def __init__(self):
self.messages = Messages()
self.monitor = Monitor()
self.mouseController = MouseController(self)
self.stateFactory = StateFactory()
self.navigation = Navigation()
self.popStateHandler = PopStateHandler()
self.currentTask = None
self.currentState = None
self.handleStateChange()
def __init__(self):
# 初始化扫描功能
# app 启动写在构造函数中
self.judge_out_of_access = Judge_out_of_access()
self.payloadlist_xss = Payloadlist_xss()
self.check_sensitive_info = Check_sensitive_info()
self.segment = Segment()
self.monitor = Monitor()
self.mysqlutil = mysqlutil()
self.global_data = myData()
self.proxyList = "test"
self.requestdict = {}
self.finishdict = {}
self.origin_requestdict = {} # 原始字典,包含id
def main():
img = Monitor().takeScreenshot()
width = img.size[0]
data = list(img.getdata())
target = {
(483, 466): ((214, 97, 90), ),
(547, 485): ((173, 186, 189), ),
(561, 470): ((99, 69, 90), ),
(615, 437): ((24, 28, 24), ),
}
minKey = min(key[1] * width + key[0] for key in target.keys())
pattern = dict()
for key, value in target.items():
pattern[key[1] * width + key[0] - minKey] = value
maxKey = max(pattern.keys())
for i in range(len(data) - maxKey):
if all(data[i + key] == value for key, value in pattern.items()):
x = i % width
y = i // width
print(x, y)
def main():
img = Monitor().takeScreenshot()
filename = input("enter file name")
img.save("./stateImages/" + filename + ".png")
from components.monitor import Monitor
from state.signals import Signals
from state.transitions import Transitions
from state.behaviors import Behaviors
def getnoxcolor(pos):
x = pos[0] + 2
y = pos[1] - 4
color = data[y * width + x]
print(f"({x}, {y}) : ({color},),")
target = StateKey.attendence
state = keyStateMap[target]()
screenshot = Monitor().takeScreenshot()
width = screenshot.size[0]
data = screenshot.getdata()
print("Signature:")
for pos in state.signature.keys():
getnoxcolor(pos)
for signal in state.signal.keys():
print(Signals(singal))
for pos in signal:
getnoxcolor(pos)
for transition, info in state.transition.items():
print(Transitions(transition))
pos = info[1]
print(f"({pos[0]+2}, {pos[1]-4}, {pos[2]})")
for behavior, info in state.behavior.items():
print(Behaviors(behavior))
class Vul_scan(object):
def __init__(self):
# 初始化扫描功能
# app 启动写在构造函数中
self.judge_out_of_access = Judge_out_of_access()
self.payloadlist_xss = Payloadlist_xss()
self.check_sensitive_info = Check_sensitive_info()
self.segment = Segment()
self.monitor = Monitor()
self.mysqlutil = mysqlutil()
self.global_data = myData()
self.proxyList = "test"
self.requestdict = {}
self.finishdict = {}
self.origin_requestdict = {} # 原始字典,包含id
def run_judge_out_of_access(self, requestdict):
self.judge_out_of_access.run(requestdict)
def run_payloadlist_xss(self, requestdict):
self.payloadlist_xss.run(requestdict)
def run_check_sensitive_info(self, requestdict):
self.check_sensitive_info.run(requestdict)
def run_segment(self, requestdict):
self.segment.run(requestdict)
def run_monitor(self, requestdict):
self.monitor.run(requestdict)
def work(self, requestdict):
pool = Pool(processes=cpu_count() + 1)
print("读取配置") # requestdict中有id
func = []
out_of_access_dict = {}
myresultlist = self.mysqlutil.get_config_from_projectid(requestdict)
for line in myresultlist:
temp_func = 'self.' + line["scan_type_run_name"]
if temp_func not in func:
func.append(eval(temp_func))
if line["scan_type_name"] == "Judge_out_of_access":
out_of_access_dict = json.loads(line["content"])
self.global_data.set_cookie_first(out_of_access_dict["token"])
self.global_data.set_origin_userid(
out_of_access_dict["越权uid配置"]["origin_userid"])
self.global_data.set_userid_first(
out_of_access_dict["越权uid配置"]["userid_first"])
self.global_data.set_userid_second(
out_of_access_dict["越权uid配置"]["userid_second"])
# print("测试写入全局配置")
# print(self.global_data.get_userid_first())
# todo 初始化 全局变量
self.requestdict = requestdict
self.origin_requestdict = copy.deepcopy(self.requestdict)
remove = requestdict.pop("id", "404")
for fun in func:
pool.apply_async(fun, args=(self.requestdict, ))
pool.close()
pool.join()
self.finishdict["id"] = remove
self.finishdict["status"] = "stop"
self.mysqlutil.set_project_status(self.finishdict)
def run(args: Namespace) -> None:
# give arguments
directory = Path(args.dir)
video = args.video
name = args.name
print(f'Replaying {directory} @ {video}')
# default arguments
port = 5000
# find the logs
files = [
f for f in listdir(str(directory))
if isfile(str(directory / f)) and "metrics" in f
]
algo_to_log_dir = {f.split('_')[0]: str(directory / f) for f in files}
algo_to_log = {}
for algo, log_path in algo_to_log_dir.items():
log = get_replay_log(algo, log_path)
algo_to_log[algo] = log
monitors = {}
server = Server('experiment', port)
for algo in algo_to_log.keys():
# add post for each metrics
monitors[algo] = Monitor(
video=args.video,
path=directory,
name=algo,
plot=True,
request_port=port,
port=port,
training=False,
log_to_file=False,
)
# attach plotter
plots = attach_plot_components(
video,
server,
trace=getattr(args, 'trace', None),
no_plot=False,
)
server.add_post(
'/complete',
multiple_sync(OnComplete(directory, name, plots, video), on_complete))
futures = []
for algo, log in algo_to_log.items():
futures.append(replay_async(algo, log, monitors[algo]))
# run monitors
def start():
loop = asyncio.new_event_loop()
asyncio.set_event_loop(loop)
asyncio.ensure_future(complete_after(futures, port))
loop.run_forever()
multiprocessing.Process(target=start).start()
server.run()
def run(args: Namespace) -> None:
path = Path(args.path)
name = args.name
if getattr(args, 'headless', False):
set_headless_plots()
if not args.leader_port:
shutil.rmtree(path, ignore_errors=True)
os.system(f"mkdir -p {path}")
if args.algo is not None:
if args.dash is None:
args.dash = []
if args.algo in ABR_ALGORITHMS:
args.dash.append(f'fe={args.algo}')
server = Server('experiment', args.port)
# Handle Abr requests
if args.algo in PYTHON_ABR_ALGORITHMS:
if args.algo in ['robustMpc', 'minerva', 'minervann']:
from abr.robust_mpc import RobustMpc
server.add_post('/decision', RobustMpc(args.video))
elif args.algo == 'pensieve':
from abr.pensieve import Pensieve
server.add_post('/decision', Pensieve(args.video))
traffic_generator = EmptyTrafficGenerator()
if getattr(args, 'traffic', False):
traffic_generator = TrafficGenerator(
time_log_path=path,
light=getattr(args, 'light', False),
single_flow=getattr(args, 'single_flow', False),
)
# Add controller for launching the QUIC server and browser
controller = Controller(
name=name,
site=args.site,
cc=args.cc,
abr=args.server_algo,
network=Network(
bandwidth=getattr(args, 'bandwidth', None),
delay=getattr(args, 'delay', None),
trace_path=getattr(args, 'trace', None),
burst=getattr(args, 'burst', None),
ports=[args.quic_port] + traffic_generator.ports,
),
dash=args.dash,
quic_port=args.quic_port,
only_server=args.only_server,
port=args.port,
path=path,
leader_port=args.leader_port,
video=args.video,
headless=getattr(args, 'headless', False),
)
# Handle controller communication and metrics
request_port = args.leader_port if args.leader_port else args.port
(server.add_extra_logger(controller).add_post(
'/init', controller.on_init()).add_post(
'/start',
multiple_sync(
controller.on_start(),
traffic_generator.on_start(),
)).add_post(
'/metrics',
Monitor(
video=args.video,
path=path,
name=name,
plot=args.plot or (args.leader_port != None),
request_port=request_port,
port=args.port,
training=args.training,
)).add_post('/destroy', controller.on_destroy()))
# Handle live plots
plots = attach_plot_components(
args.video,
server,
trace=getattr(args, 'trace', None),
no_plot=not args.plot,
)
# Handle stream completion in the Browser
server.add_post(
'/complete',
multiple_sync(
OnComplete(path, name, plots, args.video),
controller.on_complete(),
traffic_generator.on_complete(),
)).add_logger(name, str(Path(path) / f'sanic_{name}.log'))
server.run()
class StateController:
def __init__(self):
self.messages = Messages()
self.monitor = Monitor()
self.mouseController = MouseController(self)
self.stateFactory = StateFactory()
self.navigation = Navigation()
self.popStateHandler = PopStateHandler()
self.currentTask = None
self.currentState = None
self.handleStateChange()
def setCurrentTask(self, task):
self.currentTask = task
def handleStateChange(self):
self.updateState()
self.checkState()
self.handlePopState()
return self.currentState.key
def updateState(self):
screenshot = self.monitor.takeScreenshot()
self.previousState = self.currentState
self.currentState = self.stateFactory.makeStateByScreenshot(screenshot)
log(str(self.currentState), Types.debug)
def checkState(self):
if (self.currentState.key == StateKey.gameClosed and self.previousState
and self.previousState.key != StateKey.quitGame
and self.previousState.key != StateKey.gameClosed):
raise UnexpectedGameCloseError
def handlePopState(self):
if self.previousState and self.previousState.key != self.currentState.key:
actions = self.popStateHandler.handlePopState(self.currentState)
self.performActions(actions)
def transit(self, key):
if key not in self.currentState.transition:
message = self.messages.invalidTransitionOrBehavior(key)
log(message, Types.error)
exit(1)
resultStates, clickInfo = self.currentState.transition[key]
self.mouseController.clickAndWaitUntilStateChange(
clickInfo,
self.currentState.key,
resultStates,
)
def behave(self, key):
if key not in self.currentState.behavior:
message = self.messages.invalidTransitionOrBehavior(key)
log(message, Types.error)
exit(1)
mouseInfo = self.currentState.behavior[key]
if len(mouseInfo) == 3:
self.mouseController.clickAndNoStageChange(mouseInfo)
elif len(mouseInfo) == 2:
self.mouseController.scrollAndNoStageChange(mouseInfo)
self.handleStateChange()
def performActions(self, keys):
for key in keys:
if isinstance(key, Behaviors):
self.behave(key)
elif isinstance(key, Transitions):
self.transit(key)
def direct(self, targetState):
if self.currentState.key == targetState:
return
path = self.navigation.navigate(self.currentState.key, targetState)
if not path:
raise DirectFromUnknownStateError
for transitionKey, nextStateKey in path:
self.transit(transitionKey)
if self.currentState.key != nextStateKey:
self.direct(targetState)
break
from os import path, getcwd
from io import BytesIO
from base64 import b64encode
from flask import Flask, Response, request, jsonify, current_app, send_from_directory
from jsonschema import validate, ValidationError
from simplejson import dumps
from server.schema import taskSchema
from task.taskFactory import TaskFactory
from task.keyTaskMap import keyTaskMap
from components.monitor import Monitor
app = Flask(__name__)
taskFactory = TaskFactory()
monitor = Monitor()
taskQueue = None
def init(tq):
global taskQueue
taskQueue = tq
@app.route("/", methods = ["GET", ])
def serveIndex():
root_dir = path.dirname(getcwd())
folderPath = path.join(root_dir, "JRAuto", "frontend", "build")
return send_from_directory(folderPath, "index.html")
@app.route("/static/<folder>/<file>", methods = ["GET", ])
def serveStatic(folder, file):
root_dir = path.dirname(getcwd())
folderPath = path.join(root_dir, "JRAuto", "frontend", "build", "static", folder)
return send_from_directory(folderPath, file)