def Query(request): # 用于查询DNSLOG数据 RequestLogRecord(request, request_api="domain_name_system_log") if request.method == "POST": try: Token = json.loads(request.body)["token"] NumberOfPages = json.loads(request.body)["number_of_pages"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="domain_name_system_log", uid=Uid) # 查询到了在计入 DomainNameSystemLogResult = DomainNameSystemLog().Query( number_of_pages=int(NumberOfPages)) #对解析记录进行查询 return JsonResponse({ 'message': DomainNameSystemLogResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_DomainNameSystemLog_DomainNameSystemData_Query(def)", e) return JsonResponse({ 'message': "呐呐呐!莎酱被玩坏啦(>^ω^<)", 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def ReadTemplate(request): #用读取数据库中模板文件 RequestLogRecord(request, request_api="read_cross_site_script_template") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord( request, request_api="read_cross_site_script_template", uid=Uid) TemplateData = CrossSiteScriptTemplate().Query( uid=Uid) #查询用户自定义的模板数据 return JsonResponse({ 'message': TemplateData, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CrossSiteScriptHub_TemplateManagement_ReadTemplate(def)", e) return JsonResponse({ 'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def PersonalInformation(request):#用户个人信息 RequestLogRecord(request, request_api="personal_information") if request.method == "POST": try: Token=json.loads(request.body)["token"] Info=UserInfo().QueryUserInfo(Token) Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询用户名 if Uid!=None: # 查到了UID UserOperationLogRecord(request, request_api="personal_information", uid=Uid) if Info is None: return JsonResponse({'message': '搁着闹呢?', 'code': 404, }) elif Info != None: JsonValues = {}#对数据进行二次处理 JsonValues["id"] = Info["id"] JsonValues["key"] = Info["key"] JsonValues["name"] = Info["name"] JsonValues["token"] = Info["token"] JsonValues["show_name"] = Info["show_name"] JsonValues["email"] = Info["email"] JsonValues["avatar"] = Info["avatar"] return JsonResponse({'message': JsonValues, 'code': 200, }) except Exception as e: ErrorLog().Write("Web_Api_User_PersonalInformation(def)", e) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UpdateKey(request): #更新Key RequestLogRecord(request, request_api="update_key") if request.method == "POST": try: Token = json.loads(request.body)["token"] NewKey = randoms().result(40) #生成随机的key,有可能会重复,这边先暂时不管了,这概论太j8低了 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="update_key", uid=Uid) # 查询到了在计入 UpdateKeyResult = UserInfo().UpdateKey(uid=Uid, key=NewKey) #获取值查看是否成功 if UpdateKeyResult: return JsonResponse({ 'message': '呐呐呐呐!修改成功了呢~', 'code': 200, }) else: return JsonResponse({ 'message': "输入信息有误重新输入", 'code': 404, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_BasicFunctions_User_UpdateKey(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def QueryMarkdownProject(request): #用来查询用户所有的项目信息 RequestLogRecord(request, request_api="query_markdown_project") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="query_markdown_project", uid=Uid) QueryResult = MarkdownRelationship().Query(uid=Uid) #查询的结果返回 return JsonResponse({ 'message': QueryResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非操作哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CollaborationPlatform_Markdown_QueryMarkdownProject(def)", e) return JsonResponse({ 'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistStatistics(request): #对当前的CVE个数进行统计 RequestLogRecord(request, request_api="nist_statistics") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_statistics", uid=Uid) # 查询到了在计入 SearchResult = NistData().StatisticalData() #统计的个数 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistStatistics(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def GithubQuery(request): #查询github监控数据 RequestLogRecord(request, request_api="github_monitor") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="github_monitor", uid=Uid) # 查询到了在计入 GithubMonitorResult = GithubCveApi().Query() #获取github数据 return JsonResponse({ 'message': GithubMonitorResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityUtilizationMonitoring_Github_GithubQuery(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def Query(request): #数据表格查询 RequestLogRecord(request, request_api="email_data_graph_query") if request.method == "POST": try: Token = json.loads(request.body)["token"] ProjectKey = json.loads(request.body)["project_key"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="email_data_graph_query", uid=Uid) # 查询到了在计入 Result = EmailGraph().Query(project_key=ProjectKey, uid=Uid) return JsonResponse({ 'message': ast.literal_eval(Result), 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_Email_Graph_Statistics(def)", e) return JsonResponse({ 'message': '自己去看报错日志!', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def UpdatePassword(request): #更新密码 RequestLogRecord(request, request_api="update_password") if request.method == "POST": try: UserName = json.loads(request.body)["username"] OldPasswd = json.loads(request.body)["old_passwd"] NewPasswd = json.loads(request.body)["new_passwd"] UpdatePassword = UserInfo().UpdatePasswd(name=UserName, old_passwd=OldPasswd, new_passwd=NewPasswd) if UpdatePassword: UserOperationLogRecord(request, request_api="login", uid=UserName) #如果修改成功写入数据库中 return JsonResponse({ 'message': '修改成功~', 'code': 200, }) else: return JsonResponse({ 'message': "输入信息有误重新输入", 'code': 404, }) except Exception as e: ErrorLog().Write("Web_Api_User_UpdatePassword(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def ScanInformationQuery(request): #查询关系表 RequestLogRecord(request, request_api="scan_information_query") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] ActiveScanId = json.loads(request.body)["active_scan_id"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="scan_information_query", uid=Uid) MedusaQueryResult = ScanInformation().Query( uid=Uid, active_scan_id=ActiveScanId) if MedusaQueryResult != None: return JsonResponse({ 'message': MedusaQueryResult, 'code': 200, }) else: return JsonResponse({ 'message': '数据库炸了BOOM~🐈', 'code': 404, }) except Exception as e: ErrorLog().Write( "Web_Api_VulnerabilityQuery_ScanInformationQuery(def)", e) return JsonResponse({ 'message': '莎酱被玩坏啦ヽ(・ω・´メ)', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def Statistics(request): #统计邮件获取到的数据 RequestLogRecord(request, request_api="email_receive_data_statistics") if request.method == "POST": try: Token = json.loads(request.body)["token"] ProjectKey = json.loads(request.body)["project_key"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord( request, request_api="email_receive_data_statistics", uid=Uid) # 查询到了在计入 Result = EmailReceiveData().Statistics(project_key=ProjectKey) return JsonResponse({ 'message': Result, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_Email_ReceiveData_Statistics(def)", e) return JsonResponse({ 'message': '自己去看报错日志!', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def ActiveScanListQuery(request): #主动扫描列表查询 RequestLogRecord(request, request_api="active_scan_list_query") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="active_scan_list_query", uid=Uid) ActiveScanListQueryResult = ActiveScanList().Query(uid=Uid) if ActiveScanListQueryResult != None: return JsonResponse({ 'message': ActiveScanListQueryResult, 'code': 200, }) else: return JsonResponse({ 'message': '数据库出问题了🐈', 'code': 404, }) except Exception as e: ErrorLog().Write( "Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e) return JsonResponse({ 'message': '莎酱被玩坏啦(>^ω^<)喵', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def MedusaValueQuery(request): #查询单个漏洞 RequestLogRecord(request, request_api="medusa_query") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] ScanInfoId = json.loads(request.body)["scan_info_id"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="medusa_query", uid=Uid) MedusaQueryResult = MedusaQuery().Query( uid=Uid, scan_info_id=ScanInfoId) if MedusaQueryResult != None: return JsonResponse({ 'message': MedusaQueryResult, 'code': 200, }) else: return JsonResponse({ 'message': '数据库GG了🐈', 'code': 404, }) except Exception as e: ErrorLog().Write( "Web_Api_VulnerabilityQuery_MedusaValueQuery(def)", e) return JsonResponse({ 'message': '莎酱被玩坏啦ヾ(=・ω・=)o', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def Statistics(request): #对当前整体数据进行统计 RequestLogRecord(request, request_api="domain_name_system_log_statistics") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord( request, request_api="domain_name_system_log_statistics", uid=Uid) # 查询到了在计入 SearchResult = DomainNameSystemLog().StatisticalData() #统计的个数 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_DomainNameSystemLog_DomainNameSystemData_Statistics(def)", e) return JsonResponse({ 'message': "呐呐呐!莎酱被玩坏啦(>^ω^<)", 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def FishingDataStatistics(request): #统计钓鱼获取到的数据 RequestLogRecord(request, request_api="fishing_data_statistics") if request.method == "POST": try: Token = json.loads(request.body)["token"] RequestKey = json.loads(request.body)["request_key"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="fishing_data_statistics", uid=Uid) # 查询到了在计入 Result = FishingData().Quantity(request_key=RequestKey) return JsonResponse({ 'message': Result, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_Mail_FishingData_FishingDataStatistics(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def Scan(request): RequestLogRecord(request, request_api="vulnerability_scanning") if request.method == "POST": try: ReceiveData=json.loads(request.body) ScanUrl=ReceiveData["url"] ScanToken= ReceiveData["token"] ScanModule = ReceiveData["module"] ScanProcess = ReceiveData["process"] ScanAgentHeader = ReceiveData["header"] ScanProxy = ReceiveData["proxy"] if ScanProxy==0:#如果传入0表示关闭该功能 ScanProxy=None if type(ScanProcess)==int:#判断类型 Uid=UserInfo().QueryUidWithToken(ScanToken)#如果登录成功后就来查询用户名 if Uid!=None: UserOperationLogRecord(request, request_api="vulnerability_scanning", uid=Uid) ActiveScanId=ActiveScanList().Write(uid=Uid,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,process=ScanProcess)#写入用户关系表,然后返回sid下发给任务 RedisActiveScanTask= MedusaScan.delay(ScanUrl,ScanModule,ScanProcess,ScanAgentHeader,ScanProxy,Uid=Uid,ActiveScanId=ActiveScanId)#调用扫描处理函数 ActiveScanList().UpdateRedisId(uid=Uid,active_scan_id=ActiveScanId,redis_id=RedisActiveScanTask.task_id) return JsonResponse({'message': '任务下发成功👌', 'code': 200, }) else: return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) else: return JsonResponse({'message': '类型错误!', 'code': 666, }) except Exception as e: ErrorLog().Write("Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e) return JsonResponse({'message': '莎酱被玩坏掉嘞QAQ', 'code': 169, }) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def GithubMonitor(request): #查询github监控数据 RequestLogRecord(request, request_api="github_monitor") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="github_monitor", uid=Uid) # 查询到了在计入 GithubMonitorResult = GithubCveApi().Query() #获取github数据 return JsonResponse({ 'message': GithubMonitorResult, 'code': 200, }) else: return JsonResponse({ 'message': "非法查询哦宝贝!", 'code': 404, }) except Exception as e: ErrorLog().Write("Web_Api_User_UpdateShowName(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def GithubSearch(request): #搜索数据接口 RequestLogRecord(request, request_api="github_monitor_search") if request.method == "POST": try: Token = json.loads(request.body)["token"] Name = json.loads(request.body)["name"] #查询值 NumberOfPages = json.loads(request.body)["number_of_pages"] # 页数 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="github_monitor_search", uid=Uid) # 查询到了在计入 Data = {} # 最终包含个数和当前页数数据 Data["amount"] = GithubCveApi().SearchStatistics(name=Name) Data["data"] = GithubCveApi().Search( name=Name, number_of_pages=int(NumberOfPages)) # 模糊搜索 return JsonResponse({ 'message': Data, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityUtilizationMonitoring_Github_GithubSearch(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistDataDetailedQuery(request): #查询单个CVE细节数据 RequestLogRecord(request, request_api="nist_data_detailed_query") if request.method == "POST": try: Token = json.loads(request.body)["token"] CommonVulnerabilitiesAndExposures = json.loads( request.body)["common_vulnerabilities_and_exposures"] #CVE编号 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_data_detailed_query", uid=Uid) # 查询到了在计入 SearchResult = NistData().DetailedQuery( common_vulnerabilities_and_exposures= CommonVulnerabilitiesAndExposures) #获取数据 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistDataDetailedQuery(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def GenerateVerificationCode(request): #生成验证码函数 RequestLogRecord(request, request_api="get_verification_code") if request.method == "GET": try: RandomVerificationCode = randoms().LowercaseAndNumbers( 6) #获取小写的字符串 RandomVerificationCodeKey = randoms().result(250) #生成验证码相关联的key PictureBitstream = ImageCaptcha().generate( RandomVerificationCode).read() #获取图片比特流 VerificationCode().Write( code=RandomVerificationCode, verification_code_key=RandomVerificationCodeKey) #把值写入到数据库中 Result = HttpResponse(PictureBitstream) #把图片比特流复制给返回包 Result[ 'VerificationCodeKey'] = RandomVerificationCodeKey #把值传到返回包的头中 Result[ 'Access-Control-Expose-Headers'] = "VerificationCodeKey" #添加头内容保证前端能够获取到值 return Result except Exception as e: ErrorLog().Write( "Web_BasicFunctions_VerificationCode_GenerateVerificationCode(def)", e) return JsonResponse({ 'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, }) else: return JsonResponse({ 'message': '请使用GET请求', 'code': 500, })
def UpdateShowName(request): #更新显示名字 RequestLogRecord(request, request_api="update_show_name") if request.method == "POST": try: Token = json.loads(request.body)["token"] NewShowName = json.loads(request.body)["new_show_name"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="update_show_name", uid=Uid) # 查询到了在计入 UpdateShowNameResult = UserInfo().UpdateShowName( uid=Uid, show_name=NewShowName) #获取值查看是否成功 if UpdateShowNameResult: return JsonResponse({ 'message': '好诶!修改成功~', 'code': 200, }) else: return JsonResponse({ 'message': "输入信息有误重新输入", 'code': 404, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_BasicFunctions_User_UpdateShowName(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def Initialization(request):#用于初始化获取基础信息 RequestLogRecord(request, request_api="system_hardware_initialization") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="system_hardware_initialization", uid=Uid) # 查询到了在计入 MemoryInfo = psutil.virtual_memory() # 获取完整内存信息 SystemInfo=platform.platform() SystemName=platform.system() SystemType=platform.machine() UserName= platform.node() CentralProcessingUnitArchitecture=platform.processor() ServerStartTime = str(int(psutil.boot_time())) # 获取服务器启动时间 MemoryTotal = MemoryInfo.total # 系统内存总数 CentralProcessingUnitCount = psutil.cpu_count() # cpu核数 return JsonResponse({'message': {"central_processing_unit_architecture":CentralProcessingUnitArchitecture, "system_info":SystemInfo, "server_start_time":ServerStartTime, "system_name":SystemName, "system_type":SystemType, "user_name":UserName, "memory_total":MemoryTotal, "central_processing_unit_count":CentralProcessingUnitCount},'code': 200,}) else: return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_SystemInfo_HardwareInfo_Initialization(def)", e) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Linux(request): # 用于提取保存文件后调用相应的处理函数 RequestLogRecord(request, request_api="linux_executable_linkable_format_analysis") if request.method == "POST": try: Token =request.headers["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="linux_executable_linkable_format_analysis", uid=Uid) # 查询到了在计入 PictureData = request.FILES.get('file', None) # 获取文件数据 if 0>=PictureData.size:#判断是不是空文件 return JsonResponse({'message': "宝贝数据这么小的嘛?", 'code': 400, }) elif portable_execute_file_size < PictureData.size: #和配置文件中做对比 SaveFileName = str(int(time.time())) # 重命名文件 SaveRoute = GetAnalysisFileStoragePath().Result() + SaveFileName # 获得保存路径 with open(SaveRoute, 'wb') as f: for line in PictureData: f.write(line) #接下来调用处理函数,接着再调用删除函数 return JsonResponse({'message': "成功了", 'code': 200, }) else: return JsonResponse({'message': "文件太大啦~(๑•̀ㅂ•́)و✧", 'code': 501, }) else: return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_ToolsUtility_ExecutableLinkableFormat_Linux(def)", e) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UsageQuery(request): # 用于查询CPU和硬件的使用情况 RequestLogRecord(request, request_api="system_hardware_usage_query") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord( request, request_api="system_hardware_usage_query", uid=Uid) # 查询到了在计入 HardwareUsageRateResult = HardwareUsageRateInfo().Query( ) #对CPU和内存信息进行查询 return JsonResponse({ 'message': HardwareUsageRateResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_SystemInfo_HardwareInfo_Initialization(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def SaveMarkdownData(request): #用来保存协同作战数据 RequestLogRecord(request, request_api="save_markdown_data") if request.method == "POST": try: UserToken = json.loads(request.body)["token"] MarkdownData = json.loads(request.body)["markdown_data"] #传入保存的数据 MarkdownName = json.loads(request.body)["markdown_name"] #传入文档名称 MarkdownDataToBast64 = base64.b64encode( str(MarkdownData).encode('utf-8')).decode( 'utf-8') #转换成base64的数据 Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="save_markdown_data", uid=Uid) CheckPermissionsResult = MarkdownRelationship( ).CheckPermissions(markdown_name=MarkdownName, uid=Uid) #检查是否有权限,也就是说这个项目是否属于该用户 if CheckPermissionsResult: #如果属于该用户 CheckConflictResult = MarkdownInfo().CheckConflict( markdown_name=MarkdownName) #检查数据库这个文件是否存在 if CheckConflictResult: #如果文件已经有数据了 if not MarkdownInfo().Update( markdown_name=MarkdownName, markdown_data=MarkdownDataToBast64 ): #就对数据进行更新,接着判断更新返回值 return JsonResponse({ 'message': "保存失败~玛卡巴卡~~", 'code': 503, }) else: #如果没有数据 MarkdownInfo().Write( markdown_name=MarkdownName, markdown_data=MarkdownDataToBast64) #就对数据进行写入 return JsonResponse({ 'message': "保存成功啦~阿巴阿巴~", 'code': 200, }) else: return JsonResponse({ 'message': "小朋友不是你的东西别乱动哦~~", 'code': 404, }) else: return JsonResponse({ 'message': "小宝贝这是非法操作哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CollaborationPlatform_Markdown_SaveMarkdownData(def)", e) return JsonResponse({ 'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, }) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def GenerateProject(request):#用来生成项目,并且生成文件和用户绑定 RequestLogRecord(request, request_api="create_cross_site_script_project") if request.method == "POST": try: JavaScriptFileData = json.loads(request.body)["javascript_data"]#获取前端传入的加密过的js文件数据 ProjectName = json.loads(request.body)["project_name"]#项目名 UserToken = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(UserToken) # 如果登录成功后就来查询用户名 if Uid != None and JavaScriptFileData!=None: # 查到了UID,并且js数据不为空 UserOperationLogRecord(request, request_api="create_cross_site_script_project", uid=Uid) GetJavaScriptFilePath().Result()#获取js文件路径 while True:#如果查询确实冲突了 JavaScriptSaveFileName=randoms().result(5)#文件名 QueryJavaScriptSaveFileNameValidity = CrossSiteScriptProject().RepeatInvestigation(file_name=JavaScriptSaveFileName)#判断文件是否重复 if not QueryJavaScriptSaveFileNameValidity:#如果不冲突的话跳出循环 break JavaScriptSaveRoute = GetJavaScriptFilePath().Result() + JavaScriptSaveFileName # 获得保存路径 with open(JavaScriptSaveRoute, 'wb') as f: f.write(base64.b64decode(str(JavaScriptFileData).encode('utf-8')))#文件内容还要加密 CrossSiteScriptProject().Write(file_name=JavaScriptSaveFileName,uid=Uid,project_name=ProjectName)#写到数据库表中 return JsonResponse({'message': "欧拉欧拉欧拉欧拉欧拉欧拉欧拉欧拉(๑•̀ㅂ•́)و✧", 'code': 200, }) else: return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write("Web_CrossSiteScriptHub_CrossSiteScript_GenerateProject(def)", e) return JsonResponse({'message': '呐呐呐!莎酱被玩坏啦(>^ω^<)', 'code': 169, }) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Login(request):#用户登录,每次登录成功都会刷新一次Token RequestLogRecord(request, request_api="login") if request.method == "POST": try: Username=json.loads(request.body)["username"] Passwd=json.loads(request.body)["passwd"] Md5Passwd=Md5Encryption().Md5Result(Passwd)#对密码加密 UserLogin=UserInfo().UserLogin(Username,Md5Passwd) if UserLogin is None: return JsonResponse({'message': '账号或密码错误', 'code': 604, }) else: while True:#如果查询确实冲突了 Token = randoms().result(250) QueryTokenValidity = UserInfo().QueryTokenValidity(Token)#用来查询Token是否冲突了 if not QueryTokenValidity:#如果不冲突的话跳出循环 break UpdateToken=UserInfo().UpdateToken(name=Username, token=Token)#接着更新Token if UpdateToken:#如果更新成功了 Uid = UserInfo().QueryUidWithToken(Token) # 查询UID UserOperationLogRecord(request, request_api="login", uid=Uid) return JsonResponse({'message': Token, 'code': 200, }) except Exception as e: ErrorLog().Write("Web_Api_User_LogIn(def)", e) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Scan(request): RequestLogRecord(request, request_api="scan") if request.method == "POST": try: ReceiveData=json.loads(request.body) ScanUrl=ReceiveData["url"] ScanToken= ReceiveData["token"] ScanModule = ReceiveData["module"] ScanThreads = ReceiveData["threads"] ScanAgentHeader = ReceiveData["header"] ScanProxy = ReceiveData["proxy"] if type(ScanThreads)==int:#判断类型 TokenQueryReturnValue=UserInfo().TokenAuthentication(token=ScanToken) if TokenQueryReturnValue:#如果Token存在 UserName=UserInfo().QueryUserNameWithToken(ScanToken)#如果登录成功后就来查询用户名 UserOperationLogRecord(request, request_api="scan", uid=UserName) if UserName!=None: Sid=ActiveScanList().Write(uid=UserName,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,threads=ScanThreads)#写入用户关系表,然后返回sid下发给任务 MedusaScan.delay(ScanUrl,ScanModule,ScanThreads,ScanAgentHeader,ScanProxy,Uid=UserName,Sid=Sid)#调用扫描处理函数 return JsonResponse({'message': '任务下发成功👌', 'code': 200, }) else: return JsonResponse({'message': '诶诶诶诶???怎么会查不到用户名呢????', 'code': 404, }) else: return JsonResponse({'message': '请登录获取令牌秘钥~', 'code': 404, }) else: return JsonResponse({'message': '类型错误!', 'code': 500, }) except: return JsonResponse({'message': '请求不合法!', 'code': 500, }) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UploadAvatar(request):#文件上传功能 RequestLogRecord(request, request_api="upload_avatar") Token =request.headers["token"] if request.method == "POST": try: Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="upload_avatar", uid=Uid) # 查询到了在计入 PictureData = request.FILES.get('file', None)#获取文件数据 if 10240<PictureData.size:#最大值10MB,最小值10KB SaveFileName=randoms().result(10)+str(int(time.time()))+".jpg"#重命名文件 SaveRoute=GetImageFilePath().Result()+SaveFileName#获得保存路径 with open(SaveRoute, 'wb') as f: for line in PictureData: f.write(line) UserInfo().UpdateAvatar(avatar=SaveFileName,uid=Uid)#图片写到本地后更新用户头像 return JsonResponse({'message': SaveFileName, 'code': 200,})#返回上传图片名称 else: return JsonResponse({'message': '它实在是太小了,莎酱真的一点感觉都没有o(TヘTo)', 'code': 603,}) else: return JsonResponse({'message': '宝贝没有用户你要插到哪里去呢?', 'code': 404, }) except Exception as e: ErrorLog().Write("Web_Api_User_UploadAvatar(def)", e) return JsonResponse({'message': '你不对劲!为什么报错了?', 'code': 169,}) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def UpdatePassword(request):#更新密码 RequestLogRecord(request, request_api="update_password") if request.method == "POST": try: UserName=json.loads(request.body)["username"] OldPasswd=json.loads(request.body)["old_passwd"] NewPasswd = json.loads(request.body)["new_passwd"] VerificationCodeKey = json.loads(request.body)["verification_code_key"]#获取验证码关联的KEY Code = json.loads(request.body)["verification_code"].lower()#获取验证码 if VerificationCodeKey!=None and Code!=None:#判断传入数据不为空 VerificationCodeResult=VerificationCode().Query(code=Code,verification_code_key=VerificationCodeKey)#获取判断 if VerificationCodeResult:#如果为真,进行登录验证 Md5NewPasswd = Md5Encryption().Md5Result(NewPasswd) # 对新密码加密 Md5OldPasswd = Md5Encryption().Md5Result(OldPasswd) # 对旧密码加密 UpdatePassword=UserInfo().UpdatePasswd(name=UserName,old_passwd=Md5OldPasswd,new_passwd=Md5NewPasswd) if UpdatePassword: UserOperationLogRecord(request, request_api="update_password", uid=UserName)#如果修改成功写入数据库中 return JsonResponse({'message': '好耶!修改成功~', 'code': 200, }) else: return JsonResponse({'message': "输入信息有误重新输入", 'code': 404, }) else: return JsonResponse({'message': "验证码错误或者过期!", 'code': 503, }) else: return JsonResponse({'message': "验证码或者验证码秘钥不能为空!", 'code': 504, }) except Exception as e: ErrorLog().Write("Web_BasicFunctions_User_UpdatePassword(def)", e) else: return JsonResponse({'message': '请使用Post请求', 'code': 500, })