def updaterequest(reqhash, taskid, sqlmapapi, sqlidata): oldrequest = json.loads(ds(r.hget("request", reqhash))) oldrequest["taskid"] = taskid oldrequest["sqlmapapi"] = sqlmapapi oldrequest["dbms"] = sqlidata[0]['value'][0]['dbms'] oldrequest["os"] = sqlidata[0]['value'][0]['os'] oldrequest["parameter"] = sqlidata[0]['value'][0]['parameter'] oldrequest["sqlititle"] = sqlidata[0]['value'][0]['data']['1']['title'] b64req = es(json.dumps(oldrequest)) r.hset("request", reqhash, b64req)
def Start_Scan(nothing): ''' Main function of the scan worker, including xss,sqli,xpath,ldap,lfi,sqli_time scan rule. if USESQLMAPAPI= True, user sqlmapapi. sqli: post all the data to sqlmapapi or rule, if is vulun, update taskid to redis server. ''' while True: reqhash = r.rpoplpush("waiting", "running") reqed = r.hget("request", reqhash) if not reqed: continue request = json.loads(ds(reqed)) rules = ['sqli', 'xss', 'xpath', 'ldap', 'lfi' ] #rrules=['xss','sqli','xpath','ldap','lfi','sqli_time'] for rule in rules: try: if rule == 'sqli' and USESQLMAPAPI: newsql = isqlmap() #here wrong! if request.get("uri"): uri = request.get("uri") else: uri = "http://" + request['host'] + request['url'] taskid, api = newsql.extract_request( uri, request['method'], request['headers'], request['postdata']) print taskid, api while not check_status(taskid, api): sleep(7) sqlilen, sqlidata = isvulun(taskid, api) if sqlilen: r.lpush("sqli", reqhash) updaterequest(reqhash, taskid, api, sqlidata) else: scan_obj = general(request['url'], request['host'], request['postdata'], request['headers'], request['method'], request.get('uri')) if 'time' in rule: scan_obj.timecheck = True scan_obj.setname(rule) scan_obj.loadrule() scan_obj.run() if scan_obj.bingo_payload != '': r.lpush(rule, reqhash) r.hset("bingo_payload", reqhash, scan_obj.bingo_payload) except: pass r.lpush("finish", reqhash)