def upload_fnascan_result(request):
if request.method == 'POST':
req_dic = json.loads(json.dumps(request.POST))
projectid = int(req_dic['project_id'])
if req_dic['data'] == '{}':
return HttpResponse(
json.dumps({
'result': False,
'data': 'i receive noting!'
}))
data = req_dic['data'].split('\n____\n')
# if len(data) >2:
# insert_fnascametadata(projectid,data[0],data[1],data[2])
port_service_list = eval(data[0])
port_service_list = port_service_list[0]['submenu'][0]['submenu']
service_detail_list = eval(data[1])
port_list = []
i_ip = ''
for i in port_service_list:
print i
i_ip, i_port = i['url'].split(':')
logger.info(i_ip)
port_list.append(i_port)
i_service = i['name']
i_title = ''
i_service_detail = ''
# print i['url']
try:
i_service_detail = service_detail_list[i['url'].strip()]
except Exception, e:
logger.error(e)
pass
if len(i_service.split('web ||')) == 2:
i_title = i_service.split('web ||')[1]
i_service = i_service.split('web ||')[0] + 'web'
insert_fnascanresult(i_ip, i_port, i_service, projectid,
i_service_detail, i_title)
update_fnascan_port_status(i_ip, port_list)
return HttpResponse(json.dumps({'result': True, 'info': ''}))
def test():
#cmd = "sudo /home/leo/Desktop/porteye/masscan/bin/masscan --ports 1-65535 172.32.1.147 --max-rate 3000 --source-port 60000 -oX /tmp/scanoutput.xml"
# cmd ='whoami'
# #logger.info(cmd)
# print cmd
# proc = Popen(cmd.split(),shell=False,cwd=masscan_dir).wait()
serverurl = 'http://' + master_server + '/web/upload_open_port'
#{u'domain': [u'172.32.1.100'], u'project_id': [u'271'], u'data': [u'33147-22147-63886-30147-6379-21147']}
logger.info(serverurl)
data = {
'ip_addr':
'127.0.0.1',
'project_id':
333,
'data':
'49666-9421-15485-445-902-62806-65412-65325-49665-49182-65453-9088-9088-49668-49669-912-23401-135-49664-65452-49667'
}
logger.info(data)
postHttp(serverurl, data)
def hostalive(ip_addr, project_id):
try:
#http://www.lijiejie.com/nmap-fast-scan-large-networks/
# ping 主机 1024线程 nmap -v -sn -PE -n --min-hostgroup 1024 --min-parallelism 1024 -oX nmap_output.xml www.xxx.com/16
cmd = "sudo " + nmap_dir +"/nmap -v -sn -PE -n --min-hostgroup 100 --min-parallelism 100 -oX /tmp/nmap_output.xml " + ip_addr
logger.info(cmd)
Popen(cmd.split(),shell=False, cwd=nmap_dir).wait()
fname = "/tmp/nmap_output.xml"
try:
doc = xml.dom.minidom.parse(fname)
except IOError:
print "%s: error: file doesn't exist\n" % ( fname)
except xml.parsers.expat.ExpatError:
print "%s: error: file doesn't seem to be XML\n" % ( fname)
alive_host_list = []
for host in doc.getElementsByTagName("host"):
try:
address = host.getElementsByTagName("address")[0]
ip = address.getAttribute("addr")
except:
# move to the next host since the IP is our primary key
continue
try:
status = host.getElementsByTagName("status")[0]
state = status.getAttribute("state")
except:
state = ""
if state == 'up':
alive_host_list.append(ip)
_all_ip = '-'.join(alive_host_list)
logger.info(_all_ip)
serverurl = 'http://'+ master_server+'/web/upload_alive_host'
#{u'project_id': 11 , u'project_id': [u'271'], u'data': [u'33147-22147-63886-30147-6379-21147']}
logger.info(serverurl)
data = {'project_id':project_id, 'data': _all_ip}
logger.info(data)
postHttp(serverurl, data)
time.sleep(1)
except Exception,e:
logger.error(e)
return
def update_fnascan_port_status(ip, new_port_list):
old_port_list = FnascanResult.objects.values_list(
'port', flat=True).filter(ip=ip, port_status=1)
logger.info('RECEIVED IP: ' + str(ip))
logger.info('old_port_list' + str(old_port_list))
logger.info('new_port_list' + str(new_port_list))
# new port!
True_open_port_list = set(new_port_list) - set(old_port_list)
True_close_port_list = set(old_port_list) - set(new_port_list)
for i in list(True_open_port_list):
_tmp_query = FnascanResult.objects.filter(ip=ip, port=i)
if len(_tmp_query) == 1:
_tmp_obj = OpenPort.objects.get(ip=ip, port=i)
_tmp_obj.update_time = datetime.datetime.now()
_tmp_obj.port_status = 1
_tmp_obj.save()
for i in list(True_close_port_list):
_tmp_obj = FnascanResult.objects.get(ip=ip, port=i)
_tmp_obj.update_time = datetime.datetime.now()
_tmp_obj.port_status = 0
_tmp_obj.save()
def portalive(ip_addr, project_id):
try:
cmd = "sudo " + masscan_dir + "/masscan --ports 1-65535 " + ip_addr + " --max-rate 3000 --source-port 60000 -oX /tmp/scanoutput.xml"
logger.info(cmd)
Popen(cmd.split(), shell=False, cwd=masscan_dir).wait()
try:
f = open("/tmp/scanoutput.xml")
except:
return
parsed_file_data = xmltodict.parse(f)
tmp_list = []
for element in parsed_file_data['nmaprun']['host']:
tmp_list.append(
'{}:{}'.format(element['address']['@addr'],
element['ports']['port']['@portid']))
sort_dic = sort_masscan(tmp_list)
for _ip in sort_dic:
_all_ports = '-'.join(sort_dic[_ip])
logger.info(_all_ports)
serverurl = 'http://' + master_server + '/web/upload_open_port'
#{u'domain': [u'172.32.1.100'], u'project_id': [u'271'], u'data': [u'33147-22147-63886-30147-6379-21147']}
logger.info(serverurl)
data = {
'ip_addr': _ip,
'project_id': project_id,
'data': _all_ports
}
logger.info(data)
postHttp(serverurl, data)
time.sleep(1)
except Exception, e:
logger.error(e)
return
def upload_open_port(request):
if request.method == 'POST':
req_dic = json.loads(json.dumps(request.POST))
projectid = int(req_dic['project_id'])
new_port_list = req_dic['data'].split('-')
ip_addr = str(req_dic['ip_addr'])
old_port_list = OpenPort.objects.values_list('port', flat=True).filter(
ip=ip_addr, port_status=1)
logger.info('RECEIVED IP: ' + str(ip_addr))
logger.info('old_port_list' + str(old_port_list))
logger.info('new_port_list' + str(new_port_list))
#new port!
True_open_port_list = set(new_port_list) - set(old_port_list)
True_close_port_list = set(old_port_list) - set(new_port_list)
for i in list(True_open_port_list):
_tmp_query = OpenPort.objects.filter(ip=ip_addr, port=i)
if len(_tmp_query) < 1:
_tmp_obj = OpenPort(project_id=projectid,
ip=ip,
port=i,
insert_time=datetime.datetime.now(),
findby='masscan',
update_time=datetime.datetime.now())
_tmp_obj.save()
if len(_tmp_query) == 1:
_tmp_obj = OpenPort.objects.get(ip=ip_addr, port=i)
_tmp_obj.update_time = datetime.datetime.now()
_tmp_obj.port_status = 1
_tmp_obj.save()
for i in list(True_close_port_list):
_tmp_obj = OpenPort.objects.get(ip=ip_addr, port=i)
_tmp_obj.update_time = datetime.datetime.now()
_tmp_obj.port_status = 0
_tmp_obj.save()
OpenPort.objects.filter(ip=ip_addr).update(
last_checkdetail_time=datetime.datetime.now())
return HttpResponse(json.dumps({'result': True, 'info': ''}))
def run_fnascan(project_id, ip_addr, port_list):
#####run fnascan
default_need_scan = [
'21', '22', '23', '24', '25', '80', '81', '82', '83', '84', '85', '86',
'87', '88', '89', '110', '143', '443', '513', '873', '1080', '1433',
'1521', '1158', '3306', '3307', '3308', '3389', '3690', '5900', '6379',
'7001', '8000-8090', '9000', '9418', '27017', '27018', '27019',
'50060', '111', '11211', '2049', '53', '139', '389', '445', '465',
'993', '995', '1723', '4440', '5432', '5800', '8000', '8001', '8080',
'8081', '8888', '9200', '9300', '9080', '9999'
]
if isinstance(port_list, list):
for p in port_list:
if p not in default_need_scan:
default_need_scan.append(p)
logger.info("FNASCAN PORT : " + str(default_need_scan))
need_scan_port = ','.join(list_int2str(default_need_scan))
jsonfilename = ip_addr + '.html'
fnascan_dir = cpath + '/tools/fnascan'
cmd = xpython + ' ' + fnascan_dir + '/fnascan.py -h ' + ip_addr + ' -p ' + need_scan_port
logger.info(cmd)
Popen(cmd.split(), shell=False, cwd=fnascan_dir).wait()
try:
result_file = open('fnascan_dir/' + jsonfilename)
postdata = result_file.read()
data = {'domain': ip_addr, 'project_id': project_id, 'data': postdata}
result_file.close()
os.remove('fnascan_dir/' + jsonfilename)
serverurl = 'http://' + master_server + '/web/upload_fnascan_result'
logger.info(serverurl)
postHttp(serverurl, data)
except Exception, e:
logger.error(e)
def createproject(request):
userid = 1
data = json.loads(request.body)
extchk = data['extern_check'].split(';')
chk = {
'ccs': False,
'hsts': False,
'heartbleed': False,
'poodle': False,
'ports_check': False
}
for i in extchk:
if len(i) > 1:
if not chk.has_key(i):
return HttpResponse(
json.dumps({
'result': False,
'info': 'extern_check data invalid'
}))
chk[i] = True
#TODO check args
domains = data['domain'].split(';')
name = data['name']
frequency = data['frequency']
notify_id = 1
port = int(data['port'])
for d in domains:
exdomain = project.objects.filter(user_id=userid,
domain=d,
ports_check=0)
if len(exdomain) > 0:
return HttpResponse(
json.dumps({
'result': False,
'info': 'domain ' + d + ' existed'
}))
if port == 0:
for d in domains:
exdomain = project.objects.filter(user_id=userid,
domain=d,
ports_check=1)
if len(exdomain) > 0:
return HttpResponse(
json.dumps({
'result': False,
'info': 'domain ' + d + ' existed'
}))
for d in domains:
tmp = project(user_id=userid,
name=name,
port=port,
domain=d,
check_frequency=frequency,
notify_rule_id=notify_id,
create_time=time.time(),
heartbleed_check=chk['heartbleed'],
ccs_check=chk['ccs'],
hsts_check=chk['hsts'],
poodle_check=chk['poodle'],
ports_check=chk['ports_check'],
status=0)
tmp.save()
#print tmp.id
cmd = xpython + ' ' + cpath + '/uploadproject.py -i ' + str(
tmp.id) + '&'
logger.info(cmd)
os.system(cmd)
logger.info(cmd)
return HttpResponse(json.dumps({'result': True, 'info': ''}))