def cli_filter(self, keys, save=False):
"""
this function is used to filter the results.
:param save:
:param keys: str, filter condition. ex: 'ip, port, app=xxx'
:return: None
"""
has_equal = []
not_equal = []
# set the ip field to be displayed by default and in the first place
key_list = keys.split(',')
try:
# set ip field in the first place
key_index = key_list.index("ip")
key_list.pop(key_index)
key_list.insert(0, 'ip')
# add IP to the first item when there is no IP
except ValueError:
key_list.insert(0, 'ip')
# process user input fields, separating single fields from fields with equal signs.
for key in key_list:
res = key.split('=')
# field with equal sign
if len(res) == 2:
has_equal.append(key)
not_equal.append(res[0])
# No field with equal sign
if len(res) == 1:
# handle the case where the wildcard character * is included in the filed
# that is, query all fields
if key == "*":
not_equal = list(fields_tables_host.keys())
continue
else:
not_equal.append(key)
# the filter condition is port, banner, app=**
# ex:port,banner,app=MySQL
if len(has_equal) != 0:
equal = ','.join(has_equal)
equal_data = self.regexp_data(equal)
# the filter condition is app, port
# ex: ip,port,app
else:
equal_data = self.dork_data[:self.num]
# get result
result = self.filter_data(not_equal, equal_data)
equal = ','.join(not_equal)
if save:
return equal, result
show.print_filter(equal, result)
def regexp_data(self, keys):
"""
filter based on fields entered by the user
AND operation on multiple fields
:param keys: str , user input filter filed
:return: list, ex:[{...}, {...}, {...}...]
"""
keys = keys.split(",")
result = []
self.zoomeye.data_list = self.dork_data[:self.num]
data_list = self.zoomeye.data_list
for key in keys:
result = []
for da in data_list:
zmdict = ZoomEyeDict(da)
input_key, input_value = key.split("=")
if fields_tables_host.get(input_key.strip()) is None:
# check filed effectiveness
support_fields = ','.join(list(fields_tables_host.keys()))
show.printf(
"filter command has unsupport fields [{}], support fields has [{}]"
.format(input_key, support_fields),
color='red')
exit(0)
# the value obtained here is of type int, and the user's input is of type str,
# so it needs to be converted.
if input_key == "port":
input_value = str(input_value)
find_value = zmdict.find(
fields_tables_host.get(input_key.strip()))
# get the value through regular matching
try:
regexp_result = re.search(str(input_value),
str(find_value), re.I)
except re.error:
show.printf(
'the regular expression you entered is incorrect, please check!',
color='red')
exit(0)
except Exception as e:
show.printf(e, color='red')
exit(0)
# the matched value is neither None nor empty
if regexp_result and regexp_result.group(0) != '':
result.append(da)
# AND operation
data_list = result
return result
def filter_data(self, keys, data):
"""
get the data of the corresponding field
:param keys: list, user input field
:param data: list, zoomeye api data
:return: list, ex: [[1,2,3...],[1,2,3...],[1,2,3...]...]
"""
result = []
for d in data:
item = []
zmdict = ZoomEyeDict(d)
for key in keys:
if fields_tables_host.get(key.strip()) is None:
support_fields = ','.join(list(fields_tables_host.keys()))
show.printf("filter command has unsupport fields [{}], support fields has [{}]"
.format(key, support_fields), color='red')
exit(0)
res = zmdict.find(fields_tables_host.get(key.strip()))
item.append(res)
result.append(item)
return result
