def thread_start():
while True:
logger.info("Score Loop Starting")
score()
i = random.randint(config.get_item("engine/min"),
config.get_item("engine/max"))
date = datetime.datetime.now()
date += datetime.timedelta(seconds=i)
logger.debug("Score Loop sleeping for %i (%s)" % (i, date))
time.sleep(i)
def teamserver(teamid, serverid):
dbsession = getSession()
logger.debug("teamid: %s" % teamid)
team = dbsession.query(
tables.Team).filter(tables.Team.name == teamid).first()
if team:
server = dbsession.query(tables.TeamServer).filter(
tables.and_(tables.TeamServer.teamid == team.id,
tables.TeamServer.serverid == serverid)).first()
if server:
return render_template('admin/team/server.html',
title='Server',
year=datetime.now().year,
team=team,
server=server)
return page_not_found(None)
def file_download(id):
session = getSession()
f = session.query(
tables.Attachment).filter(tables.Attachment.id == id).first()
if f:
if config.get_item(
"clam/enabled"
) and 'ignore_virus' not in request.args and not f.ignore_virus:
if config.get_item("clam/stream_limit") < f.size:
return render_template("injectscore/virus_error.html", )
try:
if config.has_item("clam/path"):
cd = ClamdUnixSocket(config.get_item("clam/path"))
elif config.has_item("clam/address"):
cd = ClamdNetworkSocket(
config.get_item("clam/address").encode('ascii'),
config.get_item("clam/port"))
cd.ping()
logger.debug(cd.version())
virus_info = cd.scan_stream(f.data)
logger.debug(virus_info)
if virus_info is not None:
return render_template("injectscore/virus.html",
virus_info=virus_info,
title="Virus Found")
except ConnectionError as ce:
logger.error(ce.message)
return render_template("injectscore/virus_error.html", )
except BufferTooLongError as btle:
logger.error(btle.message)
return render_template("injectscore/virus_error.html", )
except error as se:
logger.error(se.message)
return render_template("injectscore/virus_error.html")
r = make_response(f.data)
r.headers[
'Content-Disposition'] = 'inline; filename="' + f.filename + '"'
ty, _ = guess_type(f.filename)
if ty:
r.mimetype = ty
else:
r.mimetype = 'application/octet-stream'
return r
from ScoringEngine.web.views.errors import page_not_found
return page_not_found(None)
def login():
if request.method == 'POST':
users = getSession().query(tables.User).filter(
tables.User.username == request.form['username'])
for user in users:
if user.verify_password(request.form['password']):
logger.debug("Login for " + user.username)
return do_login(user)
else:
logger.warning("Incorrect password for " + user.username)
return render_template('user/login.html',
title='Home Page',
year=datetime.now().year,
error="User/Password Incorrect")
return render_template(
'user/login.html',
title='Home Page',
year=datetime.now().year,
)
def score():
session = Session()
event = None
events = session.query(tables.Event).filter(tables.Event.current == True)
if events.count() > 0:
event = events[0].id
logger.info("Score Event: %s" % events[0].name)
for server in session.query(tables.TeamServer).all():
if server.server.enabled and server.team.enabled:
for service in session.query(tables.Service).filter(
tables.and_(tables.Service.serverid == server.server.id,
tables.Service.enabled == True)):
m = __import__(service.type.tester)
func = getattr(m, "test")
logger.debug("Score: %s(<%s>, <%s>, <%s>, <%s>)" %
(service.type.tester, server.team.name,
server.server.name, service.name, event))
threading.Thread(target=func, args=[server, service,
event]).start()
session.close()
def validate_env():
import os, os.path
from ScoringEngine.core import logger, config
from ScoringEngine.core.db import Session, tables
try:
s = Session()
logger.debug("Checking if >0 users")
if s.query(tables.User).count() == 0:
# We should create the default admin user if there are no users.
logger.warning("No users found creating default admin account")
s.add(tables.User.create("Administrator", "admin", u"admin", -1, 5))
s.commit()
# refresh scoretype table
logger.debug("Refreshing scoretypes")
for d in config.get_item("tests"):
for f in os.listdir(d):
if os.path.isfile(os.path.join(d, f)):
p = f.split('.')
if len(p) > 1 and p[1] == "py":
t = s.query(tables.ServiceType).filter(tables.ServiceType.tester == p[0]).first()
if not t:
logger.debug("Adding type: %s" % p[0])
t = tables.ServiceType()
t.tester = p[0]
t.name = p[0].capitalize()
s.add(t)
s.commit()
s.close()
except Exception as e:
import sys
print(e)
print(e.message)
sys.exit(1)