# @Author : yds
# @Time : 18-5-15
# @File : dashboard.py
# @Desc : ""
import datetime
import re
from collections import Counter
from flask import Blueprint, render_template
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from yandi.views.authenticate import login_check
dashboard = Blueprint('dashboard', __name__)
vul_db = db_name_conf()['vul_db']
plugin_db = db_name_conf()['plugin_db']
tasks_db = db_name_conf()['tasks_db']
asset_db = db_name_conf()['asset_db']
weekpasswd_db = db_name_conf()['weekpasswd_db']
server_db = db_name_conf()['server_db']
subgithub_db=db_name_conf()['subgithub_db']
mail_db=db_name_conf()['mail_db']
@dashboard.route('/dashboard')
@login_check
def view_dashboard():
dashboard_data = {
"vul_count": get_count()['vul_count'],
"plugin_count": get_count()['plugin_count'],
# @Author : jeffzhang
# @Time : 18-5-23
# @File : auth_tester.py
# @Desc : ""
import time
from threading import Thread
from flask import Blueprint, render_template, request
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from instance import config_name
from fuxi.views.modules.auth_tester.auth_scanner import AuthCrack
auth_tester = Blueprint('auth_tester', __name__)
auth_db = db_name_conf()['auth_db']
weekpasswd_db = db_name_conf()['weekpasswd_db']
config_db = db_name_conf()['config_db']
@auth_tester.route('/new-auth-tester')
@login_check
def view_new_auth_tester():
# default view
config_info = connectiondb(config_db).find_one({"config_name": config_name})
username_list = "\n".join(config_info['username_dict'])
password_list = "\n".join(config_info['password_dict'])
protocols = config_info['auth_service']
return render_template('new-auth-tester.html', username_list=username_list, password_list=password_list,
protocols=protocols)
# @Author : jeffzhang
# @Time : 18-5-18
# @File : subdomain_brute.py
# @Desc : ""
import time
import os
from threading import Thread
from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from fuxi.views.modules.subdomain import domain_brute
subdomain_brute = Blueprint('subdomain_brute', __name__)
domain_db = db_name_conf()['domain_db']
plugin_db = db_name_conf()['plugin_db']
subdomain_db = db_name_conf()['subdomain_db']
@subdomain_brute.route('/subdomain-brute', methods=['POST', 'GET'])
@login_check
def subdomain_view():
if request.method == 'GET':
# task delete
if request.args.get('delete'):
domain_id = request.args.get('delete')
connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)})
connectiondb(subdomain_db).remove(
{'domain_id': ObjectId(domain_id)})
return redirect(url_for('subdomain_brute.subdomain_view'))
# @Author : jeffzhang
# @Time : 18-5-18
# @File : subdomain_brute.py
# @Desc : ""
import time
import os
from threading import Thread
from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from fuxi.views.modules.subdomain import domain_brute
subdomain_brute = Blueprint('subdomain_brute', __name__)
domain_db = db_name_conf()['domain_db']
plugin_db = db_name_conf()['plugin_db']
subdomain_db = db_name_conf()['subdomain_db']
@subdomain_brute.route('/subdomain-brute', methods=['POST', 'GET'])
@login_check
def subdomain_view():
if request.method == 'GET':
# task delete
if request.args.get('delete'):
domain_id = request.args.get('delete')
connectiondb(domain_db).delete_one({'_id': ObjectId(domain_id)})
connectiondb(subdomain_db).remove({'domain_id': ObjectId(domain_id)})
return redirect(url_for('subdomain_brute.subdomain_view'))
# @Time : 18-5-15
# @File : dashboard.py
# @Desc : ""
import datetime
import re
from collections import Counter
from flask import Blueprint, render_template
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from yandi.views.authenticate import login_check
from flask import Blueprint, render_template, request
from instance import config_name
todo = Blueprint('todo', __name__)
config_db = db_name_conf()['config_db']
@todo.route('/todo', methods=['GET', 'POST'])
@login_check
def view_todo():
if request.method == "GET":
config_data = connectiondb(config_db).find_one(
{"config_name": config_name})
config_info = {
"todotext": config_data['todo'],
}
return render_template("todo.html", config_info=config_info)
else:
# update thread config
if request.form.get("source") == "todo":
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author : jeffzhang
# @Time : 18-5-15
# @File : settings.py
# @Desc : ""
from flask import Blueprint, render_template, request
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from instance import config_name
settings = Blueprint('settings', __name__)
config_db = db_name_conf()['config_db']
# system-config
@settings.route('/system-config', methods=['GET', 'POST'])
@login_check
def config_view():
return render_template("system-config.html")
@settings.route('/advanced-option', methods=['GET', 'POST'])
@login_check
def option_view():
if request.method == "GET":
config_data = connectiondb(config_db).find_one({"config_name": config_name})
config_info = {
"poc_thread": config_data['poc_thread'],
"discovery_thread": config_data['discovery_thread'],
# @Author : jeffzhang
# @Time : 18-5-15
# @File : dashboard.py
# @Desc : ""
import datetime
import re
from collections import Counter
from flask import Blueprint, render_template
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
dashboard = Blueprint('dashboard', __name__)
vul_db = db_name_conf()['vul_db']
plugin_db = db_name_conf()['plugin_db']
tasks_db = db_name_conf()['tasks_db']
asset_db = db_name_conf()['asset_db']
weekpasswd_db = db_name_conf()['weekpasswd_db']
server_db = db_name_conf()['server_db']
@dashboard.route('/dashboard')
@login_check
def view_dashboard():
dashboard_data = {
"vul_count": get_count()['vul_count'],
"plugin_count": get_count()['plugin_count'],
"week_passwd_count": get_count()['week_passwd_count'],
"server_count": get_count()['server_count'],
# @Author : yds
# @Time : 18-5-17
# @File : port_scanner.py
# @Desc : ""
import threading
import time
from flask import Blueprint, render_template, request, redirect, url_for, jsonify
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from yandi.views.authenticate import login_check
from yandi.views.modules.port_scanner.nmap_scanner import nmap_scanner
from instance import config_name
port_scanner = Blueprint('port_scanner', __name__)
config_db = db_name_conf()['config_db']
port_db = db_name_conf()['port_db']
# port_scanner
@port_scanner.route('/port-scanner', methods=['GET', 'POST'])
@login_check
def port_view():
if request.method == "GET":
if request.args.get("scan_id"):
# default port scan result
target_id = request.args.get("scan_id")
db_course = connectiondb(port_db).find_one(
{"_id": ObjectId(target_id)})
host = db_course['host']
port = db_course['port']
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author : jeffzhang
# @Time : 2018/04/03
# @File : task_management.py
# @Desc : ""
import time
from flask import Blueprint, render_template, request, redirect, url_for, jsonify
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from InsectsAwake.views.authenticate import login_check
task_management = Blueprint('task_management', __name__)
tasks_db = db_name_conf()['tasks_db']
asset_db = db_name_conf()['asset_db']
server_db = db_name_conf()['server_db']
subdomain_db = db_name_conf()['subdomain_db']
@task_management.route('/task-management')
@login_check
def tasks_list():
# 删除任务
if request.args.get('trash'):
task_id = request.args.get('trash')
connectiondb('test_tasks').delete_one({'_id': ObjectId(task_id)})
return redirect(url_for('task_management.tasks_list'))
# 任务重扫
elif request.args.get('refresh'):
# @Author : yds
# @Time : 18-5-18
# @File : subdomain_brute.py
# @Desc : ""
import time
import os
from threading import Thread
from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from yandi.views.authenticate import login_check
from yandi.views.modules.email import memail_brute
email_brute = Blueprint('email_brute', __name__)
email_db = db_name_conf()['mail_task_db']
subemail_db = db_name_conf()['mail_db']
@email_brute.route('/email-brute', methods=['POST', 'GET'])
@login_check
def email_view():
if request.method == 'GET':
# task delete
if request.args.get('delete'):
email_id = request.args.get('delete')
connectiondb(email_db).delete_one({'_id': ObjectId(email_id)})
connectiondb(subemail_db).remove({'email_id': ObjectId(email_id)})
return redirect(url_for('email_brute.email_view'))
# result download
# @Author : jeffzhang
# @Time : 18-5-17
# @File : port_scanner.py
# @Desc : ""
import threading
import time
from flask import Blueprint, render_template, request, redirect, url_for, jsonify
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from fuxi.views.modules.port_scanner.nmap_scanner import nmap_scanner
from instance import config_name
port_scanner = Blueprint('port_scanner', __name__)
config_db = db_name_conf()['config_db']
port_db = db_name_conf()['port_db']
# port_scanner
@port_scanner.route('/port-scanner', methods=['GET', 'POST'])
@login_check
def port_view():
if request.method == "GET":
if request.args.get("scan_id"):
# default port scan result
target_id = request.args.get("scan_id")
db_course = connectiondb(port_db).find_one({"_id": ObjectId(target_id)})
host = db_course['host']
port = db_course['port']
if db_course['status'] == "Done":
# @Author : yds
# @Time : 18-5-18
# @File : subdomain_brute.py
# @Desc : ""
import time
import os
from threading import Thread
from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from yandi.views.authenticate import login_check
from yandi.views.modules.github import mgithub_brute
github_brute = Blueprint('gitub_brute', __name__)
github_db = db_name_conf()['github_db']
subgithub_db = db_name_conf()['subgithub_db']
@github_brute.route('/github-brute', methods=['POST', 'GET'])
@login_check
def github_view():
if request.method == 'GET':
# task delete
if request.args.get('delete'):
github_id = request.args.get('delete')
connectiondb(github_db).delete_one({'_id': ObjectId(github_id)})
connectiondb(subgithub_db).remove(
{'github_id': ObjectId(github_id)})
return redirect(url_for('github_brute.github_view'))
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author : jeffzhang
# @Time : 2018/04/03
# @File : asset_management.py
# @Desc : ""
import time
from flask import Blueprint, render_template, request, redirect, url_for, jsonify
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from InsectsAwake.views.authenticate import login_check
asset_management = Blueprint('asset_management', __name__)
asset_db = db_name_conf()['asset_db']
plugin_db = db_name_conf()['plugin_db']
server_db = db_name_conf()['server_db']
# 资产库操作
@asset_management.route('/asset-management', methods=['POST', 'GET'])
@login_check
def asset_view():
if request.method == 'GET':
# 资产库 删
if request.args.get('delete'):
asset_id = request.args.get('delete')
connectiondb(asset_db).delete_one({'_id': ObjectId(asset_id)})
return redirect(url_for('asset_management.asset_view'))
# 资产库 改
import time
from flask import Blueprint, render_template, request, redirect, url_for, Flask, jsonify
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from werkzeug.utils import secure_filename
from InsectsAwake.views.modules.scanner.vulnerability_plugin import get_plugin_re
from instance import config
from InsectsAwake.views.authenticate import login_check
ProductionConfig = config.ProductionConfig
app = Flask(__name__)
app.config.from_object(ProductionConfig)
plugin_management = Blueprint('plugin_management', __name__)
asset_db = db_name_conf()['asset_db']
plugin_db = db_name_conf()['plugin_db']
# 资产库操作
@plugin_management.route('/plugin-management', methods=['POST', 'GET'])
@login_check
def plugin_list():
if request.method == 'GET':
if request.args.get('delete'):
plugin_id = request.args.get('delete')
connectiondb(plugin_db).delete_one({'_id': ObjectId(plugin_id)})
return redirect(url_for('plugin_management.plugin_list'))
# 文件上传接口 新增插件
elif request.method == 'POST':
# @Author : jeffzhang
# @Time : 18-5-23
# @File : auth_tester.py
# @Desc : ""
import time
from threading import Thread
from flask import Blueprint, render_template, request
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.authenticate import login_check
from instance import config_name
from fuxi.views.modules.auth_tester.auth_scanner import AuthCrack
auth_tester = Blueprint('auth_tester', __name__)
auth_db = db_name_conf()['auth_db']
weekpasswd_db = db_name_conf()['weekpasswd_db']
config_db = db_name_conf()['config_db']
@auth_tester.route('/new-auth-tester')
@login_check
def view_new_auth_tester():
# default view
config_info = connectiondb(config_db).find_one(
{"config_name": config_name})
username_list = "\n".join(config_info['username_dict'])
password_list = "\n".join(config_info['password_dict'])
protocols = config_info['auth_service']
return render_template('new-auth-tester.html',
username_list=username_list,
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author : jeffzhang
# @Time : 2018/04/20
# @File : weak_passwd_test.py
# @Desc : ""
import time
import os
from flask import Blueprint, render_template, request, redirect, url_for, jsonify, make_response, send_from_directory
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from InsectsAwake.views.authenticate import login_check
weak_passwd_test = Blueprint('weak_passwd_test', __name__)
domain_db = db_name_conf()['domain_db']
plugin_db = db_name_conf()['plugin_db']
subdomain_db = db_name_conf()['subdomain_db']
weekpasswd_db = db_name_conf()['weekpasswd_db']
@weak_passwd_test.route('/week-passwd-test', methods=['POST', 'GET'])
@login_check
def task_view():
if request.method == 'GET':
# 任务 删
if request.args.get('delete'):
task_id = request.args.get('delete')
connectiondb(weekpasswd_db).delete_one({'_id': ObjectId(task_id)})
return redirect(url_for('weak_passwd_test.task_view'))
# @Author : jeffzhang
# @Time : 18-5-10
# @File : vul_scanner.py
# @Desc : ""
import time
from flask import Blueprint, render_template, request, redirect, url_for, jsonify
from bson import ObjectId
from threading import Thread
from lib.mongo_db import connectiondb, db_name_conf
from fuxi.views.modules.scanner.poc_scanner import PocsuiteScanner
from fuxi.views.authenticate import login_check
vul_scanner = Blueprint('vul_scanner', __name__)
tasks_db = db_name_conf()['tasks_db']
asset_db = db_name_conf()['asset_db']
server_db = db_name_conf()['server_db']
subdomain_db = db_name_conf()['subdomain_db']
vul_db = db_name_conf()['vul_db']
plugin_db = db_name_conf()['plugin_db']
# tasks view
@vul_scanner.route('/task-management')
@login_check
def tasks_view():
# delete task
if request.args.get('delete'):
task_id = request.args.get('delete')
connectiondb(tasks_db).delete_one({'_id': ObjectId(task_id)})
# @Desc : ""
import datetime
import re
from collections import Counter
from flask import Blueprint, render_template
from bson import ObjectId
from lib.mongo_db import connectiondb, db_name_conf
from InsectsAwake.views.authenticate import login_check
dashboard = Blueprint('dashboard',
__name__,
template_folder='templates',
static_folder='static')
vul_db = db_name_conf()['vul_db']
plugin_db = db_name_conf()['plugin_db']
tasks_db = db_name_conf()['tasks_db']
asset_db = db_name_conf()['asset_db']
@dashboard.route('/dashboard')
@login_check
def view_dashboard():
# 获取漏洞数 插件数 任务数 资产数
vul_count = connectiondb(vul_db).count()
plugin_count = connectiondb(plugin_db).count()
task_count = connectiondb(tasks_db).count()
asset_count = 0
for i in connectiondb(asset_db).find():
