def create_sys_vul_job():
name = request.form.get('name')
ip = request.form.get('ip')
concurrent_discover = request.form.get('concurrent_discover')
concurrent_check = request.form.get('concurrent_check')
plugins = request.form.getlist('plugins')
SysVulJob.create(g.user, name, ip, concurrent_discover, concurrent_check,
plugins)
return json(result=[])
def register():
ident = request.json.get('ident', '')
hostname = request.json.get('hostname', '')
pid = request.json.get('pid', '')
type = request.json.get('type', '')
total = request.json.get('total', 0)
busy = request.json.get('busy', 0)
idle = request.json.get('idle', 0)
Executor.create(ident=ident, hostname=hostname, pid=pid, type=type, total=total, busy=busy, idle=idle)
return json(result={'time' : time.time()})
def login(next=None):
if g.user:
return response.json(result={'next': request.args.get('next') or '/'
}) if request.is_xhr else redirect('/')
name, password, errors = '', '', {}
if request.method == 'POST':
name = request.form.get('name', '')
password = request.form.get('password', '')
user = User.authenticate(name, password)
if user:
session['user'] = user.id
return response.json(
result={'next': request.args.get('next') or '/'})
else:
errors['user'] = '******'
return response.json(errors=errors)
return render_template('auth/login.html',
name=name,
password=password,
errors=errors)
def stats():
#最新发现资产数量/总资产数量/存在漏洞的主机数量
#最新发现端口数量/总端口数量
#最新发现漏洞数量/总漏洞数量
#端口统计
#漏洞发现主机统计
#主机发现漏洞统计
stats = {}
stats['asset'] = SysAsset.stats()
stats['app'] = Application.stats()
stats['vul'] = AssetSysVul.stats()
stats['executor'] = Executor.stats()
stats['stats_port'] = Application.stats_port()
stats['stats_host_vul'] = AssetSysVul.stats_host_vul()
stats['stats_vul_host'] = AssetSysVul.stats_vul_host()
return json(stats)
def save_sys_vul_plugin():
params = {k: v for k, v in request.form.items()}
obj, has_error, errors = SysVulPlugin.create_or_replace(**params)
if has_error:
return json(code=STATUS_PARAMS_ERROR, errors=errors)
return json(result=[])
def report_sys_vul_plugin():
plugin = SysVulPlugin.get_by_key(request.form.get('id', 0))
if plugin:
return json(result=plugin.as_dict())
else:
return json(code=STATUS_PARAMS_ERROR)
def list_sys_vul_plugin():
plugins = [plugin.as_dict() for plugin in SysVulPlugin.all()]
return json(result=plugins)
def delete_sys_vul_job():
SysVulJob.delete(request.form.get('id', 0))
return json(result=[])
def cancel_sys_vul_job():
SysVulJob.cancel(request.form.get('id', 0))
return json(result=[])
def report_sys_vul_job():
job = SysVulJob.get_by_key(request.form.get('id', 0))
if job:
return json(result=job.as_dict())
else:
return json(code=STATUS_PARAMS_ERROR)
def delete_executor():
Executor.delete_by_key(request.form.get('id', 0))
return json()
def list_sys_vul_job():
jobs = [job.as_dict() for job in SysVulJob.all()]
return json(result=jobs)
def save_plugin_config():
params = {k: v for k, v in request.form.items()}
obj, has_error, errors = PluginConfig.create_or_replace(**params)
if has_error:
return json(code=STATUS_PARAMS_ERROR, errors=errors)
return json(result=[])
def delete_plugin_config():
PluginConfig.delete(request.form.get('id', 0))
return json(result=[])
def report_plugin_config():
config = PluginConfig.get_by_key(request.form.get('id', 0))
if config:
return json(result=config.as_dict())
else:
return json(code=STATUS_PARAMS_ERROR)
def list_plugin_config():
configs = [config.as_dict() for config in PluginConfig.all()]
return json(result=configs)
def delete_sys_vul_plugin():
SysVulPlugin.delete(request.form.get('id', 0))
return json(result=[])
def wrapper(*args, **kwargs):
if g.user is None:
return response.json(response.STATUS_UNAUTHENTICATE) if request.is_xhr else redirect(url_for('auth.login', next=request.path))
rt = func(*args, **kwargs)
return rt
def list_sys_asset():
assets = [asset.as_dict() for asset in SysAsset.all()]
return json(assets)
def list_report_sys_vul():
vuls = AssetSysVul.all(request.form.get('key', ''))
vuls = [vul.as_dict() for vul in vuls]
return json(result=vuls)
def delete_sys_asset():
SysAsset.delete_by_key(request.form.get('id', 0))
return json()