示例#1
0
文件: webserver.py 项目: l50/ptnotes 
def import_scan(pid):
    """
    Import scan data into the database associated with the pid.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    if flask.request.method == 'GET':
        files = db.importdb.get_imported_files()

        return flask.render_template('import.html',
                                     pid=pid,
                                     files=files,
                                     name=project['name'])

    else:
        i = importscan.Import(project['dbfile'])
        scans = flask.request.files.getlist("scans[]")

        for scan in scans:
            res = i.import_scan(scan.read())
            if res is True:
                db.importdb.add_import_file(scan.filename)

        a = attacks.Attack(project['dbfile'])
        a.find_attacks()

        return flask.redirect(flask.url_for('get_project', pid=pid))
示例#2
0
文件: webserver.py 项目: l50/ptnotes 
def host(pid, ip):
    """
    Get all the information about a host.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    if flask.request.method == 'POST':
        note = flask.request.form['note']
        db.hostdb.update_host_note(ip, note)

    data = db.get_host_details(ip)

    if data is None:
        flask.abort(404)

    details = {}
    for item in data['items']:
        key = "{0}/{1}".format(item['port'], item['protocol'])
        if details.get(key) is None:
            details[key] = []
            details[key].append(item['note'])
        else:
            details[key].append(item['note'])

    keys = sorted(details.keys(), key=lambda x: int(x.split('/')[0]))
    note = data['note']

    return flask.render_template('host.html',
                                 pid=pid,
                                 host=ip,
                                 details=details,
                                 keys=keys,
                                 note=note,
                                 name=project['name'])
示例#3
0
文件: webserver.py 项目: BwRy/ptnotes 
def host_notes(pid):
    """
    Display all host notes.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])
    notes = db.get_host_notes()

    return flask.render_template('notes.html', pid=pid, notes=notes)
示例#4
0
文件: webserver.py 项目: BwRy/ptnotes 
def item(pid, item_id):
    """
    Get all the information about an item.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])
    item = db.get_item(item_id)

    if item is None:
        flask.abort(404)

    return flask.render_template('item.html', pid=pid, item=item)
示例#5
0
文件: webserver.py 项目: l50/ptnotes 
def attack_notes(pid):
    """
    Display all attack notes.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])
    notes = db.attackdb.get_attack_notes()

    return flask.render_template('notes.html',
                                 pid=pid,
                                 notes=notes,
                                 name=project['name'])
示例#6
0
文件: webserver.py 项目: l50/ptnotes 
def get_project(pid):
    """
    Get a project, including the list of hosts attacks.
    """
    project = get_project_db(pid)

    db = database.ScanDatabase(project['dbfile'])
    attacks = db.attackdb.get_attacks()

    return flask.render_template('project.html',
                                 pid=pid,
                                 note=project['note'],
                                 name=project['name'],
                                 attacks=attacks)
示例#7
0
def hosts(pid):
    """
    Get summary inforation about all imported hosts.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    hosts = db.get_summary()
    unique = db.get_unique()

    return flask.render_template('hosts.html',
                                 pid=pid,
                                 name=project['name'],
                                 hosts=hosts,
                                 unique=unique)
示例#8
0
文件: webserver.py 项目: BwRy/ptnotes 
def host(pid, ip):
    """
    Get all the information about a host.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    if flask.request.method == 'POST':
        note = flask.request.form['note']
        db.update_host_note(ip, note)

    data = db.get_host(ip)

    if data is None:
        flask.abort(404)

    return flask.render_template('host.html', pid=pid, host=ip, data=data)
示例#9
0
文件: webserver.py 项目: BwRy/ptnotes 
def projects():
    """
    Get a list of all projects.
    """
    pdb = database.ProjectDatabase()
    stats = {}

    if flask.request.method == 'POST':
        name = flask.request.form['project_name']
        pdb.create_project(name)

    project_list = pdb.get_projects()
    for project in project_list:
        db = database.ScanDatabase(project['dbfile'])
        stats[project['id']] = db.get_stats()

    return flask.render_template('projects.html',
                                 projects=project_list,
                                 stats=stats)
示例#10
0
def hosts(pid):
    """
    Get summary inforation about all imported hosts.
    """
    project = get_project_db(pid)
    ports = {}

    db = database.ScanDatabase(project['dbfile'])
    hosts = db.itemdb.get_ports()

    for host in hosts:
        ports[host] = {
            'tcp': sorted(set([p[1] for p in hosts[host] if p[0] == 'tcp'])),
            'udp': sorted(set([p[1] for p in hosts[host] if p[0] == 'udp']))
        }

    return flask.render_template('hosts.html',
                                 pid=pid,
                                 name=project['name'],
                                 ports=ports)
示例#11
0
文件: webserver.py 项目: BwRy/ptnotes 
def get_attack(pid, aid):
    """
    Get list of all the hosts possibly vulnerable to the attack.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    if flask.request.method == 'POST':
        note = flask.request.form['note']
        db.update_attack_note(aid, note)

    attack = db.get_attack(aid)

    if attack is None:
        flask.abort(404)

    items = [i.split(':') for i in attack['items'].split(',')]

    return flask.render_template('attack.html',
                                 pid=pid,
                                 attack=attack,
                                 items=items)
示例#12
0
文件: webserver.py 项目: BwRy/ptnotes 
def get_project(pid):
    """
    Get a project, including the list of hosts attacks.
    """
    project = get_project_db(pid)
    ports = {}

    db = database.ScanDatabase(project['dbfile'])
    hosts = db.get_hosts()
    attacks = db.get_attacks()

    for host in hosts:
        ip = host['ip']
        data = db.get_host(host['ip'])
        ports[ip] = [str(p) for p in data['ports'] if p != 0]

    return flask.render_template('project.html',
                                 pid=pid,
                                 project=project['name'],
                                 hosts=hosts,
                                 ports=ports,
                                 attacks=attacks)
示例#13
0
文件: webserver.py 项目: l50/ptnotes 
def hosts(pid):
    """
    Get summary inforation about all imported hosts.
    """
    project = get_project_db(pid)
    db = database.ScanDatabase(project['dbfile'])

    summary = db.itemdb.get_summary()
    hosts = {}
    ips = sorted(summary['ips'], key=lambda x: ip_key(x[0]))
    tcp = [str(p) for p in summary['tcp']]
    udp = [str(p) for p in summary['udp']]

    for host in summary['hosts']:
        ip = host['ip']
        port = host['port']
        proto = host['protocol']

        if ip not in hosts:
            hosts[ip] = {'tcp': [], 'udp': []}

        if host['protocol'] == 'tcp':
            hosts[ip]['tcp'].append(port)
        elif host['protocol'] == 'udp':
            hosts[ip]['udp'].append(port)
        else:
            pass

    for host in hosts:
        hosts[host]['tcp'] = [str(t) for t in sorted(set(hosts[host]['tcp']))]
        hosts[host]['udp'] = [str(t) for t in sorted(set(hosts[host]['udp']))]

    return flask.render_template('hosts.html',
                                 pid=pid,
                                 name=project['name'],
                                 hosts=hosts,
                                 ips=ips,
                                 tcp=tcp,
                                 udp=udp)
示例#14
0
 def __init__(self, db_file):
     self.log = logging.getLogger('IMPORT')
     self.db = database.ScanDatabase(db_file)
示例#15
0
 def __init__(self, project_file):
     self.db = database.ScanDatabase(project_file)
     self.log = logging.getLogger('ATTACK')
     self.attacks = self.load_attacks(ATK_FILE)