def org_delete_view(org_id):
'''删除组织机构
'''
org_table = Organization()
del_rows = org_table.delete(org_id)
return jsonify({'status': 'success', 'msg': str(del_rows)})
def org_get_view(org_id):
'''根据ID获取一个组织机构
'''
org_table = Organization()
org_row = org_table.get(org_id)
return jsonify(org_row)
def _get_domains(org_id, domain_address, ip_address):
'''获取域名
'''
domain_app = Domain()
domain_attr_app = DomainAttr()
org_app = Organization()
api = AssertInfoParser()
domain_list = []
domains = domain_app.gets_by_org_domain_ip(
org_id, domain_address, ip_address, page=1, rows_per_page=100000)
if domains:
for index, domain_row in enumerate(domains):
ips = domain_attr_app.gets(
query={'tag': 'A', 'r_id': domain_row['id']})
domain_info = api.get_domain_info(domain_row['id'])
domain_list.append({
'id': domain_row['id'],
"index": index+1,
"domain": domain_row['domain'],
"ip": ', '.join(set([ip_row['content'] for ip_row in ips])),
"org_name": org_app.get(int(domain_row['org_id']))['org_name'] if domain_row['org_id'] else '',
"create_time": str(domain_row['create_datetime']),
"update_time": str(domain_row['update_datetime']),
'port': ', '.join([str(x) for x in domain_info['port']]),
'title': '\n'.join(domain_info['title']),
'banner': '\n'.join(domain_info['banner'])
})
return domain_list
def test_org():
from nemo.core.database.organization import Organization
org = Organization()
#row_id = org.add(data={'org_name':'hnsgcc','status':'enable','sort_order':200})
#print(row_id)
#obj = org.get(row_id)
#print(obj)
#data={'org_name':'cqsgcc2','status':'disable','sort_order':300}
#print(org.update(8,data))
#print(org.get(8))
#print(org.delete(6))
print(org.gets(query={'org_name': 'cqsgcc'}, page=1, rows_per_page=2))
def org_update_view(org_id):
'''修改组织机构
'''
org_table = Organization()
org_name = request.form['org_name'].encode('utf-8')
sort_order = request.form['sort_order']
data = {
'org_name': org_name,
'status': request.form['status'],
'sort_order': sort_order
}
row_id = org_table.update(org_id, data)
return jsonify({'status': 'success', 'msg': row_id})
def get_ip_info(self, Id):
'''聚合一个IP的详情
'''
ip_info = {}
# 获取IP
ip_obj = Ip().get(Id)
if not ip_obj:
return None
ip_info.update(ip=ip_obj['ip'],
location=ip_obj['location'],
status=ip_obj['status'],
create_datetime=ip_obj['create_datetime'].strftime(
'%Y-%m-%d %H:%M'),
update_datetime=ip_obj['update_datetime'].strftime(
'%Y-%m-%d %H:%M'))
# 获取组织名称
if ip_obj['org_id']:
organziation__obj = Organization().get(ip_obj['org_id'])
if organziation__obj:
ip_info.update(organization=organziation__obj['org_name'])
else:
ip_info.update(Organization='')
# 端口、标题、banner、端口详情
port_list, title_set, banner_set, ports_attr_info = self.get_ip_port_info(
ip_obj['ip'], ip_obj['id'])
ip_info.update(port_attr=ports_attr_info)
ip_info.update(title=list(title_set))
ip_info.update(banner=list(banner_set))
ip_info.update(port=port_list)
# IP关联的域名
domain_set = self.__get_ip_domain(ip_obj['ip'])
ip_info.update(domain=list(domain_set))
return ip_info
def org_add_view():
'''添加组织机构
'''
if request.method == 'GET':
return render_template('org-add.html')
org_table = Organization()
org_name = request.form['org_name'].encode('utf-8')
sort_order = request.form['sort_order']
data = {
'org_name': org_name,
'status': request.form['status'],
'sort_order': sort_order
}
row_id = org_table.add(data)
return jsonify({'status': 'success', 'msg': row_id})
def get_domain_info(self, Id):
'''聚合一个DOMAIN的详情
'''
domain_info = {}
# 获取DOMAIN
domain_obj = Domain().get(Id)
if not domain_obj:
return None
domain_info.update(
domain=domain_obj['domain'],
create_datetime=domain_obj['create_datetime'].strftime(
'%Y-%m-%d %H:%M'),
update_datetime=domain_obj['update_datetime'].strftime(
'%Y-%m-%d %H:%M'))
# 获取组织名称
if domain_obj['org_id']:
organziation__obj = Organization().get(domain_obj['org_id'])
if organziation__obj:
domain_info.update(organization=organziation__obj['org_name'])
else:
domain_info.update(organization='')
domain_attrs_obj = DomainAttr().gets(query={'r_id': domain_obj['id']})
# 获取域名的属性信息:title和ip,whatweb
title_set = set()
banner_set = set()
ip_set = set()
whatweb_set = set()
for domain_attr_obj in domain_attrs_obj:
if domain_attr_obj['tag'] == 'title':
title_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'A':
ip_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'whatweb':
whatweb_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'server':
banner_set.add(domain_attr_obj['content'])
# 获取域名关联的IP端口详情:
port_set = set()
ip_port_list = []
for domain_ip in ip_set:
ip_obj = Ip().gets(query={'ip': domain_ip})
if ip_obj and len(ip_obj) > 0:
#port_list, title_set, banner_set, ports_attr_info
p, t, b, pai = self.get_ip_port_info(ip_obj[0]['ip'],
ip_obj[0]['id'])
port_set.update(p)
title_set.update(t)
banner_set.update(b)
ip_port_list.extend(pai)
domain_info.update(ip=list(ip_set))
domain_info.update(port=list(port_set))
domain_info.update(title=list(title_set))
domain_info.update(whatweb=list(whatweb_set))
domain_info.update(banner=list(banner_set))
domain_info.update(port_attr=ip_port_list)
return domain_info
def org_list_view():
'''组织机构列表展示
'''
if request.method == 'GET':
return render_template('org-list.html')
org_table = Organization()
org_list = []
json_data = {}
index = 1
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
search_key = request.form.get('search[value]')
order_column = request.form.get('order[0][column]')
order_column = request.form.get('order[0][dir]')
for org in org_table.gets(page=(start // length) + 1,
rows_per_page=length):
org_list.append({
"id": org['id'],
'index': index + start,
'org_name': org['org_name'],
'status': org['status'],
'sort_order': org['sort_order'],
'create_time': str(org['create_datetime']),
'update_time': str(org['update_datetime'])
})
index += 1
count = org_table.count()
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': org_list,
}
except Exception as e:
print(e)
return jsonify(json_data)
def ip_asset_view():
'''IP资产列表展示
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
if not org_list:
org_list = []
org_list.insert(0, {'id': '', 'org_name': '--全部--'})
data = {
'org_list': org_list,
'ip_address_ip': session.get('ip_address_ip', default=''),
'domain_address': session.get('domain_address', default=''),
'port': session.get('port', default=''),
'session_org_id': session.get('session_org_id', default=''),
'pocsuite3_poc_files': Pocsuite3().load_poc_files(),
'xray_poc_files': XRay().load_poc_files()
}
return render_template('ip-list.html', data=data)
ip_table = Ip()
org_table = Organization()
ip_color_tag_table = IpColorTag()
ip_memo_table = IpMemo()
aip = AssertInfoParser()
ip_list = []
json_data = {}
index = 1
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_id = request.form.get('org_id')
ip_address = request.form.get('ip_address')
domain_address = request.form.get('domain_address')
port = request.form.get('port')
content = request.form.get('content')
iplocation = request.form.get('iplocation')
port_status = request.form.get('port_status')
color_tag = request.form.get('color_tag')
memo_content = request.form.get('memo_content')
date_delta = request.form.get('date_delta')
session['ip_address_ip'] = ip_address
session['domain_address'] = domain_address
session['port'] = port
session['session_org_id'] = org_id
count = 0
ips = ip_table.gets_by_search(org_id=org_id,
domain=domain_address,
ip=ip_address,
port=port,
content=content,
iplocation=iplocation,
port_status=port_status,
color_tag=color_tag,
memo_content=memo_content,
date_delta=date_delta,
page=(start // length) + 1,
rows_per_page=length)
if ips:
for ip_row in ips:
# 查询每一个IP的详细属性
port_list, title_set, banner_set, _, port_status_dict = aip.get_ip_port_info(
ip_row['ip'], ip_row['id'])
# 端口+HTTP状态码
port_with_status_list = []
for p in port_list:
if str(p) in port_status_dict and re.match(
r'^\d{3}$', port_status_dict[str(p)]):
port_with_status_list.append("{}[{}]".format(
p, port_status_dict[str(p)]))
else:
port_with_status_list.append(str(p))
# 获取颜色标记
color_tag_obj = ip_color_tag_table.get(ip_row['id'])
# 获取备忘录信息
memo_obj = ip_memo_table.get(ip_row['id'])
# 获取IP关联的漏洞信息:
vul_info = []
vul_results = Vulnerability().gets({'target': ip_row['ip']})
if vul_results and len(vul_results) > 0:
for v in vul_results:
vul_info.append('{}/{}'.format(v['poc_file'],
v['source']))
# 显示的数据
ip_list.append({
'id':
ip_row['id'],
"index":
index + start,
'color_tag':
color_tag_obj['color'] if color_tag_obj else '',
'memo_content':
memo_obj['content'] if memo_obj else '',
'vulnerability':
'\r\n'.join(vul_info),
"org_name":
org_table.get(int(ip_row['org_id']))['org_name']
if ip_row['org_id'] else '',
"ip":
ip_row['ip'],
"status":
ip_row['status'],
"location":
ip_row['location'].split(',')[0]
if ip_row['location'] else '',
"create_time":
str(ip_row['create_datetime']),
"update_time":
str(ip_row['update_datetime']),
"port":
port_with_status_list,
"title":
', '.join(list(title_set)),
"banner":
', '.join(list(banner_set))
})
index += 1
# 查询的记录数量
count = ip_table.count_by_search(org_id=org_id,
domain=domain_address,
ip=ip_address,
port=port,
content=content,
iplocation=iplocation,
port_status=port_status,
color_tag=color_tag,
memo_content=memo_content,
date_delta=date_delta)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': ip_list
}
except Exception as e:
logger.error(traceback.format_exc())
print(e)
return jsonify(json_data)
def domain_asset_view():
'''页面上显示域名资产,datatable前端ajax请求进行分页
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
return render_template('domain-list.html', org_list=org_list)
domain_list = []
ip_table = Ip()
org_table = Organization()
domain_table = Domain()
domain_attr_table = DomainAttr()
index = 1
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_name = request.form.get('org_name')
ip_address = request.form.get('ip_address')
domain_address = request.form.get('domain_address')
domains = domain_table.gets_by_org_domain_ip(org_name,
domain_address,
ip_address,
page=start // length + 1,
rows_per_page=length)
for domain_row in domains:
ips = domain_attr_table.gets(query={
'tag': 'A',
'r_id': domain_row['id']
})
domain_list.append({
'id':
domain_row['id'],
"index":
index + start,
"domain":
domain_row['domain'],
"ip":
', '.join(
set([
'<a href="/ip-info?ip={0}">{0}</a>'.format(
ip_row['content']) for ip_row in ips
])),
"org_name":
org_table.get(int(domain_row['org_id']))['org_name']
if domain_row['org_id'] else '',
"create_time":
str(domain_row['create_datetime']),
"update_time":
str(domain_row['update_datetime'])
})
index += 1
count = domain_table.count_by_org_domain_ip(org_name, domain_address,
ip_address)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': domain_list
}
except Exception as e:
print(e)
pass
return jsonify(json_data)
def ip_asset_view():
'''IP资产列表展示
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
return render_template('ip-list.html', org_list=org_list)
ip_table = Ip()
port_table = Port()
org_table = Organization()
ip_list = []
json_data = {}
index = 1
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_name = request.form.get('org_name')
ip_address = request.form.get('ip_address')
port = request.form.get('port')
ips = ip_table.gets_by_org_ip_port(org_name,
ip_address,
port,
page=(start // length) + 1,
rows_per_page=length)
for ip_row in ips:
ip_list.append({
'id':
ip_row['id'], # 表内序号
"index":
index + start, # 显示序号
"org_name":
org_table.get(int(ip_row['org_id']))['org_name']
if ip_row['org_id'] else '',
"ip":
ip_row['ip'],
"status":
ip_row['status'],
"location":
ip_row['location'],
"port":
', '.join([
'{}'.format(row['port'])
for row in port_table.gets(query={'ip_id': ip_row['id']})
]),
"create_time":
str(ip_row['create_datetime']),
"update_time":
str(ip_row['update_datetime'])
})
index += 1
count = ip_table.count_by_org_ip_port(org_name, ip_address, port)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': ip_list
}
except Exception as e:
print(e)
return jsonify(json_data)
def get_ip_info(self, Id):
'''聚合一个IP的详情
'''
ip_info = {}
# 获取IP
ip_obj = Ip().get(Id)
if not ip_obj:
return None
ip_info.update(id=ip_obj['id'],
ip=ip_obj['ip'],
location=ip_obj['location'],
status=ip_obj['status'],
create_datetime=ip_obj['create_datetime'].strftime(
'%Y-%m-%d %H:%M'),
update_datetime=ip_obj['update_datetime'].strftime(
'%Y-%m-%d %H:%M'))
# 获取组织名称
if ip_obj['org_id']:
organziation__obj = Organization().get(ip_obj['org_id'])
if organziation__obj:
ip_info.update(organization=organziation__obj['org_name'])
else:
ip_info.update(Organization='')
# 端口、标题、banner、端口详情
port_list, title_set, banner_set, ports_attr_info, port_status_dict = self.get_ip_port_info(
ip_obj['ip'], ip_obj['id'])
ip_info.update(port_attr=ports_attr_info)
ip_info.update(title=list(title_set))
ip_info.update(banner=list(banner_set))
ip_info.update(port=port_list)
# IP关联的域名
domain_set = self.__get_ip_domain(ip_obj['ip'])
ip_info.update(domain=list(domain_set))
# 获取标记颜色:
color_tag_obj = IpColorTag().get(ip_obj['id'])
ip_info.update(
color_tag=color_tag_obj['color'] if color_tag_obj else '')
# 获取备忘录信息:
memo_obj = IpMemo().get(ip_obj['id'])
ip_info.update(memo=memo_obj['content'] if memo_obj else '')
# 获取IP关联的漏洞信息:
vul_results = Vulnerability().gets({'target': ip_obj['ip']})
if vul_results and len(vul_results) > 0:
vul_info = []
for v in vul_results:
vul_info.append({
'id':
v['id'],
'target':
v['target'],
'url':
v['url'],
'poc_file':
v['poc_file'],
'source':
v['source'],
'update_datetime':
v['update_datetime'].strftime('%Y-%m-%d %H:%M')
})
ip_info.update(vulnerability=vul_info)
else:
ip_info.update(vulnerability=None)
return ip_info
def domain_asset_view():
'''页面上显示域名资产,datatable前端ajax请求进行分页
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
if not org_list:
org_list = []
org_list.insert(0, {'id': '', 'org_name': '--全部--'})
data = {
'org_list': org_list,
'domain_address': session.get('domain_address', default=''),
'ip_address_domain': session.get('ip_address_domain', default=''),
'session_org_id': session.get('session_org_id', default=''),
'pocsuite3_poc_files': Pocsuite3().load_poc_files(),
'xray_poc_files': XRay().load_poc_files()
}
return render_template('domain-list.html', data=data)
domain_list = []
org_table = Organization()
domain_table = Domain()
domain_attr_table = DomainAttr()
api = AssertInfoParser()
index = 1
json_data = {}
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_id = request.form.get('org_id')
ip_address = request.form.get('ip_address')
domain_address = request.form.get('domain_address')
color_tag = request.form.get('color_tag')
memo_content = request.form.get('memo_content')
date_delta = request.form.get('date_delta')
session['ip_address_domain'] = ip_address
session['domain_address'] = domain_address
session['session_org_id'] = org_id
count = 0
domains = domain_table.gets_by_search(org_id,
domain_address,
ip_address,
color_tag,
memo_content,
date_delta,
page=start // length + 1,
rows_per_page=length)
if domains:
for domain_row in domains:
ips = domain_attr_table.gets(query={
'tag': 'A',
'r_id': domain_row['id']
})
domain_info = api.get_domain_info(domain_row['id'])
# 获取关联的漏洞信息:
vul_info = []
vul_results = Vulnerability().gets(
{'target': domain_row['domain']})
if vul_results and len(vul_results) > 0:
for v in vul_results:
vul_info.append('{}/{}'.format(v['poc_file'],
v['source']))
domain_list.append({
"id":
domain_row['id'],
"index":
index + start,
"color_tag":
domain_info['color_tag'],
"memo_content":
domain_info['memo'],
"domain":
domain_row['domain'],
"ip":
', '.join(
set([
'<a href="/ip-info?ip={0}" target="_blank">{0}</a>'
.format(ip_row['content']) for ip_row in ips
])),
"org_name":
org_table.get(int(domain_row['org_id']))['org_name']
if domain_row['org_id'] else '',
"create_time":
str(domain_row['create_datetime']),
"update_time":
str(domain_row['update_datetime']),
'port':
domain_info['port'],
'title':
', '.join(domain_info['title']),
'banner':
', '.join(domain_info['banner']),
'vulnerability':
'\r\n'.join(vul_info)
})
index += 1
count = domain_table.count_by_search(org_id, domain_address,
ip_address, color_tag,
memo_content, date_delta)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': domain_list
}
except Exception as e:
logger.error(traceback.format_exc())
print(e)
return jsonify(json_data)
def ip_asset_view():
'''IP资产列表展示
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
if not org_list:
org_list = []
org_list.insert(0, {'id': '', 'org_name': '--组织机构--'})
data = {'org_list': org_list, 'ip_address_ip': session.get('ip_address_ip', default=''), 'domain_address': session.get('domain_address', default=''),
'port': session.get('port', default=''), 'session_org_id': session.get('session_org_id', default='')}
return render_template('ip-list.html', data=data)
ip_table = Ip()
org_table = Organization()
aip = AssertInfoParser()
ip_list = []
json_data = {}
index = 1
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_id = request.form.get('org_id')
ip_address = request.form.get('ip_address')
domain_address = request.form.get('domain_address')
port = request.form.get('port')
content = request.form.get('content')
iplocation = request.form.get('iplocation')
session['ip_address_ip'] = ip_address
session['domain_address'] = domain_address
session['port'] = port
session['session_org_id'] = org_id
count = 0
ips = ip_table.gets_by_search(org_id=org_id, domain=domain_address, ip=ip_address,
port=port, content=content, iplocation=iplocation, page=(start//length)+1, rows_per_page=length)
if ips:
for ip_row in ips:
port_list, title_set, banner_set, ports_attr_info = aip.get_ip_port_info(
ip_row['ip'], ip_row['id'])
ip_list.append({
'id': ip_row['id'],
"index": index+start,
"org_name": org_table.get(int(ip_row['org_id']))['org_name'] if ip_row['org_id'] else '',
"ip": ip_row['ip'],
"status": ip_row['status'],
"location": ip_row['location'].split(',')[0] if ip_row['location'] else '',
"create_time": str(ip_row['create_datetime']),
"update_time": str(ip_row['update_datetime']),
"port": port_list,
"title": ', '.join(list(title_set)),
"banner": ', '.join(list(banner_set))
})
index += 1
count = ip_table.count_by_search(org_id=org_id, domain=domain_address,
ip=ip_address, port=port, content=content, iplocation=iplocation)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': ip_list
}
except Exception as e:
logger.error(traceback.format_exc())
print(e)
return jsonify(json_data)
def get_domain_info(self, Id):
'''聚合一个DOMAIN的详情
'''
domain_info = {}
# 获取DOMAIN
domain_obj = Domain().get(Id)
if not domain_obj:
return None
domain_info.update(
id=domain_obj['id'],
domain=domain_obj['domain'],
create_datetime=domain_obj['create_datetime'].strftime(
'%Y-%m-%d %H:%M'),
update_datetime=domain_obj['update_datetime'].strftime(
'%Y-%m-%d %H:%M'))
# 获取组织名称
if domain_obj['org_id']:
organziation__obj = Organization().get(domain_obj['org_id'])
if organziation__obj:
domain_info.update(organization=organziation__obj['org_name'])
else:
domain_info.update(organization='')
domain_attrs_obj = DomainAttr().gets(query={'r_id': domain_obj['id']})
# 获取域名的属性信息:title和ip,whatweb
title_set = set()
banner_set = set()
ip_set = set()
whatweb_set = set()
httpx_set = set()
for domain_attr_obj in domain_attrs_obj:
if domain_attr_obj['tag'] == 'title':
title_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'A':
ip_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'whatweb':
whatweb_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'server':
banner_set.add(domain_attr_obj['content'])
elif domain_attr_obj['tag'] == 'httpx':
httpx_set.add(domain_attr_obj['content'])
# 获取域名关联的IP端口详情:
port_set = set()
ip_port_list = []
for domain_ip in ip_set:
ip_obj = Ip().gets(query={'ip': domain_ip})
if ip_obj and len(ip_obj) > 0:
# port_list, title_set, banner_set, ports_attr_info
p, t, b, pai, ps = self.get_ip_port_info(
ip_obj[0]['ip'], ip_obj[0]['id'])
port_set.update(p)
title_set.update(t)
banner_set.update(b)
ip_port_list.extend(pai)
domain_info.update(ip=list(ip_set))
domain_info.update(port=list(port_set))
domain_info.update(title=list(title_set))
domain_info.update(whatweb=list(whatweb_set))
domain_info.update(httpx=list(httpx_set))
domain_info.update(banner=list(banner_set))
domain_info.update(port_attr=ip_port_list)
# 获取标记颜色:
color_tag_obj = DomainColorTag().get(domain_obj['id'])
domain_info.update(
color_tag=color_tag_obj['color'] if color_tag_obj else '')
# 获取备忘录信息:
memo_obj = DomainMemo().get(domain_obj['id'])
domain_info.update(memo=memo_obj['content'] if memo_obj else '')
# 获取关联的漏洞信息:
vul_results = Vulnerability().gets({'target': domain_obj['domain']})
if vul_results and len(vul_results) > 0:
vul_info = []
for v in vul_results:
vul_info.append({
'id':
v['id'],
'target':
v['target'],
'url':
v['url'],
'poc_file':
v['poc_file'],
'source':
v['source'],
'update_datetime':
v['update_datetime'].strftime('%Y-%m-%d %H:%M')
})
domain_info.update(vulnerability=vul_info)
else:
domain_info.update(vulnerability=None)
return domain_info
def domain_asset_view():
'''页面上显示域名资产,datatable前端ajax请求进行分页
'''
if request.method == 'GET':
org_table = Organization()
org_list = org_table.gets()
if not org_list:
org_list = []
org_list.insert(0, {'id': '', 'org_name': '--组织机构--'})
data = {
'org_list': org_list,
'domain_address': session.get('domain_address', default=''),
'ip_address_domain': session.get('ip_address_domain', default=''),
'session_org_id': session.get('session_org_id', default='')
}
return render_template('domain-list.html', data=data)
domain_list = []
org_table = Organization()
domain_table = Domain()
domain_attr_table = DomainAttr()
api = AssertInfoParser()
index = 1
json_data = {}
try:
draw = int(request.form.get('draw'))
start = int(request.form.get('start'))
length = int(request.form.get('length'))
org_id = request.form.get('org_id')
ip_address = request.form.get('ip_address')
domain_address = request.form.get('domain_address')
session['ip_address_domain'] = ip_address
session['domain_address'] = domain_address
session['session_org_id'] = org_id
count = 0
domains = domain_table.gets_by_org_domain_ip(org_id,
domain_address,
ip_address,
page=start // length + 1,
rows_per_page=length)
if domains:
for domain_row in domains:
ips = domain_attr_table.gets(query={
'tag': 'A',
'r_id': domain_row['id']
})
domain_info = api.get_domain_info(domain_row['id'])
domain_list.append({
'id':
domain_row['id'],
"index":
index + start,
"domain":
domain_row['domain'],
"ip":
', '.join(
set([
'<a href="/ip-info?ip={0}" target="_blank">{0}</a>'
.format(ip_row['content']) for ip_row in ips
])),
"org_name":
org_table.get(int(domain_row['org_id']))['org_name']
if domain_row['org_id'] else '',
"create_time":
str(domain_row['create_datetime']),
"update_time":
str(domain_row['update_datetime']),
'port':
domain_info['port'],
'title':
', '.join(domain_info['title']),
'banner':
', '.join(domain_info['banner'])
})
index += 1
count = domain_table.count_by_org_domain_ip(
org_id, domain_address, ip_address)
json_data = {
'draw': draw,
'recordsTotal': count,
'recordsFiltered': count,
'data': domain_list
}
except Exception as e:
logger.error(traceback.format_exc())
print(e)
return jsonify(json_data)