def result_data(self, start, offset): """ Get task result """ task_info = self.db.execute( "SELECT id, options, vulnerable, done_time " "FROM task " "ORDER BY vulnerable DESC,done_time DESC " "LIMIT ?,?", ( start, offset, )).fetchall() task_total = self.db.execute("SELECT COUNT(id) " "FROM task").fetchone() result = [] for info in task_info: option = dejsonize(info[1]) result.append({ "id": info[0], "host": option["host"], "method": option["method"], "option": info[1], "vulnerable": u'否' if info[2] == 0 else '是', "done_time": info[3] }) return result, task_total[0]
def get_undo_tasks(self): tasks = [] for task in self.db.execute( "SELECT id, options FROM task " "WHERE task_id IS NULL AND done_time IS NULL AND valid = 1"): tasks.append({ "id": task[0], "options": Task(**dejsonize(task[1])) }) return tasks
def api_slave_connect(): """ 添加节点 """ port, admin_id = dejsonize(request.data)["port"], dejsonize( request.data)["admin_id"] addr = request.remote_addr slave = Slave(admin_id=admin_id, address=addr, port=port) if "{}:{}".format(addr, port) not in master.slaves: if master.add_slave(slave): logger.info( "{addr}:{port}:{admin_id} try to connect successfully".format( addr=request.remote_addr, port=port, admin_id=admin_id)) return jsonify({"status": "success"}) else: logger.info( "{addr}:{port}:{admin_id} try to connect failed".format( addr=request.remote_addr, port=port, admin_id=admin_id)) else: return jsonify({"status": "exist"})
def add_task(self, task): c = self.db.cursor() try: c.execute( "INSERT INTO task(options,create_time,valid) VALUES(?,DATETIME('now','localtime'),1)", (task, )) self.task_queue.put({ "id": c.lastrowid, "options": Task(**dejsonize(task)) }) self.db.commit() return True except self.db.Error: logger.error("Database Error") return False
def get_task_detail(self, task_id): """ Get task detail by task id """ task_info = self.db.execute( "SELECT id,slave_id,options,done_time,vulnerable,result " "FROM task WHERE id= ?", (task_id, )).fetchone() options = dejsonize(task_info[2]) return { "id": task_info[0], "slave_id": task_info[1], "method": options["method"], "host": options["host"], "path": options["path"], "done_time": task_info[3], "cookie": options["cookie"] if options["cookie"] is not None else u'无', "data": options["data"] if options["data"] is not None else u'无', "vulnerable": u'否' if task_info[4] == 0 else u'是', "result": task_info[5] if task_info[4] == 1 else None }
def api_result_data(): """ 扫描结果数据 """ start = 0 length = 0 sEcho = 0 aoData = dejsonize(request.form["aoData"]) for k in aoData: if k["name"] == "iDisplayStart": start = k["value"] if k["name"] == "iDisplayLength": length = k["value"] if k["name"] == "sEcho": sEcho = k["value"] aData, total = master.result_data(start, length) return jsonify({ "sEcho": sEcho + 1, "iTotalRecords": length, "iTotalDisplayRecords": total, "aData": aData })
def list_task(self): resp = dejsonize(get(self.address + "/admin/list")) if resp["success"]: return resp["tasks"] return []