def add_task(req, tamper=""): """ 添加扫描任务 :param req: 请求对象 :param tamper: 绕过脚本 :return: """ data = json.loads(req.body) taskid = "" if tamper: data['tamper'] = tamper data = json.dumps(data) http = Http('http', host, port) taskObj = get_taskid(http) if taskObj.get('success') == 'true' or taskObj.get('success') == True: taskid = taskObj.get('taskid') else: taskObj["msg"] = u"获取taskID失败" return taskObj # 启动扫描任务 taskObj = send2task(http, data, taskid) if taskObj.get("success") == "false": taskObj["msg"] = u"获取taskID成功但任务启动失败!" return taskid
def alltasks(req): """ 获取sqlmap扫描任务列表 :param req: :return: """ http = Http('http', host, port) taskid = "0" lists = task_list(http,taskid) data = {"total":lists.get("tasks_num"),"rows":[]} # 获取所有的任务id for taskid in lists.get("tasks"): rows = {"id":"id","status":"1","result":"1","progress":"1","start_time":"1H","end_time":"1H"} rows["id"] = taskid rows["status"] = lists.get("tasks").get(taskid) rows["start_time"],rows["end_time"] = task_utime(http,taskid) taskData = get_taskData(http,taskid) if taskData.get("success") == True: if len(taskData.get("data")) == 0 and len(taskData.get("error")) < 1: rows["result"] = u"扫描未完成或无漏洞" elif len(taskData.get("data")) == 0 and len(taskData.get("error")) > 0: rows["result"] = u"扫描出错" elif len(taskData.get("data")) > 0 and taskData.get("data")[0].get("status") == 1: rows["result"] = u"有漏洞" else: rows["result"] = u"无漏洞" else: rows["result"] = u"任务失败" data["rows"].append(rows) return HttpResponse(json.dumps(data["rows"], ensure_ascii=False))
def __init__(self, name, auth, userid, roomid=None): Thread.__init__(self) self.name = name self.room_name = '' self.http = Http() self.db = Database(DB_HOST, DB_USER, DB_PASW, DB_DB) self.last_heartbeat = datetime.now() self.last_activity = datetime.now() self._killed = False # Create cookies. ck = cookielib.Cookie(version=0, name='turntableUserAuth', value=auth, port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) ck = cookielib.Cookie(version=0, name='turntableUserId', value=userid, port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) ck = cookielib.Cookie(version=0, name='turntableUserNamed', value='true', port=None, port_specified=False, domain='turntable.fm', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False) self.http.cj.set_cookie(ck) test = int( time.time()*1000 ) self.clientid = "%s-0.26004539988934994" % test self.auth = auth self.userid = userid self._msgid = 0 self.roomid = roomid self.current_song = {'id':None, 'starttime':None, 'current_dj':None} self.cmds = [] dataStr = urllib2.urlopen('http://turntable.fm:80/api/room.which_chatserver?roomid=%s' % self.roomid).read() data = json.loads(dataStr) if data[0]: HOST, PORT = data[1]['chatserver'][0], data[1]['chatserver'][1] HOST = HOST.decode('iso-8859-1').encode('utf8') self.ws = create_connection(HOST, PORT, '/socket.io/websocket', False) self.ws.recv() else: log(self, 'LOGIN FAILED')
def web_flush(req): """ 请求所有的扫描任务 :param req: :return: """ http = Http('http', host, port) taskStr = http.get('/admin/0/flush') taskObj = json.loads(taskStr) return HttpResponse(json.dumps(taskObj, ensure_ascii=False))
def web_log(req): """ 获取扫描日志 :param req: :return: """ http = Http('http', host, port) data = json.loads(req.body) log = get_taskLog(http, data.get("taskid")) return HttpResponse(json.dumps(log.get("log"), ensure_ascii=False))
def url_action(self, url, params=()): """ Load by url action """ result = Http().get(url, params) if result: Progress.view(result) is_logging = params.get('log', self.DEFAULT_LOGGING) if is_logging: log.syslog(url, result) exit()
def task_stop(req): """ 结束扫描任务 :param req: :return: """ data = json.loads(req.body) http = Http('http', host, port) obj = {"success": "true", "msg": "任务已停止"} if data and data.get("taskid"): for taskid in data.get("taskid"): obj = stop(http, taskid) if obj.get("success") == "false" or obj.get("success") == False: return HttpResponse(json.dumps(obj, ensure_ascii=False)) return HttpResponse(json.dumps(obj, ensure_ascii=False))
def mq_loop(ch, method, properties, body): print " [x] %r:%r" % (method.routing_key, body,) key = method.routing_key if('logout' == key): print body delete_redis(body) ch.basic_ack(delivery_tag=method.delivery_tag) if('answer' == key): try: http = Http() http.normal_method(body) ch.basic_ack(delivery_tag=method.delivery_tag) except Exception, e: print(e)
def web_delete(req): """ 删除扫描任务 :param req: :return: """ data = json.loads(req.body) http = Http('http', host, port) obj = {"success": "true", "msg": "删除成功"} if data and data.get("taskid"): for taskid in data.get("taskid"): obj = task_delete(http, taskid) if obj.get("success") == "false" or obj.get("success") == False: obj["msg"] = obj.get("message") return HttpResponse(json.dumps(obj, ensure_ascii=False)) return HttpResponse(json.dumps(obj, ensure_ascii=False))
""" taskStr = http.get('/admin/%s/list' % (taskid)) print taskStr host = "127.0.0.1" port = "8889" taskid = "" adminID = "ce5289b7c98f7304a791ef3c22ca3280" url = 'http://192.168.1.175:8099/test.php?id=1' data = {} data['url'] = url data['tamper'] = "versionedmorekeywords" data = json.dumps(data) http = Http('http', host, port) taskObj = get_taskid(http) print type(taskObj) if taskObj.get('success') == 'true' or taskObj.get('success') == True: taskid = taskObj.get('taskid') else: print u"获取taskid失败" #taskid = "9b983be267d395a1" # 启动扫描任务 send2task(http, data, taskid) # 查看扫描结果 get_taskData(http, taskid) # 查看扫描日志 get_taskLog(http, taskid) # 查看扫描状态 get_taskStatus(http, taskid)