def save_info():
data = request.get_json(silent=True)
ip = data.get('ip')
origin = data.get('origin')
zone_uid = data.get('zone_uid')
with db.auto_commit():
Host.save(ip=ip, origin=origin, zone_uid=zone_uid)
return Success()
def deploy():
db.drop_all()
db.create_all()
users = [
{
'name': '*****@*****.**',
'password': '******'
},
]
roles = [
{
'name': 'admin'
},
]
with db.auto_commit():
for user in users:
User.save(**user)
for role in roles:
Role.save(**role)
for item in app.url_map.iter_rules():
if item.endpoint != 'static':
Permission.save(endpoint=item.endpoint)
with db.auto_commit():
admin_user = User.get_item_by_name(name='*****@*****.**')
admin_role = Role.get_item_by_name(name='admin')
admin_role.update(
permissions=[permission for permission in Permission.list_items()])
admin_user.update(roles=[admin_role])
with db.auto_commit():
# Zone.save(name='test')
zone = Zone.save(name='公网')
Zone.save(name='私有云', parent_uid=zone.uid)
Zone.save(name='公有云', parent_uid=zone.uid)
Zone.save(name='内网')
zone = Zone.query.filter(Zone.name == '公有云').first()
import json
with open('domain.txt') as f:
domain_list = json.loads(f.read())
with db.auto_commit():
for domain in domain_list:
Domain.save(zone_uid=zone.uid, **domain)
with open('host.txt') as f:
host_list = json.loads(f.read())
with db.auto_commit():
for host in host_list:
Host.save(zone_uid=zone.uid, **host)
with open('service.txt') as f:
service_list = json.loads(f.read())
with db.auto_commit():
for service in service_list:
Service.save(zone_uid=zone.uid, **service)
def activate():
data = request.get_json(silent=True)
uid = data.get('uid')
h = Host.get_item_by_uid(uid, status=0)
with db.auto_commit():
h.activate()
return Success()
def remove():
data = request.get_json(silent=True)
uid = data.get('uid')
h = Host.get_item_by_uid(uid)
with db.auto_commit():
h.remove()
return Success()
def get_target_list(self, target_option):
db.session.close()
target_list = [{
'uid': host.uid,
'target': host.ip
} for host in Host.list_items_paginate_by_search(**target_option).items
]
return target_list
def update_info():
data = request.get_json(silent=True)
uid = data.get('uid')
origin = data.get('origin')
zone_uid = data.get('zone_uid')
with db.auto_commit():
h = Host.get_item_by_uid(uid=uid)
h.update(origin=origin, zone_uid=zone_uid)
return Success()
def host_batch():
data = request.get_json(silent=True)
action = data.get('action')
info_list = data.get('info')
if action == 'add':
with db.auto_commit():
for info in info_list:
host = Host.query.filter(Host.ip == info.get('ip')).first()
if host and host.status == 0:
host.activate()
host.update(**info)
else:
Host.save(**info)
elif action == 'delete':
with db.auto_commit():
for ip in info_list:
host = Host.get_item_by_ip(ip)
host.remove()
return NotContent()
def get_service():
uid = request.args.get('uid', '', type=str)
h = Host.get_item_by_uid(uid=uid)
data = {
'pageSize': len(h.services),
'pageNo': 1,
'totalCount': len(h.services),
'data': h.services
}
return Success(msg=data)
def get_target_list(self, target_option):
db.session.close()
target_list = [{
'uid':
None,
'target':
' '.join([
host.ip for host in Host.list_items_paginate_by_search(
**target_option).items
])
}]
return target_list
def remove(self):
hosts = Host.list_items_by_zone_uid(self.uid)
for host in hosts:
host.update(zone_uid=None)
domains = Domain.list_items_by_zone_uid(self.uid)
for domain in domains:
domain.update(zone_uid=None)
services = Service.list_items_by_zone_uid(self.uid)
for service in services:
service.update(zone_uid=None)
https = HTTP.list_items_by_zone_uid(self.uid)
for http in https:
http.update(zone_uid=None)
super().remove()
def callback_success(results):
parser_result = NmapParser.parse_fromstring(results[0].get('result'))
for host in parser_result.hosts:
services = []
for service in host.services:
if service.state == 'open':
services.append({
'host_ip':
host.address,
'port':
service.port,
'protocol':
service.protocol,
'tunnel':
service.tunnel,
'name':
service.service_dict.get('name'),
'cpe':
' '.join(service.service_dict.get('cpelist', [])),
'info': {
'status': service.state,
'banner': service.banner,
'fingerprint': service.servicefp[:500],
'product': service.service_dict.get('product'),
'version': service.service_dict.get('version'),
'extra': service.service_dict.get('extrainfo'),
}
})
try:
os_match = host.os_match_probabilities()[0]
except Exception as e:
os_match = None
with db.auto_commit():
item = Host.get_item_by_ip(host.address)
if item:
item.update(
service_count=len(services),
cpe=' '.join(os_match.get_cpe()) if os_match else '',
info={
'status': host.status,
'hostname': ' '.join(host.hostnames),
'system': os_match.name if os_match else '',
'mac': host.mac,
'accuracy': os_match.accuracy if os_match else 0,
'fingerprint': host.os_fingerprint[:500]
},
services=services)
def get_host():
page_no = request.args.get('pageNo', 1, type=int)
page_size = request.args.get('pageSize', 10, type=int)
uid = request.args.get('uid', '', type=str)
zone_uid = request.args.get('zone_uid', '', type=str)
ip = request.args.get('ip', '', type=str)
origin = request.args.get('origin', '', type=str)
cpe = request.args.get('cpe', '', type=str)
pagination = Host.list_items_paginate_by_search(
page=page_no,
per_page=page_size,
uid=uid,
ip=ip,
zone_list=Zone.recursion_children_uid_list(zone_uid),
origin=origin,
cpe=cpe,
status=1)
return Success(msg=pagination)
def get_list():
page_no = request.args.get('pageNo', 1, type=int)
page_size = request.args.get('pageSize', 10, type=int)
uid = request.args.get('uid', '', type=str)
zone_uid = request.args.get('zone_uid', None, type=str)
ip = request.args.get('ip', '', type=str)
origin = request.args.get('origin', '', type=str)
cpe = request.args.get('cpe', '', type=str)
status = request.args.get('status', 1, type=int)
pagination = Host.list_items_paginate_by_search(
page=page_no,
per_page=page_size,
uid=uid,
ip=ip,
zone_list=Zone.recursion_children_uid_list(zone_uid),
origin=origin,
cpe=cpe,
status=status)
data = {
'pageSize':
pagination.per_page,
'pageNo':
pagination.page,
'totalCount':
pagination.total,
'data': [{
'uid': h.uid,
'ip': h.ip,
'zone_uid': h.zone_uid,
'origin': h.origin,
'cpe': h.cpe,
'service_count': h.service_count,
'status': h.status,
'info': h.info,
} for h in pagination.items],
'zones':
Zone.recursion_items()
}
return Success(msg=data)