def web_flush(req): """ 请求所有的扫描任务 :param req: :return: """ http = Http('http', host, port) taskStr = http.get('/admin/0/flush') taskObj = json.loads(taskStr) return HttpResponse(json.dumps(taskObj, ensure_ascii=False))
def mq_loop(ch, method, properties, body): print " [x] %r:%r" % (method.routing_key, body,) key = method.routing_key if('logout' == key): print body delete_redis(body) ch.basic_ack(delivery_tag=method.delivery_tag) if('answer' == key): try: http = Http() http.normal_method(body) ch.basic_ack(delivery_tag=method.delivery_tag) except Exception, e: print(e)
def alltasks(req): """ 获取sqlmap扫描任务列表 :param req: :return: """ http = Http('http', host, port) taskid = "0" lists = task_list(http,taskid) data = {"total":lists.get("tasks_num"),"rows":[]} # 获取所有的任务id for taskid in lists.get("tasks"): rows = {"id":"id","status":"1","result":"1","progress":"1","start_time":"1H","end_time":"1H"} rows["id"] = taskid rows["status"] = lists.get("tasks").get(taskid) rows["start_time"],rows["end_time"] = task_utime(http,taskid) taskData = get_taskData(http,taskid) if taskData.get("success") == True: if len(taskData.get("data")) == 0 and len(taskData.get("error")) < 1: rows["result"] = u"扫描未完成或无漏洞" elif len(taskData.get("data")) == 0 and len(taskData.get("error")) > 0: rows["result"] = u"扫描出错" elif len(taskData.get("data")) > 0 and taskData.get("data")[0].get("status") == 1: rows["result"] = u"有漏洞" else: rows["result"] = u"无漏洞" else: rows["result"] = u"任务失败" data["rows"].append(rows) return HttpResponse(json.dumps(data["rows"], ensure_ascii=False))
def add_task(req, tamper=""): """ 添加扫描任务 :param req: 请求对象 :param tamper: 绕过脚本 :return: """ data = json.loads(req.body) taskid = "" if tamper: data['tamper'] = tamper data = json.dumps(data) http = Http('http', host, port) taskObj = get_taskid(http) if taskObj.get('success') == 'true' or taskObj.get('success') == True: taskid = taskObj.get('taskid') else: taskObj["msg"] = u"获取taskID失败" return taskObj # 启动扫描任务 taskObj = send2task(http, data, taskid) if taskObj.get("success") == "false": taskObj["msg"] = u"获取taskID成功但任务启动失败!" return taskid
def __init__(self, name, auth, userid, roomid=None): Thread.__init__(self) self.name = name self.room_name = '' self.http = Http() self.db = Database(DB_HOST, DB_USER, DB_PASW, DB_DB) self.last_heartbeat = datetime.now() self.last_activity = datetime.now() self._killed = False # Create cookies. ck = cookielib.Cookie(version=0, name='turntableUserAuth', value=auth, port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) ck = cookielib.Cookie(version=0, name='turntableUserId', value=userid, port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) ck = cookielib.Cookie(version=0, name='turntableUserNamed', value='true', port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) test = int( time.time()*1000 ) self.clientid = "%s-0.26004539988934994" % test self.auth = auth self.userid = userid self._msgid = 0 self.roomid = roomid self.current_song = {'id':None, 'starttime':None, 'current_dj':None} self.cmds = [] dataStr = urllib2.urlopen('http://turntable.fm:80/api/room.which_chatserver?roomid=%s' % self.roomid).read() data = json.loads(dataStr) if data[0]: HOST, PORT = data[1]['chatserver'][0], data[1]['chatserver'][1] HOST = HOST.decode('iso-8859-1').encode('utf8') self.ws = create_connection(HOST, PORT, '/socket.io/websocket', False) self.ws.recv() else: log(self, 'LOGIN FAILED')
def web_log(req): """ 获取扫描日志 :param req: :return: """ http = Http('http', host, port) data = json.loads(req.body) log = get_taskLog(http, data.get("taskid")) return HttpResponse(json.dumps(log.get("log"), ensure_ascii=False))
def url_action(self, url, params=()): """ Load by url action """ result = Http().get(url, params) if result: Progress.view(result) is_logging = params.get('log', self.DEFAULT_LOGGING) if is_logging: log.syslog(url, result) exit()
def task_stop(req): """ 结束扫描任务 :param req: :return: """ data = json.loads(req.body) http = Http('http', host, port) obj = {"success": "true", "msg": "任务已停止"} if data and data.get("taskid"): for taskid in data.get("taskid"): obj = stop(http, taskid) if obj.get("success") == "false" or obj.get("success") == False: return HttpResponse(json.dumps(obj, ensure_ascii=False)) return HttpResponse(json.dumps(obj, ensure_ascii=False))
def web_delete(req): """ 删除扫描任务 :param req: :return: """ data = json.loads(req.body) http = Http('http', host, port) obj = {"success": "true", "msg": "删除成功"} if data and data.get("taskid"): for taskid in data.get("taskid"): obj = task_delete(http, taskid) if obj.get("success") == "false" or obj.get("success") == False: obj["msg"] = obj.get("message") return HttpResponse(json.dumps(obj, ensure_ascii=False)) return HttpResponse(json.dumps(obj, ensure_ascii=False))
def loginfun(req): if req.method == 'POST': form = LoginForm(req.POST) if form.is_valid(): idul = req.POST['idul'] pasw = req.POST['pasw'] user = authenticate(username=idul, password=pasw+idul) if user is not None: login(req, user) return HttpResponseRedirect('/home/') else: http = Http() http.get('https://capsuleweb.ulaval.ca/pls/etprod7/twbkwbis.P_WWWLogin') res = http.post('https://capsuleweb.ulaval.ca/pls/etprod7/twbkwbis.P_ValLogin', { 'sid': idul, 'PIN': pasw }) c = re.compile('invalides', re.S) if not c.search(res): user = User.objects.create_user(idul, '', pasw+idul) user.is_active = False user.save() profile = user.get_profile() res = http.get('https://capsuleweb.ulaval.ca/pls/etprod7/bwskfshd.P_CrseSchd').decode('cp1252').encode('utf-8') c = re.compile('(<TABLE\s\sCLASS="datadisplaytable"(.*?)">.+?)<!--\s\s\*\* START', re.S) t = c.search(res).group(1) profile.horaire = t res = http.get('https://capsuleweb.ulaval.ca/pls/etprod7/bwskoacc.P_ViewAcctTotal').decode('cp1252').encode('utf-8') c = re.compile('<TABLE CLASS="datadisplaytable"(.*?)">(.+?)<!--\s\s\*\* START', re.S) t = c.search(res).group(2) profile.compte = t res = http.post('https://capsuleweb.ulaval.ca/pls/etprod7/bwskgstu.P_StuInfo', { 'term_in': '201109' }).decode('cp1252').encode('utf-8') c = re.compile('<DIV class="pagetitlediv">(.+?)<!--\s\s\*\* START', re.S) t = c.search(res).group(1) profile.dossier = t profile.save() theuser = authenticate(username=idul, password=pasw+idul) login(req, theuser) return HttpResponseRedirect('/home/') else: return render_to_response('login.html', {'err':'Bad username/password'}) else: return render_to_response('login.html', {'err':'Bad username/password'}) res = render_to_response('login.html', {}) res['Cache-Control'] = 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0' res['Pragma'] = 'no-cache' return res
def __init__(self,args): ''' Constructor ''' logging.debug("HttpUriType object created") Http.__init__(self,args)
""" taskStr = http.get('/admin/%s/list' % (taskid)) print taskStr host = "127.0.0.1" port = "8889" taskid = "" adminID = "ce5289b7c98f7304a791ef3c22ca3280" url = 'http://192.168.1.175:8099/test.php?id=1' data = {} data['url'] = url data['tamper'] = "versionedmorekeywords" data = json.dumps(data) http = Http('http', host, port) taskObj = get_taskid(http) print type(taskObj) if taskObj.get('success') == 'true' or taskObj.get('success') == True: taskid = taskObj.get('taskid') else: print u"获取taskid失败" #taskid = "9b983be267d395a1" # 启动扫描任务 send2task(http, data, taskid) # 查看扫描结果 get_taskData(http, taskid) # 查看扫描日志 get_taskLog(http, taskid) # 查看扫描状态 get_taskStatus(http, taskid)
# -*- coding: utf-8 -*- from Http import Http from Settings import IDUL, PASW import re menu = '<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> \ <link rel="stylesheet" media="screen" type="text/css" href="style.css" /> \ Copyright <a href="http://agilbert.name/">Alain Gilbert</a> (<a href="http://twitter.com/#!/alain_gilbert">@alain_gilbert</a>) \ <ul> \ <li><a href="horaire.html">Horaire</a></li> \ <li><a href="compte.html">Frais de scolarite</a></li> \ <li><a href="dossier.html">Dossier scolaire</a></li> \ </ul>' http = Http() http.get('https://capsuleweb.ulaval.ca/pls/etprod7/twbkwbis.P_WWWLogin') http.post('https://capsuleweb.ulaval.ca/pls/etprod7/twbkwbis.P_ValLogin', { 'sid': IDUL, 'PIN': PASW }) with open('main.html', 'w+') as f: f.write(menu) res = http.get('https://capsuleweb.ulaval.ca/css/Y_web_defaultapp.css') with open('style.css', 'w+') as f: f.write(res) res = http.get('https://capsuleweb.ulaval.ca/pls/etprod7/bwskfshd.P_CrseSchd') with open('horaire.html', 'w+') as f: c = re.compile('(<TABLE\s\sCLASS="datadisplaytable"(.*?)">.+?)<!--\s\s\*\* START', re.S) t = c.search(res).group(1) f.write(menu) f.write(t)
def __init__(self,args): ''' Constructor ''' logging.debug("UtlTcp object created") Http.__init__(self,args)
def search_isbn(cls, isbn): url = cls.isbn_url.format(isbn.strip()) # TODO # store data into sql res = Http.get(url) return res
def __init__(self, args): ''' Constructor ''' logging.debug("HttpUriType object created") Http.__init__(self, args)
def __init__(self, args): ''' Constructor ''' logging.debug("UtlTcp object created") Http.__init__(self, args)
def search_key(cls, keyword, page=1): url = cls.key_url.format(keyword, cls.perpage, (page - 1) * cls.perpage) res = Http.get(url) return res