def __init__(self):
self.port_scan = Port_Scan()
self.mysqldb = Mysql_db()
self.aes_crypto = Aes_Crypto()
self.plugin_path = os.path.join(os.path.dirname(os.path.realpath(__file__)),"plugins")
if not os.path.isdir(self.plugin_path):
raise EnvironmentError
self.items = os.listdir(self.plugin_path)
class Port_Scan():
def __init__(self):
self.mysqldb = Mysql_db()
def nmap_scan(self, username, target, scan_ip, min_port, max_port):
scan_list = []
print('Nmap starting.....')
self.mysqldb.update_scan(username, target, '开始扫描端口')
nm = nmap.PortScanner()
arguments = '-p %s-%s -sS -sV -Pn -T4 --open' % (min_port, max_port)
nm.scan(hosts = scan_ip, arguments = arguments)
try:
for host in nm.all_hosts():
for nmap_proto in nm[host].all_protocols():
lport = nm[host][nmap_proto].keys()
lport = sorted(lport)
for nmap_port in lport:
scan_list.append(str(host) + ':' + str(nmap_port))
print('Nmap scanned.....')
self.mysqldb.update_scan(username, target, '端口扫描结束')
except Exception as e:
print(e)
pass
finally:
pass
return scan_list
def masscan_scan(self, username, target, scan_ip, min_port, max_port, rate):
scan_list = []
print('Masscan starting.....\n')
self.mysqldb.update_scan(username, target, '开始扫描端口')
masscan_scan = masscan.PortScanner()
masscan_scan.scan(hosts = scan_ip, ports = '%s-%s' % (min_port, max_port), arguments = '-sS -Pn -n --randomize-hosts -v --send-eth --open --rate %s' % (rate))
try:
for host in masscan_scan.all_hosts:
for masscan_proto in masscan_scan[host].keys():
for masscan_port in masscan_scan[host][masscan_proto].keys():
scan_list.append(str(host) + ':' + str(masscan_port))
print('Masscan scanned.....\n')
self.mysqldb.update_scan(username, target, '端口扫描结束')
except Exception as e:
print(e)
pass
finally:
pass
return scan_list
class Multiply_Thread():
def __init__(self):
self.port_scan = Port_Scan()
self.mysqldb = Mysql_db()
self.aes_crypto = Aes_Crypto()
self.plugin_path = os.path.join(os.path.dirname(os.path.realpath(__file__)),"plugins")
if not os.path.isdir(self.plugin_path):
raise EnvironmentError
self.items = os.listdir(self.plugin_path)
def async_exe(self, func, args = None, kwargs = None, delay = 0):
"""异步执行方法
:param func: 待执行方法
:param args: 方法args参数
:param kwargs: 方法kwargs参数
:param delay: 执行延迟时间
:return: 执行线程对象
"""
args = args or ()
kwargs = kwargs or {}
def tmp():
self.run(*args, **kwargs)
scheduler = sched.scheduler(time.time, time.sleep)
scheduler.enter(delay, 10, tmp, ())
thread = threading.Thread(target = scheduler.run)
thread.start()
return thread
def run(self, *args, **kwargs):
scan_set = self.mysqldb.get_scan(kwargs['username'], kwargs['target'])
if scan_set['scanner'] == 'nmap':
scan_list = self.port_scan.nmap_scan(kwargs['username'], kwargs['target'], kwargs['scan_ip'], scan_set['min_port'], scan_set['max_port'])
else:
scan_list = self.port_scan.masscan_scan(kwargs['username'], kwargs['target'], kwargs['scan_ip'], scan_set['min_port'], scan_set['max_port'], scan_set['rate'])
self.mysqldb.update_scan(kwargs['username'], kwargs['target'], '开始POC检测')
for ip_port in scan_list:
for item in self.items:
poc_path = os.path.join(self.plugin_path, item)
if '.py' not in poc_path:
poc_items = os.listdir(poc_path)
for poc_item in poc_items:
if poc_item.endswith(".py") and not poc_item.startswith('__'):
plugin_name = poc_item[:-3]
module = importlib.import_module('app.plugins.' + item + '.' + plugin_name)
try:
class_name = plugin_name + '_BaseVerify'
url = 'http://' + ip_port
get_class = getattr(module, class_name)(url)
result = get_class.run()
if result:
if not self.mysqldb.get_vulnerability(kwargs['username'], kwargs['target'], self.aes_crypto.encrypt(ip_port), self.aes_crypto.encrypt(plugin_name)):
self.mysqldb.save_vulnerability(kwargs['username'], kwargs['target'], self.aes_crypto.encrypt(plugin_name), self.aes_crypto.encrypt(ip_port), self.aes_crypto.encrypt(plugin_name), self.aes_crypto.encrypt(plugin_name))
else:
self.mysqldb.update_vulnerability(kwargs['username'], kwargs['target'], self.aes_crypto.encrypt(ip_port), self.aes_crypto.encrypt(plugin_name))
else:
pass
except:
pass
else:
continue
self.mysqldb.update_scan(kwargs['username'], kwargs['target'], '扫描结束')
def __init__(self):
self.mysqldb = Mysql_db()
from app.aes import Aes_Crypto
from app.scan import Port_Scan
from app.multiplythread import Multiply_Thread
#UPLOAD_FOLDER = '/root/zhenjinote/note/vue/static/images' #文件存放路径
UPLOAD_FOLDER = 'images' #文件存放路径
if not os.path.exists("images"):
os.mkdir("images")
ALLOWED_EXTENSIONS = set(['png', 'jpg', 'jpeg', 'gif']) #限制上传文件格式
DATABASE = sys.path[0] + '/mydb.db'
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
app.config['MAX_CONTENT_LENGTH'] = 5 * 1024 * 1024
CORS(app, supports_credentials=True)
mysqldb = Mysql_db()
mysqldb.create_database('linbing')
mysqldb.create_user()
mysqldb.create_target()
mysqldb.create_vulnerability()
mysqldb.create_delete_target()
mysqldb.create_delete_vulnerability()
aes_crypto = Aes_Crypto()
rsa_crypto = Rsa_Crypto()
port_scan = Port_Scan()
def parse_target(target):
scan_ip = ''
try:
url_result = re.findall('https?://(?:[-\w.]|(?:%[\da-fA-F]{2}))+',
class Port_Scan():
def __init__(self):
self.mysqldb = Mysql_db()
def nmap_scan(self, username, target, target_ip, min_port, max_port):
"""
用nmap进行扫描
:param username: 用户名
:param target: 待扫描的目标
:param target_ip: 待扫描的目标ip
:param min_port: 扫描端口的最小值
:param max_port: 扫描端口的最大值
:return scan_list: 扫描的结果
"""
scan_list = []
print('Nmap starting.....')
self.mysqldb.update_scan(username, target, '开始扫描端口')
nm = nmap.PortScanner()
arguments = '-p %s-%s -sS -sV -Pn -T4 --open' % (min_port, max_port)
nm.scan(hosts = target_ip, arguments = arguments)
try:
for host in nm.all_hosts():
for nmap_proto in nm[host].all_protocols():
lport = nm[host][nmap_proto].keys()
lport = sorted(lport)
for nmap_port in lport:
protocol = nm[host][nmap_proto][int(nmap_port)]['name']
product = nm[host][nmap_proto][int(nmap_port)]['product']
version = nm[host][nmap_proto][int(nmap_port)]['version']
if not self.mysqldb.get_target_port(username, target, nmap_port):
self.mysqldb.save_target_port(username, target, nmap_port, protocol, product, version)
else:
self.mysqldb.update_target_port(username, target, nmap_port, protocol, product, version)
scan_list.append(str(host) + ':' + str(nmap_port))
print('Nmap scanned.....')
self.mysqldb.update_scan(username, target, '端口扫描结束')
except Exception as e:
print(e)
pass
finally:
pass
return scan_list
def masscan_scan(self, username, target, target_ip, min_port, max_port, rate):
"""
用masscan进行扫描
:param username: 用户名
:param target: 待扫描的目标
:param target_ip: 待扫描的目标ip
:param min_port: 扫描端口的最小值
:param max_port: 扫描端口的最大值
:param rate: 扫描速率
:return scan_list: 扫描的结果
"""
scan_list = []
print('Masscan starting.....\n')
self.mysqldb.update_scan(username, target, '开始扫描端口')
masscan_scan = masscan.PortScanner()
masscan_scan.scan(hosts = target_ip, ports = '%s-%s' % (min_port, max_port), arguments = '-sS -Pn -n --randomize-hosts -v --send-eth --open --rate %s' % (rate))
try:
for host in masscan_scan.all_hosts:
for masscan_proto in masscan_scan[host].keys():
for masscan_port in masscan_scan[host][masscan_proto].keys():
nm = nmap.PortScanner()
arguments = '-p %s -sS -sV -Pn -T4 --open' % (masscan_port)
nm.scan(hosts = host, arguments = arguments)
for nmap_proto in nm[host].all_protocols():
protocol = nm[host][nmap_proto][int(masscan_port)]['name']
product = nm[host][nmap_proto][int(masscan_port)]['product']
version = nm[host][nmap_proto][int(masscan_port)]['version']
if not self.mysqldb.get_target_port(username, target, masscan_port):
self.mysqldb.save_target_port(username, target, masscan_port, protocol, product, version)
else:
self.mysqldb.update_target_port(username, target, masscan_port, protocol, product, version)
scan_list.append(str(host) + ':' + str(masscan_port))
print('Masscan scanned.....\n')
self.mysqldb.update_scan(username, target, '端口扫描结束')
except Exception as e:
print(e)
pass
finally:
pass
return scan_list
def __init__(self):
self.mysqldb = Mysql_db()
self.aes_crypto = Aes_Crypto()