def console():
bugbit, bugtype = core.GetBit()
counts = core.GetCounts()
ports = core.GetPort()
services = core.GetServices()
target = core.GetTargetCount()
if 'targetscan' in session:
urls = session['targetscan'].split()
redispool.hincrby('targetscan', 'waitcount', len(urls))
for url in urls:
queue.enqueue(SZheScan, url)
# SZheScan.delay(url)
session.pop('targetscan')
try:
lastscantime = BaseInfo.query.order_by(BaseInfo.id.desc()).first().date
except:
lastscantime = "暂无扫描"
pass
if request.method == 'GET':
return render_template('console.html',
bugbit=bugbit,
bugtype=bugtype,
counts=counts,
lastscantime=lastscantime,
ports=ports,
services=services,
target=target)
else:
session['targetscan'] = request.form.get('urls')
return redirect(url_for('console'))
def bugdetail(id=None):
bugbit, bugtype = core.GetBit()
if not id:
buginfo = BugList.query.order_by(BugList.id.desc()).first()
else:
buginfo = BugList.query.filter(BugList.id == id).first()
oldurlinfo = BaseInfo.query.filter(BaseInfo.url == buginfo.oldurl).first()
if redispool.hexists('FollowList', buginfo.id):
flag = False
else:
flag = True
if request.method == 'GET':
return render_template('bug-details.html',
buginfo=buginfo,
oldurlinfo=oldurlinfo,
bugbit=bugbit,
bugtype=bugtype,
flag=flag)
else:
redispool.hset('FollowList', buginfo.id, buginfo.bugurl)
return render_template('bug-details.html',
buginfo=buginfo,
oldurlinfo=oldurlinfo,
bugbit=bugbit,
bugtype=bugtype,
flag=False)
def log_detail(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 38
paginate = Log.query.order_by(Log.date.desc()).paginate(page, per_page, error_out=False)
logs = paginate.items
return render_template('log_detail.html', paginate=paginate, logs=logs, bugbit=bugbit, bugtype=bugtype)
def index(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BaseInfo.query.order_by(BaseInfo.date.desc()).paginate(page, per_page, error_out=False)
infos = paginate.items
return render_template('homeOne.html', paginate=paginate, infos=infos, bugbit=bugbit, bugtype=bugtype)
def buglist(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BugList.query.order_by(BugList.id.desc()).paginate(page, per_page, error_out=False)
bugs = paginate.items
return render_template('bug-list.html', paginate=paginate, bugs=bugs, bugbit=bugbit, bugtype=bugtype)
def seriousBug(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BugList.query.order_by(BugList.id.desc()).filter(BugList.buggrade == "Serious").paginate(page, per_page, error_out=False)
seriousbug = paginate.items
return render_template('bug-list.html', paginate=paginate, bugs=seriousbug, bugbit=bugbit, bugtype=bugtype)
def IP(id=None):
bugbit, bugtype = core.GetBit()
if not id:
id = 1
per_page = 10
paginate = BaseInfo.query.order_by(BaseInfo.date.desc()).filter(BaseInfo.boolcheck == 1).paginate(id, per_page, error_out=False)
infos = paginate.items
return render_template('IP.html', paginate=paginate, infos=infos, bugbit=bugbit, bugtype=bugtype)
def bugdetail(id=None):
bugbit, bugtype = core.GetBit()
if not id:
buginfo = BugList.query.order_by(BugList.id.desc()).first()
else:
buginfo = BugList.query.filter(BugList.id == id).first()
oldurlinfo = BaseInfo.query.filter(BaseInfo.url == buginfo.oldurl).first()
return render_template('bug-details.html',
buginfo=buginfo,
oldurlinfo=oldurlinfo,
bugbit=bugbit,
bugtype=bugtype)
def FileLeakBug(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BugList.query.order_by(BugList.id.desc()).paginate(page, per_page, error_out=False)
# bugs = paginate.items
leak = []
leaks = BugList.query.filter()
for bug in leaks:
if "文件泄露" in bug.bugname:
leak.append(bug)
return render_template('bug-list.html', paginate=paginate, bugs=leak, bugbit=bugbit, bugtype=bugtype)
def domainName(id=None):
bugbit, bugtype = core.GetBit()
if not id:
baseinfo = BaseInfo.query.order_by(BaseInfo.id.desc()).first()
else:
baseinfo = BaseInfo.query.filter(BaseInfo.id == id).order_by(BaseInfo.id.desc()).first()
if baseinfo.boolcheck:
deepinfo = IPInfo.query.filter(IPInfo.baseinfoid == baseinfo.id).first()
else:
deepinfo = DomainInfo.query.filter(DomainInfo.baseinfoid == baseinfo.id).order_by(DomainInfo.id.desc()).first()
domainurl = deepinfo.subdomain
return render_template('domain-detail.html', domainurl=domainurl, bugbit=bugbit,
bugtype=bugtype)
def domaindetail(id=None):
bugbit, bugtype = core.GetBit()
if not id:
baseinfo = BaseInfo.query.order_by(BaseInfo.id.desc()).first()
else:
baseinfo = BaseInfo.query.filter(BaseInfo.id == id).order_by(BaseInfo.id.desc()).first()
if baseinfo.boolcheck:
deepinfo = IPInfo.query.filter(IPInfo.baseinfoid == baseinfo.id).first()
else:
deepinfo = DomainInfo.query.filter(DomainInfo.baseinfoid == baseinfo.id).order_by(DomainInfo.id.desc()).first()
buglist = BugList.query.filter(BugList.oldurl == baseinfo.url).all()
return render_template('domain-detail.html', baseinfo=baseinfo, deepinfo=deepinfo, buglist=buglist, bugbit=bugbit,
bugtype=bugtype)
def seriousBug(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BugList.query.order_by(BugList.id.desc()).paginate(page, per_page, error_out=False)
# bugs = paginate.items
seriousbug = []
seriousbugs = BugList.query.filter()
for bug in seriousbugs:
print(bug.buggrade)
if bug.buggrade == "Serious":
seriousbug.append(bug)
return render_template('bug-list.html', paginate=paginate, bugs=seriousbug, bugbit=bugbit, bugtype=bugtype)
def POCmanage():
bugbit, bugtype = core.GetBit()
poclist = POC.query.order_by(POC.id.desc()).all()
if request.method == 'GET':
return render_template('pocmanage.html', bugbit=bugbit, bugtype=bugtype, poclist=poclist)
else:
pocname = request.form.get('pocname')
rule = request.form.get('rule')
expression = request.form.get('expression')
buggrade = request.form.get('buggrade')
redispool.hset('bugtype', pocname, buggrade)
poc = POC(name=pocname, rule=rule, expression=expression)
redispool.pfadd("poc", pocname)
db.session.add(poc)
db.session.commit()
poclist = POC.query.order_by(POC.id.desc()).all()
return render_template('pocmanage.html', bugbit=bugbit, bugtype=bugtype, poclist=poclist)
def FileLeakBug(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BugList.query.filter(BugList.bugname == "SenDir").order_by(
BugList.id.desc()).paginate(page, per_page, error_out=False)
bugs = paginate.items
if request.method == 'GET':
return render_template('bug-list.html',
paginate=paginate,
bugs=bugs,
bugbit=bugbit,
bugtype=bugtype)
else:
newpage = request.form.get('page')
if not newpage:
newpage = page
return redirect(url_for('FileLeakBug', page=newpage))
def IP(page=None):
bugbit, bugtype = core.GetBit()
if not page:
page = 1
per_page = 10
paginate = BaseInfo.query.order_by(BaseInfo.date.desc()).filter(
BaseInfo.boolcheck == 1).paginate(page, per_page, error_out=False)
infos = paginate.items
if request.method == 'GET':
return render_template('homeOne.html',
paginate=paginate,
infos=infos,
bugbit=bugbit,
bugtype=bugtype)
else:
newpage = request.form.get('page')
if not newpage:
newpage = page
return redirect(url_for('IP', page=newpage))
def console():
bugbit, bugtype = core.GetBit()
counts = core.GetCounts()
ports = core.GetPort()
services = core.GetServices()
target = core.GetTargetCount()
try:
lastscantime = BaseInfo.query.order_by(BaseInfo.id.desc()).first().date
except:
lastscantime = "暂无扫描"
pass
if request.method == 'GET':
return render_template('console.html',
bugbit=bugbit,
bugtype=bugtype,
counts=counts,
lastscantime=lastscantime,
ports=ports,
services=services,
target=target)
else:
urls = request.form.get('urls')
urls = urls.split()
print(urls)
for url in urls:
redispool.hincrby('targetscan', 'waitcount', 1)
executor.submit(SZheConsole, urls)
target = core.GetTargetCount()
return render_template('console.html',
bugbit=bugbit,
bugtype=bugtype,
counts=counts,
lastscantime=lastscantime,
ports=ports,
services=services,
target=target)
