def __init__(self): mysql = MySQLHander() sql = "select writelist,blacklist,rootdomain,blackdomain from settings where id=1" mysql.query(sql) resource = mysql.fetchOneRow() self.writelist,self.blacklist,self.rootdomain,self.blackdomain = list(resource) mysql.close()
def GetStatusInfo(taskid): ''' :param taskid: :return: status,success ''' mysql = MySQLHander() sql = "select target,status,success from task where taskid=\"{0}\" ".format(taskid) mysql.query(sql) data = mysql.fetchOneRow() result = {"target":data[0], "status":data[1], "success":data[2]} mysql.close() return result
class SqlMapAction(object): def __init__(self): xml = XMLDOM() self.db = MySQLHander() self.address = xml.GetElementByName('sqlmap').strip() def _get_server(self): sql = "select server from settings where id = 1" self.db.query(sql) server = self.db.fetchOneRow()[0] if server == None: return False return server def NewTaskId(self, **kwargs): url = "{0}/task/new".format(self.address) response = json.loads(requests.get(url).text) if response['success']: db = MySQLHander() taskid = response['taskid'] sql = "insert into task(`target`, `taskid`, `server`) VALUES (\"{0}\", \"{1}\", \"{2}\")"\ .format(kwargs['target'], taskid, self.address) if db.insert(sql) == 0L: print "Apply New TaskId Success!" else: print "Apply New Task Fail" del db return taskid else: return False def Set_Options(self, **kwargs): server = self._get_server() if server == False: return False url = "{0}/option/{1}/set".format(server, kwargs['taskid']) if "options" in kwargs: data = json.dumps(kwargs['options']) else: data = json.dumps({}) response = json.loads(requests.post(url, data=data, headers=HEADER).text) if response['success']: message = "{0} Set Options successfully".format(time.strftime("[*%H:%M:%S]")) print(message) return True else: return False def update_settings(self, kwargs): mysql = MySQLHander() sql = "update settings set server=\"{0}\", writelist=\"{1}\", blacklist=\"{2}\", proxyaddr=\"{3}\"," \ "rootdomain=\"{4}\", blackdomain = \"{5}\" where id=1 ".format(kwargs.form['sqlmapaddr'], \ kwargs.form['writelist'],kwargs.form['blacklist'],\ kwargs.form['proxyaddr'], getrootdomain(kwargs.form['target']), getrootdomain(kwargs.url)) mysql.update(sql) mysql.close() def start_scan(self, taskid, target): server = self._get_server() url = "{0}/scan/{1}/start".format(server, taskid) data = json.dumps({"url":target}) response = json.loads(requests.post(url,data=data, headers=HEADER).text) if response['success'] == True: print "[!] start task {0} sucess".format(taskid) t = multiprocessing.Process(target=Thread_Handle,args=(taskid,target,)) taskid_thread_Dict.append(taskid) t.start() return True else: return False def StopTask(self, tasklist): if isinstance(tasklist, list) == False: return False return True flag = True for taskid in tasklist: server = self._get_server() url = "{0}/scan/{1}/stop".format(server, taskid) response = json.loads(requests.get(url,None).text) print "-----------\n",response if requests['success'] == True: print "[!] stop task {0} ok!".format(taskid) else: flag = False print "[!] stop task {0} failed!".format(taskid) return flag def Start_Spider(self, taskid, target): t = threading.Thread(target=Spider_Handle,args=(taskid,target,)) t.start() def DeleteAllTask(self): mysql = MySQLHander() sql = "select target,data from task where success=1" mysql.query(sql) slist = mysql.fetchAllRows() for line in slist: sql = "insert into successlist(`target` ,`data`) values (\"{0}\")".format(line[0], line[1]) mysql.insert(sql) sql = "delete from task" mysql.update(sql) mysql.close() print "[!] task schedule has been clear!"