def parse_nmap_report(nmap_stdout, taskid=None): try: # 处理结果并写入后台数据库 nmap_report = NmapParser.parse(nmap_stdout) # 声明后台对应的ORM数据库处理模型 my_services_backend = BackendPluginFactory.create(plugin_name='backend_service', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) my_hosts_backend = BackendPluginFactory.create(plugin_name='backend_host', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) # 开始处理扫描结果 for host in nmap_report.hosts: # print("Nmap scan : {0}".format(host.address)) host.taskid = taskid # 处理主机开放的服务和端口 for serv in host.services: serv.address = host.address serv.taskid = taskid serv.endtime = host.endtime if serv.state in global_log_states: print host.address,serv.get_dict() port_dispath.delay(host.address,base64.b64encode(json.dumps(serv.get_dict())),str(taskid)) #do_port_notify(host.address,serv.get_dict(),taskid) #portDispath(host.address,serv.get_dict(),taskid) serv.save(my_services_backend) host.save(my_hosts_backend) #todo callback return 'Scan finished' except Exception, e: # 处理报表出错,返回错误结果 return e
def parse_nmap_report(nmap_stdout, taskid=None): try: # 处理结果并写入后台数据库 nmap_report = NmapParser.parse(nmap_stdout) # 声明后台对应的ORM数据库处理模型 my_services_backend = BackendPluginFactory.create(plugin_name='backend_service', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) my_hosts_backend = BackendPluginFactory.create(plugin_name='backend_host', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) # 开始处理扫描结果 for host in nmap_report.hosts: # print("Nmap scan : {0}".format(host.address)) host.taskid = taskid # 处理主机开放的服务和端口 for serv in host.services: serv.address = host.address serv.taskid = taskid serv.endtime = host.endtime if serv.state in global_log_states: serv.save(my_services_backend) host.save(my_hosts_backend) return '* Scan finished' except Exception, e: # 处理报表出错,返回错误结果 return e
def parse_nmap_report(nmap_stdout, taskid=None): try: # 处理结果并写入后台数据库 nmap_report = NmapParser.parse(nmap_stdout) # 声明后台对应的ORM数据库处理模型 #t1 = BackendPluginFactory.create(plugin_name='mongodb', dbname='wyportmap', store='test',host='127.0.0.1',port=27017) my_services_backend = BackendPluginFactory.create(plugin_name='backend_service_mongo', dbname='virustotal', store='nmapscan_ports',host='127.0.0.1',port=27017) my_hosts_backend = BackendPluginFactory.create(plugin_name='backend_host_mongo', dbname='virustotal', store='nmapscan_ip', host='127.0.0.1', port=27017) # 开始处理扫描结果 for host in nmap_report.hosts: # print("Nmap scan : {0}".format(host.address)) host.taskid = taskid # open_ports = host.get_open_ports() # print str(open_ports) # 处理主机开放的服务和端口l for serv in host.services: serv.address = host.address serv.taskid = taskid serv.endtime = host.endtime if serv.state in global_log_states: serv.save(my_services_backend) host.save(my_hosts_backend) return '* Scan finished' except Exception, e: # 处理报表出错,返回错误结果 return e
def parse_nmap_report(nmap_stdout, taskid=None): try: # 处理结果并写入后台数据库 nmap_report = NmapParser.parse(nmap_stdout) # 声明后台对应的ORM数据库处理模型 my_services_backend = BackendPluginFactory.create(plugin_name='backend_service', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) my_hosts_backend = BackendPluginFactory.create(plugin_name='backend_host', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) # 开始处理扫描结果 for host in nmap_report.hosts: # print("Nmap scan : {0}".format(host.address)) host.taskid = taskid # 处理主机开放的服务和端口 for serv in host.services: serv.address = host.address serv.taskid = taskid serv.endtime = host.endtime if serv.state in global_log_states: serv.save(my_services_backend) host.save(my_hosts_backend) return '* Scan finished' except Exception as e: # 处理报表出错,返回错误结果 return e
def mongo_test_factory(self): """Invoke factory and test that the object is of the right classes""" #create the backend factory object factory = BackendPluginFactory() mongodb = factory.create(plugin_name="mongodb") self.assertEqual(isinstance(mongodb, NmapBackendPlugin), True) self.assertEqual(isinstance(mongodb, NmapMongoPlugin), True) self.assertEqual(isinstance(mongodb, NmapSqlitePlugin), False)
def mongo_test_insert(self): """"best way to insert is to call save() of nmapreport""" for testfile in self.flist: fd = open(testfile['file'], 'r') s = fd.read() fd.close() nr = NmapParser.parse(s) #create the backend factory object factory = BackendPluginFactory() mongodb = factory.create(plugin_name="mongodb") self.assertNotEqual(nr.save(mongodb),None)
def mongo_test_insert(self): """"best way to insert is to call save() of nmapreport""" for testfile in self.flist: fd = open(testfile['file'], 'r') s = fd.read() fd.close() nr = NmapParser.parse(s) #create the backend factory object factory = BackendPluginFactory() mongodb = factory.create(plugin_name="mongodb") self.assertNotEqual(nr.save(mongodb), None)
def sqliCheck(request, platform=None): reqObj = Req(request) #method filiter if reqObj.method != "GET" and reqObj.method != "POST": return None #后缀删除 ext = getExtByUri(reqObj.uri) if ext in ["gif", "js", "jpg", "css", "png", "ico"]: return None #无参数 filter if reqObj.method != "POST" and len(reqObj.url.split('=')) == 1: return None my_services_backend = BackendPluginFactory.create( plugin_name='backend_permission', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) reqFile = req2file(reqObj.hash, request) notify = global_notify + reqFile + "\'" cmd = global_sqlmap + " -r " + reqFile + global_options + notify print cmd outPut = os.popen(cmd) return outPut.read()
def write_result(self, nm_report): """ Writes nmap input report (JSON) to db as BLOB :param id: input report of type NmapObject :return: None """ report_db = BackendPluginFactory.create(plugin_name='sql', url=self.db_string) nm_report.save(report_db)
def parse_nmap_report(nmap_stdout, taskid=None): try: # 处理结果并写入后台数据库 nmap_report = NmapParser.parse(nmap_stdout) # 声明后台对应的ORM数据库处理模型 my_services_backend = BackendPluginFactory.create( plugin_name='backend_service', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) my_hosts_backend = BackendPluginFactory.create( plugin_name='backend_host', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) # 开始处理扫描结果 for host in nmap_report.hosts: # print("Nmap scan : {0}".format(host.address)) host.taskid = taskid # 处理主机开放的服务和端口 for serv in host.services: serv.address = host.address serv.taskid = taskid serv.endtime = host.endtime if serv.state in global_log_states: print host.address, serv.get_dict() port_dispath.delay( host.address, base64.b64encode(json.dumps(serv.get_dict())), str(taskid)) #do_port_notify(host.address,serv.get_dict(),taskid) #portDispath(host.address,serv.get_dict(),taskid) serv.save(my_services_backend) host.save(my_hosts_backend) #todo callback return 'Scan finished' except Exception, e: # 处理报表出错,返回错误结果 return e
def test_backend_factory(self): """ test_factory BackendPluginFactory.create(**url) Invoke factory and test that the object is of the right classes """ for url in self.urls: backend = BackendPluginFactory.create(**url) self.assertEqual(isinstance(backend, NmapBackendPlugin), True) className = "Nmap%sPlugin" % url['plugin_name'].title() self.assertEqual(backend.__class__.__name__, className, True)
def test_backend_insert(self): """ test_insert best way to insert is to call save() of nmapreport :P """ for nrp in self.reportList: for url in self.urls: #create the backend factory object backend = BackendPluginFactory.create(**url) #save the report returncode = nrp.save(backend) #test return code self.assertNotEqual(returncode, None)
def get_report(self, report_id, raw_data=False): """ returs nmap report from DB, converts JSON to dictionary string :param id: report id :return: if raw_data == False: nmap report if raw_data == True: raw nmap report """ report_db = BackendPluginFactory.create(plugin_name='sql', url=self.db_string) rep = report_db.get(report_id) if raw_data: rep = rep.get_raw_data() return rep
def get_all_reports(self, raw_data=False): """ returs ALL nmap report from DB, converts JSON to dictionary string :return: if raw_data == False: all_reports list if raw_data == True: dict {report ID : raw nmap report} """ raw_list = {} report_db = BackendPluginFactory.create(plugin_name='sql', url=self.db_string) all_reports = report_db.getall() if raw_data == True: for n in all_reports: raw_list[int(n[0])] = n[1].get_raw_data() return raw_list return all_reports
def test_backend_delete(self): """ test_backend_delete inset all report and save the returned id in a list for each id remove the item and test if not present """ id_list = [] result_list = [] for url in self.urls: backend = BackendPluginFactory.create(**url) for nrp in self.reportList: id_list.append(nrp.save(backend)) for rep_id in id_list: result_list.append(backend.delete(rep_id)) self.assertEqual(backend.get(rep_id), None) id_list = [] result_list = []
def get_all_reports(cls): """This classmethod gets a list of all NmapReport. This is done using the libnmap SQL Plugin. Args: cls (cls): The class itself (not an instance) Returns: List of NmapReport object """ dbp = BackendPluginFactory.create(plugin_name='sql', url=app.config["LIBNMAP_DB_URI"], echo=False) return dbp.getall()
def get_report(cls, report_id): """This classmethod gets one NmapReport by report_id. This is done using the libnmap SQL Plugin. Args: cls (cls): The class itself (not an instance) report_id (int): report_id Returns: NmapReport object """ dbp = BackendPluginFactory.create(plugin_name='sql', url=app.config["LIBNMAP_DB_URI"], echo=False) return dbp.get(report_id=report_id)
def test_backend_get(self): """test_backend_get inset all report and save the returned id in a list then get each id and create a new list of report compare each report (assume eq) """ id_list = [] result_list = [] for url in self.urls: backend = BackendPluginFactory.create(**url) for nrp in self.reportList: id_list.append(nrp.save(backend)) for rep_id in id_list: result_list.append(backend.get(rep_id)) self.assertEqual(len(result_list), len(self.reportList)) self.assertEqual((result_list), (self.reportList)) id_list = [] result_list = []
def test_backend_get(self): """ test_backend_get inset all report and save the returned id in a list then get each id and create a new list of report compare each report (assume eq) """ id_list = [] result_list = [] for url in self.urls: backend = BackendPluginFactory.create(**url) for nrp in self.reportList: id_list.append(nrp.save(backend)) for rep_id in id_list: result_list.append(backend.get(rep_id)) #print result_list[0] #print self.reportList[0] self.assertEqual(len(result_list), len(self.reportList)) self.assertEqual((result_list), (self.reportList)) id_list = [] result_list = []
def sqliCheck(request, platform = None): reqObj = Req(request) #method filiter if reqObj.method != "GET" and reqObj.method != "POST": return None #后缀删除 ext = getExtByUri(reqObj.uri) if ext in ["gif","js","jpg","css","png","ico"]: return None #无参数 filter if reqObj.method != "POST" and len(reqObj.url.split('=')) == 1: return None my_services_backend = BackendPluginFactory.create(plugin_name='backend_permission', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) reqFile = req2file(reqObj.hash,request) notify = global_notify + reqFile + "\'" cmd = global_sqlmap+ " -r "+reqFile + global_options + notify print cmd outPut = os.popen(cmd) return outPut.read()
return fileName if __name__ == "__main__": if len(sys.argv) == 2: argv1 = base64.b64decode(sys.argv[1]) print sqliCheck(argv1) elif len(sys.argv) == 3: fh = open(sys.argv[2], 'rb') try: data = fh.read() finally: fh.close() my_services_backend = BackendPluginFactory.create( plugin_name='backend_permission', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) reqObj = Req(data) target = reqObj.host vul_type = global_flag vul_detail = "SQLi Vul:\n" + data my_services_backend.add(target, vul_type, vul_detail) #print "VUL" if permissionCheck(reqStr) else "SAFE" sys.exit(0) else: print("usage: %s base64(request)" % sys.argv[0]) sys.exit(-1)
fh.close() return fileName if __name__ == "__main__": if len(sys.argv) == 2: argv1 = base64.b64decode(sys.argv[1]) print sqliCheck(argv1) elif len(sys.argv) == 3: fh = open(sys.argv[2],'rb') try: data = fh.read( ) finally: fh.close( ) my_services_backend = BackendPluginFactory.create(plugin_name='backend_permission', url=global_dbcoon, echo=False, encoding='utf-8', pool_timeout=3600) reqObj = Req(data) target = reqObj.host vul_type = global_flag vul_detail ="SQLi Vul:\n"+data my_services_backend.add(target,vul_type,vul_detail) #print "VUL" if permissionCheck(reqStr) else "SAFE" sys.exit(0) else: print ("usage: %s base64(request)" % sys.argv[0]) sys.exit(-1)
def save_report(self, task_id=None): """This method stores the NmapReportMeta and NmapReport to db Call this method right after the Celery Task is finished. It will * get a NmapTask object (by the task_id) from db * update the NmapTask completed field in the db to 1 * get a NmapReport object (created from AsyncResult) * save that NmapReport to db table "reports" * save the newly create NmapReportMeta object to db Args: task_id (str): The task_id as a string (e.g faef323-afec3-a...) Returns: True or False Raises: Examples: """ try: _nmap_task = NmapTask.get_by_task_id(task_id=task_id) except: return False if _nmap_task is None: return True # mark nmap_task as done in table _nmap_task.completed = 1 db.session.commit() _report = SubNmapReport.get_report_from_async_result(task_id=task_id) # save Meta information of Report self.task_task_id = _nmap_task.task_id self.task_comment = _nmap_task.comment self.task_created = _nmap_task.created self.task_user_id = _nmap_task.user_id self.report_stored = datetime.datetime.utcnow() try: dbp = BackendPluginFactory.create(plugin_name="sql", url=app.config["LIBNMAP_DB_URI"], echo=False) _id = _report.save(dbp) self.report_id = _id # call Address.discover which discovers and stores addresses r = Address.discover_from_report(report_id=_id) # save new NmapReportMeta instance to db db.session.add(self) db.session.commit() return True except Exception as e: print e return False