def api_delete_scan(type, id): check_admin() if type == "sqlmap": sqlmap = Sqlmap(id=content_escape(id)) sqlmap.delete() else: return dict(result='failed', error='unknown scan type!') return dict(result='success')
def api_view_scan(type): check_admin() if type == "sqlmap": total = Sqlmap.count_all() page = Page(total, _get_page_index()) sqlmaps = Sqlmap.find_by('order by update_time desc limit ?,?', page.offset, page.limit) return dict(type=content_escape(type), sqlmaps=content_escape(sqlmaps), page=page) else: raise notfound()
def api_edit_scan(type, id): check_admin() if type == "sqlmap": sqlmap = Sqlmap.find_by('where id = ?', content_escape(id)) return dict(type=content_escape(type), id=content_escape(id), sqlmap=content_escape(sqlmap)) else: raise notfound()
def api_add_scan(type): check_admin() now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))) i = ctx.request.input() if type == "sqlmap": sqlmap = Sqlmap() sqlmap.ip = content_escape(i.ip.strip().lower()) sqlmap.port = content_escape(i.port.strip().lower()) sqlmap.status = i.status.strip().lower() sqlmap.update_time = now res = sqlmap_validate(sqlmap) if res == 'success': sqlmap.insert() else: return dict(result='failed', error=res) else: return dict(result='failed', error='unknown scan type!') return dict(result='success')
def api_update_scan(type, id): check_admin() now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))) i = ctx.request.input() if type == "sqlmap": sqlmap = Sqlmap.get(content_escape(id)) sqlmap.ip = content_escape(i.ip.strip().lower()) sqlmap.port = content_escape(i.port.strip().lower()) sqlmap.status = i.status.strip().lower() sqlmap.update_time = now res = sqlmap_validate(sqlmap) if res == 'success': sqlmap.update() else: return dict(result='failed', error=res) else: return dict(result='failed', error='unknown scan type!') return dict(result='success')