def batch_local_add(self, request, pk=None): user = request.user if not user.is_superuser: return JsonResponse(R.build(msg="权限不足")) image_name_str = request.POST.get("image_names", "") image_names = image_name_str.split(",") rsp_msg = [] for image_name in image_names: if not image_name: continue if ":" not in image_name: image_name += ":latest" image_info = ImageInfo.objects.filter( image_name=image_name).first() if not image_info: image_vul_name = image_name[:image_name.rfind(":")] image_info = ImageInfo(image_name=image_name, image_vul_name=image_vul_name, image_desc=image_vul_name, rank=2.5, is_ok=False, create_date=timezone.now(), update_date=timezone.now()) image_info.save() task_id = tasks.create_image_task( image_info=image_info, user_info=user, request_ip=get_request_ip(request), image_file=None) if task_id: rsp_msg.append("拉取镜像%s任务下发成功" % (image_name, )) return JsonResponse(R.ok(data=rsp_msg))
def create(self, request, *args, **kwargs): """ 创建镜像 :param request: :param args: :param kwargs: :return: """ image_name = request.data.get("image_name", "") image_vul_name = request.data.get("image_vul_name", "") image_desc = request.data.get("image_desc", "") image_port = request.data.get("image_port", "") try: image_rank = request.data.get("rank", default=2.5) image_rank = float(image_rank) except: image_rank = 2.5 image_file = request.FILES.get("file") image_info = None if image_name: if ":" not in image_name: image_name += ":latest" image_info = ImageInfo.objects.filter(image_name=image_name).first() if not image_info: image_vul_name = re.sub(r'[^a-z\-0-9]', "-", image_vul_name, flags=re.I).lower() image_info = ImageInfo(image_name=image_name, image_vul_name=image_vul_name, image_desc=image_desc, image_port=image_port, rank=image_rank, is_ok=False, create_date=timezone.now(), update_date=timezone.now()) if not image_file: image_info.save() return JsonResponse(R.ok(data=image_info.image_id, msg="镜像%s创建成功" % (image_name,)))
def create(self, request, *args, **kwargs): """ 创建镜像 :param request: :param args: :param kwargs: :return: """ user = request.user image_name = request.POST.get("image_name", "") image_vul_name = request.POST.get("image_vul_name", "") image_desc = request.POST.get("image_desc", "") degree = request.POST.get("degree", "") try: image_rank = request.POST.get("rank", default=2.5) image_rank = float(image_rank) except: image_rank = 2.5 try: writeup_date = request.POST.get("writeup_date", "") if writeup_date: writeup_date = json.dumps(writeup_date) except: writeup_date = "" is_flag = request.POST.get("is_flag", True) image_file = request.FILES.get("file") image_info = None if image_name: if ":" not in image_name: image_name += ":latest" image_info = ImageInfo.objects.filter( image_name=image_name).first() if not image_info: image_info = ImageInfo(image_name=image_name, image_vul_name=image_vul_name, image_desc=image_desc, rank=image_rank, is_ok=False, create_date=timezone.now(), update_date=timezone.now(), degree=degree, writeup_date=writeup_date, is_flag=is_flag) if not image_file: image_info.save() task_id = tasks.create_image_task(image_info=image_info, user_info=user, request_ip=get_request_ip(request), image_file=image_file) if image_file: task_info = TaskInfo.objects.filter(task_id=task_id).first() task_msg = task_info.task_msg return JsonResponse(json.loads(task_msg)) return JsonResponse(R.ok(task_id, msg="拉取镜像%s任务下发成功" % (image_name, )))
def create_image(task_id): """ 创建镜像名称 """ task_info = TaskInfo.objects.filter(task_id=task_id, task_status=1).first() if not task_info: return operation_args = task_info.operation_args args = json.loads(operation_args) image_name = args["image_name"].strip() image_desc = args["image_desc"].strip() image_rank = args["rank"] image_vul_name = args["image_vul_name"].strip() image_info = ImageInfo.objects.filter(image_name=image_name).first() if not image_info: image_info = ImageInfo(image_name=image_name, image_desc=image_desc, rank=image_rank, image_vul_name=image_vul_name) image = None msg = {} try: image = client.images.get(image_name) except Exception as e: image_info.is_ok = False image_info.save() try: images = client.images.pull(image_name) if Image == type(images): image = images else: if len(images) > 0: image = images[0] except ImageNotFound: msg = R.build(msg="%s 不存在") except Exception: traceback.print_exc() msg = R.err(msg="%s 添加失败" % (image_name, )) if image: config = image.attrs["ContainerConfig"] port_list = [] if "ExposedPorts" in config: port_list = config["ExposedPorts"] ports = [] for port in port_list: port = port.replace("/", "").replace("tcp", "").replace("udp", "") ports.append(port) image_port = ",".join(ports) image_info.image_port = image_port image_info.is_ok = True image_info.save() msg = R.ok(msg="%s 添加成功" % (image_name, ), data=json.dumps({"image_port": image_port})) task_info.task_status = 3 else: task_info.task_status = 4 task_info.task_msg = json.dumps(msg) task_info.save()
def get_timing_imgs(request): """ 获取官网镜像信息 """ try: url = "http://vulfocus.fofa.so/api/imgs/info" res = requests.get(url, verify=False).content req = json.loads(res) image_names = list(ImageInfo.objects.all().values_list('image_name', flat=True)) for item in req: if item['image_name'] == "": continue if item['image_name'] in image_names: if item['image_name'] == "vulfocus/vulfocus:latest": continue single_img = ImageInfo.objects.filter( image_name__contains=item['image_name']).first() if single_img.image_vul_name != item[ 'image_vul_name'] or single_img.image_vul_name == "": single_img.image_vul_name = item['image_vul_name'] if single_img.image_desc == "": single_img.image_desc = item['image_desc'] if single_img.rank != item['rank']: single_img.rank = item['rank'] if single_img.degree != item['degree']: single_img.degree = json.dumps(item['degree']) if "writeup_date" in item and single_img.writeup_date != item[ 'writeup_date']: single_img.writeup_date = item['writeup_date'] single_img.save() else: if "writeup_date" in item: writeup_date = item['writeup_date'] else: writeup_date = "" image_info = ImageInfo(image_name=item['image_name'], image_vul_name=item['image_vul_name'], image_desc=item['image_desc'], rank=item['rank'], degree=json.dumps(item['degree']), is_ok=False, create_date=timezone.now(), writeup_date=writeup_date, update_date=timezone.now()) image_info.save() return JsonResponse({"code": 200, "data": "成功"}) except Exception as e: return JsonResponse({"code": 201, "data": e})
def update_images(): """ 定时获取dockerhub上的镜像信息 """ url = "https://hub.docker.com/v2/repositories/vulfocus/?ordering=last_updated&page=1&page_size=1" res = requests.get(url).content req = json.loads(res) count = req['count'] num = count / 100 for item_num in range(int(num) + 1): new_url = "https://hub.docker.com/v2/repositories/vulfocus/?ordering=last_updated&page={}&page_size=100".format( item_num + 1) new_res = requests.get(new_url).content new_req = json.loads(new_res) if "results" not in new_req: break result = new_req['results'] image_names = list(ImageInfo.objects.all().values_list('image_name', flat=True)) try: for docker_image_info in result: image_name = "vulfocus/%s" % ( docker_image_info['name'], ) + ':latest' if image_name in image_names: continue if image_name == "vulfocus/vulfocus:latest": continue image_vul_name = image_name[:image_name.rfind(":")] # 替换 CVE CNVD CNNVD _ if "cve" in image_vul_name: image_vul_name = image_vul_name.replace("cve", "CVE") if "cnvd" in image_vul_name: image_vul_name = image_vul_name.replace("cnvd", "CNVD") if "cnnvd" in image_vul_name: image_vul_name = image_vul_name.replace("cnnvd", "CNNVD") if "_" in image_vul_name: image_vul_name = image_vul_name.replace("_", "-") image_info = ImageInfo(image_name=image_name, image_vul_name=image_vul_name, image_desc="", rank=2.5, is_ok=False, create_date=timezone.now(), update_date=timezone.now()) image_info.save() except Exception as e: pass
def create_image(task_id): """ 创建镜像名称 """ task_info = TaskInfo.objects.filter(task_id=task_id, task_status=1).first() if not task_info: return operation_args = task_info.operation_args args = json.loads(operation_args) image_name = args["image_name"].strip() image_info = ImageInfo.objects.filter(image_name=image_name).first() if not image_info: image_desc = image_name image_rank = 2.5 image_vul_name = image_desc image_info = ImageInfo(image_name=image_name, image_desc=image_desc, rank=image_rank, image_vul_name=image_vul_name) image = None msg = {} try: image = client.images.get(image_name) except Exception as e: image_info.is_ok = False image_info.save() try: last_info = {} progress_info = { "total": 0, "progress_count": 0, "progress": round(0.0, 2), } black_list = ["total", "progress_count", "progress"] for line in api_docker_client.pull(image_name, stream=True, decode=True): if "status" in line and "progressDetail" in line and "id" in line: id = line["id"] status = line["status"] if len(line["progressDetail"]) > 0: try: current = line["progressDetail"]["current"] total = line["progressDetail"]["total"] line["progress"] = round((current / total) * 100, 2) if (current / total) > 1: line["progress"] = round(0.99 * 100, 2) except: line["progress"] = round(1 * 100, 2) else: if (("Download" in status or "Pull" in status) and ("complete" in status)) or ("Verifying" in status) or \ ("Layer" in status and "already" in status and "exists" in status): line["progress"] = round(100.00, 2) else: line["progress"] = round(0.00, 2) progress_info[id] = line progress_info["total"] = len(progress_info) - len(black_list) progress_count = 0 for key in progress_info: if key in black_list: continue if 100.00 != progress_info[key]["progress"]: continue progress_count += 1 progress_info["progress_count"] = progress_count progress_info["progress"] = round((progress_count/progress_info["total"])*100, 2) r.set(str(task_id), json.dumps(progress_info,ensure_ascii=False)) print(json.dumps(progress_info, ensure_ascii=False)) last_info = line if "status" in last_info and ("Downloaded newer image for" in last_info["status"] or "Image is up to date for" in last_info["status"]): image = client.images.get(image_name) else: raise Exception except ImageNotFound: msg = R.build(msg="%s 不存在" % (image_name,)) except Exception: traceback.print_exc() msg = R.err(msg="%s 添加失败" % (image_name,)) if image: config = image.attrs["ContainerConfig"] port_list = [] if "ExposedPorts" in config: port_list = config["ExposedPorts"] ports = [] for port in port_list: port = port.replace("/", "").replace("tcp", "").replace("udp", "") ports.append(port) image_port = ",".join(ports) image_info.image_port = image_port image_info.is_ok = True image_info.save() msg = R.ok(msg="%s 添加成功" % (image_name,), data=json.dumps({"image_port": image_port})) task_info.task_status = 3 else: task_info.task_status = 4 task_info.task_msg = json.dumps(msg) task_info.save()
def create_image_task(image_info, user_info, request_ip, image_file=None): """ 创建镜像任务 """ user_id = user_info.id task_id = create_create_image_task(image_info=image_info, user_info=user_info) if user_info.is_superuser: image_name = image_info.image_name image_desc = image_info.image_desc image_vul_name = image_info.image_vul_name image_rank = image_info.rank task_info = TaskInfo.objects.filter(task_id=task_id).first() if image_file: task_msg = {} try: file_info = image_file.read() images = client.images.load(file_info) image = images[0] repo_tags = image.attrs["RepoTags"] if len(repo_tags) == 0: # 移除本地镜像 try: client.images.remove(image.id) except Exception as e: pass task_msg = R.build(msg="文件镜像 Tag 不能为空") else: config = image.attrs["ContainerConfig"] port_list = [] if "ExposedPorts" in config: port_list = config["ExposedPorts"] ports = [] for port in port_list: port = port.replace("/", "").replace("tcp", "").replace("udp", "") ports.append(port) image_name = repo_tags[0] image_port = ",".join(ports) image_info = ImageInfo.objects.filter(image_name=image_name).first() if not image_info: image_info = ImageInfo() image_info.image_name = image_name image_info.image_port = image_port # image_vul_name image_info.image_vul_name = image_name.replace("vulfocus/","") if not image_vul_name else image_vul_name # image_desc image_info.image_desc = image_name.replace("vulfocus/","") if not image_desc else image_desc # rank image_info.rank = 2.5 if image_rank > 5 or image_rank < 0.5 else image_rank image_info.is_ok = True image_info.save() task_info.task_name = "拉取镜像:"+image_name task_info.task_status = 3 task_msg = R.ok(data="%s 添加成功" % (image_name, )) except Exception as e: traceback.print_exc() task_msg = R.err() try: image_info.delete() except: pass task_info.task_status = 4 finally: task_info.task_msg = json.dumps(task_msg) task_info.update_date = timezone.now() task_info.save() elif image_name: # 创建任务 # create_image(task_id=task_id) create_image.delay(task_id) else: R.build(msg="镜像文件或镜像名称不能为空") operation_args = ImageInfoSerializer(image_info).data sys_log = SysLog(user_id=user_id, operation_type="镜像", operation_name="创建", ip=request_ip, operation_value=operation_args["image_vul_name"], operation_args=json.dumps(operation_args)) sys_log.save() else: task_info = TaskInfo.objects.filter(task_id=task_id).first() task_info.task_msg = json.dumps(R.build(msg="权限不足")) task_info.task_status = 3 task_info.update_date = timezone.now() task_info.save() return task_id
def create(self, request, *args, **kwargs): """ 创建镜像 :param request: :param args: :param kwargs: :return: """ user = request.user if not user.is_superuser: return JsonResponse(R.build(msg="权限不足!")) file = request.FILES.get("file") rank = request.POST.get("rank", default=2.5) image_name = request.POST.get("name") try: rank = float(rank) except Exception as e: return JsonResponse(R.build(msg="Rank 格式错误")) image_vul_name = request.POST.get("vul_name", default="") if not image_vul_name: return JsonResponse(R.build(msg="漏洞名称不能为空")) image_desc = request.POST.get("desc", default="") if not file and not image_name: return JsonResponse(R.build(msg="镜像文件或名称不能为空")) if file and image_name: return JsonResponse(R.build(msg="镜像文件或名称不能同时填写")) image_port = "" if not image_name and file: try: file_info = file.read() images = client.images.load(file_info) image = images[0] repo_tags = image.attrs["RepoTags"] if len(repo_tags) == 0: # 移除本地镜像 try: client.images.remove(image.id) except Exception as e: pass return JsonResponse(msg="镜像名称不能为空") config = image.attrs["ContainerConfig"] port_list = [] if "ExposedPorts" in config: port_list = config["ExposedPorts"] ports = [] for port in port_list: port = port.replace("/", "").replace("tcp", "").replace("udp", "") ports.append(port) image_name = repo_tags[0] image_port = ",".join(ports) except Exception as e: return JsonResponse(R.err()) """ 查重 """ count = ImageInfo.objects.filter(image_name=image_name).count() if count > 0: return JsonResponse(R.build(msg="漏洞镜像已存在!")) if not file and image_name: try: image = client.images.get(image_name) except Exception as e: images = client.images.pull(image_name) if Image == type(images): image = images else: if len(images) > 0: image = images[0] else: return JsonResponse(R.build("镜像不存在!")) config = image.attrs["ContainerConfig"] port_list = [] if "ExposedPorts" in config: port_list = config["ExposedPorts"] ports = [] for port in port_list: port = port.replace("/", "").replace("tcp", "").replace("udp", "") ports.append(port) image_port = ",".join(ports) image_info = ImageInfo(image_name=image_name, image_vul_name=image_vul_name, image_port=image_port, rank=rank, image_desc=image_desc) image_info.save() rs_data = ImageInfoSerializer(image_info).data request_ip = get_request_ip(request) sys_log = SysLog(user_id=user.id, operation_type="镜像", operation_name="创建", operation_value=rs_data["image_vul_name"], operation_args=rs_data, ip=request_ip) sys_log.save() return JsonResponse(R.ok(data=rs_data))