def cli_filter(self, keys, save=False): """ this function is used to filter the results. :param save: :param keys: str, filter condition. ex: 'ip, port, app=xxx' :return: None """ has_equal = [] not_equal = [] # set the ip field to be displayed by default and in the first place key_list = keys.split(',') try: # set ip field in the first place key_index = key_list.index("ip") key_list.pop(key_index) key_list.insert(0, 'ip') # add IP to the first item when there is no IP except ValueError: key_list.insert(0, 'ip') # process user input fields, separating single fields from fields with equal signs. for key in key_list: res = key.split('=') # field with equal sign if len(res) == 2: has_equal.append(key) not_equal.append(res[0]) # No field with equal sign if len(res) == 1: # handle the case where the wildcard character * is included in the filed # that is, query all fields if key == "*": not_equal = list(fields_tables_host.keys()) continue else: not_equal.append(key) # the filter condition is port, banner, app=** # ex:port,banner,app=MySQL if len(has_equal) != 0: equal = ','.join(has_equal) equal_data = self.regexp_data(equal) # the filter condition is app, port # ex: ip,port,app else: equal_data = self.dork_data[:self.num] # get result result = self.filter_data(not_equal, equal_data) equal = ','.join(not_equal) if save: return equal, result show.print_filter(equal, result)
def regexp_data(self, keys): """ filter based on fields entered by the user AND operation on multiple fields :param keys: str , user input filter filed :return: list, ex:[{...}, {...}, {...}...] """ keys = keys.split(",") result = [] self.zoomeye.data_list = self.dork_data[:self.num] data_list = self.zoomeye.data_list for key in keys: result = [] for da in data_list: zmdict = ZoomEyeDict(da) input_key, input_value = key.split("=") if fields_tables_host.get(input_key.strip()) is None: # check filed effectiveness support_fields = ','.join(list(fields_tables_host.keys())) show.printf( "filter command has unsupport fields [{}], support fields has [{}]" .format(input_key, support_fields), color='red') exit(0) # the value obtained here is of type int, and the user's input is of type str, # so it needs to be converted. if input_key == "port": input_value = str(input_value) find_value = zmdict.find( fields_tables_host.get(input_key.strip())) # get the value through regular matching try: regexp_result = re.search(str(input_value), str(find_value), re.I) except re.error: show.printf( 'the regular expression you entered is incorrect, please check!', color='red') exit(0) except Exception as e: show.printf(e, color='red') exit(0) # the matched value is neither None nor empty if regexp_result and regexp_result.group(0) != '': result.append(da) # AND operation data_list = result return result
def filter_data(self, keys, data): """ get the data of the corresponding field :param keys: list, user input field :param data: list, zoomeye api data :return: list, ex: [[1,2,3...],[1,2,3...],[1,2,3...]...] """ result = [] for d in data: item = [] zmdict = ZoomEyeDict(d) for key in keys: if fields_tables_host.get(key.strip()) is None: support_fields = ','.join(list(fields_tables_host.keys())) show.printf("filter command has unsupport fields [{}], support fields has [{}]" .format(key, support_fields), color='red') exit(0) res = zmdict.find(fields_tables_host.get(key.strip())) item.append(res) result.append(item) return result