示例#1
0
def Scan(request):
    RequestLogRecord(request, request_api="scan")
    if request.method == "POST":
        try:
            ReceiveData=json.loads(request.body)
            ScanUrl=ReceiveData["url"]
            ScanToken= ReceiveData["token"]
            ScanModule = ReceiveData["module"]
            ScanThreads = ReceiveData["threads"]
            ScanAgentHeader = ReceiveData["header"]
            ScanProxy = ReceiveData["proxy"]
            if type(ScanThreads)==int:#判断类型
                TokenQueryReturnValue=UserInfo().TokenAuthentication(token=ScanToken)
                if TokenQueryReturnValue:#如果Token存在
                    UserName=UserInfo().QueryUserNameWithToken(ScanToken)#如果登录成功后就来查询用户名
                    UserOperationLogRecord(request, request_api="scan", uid=UserName)
                    if UserName!=None:
                        Sid=ActiveScanList().Write(uid=UserName,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,threads=ScanThreads)#写入用户关系表,然后返回sid下发给任务
                        MedusaScan.delay(ScanUrl,ScanModule,ScanThreads,ScanAgentHeader,ScanProxy,Uid=UserName,Sid=Sid)#调用扫描处理函数
                        return JsonResponse({'message': '任务下发成功👌', 'code': 200, })
                    else:
                        return JsonResponse({'message': '诶诶诶诶???怎么会查不到用户名呢????', 'code': 404, })
                else:
                    return JsonResponse({'message': '请登录获取令牌秘钥~', 'code': 404, })
            else:
                return JsonResponse({'message': '类型错误!', 'code': 500, })

        except:
            return JsonResponse({'message': '请求不合法!', 'code': 500, })
    else:
        return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Scan(request):
    RequestLogRecord(request, request_api="scan")
    if request.method == "POST":
        try:
            ReceiveData=json.loads(request.body)
            ScanUrl=ReceiveData["url"]
            ScanToken= ReceiveData["token"]
            ScanModule = ReceiveData["module"]
            ScanThreads = ReceiveData["threads"]
            ScanAgentHeader = ReceiveData["header"]
            ScanProxy = ReceiveData["proxy"]
            if type(ScanThreads)==int:#判断类型
                TokenQueryReturnValue=UserInfo().QueryTokenValidity(Token=ScanToken)
                if TokenQueryReturnValue:#如果Token存在
                    Uid=UserInfo().QueryUidWithToken(ScanToken)#如果登录成功后就来查询用户名
                    if Uid!=None:
                        UserOperationLogRecord(request, request_api="scan", uid=Uid)
                        Sid=ActiveScanList().Write(uid=Uid,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,threads=ScanThreads)#写入用户关系表,然后返回sid下发给任务
                        MedusaScan.delay(ScanUrl,ScanModule,ScanThreads,ScanAgentHeader,ScanProxy,Uid=Uid,Sid=Sid)#调用扫描处理函数
                        return JsonResponse({'message': '任务下发成功👌', 'code': 200, })
                    else:
                        return JsonResponse({'message': '诶诶诶诶???怎么会查不到用户名呢????', 'code': 404, })
                else:
                    return JsonResponse({'message': '请登录获取令牌秘钥~', 'code': 404, })
            else:
                return JsonResponse({'message': '类型错误!', 'code': 500, })

        except Exception as e:
            ErrorLog().Write("Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e)
            return JsonResponse({'message': '莎酱坏掉啦!', 'code': 500, })
    else:
        return JsonResponse({'message': '请使用Post请求', 'code': 500, })
def Scan(request):
    RequestLogRecord(request, request_api="vulnerability_scanning")
    if request.method == "POST":
        try:
            ReceiveData=json.loads(request.body)
            ScanUrl=ReceiveData["url"]
            ScanToken= ReceiveData["token"]
            ScanModule = ReceiveData["module"]
            ScanProcess = ReceiveData["process"]
            ScanAgentHeader = ReceiveData["header"]
            ScanProxy = ReceiveData["proxy"]
            if ScanProxy==0:#如果传入0表示关闭该功能
                ScanProxy=None

            if type(ScanProcess)==int:#判断类型
                Uid=UserInfo().QueryUidWithToken(ScanToken)#如果登录成功后就来查询用户名
                if Uid!=None:
                    UserOperationLogRecord(request, request_api="vulnerability_scanning", uid=Uid)
                    ActiveScanId=ActiveScanList().Write(uid=Uid,url=ScanUrl,proxy=ScanProxy,status=0,module=ScanModule,process=ScanProcess)#写入用户关系表,然后返回sid下发给任务
                    RedisActiveScanTask= MedusaScan.delay(ScanUrl,ScanModule,ScanProcess,ScanAgentHeader,ScanProxy,Uid=Uid,ActiveScanId=ActiveScanId)#调用扫描处理函数
                    ActiveScanList().UpdateRedisId(uid=Uid,active_scan_id=ActiveScanId,redis_id=RedisActiveScanTask.task_id)
                    return JsonResponse({'message': '任务下发成功👌', 'code': 200, })
                else:
                    return JsonResponse({'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, })

            else:
                return JsonResponse({'message': '类型错误!', 'code': 666, })

        except Exception as e:
            ErrorLog().Write("Web_Api_VulnerabilityQuery_ActiveScanListQuery(def)", e)
            return JsonResponse({'message': '莎酱被玩坏掉嘞QAQ', 'code': 169, })
    else:
        return JsonResponse({'message': '请使用Post请求', 'code': 500, })