def subdomain_list(): # Filter out the domain task if request.method == "GET": if request.args.get('domain'): domain_id = request.args.get('domain') sub_result = connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}) return render_template('subdomain-list.html', sub_result=sub_result) # return subdomain for poc scan elif request.args.get('subdomain'): subdomain = [] domain_id = request.args.get('subdomain') for i in connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}): subdomain.append(i['subdomain']) return '\n'.join(subdomain) # delete subdomain elif request.args.get('delete'): subdomain_id = request.args.get('delete') domain_id = connectiondb(subdomain_db).find_one({'_id': ObjectId(subdomain_id)})['domain_id'] result = connectiondb(subdomain_db).delete_one({'_id': ObjectId(subdomain_id)}) if result: return redirect(url_for('subdomain_brute.subdomain_list', domain=domain_id)) # default view else: sub_result = connectiondb(subdomain_db).find() return render_template('subdomain-list.html', sub_result=sub_result)
def plugin_list(): if request.method == 'GET': if request.args.get('delete'): plugin_id = request.args.get('delete') connectiondb(plugin_db).delete_one({'_id': ObjectId(plugin_id)}) return redirect(url_for('plugin_management.plugin_list')) # 文件上传接口 新增插件 elif request.method == 'POST': file_path = app.config.get('POCSUITE_PATH') file_data = request.files['file'] plugin_name = request.form.get('plugin_name') if file_data: file_name = "_" + time.strftime( "%y%m%d", time.localtime()) + "_" + secure_filename( file_data.filename) save_path = file_path + file_name file_data.save(save_path) try: new_plugin_info = get_plugin_re(save_path) db_insert = connectiondb(plugin_db).insert_one( new_plugin_info).inserted_id if db_insert: return redirect(url_for('plugin_management.plugin_list')) except Exception as e: print(e) return redirect(url_for('plugin_management.plugin_list')) plugin_info_data = connectiondb(plugin_db).find().sort( 'plugin_vuldate', -1) return render_template('plugin-management.html', plugin_info=plugin_info_data)
def asset_info(): if request.method == "GET": # plugin_info = connectiondb(plugin_db).find() if request.args.get('server'): server_id = request.args.get('server') server_data = connectiondb(server_db).find({'_id': ObjectId(server_id)}) return render_template("asset-info.html", server_data=server_data) elif request.args.get('delete'): server_id = request.args.get('delete') if connectiondb(server_db).delete_one({'_id': ObjectId(server_id)}): return redirect(url_for('asset_management.asset_server')) elif request.args.get('port'): id_port = request.args.get('port') if id_port: server_id = id_port.split('_')[0] port_id = id_port.split('_')[1] server_info = connectiondb(server_db).find_one({"_id": ObjectId(server_id)}) if server_info: if server_info.has_key('port_info'): for port_tmp in server_info['port_info']: if str(port_tmp['port']) == port_id: return jsonify(port_tmp) else: return jsonify({"result": "Not Found ServerInfo"}) else: return jsonify({"result": "Warning id_port"}) server_data = connectiondb(server_db).find({"tag": {"$ne": "delete"}}) return render_template("asset-info.html", server_data=server_data)
def search_view(): username_list = '\n'.join( connectiondb(config_db).find_one({"config_name": config_name})['username_dict']) password_list = '\n'.join( connectiondb(config_db).find_one({"config_name": config_name})['password_dict']) plugin_info = connectiondb(plugin_db).find() if request.method == "GET": data = "Your search - \"\" - did not match any documents." return render_template('search.html', data=data, plugin_info=plugin_info) else: search_result = [] key = request.form.get('search').strip() for i in connectiondb(server_db).find({"tag": { "$ne": "delete" }}, { '_id': 0, 'asset_id': 0 }): if key in str(i): search_result.append(i) if len(search_result) == 0: data = "Your search - " + key + " - did not match any documents." return render_template('search.html', data=data) else: return render_template('search.html', search_result=search_result, plugin_info=plugin_info, username_list=username_list, password_list=password_list)
def week_passwd_list(): if request.method == "GET": if request.args.get('delete'): _id = request.args.get('delete') # delete week password # if connectiondb(weekpasswd_db).remove({"_id": ObjectId(_id)}): if connectiondb(weekpasswd_db).update_one( {"_id": ObjectId(_id)}, {"$set": { "tag": "delete" }}): return "success" # screening result by task_id elif request.args.get('task'): _id = request.args.get('task') weekpasswd_data = connectiondb(weekpasswd_db).find({ "task_id": ObjectId(_id), "tag": { "$ne": "delete" } }) return render_template('week-passwd-list.html', weekpasswd_data=weekpasswd_data) # default view else: weekpasswd_data = connectiondb(weekpasswd_db).find( {"tag": { "$ne": "delete" }}) return render_template('week-passwd-list.html', weekpasswd_data=weekpasswd_data)
def subdomain_list(): # Filter out the domain task if request.method == "GET": if request.args.get('domain'): domain_id = request.args.get('domain') sub_result = connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}) return render_template('subdomain-list.html', sub_result=sub_result) # return subdomain for poc scan elif request.args.get('subdomain'): subdomain = [] domain_id = request.args.get('subdomain') for i in connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}): subdomain.append(i['subdomain']) return '\n'.join(subdomain) # delete subdomain elif request.args.get('delete'): subdomain_id = request.args.get('delete') domain_id = connectiondb(subdomain_db).find_one({'_id': ObjectId(subdomain_id)})['domain_id'] result = connectiondb(subdomain_db).delete_one({'_id': ObjectId(subdomain_id)}) if result: return redirect(url_for('subdomain_brute.subdomain_list', domain=domain_id)) # default view else: sub_result = connectiondb(subdomain_db).find() return render_template('subdomain-list.html', sub_result=sub_result)
def plugin_view(): # delete plugin if request.method == "GET": if request.args.get("delete"): plugin_id = request.args.get('delete') plugin_filename = connectiondb(plugin_db).find_one({"_id": ObjectId(plugin_id)})['plugin_filename'] if connectiondb(plugin_db).delete_one({'_id': ObjectId(plugin_id)}): try: os.remove(plugin_filename) except Exception as e: raise e return "success" else: return "Warning" # get plugin info elif request.args.get("info"): plugin_id = request.args.get('info') plugin_info_data = connectiondb(plugin_db).find_one({'_id': ObjectId(plugin_id)}) del plugin_info_data['_id'] if plugin_info_data: return jsonify(plugin_info_data) else: return jsonify({"result": "Warning"}) else: # default view plugin_info = connectiondb(plugin_db).find() return render_template("plugin-management.html", plugin_info=plugin_info)
def plugin_view(): # delete plugin if request.method == "GET": if request.args.get("delete"): plugin_id = request.args.get('delete') plugin_filename = connectiondb(plugin_db).find_one( {"_id": ObjectId(plugin_id)})['plugin_filename'] if connectiondb(plugin_db).delete_one({'_id': ObjectId(plugin_id)}): try: os.remove(plugin_filename) except Exception as e: raise e return "success" else: return "Warning" # get plugin info elif request.args.get("info"): plugin_id = request.args.get('info') plugin_info_data = connectiondb(plugin_db).find_one( {'_id': ObjectId(plugin_id)}) del plugin_info_data['_id'] if plugin_info_data: return jsonify(plugin_info_data) else: return jsonify({"result": "Warning"}) else: # default view plugin_info = connectiondb(plugin_db).find() return render_template("plugin-management.html", plugin_info=plugin_info)
def asset_delete(): if request.form.get('source') == 'delete_choice': server_id = request.form.get('server_id').split(',', -1) try: for i in server_id: connectiondb(server_db).remove({'_id': ObjectId(i)}) except Exception as e: print(e) return jsonify({'result': 'success'})
def task_management(): if request.method == "GET": # delete task if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(weekpasswd_db).update({"task_id": ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True) if connectiondb(auth_db).remove({"_id": ObjectId(task_id)}): return "success" # rescan task elif request.args.get('rescan'): task_id = request.args.get('rescan') # connectiondb(weekpasswd_db).remove({"task_id": ObjectId(task_id)}) connectiondb(weekpasswd_db).update({"task_id": ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True) connectiondb(auth_db).update_one({"_id": ObjectId(task_id)}, {"$set": { "status": "Queued", "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "week_count": 0, }}) scanner = AuthCrack(ObjectId(task_id)) if scanner: t1 = Thread(target=scanner.start_scan, args=()) t1.start() return "success" # default view else: auth_tasks = connectiondb(auth_db).find() return render_template('auth-tester-tasks.html', auth_tasks=auth_tasks) # return target info elif request.form.get('source') == "target_info": task_id = request.form.get('task_id') # list to string target_info = '\n'.join(connectiondb(auth_db).find_one({"_id": ObjectId(task_id)})['target']), return target_info
def get_count(): asset_count = 0 for i in connectiondb(asset_db).find(): asset_count += len(i['asset_host']) count = { "vul_count": connectiondb(vul_db).count({"tag": {"$ne": "delete"}}), "week_passwd_count": connectiondb(weekpasswd_db).count({"tag": {"$ne": "delete"}}), "plugin_count": connectiondb(plugin_db).count(), "server_count": len(connectiondb(server_db).distinct("host", {"tag": {"$ne": "delete"}})), } return count
def scan_view(): # default create scan view plugin_info = connectiondb(plugin_db).find() asset_info = connectiondb(asset_db).find().sort('asset_name',1) asset_info_tmp = [] for x in asset_info: asset_task_id = str(x['_id']) x['asset_server_num'] = connectiondb(server_db).find({'asset_task_id': asset_task_id}).count() asset_info_tmp.append(x) return render_template('new-scan.html', asset_info=asset_info_tmp,plugin_info=plugin_info)
def subdomain_view(): if request.method == 'GET': # task delete if request.args.get('delete'): domain_id = request.args.get('delete') connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)}) connectiondb(subdomain_db).remove({'domain_id': ObjectId(domain_id)}) return redirect(url_for('subdomain_brute.subdomain_view')) # result download elif request.args.get('download'): domain_id = request.args.get('download') try: file_name = connectiondb(domain_db).find_one({'_id': ObjectId(domain_id)})['domain_name'] file_path = os.getcwd() + '/yandi/static/download/' if os.path.exists(file_path + file_name): os.remove(file_path + file_name) try: for result in connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}): with open(file_path + file_name, "a") as download_file: download_file.write(result['subdomain'] + "\n") sub_response = make_response(send_from_directory(file_path, file_name, as_attachment=True)) sub_response.headers["Content-Disposition"] = "attachment; filename=" + file_name return sub_response except Exception as e: return e except Exception as e: print(e) else: domain_data = connectiondb(domain_db).find().sort('date', -1) plugin_data = connectiondb(plugin_db).find() return render_template('subdomain-brute.html', domain_data=domain_data, plugin_data=plugin_data) # new domain elif request.method == 'POST': domain_name_val = request.form.get('domain_name_val') domain_val = request.form.get('domain_val').split('\n'), third_domain = request.form.get('third_domain') domain_list = list(domain_val)[0] if third_domain == "true": scan_option = 'Enable' else: scan_option = 'Disallow' domain_data = { 'domain_name': domain_name_val, 'domain': domain_list, "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), 'third_domain': scan_option, 'status': "Preparation", } domain_id = connectiondb(domain_db).insert_one(domain_data).inserted_id if domain_id: # async domain brute t1 = Thread(target=domain_brute.start_domain_brute, args=(domain_list, domain_id)) t1.start() return "success"
def subdomain_view(): if request.method == 'GET': # task delete if request.args.get('delete'): domain_id = request.args.get('delete') connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)}) connectiondb(subdomain_db).remove({'domain_id': ObjectId(domain_id)}) return redirect(url_for('subdomain_brute.subdomain_view')) # result download elif request.args.get('download'): domain_id = request.args.get('download') try: file_name = connectiondb(domain_db).find_one({'_id': ObjectId(domain_id)})['domain'][0] file_path = os.getcwd() + '/fuxi/static/download/' if os.path.exists(file_path + file_name): os.remove(file_path + file_name) try: for result in connectiondb(subdomain_db).find({'domain_id': ObjectId(domain_id)}): with open(file_path + file_name, "a") as download_file: download_file.write(result['subdomain'] + "\n") sub_response = make_response(send_from_directory(file_path, file_name, as_attachment=True)) sub_response.headers["Content-Disposition"] = "attachment; filename=" + file_name return sub_response except Exception as e: return e except Exception as e: print(e) else: domain_data = connectiondb(domain_db).find().sort('date', -1) plugin_data = connectiondb(plugin_db).find() return render_template('subdomain-brute.html', domain_data=domain_data, plugin_data=plugin_data) # new domain elif request.method == 'POST': domain_name_val = request.form.get('domain_name_val') domain_val = request.form.get('domain_val').split('\n'), third_domain = request.form.get('third_domain') domain_list = list(domain_val)[0] if third_domain == "true": scan_option = 'Enable' else: scan_option = 'Disallow' domain_data = { 'domain_name': domain_name_val, 'domain': domain_list, "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), 'third_domain': scan_option, 'status': "Preparation", } domain_id = connectiondb(domain_db).insert_one(domain_data).inserted_id if domain_id: # async domain brute t1 = Thread(target=domain_brute.start_domain_brute, args=(domain_list, domain_id)) t1.start() return "success"
def new_auth_tester(): # create new task username_list = request.form.get('username_list').split('\n') password_list = request.form.get('password_list').split('\n') task_name = time.strftime( "%y%m%d", time.localtime()) + "_" + request.form.get('task_name') target_list = request.form.get('target_list').split('\n') recursion = int(request.form.get('recursion')) service = request.form.get('service_list').split(',') args = request.form.get('args') data = { "task_name": task_name, "target": target_list, "username": username_list, "password": password_list, "service": service, "recursion": recursion, "status": "Queued", "args": args, "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "week_count": 0, } task_id = connectiondb(auth_db).insert_one(data).inserted_id if task_id: scanner = AuthCrack(task_id) t1 = Thread(target=scanner.start_scan, args=()) t1.start() return 'success' else: return False
def new_asset(): # default asset view if request.method == "GET": return render_template('new-asset.html') else: # create asset (post) if request.form.get("source") == "new_asset": asset_name = request.form.get('asset_name') asset_host = request.form.get('asset_host').replace('\r', '').split('\n', -1), dept_name = request.form.get('dept_name') admin_name = request.form.get('admin_name') discover_option = request.form.get('discover_option') if discover_option == "true": discover_option = 'Enable' else: discover_option = 'Disallow' asset_data = { 'asset_name': asset_name, 'asset_host': asset_host[0], 'dept_name': dept_name, 'admin_name': admin_name, "asset_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), 'discover_option': discover_option, } asset_id = connectiondb(asset_db).insert_one(asset_data).inserted_id if discover_option == "Enable": scanner = AssetDiscovery(asset_id) t1 = Thread(target=scanner.set_discovery, args=()) t1.start() return "success" else: return "success" else: return "Warning"
def plugin_info(): if request.args.get('plugin_id'): plugin_id = request.args.get('plugin_id') plugin_info_dict = connectiondb(plugin_db).find_one( {'_id': ObjectId(plugin_id)}) del plugin_info_dict['_id'] return jsonify(plugin_info_dict)
def new_auth_tester(): # create new task username_list = request.form.get('username_list').split('\n') password_list = request.form.get('password_list').split('\n') task_name = time.strftime("%y%m%d", time.localtime()) + "_" + request.form.get('task_name') target_list = request.form.get('target_list').split('\n') recursion = int(request.form.get('recursion')) service = request.form.get('service_list').split(',') args = request.form.get('args') data = { "task_name": task_name, "target": target_list, "username": username_list, "password": password_list, "service": service, "recursion": recursion, "status": "Queued", "args": args, "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "week_count": 0, } task_id = connectiondb(auth_db).insert_one(data).inserted_id if task_id: scanner = AuthCrack(task_id) t1 = Thread(target=scanner.start_scan, args=()) t1.start() return 'success' else: return False
def cus_edit(): # cus_name = request.form.get('cus_name') # task_plan = request.form.get('recursion_val') # target_text = request.form.get('target_val').split('\n', -1) cus_id = request.form.get('cus_id') cus_name = request.form.get('cus_name') cus_contact = request.form.get('cus_contact') cus_phone = request.form.get('cus_phone') cus_email = request.form.get('cus_email').strip() cus_zhouqi_start = request.form.get('cus_zhouqi_start') cus_zhouqi_end = request.form.get('cus_zhouqi_end') cus_serv_type = request.form.get('cus_serv_type') cus_other = request.form.get('cus_other') cus_add_time = time.strftime('%Y-%m-%d %X', time.localtime(time.time())) update_task_data = connectiondb(cus_db).update_one( {'_id': ObjectId(cus_id)}, { '$set': { 'cus_name': cus_name, 'cus_contact': cus_contact, 'cus_phone': cus_phone, 'cus_email': cus_email, 'cus_zhouqi_start': cus_zhouqi_start, 'cus_zhouqi_end': cus_zhouqi_end, 'cus_serv_type': cus_serv_type, 'cus_other': cus_other, 'cus_add_time': cus_add_time, } }) if update_task_data: return 'success'
def task_management(): if request.method == "GET": # delete task if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(weekpasswd_db).update({"task_id": ObjectId(task_id)}, {"$set": { "tag": "delete" }}, multi=True) if connectiondb(auth_db).remove({"_id": ObjectId(task_id)}): return "success" # rescan task elif request.args.get('rescan'): task_id = request.args.get('rescan') # connectiondb(weekpasswd_db).remove({"task_id": ObjectId(task_id)}) connectiondb(weekpasswd_db).update({"task_id": ObjectId(task_id)}, {"$set": { "tag": "delete" }}, multi=True) connectiondb(auth_db).update_one({"_id": ObjectId(task_id)}, { "$set": { "status": "Queued", "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "week_count": 0, } }) scanner = AuthCrack(ObjectId(task_id)) if scanner: t1 = Thread(target=scanner.start_scan, args=()) t1.start() return "success" # default view else: auth_tasks = connectiondb(auth_db).find() return render_template('auth-tester-tasks.html', auth_tasks=auth_tasks) # return target info elif request.form.get('source') == "target_info": task_id = request.form.get('task_id') # list to string target_info = '\n'.join( connectiondb(auth_db).find_one({"_id": ObjectId(task_id)})['target']), tmp = ('test', ) target_info_tmp = target_info + tmp # print target_info_tmp,type(target_info_tmp) return target_info_tmp
def view_todo(): if request.method == "GET": config_data = connectiondb(config_db).find_one( {"config_name": config_name}) config_info = { "todotext": config_data['todo'], } return render_template("todo.html", config_info=config_info) else: # update thread config if request.form.get("source") == "todo": update_config = {"todo": request.form.get('todotext')} if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning"
def week_passwd_list(): if request.method == "GET": if request.args.get('delete'): _id = request.args.get('delete') # delete week password # if connectiondb(weekpasswd_db).remove({"_id": ObjectId(_id)}): if connectiondb(weekpasswd_db).update_one({"_id": ObjectId(_id)}, {"$set": {"tag": "delete"}}): return "success" # screening result by task_id elif request.args.get('task'): _id = request.args.get('task') weekpasswd_data = connectiondb(weekpasswd_db).find({"task_id": ObjectId(_id), "tag": {"$ne": "delete"}}) return render_template('week-passwd-list.html', weekpasswd_data=weekpasswd_data) # default view else: weekpasswd_data = connectiondb(weekpasswd_db).find({"tag": {"$ne": "delete"}}) return render_template('week-passwd-list.html', weekpasswd_data=weekpasswd_data)
def view_new_auth_tester(): # default view config_info = connectiondb(config_db).find_one({"config_name": config_name}) username_list = "\n".join(config_info['username_dict']) password_list = "\n".join(config_info['password_dict']) protocols = config_info['auth_service'] return render_template('new-auth-tester.html', username_list=username_list, password_list=password_list, protocols=protocols)
def host_port(server_id): scan_target_list = [] for i in server_id: result = connectiondb(server_db).find_one({'_id': ObjectId(i)}) host = result['host'] port = result['port'] scan_target_list.append(host + ':' + str(port)) return scan_target_list
def week_passwd_trend(): week_passwd_info = {} week_passwd_count = [] now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): _date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") count = connectiondb(weekpasswd_db).find({'date': re.compile(_date)}).count() week_passwd_count.append(count) week_passwd_info['count'] = week_passwd_count return week_passwd_info
def week_passwd_trend(): week_passwd_info = {} week_passwd_count = [] now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): _date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") count = connectiondb(weekpasswd_db).find({'date': re.compile(_date)}).count() week_passwd_count.append(count) week_passwd_info['count'] = week_passwd_count return week_passwd_info
def start_scan(): pwd = os.getcwd() time.sleep(3) os.chdir(pwd + '/taskpython/') if connectiondb(asset_db).find({ 'task_state': 'new', 'discover_option': 'Enable' }).count() > 0: subprocess.Popen( ['python', pwd + "/taskpython/asset_task_scan_v1.0.py"])
def view_new_auth_tester(): # default view config_info = connectiondb(config_db).find_one( {"config_name": config_name}) username_list = "\n".join(config_info['username_dict']) password_list = "\n".join(config_info['password_dict']) protocols = config_info['auth_service'] return render_template('new-auth-tester.html', username_list=username_list, password_list=password_list, protocols=protocols)
def week_passwd_dist(): tmp_list = [] week_passwd_name = [] week_passwd_count = [] for i in connectiondb(weekpasswd_db).find(): tmp_list.append(i['password']) word_counts = Counter(tmp_list) top_10 = word_counts.most_common(10) for i in top_10: week_passwd_name.append(i[0]) week_passwd_count.append(i[1]) return week_passwd_name, week_passwd_count
def search_view(): config_info = connectiondb(config_db).find_one({"config_name": config_name}) username_list = '\n'.join(config_info['username_dict']) password_list = '\n'.join(config_info['password_dict']) plugin_info = connectiondb(plugin_db).find() protocols = config_info['auth_service'] if request.method == "GET": data = "Your search - \"\" - did not match any documents." return render_template('search.html', data=data, plugin_info=plugin_info, protocols=protocols) else: search_result = [] key = request.form.get('search').strip() for i in connectiondb(server_db).find({"tag": {"$ne": "delete"}}, {'_id': 0, 'asset_id': 0}): if key in str(i): search_result.append(i) if len(search_result) == 0: data = "Your search - " + key + " - did not match any documents." return render_template('search.html', data=data) else: return render_template('search.html', search_result=search_result, plugin_info=plugin_info, username_list=username_list, password_list=password_list, protocols=protocols)
def week_passwd_dist(): tmp_list = [] week_passwd_name = [] week_passwd_count = [] for i in connectiondb(weekpasswd_db).find(): tmp_list.append(i['password']) word_counts = Counter(tmp_list) top_10 = word_counts.most_common(10) for i in top_10: week_passwd_name.append(i[0]) week_passwd_count.append(i[1]) return week_passwd_name, week_passwd_count
def tasks_list(): # 删除任务 if request.args.get('trash'): task_id = request.args.get('trash') connectiondb('test_tasks').delete_one({'_id': ObjectId(task_id)}) return redirect(url_for('task_management.tasks_list')) # 任务重扫 elif request.args.get('refresh'): task_id = request.args.get('refresh') connectiondb('test_tasks').update_one( {'_id': ObjectId(task_id)}, {'$set': { 'task_status': 'Preparation' }}) return redirect(url_for('task_management.tasks_list')) # 任务编辑 elif request.args.get('edit'): task_id = request.args.get('edit') task_edit_data = connectiondb(tasks_db).find_one( {'_id': ObjectId(task_id)}) task_edit_data_json = { 'task_name': task_edit_data['task_name'], 'scan_target_list': '\n'.join(task_edit_data['scan_target_list']), } return jsonify(task_edit_data_json) # 默认返回任务列表 task_data = connectiondb('test_tasks').find().sort('end_date', -1) return render_template('task-management.html', task_data=task_data)
def asset_server(): if request.method == "GET": plugin_info = connectiondb(plugin_db).find() if request.args.get('asset'): asset_id = request.args.get('asset') server_data = connectiondb(server_db).find({"tag": {"$ne": "delete"}, 'asset_id': ObjectId(asset_id)}) return render_template("asset-services.html", server_data=server_data, plugin_info=plugin_info) elif request.args.get('delete'): server_id = request.args.get('delete') if connectiondb(server_db).update_one({'_id': ObjectId(server_id)}, {"$set": {"tag": "delete"}}): return redirect(url_for('asset_management.asset_server')) elif request.args.get('info'): server_id = request.args.get('info') server_info = connectiondb(server_db).find_one({"tag": {"$ne": "delete"}, '_id': ObjectId(server_id)}) if server_info: del server_info['_id'] del server_info['asset_id'] return jsonify(server_info) else: return jsonify({"result": "Warning"}) server_data = connectiondb(server_db).find({"tag": {"$ne": "delete"}}) return render_template("asset-services.html", server_data=server_data, plugin_info=plugin_info) else: if request.form.get('source') == 'server_scan': server_host = [] server_list = request.form.get('server_list').split(",") for server_id in server_list: server_info = connectiondb(server_db).find_one({"_id": ObjectId(server_id)}) server_host.append(server_info['host'] + ":" + str(server_info['port'])) return "\n".join(server_host)
def host_trend(): host_day_count = [] host_date_list = [] host_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): host_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") host__day_count = len(connectiondb(server_db).find({"date": re.compile(host_date)}).distinct("host")) host_day_count.append(host__day_count) host_date_list.append(host_date) host_trend_info['date'] = host_date_list host_trend_info['count'] = host_day_count return host_trend_info
def host_trend(): host_day_count = [] host_date_list = [] host_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): host_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") host__day_count = len(connectiondb(server_db).find({"date": re.compile(host_date)}).distinct("host")) host_day_count.append(host__day_count) host_date_list.append(host_date) host_trend_info['date'] = host_date_list host_trend_info['count'] = host_day_count return host_trend_info
def server_trend(): server_day_count = [] server_date_list = [] server_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): server_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") server__day_count = connectiondb(server_db).find({"date": re.compile(server_date)}).count() server_day_count.append(server__day_count) server_date_list.append(server_date) server_trend_info['date'] = server_date_list server_trend_info['count'] = server_day_count return server_trend_info
def vul_trend(): vul_day_count = [] vul_date_list = [] vul_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): vul_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") vul__day_count = connectiondb(vul_db).find({'date': re.compile(vul_date)}).count() vul_day_count.append(vul__day_count) vul_date_list.append(vul_date) vul_trend_info['date'] = vul_date_list vul_trend_info['count'] = vul_day_count return vul_trend_info
def vul_trend(): vul_day_count = [] vul_date_list = [] vul_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): vul_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") vul__day_count = connectiondb(vul_db).find({'date': re.compile(vul_date)}).count() vul_day_count.append(vul__day_count) vul_date_list.append(vul_date) vul_trend_info['date'] = vul_date_list vul_trend_info['count'] = vul_day_count return vul_trend_info
def server_trend(): server_day_count = [] server_date_list = [] server_trend_info = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): server_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") server__day_count = connectiondb(server_db).find({"date": re.compile(server_date)}).count() server_day_count.append(server__day_count) server_date_list.append(server_date) server_trend_info['date'] = server_date_list server_trend_info['count'] = server_day_count return server_trend_info
def vul_dist(): plugin_count_list = [] plugin_stats_name = [] plugin_stats_count = [] for i in connectiondb(vul_db).find(): plugin_count_list.append(i['plugin_name']) word_counts = Counter(plugin_count_list) top_10 = word_counts.most_common(10) for i in top_10: plugin_name = i[0] vul_count = i[1] plugin_stats_name.append(plugin_name) plugin_stats_count.append(vul_count) return plugin_stats_name, plugin_stats_count
def vul_dist(): plugin_count_list = [] plugin_stats_name = [] plugin_stats_count = [] for i in connectiondb(vul_db).find(): plugin_count_list.append(i['plugin_name']) word_counts = Counter(plugin_count_list) top_10 = word_counts.most_common(10) for i in top_10: plugin_name = i[0] vul_count = i[1] plugin_stats_name.append(plugin_name) plugin_stats_count.append(vul_count) return plugin_stats_name, plugin_stats_count
def tasks_edit(): task_name = request.form.get('task_name') task_plan = request.form.get('plan') target_text = request.form.get('target_text').split('\n', -1) task_id = request.form.get('task_id') update_task_info = connectiondb(tasks_db).update_one( {'_id': ObjectId(task_id)}, { '$set': { 'task_name': task_name, 'task_plan': task_plan, 'scan_target_list': target_text, } }) if update_task_info: return 'success'
def task_view(): if request.method == 'GET': # 任务 删 if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(weekpasswd_db).delete_one({'_id': ObjectId(task_id)}) return redirect(url_for('weak_passwd_test.task_view')) # 结果下载 elif request.args.get('download'): domain_id = request.args.get('download') try: file_name = connectiondb(domain_db).find_one( {'_id': ObjectId(domain_id)})['domain_text'][0] file_path = os.getcwd() + '/InsectsAwake/static/download/' os.remove(file_path + file_name) for result in connectiondb(subdomain_db).find( {'domain_id': ObjectId(domain_id)}): subdomain = eval(result['result']).keys()[0] with open(file_path + file_name, "a") as download_subdomain: download_subdomain.write(subdomain + "\n") sub_response = make_response( send_from_directory(file_path, file_name, as_attachment=True)) sub_response.headers[ "Content-Disposition"] = "attachment; filename=" + file_name return sub_response except Exception as e: print(e) else: week_passwd_task = connectiondb(weekpasswd_db).find() return render_template('week-passwd-test.html', week_passwd_task=week_passwd_task) # 撞库任务 增 elif request.method == 'POST': task_data = { "task_name": request.form.get('task_name'), "target": request.form.get('target'), "post_data": request.form.get('post_data'), "username": request.form.get('username'), "password": request.form.get('password'), "success_data": request.form.get('success_data'), "error_data": request.form.get('error_data'), "status": "Preparation", "week_passwd_result": "", "week_passwd_count": "-", "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), } inserted = connectiondb(weekpasswd_db).insert_one( task_data).inserted_id if inserted: return redirect(url_for('weak_passwd_test.task_view'))
def view_dashboard(): # 获取漏洞数 插件数 任务数 资产数 vul_count = connectiondb(vul_db).count() plugin_count = connectiondb(plugin_db).count() task_count = connectiondb(tasks_db).count() asset_count = 0 for i in connectiondb(asset_db).find(): asset_count += len(i['asset_text']) # 从漏洞库中统计近七天的漏洞数量 vul_day_count = [] vul_date_list = [] vul_day_count_dict = {} now_date = datetime.datetime.now() for scan_date in range(6, -1, -1): vul_date = (now_date - datetime.timedelta(scan_date)).strftime("%Y-%m-%d") vul__day_count = connectiondb(vul_db).find({ 'scan_date': re.compile(vul_date) }).count() vul_day_count.append(vul__day_count) vul_date_list.append(vul_date) vul_day_count_dict['date'] = vul_date_list vul_day_count_dict['count'] = vul_day_count # 漏洞类型分布 取漏洞库中排名前十的插件ID plugin_count_list = [] plugin_stats_name = [] plugin_stats_count = [] for i in connectiondb(vul_db).find(): plugin_count_list.append(i['plugin_id']) word_counts = Counter(plugin_count_list) top_10 = word_counts.most_common(10) for i in top_10: plugin_name = connectiondb(plugin_db).find_one({'_id': ObjectId(i[0]) })['plugin_name'] plugin_stats_name.append(plugin_name) plugin_stats_count.append(i[1]) # print plugin_name, i[1] return render_template('dashboard.html', vul_count=vul_count, plugin_count=plugin_count, task_count=task_count, asset_count=asset_count, vul_day_count_dict=vul_day_count_dict, plugin_stats_count=plugin_stats_count, plugin_stats_name=plugin_stats_name)
def asset_view(): if request.method == 'GET': # 资产库 删 if request.args.get('delete'): asset_id = request.args.get('delete') connectiondb(asset_db).delete_one({'_id': ObjectId(asset_id)}) return redirect(url_for('asset_management.asset_view')) # 资产库 改 elif request.args.get('edit'): asset_id = request.args.get('edit') asset_edit_data = connectiondb(asset_db).find_one( {'_id': ObjectId(asset_id)}) asset_edit_data_json = { 'asset_name': asset_edit_data['asset_name'], 'admin_name': asset_edit_data['admin_name'], 'dept_name': asset_edit_data['dept_name'], 'asset_id': asset_id, 'asset_text': '\n'.join(asset_edit_data['asset_text']), } return jsonify(asset_edit_data_json) # 默认资产库界面 # 资产库 增 elif request.method == 'POST': asset_name = request.form.get('asset_name') asset_text = request.form.get('asset_text').replace('\r', '').split( '\n', -1), dept_name = request.form.get('dept_name') admin_name = request.form.get('admin_name') scan_option = request.form.get('scan_option') if scan_option == "true": scan_option = 'Enable' else: scan_option = 'Disallow' asset_data = { 'asset_name': asset_name, 'asset_text': asset_text[0], 'dept_name': dept_name, 'admin_name': admin_name, "asset_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), 'scan_option': scan_option, } print(asset_data) db_insert = connectiondb(asset_db).insert_one(asset_data).inserted_id if db_insert: return redirect(url_for('asset_management.asset_view')) asset_info = connectiondb(asset_db).find() plugin_data = connectiondb(plugin_db).find() return render_template('asset-management.html', asset_info=asset_info, plugin_data=plugin_data)
def plugin_upload(): file_path = app.config.get('POCSUITE_PATH') file_data = request.files['file'] if file_data: file_name = "_" + time.strftime("%y%m%d", time.localtime()) + "_" + secure_filename(file_data.filename) save_path = file_path + file_name file_data.save(save_path) try: new_plugin_info = parse_plugin(save_path) if new_plugin_info: db_insert = connectiondb(plugin_db).insert_one(new_plugin_info).inserted_id if db_insert: return jsonify({"result": "success"}) else: return jsonify({"result": "Warning"}) except Exception as e: print(e) return "Warning"
def vulnerability_view(): if request.method == "GET": # vulnerability delete if request.args.get('delete'): vul_id = request.args.get('delete') # task_id = connectiondb(vul_db).find_one({'_id': ObjectId(vul_id)})['task_id'] # connectiondb(vul_db).delete_one({'_id': ObjectId(vul_id)}) connectiondb(vul_db).update({'_id': ObjectId(vul_id)}, {"$set": {"tag": "delete"}}, multi=True) return redirect(url_for('vul_scanner.vulnerability_view')) # vulnerability rescan (Not completed) elif request.args.get('rescan'): vul_id = request.args.get('rescan') print(vul_id) # Not completed # vulnerability details elif request.args.get('result'): vul_id = request.args.get('result') vul_info = connectiondb(vul_db).find_one({'_id': ObjectId(vul_id)}) del vul_info['_id'] del vul_info['task_id'] del vul_info['plugin_id'] if vul_info: return jsonify(vul_info) else: return jsonify({"result": "Get details error"}) # from task view screening vulnerabilities by task_id elif request.args.get('task'): task_id = request.args.get('task') vul_data = connectiondb(vul_db).find({'task_id': ObjectId(task_id), "tag": {"$ne": "delete"}}).sort( 'scan_date', -1) return render_template('vulnerability.html', vul_data=vul_data) # from plugin view screening vulnerabilities by plugin_id elif request.args.get('plugin'): plugin_id = request.args.get('plugin') vul_data = connectiondb(vul_db).find({'plugin_id': ObjectId(plugin_id), "tag": {"$ne": "delete"}}).sort('date', -1) return render_template('vulnerability.html', vul_data=vul_data) # default vulnerability view vul_data = connectiondb(vul_db).find({"tag": {"$ne": "delete"}}).sort('date', -1) return render_template('vulnerability.html', vul_data=vul_data) elif request.method == "POST": # delete multiple choices # Not completed return jsonify({'result': 'success'})
def tasks_edit(): # task update task_name = request.form.get('taskname_val') task_plan = request.form.get('recursion_val') target_text = request.form.get('target_val').split('\n', -1) task_id = request.form.get('task_id') update_task_data = connectiondb(tasks_db).update_one( {'_id': ObjectId(task_id)}, {'$set': { 'task_name': task_name, 'task_recursion': task_plan, 'scan_target': target_text, } } ) if update_task_data: scanner = PocsuiteScanner(ObjectId(task_id)) t1 = Thread(target=scanner.set_scanner, args=()) t1.start() return 'success'
def scan_view(): # default create scan view plugin_info = connectiondb(plugin_db).find() return render_template('new-scan.html', plugin_info=plugin_info)
def tasks_view(): # delete task if request.args.get('delete'): task_id = request.args.get('delete') connectiondb(tasks_db).delete_one({'_id': ObjectId(task_id)}) connectiondb(vul_db).update({'task_id': ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True) return "success" # rescan elif request.args.get('rescan'): task_id = request.args.get('rescan') connectiondb(tasks_db).update_one({'_id': ObjectId(task_id)}, {'$set': {'task_status': 'Preparation'}}) if connectiondb(vul_db).find_one({"task_id": ObjectId(task_id)}): connectiondb(vul_db).update({'task_id': ObjectId(task_id)}, {"$set": {"tag": "delete"}}, multi=True) try: scanner = PocsuiteScanner(ObjectId(task_id)) t1 = Thread(target=scanner.set_scanner, args=()) t1.start() return "success" except Exception as e: raise e # get task info for edit (get) elif request.args.get('edit'): task_id = request.args.get('edit') task_edit_data = connectiondb(tasks_db).find_one({'_id': ObjectId(task_id)}) task_edit_data_json = { 'task_name': task_edit_data['task_name'], 'scan_target': '\n'.join(task_edit_data['scan_target']), } return jsonify(task_edit_data_json) # default task view task_data = connectiondb(tasks_db).find().sort('end_date', -1) return render_template('task-management.html', task_data=task_data)
def add_task(): # create task from new scan view (post) if request.form.get('source') == 'scan_view': task_data = { "task_name": time.strftime("%y%m%d", time.localtime()) + "_" + request.form.get('taskname_val'), "task_recursion": request.form.get('recursion_val'), "scan_target": request.form.get('target_val').replace('\r', '').split('\n', -1), "plugin_id": request.form.get('plugin_val').split(',', -1), "start_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "end_date": "-", "task_status": "Preparation" } if task_data: task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id if task_id: scanner = PocsuiteScanner(task_id) t1 = Thread(target=scanner.set_scanner, args=()) t1.start() return "success" else: return 'error' # create task from asset (post) elif request.form.get('source') == 'asset': task_data = { "task_name": time.strftime("%y%m%d", time.localtime()) + "_" + request.form.get('taskname_val'), "task_recursion": request.form.get('recursion_val'), "scan_target": request.form.get('target_val').replace('\r', '').split('\n', -1), "plugin_id": request.form.get('plugin_val').split(',', -1), "start_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "end_date": "-", "task_status": "Preparation" } if task_data: task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id if task_id: scanner = PocsuiteScanner(task_id) t1 = Thread(target=scanner.set_scanner, args=()) t1.start() return 'success' else: return 'error' # create task from sub domain (post) elif request.form.get('source') == 'subdomain': task_data = { "task_name": time.strftime("%y%m%d", time.localtime()) + "_" + request.form.get('taskname_val'), "task_recursion": request.form.get('recursion_val'), "scan_target": request.form.get('target_val').replace('\r', '').split('\n', -1), "plugin_id": request.form.get('plugin_val').split(',', -1), "start_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "end_date": "-", "task_status": "Preparation" } if task_data: task_id = connectiondb(tasks_db).insert_one(task_data).inserted_id if task_id: scanner = PocsuiteScanner(task_id) t1 = Thread(target=scanner.set_scanner, args=()) t1.start() return 'success' else: return 'error'
def option_view(): if request.method == "GET": config_data = connectiondb(config_db).find_one({"config_name": config_name}) config_info = { "poc_thread": config_data['poc_thread'], "discovery_thread": config_data['discovery_thread'], "subdomain_thread": config_data['subdomain_thread'], "port_thread": config_data['port_thread'], "auth_tester_thread": config_data['auth_tester_thread'], "subdomain_dict_2": '\n'.join(config_data['subdomain_dict_2']), "subdomain_dict_3": '\n'.join(config_data['subdomain_dict_3']), "username_dict": '\n'.join(config_data['username_dict']), "password_dict": '\n'.join(config_data['password_dict']), "discovery_time": config_data['discovery_time'], "port_list": ','.join('%s' % port for port in config_data['port_list']), } return render_template("advanced-option.html", config_info=config_info) else: # update thread config if request.form.get("source") == "thread_settings": update_config = { "poc_thread": int(request.form.get('poc_thread')), "discovery_thread": int(request.form.get('discovery_thread')), "subdomain_thread": int(request.form.get('subdomain_thread')), "port_thread": int(request.form.get('port_thread')), "auth_tester_thread": int(request.form.get('auth_tester_thread')), "discovery_time": request.form.get('discovery_time') } if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning" # update subdomain_dict config elif request.form.get("source") == "subdomain_dict": update_config = { "subdomain_dict_2": request.form.get('subdomain_dict_2').split('\n'), "subdomain_dict_3": request.form.get('subdomain_dict_3').split('\n'), } if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning" # update port_list config elif request.form.get("source") == "port_list": update_config = { "port_list": request.form.get('port_list').split(','), } if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning" elif request.form.get("source") == "auth": update_config = { "username_dict": request.form.get('username_list').split('\n'), "password_dict": request.form.get('password_list').split('\n'), } if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning" elif request.form.get("source") == "port_scan": update_config = { "port_list": request.form.get('port_list').split(','), } if connectiondb(config_db).update_one({'config_name': config_name}, {"$set": update_config}): return "success" else: return "Warning"
def asset_view(): if request.method == "GET": # asset delete if request.args.get("delete"): asset_id = request.args.get("delete") if connectiondb(asset_db).delete_one({'_id': ObjectId(asset_id)}): return "success" # get asset info elif request.args.get("edit"): asset_id = request.args.get("edit") try: asset_info = connectiondb(asset_db).find_one({'_id': ObjectId(asset_id)}) asset_info_json = { 'asset_name': asset_info['asset_name'], 'admin_name': asset_info['admin_name'], 'dept_name': asset_info['dept_name'], 'asset_id': asset_id, 'asset_host': '\n'.join(asset_info['asset_host']), } return jsonify(asset_info_json) except Exception as e: print(e) # get asset host info for new scan elif request.args.get("scan"): asset_id = request.args.get("scan") try: asset_host = connectiondb(asset_db).find_one({'_id': ObjectId(asset_id)})['asset_host'] asset_host_json = { 'asset_host': '\n'.join(asset_host), } return jsonify(asset_host_json) except Exception as e: print(e) else: # asset list(view) config_info = connectiondb(config_db).find_one({"config_name": config_name}) asset_info = connectiondb(asset_db).find() plugin_info = connectiondb(plugin_db).find() username_list = '\n'.join(config_info['username_dict']) password_list = '\n'.join(config_info['password_dict']) protocols = config_info['auth_service'] return render_template("asset-management.html", asset_info=asset_info, plugin_info=plugin_info, protocols=protocols, username_list=username_list, password_list=password_list) else: # asset db update if request.form.get("source") == "asset_update": asset_id = request.form.get('asset_id') asset_name = request.form.get('asset_name') asset_host = request.form.get('host_val').replace('\r', '').split('\n', -1), dept_name = request.form.get('dept_name') admin_name = request.form.get('admin_name') discover_option = request.form.get('discover_option') if discover_option == "true": discover_option = 'Enable' else: discover_option = 'Disallow' update_asset = connectiondb(asset_db).update_one( {'_id': ObjectId(asset_id)}, {'$set': { 'asset_name': asset_name, 'dept_name': dept_name, 'asset_host': asset_host[0], 'admin_name': admin_name, "asset_date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), 'discover_option': discover_option, } } ) if update_asset: if discover_option == "Enable": scanner = AssetDiscovery(ObjectId(asset_id)) t1 = Thread(target=scanner.set_discovery, args=()) t1.start() return "success" else: return "Warning"
def port_view(): if request.method == "GET": if request.args.get("scan_id"): # default port scan result target_id = request.args.get("scan_id") db_course = connectiondb(port_db).find_one({"_id": ObjectId(target_id)}) host = db_course['host'] port = db_course['port'] if db_course['status'] == "Done": result = '\n'.join('%s' % c for c in db_course['detail']).replace(';', " ") else: result = "Scanning, Please wait..." return render_template('port-scanner.html', host=host, result=result, port=port) elif request.args.get("result"): # table view port scan result scan_id = request.args.get("result") db_course = connectiondb(port_db).find_one({"_id": ObjectId(scan_id)}) result = '\n'.join('%s' % c for c in db_course['detail']) return result elif request.args.get('delete'): # scan task delete scan_id = request.args.get("delete") connectiondb(port_db).delete_one({"_id": ObjectId(scan_id)}) return redirect(url_for('port_scanner.port_view')) # default scan view port_list = connectiondb(config_db).find_one({"config_name": config_name})['port_list'] ports = ','.join('%s' % port for port in port_list) return render_template('port-scanner.html', port_list=ports) else: # add scan if request.form.get('source') == "new_scan": target_val = request.form.get('target_val') arguments_val = int(request.form.get('arguments_val')) port_val = request.form.get('port_val') if len(port_val) > 0: if arguments_val == 0: arguments = "-sT -T4 -p " + port_val elif arguments_val == 1: arguments = "-sT -T4 --open -p " + port_val elif arguments_val == 2: arguments = "-sS -T4 -Pn -p " + port_val elif arguments_val == 3: arguments = "-sT -sV -O -A -p " + port_val else: arguments = "" # use default port else: if arguments_val == 0: arguments = "-sT -T4" elif arguments_val == 1: arguments = "-sT -T4 --open" elif arguments_val == 2: arguments = "-sS -T4 -Pn " elif arguments_val == 3: arguments = "-sT -sV -O -A" else: arguments = "" db_data = { "host": target_val, "status": "Preparation", 'port': port_val, "arguments": arguments, 'detail': "", 'date': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) } scan_id = connectiondb(port_db).insert_one(db_data).inserted_id t1 = threading.Thread(target=nmap_scanner, args=(target_val, arguments, scan_id)) t1.start() return jsonify({ "result": "success", "scan_id": str(scan_id), })