Пример #1
0
def DeleteTeamData(id):
    with app.app_context():
        team1 = Team.query.filter(Team.id == id).first()
        #2.把这条数据删除掉
        db.session.delete(team1)
        #3.做数据的提交
        db.session.commit()
Пример #2
0
def industrial_check(oldurl, industrialurl):
    poc_class = pocdb_pocs(industrialurl)
    poc_dict = poc_class.industrialpocdict
    cprint(
        ">>>工控漏洞扫描URL: " + industrialurl + "\t可用POC个数[" + str(len(poc_dict)) +
        "]", "magenta")
    print("\r")
    results = []
    for value in poc_dict.values():
        results.append(value.run())
    with app.app_context():
        for result in results:
            try:
                vulnerable, bugurl, bugname, payload, bugdetail = result
                if vulnerable:
                    bug = BugList(oldurl=oldurl,
                                  bugurl=bugurl,
                                  bugname=bugname,
                                  buggrade=redispool.hget('bugtype', bugname),
                                  payload=payload,
                                  bugdetail=bugdetail)
                    redispool.pfadd(redispool.hget('bugtype', bugname), bugurl)
                    redispool.pfadd(bugname, bugurl)
                    db.session.add(bug)
                    db.session.commit()
            except Exception as e:
                print(e)
                pass
Пример #3
0
def SenFileScan(domain, redispool):
    """
    敏感文件、目录扫描
    字典:dict\SEN_scan.txt
    :param domain:
    :param
    :return:
    """
    pools = 20
    urlList = []
    for i in range(0, redispool.llen("SenScan")):
        url="http://{}/{}".format(domain, redispool.lindex("SenScan", i))
        urlList.append(url)
    pool = ThreadPool(pools)
    SenFileMessage = pool.map(UrlRequest, urlList)
    pool.close()
    pool.join()
    if len(SenFileMessage)!=0:
        with app.app_context():
            for url in SenFileMessage:
                try:
                    rep = requests.get(url, headers=core.GetHeaders(), timeout=3, verify=False)
                    bug = BugList(oldurl=domain, bugurl=url, bugname="SenDir",buggrade=redispool.hget('bugtype', "SenDir"),payload=url, bugdetail=rep.text)
                    db.session.add(bug)
                except Exception as e:
                    print(e)
                    pass
            db.session.commit()
    return "\n".join(list(filter(None, SenFileMessage)))
Пример #4
0
def DeleteAdminData(id):
    with app.app_context():
        admin1 = Admin.query.filter(Admin.id == id).first()
        #2.把这条数据删除掉
        db.session.delete(admin1)
        #3.做数据的提交
        db.session.commit()
Пример #5
0
def deltask(id=1, tid=None):
    with app.app_context():
        tasks = scanTask.query.filter(scanTask.tid == tid).first()
        db.session.delete(tasks)
        db.session.commit()
    flash("删除成功")
    return redirect(url_for('tasks.seetask', id=id))
Пример #6
0
def saveTeamAttackEvant(sourcetid, goaltid, round, flag):
    '''
    该函数记录成功的攻击事件 存储在AttackRecord表中
    存储数据为 攻击队伍ID 被攻击队伍ID 当前是第几轮 round
    :param sourcetid:
    :param goaltid:
    :param round:
    :return:
    '''
    with app.app_context():
        sourceTeamName = Team.query.filter(
            Team.id == sourcetid).first().teamname
        goalTeamName = Team.query.filter(Team.id == goaltid).first().teamname
        text = "{} 在{}轮 攻击 {} ,flag为{}".format(sourceTeamName, goalTeamName,
                                               round, flag)
        ulog = ULog(text=text)
        event = AttackRecord(sourcetid=sourcetid,
                             goaltid=goaltid,
                             round=round,
                             flag=flag,
                             atttime=strftime('%Y-%m-%d %H:%M:%S',
                                              localtime()))
        db.session.add(ulog)
        db.session.add(event)
        db.session.commit()
Пример #7
0
def scanConsole(url, poclist, tid, pluginlist):
    rep, target = getRep(url)
    if not rep:
        raise reqBadExceptin(url)
    basemsg = GetBaseMessage(url, target, rep)
    with app.app_context():
        basemsgdb = BaseInfo(url=url,
                             tid=tid,
                             status=basemsg.GetStatus(),
                             title=basemsg.GetTitle(),
                             date=basemsg.GetDate(),
                             responseheader=basemsg.GetResponseHeader(),
                             Server=basemsg.GetFinger())
        db.session.add(basemsgdb)
        db.session.commit()

    # 预处理
    getPluginDepends()

    time.sleep(5)
    # 前置扫描
    scanPocs(target, poclist, tid)
    scanPlugins(target, pluginlist, tid)

    results = spider(target)

    # 后置扫描
    for tempurl in results:
        scanPocs(tempurl, poclist, tid, position=True)
        scanPlugins(tempurl, pluginlist, tid, position=True)

    logging.info("{} ScanEnd".format(url))
Пример #8
0
def cmspoc_check(oldurl, cmsurl):
    poc_class = pocdb_pocs(cmsurl)
    poc_dict = poc_class.cmspocdict
    cprint(
        ">>>CMS漏洞扫描URL: " + cmsurl + "\t可用POC个数[" + str(len(poc_dict)) + "]",
        "magenta")
    cmspool.map(cmsprint, poc_dict.keys())
    print("\r")
    results = cmspool.map(cmscheck, poc_dict.values())
    cmspool.close()
    cmspool.join()
    try:
        with app.app_context():
            for result in results:
                vulnerable, bugurl, bugname, payload, bugdetail = result
                if vulnerable:
                    bug = BugList(oldurl=oldurl,
                                  bugurl=bugurl,
                                  bugname=bugname,
                                  buggrade=redispool.hget('bugtype', bugname),
                                  payload=payload,
                                  bugdetail=bugdetail)
                    db.session.add(bug)
                    redispool.pfadd(redispool.hget('bugtype', bugname), bugurl)
                    redispool.pfadd(bugname, bugurl)
            db.session.commit()
    except Exception as e:
        print(e)
        pass
Пример #9
0
def inputVulhubMsg(title, tid, addr, sshport, detail, sshname, sshpass,
                   dockerid):
    '''
    输入 vulhub 的初始环境
    :param title:
    :param tid:
    :param addr:
    :param sshport:
    :param detail:
    :param sshname:
    :param sshpass:
    :param dockerid:
    :return:
    '''
    with app.app_context():
        tempVul = Vulhub(tid=tid,
                         title=title,
                         addr=addr,
                         sshport=sshport,
                         sshname=sshname,
                         sshpass=sshpass,
                         dockerid=dockerid,
                         detail=detail)
        db.session.add(tempVul)
        db.session.commit()
    return
Пример #10
0
def editVulhub(vid):
    if not vid:
        vid = 1
    vulhub = Vulhub.query.filter(Vulhub.id == vid).first()
    if request.method == 'GET':
        checklist = list()
        for tempfile in os.listdir(CheckDownPath):
            if tempfile.endswith('.py'):
                checklist.append(tempfile.split('.')[0])
        return render_template('T_edit_vulhub.html',
                               vulhub=vulhub,
                               checklist=checklist)
    else:
        vulname = request.form.get('vulname')
        addr = request.form.get('addr')
        serviceport = request.form.get('serviceport')
        sshport = request.form.get('sshport')
        sshname = request.form.get('sshname')
        sshpass = request.form.get('sshpass')
        dockerid = request.form.get('dockerid')
        status = bool(request.form.get('status'))
        detail = request.form.get('detail')
        with app.app_context():
            vulhub.vulname, vulhub.addr, vulhub.serviceport, vulhub.sshport, vulhub.sshname, vulhub.sshpass, vulhub.dockerid, vulhub.status, vulhub.detail = vulname, addr, serviceport, sshport, sshname, sshpass, dockerid, status, detail
            db.session.commit()
        return redirect(url_for('vulhubManage'))
Пример #11
0
def delTeam(tid):
    if tid:
        with app.app_context():
            team = Team.query.filter(Team.id == tid).first()
            db.session.delete(team)
            db.session.commit()
    return redirect(url_for('teamManage'))
Пример #12
0
def DeleteAdminData(id):
    with app.app_context():
        notice1 = Notice.query.filter(Notice.id == id).first()
        #2.把这条数据删除掉
        db.session.delete(notice1)
        #3.做数据的提交
        db.session.commit()
Пример #13
0
def editAdminData(id, newcontent):
    with app.app_context():
        notice1 = Notice.query.filter(Notice.id == id).first()
        #2.把这条数据,你需要修改的地方进行修改
        notice1.username = newcontent
        #3.把事务进行提交
        db.session.commit()
Пример #14
0
def BugScanConsole(attackurl):
    '''
    动态调用类方法,减少冗余代码
    将存在bug的url存在buglist表中,同时根据漏洞类型的不同,指向bugtype表中对应的漏洞类型
    '''
    try:
        while redispool.scard(attackurl) != 0:
            url = redispool.spop(attackurl)
            Bug = BugScan(attackurl, url)
            with app.app_context():
                for value in Bugs:
                    vulnerable, payload, bugdetail = getattr(Bug, value)()
                    if vulnerable:
                        bug = BugList(oldurl=attackurl,
                                      bugurl=url,
                                      bugname=value,
                                      buggrade=redispool.hget(
                                          'bugtype', value),
                                      payload=payload,
                                      bugdetail=bugdetail)
                        db.session.add(bug)
                db.session.commit()
            Bug.POCScan()
            Bug.WebLogicScan()
        # time.sleep(0.5)
    except Exception as e:
        print(e)
        pass
Пример #15
0
def SenFileScan(domain, url):
    """
    敏感文件、目录扫描
    字典:dict\SEN_scan.txt
    :param domain:
    :param
    :return:
    """
    pools = 20
    urlList = []
    for i in range(0, redispool.llen("SenScan")):
        suffix = redispool.lindex("SenScan", i)
        senurl = "{}/{}".format(url, suffix)
        urlList.append(senurl)
    pool = ThreadPool(pools)
    SenFileMessage = pool.map(UrlRequest, urlList)
    SenFileMessage2 = ""
    pool.close()
    pool.join()
    url404 = "{}/springbird404page".format(url)
    try:
        rep404 = requests.get(url404,
                              headers=core.GetHeaders(),
                              timeout=3,
                              verify=False).text
    except Exception as e:
        print("超时")
        rep404 = str(e)
        pass
    if len(SenFileMessage) != 0:
        with app.app_context():
            print("Sen file and dir : \n")
            for url in SenFileMessage:
                try:
                    if url is None:
                        continue
                    rep = requests.get(url,
                                       headers=core.GetHeaders(),
                                       timeout=1,
                                       verify=False)
                    #添加404界面的判断,避免过多杂乱信息
                    if not core.is_similar_page(rep404, rep.text, radio=0.85):
                        print(url)
                        bug = BugList(oldurl=domain,
                                      bugurl=url,
                                      bugname="SenDir",
                                      buggrade=redispool.hget(
                                          'bugtype', "SenDir"),
                                      payload=url,
                                      bugdetail=rep.text)
                        SenFileMessage2 += url + "\n"
                        redispool.pfadd(redispool.hget('bugtype', "SenDir"),
                                        url)
                        redispool.pfadd("SenDir", url)
                        db.session.add(bug)
                except Exception as e:
                    # print(e)
                    pass
            db.session.commit()
    return SenFileMessage2
Пример #16
0
def editTeamData(id, newteamname, newpassword):
    with app.app_context():
        team1 = Team.query.filter(Team.id == id).first()
        #2.把这条数据,你需要修改的地方进行修改
        team1.username = newteamname
        team1.password = newpassword
        #3.把事务进行提交
        db.session.commit()
Пример #17
0
 def shields_regen(self):
     with app.app_context():
         ships = db.session.query(Ship).all()
         for ship in ships:
             if ship.shield < Ship.SHIELD[ship.type]:
                 ship.shield += self.SHIELDS_INCREMENT
                 db.session.add(ship)
         db.session.commit()
Пример #18
0
def delNotice(nid):
    if nid:
        with app.app_context():
            notice = Notice.query.filter(Notice.id == nid).first()
            db.session.delete(notice)
            db.session.commit()
    noticeList = Notice.query.all()
    return render_template('T_notice_manage.html', noticeList=noticeList)
Пример #19
0
def get_db():
    """Opens a new database connection if there is none yet for the
    current application context.
    """
    with app.app_context():
      if not hasattr(g, 'sqlite_db'):
          g.sqlite_db = connect_db()
      return g.sqlite_db
Пример #20
0
def editAdminData(id, newadminname, newpassword):
    with app.app_context():
        admin1 = Admin.query.filter(Admin.id == id).first()
        #2.把这条数据,你需要修改的地方进行修改
        admin1.username = newadminname
        admin1.password = newpassword
        #3.把事务进行提交
        db.session.commit()
Пример #21
0
def delPoc(id=None):
    with app.app_context():
        tempPoc = PocList.query.filter(PocList.id == id).first()
        delPocFile(tempPoc.filename)
        db.session.delete(tempPoc)
        db.session.commit()
        flash("删除成功")
    return redirect(url_for('pocs.poclist'))
Пример #22
0
def getTeamAllMsg(tid):
    '''
    返回 tid 对应的团队 团队名,密码,token
    :param tid:
    :return:
    '''
    with app.app_context():
        tempTeam = Team.query.filter(Team.id == tid).first()
        return tempTeam.teamname, tempTeam.password, tempTeam.token
Пример #23
0
def delVulhub(vid):
    if vid is None:
        return redirect(url_for('vulhubManage'))
    else:
        with app.app_context():
            vulhub = Vulhub.query.filter(Vulhub.id == vid).first()
            db.session.delete(vulhub)
            db.session.commit()
        return redirect(url_for('vulhubManage'))
Пример #24
0
def delPlugin(id=None):
    # print(id)
    with app.app_context():
        plugin = pluginList.query.filter(pluginList.id == id).first()
        delPluginFile(plugin.filename)
        db.session.delete(plugin)
        db.session.commit()
        flash("删除成功")
    return redirect(url_for('plugin.pluginlist'))
Пример #25
0
def deltasks(tid=None):
    with app.app_context():
        tasks = Task.query.filter(Task.tid == tid).first()
        scantasks = scanTask.query.filter(scanTask.pid == tasks.tid)
        [db.session.delete(task) for task in scantasks]
        db.session.delete(tasks)
        db.session.commit()
        flash("删除成功")
    return redirect(url_for('tasks.tasklist'))
Пример #26
0
def saveVul(result, tid, poc):
    with app.app_context():
        vul = VulList(url=result['url'],
                      tid=tid,
                      pocname=poc,
                      result=json.dumps(result['result']['VerifyInfo']),
                      created=result['created'])
        db.session.add(vul)
        db.session.commit()
Пример #27
0
def getTeamToken(tid):
    '''
    返回 tid 对应的团队 token
    :param tid:
    :return:
    '''
    with app.app_context():
        tempTeam = Team.query.filter(Team.id == tid).first()
        return tempTeam.token
Пример #28
0
def getTeamPass(tid):
    '''
    返回 tid 对应的团队密码
    :param tid:
    :return:
    '''
    with app.app_context():
        tempTeam = Team.query.filter(Team.id == tid).first()
        return tempTeam.password
Пример #29
0
def delAllTask():
    with app.app_context():
        tasks = Task.query.all()
        [db.session.delete(task) for task in tasks]

        scantasks = scanTask.query.all()
        [db.session.delete(task) for task in scantasks]

        db.session.commit()
    flash("删除成功")
    return redirect(url_for('tasks.tasklist'))
Пример #30
0
def delDownSource(tid, downNum):
    '''
    删除宕机靶机所属队伍的分数
    :param tid:
    :return:
    '''
    with app.app_context():
        tempSource = Team.query.filter(Team.id == tid).first()
        tempSource.source -= config.CheckDown_Source * downNum
        db.session.commit()
    return
Пример #31
0
def saveExts(result, tid, pluginname):
    with app.app_context():
        extMsg = ExtList(pluginname=pluginname,
                         tid=tid,
                         result=result,
                         created=str(
                             time.strftime("%Y-%m-%d %H:%M:%S",
                                           time.localtime())))

        db.session.add(extMsg)
        db.session.commit()
Пример #32
0
from init import app
from models.sale_maintainer_quota import SaleMaintainerQuota
from models.taomi_tag_model import TaomiTagMap
from libs.customer_maintainer_sea import MaintainerQuota
from libs.rpc import YaoguangRPC


with app.app_context():
    fields = [
        {
            'key': 'vip_expire_date',
            'name': 'VIP过期时间',
            'order': 0,
            'prefix': '',
            'scope': 'maintainer',
            'selections': [
                {
                    'id': [0, 4],
                    'name': '0-3',
                },
                {
                    'id': [4, 8],
                    'name': '4-7'
                },
                {
                    'id': [8, 16],
                    'name': '8-15',
                },
                {
                    'id': [16, 31],
                    'name': '16-30',
Пример #33
0
def init_db():
    """Creates the database tables."""
    with app.app_context():
      db = get_db()
      db.create_all()