def create_container_task(container_vul, user_info, request_ip):
"""
创建漏洞容器
:param container_vul: container vul
:param user_info: user info
:param request_ip: request ip
:return:
"""
image_info = container_vul.image_id
user_id = user_info.id
task_id = create_run_container_task(container_vul, user_info)
if user_info.is_superuser or user_id == container_vul.user_id:
operation_args = ImageInfoSerializer(image_info).data
sys_log = SysLog(user_id=user_id, operation_type="容器", operation_name="启动", ip=request_ip,
operation_value=operation_args["image_vul_name"], operation_args=json.dumps(operation_args))
sys_log.save()
setting_config = get_setting_config()
try:
countdown = int(setting_config["time"])
except:
countdown = int(DEFAULT_CONFIG["time"])
if countdown == 0:
run_container.delay(container_vul.container_id, user_id, task_id, countdown)
elif countdown != 0 and countdown > 60:
# run_container(container_vul.container_id, user_id, task_id, countdown)
setting_config = get_setting_config()
if 'del_container' in setting_config:
del_container = setting_config['del_container']
if not del_container or del_container == 0 or del_container == '0':
add_chain_sig = chain(run_container.s(container_vul.container_id, user_id, task_id, countdown) |
stop_container.s().set(countdown=countdown))
else:
add_chain_sig = chain(run_container.s(container_vul.container_id, user_id, task_id, countdown) |
delete_container.s().set(countdown=countdown))
add_chain_sig.apply_async()
else:
task_info = TaskInfo.objects.filter(task_id=task_id).first()
task_info.task_msg = json.dumps(R.build(msg="停止时间最小为 1 分钟"))
task_info.task_status = 4
task_info.update_date = timezone.now()
task_info.save()
else:
task_info = TaskInfo.objects.filter(task_id=task_id).first()
task_info.task_msg = json.dumps(R.build(msg="权限不足"))
task_info.task_status = 3
task_info.update_date = timezone.now()
task_info.save()
return task_id
def create_share_image_task(image_info, user_info):
"""
创建共享镜像任务
:param image_info: 镜像信息
:param user_info: 用户信息
:return:
"""
image_name = image_info.image_name
user_id = user_info.id
setting_config = get_setting_config()
args = {
"share_username": setting_config["share_username"],
"image_name": image_name,
"username": setting_config["username"],
"pwd": setting_config["pwd"]
}
task_info = TaskInfo(task_name="共享镜像:" + image_name,
user_id=user_id,
task_status=1,
task_msg=json.dumps({}),
task_start_date=timezone.now(),
operation_type=5,
operation_args=json.dumps(args),
create_date=timezone.now(),
update_date=timezone.now())
task_info.save()
return str(task_info.task_id)
def create(self, request, *args, **kwargs):
username = request.data.get("username", "")
password = request.data.get("password", "")
checkpass = request.data.get("checkpass", "")
email = request.data.get("email", "")
captcha_code = request.data.get("captcha_code", "")
hashkey = request.data.get("hashkey", "")
get_setting_info = get_setting_config()
if not username:
return JsonResponse({"code": 400, "msg": "用户名不能为空"})
if UserProfile.objects.filter(username=username).count():
return JsonResponse({"code": 400, "msg": "该用户已被注册"})
if not email:
return JsonResponse({"code": 400, "msg": "邮箱不能为空"})
if UserProfile.objects.filter(email=email, has_active=True).count():
return JsonResponse({"code": 400, "msg": "该邮箱已被注册"})
if not captcha_code:
return JsonResponse({"code": 400, "msg": "验证码不能为空"})
if not judge_captcha(captcha_code, hashkey):
return JsonResponse({"code": 400, "msg": "验证码错误"})
if password != checkpass:
return JsonResponse({"code": 400, "msg": "两次密码输入不一致"})
code = generate_code(6)
keys = red_user_cache.keys()
for single_key in keys:
try:
single_user_info = red_user_cache.get(single_key)
redis_username, redis_password, redis_email = json.loads(
single_user_info)
if username == redis_username:
return JsonResponse({"code": 400, "msg": "该用户已被注册"})
if redis_email == email:
return JsonResponse({"code": 400, "msg": "该邮箱已被注册"})
except Exception as e:
return JsonResponse({"code": 400, "msg": "用户注册失败"})
if get_setting_info['cancel_validation'] == False:
user = UserProfile(username=username, email=email)
user.set_password(password)
user.has_active = True
user.greenhand = True
user.save()
return JsonResponse({"code": 200, "msg": "注册成功"})
try:
send_activate_email(receiver_email=email,
code=code,
request=request)
except smtplib.SMTPDataError as e:
return JsonResponse({"code": 400, "msg": "邮件发送失败,请减缓发送频率"})
except Exception as e:
return JsonResponse({"code": 400, "msg": "邮件发送失败"})
try:
user_info = [username, password, email]
red_user_cache.set(code, json.dumps(user_info), ex=300)
except Exception as e:
return JsonResponse({"code": 400, "msg": "注册失败"})
return JsonResponse({"code": 200, "msg": "注册用户成功,请到邮箱激活您的账号"})
def download_images():
"""
同步漏洞镜像信息
"""
setting_config = get_setting_config()
is_synchronization = setting_config['is_synchronization']
if not is_synchronization or is_synchronization == 0 or is_synchronization == '0':
return
image_info_list = ImageInfo.objects.all()
user = UserProfile.objects.filter(is_superuser=True).order_by('date_joined').first()
for image_info in image_info_list:
create_image_task(image_info, user, '127.0.0.1')
def statusck(self, obj):
status = {}
id = None
request = self.context.get("request")
if request and hasattr(request, "user"):
id = request.user.id
'''
检测是否在时间模式中
'''
now_time = datetime.datetime.now().timestamp()
time_moudel_data = TimeMoudel.objects.filter(
user_id=id, end_time__gte=now_time).first()
time_model_id = ''
if time_moudel_data:
time_model_id = time_moudel_data.time_id
# 排出已经删除数据 Q(docker_container_id__isnull=False), ~Q(docker_container_id=''),
container_status_q = Q()
container_status_q.connector = "OR"
container_status_q.children.append(('container_status', "running"))
container_status_q.children.append(('container_status', "stop"))
run_data = ""
data_is_check = ContainerVul.objects.filter(
user_id=id,
image_id=obj.image_id,
time_model_id=time_model_id,
is_check=True).first()
if obj.is_docker_compose == True:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id)
& ~Q(docker_compose_path="") & Q(time_model_id=time_model_id)
& Q(container_status__contains="running")
& Q(is_docker_compose_correlation=False)).first()
if not data:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id)
& Q(time_model_id=time_model_id)
& ~Q(docker_compose_path="")
& Q(container_status__contains="stop")
& Q(is_docker_compose_correlation=False)).first()
else:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id)
& Q(time_model_id=time_model_id)
& Q(container_status='running')).first()
if not data:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id)
& Q(time_model_id=time_model_id)
& Q(container_status='stop')).first()
status["status"] = ""
status["is_check"] = False
if data_is_check:
status["is_check"] = True
status["container_id"] = ""
status["start_date"] = ""
status["end_date"] = ""
status["host"] = ""
status["port"] = ""
status["progress"] = 0.0
status["progress_status"] = ""
if data:
status["start_date"] = ""
status["end_date"] = ""
if not data.docker_container_id and obj.is_docker_compose == False:
data.container_status = "delete"
if data.container_status == "running":
try:
HTTP_HOST = request.META.get("HTTP_REFERER")
if HTTP_HOST.count(":") == 2:
status["host"] = data.vul_host
else:
if HTTP_HOST:
HTTP_HOST = HTTP_HOST.replace("http://",
"").replace(
"https://", "")
origin_host = data.vul_host.split(":")
if len(origin_host) >= 2:
status[
"host"] = HTTP_HOST[:
-1] + ":" + origin_host[
1]
else:
status["host"] = data.vul_host
except:
status["host"] = data.vul_host
status["port"] = data.vul_port
operation_args = {
"image_name": obj.image_name,
"user_id": id,
"image_port": obj.image_port
}
task_info = TaskInfo.objects.filter(
user_id=id,
task_status=3,
operation_type=2,
operation_args=json.dumps(operation_args)).order_by(
"-create_date").first()
if task_info:
try:
task_msg = json.loads(task_info.task_msg)
status["start_date"] = int(
task_msg["data"]["start_date"])
status["end_date"] = int(task_msg["data"]["end_date"])
except:
status["start_date"] = ""
status["end_date"] = ""
status["status"] = data.container_status
# if run_data != "" and data == run_data:
# status["is_check"] = True
# else:
# status["is_check"] = data.is_check
status["container_id"] = data.container_id
# 查询正在拉取镜像的任务
operation_args = {"image_name": obj.image_name}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=1, operation_args=json.dumps(operation_args))\
.order_by("-create_date").first()
compose_task_list = []
if obj.is_docker_compose == True:
compose_task_info = TaskInfo.objects.filter(
task_status=2, operation_type=7).all()
if compose_task_info:
for compose_t in compose_task_info:
if json.loads(
compose_t.operation_args)['tag'] == obj.image_name:
compose_task_list.append(compose_t)
if task_info:
status["task_id"] = str(task_info.task_id)
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
elif compose_task_list:
status["task_id"] = str(compose_task_list[0].task_id)
try:
task_log = r.get(str(compose_task_list[0].task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
else:
status["task_id"] = ""
setting_config = get_setting_config()
operation_args = {
"share_username": setting_config["share_username"],
"image_name": obj.image_name,
"username": setting_config["username"],
"pwd": setting_config["pwd"]
}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=5, operation_args=json.dumps(operation_args))\
.order_by("-create_date").first()
if task_info:
status["task_id"] = str(task_info.task_id)
status["progress_status"] = "share"
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
status["now"] = int(timezone.now().timestamp())
if obj.is_docker_compose == True:
if obj.original_yml:
status['json_yml'] = json.loads(obj.original_yml)
else:
status['json_yml'] = json.loads(obj.docker_compose_yml)
return status
def statusck(self, obj):
status = {}
id = None
request = self.context.get("request")
if request and hasattr(request, "user"):
id = request.user.id
'''
检测是否在时间模式中
'''
time_model_id = ''
# 排出已经删除数据 Q(docker_container_id__isnull=False), ~Q(docker_container_id=''),
data = ContainerVul.objects.all().filter(user_id=id, image_id=obj.image_id, time_model_id=time_model_id).first()
status["status"] = ""
status["is_check"] = False
status["container_id"] = ""
status["start_date"] = ""
status["end_date"] = ""
status["host"] = ""
status["port"] = ""
status["progress"] = 0.0
status["progress_status"] = ""
if data:
status["start_date"] = ""
status["end_date"] = ""
if not data.docker_container_id:
data.container_status = "delete"
if data.container_status == "running":
status["host"] = data.vul_host
status["port"] = data.vul_port
operation_args = {"image_name": obj.image_name, "user_id": id, "image_port": obj.image_port}
task_info = TaskInfo.objects.filter(user_id=id, task_status=3, operation_type=2,
operation_args=json.dumps(operation_args)).order_by(
"-create_date").first()
if task_info:
try:
task_msg = json.loads(task_info.task_msg)
status["start_date"] = int(task_msg["data"]["start_date"])
status["end_date"] = int(task_msg["data"]["end_date"])
except:
status["start_date"] = ""
status["end_date"] = ""
status["status"] = data.container_status
status["is_check"] = data.is_check
status["container_id"] = data.container_id
# 查询正在拉取镜像的任务
operation_args = {
"image_name": obj.image_name
}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=1, operation_args=json.dumps(operation_args)) \
.order_by("-create_date").first()
if task_info:
status["task_id"] = str(task_info.task_id)
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
else:
status["task_id"] = ""
setting_config = get_setting_config()
operation_args = {
"share_username": setting_config["share_username"],
"image_name": obj.image_name,
"username": setting_config["username"],
"pwd": setting_config["pwd"]
}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=5, operation_args=json.dumps(operation_args)) \
.order_by("-create_date").first()
if task_info:
status["task_id"] = str(task_info.task_id)
status["progress_status"] = "share"
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
status["now"] = int(timezone.now().timestamp())
return status
def statusck(self, obj):
status = {}
id = None
request = self.context.get("request")
if request and hasattr(request, "user"):
id = request.user.id
'''
检测是否在时间模式中
'''
now_time = datetime.datetime.now().timestamp()
time_moudel_data = TimeMoudel.objects.filter(user_id=id, end_time__gte=now_time).first()
time_model_id = ''
if time_moudel_data:
time_model_id = time_moudel_data.time_id
# 排出已经删除数据 Q(docker_container_id__isnull=False), ~Q(docker_container_id=''),
data = ContainerVul.objects.all().filter(user_id=id, image_id=obj.image_id, time_model_id=time_model_id).first()
run_data = ""
if obj.is_docker_compose == True:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id) & ~Q(docker_compose_path="") &
Q(is_check=True) & Q(time_model_id=time_model_id)).first()
if data:
# 通过删除后再次启动的容器
run_data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id) & ~Q(docker_compose_path="") &
Q(is_check=False) & Q(time_model_id=time_model_id) & ~Q(container_status__contains="delete") ).first()
if run_data:
data = run_data
if not data:
data = ContainerVul.objects.all().filter(
Q(user_id=id) & Q(image_id=obj.image_id) & Q(time_model_id=time_model_id) & ~Q(docker_compose_path="")).first()
status["status"] = ""
status["is_check"] = False
status["container_id"] = ""
status["start_date"] = ""
status["end_date"] = ""
status["host"] = ""
status["port"] = ""
status["progress"] = 0.0
status["progress_status"] = ""
if data:
status["start_date"] = ""
status["end_date"] = ""
if not data.docker_container_id and obj.is_docker_compose == False:
data.container_status = "delete"
if data.container_status == "running":
status["host"] = data.vul_host
status["port"] = data.vul_port
operation_args = {"image_name": obj.image_name, "user_id": id, "image_port": obj.image_port}
task_info = TaskInfo.objects.filter(user_id=id, task_status=3, operation_type=2,
operation_args=json.dumps(operation_args)).order_by("-create_date").first()
if task_info:
try:
task_msg = json.loads(task_info.task_msg)
status["start_date"] = int(task_msg["data"]["start_date"])
status["end_date"] = int(task_msg["data"]["end_date"])
except:
status["start_date"] = ""
status["end_date"] = ""
status["status"] = data.container_status
if run_data != "" and data == run_data:
status["is_check"] = True
else:
status["is_check"] = data.is_check
status["container_id"] = data.container_id
# 查询正在拉取镜像的任务
operation_args = {
"image_name": obj.image_name
}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=1, operation_args=json.dumps(operation_args))\
.order_by("-create_date").first()
compose_task_list = []
if obj.is_docker_compose == True:
compose_task_info = TaskInfo.objects.filter(task_status=2, operation_type=7).all()
if compose_task_info:
for compose_t in compose_task_info:
if json.loads(compose_t.operation_args)['tag'] == obj.image_name:
compose_task_list.append(compose_t)
if task_info:
status["task_id"] = str(task_info.task_id)
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
elif compose_task_list:
status["task_id"] = str(compose_task_list[0].task_id)
try:
task_log = r.get(str(compose_task_list[0].task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
else:
status["task_id"] = ""
setting_config = get_setting_config()
operation_args = {
"share_username": setting_config["share_username"],
"image_name": obj.image_name,
"username": setting_config["username"],
"pwd": setting_config["pwd"]
}
task_info = TaskInfo.objects.filter(task_status=1, operation_type=5, operation_args=json.dumps(operation_args))\
.order_by("-create_date").first()
if task_info:
status["task_id"] = str(task_info.task_id)
status["progress_status"] = "share"
try:
task_log = r.get(str(task_info.task_id))
task_log_json = json.loads(task_log)
status["progress"] = task_log_json["progress"]
except:
pass
status["now"] = int(timezone.now().timestamp())
if obj.is_docker_compose == True:
if obj.original_yml:
status['json_yml'] = json.loads(obj.original_yml)
else:
status['json_yml'] = json.loads(obj.docker_compose_yml)
return status