'] = result_dit['url']
iis_vulurl['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(IISPUTVUL_TABLE, iis_vulurl)
except:
break
def async_deal_into_db(self, taskid):
'''
异步入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
if result_dit['status']:
sysvul_dic = {}
sysvul_dic['sid'] = taskid
sysvul_dic['ip'] = result_dit['ip']
sysvul_dic['port'] = result_dit['port']
sysvul_dic['service'] = self.service
sysvul_dic['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic)
except:
break
def async_deal_into_db(self, taskid):
'''
异步入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
portcrack_dic = {}
portcrack_dic['sid'] = taskid
portcrack_dic['host'] = result_dit['ip']
portcrack_dic['port'] = result_dit['port']
portcrack_dic['username'] = result_dit['username']
portcrack_dic['password'] = result_dit['password']
portcrack_dic['service'] = self.service
portcrack_dic['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(PORTCRACK_TABLE, portcrack_dic)
except:
break
def async_deal_into_db(self, taskid):
'''
异步入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
portcrack_dic = {}
portcrack_dic['sid'] = taskid
portcrack_dic['host'] = result_dit['ip']
portcrack_dic['port'] = result_dit['port']
portcrack_dic['username'] = result_dit['username']
portcrack_dic['password'] = result_dit['password']
portcrack_dic['service'] = self.service
portcrack_dic['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(PORTCRACK_TABLE, portcrack_dic)
except:
break
def insert_db(self):
'''
结果导入数据库
'''
while self.threadpool.resultQueue.qsize() > 0:
result = self.threadpool.resultQueue.get_nowait()
for item in result:
for port, service in item['scan_result'].iteritems():
if service is None or service == '':
service = 'unknown'
domainPortDic = {}
domainPortDic['sid'] = self.taskid
domainPortDic['ip'] = item['ip']
domainPortDic['port'] = port
domainPortDic['service'] = service
domainPortDic['first_time'] = getCurTime()
self.ps_db.insert_by_dict(DOMAIN_PORT_TABLE, domainPortDic)
#存入redis 队列
self.portScanDispatch(item['ip'], port)
def async_deal_into_db(self, taskid):
'''
异步入库
:return:
'''
while not self.threadpool.resultQueue.empty():
try:
result_dit = self.threadpool.resultQueue.get_nowait()
if result_dit['status']:
sysvul_dic = {}
sysvul_dic['sid'] = taskid
sysvul_dic['ip'] = result_dit['ip']
sysvul_dic['port'] = result_dit['port']
sysvul_dic['service'] = self.service
sysvul_dic['first_time'] = getCurTime()
self.plugin_db.insert_by_dict(SYSVUL_TABLE, sysvul_dic)
#self.plugin_db.executeUpdate("insert into t_sys_vul(`sid`, `ip`, `port`, `first_time`, `service`) "
# "values('%s', '%s', '%s', '%s', '%s')" % (taskid, result_dit['ip'] , result_dit['port'], getCurTime(), self.service))
except:
break
