def build_page3(self):
box = Box(orientation=VERTICAL, spacing=6)
box.set_border_width(10)
_row1 = Frame()
_log_view_textbuffer = m._page3_log_view.get_buffer()
self._handlers.clear_log_view_buffer(None)
_end = _log_view_textbuffer.get_end_iter()
_log_view_textbuffer.create_mark('end', _end, False)
_scrolled = g.ScrolledWindow()
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._page3_log_view)
_row1.add(_scrolled)
_row2 = Box()
m._page3_read_target_btn.connect('clicked',
self._handlers.read_target_file)
m._page3_clear_btn.connect('clicked',
self._handlers.clear_log_view_buffer)
m._page3_read_log_btn.connect('clicked', self._handlers.read_log_file)
_row2.pack_start(m._page3_read_target_btn, True, False, 0)
_row2.pack_start(m._page3_clear_btn, True, False, 0)
_row2.pack_start(m._page3_read_log_btn, True, False, 0)
box.pack_start(_row1, True, True, 5)
box.pack_end(_row2, False, True, 0)
return box
def _build_page1_request(self):
box = Box(orientation=VERTICAL)
_boxes = [Box() for _ in range(4)]
_request_header_area = self._build_page1_request_header(self.m)
_boxes[0].pack_start(_request_header_area, True, True, 5)
_request_data_area = self._build_page1_request_data(self.m)
_boxes[1].pack_start(_request_data_area, True, True, 5)
_request_custom_area = self._build_page1_request_custom(self.m)
_boxes[2].pack_start(_request_custom_area, True, True, 5)
_request_proxy_area = self._build_page1_request_proxy(self.m)
_boxes[3].pack_start(_request_proxy_area, True, True, 5)
for _ in _boxes:
box.pack_start(_, False, True, 5)
scrolled = g.ScrolledWindow()
scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
scrolled.add(box)
return scrolled
def _build_page1_setting_tamper(self, m):
'''
frame套box, box再套scroll会出现:
一直按回车出现滚动条后, 光标会下移 直到移出可见区, 原内容不会上移
即内容的显示没有 下滑 滚轮的效果.
'''
f = Frame.new('tamper脚本')
_scrolled = g.ScrolledWindow()
_scrolled.set_size_request(300, -1)
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._tamper_area_tamper_view)
f.add(_scrolled)
return f
def build_page1_setting(self, m):
box = Box(orientation=VERTICAL)
_row0 = Box()
_sqlmap_path_label = label.new(m._('sqlmap path:'))
m._sqlmap_path_entry.set_text('sqlmap')
m._sqlmap_path_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._sqlmap_path_entry]
)
_row0.pack_start(_sqlmap_path_label, False, True, 5)
_row0.pack_start(m._sqlmap_path_entry, True, True, 5)
_row0.pack_start(m._sqlmap_path_chooser, False, True, 5)
_row1 = Box()
_inject_area = self.build_page1_setting_inject(self.m)
_detection_area = self.build_page1_setting_detection(self.m)
_tech_area = self.build_page1_setting_tech(self.m)
_row1.pack_start(_inject_area, False, True, 5)
_row1.pack_start(_detection_area, True, True, 5)
_row1.pack_start(_tech_area, False, True, 5)
_row2 = Box()
# _tamper_area = self._build_page1_setting_tamper(self.m)
_optimize_area = self.build_page1_setting_optimize(self.m)
_offen_area = self.build_page1_setting_offen(self.m)
_hidden_area = self.build_page1_setting_hidden(self.m)
# _row2.pack_start(_tamper_area, False, True, 5)
_row2.pack_start(_optimize_area, False, True, 5)
_row2.pack_start(_offen_area, False, True, 5)
_row2.pack_start(_hidden_area, False, True, 5)
box.pack_start(_row0, False, True, 5)
box.pack_start(_row1, False, True, 0)
box.pack_start(_row2, False, True, 5)
scrolled = g.ScrolledWindow()
scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
scrolled.add(box)
return scrolled
def build_page2(self):
'''
用subprocess不可实现与sqlmap的交互!
不管是多线程, 同步还是异步, 都不行, 只能使用pty
'''
box = Box(orientation=VERTICAL, spacing=6)
box.set_border_width(10)
_row1 = Box(spacing=6)
m._page2_respwan_btn.connect('clicked',
self._handlers.respawn_terminal)
m._page2_right_btn.connect("button-press-event", self.on_right_click)
# can not disable
# m._page2_right_btn.set_sensitive(False)
self._build_page2_context()
_row1.pack_start(m._page2_respwan_btn, False, True, 0)
_row1.pack_start(m._page2_right_btn, False, True, 0)
_row2 = Frame()
# equals: _pty = m._page2_terminal.pty_new_sync(Vte.PtyFlags.DEFAULT)
_pty = Vte.Pty.new_sync(Vte.PtyFlags.DEFAULT)
m._page2_terminal.set_pty(_pty)
m._page2_terminal.connect('key_press_event', self.on_clipboard_by_key)
m._page2_terminal.connect("button-press-event", self.on_right_click,
m._page2_right_btn)
# https://stackoverflow.com/questions/55105447/virtual-python-shell-with-vte-pty-spawn-async
# https://gtk-d.dpldocs.info/vte.Pty.Pty.spawnAsync.html
# API手册上的该方法签名有问题, 与实际的对不上
# 最后一个参数为回调函数, 是必填项
_pty.spawn_async(str(Path.home()), [self._handlers.shell], None,
GLib.SpawnFlags.DO_NOT_REAP_CHILD, None, None, -1,
None, lambda pty, task: None)
_scrolled = g.ScrolledWindow()
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._page2_terminal)
_row2.add(_scrolled)
box.pack_start(_row1, False, True, 5)
box.pack_end(_row2, True, True, 0)
return box
def build_page1_tamper(self, m):
grid = g.Grid(row_spacing = 6, margin = 15)
_i = 0 # row number
for a_tamper, discribe in m.tampers.items():
if _i % 2 != 0:
# stripe style for css
# a_tamper.set_name('stripe')
discribe.set_name('stripe')
grid.attach(a_tamper, 0, _i, 1, 1)
# grid.attach(discribe, 1, _i, 1, 1)
_ = Box() # resolve that label always be center align...
_.pack_start(discribe, False, True, 0)
grid.attach_next_to(_, a_tamper, g.PositionType.RIGHT, 1, 1)
_i += 1
scrolled = g.ScrolledWindow()
scrolled.set_policy(g.PolicyType.AUTOMATIC, g.PolicyType.ALWAYS)
scrolled.add(grid)
return scrolled
def _build_page2(self):
'''
用subprocess不可实现与sqlap的交互!
不管是多线程, 同步还是异步, 都不行, 只能使用pty
'''
box = Box(orientation=VERTICAL, spacing=6)
box.set_border_width(10)
_row1 = Box(spacing=6)
# m._page2_cmdline_str_label.set_alignment(0, 0.5) # 怎么没有垂直居中?
m._page2_respwan_btn.connect('clicked',
self._handlers.respawn_terminal)
# _row1.pack_start(m._page2_cmdline_str_label, True, True, 0)
_row1.pack_start(m._page2_respwan_btn, False, True, 0)
_row2 = Frame()
# 等价于_pty = m._page2_terminal.pty_new_sync(Vte.PtyFlags.DEFAULT)
_pty = Vte.Pty.new_sync(Vte.PtyFlags.DEFAULT)
m._page2_terminal.set_pty(_pty)
# https://stackoverflow.com/questions/55105447/virtual-python-shell-with-vte-pty-spawn-async
# https://gtk-d.dpldocs.info/vte.Pty.Pty.spawnAsync.html
# API手册上的该方法签名有问题, 与实际的对不上
# 最后一个参数为回调函数, 是必填项
_pty.spawn_async(str(Path.home()), [self._handlers.shell], None,
GLib.SpawnFlags.DO_NOT_REAP_CHILD, None, None, -1,
None, lambda pty, task: None)
_scrolled = g.ScrolledWindow()
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._page2_terminal)
_row2.add(_scrolled)
box.pack_start(_row1, False, True, 5)
box.pack_end(_row2, True, True, 0)
return box
def build_page5(self):
box = Box(orientation=VERTICAL)
box.set_border_width(10)
_row1 = Box()
self._get_sqlmap_path_btn = btn.new_with_label('sqlmap -hh')
self._get_sqlmap_path_btn.set_sensitive(False)
self._get_sqlmap_path_btn.connect('clicked', self._make_help_thread)
_row1.pack_start(self._get_sqlmap_path_btn, False, True, 5)
_row2 = Frame()
self._make_help_thread(None)
_scrolled = g.ScrolledWindow()
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._page5_manual_view)
_row2.add(_scrolled)
box.pack_start(_row1, False, True, 5)
box.pack_start(_row2, True, True, 5)
return box
def build_page4(self):
box = Box(orientation=VERTICAL)
box.set_border_width(10)
_row1 = Box(spacing=6)
_row1.pack_start(m._page4_api_server_label, False, True, 0)
_row1.pack_start(m._page4_api_server_entry, True, True, 0)
_row1.pack_start(m._page4_admin_token_label, False, True, 0)
_row1.pack_start(m._page4_admin_token_entry, True, True, 0)
_row2 = Box(spacing=6)
_arrow_down = g.Image.new_from_icon_name('pan-down-symbolic', 1)
m._page4_admin_list_btn.set_image(_arrow_down)
m._page4_admin_list_btn.set_image_position(g.PositionType.RIGHT)
m._page4_admin_list_btn.set_always_show_image(True)
m._page4_task_new_btn.connect('clicked', self._handlers.api.task_new)
m._page4_admin_list_btn.connect('clicked',
self._handlers.api.admin_list)
m._page4_admin_flush_btn.connect('clicked',
self._handlers.api.admin_flush)
m._page4_clear_task_view_btn.connect(
'clicked', self._handlers.clear_task_view_buffer)
_row2.pack_start(m._page4_task_new_btn, False, True, 0)
_row2.pack_start(m._page4_admin_list_btn, False, True, 0)
_row2.pack_start(m._page4_admin_flush_btn, False, True, 0)
_row2.pack_start(m._page4_clear_task_view_btn, False, True, 0)
_row2.pack_end(m._page4_password_entry, False, True, 0)
_row2.pack_end(m._page4_password_label, False, True, 0)
_row2.pack_end(m._page4_username_entry, False, True, 0)
_row2.pack_end(m._page4_username_label, False, True, 0)
_row3 = Frame()
_paned = g.Paned()
self._api_admin_list_rows = g.ListBox.new()
self._api_admin_list_rows.set_selection_mode(g.SelectionMode.NONE)
_lscrolled = g.ScrolledWindow()
_lscrolled.set_size_request(400, -1)
_lscrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_lscrolled.add(self._api_admin_list_rows)
_rbox = Box(orientation=VERTICAL)
_page4_option_set_view_tip = label(
label='check optiondict.py of sqlmap about options.',
halign=g.Align.START)
_option_set_view_textbuffer = m._page4_option_set_view.get_buffer()
_options_example = ("{\n"
" 'url': 'http://www.site.com/vuln.php?id=1',\n"
" 'level': 1, 'risk': 1,\n\n"
"}\n")
_option_set_view_textbuffer.set_text(
_options_example, len(_options_example.encode('utf8')))
# 貌似scrollwindow要直接包含textview,
# 不然一直回车后, 页面不会向上滚
_option_set_scrolled = g.ScrolledWindow()
_option_set_scrolled.set_size_request(400, -1)
_option_set_scrolled.set_policy(g.PolicyType.NEVER,
g.PolicyType.ALWAYS)
_option_set_scrolled.add(m._page4_option_set_view)
_rbox.pack_start(m._page4_option_get_entry, False, True, 2)
_rbox.pack_start(_page4_option_set_view_tip, False, True, 2)
_rbox.pack_start(_option_set_scrolled, True, True, 2)
# Warning: don't edit pack1(), pack2() again, otherwise it becomes strange.
_paned.pack1(_lscrolled, False, False)
_paned.pack2(_rbox, False, True)
_row3.add(_paned)
_row4 = Frame()
_task_view_textbuffer = m._page4_task_view.get_buffer()
_end = _task_view_textbuffer.get_end_iter()
_task_view_textbuffer.create_mark('end', _end, False)
self._handlers.api.task_view_append('response result:')
_scrolled = g.ScrolledWindow()
_scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
_scrolled.add(m._page4_task_view)
_row4.add(_scrolled)
box.pack_start(_row1, False, True, 5)
box.pack_start(_row2, False, True, 5)
box.pack_start(_row3, True, True, 5)
box.pack_start(_row4, True, True, 5)
return box