def scan_xss(_id, url, method, data, cookie, referer):
print '__________Celery task id: %s' % _id
if url:
if method == 'GET':
print 'Scan id:%s, Url: %s' % (_id, url)
dict_cookie = {}
cookies_text = cookie.split("; ")
for i in cookies_text:
try:
dict_cookie[str(i.split("=")[0])] = str(i.split("=")[1])
except Exception as e:
print "dict_cookie error: %s" % e.message
rua = RandomUA()
s = XssScanTag(url, method, data, dict_cookie, referer, rua.ua)
s.run()
elif method == 'POST':
# 将data数据添加有直观展现的标签,类似<img src=1><iframe></iframe>等, 没办法存到数据库,只能人工检查
pass
task_status = TaskStatus()
task_status.set_xss_checked(_id)
def scan_sqli(_id, url, data, referer, cookie, req_text):
print '__________Celery task id: %s' % _id
if url:
print 'Scan id:%s, Url: %s' % (_id, url)
s = AutoSqli(sqlmap_api, url, data, referer, cookie, req_text)
s.run()
task_status = TaskStatus()
task_status.set_sqli_checked(_id)
else:
print 'No url for sqli checking...'
def __init__(self, implicitAcknowledgements, executor):
self.implicitAcknowledgements = implicitAcknowledgements
self.executor = executor
self.status = TaskStatus()
#configure logging
self.logger = logging.getLogger('mesos_framework')
formatter = logging.Formatter('[%(asctime)s] p%(process)s {%(pathname)s:%(lineno)d} %(levelname)s - %(message)s','%m-%d %H:%M:%S')
ch = logging.StreamHandler()
ch.setLevel(logging.DEBUG)
ch.setFormatter(formatter)
ch.setLevel(logging.DEBUG)
self.logger.addHandler(ch)
self.app_list = []
def scan_redirect(_id, url, method, cookie, referer):
print '__________Celery task id: %s' % _id
if url:
print 'Scan id:%s, Url: %s' % (_id, url)
random_UA = RandomUA()
c = CheckRedirect(url, method, cookie, referer, random_UA.ua)
if method == 'GET':
c.make_redirect_url()
for poc in c.lst_poc_url_test:
print "--sub main url: %s" % poc
if c.check_url_redirected(poc):
break
else:
print "url: %s method: %s pass" % (url, method)
task_status = TaskStatus()
task_status.set_sqli_checked(_id)
class MyMesosScheduler(mesos.interface.Scheduler):
def __init__(self, implicitAcknowledgements, executor):
self.implicitAcknowledgements = implicitAcknowledgements
self.executor = executor
self.status = TaskStatus()
#configure logging
self.logger = logging.getLogger('mesos_framework')
formatter = logging.Formatter('[%(asctime)s] p%(process)s {%(pathname)s:%(lineno)d} %(levelname)s - %(message)s','%m-%d %H:%M:%S')
ch = logging.StreamHandler()
ch.setLevel(logging.DEBUG)
ch.setFormatter(formatter)
ch.setLevel(logging.DEBUG)
self.logger.addHandler(ch)
self.app_list = []
def registered(self, driver, frameworkId, masterInfo):
self.logger.info("Registered with framework ID %s" % frameworkId.value)
def addApp(self,appconfig):
self.app_list.append(appconfig)
def resourceOffers(self, driver, offers):
'''
Basic placement strategy (loop over offers and try to push as possible)
'''
id1 = 0
for offer in offers:
offer_tasks = []
if (not self.app_list):
driver.declineOffer(offer.id)
break
appconfig = self.app_list.pop()
task = self.new_docker_task(offer, offer.id.value, appconfig)
self.logger.info("testing logging after initializing task")
offer_tasks.append(task)
#id1 += 1
driver.launchTasks(offer.id, offer_tasks)
#we now add the tasks in taskStatus object
self.status.addApp(appconfig.getName())
self.status.addTask(offer.id.value, appconfig.getName())
break
self.logger.info("Finished ")
'''
for offer in offers:
self.logger.info(offer)
# Let's decline the offer for the moment
'''
def statusUpdate(self, driver, update):
'''
when a task is over, killed or lost (slave crash, ....), this method
will be triggered with a status message.
'''
self.logger.info("Task %s is in state %s" % \
(update.task_id.value, mesos_pb2.TaskState.Name(update.state)))
# we update the status of the app
self.status.updateStatus(update.task_id.value, mesos_pb2.TaskState.Name(update.state))
# we log the status for a sanity check
self.logger.info("Statuses - %s", self.status.getDict())
def frameworkMessage(self, driver, executorId, slaveId, message):
self.logger.info("Received framework message")
def new_docker_task(self, offer, id, appconfig):
'''
Creates a task for mesos
:param offer: mesos offer
:type offer: Offer
:param id: Id of the task (unique)
:type id: str
:param appconfig: config of application to be launched
:type appconfig: Appconfig
'''
task = mesos_pb2.TaskInfo()
# We want of container of type Docker
container = mesos_pb2.ContainerInfo()
container.type = 1 # mesos_pb2.ContainerInfo.Type.DOCKER
# Let's create a volume
# container.volumes, in mesos.proto, is a repeated element
# For repeated elements, we use the method "add()" that returns an object that can be updated
if (appconfig.needStorage()):
volume = container.volumes.add()
volume.container_path = appconfig.getStorage() # Path in container
#TODO: we need to generate paths on host based on hash
volume.host_path = "/tmp/mesosexample" # Path on host
volume.mode = 1 # mesos_pb2.Volume.Mode.RW
#volume.mode = 2 # mesos_pb2.Volume.Mode.RO
# Define the command line to execute in the Docker container
command = mesos_pb2.CommandInfo()
command.value = appconfig.getCmd()
task.command.MergeFrom(command) # The MergeFrom allows to create an object then to use this object in an other one. Here we use the new CommandInfo object and specify to use this instance for the parameter task.command.
task.task_id.value = id
task.slave_id.value = offer.slave_id.value
task.name = appconfig.getName()
# CPUs are repeated elements too
cpus = task.resources.add()
cpus.name = "cpus"
cpus.type = mesos_pb2.Value.SCALAR
cpus.scalar.value = appconfig.getCpus()
# Memory are repeated elements too
mem = task.resources.add()
mem.name = "mem"
mem.type = mesos_pb2.Value.SCALAR
mem.scalar.value = appconfig.getRam()
# Let's focus on the Docker object now
docker = mesos_pb2.ContainerInfo.DockerInfo()
docker.image = appconfig.getImage()
docker.network = 2 # mesos_pb2.ContainerInfo.DockerInfo.Network.BRIDGE
docker.force_pull_image = True
#create parameter object to pass the weave information
param = docker.parameters.add()
param.key = "net"
param.value = "weave"
# Set docker info in container.docker
container.docker.MergeFrom(docker)
# Set docker container in task.container
task.container.MergeFrom(container)
# Return the object
return task
def dispatch_task(self):
task_status = TaskStatus()
if scan_plugin_status['sqli_plugin']:
task_id, method, url, data, referer, cookies, req_text = self.make_task(
'sqli_status')
if task_id:
print "Scan sql injection: %s" % task_id
task_status.set_sqli_checking(ObjectId(task_id))
scan_sqli.apply_async(
(str(task_id), url, data, referer, cookies, req_text))
else:
self.no_sqli = True
print 'No more url left for sqli checking!!!'
else:
print 'sqli plugin status is set to false, passing!!!'
if scan_plugin_status['xss_plugin']:
task_id, method, url, data, referer, cookies, req_text = self.make_task(
'xss_status')
if task_id:
print "Scan xss injection at url: %s" % task_id
task_status.set_xss_checking(ObjectId(task_id))
scan_xss.apply_async(
(str(task_id), url, method, data, cookies, referer))
else:
self.no_xss = True
print 'No more url left for xss checking!!!'
else:
print 'xss plugin status is set to false, passing!!!'
if scan_plugin_status['xss_dom_plugin']:
task_id, method, url, data, referer, cookies, req_text = self.make_task(
'xss_dom_status')
if task_id:
print "Scan xss injection at dom: %s" % task_id
task_status.set_xss_dom_checking(ObjectId(task_id))
scan_xss_dom.apply_async(
(str(task_id), method, url, data, referer, cookies))
else:
self.no_xss_dom = True
print 'No more url left for xss_dom checking!!!'
else:
print 'xss_dom plugin status is set to false, passing!!!'
if scan_plugin_status['redirect_plugin']:
task_id, method, url, data, referer, cookies, req_text = self.make_task(
'redirect_status')
if task_id:
print "Scan redirect: %s" % task_id
task_status.set_redirect_checking(ObjectId(task_id))
scan_redirect.apply_async(
(str(task_id), url, method, cookies, referer))
else:
self.no_redirect = True
print 'No more url left for redirect checking!!!'
else:
print 'redirect plugin status is set to false, passing!!!'
def scan_xss_dom(_id, method, url, data, referer, cookie):
print '__________Celery task id: %s' % str(_id)
if url and method == 'GET':
print 'Scan Url:%s' % url
js_path = '/path/to/your/workdir/casperXSS'
os.chdir(js_path)
print 'Current cwd: %s' % os.getcwd()
fp = open(js_path+'/cookies.txt')
try:
fp.write(cookie)
except Exception, e:
print "Can't not open cookie file: %s" % e.message
finally:
fp.close()
cmd = "casperjs --web-security=false --ssl-protocol=any --ignore-ssl-errors=true xss.js --url=\"%s\"" \
"--cookiejar=cookie.txt" % url
print "scan_xss_dom cmd: %s" % cmd
(status, output) = commands.getstatusoutput(cmd)
print "status: %s, output: %s" % (status, output)
dom_url = output[10:]
XSSRecords.insert(url=dom_url, injection=dom_url, method='xss_dom', special='dom').execute()
ctime = time.strftime("%Y-%m-%d", time.localtime())
with open(js_path+'/domxss.'+ctime+'.log', 'a') as ff:
ff.write(output+'\n')
task_status = TaskStatus()
task_status.set_xss_dom_checked(_id)