def new_scan(): """ new scan through the API Returns: a JSON message with scan details if success otherwise a JSON error """ _start_scan_config = {} __api_key_check(app, flask_request, __language()) targetValue = __get_value(flask_request, "targets") if (target_type(targetValue) == "UNKNOWN"): return jsonify({"error": "Please input correct target"}), 400 for key in _core_default_config(): if __get_value(flask_request, key) is not None: _start_scan_config[key] = escape(__get_value(flask_request, key)) _start_scan_config["backup_ports"] = __get_value(flask_request, "ports") _start_scan_config = __rules( __remove_non_api_keys( _builder(_start_scan_config, _builder(_core_config(), _core_default_config()))), _core_default_config(), __language()) _p = multiprocessing.Process(target=__scan, args=[_start_scan_config]) _p.start() # Sometimes method_args is too big! _start_scan_config["methods_args"] = {"as_user_set": "set_successfully"} return jsonify(_start_scan_config), 200
def ___go_for_search_logs(): __api_key_check(app, flask_request, __language()) try: page = int(__get_value(flask_request, "page")) except: page = 1 try: query = __get_value(flask_request, "q") except: query = "" return jsonify(__search_logs(__language(), page, query)), 200
def __get_logs(): __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except: host = "" return jsonify(__logs_to_report_json(host, __language())), 200
def __get_logs_html(): __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except: host = "" return make_response(__logs_to_report_html(host, __language()))
def __get_logs_csv(): """ get host's logs through the API in JSON type Returns: an array with JSON events """ __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except Exception: host = "" data = __logs_to_report_json(host, __language()) keys = data[0].keys() filename = "report-" + now(model="%Y_%m_%d_%H_%M_%S") + "".join( random.choice(string.ascii_lowercase) for x in range(10)) with open(filename, "w") as output_file: dict_writer = csv.DictWriter(output_file, fieldnames=keys, quoting=csv.QUOTE_ALL) dict_writer.writeheader() for i in data: dictdata = {key: value for key, value in i.items() if key in keys} dict_writer.writerow(dictdata) print_data = [] with open(filename, 'r') as output_file: reader = output_file.read() return Response(reader, mimetype='text/csv', headers={ 'Content-Disposition': 'attachment;filename=' + filename + '.csv' })
def new_scan(): _start_scan_config = {} language = app.config["OWASP_NETTACKER_CONFIG"]["language"] __api_key_check(app, flask_request, language) for key in _core_default_config(): if __get_value(flask_request, key) is not None: _start_scan_config[key] = __get_value(flask_request, key) _start_scan_config = __rules(__remove_non_api_keys(_builder(_start_scan_config, _builder(_core_config(), _core_default_config()))), _core_default_config(), language) scan_id = "".join(random.choice("0123456789abcdef") for x in range(32)) scan_cmd = messages(language, 158) _start_scan_config["scan_id"] = scan_id p = multiprocessing.Process(target=__scan, args=[_start_scan_config, scan_id, scan_cmd]) p.start() return jsonify(_start_scan_config)
def __get_last_host_logs(): __api_key_check(app, flask_request, __language()) try: page = int(__get_value(flask_request, "page")) except: page = 1 return jsonify(__last_host_logs(__language(), page)), 200
def __get_results_json(): """ get host's logs through the API in JSON type Returns: an array with JSON events """ session = create_connection(__language()) __api_key_check(app, flask_request, __language()) try: _id = int(__get_value(flask_request, "id")) scan_id_temp = session.query(Report).filter(Report.id == _id).all() except Exception as _: _id = "" if(scan_id_temp): result_id = session.query(Report).join(HostsLog, Report.scan_id == HostsLog.scan_id).filter(Report.scan_id == scan_id_temp[0].scan_id).all() else: result_id = [] json_object = {} if(result_id): scan_id = result_id[0].scan_id data = __logs_by_scan_id(scan_id, __language()) json_object = json.dumps(data) date_from_db = scan_id_temp[0].date date_format = datetime.strptime(date_from_db, "%Y-%m-%d %H:%M:%S") date_format = str(date_format).replace("-", "_").replace(":", "_").replace(" ", "_") filename = "report-" + date_format +"".join(random.choice(string.ascii_lowercase) for x in range(10)) return Response(json_object, mimetype='application/json', headers={'Content-Disposition':'attachment;filename='+filename+'.json'})
def new_scan(): _start_scan_config = {} __api_key_check(app, flask_request, __language()) for key in _core_default_config(): if __get_value(flask_request, key) is not None: _start_scan_config[key] = __get_value(flask_request, key) _start_scan_config["backup_ports"] = __get_value(flask_request, "ports") _start_scan_config = __rules( __remove_non_api_keys( _builder(_start_scan_config, _builder(_core_config(), _core_default_config()))), _core_default_config(), __language()) p = multiprocessing.Process(target=__scan, args=[_start_scan_config]) p.start() # Sometimes method_args is too big! _start_scan_config["methods_args"] = {"as_user_set": "set_successfully"} return jsonify(_start_scan_config), 200
def ___go_for_search_logs(): """ search in all events Returns: an array with JSON events """ __api_key_check(app, flask_request, __language()) try: page = int(__get_value(flask_request, "page")) except: page = 1 try: query = __get_value(flask_request, "q") except: query = "" return jsonify(__search_logs(__language(), page, query)), 200
def __get_result_content(): __api_key_check(app, flask_request, __language()) try: id = int(__get_value(flask_request, "id")) except: return jsonify( __structure(status="error", msg="your scan id is not valid!")), 400 return __get_result(__language(), id)
def __get_results_csv(): """ get host's logs through the API in JSON type Returns: an array with JSON events """ session = create_connection(__language()) __api_key_check(app, flask_request, __language()) try: _id = int(__get_value(flask_request, "id")) scan_id_temp = session.query(Report).filter(Report.id == _id).all() except Exception as _: _id = "" if (scan_id_temp): result_id = session.query(Report).join( HostsLog, Report.scan_id == HostsLog.scan_id).filter( Report.scan_id == scan_id_temp[0].scan_id).all() else: result_id = [] date_from_db = scan_id_temp[0].date date_format = datetime.strptime(date_from_db, "%Y-%m-%d %H:%M:%S") date_format = str(date_format).replace("-", "_").replace(":", "_").replace(" ", "_") filename = "report-" + date_format + "".join( random.choice(string.ascii_lowercase) for x in range(10)) _reader = '' if (result_id): scan_id = result_id[0].scan_id data = __logs_by_scan_id(scan_id, __language()) keys = data[0].keys() with open(filename, "w") as output_file: dict_writer = csv.DictWriter(output_file, fieldnames=keys, quoting=csv.QUOTE_ALL) dict_writer.writeheader() for i in data: dictdata = { key: value for key, value in i.items() if key in keys } dict_writer.writerow(dictdata) print_data = [] with open(filename, 'r') as output_file: _reader = output_file.read() return Response(_reader, mimetype='text/csv', headers={ 'Content-Disposition': 'attachment;filename=' + filename + '.csv' })
def __get_logs(): """ get host's logs through the API in JSON type Returns: an array with JSON events """ __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except: host = "" return jsonify(__logs_to_report_json(host, __language())), 200
def __get_logs_html(): """ get host's logs through the API in HTML type Returns: HTML report """ __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except: host = "" return make_response(__logs_to_report_html(host, __language()))
def __get_last_host_logs(): """ get list of logs through the API Returns: an array of JSON logs if success otherwise abort(403) """ __api_key_check(app, flask_request, __language()) try: page = int(__get_value(flask_request, "page")) except: page = 1 return jsonify(__last_host_logs(__language(), page)), 200
def __get_result_content(): """ get a result HTML/TEXT/JSON content Returns: content of the scan result """ __api_key_check(app, flask_request, __language()) try: id = int(__get_value(flask_request, "id")) except Exception: return jsonify(__structure(status="error", msg="your scan id is not valid!")), 400 return __get_result(__language(), id)
def __get_results(): """ get list of scan's results through the API Returns: an array of JSON scan's results if success otherwise abort(403) """ __api_key_check(app, flask_request, __language()) try: page = int(__get_value(flask_request, "page")) except Exception: page = 1 return jsonify(__select_results(__language(), page)), 200
def __get_logs(): """ get host's logs through the API in JSON type Returns: an array with JSON events """ __api_key_check(app, flask_request, __language()) try: host = __get_value(flask_request, "host") except Exception: host = "" data = __logs_to_report_json(host, __language()) json_object = json.dumps(data) filename = "report-" + now(model="%Y_%m_%d_%H_%M_%S")+"".join(random.choice(string.ascii_lowercase) for x in range(10)) return Response(json_object, mimetype='application/json', headers={'Content-Disposition':'attachment;filename='+filename+'.json'})