def api_list_vulns(type): check_admin() if type == "xss": total = Request.count_by('where result_xss = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by( 'where result_xss = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) elif type == "sqli": total = Request.count_by('where result_sqli = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by( 'where result_sqli = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) elif type == "fi": total = Request.count_by('where result_fi = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by( 'where result_fi = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) else: raise notfound() return dict(type=content_escape(type), requests=content_escape(requests), page=page)
def api_view_request(request_rid): check_admin() request = Request.find_by('where rid = ?', request_rid) response = Response.find_by('where rid = ?', request_rid) if request is None or response is None: raise notfound() return dict(request=content_escape(request), response=html_encode(response))
def api_list_vulns(type): check_admin() if type == "xss": total = Request.count_by('where result_xss = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by('where result_xss = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) elif type == "sqli": total = Request.count_by('where result_sqli = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by('where result_sqli = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) elif type == "fi": total = Request.count_by('where result_fi = ?', 'vulnerable') page = Page(total, _get_page_index()) requests = Request.find_by('where result_fi = ? order by id desc limit ?,?', 'vulnerable', page.offset, page.limit) else: raise notfound() return dict(type=content_escape(type), requests=content_escape(requests), page=page)
def api_get_requests(): total = Request.count_all() page = Page(total, _get_page_index()) requests = Request.find_by('order by id desc limit ?,?', page.offset, page.limit) return dict(requests=content_escape(requests), page=page)