├── .idea ├── hack.iml ├── inspectionProfiles │ └── profiles_settings.xml ├── misc.xml ├── modules.xml └── vcs.xml ├── .project ├── .pydevproject ├── .settings └── org.eclipse.core.resources.prefs ├── .vs └── hack │ └── v14 │ └── .suo ├── README.md ├── db.sqlite3 ├── get_content.json ├── get_url.json ├── hack ├── __init__.py ├── __init__.pyc ├── settings.py ├── settings.pyc ├── urls.py ├── urls.pyc ├── wsgi.py └── wsgi.pyc ├── manage.py ├── report ├── __init__.py ├── __init__.pyc ├── admin.py ├── admin.pyc ├── apps.py ├── crawl.py ├── crawl.pyc ├── forms.py ├── forms.pyc ├── migrations │ ├── 0001_initial.py │ ├── 0001_initial.pyc │ ├── 0002_auto_20170605_0947.py │ ├── 0002_auto_20170605_0947.pyc │ ├── 0003_auto_20170605_0947.py │ ├── 0003_auto_20170605_0947.pyc │ ├── 0004_auto_20170605_1219.py │ ├── 0004_auto_20170605_1219.pyc │ ├── 0005_auto_20170605_1224.py │ ├── 0005_auto_20170605_1224.pyc │ ├── 0006_auto_20170608_1001.py │ ├── 0006_auto_20170608_1001.pyc │ ├── 0007_auto_20170608_1523.py │ ├── 0007_auto_20170608_1523.pyc │ ├── 0008_auto_20171110_1537.py │ ├── 0008_auto_20171110_1537.pyc │ ├── __init__.py │ └── __init__.pyc ├── models.py ├── models.pyc ├── templates │ ├── index.html │ ├── report.html │ ├── search.html │ └── update.html ├── tests.py ├── views.py └── views.pyc └── requirements.txt /.idea/hack.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 25 | 26 | 27 | 29 | -------------------------------------------------------------------------------- /.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 7 | -------------------------------------------------------------------------------- /.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | -------------------------------------------------------------------------------- /.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /.idea/vcs.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /.project: -------------------------------------------------------------------------------- 1 | 2 | 3 | hack 4 | 5 | 6 | 7 | 8 | 9 | org.python.pydev.PyDevBuilder 10 | 11 | 12 | 13 | 14 | 15 | org.python.pydev.pythonNature 16 | org.python.pydev.django.djangoNature 17 | 18 | 19 | -------------------------------------------------------------------------------- /.pydevproject: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | DJANGO_MANAGE_LOCATION 5 | manage.py 6 | 7 | 8 | /${PROJECT_DIR_NAME} 9 | 10 | python 2.7 11 | Default 12 | 13 | -------------------------------------------------------------------------------- /.settings/org.eclipse.core.resources.prefs: -------------------------------------------------------------------------------- 1 | eclipse.preferences.version=1 2 | encoding//report/crawl.py=utf-8 3 | -------------------------------------------------------------------------------- /.vs/hack/v14/.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/.vs/hack/v14/.suo -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # hack 2 | crawl hackerone reports 3 | -------------------------------------------------------------------------------- /db.sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/db.sqlite3 -------------------------------------------------------------------------------- /get_content.json: -------------------------------------------------------------------------------- 1 | { 2 | u'abilities': { 3 | u'can_manage_common_responses?': False, 4 | u'can_reopen?': False, 5 | u'can_ban_researcher?': False, 6 | u'can_create_severity?': False, 7 | u'can_agree_on_going_public?': False, 8 | u'assignable_team_member_groups': [ 9 | 10 | ], 11 | u'can_export?': False, 12 | u'can_assign_to_user?': False, 13 | u'can_hide_timeline?': False, 14 | u'can_be_manually_disclosed?': False, 15 | u'assignable_team_members': [ 16 | 17 | ], 18 | u'can_clone?': False, 19 | u'can_be_publicly_disclosed?': False, 20 | u'can_close_comments?': False, 21 | u'can_suggest_bounty_amount?': False, 22 | u'can_redact?': False, 23 | u'can_post_internal_comments?': False, 24 | u'can_change_state?': False, 25 | u'can_change_weakness?': False, 26 | u'can_add_comment?': False, 27 | u'can_reassign_to_team?': False, 28 | u'can_change_title?': False, 29 | u'can_award_bounty?': False, 30 | u'can_award_swag?': False, 31 | u'can_close?': False, 32 | u'can_manage?': False 33 | }, 34 | u'comments_closed?': False, 35 | u'substate': u'resolved', 36 | u'bug_reporter_agreed_on_going_public_at': u'2017-04-27T21: 33: 50.504Z', 37 | u'voters': [ 38 | u'spam404', 39 | u'jon_bottarini', 40 | u'eveez', 41 | u'japzdivino', 42 | u'spetr0x', 43 | u'sh3r1', 44 | u'russellc' 45 | ], 46 | u'has_bounty?': False, 47 | u'original_report_id': None, 48 | u'id': 193936, 49 | u'can_view_team': True, 50 | u'team_member_agreed_on_going_public_at': u'2017-05-31T21: 44: 17.546Z', 51 | u'vulnerability_information': u'', 52 | u'activity_page_count': 1, 53 | u'severity': { 54 | u'rating': u'high', 55 | u'author_type': u'Team' 56 | }, 57 | u'promote_bounties': False, 58 | u'title': u'SQLinjectionvulnerabilityonaDoDwebsite', 59 | u'vote_count': 7, 60 | u'summaries': [ 61 | { 62 | u'category': u'team', 63 | u'can_view?': True, 64 | u'can_edit?': False, 65 | u'id': 4305, 66 | u'content': u'ADepartmentofDefensewebsitewasvulnerabletoaSQLinjectionattackwhichmayallowanattackertoexecutearbitrarySQLcommandsandexposesensitivedata.@mthirupwasabletodemonstratethisvulnerabilitybycraftingaspeciallyformattedURL.', 67 | u'content_html': u'

ADepartmentofDefensewebsitewasvulnerabletoaSQLinjectionattackwhichmayallowanattackertoexecutearbitrarySQLcommandsandexposesensitivedata.@mthirupwasabletodemonstratethisvulnerabilitybycraftingaspeciallyformattedURL.

\n' 68 | }, 69 | { 70 | u'category': u'researcher', 71 | u'can_create?': False, 72 | u'can_view?': True 73 | } 74 | ], 75 | u'state': u'Closed', 76 | u'cve_ids': [ 77 | 78 | ], 79 | u'activity_page_number': 1, 80 | u'readable_substate': u'Resolved', 81 | u'public': True, 82 | u'singular_disclosure_disabled': True, 83 | u'activities': [ 84 | { 85 | u'automated_response': True, 86 | u'created_at': u'2016-12-25T14: 53: 53.387Z', 87 | u'is_internal': False, 88 | u'editable': False, 89 | u'updated_at': u'2016-12-25T14: 53: 53.387Z', 90 | u'actor': { 91 | u'url': u'/deptofdefense', 92 | u'profile': { 93 | u'name': u'U.S.DeptOfDefense' 94 | }, 95 | u'ibb': False, 96 | u'profile_picture_urls': { 97 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/016/064/6a9705b6496b1e2af08100674a0985bd20ea3879_medium.png?1477763288' 98 | } 99 | }, 100 | u'team_handle': u'deptofdefense', 101 | u'message': u'', 102 | u'markdown_message': u'', 103 | u'type': u'Activities: : Comment', 104 | u'id': 1385287, 105 | u'genius_execution_id': None 106 | }, 107 | { 108 | u'automated_response': False, 109 | u'created_at': u'2016-12-28T18: 17: 52.582Z', 110 | u'is_internal': False, 111 | u'editable': False, 112 | u'updated_at': u'2016-12-28T18: 17: 52.582Z', 113 | u'actor': { 114 | u'username': u'dwarren', 115 | u'url': u'/dwarren', 116 | u'profile_picture_urls': { 117 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 118 | } 119 | }, 120 | u'additional_data': { 121 | 122 | }, 123 | u'team_handle': u'deptofdefense', 124 | u'message': u'', 125 | u'markdown_message': u'', 126 | u'type': u'Activities: : ReportSeverityUpdated', 127 | u'id': 1389330, 128 | u'genius_execution_id': None 129 | }, 130 | { 131 | u'automated_response': False, 132 | u'created_at': u'2016-12-28T18: 17: 59.742Z', 133 | u'is_internal': False, 134 | u'editable': False, 135 | u'updated_at': u'2016-12-28T18: 17: 59.742Z', 136 | u'actor': { 137 | u'username': u'dwarren', 138 | u'url': u'/dwarren', 139 | u'profile_picture_urls': { 140 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 141 | } 142 | }, 143 | u'team_handle': u'deptofdefense', 144 | u'message': u'', 145 | u'markdown_message': u'', 146 | u'type': u'Activities: : BugTriaged', 147 | u'id': 1389331, 148 | u'genius_execution_id': None 149 | }, 150 | { 151 | u'automated_response': False, 152 | u'created_at': u'2017-02-16T18: 12: 04.048Z', 153 | u'is_internal': False, 154 | u'editable': False, 155 | u'updated_at': u'2017-02-16T18: 12: 04.048Z', 156 | u'actor': { 157 | u'username': u'mthirup', 158 | u'url': u'/mthirup', 159 | u'profile_picture_urls': { 160 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/000/090/0c2a2081014e5752b7687d3bcd88bc97acbe8533_medium.jpg?1489682779' 161 | } 162 | }, 163 | u'team_handle': u'deptofdefense', 164 | u'message': u'', 165 | u'markdown_message': u'', 166 | u'type': u'Activities: : Comment', 167 | u'id': 1489702, 168 | u'genius_execution_id': None 169 | }, 170 | { 171 | u'automated_response': False, 172 | u'created_at': u'2017-03-25T14: 38: 35.252Z', 173 | u'is_internal': False, 174 | u'editable': False, 175 | u'updated_at': u'2017-03-25T14: 38: 35.252Z', 176 | u'actor': { 177 | u'username': u'mthirup', 178 | u'url': u'/mthirup', 179 | u'profile_picture_urls': { 180 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/000/090/0c2a2081014e5752b7687d3bcd88bc97acbe8533_medium.jpg?1489682779' 181 | } 182 | }, 183 | u'team_handle': u'deptofdefense', 184 | u'message': u'', 185 | u'markdown_message': u'', 186 | u'type': u'Activities: : Comment', 187 | u'id': 1563008, 188 | u'genius_execution_id': None 189 | }, 190 | { 191 | u'automated_response': False, 192 | u'created_at': u'2017-04-26T19: 56: 59.597Z', 193 | u'is_internal': False, 194 | u'editable': False, 195 | u'updated_at': u'2017-04-26T19: 56: 59.597Z', 196 | u'actor': { 197 | u'username': u'aboateng', 198 | u'url': u'/aboateng', 199 | u'profile_picture_urls': { 200 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 201 | } 202 | }, 203 | u'team_handle': u'deptofdefense', 204 | u'message': u'', 205 | u'markdown_message': u'', 206 | u'type': u'Activities: : Comment', 207 | u'id': 1638575, 208 | u'genius_execution_id': None 209 | }, 210 | { 211 | u'automated_response': False, 212 | u'created_at': u'2017-04-26T22: 34: 35.285Z', 213 | u'is_internal': False, 214 | u'editable': False, 215 | u'updated_at': u'2017-04-26T22: 34: 35.285Z', 216 | u'actor': { 217 | u'username': u'mthirup', 218 | u'url': u'/mthirup', 219 | u'profile_picture_urls': { 220 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/000/090/0c2a2081014e5752b7687d3bcd88bc97acbe8533_medium.jpg?1489682779' 221 | } 222 | }, 223 | u'team_handle': u'deptofdefense', 224 | u'message': u'', 225 | u'markdown_message': u'', 226 | u'type': u'Activities: : Comment', 227 | u'id': 1638848, 228 | u'genius_execution_id': None 229 | }, 230 | { 231 | u'automated_response': False, 232 | u'reporter': { 233 | u'username': u'mthirup', 234 | u'url': u'/mthirup' 235 | }, 236 | u'created_at': u'2017-04-27T19: 10: 56.912Z', 237 | u'is_internal': False, 238 | u'editable': False, 239 | u'updated_at': u'2017-04-27T19: 10: 56.912Z', 240 | u'actor': { 241 | u'username': u'aboateng', 242 | u'url': u'/aboateng', 243 | u'profile_picture_urls': { 244 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 245 | } 246 | }, 247 | u'team_handle': u'deptofdefense', 248 | u'message': u'', 249 | u'markdown_message': u'', 250 | u'type': u'Activities: : BugResolved', 251 | u'id': 1641029, 252 | u'genius_execution_id': None 253 | }, 254 | { 255 | u'automated_response': False, 256 | u'created_at': u'2017-04-27T21: 33: 50.524Z', 257 | u'is_internal': False, 258 | u'editable': False, 259 | u'updated_at': u'2017-04-27T21: 33: 50.524Z', 260 | u'actor': { 261 | u'username': u'mthirup', 262 | u'url': u'/mthirup', 263 | u'profile_picture_urls': { 264 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/000/090/0c2a2081014e5752b7687d3bcd88bc97acbe8533_medium.jpg?1489682779' 265 | } 266 | }, 267 | u'team_handle': u'deptofdefense', 268 | u'first_to_agree': True, 269 | u'message': u'', 270 | u'markdown_message': u'', 271 | u'type': u'Activities: : AgreedOnGoingPublic', 272 | u'id': 1641359, 273 | u'genius_execution_id': None 274 | }, 275 | { 276 | u'automated_response': False, 277 | u'created_at': u'2017-05-31T21: 40: 15.270Z', 278 | u'is_internal': False, 279 | u'editable': False, 280 | u'updated_at': u'2017-05-31T21: 40: 15.270Z', 281 | u'actor': { 282 | u'username': u'departmentofdefense', 283 | u'url': u'/departmentofdefense', 284 | u'profile_picture_urls': { 285 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 286 | } 287 | }, 288 | u'additional_data': { 289 | 290 | }, 291 | u'team_handle': u'deptofdefense', 292 | u'message': u'', 293 | u'markdown_message': u'', 294 | u'type': u'Activities: : ReportTitleUpdated', 295 | u'id': 1718326, 296 | u'genius_execution_id': None 297 | }, 298 | { 299 | u'automated_response': False, 300 | u'created_at': u'2017-05-31T21: 44: 10.785Z', 301 | u'is_internal': False, 302 | u'editable': False, 303 | u'updated_at': u'2017-05-31T21: 44: 10.785Z', 304 | u'actor': { 305 | u'username': u'departmentofdefense', 306 | u'url': u'/departmentofdefense', 307 | u'profile_picture_urls': { 308 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 309 | } 310 | }, 311 | u'team_handle': u'deptofdefense', 312 | u'message': u'', 313 | u'markdown_message': u'', 314 | u'type': u'Activities: : Comment', 315 | u'id': 1718337, 316 | u'genius_execution_id': None 317 | }, 318 | { 319 | u'automated_response': False, 320 | u'created_at': u'2017-05-31T21: 44: 17.569Z', 321 | u'is_internal': False, 322 | u'editable': False, 323 | u'updated_at': u'2017-05-31T21: 44: 17.569Z', 324 | u'actor': { 325 | u'username': u'departmentofdefense', 326 | u'url': u'/departmentofdefense', 327 | u'profile_picture_urls': { 328 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 329 | } 330 | }, 331 | u'team_handle': u'deptofdefense', 332 | u'message': u'', 333 | u'markdown_message': u'', 334 | u'type': u'Activities: : AgreedOnGoingPublic', 335 | u'id': 1718338, 336 | u'genius_execution_id': None 337 | }, 338 | { 339 | u'automated_response': False, 340 | u'created_at': u'2017-05-31T21: 44: 17.638Z', 341 | u'is_internal': False, 342 | u'editable': False, 343 | u'updated_at': u'2017-05-31T21: 44: 17.638Z', 344 | u'actor': { 345 | u'username': u'departmentofdefense', 346 | u'url': u'/departmentofdefense', 347 | u'profile_picture_urls': { 348 | u'medium': u'/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png' 349 | } 350 | }, 351 | u'team_handle': u'deptofdefense', 352 | u'message': u'', 353 | u'markdown_message': u'', 354 | u'type': u'Activities: : ReportBecamePublic', 355 | u'id': 1718339, 356 | u'genius_execution_id': None 357 | } 358 | ], 359 | u'is_participant': False, 360 | u'reporter': { 361 | u'disabled': False, 362 | u'username': u'mthirup', 363 | u'hacker_mediation': False, 364 | u'url': u'/mthirup', 365 | u'profile_picture_urls': { 366 | u'small': u'https: //profile-photos.hackerone-user-content.com/production/000/000/090/300ef35df5d82d67c2436b49ff5fd4430ca3fc0f_small.jpg?1489682779' 367 | } 368 | }, 369 | u'weakness': { 370 | u'id': 67, 371 | u'name': u'SQLInjection' 372 | }, 373 | u'is_external_bug': False, 374 | u'visibility': u'no-content', 375 | u'disclosed_at': u'2017-05-31T21: 44: 17.621Z', 376 | u'stage': 4, 377 | u'url': u'https: //hackerone.com/reports/193936', 378 | u'created_at': u'2016-12-25T14: 53: 53.274Z', 379 | u'original_report_url': None, 380 | u'vulnerability_information_html': u'', 381 | u'severity_rating': u'high', 382 | u'team': { 383 | u'profile': { 384 | u'website': u'', 385 | u'about': u'', 386 | u'twitter_handle': u'', 387 | u'name': u'U.S.DeptOfDefense' 388 | }, 389 | u'handle': u'deptofdefense', 390 | u'url': u'https: //hackerone.com/deptofdefense', 391 | u'state': u'public_mode', 392 | u'profile_picture_urls': { 393 | u'small': u'https: //profile-photos.hackerone-user-content.com/production/000/016/064/3ce323292157404a24a24ff6f728eb0896950f2a_small.png?1477763288', 394 | u'medium': u'https: //profile-photos.hackerone-user-content.com/production/000/016/064/6a9705b6496b1e2af08100674a0985bd20ea3879_medium.png?1477763288' 395 | }, 396 | u'awards_miles': False, 397 | u'permissions': [ 398 | 399 | ], 400 | u'id': 16064, 401 | u'default_currency': u'usd' 402 | } 403 | } -------------------------------------------------------------------------------- /get_url.json: -------------------------------------------------------------------------------- 1 | { 2 | "count": 3711, 3 | "pages": 149, 4 | "reports": [{ 5 | "id": 229577, 6 | "title": "Old password can be new password", 7 | "url": "/reports/229577", 8 | "substate": "resolved", 9 | "readable_substate": "Resolved", 10 | "severity_rating": "low", 11 | "reporter": { 12 | "id": 101314, 13 | "username": "abiral", 14 | "url": "/abiral" 15 | }, 16 | "team": { 17 | "url": "/weblate", 18 | "handle": "weblate", 19 | "profile_picture_urls": { 20 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 21 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 22 | }, 23 | "profile": { 24 | "name": "Weblate" 25 | } 26 | }, 27 | "bounty_disclosed": true, 28 | "swag": false, 29 | "latest_disclosable_activity_at": "2017-06-03T05:07:16.130Z", 30 | "latest_disclosable_action": "disclosed", 31 | "vote_count": 3, 32 | "voters": ["eveez", "spetr0x", "sule"], 33 | "requires_view_privilege": false 34 | }, 35 | { 36 | "id": 229796, 37 | "title": "Missing restriction on string size", 38 | "url": "/reports/229796", 39 | "substate": "resolved", 40 | "readable_substate": "Resolved", 41 | "severity_rating": "low", 42 | "reporter": { 43 | "id": 101314, 44 | "username": "abiral", 45 | "url": "/abiral" 46 | }, 47 | "team": { 48 | "url": "/weblate", 49 | "handle": "weblate", 50 | "profile_picture_urls": { 51 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 52 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 53 | }, 54 | "profile": { 55 | "name": "Weblate" 56 | } 57 | }, 58 | "bounty_disclosed": true, 59 | "swag": false, 60 | "latest_disclosable_activity_at": "2017-06-03T05:06:18.907Z", 61 | "latest_disclosable_action": "disclosed", 62 | "vote_count": 2, 63 | "voters": ["eveez", "spetr0x"], 64 | "requires_view_privilege": false 65 | }, 66 | { 67 | "id": 223367, 68 | "title": "CSRF - Changing the full name / adding a secondary email identity of an account via a GET request", 69 | "url": "/reports/223367", 70 | "substate": "resolved", 71 | "readable_substate": "Resolved", 72 | "severity_rating": "medium", 73 | "reporter": { 74 | "id": 88276, 75 | "username": "inhibitor181", 76 | "url": "/inhibitor181" 77 | }, 78 | "team": { 79 | "url": "/weblate", 80 | "handle": "weblate", 81 | "profile_picture_urls": { 82 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 83 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 84 | }, 85 | "profile": { 86 | "name": "Weblate" 87 | } 88 | }, 89 | "bounty_disclosed": true, 90 | "swag": false, 91 | "latest_disclosable_activity_at": "2017-06-02T19:08:34.685Z", 92 | "latest_disclosable_action": "disclosed", 93 | "vote_count": 3, 94 | "voters": ["eveez", "smit", "spetr0x"], 95 | "requires_view_privilege": false 96 | }, 97 | { 98 | "id": 225243, 99 | "title": "phone number exposure for riders/drivers given email/uuid", 100 | "url": "/reports/225243", 101 | "substate": "resolved", 102 | "readable_substate": "Resolved", 103 | "severity_rating": "medium", 104 | "reporter": { 105 | "id": 66980, 106 | "username": "vijay_kumar", 107 | "url": "/vijay_kumar" 108 | }, 109 | "team": { 110 | "url": "/uber", 111 | "handle": "uber", 112 | "profile_picture_urls": { 113 | "small": "https://profile-photos.hackerone-user-content.com/production/000/000/314/471b9095f49e145f6c480bb9bd4fbccdc18f2d2c_small.jpg?1456253342", 114 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/314/483bc2b4f4a93ba37e00f0fb57b9ad9ae04079f0_medium.jpg?1456253342" 115 | }, 116 | "profile": { 117 | "name": "Uber" 118 | } 119 | }, 120 | "bounty_disclosed": true, 121 | "formatted_bounty": "$2,000", 122 | "total_awarded_bounty_amount": "2000.00", 123 | "swag": false, 124 | "latest_disclosable_activity_at": "2017-06-02T17:56:43.099Z", 125 | "latest_disclosable_action": "disclosed", 126 | "vote_count": 20, 127 | "voters": ["spam404", "cache-money", "bogdantcaciuc", "iampwned", "ngalog", "eveez", "samux", "fantam", "ak1t4", "sahil-mk", "and 10 more..."], 128 | "requires_view_privilege": false 129 | }, 130 | { 131 | "id": 177472, 132 | "title": "CSRF: add item to victim's cart automatically (starbucks.com - updatecart)", 133 | "url": "/reports/177472", 134 | "substate": "resolved", 135 | "readable_substate": "Resolved", 136 | "severity_rating": "medium", 137 | "reporter": { 138 | "id": 78089, 139 | "username": "bughunterboy", 140 | "url": "/bughunterboy" 141 | }, 142 | "team": { 143 | "url": "/starbucks", 144 | "handle": "starbucks", 145 | "profile_picture_urls": { 146 | "small": "https://profile-photos.hackerone-user-content.com/production/000/001/989/eeb88a587d959eb797ceed8669b245ec9ef20b81_small.?1432930626", 147 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/001/989/48053f0ef688949bbb28248c5fc6ebb4f389820d_medium.?1432930626" 148 | }, 149 | "profile": { 150 | "name": "Starbucks" 151 | } 152 | }, 153 | "bounty_disclosed": true, 154 | "formatted_bounty": "$250", 155 | "total_awarded_bounty_amount": "250.00", 156 | "swag": false, 157 | "latest_disclosable_activity_at": "2017-06-02T16:30:07.671Z", 158 | "latest_disclosable_action": "disclosed", 159 | "vote_count": 3, 160 | "voters": ["bughunterboy", "eveez", "spetr0x"], 161 | "requires_view_privilege": false 162 | }, 163 | { 164 | "id": 232185, 165 | "title": "Subdomain take over oh-no.cuvva.co and ohno.cuvva.co", 166 | "url": "/reports/232185", 167 | "substate": "informative", 168 | "readable_substate": "Informative", 169 | "severity_rating": "none", 170 | "reporter": { 171 | "id": 139729, 172 | "username": "drough", 173 | "url": "/drough" 174 | }, 175 | "team": { 176 | "url": "/cuvva", 177 | "handle": "cuvva", 178 | "profile_picture_urls": { 179 | "small": "https://profile-photos.hackerone-user-content.com/production/000/020/680/9e4015800b3153ad48a0624d561569796c69bda1_small.?1493963939", 180 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/020/680/f21f75c9a28ec81d783984dfa7117302a4923bcd_medium.?1493963939" 181 | }, 182 | "profile": { 183 | "name": "Cuvva" 184 | } 185 | }, 186 | "bounty_disclosed": true, 187 | "swag": false, 188 | "latest_disclosable_activity_at": "2017-06-02T15:21:44.774Z", 189 | "latest_disclosable_action": "disclosed", 190 | "vote_count": 1, 191 | "voters": ["spetr0x"], 192 | "requires_view_privilege": false 193 | }, 194 | { 195 | "id": 229541, 196 | "title": "Captcha Bypass at Email Reset can lead to Spamming users.", 197 | "url": "/reports/229541", 198 | "substate": "resolved", 199 | "readable_substate": "Resolved", 200 | "reporter": { 201 | "id": 148249, 202 | "username": "sahil-mk", 203 | "url": "/sahil-mk" 204 | }, 205 | "team": { 206 | "url": "/weblate", 207 | "handle": "weblate", 208 | "profile_picture_urls": { 209 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 210 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 211 | }, 212 | "profile": { 213 | "name": "Weblate" 214 | } 215 | }, 216 | "bounty_disclosed": true, 217 | "swag": false, 218 | "latest_disclosable_activity_at": "2017-06-02T14:40:05.317Z", 219 | "latest_disclosable_action": "disclosed", 220 | "vote_count": 4, 221 | "voters": ["eveez", "sahil-mk", "smit", "spetr0x"], 222 | "requires_view_privilege": false 223 | }, 224 | { 225 | "id": 229620, 226 | "title": "Information Disclosure on demo.weblate.org", 227 | "url": "/reports/229620", 228 | "substate": "resolved", 229 | "readable_substate": "Resolved", 230 | "severity_rating": "low", 231 | "reporter": { 232 | "id": 79690, 233 | "username": "sp1d3rs", 234 | "url": "/sp1d3rs" 235 | }, 236 | "team": { 237 | "url": "/weblate", 238 | "handle": "weblate", 239 | "profile_picture_urls": { 240 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 241 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 242 | }, 243 | "profile": { 244 | "name": "Weblate" 245 | } 246 | }, 247 | "bounty_disclosed": true, 248 | "swag": false, 249 | "latest_disclosable_activity_at": "2017-06-02T14:23:37.025Z", 250 | "latest_disclosable_action": "disclosed", 251 | "vote_count": 3, 252 | "voters": ["eveez", "sahil-mk", "spetr0x"], 253 | "requires_view_privilege": false 254 | }, 255 | { 256 | "id": 232878, 257 | "title": "Missing rate-limits at endpoints", 258 | "url": "/reports/232878", 259 | "substate": "resolved", 260 | "readable_substate": "Resolved", 261 | "severity_rating": "medium", 262 | "reporter": { 263 | "id": 48, 264 | "username": "introvertmac", 265 | "url": "/introvertmac" 266 | }, 267 | "team": { 268 | "url": "/cuvva", 269 | "handle": "cuvva", 270 | "profile_picture_urls": { 271 | "small": "https://profile-photos.hackerone-user-content.com/production/000/020/680/9e4015800b3153ad48a0624d561569796c69bda1_small.?1493963939", 272 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/020/680/f21f75c9a28ec81d783984dfa7117302a4923bcd_medium.?1493963939" 273 | }, 274 | "profile": { 275 | "name": "Cuvva" 276 | } 277 | }, 278 | "bounty_disclosed": true, 279 | "swag": true, 280 | "latest_disclosable_activity_at": "2017-06-02T12:38:25.947Z", 281 | "latest_disclosable_action": "disclosed", 282 | "vote_count": 2, 283 | "voters": ["eveez", "spetr0x"], 284 | "requires_view_privilege": false 285 | }, 286 | { 287 | "id": 230863, 288 | "title": "CSRF bypass ( Delate Source Translation From dictionaries ) in demo.weblate.org", 289 | "url": "/reports/230863", 290 | "substate": "resolved", 291 | "readable_substate": "Resolved", 292 | "severity_rating": "medium", 293 | "reporter": { 294 | "id": 112972, 295 | "username": "mrityunjoy-emu", 296 | "url": "/mrityunjoy-emu" 297 | }, 298 | "team": { 299 | "url": "/weblate", 300 | "handle": "weblate", 301 | "profile_picture_urls": { 302 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 303 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 304 | }, 305 | "profile": { 306 | "name": "Weblate" 307 | } 308 | }, 309 | "bounty_disclosed": true, 310 | "swag": false, 311 | "latest_disclosable_activity_at": "2017-06-02T12:15:23.977Z", 312 | "latest_disclosable_action": "disclosed", 313 | "vote_count": 2, 314 | "voters": ["eveez", "spetr0x"], 315 | "requires_view_privilege": false 316 | }, 317 | { 318 | "id": 230681, 319 | "title": "Reflected XSS on Branch domain", 320 | "url": "/reports/230681", 321 | "substate": "resolved", 322 | "readable_substate": "Resolved", 323 | "severity_rating": "medium", 324 | "reporter": { 325 | "id": 75897, 326 | "username": "jrpeg", 327 | "url": "/jrpeg" 328 | }, 329 | "team": { 330 | "url": "/cuvva", 331 | "handle": "cuvva", 332 | "profile_picture_urls": { 333 | "small": "https://profile-photos.hackerone-user-content.com/production/000/020/680/9e4015800b3153ad48a0624d561569796c69bda1_small.?1493963939", 334 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/020/680/f21f75c9a28ec81d783984dfa7117302a4923bcd_medium.?1493963939" 335 | }, 336 | "profile": { 337 | "name": "Cuvva" 338 | } 339 | }, 340 | "bounty_disclosed": true, 341 | "swag": true, 342 | "latest_disclosable_activity_at": "2017-06-02T12:14:37.675Z", 343 | "latest_disclosable_action": "disclosed", 344 | "vote_count": 4, 345 | "voters": ["fillawful", "eveez", "japzdivino", "spetr0x"], 346 | "requires_view_privilege": false 347 | }, 348 | { 349 | "id": 228531, 350 | "title": "Xss в https://e.mail.ru/", 351 | "url": "/reports/228531", 352 | "substate": "resolved", 353 | "readable_substate": "Resolved", 354 | "severity_rating": "medium", 355 | "reporter": { 356 | "id": 39411, 357 | "username": "xawdxawdx", 358 | "url": "/xawdxawdx" 359 | }, 360 | "team": { 361 | "url": "/mailru", 362 | "handle": "mailru", 363 | "profile_picture_urls": { 364 | "small": "https://profile-photos.hackerone-user-content.com/production/000/000/065/5d21ab92b4e7aec83bd27fe596736f816c7e59fd_small.png?1397207912", 365 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/065/390a2ad469ff2e598d5da551aad5fe9a6b26edd7_medium.png?1397207912" 366 | }, 367 | "profile": { 368 | "name": "Mail.Ru" 369 | } 370 | }, 371 | "bounty_disclosed": true, 372 | "formatted_bounty": "$500", 373 | "total_awarded_bounty_amount": "500.00", 374 | "swag": false, 375 | "latest_disclosable_activity_at": "2017-06-02T11:49:19.576Z", 376 | "latest_disclosable_action": "disclosed", 377 | "vote_count": 6, 378 | "voters": ["hunter", "bogdantcaciuc", "eveez", "m7mdharoun", "spetr0x", "mobius07"], 379 | "requires_view_privilege": false 380 | }, 381 | { 382 | "id": 234947, 383 | "title": "Sensitive Support Mail Disclosure", 384 | "url": "/reports/234947", 385 | "substate": "resolved", 386 | "readable_substate": "Resolved", 387 | "severity_rating": "low", 388 | "reporter": { 389 | "id": 140988, 390 | "username": "5z6ar7lu15", 391 | "url": "/5z6ar7lu15" 392 | }, 393 | "team": { 394 | "url": "/cuvva", 395 | "handle": "cuvva", 396 | "profile_picture_urls": { 397 | "small": "https://profile-photos.hackerone-user-content.com/production/000/020/680/9e4015800b3153ad48a0624d561569796c69bda1_small.?1493963939", 398 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/020/680/f21f75c9a28ec81d783984dfa7117302a4923bcd_medium.?1493963939" 399 | }, 400 | "profile": { 401 | "name": "Cuvva" 402 | } 403 | }, 404 | "bounty_disclosed": true, 405 | "swag": true, 406 | "latest_disclosable_activity_at": "2017-06-02T11:36:10.074Z", 407 | "latest_disclosable_action": "disclosed", 408 | "vote_count": 3, 409 | "voters": ["eveez", "spetr0x", "crosshorxxxx234"], 410 | "requires_view_privilege": false 411 | }, 412 | { 413 | "id": 232614, 414 | "title": "Uploaded XLF files result in External Entity Execution", 415 | "url": "/reports/232614", 416 | "substate": "resolved", 417 | "readable_substate": "Resolved", 418 | "severity_rating": "high", 419 | "reporter": { 420 | "id": 164214, 421 | "username": "4cad", 422 | "url": "/4cad" 423 | }, 424 | "team": { 425 | "url": "/weblate", 426 | "handle": "weblate", 427 | "profile_picture_urls": { 428 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 429 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 430 | }, 431 | "profile": { 432 | "name": "Weblate" 433 | } 434 | }, 435 | "bounty_disclosed": true, 436 | "swag": false, 437 | "latest_disclosable_activity_at": "2017-06-02T11:24:15.924Z", 438 | "latest_disclosable_action": "disclosed", 439 | "vote_count": 13, 440 | "voters": ["bl4de", "fillawful", "bogdantcaciuc", "malcolmx", "eveez", "inhibitor181", "japzdivino", "haxor_kids", "spetr0x", "mrityunjoy-emu", "and 3 more..."], 441 | "requires_view_privilege": false 442 | }, 443 | { 444 | "id": 232994, 445 | "title": "API Does Not Apply Access Controls to Translations", 446 | "url": "/reports/232994", 447 | "substate": "resolved", 448 | "readable_substate": "Resolved", 449 | "severity_rating": "low", 450 | "reporter": { 451 | "id": 164214, 452 | "username": "4cad", 453 | "url": "/4cad" 454 | }, 455 | "team": { 456 | "url": "/weblate", 457 | "handle": "weblate", 458 | "profile_picture_urls": { 459 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 460 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 461 | }, 462 | "profile": { 463 | "name": "Weblate" 464 | } 465 | }, 466 | "bounty_disclosed": true, 467 | "swag": false, 468 | "latest_disclosable_activity_at": "2017-06-02T11:23:24.362Z", 469 | "latest_disclosable_action": "disclosed", 470 | "vote_count": 3, 471 | "voters": ["eveez", "m7mdharoun", "spetr0x"], 472 | "requires_view_privilege": false 473 | }, 474 | { 475 | "id": 229417, 476 | "title": "Design Flaw in session management of password reset ", 477 | "url": "/reports/229417", 478 | "substate": "resolved", 479 | "readable_substate": "Resolved", 480 | "reporter": { 481 | "id": 110801, 482 | "username": "asaxena2190", 483 | "url": "/asaxena2190" 484 | }, 485 | "team": { 486 | "url": "/weblate", 487 | "handle": "weblate", 488 | "profile_picture_urls": { 489 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 490 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 491 | }, 492 | "profile": { 493 | "name": "Weblate" 494 | } 495 | }, 496 | "bounty_disclosed": true, 497 | "swag": false, 498 | "latest_disclosable_activity_at": "2017-06-02T11:00:00.450Z", 499 | "latest_disclosable_action": "disclosed", 500 | "vote_count": 3, 501 | "voters": ["eveez", "asaxena2190", "spetr0x"], 502 | "requires_view_privilege": false 503 | }, 504 | { 505 | "id": 229909, 506 | "title": "No notificatoin sent on email after account deletion.", 507 | "url": "/reports/229909", 508 | "substate": "resolved", 509 | "readable_substate": "Resolved", 510 | "reporter": { 511 | "id": 40723, 512 | "username": "mansoor_gilal", 513 | "url": "/mansoor_gilal" 514 | }, 515 | "team": { 516 | "url": "/weblate", 517 | "handle": "weblate", 518 | "profile_picture_urls": { 519 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 520 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 521 | }, 522 | "profile": { 523 | "name": "Weblate" 524 | } 525 | }, 526 | "bounty_disclosed": true, 527 | "swag": false, 528 | "latest_disclosable_activity_at": "2017-06-02T10:24:49.823Z", 529 | "latest_disclosable_action": "disclosed", 530 | "vote_count": 3, 531 | "voters": ["eveez", "babayaga_", "spetr0x"], 532 | "requires_view_privilege": false 533 | }, 534 | { 535 | "id": 229735, 536 | "title": "Self-XSS can be achieved in the editor link using filter bypass", 537 | "url": "/reports/229735", 538 | "substate": "resolved", 539 | "readable_substate": "Resolved", 540 | "severity_rating": "none", 541 | "reporter": { 542 | "id": 79690, 543 | "username": "sp1d3rs", 544 | "url": "/sp1d3rs" 545 | }, 546 | "team": { 547 | "url": "/weblate", 548 | "handle": "weblate", 549 | "profile_picture_urls": { 550 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 551 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 552 | }, 553 | "profile": { 554 | "name": "Weblate" 555 | } 556 | }, 557 | "bounty_disclosed": true, 558 | "swag": false, 559 | "latest_disclosable_activity_at": "2017-06-02T10:04:08.842Z", 560 | "latest_disclosable_action": "disclosed", 561 | "vote_count": 4, 562 | "voters": ["eveez", "japzdivino", "spetr0x", "mrr3boot"], 563 | "requires_view_privilege": false 564 | }, 565 | { 566 | "id": 229528, 567 | "title": "Login CSRF : Login Authentication Flaw", 568 | "url": "/reports/229528", 569 | "substate": "resolved", 570 | "readable_substate": "Resolved", 571 | "severity_rating": "medium", 572 | "reporter": { 573 | "id": 78347, 574 | "username": "japzdivino", 575 | "url": "/japzdivino" 576 | }, 577 | "team": { 578 | "url": "/weblate", 579 | "handle": "weblate", 580 | "profile_picture_urls": { 581 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 582 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 583 | }, 584 | "profile": { 585 | "name": "Weblate" 586 | } 587 | }, 588 | "bounty_disclosed": true, 589 | "swag": false, 590 | "latest_disclosable_activity_at": "2017-06-02T09:51:04.711Z", 591 | "latest_disclosable_action": "disclosed", 592 | "vote_count": 5, 593 | "voters": ["eveez", "japzdivino", "spetr0x", "mrr3boot", "jadav233"], 594 | "requires_view_privilege": false 595 | }, 596 | { 597 | "id": 229511, 598 | "title": "No Rate Limiting at /contact", 599 | "url": "/reports/229511", 600 | "substate": "resolved", 601 | "readable_substate": "Resolved", 602 | "severity_rating": "low", 603 | "reporter": { 604 | "id": 157511, 605 | "username": "chols", 606 | "url": "/chols" 607 | }, 608 | "team": { 609 | "url": "/weblate", 610 | "handle": "weblate", 611 | "profile_picture_urls": { 612 | "small": "https://profile-photos.hackerone-user-content.com/production/000/019/468/8de19bd3587c60a19501ba13609bc8a80071d5ca_small.?1490255263", 613 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/019/468/031e92a2cecbe38ab7cb25b78a1de2e6455a7cda_medium.?1490255263" 614 | }, 615 | "profile": { 616 | "name": "Weblate" 617 | } 618 | }, 619 | "bounty_disclosed": true, 620 | "swag": false, 621 | "latest_disclosable_activity_at": "2017-06-02T09:46:51.475Z", 622 | "latest_disclosable_action": "disclosed", 623 | "vote_count": 6, 624 | "voters": ["eveez", "japzdivino", "chols", "spetr0x", "mrr3boot", "kntx501"], 625 | "requires_view_privilege": false 626 | }, 627 | { 628 | "id": 219293, 629 | "title": "Invalid Pointer reference in L_RESCUE", 630 | "url": "/reports/219293", 631 | "substate": "resolved", 632 | "readable_substate": "Resolved", 633 | "reporter": { 634 | "id": 134101, 635 | "username": "ssarong", 636 | "url": "/ssarong" 637 | }, 638 | "team": { 639 | "url": "/shopify-scripts", 640 | "handle": "shopify-scripts", 641 | "profile_picture_urls": { 642 | "small": "https://profile-photos.hackerone-user-content.com/production/000/015/668/9f47d94cbd9e4311b57f1ab05f67fb5c26fd2e78_small.jpg?1475592254", 643 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/015/668/b50db49e93f656e202ae6f94b4c0821d1184134b_medium.jpg?1475592254" 644 | }, 645 | "profile": { 646 | "name": "shopify-scripts" 647 | } 648 | }, 649 | "bounty_disclosed": true, 650 | "formatted_bounty": "$100", 651 | "total_awarded_bounty_amount": "100.00", 652 | "swag": false, 653 | "latest_disclosable_activity_at": "2017-06-01T22:06:04.965Z", 654 | "latest_disclosable_action": "disclosed", 655 | "vote_count": 2, 656 | "voters": ["eveez", "spetr0x"], 657 | "requires_view_privilege": false 658 | }, 659 | { 660 | "id": 230674, 661 | "title": "No rate limiting at POST /2/2017-05-22/send_identifier_token", 662 | "url": "/reports/230674", 663 | "substate": "resolved", 664 | "readable_substate": "Resolved", 665 | "severity_rating": "low", 666 | "reporter": { 667 | "id": 88276, 668 | "username": "inhibitor181", 669 | "url": "/inhibitor181" 670 | }, 671 | "team": { 672 | "url": "/cuvva", 673 | "handle": "cuvva", 674 | "profile_picture_urls": { 675 | "small": "https://profile-photos.hackerone-user-content.com/production/000/020/680/9e4015800b3153ad48a0624d561569796c69bda1_small.?1493963939", 676 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/020/680/f21f75c9a28ec81d783984dfa7117302a4923bcd_medium.?1493963939" 677 | }, 678 | "profile": { 679 | "name": "Cuvva" 680 | } 681 | }, 682 | "bounty_disclosed": true, 683 | "swag": true, 684 | "latest_disclosable_activity_at": "2017-06-01T21:27:49.543Z", 685 | "latest_disclosable_action": "disclosed", 686 | "vote_count": 3, 687 | "voters": ["eveez", "japzdivino", "spetr0x"], 688 | "requires_view_privilege": false 689 | }, 690 | { 691 | "id": 189241, 692 | "title": "Reflected XSS on a DoD website", 693 | "url": "/reports/189241", 694 | "substate": "resolved", 695 | "readable_substate": "Resolved", 696 | "severity_rating": "low", 697 | "reporter": { 698 | "id": 86511, 699 | "username": "juliocesar", 700 | "url": "/juliocesar" 701 | }, 702 | "team": { 703 | "url": "/deptofdefense", 704 | "handle": "deptofdefense", 705 | "profile_picture_urls": { 706 | "small": "https://profile-photos.hackerone-user-content.com/production/000/016/064/3ce323292157404a24a24ff6f728eb0896950f2a_small.png?1477763288", 707 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/016/064/6a9705b6496b1e2af08100674a0985bd20ea3879_medium.png?1477763288" 708 | }, 709 | "profile": { 710 | "name": "U.S. Dept Of Defense" 711 | } 712 | }, 713 | "bounty_disclosed": true, 714 | "swag": false, 715 | "latest_disclosable_activity_at": "2017-06-01T21:16:07.307Z", 716 | "latest_disclosable_action": "disclosed", 717 | "vote_count": 3, 718 | "voters": ["juliocesar", "eveez", "spetr0x"], 719 | "requires_view_privilege": false 720 | }, 721 | { 722 | "id": 184750, 723 | "title": "Reflected XSS on a DoD website", 724 | "url": "/reports/184750", 725 | "substate": "resolved", 726 | "readable_substate": "Resolved", 727 | "severity_rating": "low", 728 | "reporter": { 729 | "id": 75704, 730 | "username": "ramsexy", 731 | "url": "/ramsexy" 732 | }, 733 | "team": { 734 | "url": "/deptofdefense", 735 | "handle": "deptofdefense", 736 | "profile_picture_urls": { 737 | "small": "https://profile-photos.hackerone-user-content.com/production/000/016/064/3ce323292157404a24a24ff6f728eb0896950f2a_small.png?1477763288", 738 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/016/064/6a9705b6496b1e2af08100674a0985bd20ea3879_medium.png?1477763288" 739 | }, 740 | "profile": { 741 | "name": "U.S. Dept Of Defense" 742 | } 743 | }, 744 | "bounty_disclosed": true, 745 | "swag": false, 746 | "latest_disclosable_activity_at": "2017-06-01T21:12:34.313Z", 747 | "latest_disclosable_action": "disclosed", 748 | "vote_count": 4, 749 | "voters": ["smsecurity", "ramsexy", "eveez", "spetr0x"], 750 | "requires_view_privilege": false 751 | }, 752 | { 753 | "id": 184200, 754 | "title": "Reflected XSS on a DoD website", 755 | "url": "/reports/184200", 756 | "substate": "resolved", 757 | "readable_substate": "Resolved", 758 | "reporter": { 759 | "id": 34190, 760 | "username": "korprit", 761 | "url": "/korprit" 762 | }, 763 | "team": { 764 | "url": "/deptofdefense", 765 | "handle": "deptofdefense", 766 | "profile_picture_urls": { 767 | "small": "https://profile-photos.hackerone-user-content.com/production/000/016/064/3ce323292157404a24a24ff6f728eb0896950f2a_small.png?1477763288", 768 | "medium": "https://profile-photos.hackerone-user-content.com/production/000/016/064/6a9705b6496b1e2af08100674a0985bd20ea3879_medium.png?1477763288" 769 | }, 770 | "profile": { 771 | "name": "U.S. Dept Of Defense" 772 | } 773 | }, 774 | "bounty_disclosed": true, 775 | "swag": false, 776 | "latest_disclosable_activity_at": "2017-06-01T21:10:13.639Z", 777 | "latest_disclosable_action": "disclosed", 778 | "vote_count": 3, 779 | "voters": ["korprit", "eveez", "spetr0x"], 780 | "requires_view_privilege": false 781 | }] 782 | } -------------------------------------------------------------------------------- /hack/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/hack/__init__.py -------------------------------------------------------------------------------- /hack/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/hack/__init__.pyc -------------------------------------------------------------------------------- /hack/settings.py: -------------------------------------------------------------------------------- 1 | """ 2 | Django settings for hack project. 3 | 4 | Generated by 'django-admin startproject' using Django 1.9.2. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/1.9/topics/settings/ 8 | 9 | For the full list of settings and their values, see 10 | https://docs.djangoproject.com/en/1.9/ref/settings/ 11 | """ 12 | 13 | import os 14 | 15 | # Build paths inside the project like this: os.path.join(BASE_DIR, ...) 16 | BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 17 | 18 | 19 | # Quick-start development settings - unsuitable for production 20 | # See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ 21 | 22 | # SECURITY WARNING: keep the secret key used in production secret! 23 | SECRET_KEY = '&bvjb_)8qhn3q8w40$_!9$2=5qwq!xu%1s6=k5)*#(t01klrl3' 24 | 25 | # SECURITY WARNING: don't run with debug turned on in production! 26 | DEBUG = True 27 | 28 | ALLOWED_HOSTS = ['*'] 29 | 30 | 31 | # Application definition 32 | 33 | INSTALLED_APPS = [ 34 | 'django.contrib.admin', 35 | 'django.contrib.auth', 36 | 'django.contrib.contenttypes', 37 | 'django.contrib.sessions', 38 | 'django.contrib.messages', 39 | 'django.contrib.staticfiles', 40 | 'report', 41 | 'dj_pagination', 42 | ] 43 | 44 | MIDDLEWARE_CLASSES = [ 45 | 'django.middleware.security.SecurityMiddleware', 46 | 'django.contrib.sessions.middleware.SessionMiddleware', 47 | 'django.middleware.common.CommonMiddleware', 48 | 'django.middleware.csrf.CsrfViewMiddleware', 49 | 'django.contrib.auth.middleware.AuthenticationMiddleware', 50 | 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 51 | 'django.contrib.messages.middleware.MessageMiddleware', 52 | 'django.middleware.clickjacking.XFrameOptionsMiddleware', 53 | 'dj_pagination.middleware.PaginationMiddleware', 54 | ] 55 | 56 | 57 | TEMPLATE_CONTEXT_PROCESSORS=( 58 | "django.core.context_processors.auth", 59 | "django.core.context_processors.debug", 60 | "django.core.context_processors.i18n", 61 | "django.core.context_processors.media", 62 | "django.core.context_processors.request" 63 | ) 64 | 65 | 66 | ROOT_URLCONF = 'hack.urls' 67 | 68 | TEMPLATES = [ 69 | { 70 | 'BACKEND': 'django.template.backends.django.DjangoTemplates', 71 | 'DIRS': [], 72 | 'APP_DIRS': True, 73 | 'OPTIONS': { 74 | 'context_processors': [ 75 | 'django.template.context_processors.debug', 76 | 'django.template.context_processors.request', 77 | 'django.contrib.auth.context_processors.auth', 78 | 'django.contrib.messages.context_processors.messages', 79 | ], 80 | }, 81 | }, 82 | ] 83 | 84 | WSGI_APPLICATION = 'hack.wsgi.application' 85 | 86 | 87 | # Database 88 | # https://docs.djangoproject.com/en/1.9/ref/settings/#databases 89 | 90 | DATABASES = { 91 | 'default': { 92 | 'ENGINE': 'django.db.backends.sqlite3', 93 | 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), 94 | } 95 | } 96 | 97 | 98 | # Password validation 99 | # https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators 100 | 101 | AUTH_PASSWORD_VALIDATORS = [ 102 | { 103 | 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', 104 | }, 105 | { 106 | 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 107 | }, 108 | { 109 | 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', 110 | }, 111 | { 112 | 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', 113 | }, 114 | ] 115 | 116 | 117 | # Internationalization 118 | # https://docs.djangoproject.com/en/1.9/topics/i18n/ 119 | 120 | LANGUAGE_CODE = 'en-us' 121 | 122 | TIME_ZONE = 'Asia/Shanghai' 123 | 124 | USE_I18N = True 125 | 126 | USE_L10N = True 127 | 128 | USE_TZ = True 129 | 130 | 131 | # Static files (CSS, JavaScript, Images) 132 | # https://docs.djangoproject.com/en/1.9/howto/static-files/ 133 | 134 | STATIC_URL = '/static/' 135 | -------------------------------------------------------------------------------- /hack/settings.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/hack/settings.pyc -------------------------------------------------------------------------------- /hack/urls.py: -------------------------------------------------------------------------------- 1 | """hack URL Configuration 2 | 3 | The `urlpatterns` list routes URLs to views. For more information please see: 4 | https://docs.djangoproject.com/en/1.9/topics/http/urls/ 5 | Examples: 6 | Function views 7 | 1. Add an import: from my_app import views 8 | 2. Add a URL to urlpatterns: url(r'^$', views.home, name='home') 9 | Class-based views 10 | 1. Add an import: from other_app.views import Home 11 | 2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home') 12 | Including another URLconf 13 | 1. Import the include() function: from django.conf.urls import url, include 14 | 2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls')) 15 | """ 16 | from django.conf.urls import url 17 | from django.contrib import admin 18 | from report import views 19 | urlpatterns = [ 20 | url(r'^admin/', admin.site.urls), 21 | url(r'^scrapper/',views.scrapper), 22 | url(r'^$',views.index), 23 | url(r'^reports/(?P\d+)/',views.report), 24 | url(r'^update/',views.updates) 25 | 26 | ] 27 | -------------------------------------------------------------------------------- /hack/urls.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/hack/urls.pyc -------------------------------------------------------------------------------- /hack/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for hack project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/1.9/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.wsgi import get_wsgi_application 13 | 14 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "hack.settings") 15 | 16 | application = get_wsgi_application() 17 | -------------------------------------------------------------------------------- /hack/wsgi.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/hack/wsgi.pyc -------------------------------------------------------------------------------- /manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import os 3 | import sys 4 | 5 | if __name__ == "__main__": 6 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "hack.settings") 7 | 8 | from django.core.management import execute_from_command_line 9 | 10 | execute_from_command_line(sys.argv) 11 | -------------------------------------------------------------------------------- /report/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/__init__.py -------------------------------------------------------------------------------- /report/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/__init__.pyc -------------------------------------------------------------------------------- /report/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | from models import result 3 | # Register your models here. 4 | admin.site.register(result, ) -------------------------------------------------------------------------------- /report/admin.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/admin.pyc -------------------------------------------------------------------------------- /report/apps.py: -------------------------------------------------------------------------------- 1 | from __future__ import unicode_literals 2 | 3 | from django.apps import AppConfig 4 | 5 | 6 | class ReportConfig(AppConfig): 7 | name = 'report' 8 | -------------------------------------------------------------------------------- /report/crawl.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | import requests 3 | import time 4 | import json 5 | from models import * 6 | def get_url(page): 7 | time.sleep(2) # sometimes hackerone block us 8 | url = "https://hackerone.com/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Apublic&page="+str(page) 9 | headers = { 10 | 'Accept':'application/json, text/javascript, */*; q=0.01', 11 | 'content-type':'application/json', 12 | 'authority':'hackerone.com', 13 | 'x-requested-with':'XMLHttpRequest', 14 | } 15 | r = requests.get(url = url,headers=headers,timeout=100) 16 | data = json.loads(r.content) 17 | return data 18 | def get_content(url): 19 | time.sleep(2) # sometimes hackerone block us 20 | headers = { 21 | 'Accept':'application/json, text/javascript, */*; q=0.01', 22 | 'content-type':'application/json', 23 | 'authority':'hackerone.com', 24 | 'x-requested-with':'XMLHttpRequest', 25 | } 26 | r = requests.get(url = url,headers=headers,timeout=100) 27 | result = json.loads(r.content) 28 | return result 29 | def get_page(): 30 | data = get_url(1) 31 | pages = data['pages'] 32 | total_reports = data['count'] 33 | summary.objects.create(pages=pages,total_reports=total_reports) 34 | return pages 35 | def resu(pages): 36 | #sec = 1 37 | for i in range(1, pages): 38 | #sec = sec +1 39 | # if (sec%40==1): 40 | # time.sleep(10) 41 | print i 42 | data = get_url (i) 43 | reports = data['reports'] 44 | for report in reports: 45 | report_id = report['id'] 46 | report_title = report['title'] 47 | 48 | url = "https://hackerone.com"+report['url'] 49 | try: 50 | severity_rating = report['severity_rating'] 51 | except KeyError: 52 | severity_rating = "none" 53 | #try: 54 | data = get_content(url) 55 | #except requests.exceptions.Timeout: 56 | try: 57 | state = data['state'] 58 | except KeyError: 59 | state="none" 60 | try: 61 | substate = data['substate'] 62 | except KeyError: 63 | substate="none" 64 | created_at = data['created_at'] 65 | try: 66 | username = data['reporter']['username'] 67 | username_url ="https://hackerone.com"+ data['reporter']['url'] 68 | except TypeError: 69 | username = "null" 70 | username_url = "" 71 | team_name = data['team']['handle'] 72 | team_url = data['team']['url'] 73 | team_about = data['team']['profile']['about'] 74 | has_bounty = data['has_bounty?'] 75 | can_view_team = data['can_view_team'] 76 | is_external_bug = data['is_external_bug'] 77 | is_participant = data['is_participant'] 78 | public = data['public'] 79 | visibility = data['visibility'] 80 | cve_ids = data['cve_ids'] 81 | singular_disclosure_disabled = data['singular_disclosure_disabled'] 82 | disclosed_at = data['disclosed_at'] 83 | bug_reporter_agreed_on_going_public_at = data['bug_reporter_agreed_on_going_public_at'] 84 | team_member_agreed_on_going_public_at = data['team_member_agreed_on_going_public_at'] 85 | comments_closed = data['comments_closed?'] 86 | vulnerability_information = data['vulnerability_information'] 87 | vulnerability_information_html = data['vulnerability_information_html'] 88 | original_report_id = data['original_report_id'] 89 | original_report_url = data['original_report_url'] 90 | try: 91 | allow_singular_disclosure_at = data['allow_singular_disclosure_at'] 92 | except KeyError: 93 | allow_singular_disclosure_at = "none" 94 | try: 95 | allow_singular_disclosure_after = data['allow_singular_disclosure_after'] 96 | except KeyError: 97 | allow_singular_disclosure_after = "none" 98 | try: 99 | singular_disclosure_allowed = data['singular_disclosure_allowed'] 100 | except KeyError: 101 | allow_singular_disclosure_after = "none" 102 | vote_count = data['vote_count'] 103 | if result.objects.get_or_create(report_id=report_id)[1]: 104 | for summarie in data['summaries']: 105 | try: 106 | summaries_id = summarie['id'] 107 | except KeyError: 108 | summaries_id = "none" 109 | try: 110 | content = summarie['content'] 111 | except KeyError: 112 | content = "none" 113 | try: 114 | content_html = summarie['content_html'] 115 | except KeyError: 116 | content_html = "none" 117 | try: 118 | category = summarie['category'] 119 | except KeyError: 120 | category = "none" 121 | try: 122 | can_view = summarie['can_view?'] 123 | except KeyError: 124 | can_view = "none" 125 | try: 126 | can_create = summarie['can_create?'] 127 | except KeyError: 128 | can_create = "none" 129 | summar.objects.create( 130 | report_id = report_id, 131 | summaries_id = summaries_id, 132 | content = content, 133 | content_html = content_html, 134 | ) 135 | 136 | 137 | for activity in data['activities']: 138 | activity_id = activity['id'] 139 | is_internal = activity['is_internal'] 140 | editable = activity['editable'] 141 | type = activity['type'] 142 | message = activity['message'] 143 | markdown_message = activity['markdown_message'] 144 | automated_response = activity['automated_response'] 145 | created_at = activity['created_at'] 146 | updated_at = activity['updated_at'] 147 | try: 148 | actor_username = activity['actor_username'] 149 | except KeyError: 150 | actor_username = "none" 151 | try: 152 | actor_url = activity['actor_url'] 153 | except KeyError: 154 | actor_url = "none" 155 | genius_execution_id = activity['genius_execution_id'] 156 | team_handle = activity['team_handle'] 157 | dialogue.objects.create( 158 | report_id = report_id, 159 | activity_id = activity_id, 160 | is_internal = is_internal, 161 | editable = editable, 162 | type = type, 163 | message = message, 164 | markdown_message = markdown_message, 165 | automated_response = automated_response, 166 | created_at = created_at, 167 | updated_at = updated_at, 168 | actor_username = actor_username, 169 | actor_url = actor_url, 170 | genius_execution_id = genius_execution_id, 171 | team_handle = team_handle, 172 | 173 | ) 174 | 175 | result.objects.filter(report_id=report_id).update( 176 | title=report_title, 177 | url=url, 178 | severity_rating=severity_rating, 179 | state = state, 180 | substate = substate, 181 | created_at = created_at, 182 | username = username, 183 | username_url = username_url, 184 | team_name = team_name, 185 | team_url = team_url, 186 | team_about = team_about, 187 | has_bounty = has_bounty, 188 | can_view_team = can_view_team, 189 | is_external_bug = is_external_bug, 190 | is_participant = is_participant, 191 | public = public, 192 | visibility = visibility, 193 | cve_ids = cve_ids, 194 | singular_disclosure_disabled = singular_disclosure_disabled, 195 | disclosed_at = disclosed_at, 196 | bug_reporter_agreed_on_going_public_at =bug_reporter_agreed_on_going_public_at, 197 | team_member_agreed_on_going_public_at = team_member_agreed_on_going_public_at, 198 | comments_closed = comments_closed, 199 | vulnerability_information = vulnerability_information, 200 | vulnerability_information_html = vulnerability_information_html, 201 | original_report_id = original_report_id, 202 | original_report_url = original_report_url, 203 | allow_singular_disclosure_at = allow_singular_disclosure_at, 204 | allow_singular_disclosure_after = allow_singular_disclosure_after, 205 | singular_disclosure_allowed = singular_disclosure_allowed, 206 | vote_count = vote_count, 207 | ) 208 | else: 209 | pass 210 | def scrappe(): 211 | pages = get_page() 212 | resu(pages) 213 | def update(): 214 | pages =get_page() #last record page 215 | summary1= summary.objects.all().last() 216 | total_report1 = summary1.total_reports 217 | summary2 = summary.objects.all().order_by('-pk')[1:2] #last second record 218 | for sum2 in summary2: 219 | page2 = sum2.pages 220 | total_report2 = sum2.total_reports 221 | last_time = sum2.create_time 222 | page = int(pages)-int(page2) 223 | if page==0: 224 | page =2 225 | else: 226 | page = page +2 227 | total_report = int(total_report1) - int(total_report2) 228 | if total_report==0: 229 | pass 230 | else: 231 | resu(page) 232 | -------------------------------------------------------------------------------- /report/crawl.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/crawl.pyc -------------------------------------------------------------------------------- /report/forms.py: -------------------------------------------------------------------------------- 1 | from django import forms 2 | 3 | class search(forms.Form): 4 | key = forms.CharField(max_length=50) -------------------------------------------------------------------------------- /report/forms.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/forms.pyc -------------------------------------------------------------------------------- /report/migrations/0001_initial.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-04 15:40 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | initial = True 12 | 13 | dependencies = [ 14 | ] 15 | 16 | operations = [ 17 | migrations.CreateModel( 18 | name='dialogue', 19 | fields=[ 20 | ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), 21 | ('report_id', models.CharField(default='', max_length=10)), 22 | ('activity_id', models.CharField(default='', max_length=10)), 23 | ('is_internal', models.CharField(default='', max_length=10)), 24 | ('editable', models.CharField(default='', max_length=10)), 25 | ('type', models.CharField(default='', max_length=10)), 26 | ('message', models.TextField(default='', null=True)), 27 | ('markdown_message', models.TextField(default='', null=True)), 28 | ('automated_response', models.CharField(default='', max_length=10)), 29 | ('created_at', models.CharField(default='', max_length=40)), 30 | ('updated_at', models.CharField(default='', max_length=40)), 31 | ('actor_username', models.CharField(default='', max_length=40)), 32 | ('actor_url', models.CharField(default='', max_length=40)), 33 | ('genius_execution_id', models.CharField(max_length=40, null=True)), 34 | ('team_handle', models.CharField(default='', max_length=40)), 35 | ], 36 | ), 37 | migrations.CreateModel( 38 | name='result', 39 | fields=[ 40 | ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), 41 | ('report_id', models.CharField(default='', max_length=20)), 42 | ('title', models.CharField(default='', max_length=100)), 43 | ('url', models.CharField(default='', max_length=100)), 44 | ('username', models.CharField(default='', max_length=100)), 45 | ('username_url', models.CharField(default='', max_length=100)), 46 | ('state', models.CharField(default='', max_length=20)), 47 | ('substate', models.CharField(default='', max_length=20)), 48 | ('severity_rating', models.CharField(default='', max_length=20)), 49 | ('created_at', models.CharField(default='', max_length=40)), 50 | ('team_name', models.CharField(default='', max_length=100)), 51 | ('team_url', models.CharField(default='', max_length=40)), 52 | ('team_about', models.TextField(default='')), 53 | ('has_bounty', models.CharField(default='', max_length=20)), 54 | ('can_view_team', models.CharField(default='', max_length=20)), 55 | ('is_external_bug', models.CharField(default='', max_length=20)), 56 | ('is_participant', models.CharField(default='', max_length=20)), 57 | ('public', models.CharField(default='', max_length=20)), 58 | ('visibility', models.CharField(default='', max_length=20)), 59 | ('cve_ids', models.CharField(default='', max_length=40)), 60 | ('singular_disclosure_disabled', models.CharField(default='', max_length=40)), 61 | ('disclosed_at', models.CharField(default='', max_length=40)), 62 | ('bug_reporter_agreed_on_going_public_at', models.CharField(default='', max_length=40, null=True)), 63 | ('team_member_agreed_on_going_public_at', models.CharField(default='', max_length=40, null=True)), 64 | ('comments_closed', models.CharField(default='', max_length=40)), 65 | ('vulnerability_information', models.TextField(default='')), 66 | ('vulnerability_information_html', models.TextField(default='')), 67 | ('original_report_id', models.CharField(max_length=40, null=True)), 68 | ('original_report_url', models.CharField(max_length=40, null=True)), 69 | ('allow_singular_disclosure_at', models.CharField(default='', max_length=40)), 70 | ('allow_singular_disclosure_after', models.CharField(default='', max_length=40)), 71 | ('singular_disclosure_allowed', models.CharField(default='', max_length=40)), 72 | ('vote_count', models.CharField(default='', max_length=40)), 73 | ], 74 | ), 75 | migrations.CreateModel( 76 | name='summaries', 77 | fields=[ 78 | ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), 79 | ('report_id', models.CharField(max_length=20)), 80 | ('summaries_id', models.CharField(default='', max_length=30)), 81 | ('content', models.TextField(default='')), 82 | ('content_html', models.TextField(default='')), 83 | ('category', models.CharField(default='', max_length=30)), 84 | ('can_view', models.CharField(default='', max_length=30)), 85 | ('can_create', models.CharField(default='', max_length=30)), 86 | ], 87 | ), 88 | migrations.CreateModel( 89 | name='summary', 90 | fields=[ 91 | ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), 92 | ('pages', models.CharField(default='', max_length=30)), 93 | ('total_reports', models.CharField(default='', max_length=30)), 94 | ('create_time', models.DateTimeField(default=datetime.datetime(2017, 6, 4, 23, 40, 25, 311000))), 95 | ], 96 | ), 97 | ] 98 | -------------------------------------------------------------------------------- /report/migrations/0001_initial.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0001_initial.pyc -------------------------------------------------------------------------------- /report/migrations/0002_auto_20170605_0947.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-05 01:47 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0001_initial'), 13 | ] 14 | 15 | operations = [ 16 | migrations.RenameModel( 17 | old_name='summaries', 18 | new_name='summarie', 19 | ), 20 | migrations.AlterField( 21 | model_name='summary', 22 | name='create_time', 23 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 5, 9, 47, 12, 527000)), 24 | ), 25 | ] 26 | -------------------------------------------------------------------------------- /report/migrations/0002_auto_20170605_0947.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0002_auto_20170605_0947.pyc -------------------------------------------------------------------------------- /report/migrations/0003_auto_20170605_0947.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-05 01:47 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0002_auto_20170605_0947'), 13 | ] 14 | 15 | operations = [ 16 | migrations.AlterField( 17 | model_name='summary', 18 | name='create_time', 19 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 5, 9, 47, 32, 524000)), 20 | ), 21 | ] 22 | -------------------------------------------------------------------------------- /report/migrations/0003_auto_20170605_0947.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0003_auto_20170605_0947.pyc -------------------------------------------------------------------------------- /report/migrations/0004_auto_20170605_1219.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-05 04:19 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0003_auto_20170605_0947'), 13 | ] 14 | 15 | operations = [ 16 | migrations.AlterField( 17 | model_name='summary', 18 | name='create_time', 19 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 5, 12, 19, 26, 39000)), 20 | ), 21 | ] 22 | -------------------------------------------------------------------------------- /report/migrations/0004_auto_20170605_1219.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0004_auto_20170605_1219.pyc -------------------------------------------------------------------------------- /report/migrations/0005_auto_20170605_1224.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-05 04:24 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0004_auto_20170605_1219'), 13 | ] 14 | 15 | operations = [ 16 | migrations.RenameModel( 17 | old_name='summarie', 18 | new_name='summar', 19 | ), 20 | migrations.AlterField( 21 | model_name='summary', 22 | name='create_time', 23 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 5, 12, 24, 19, 425000)), 24 | ), 25 | ] 26 | -------------------------------------------------------------------------------- /report/migrations/0005_auto_20170605_1224.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0005_auto_20170605_1224.pyc -------------------------------------------------------------------------------- /report/migrations/0006_auto_20170608_1001.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-08 02:01 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0005_auto_20170605_1224'), 13 | ] 14 | 15 | operations = [ 16 | migrations.AlterField( 17 | model_name='summary', 18 | name='create_time', 19 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 8, 10, 1, 23, 373000)), 20 | ), 21 | ] 22 | -------------------------------------------------------------------------------- /report/migrations/0006_auto_20170608_1001.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0006_auto_20170608_1001.pyc -------------------------------------------------------------------------------- /report/migrations/0007_auto_20170608_1523.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-06-08 07:23 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0006_auto_20170608_1001'), 13 | ] 14 | 15 | operations = [ 16 | migrations.AlterField( 17 | model_name='result', 18 | name='username', 19 | field=models.CharField(default='', max_length=100, null=True), 20 | ), 21 | migrations.AlterField( 22 | model_name='summary', 23 | name='create_time', 24 | field=models.DateTimeField(default=datetime.datetime(2017, 6, 8, 15, 23, 17, 263000)), 25 | ), 26 | ] 27 | -------------------------------------------------------------------------------- /report/migrations/0007_auto_20170608_1523.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0007_auto_20170608_1523.pyc -------------------------------------------------------------------------------- /report/migrations/0008_auto_20171110_1537.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Generated by Django 1.9.2 on 2017-11-10 07:37 3 | from __future__ import unicode_literals 4 | 5 | import datetime 6 | from django.db import migrations, models 7 | 8 | 9 | class Migration(migrations.Migration): 10 | 11 | dependencies = [ 12 | ('report', '0007_auto_20170608_1523'), 13 | ] 14 | 15 | operations = [ 16 | migrations.AlterField( 17 | model_name='dialogue', 18 | name='activity_id', 19 | field=models.CharField(default='', max_length=10, null=True), 20 | ), 21 | migrations.AlterField( 22 | model_name='dialogue', 23 | name='actor_url', 24 | field=models.CharField(default='', max_length=40, null=True), 25 | ), 26 | migrations.AlterField( 27 | model_name='dialogue', 28 | name='actor_username', 29 | field=models.CharField(default='', max_length=40, null=True), 30 | ), 31 | migrations.AlterField( 32 | model_name='dialogue', 33 | name='automated_response', 34 | field=models.CharField(default='', max_length=10, null=True), 35 | ), 36 | migrations.AlterField( 37 | model_name='dialogue', 38 | name='created_at', 39 | field=models.CharField(default='', max_length=40, null=True), 40 | ), 41 | migrations.AlterField( 42 | model_name='dialogue', 43 | name='editable', 44 | field=models.CharField(default='', max_length=10, null=True), 45 | ), 46 | migrations.AlterField( 47 | model_name='dialogue', 48 | name='is_internal', 49 | field=models.CharField(default='', max_length=10, null=True), 50 | ), 51 | migrations.AlterField( 52 | model_name='dialogue', 53 | name='report_id', 54 | field=models.CharField(default='', max_length=10, null=True), 55 | ), 56 | migrations.AlterField( 57 | model_name='dialogue', 58 | name='team_handle', 59 | field=models.CharField(default='', max_length=40, null=True), 60 | ), 61 | migrations.AlterField( 62 | model_name='dialogue', 63 | name='type', 64 | field=models.CharField(default='', max_length=10, null=True), 65 | ), 66 | migrations.AlterField( 67 | model_name='dialogue', 68 | name='updated_at', 69 | field=models.CharField(default='', max_length=40, null=True), 70 | ), 71 | migrations.AlterField( 72 | model_name='result', 73 | name='allow_singular_disclosure_after', 74 | field=models.CharField(default='', max_length=40, null=True), 75 | ), 76 | migrations.AlterField( 77 | model_name='result', 78 | name='allow_singular_disclosure_at', 79 | field=models.CharField(default='', max_length=40, null=True), 80 | ), 81 | migrations.AlterField( 82 | model_name='result', 83 | name='can_view_team', 84 | field=models.CharField(default='', max_length=20, null=True), 85 | ), 86 | migrations.AlterField( 87 | model_name='result', 88 | name='comments_closed', 89 | field=models.CharField(default='', max_length=40, null=True), 90 | ), 91 | migrations.AlterField( 92 | model_name='result', 93 | name='created_at', 94 | field=models.CharField(default='', max_length=40, null=True), 95 | ), 96 | migrations.AlterField( 97 | model_name='result', 98 | name='cve_ids', 99 | field=models.CharField(default='', max_length=40, null=True), 100 | ), 101 | migrations.AlterField( 102 | model_name='result', 103 | name='disclosed_at', 104 | field=models.CharField(default='', max_length=40, null=True), 105 | ), 106 | migrations.AlterField( 107 | model_name='result', 108 | name='has_bounty', 109 | field=models.CharField(default='', max_length=20, null=True), 110 | ), 111 | migrations.AlterField( 112 | model_name='result', 113 | name='is_external_bug', 114 | field=models.CharField(default='', max_length=20, null=True), 115 | ), 116 | migrations.AlterField( 117 | model_name='result', 118 | name='is_participant', 119 | field=models.CharField(default='', max_length=20, null=True), 120 | ), 121 | migrations.AlterField( 122 | model_name='result', 123 | name='public', 124 | field=models.CharField(default='', max_length=20, null=True), 125 | ), 126 | migrations.AlterField( 127 | model_name='result', 128 | name='report_id', 129 | field=models.CharField(default='', max_length=20, null=True), 130 | ), 131 | migrations.AlterField( 132 | model_name='result', 133 | name='severity_rating', 134 | field=models.CharField(default='', max_length=20, null=True), 135 | ), 136 | migrations.AlterField( 137 | model_name='result', 138 | name='singular_disclosure_allowed', 139 | field=models.CharField(default='', max_length=40, null=True), 140 | ), 141 | migrations.AlterField( 142 | model_name='result', 143 | name='singular_disclosure_disabled', 144 | field=models.CharField(default='', max_length=40, null=True), 145 | ), 146 | migrations.AlterField( 147 | model_name='result', 148 | name='state', 149 | field=models.CharField(default='', max_length=20, null=True), 150 | ), 151 | migrations.AlterField( 152 | model_name='result', 153 | name='substate', 154 | field=models.CharField(default='', max_length=20, null=True), 155 | ), 156 | migrations.AlterField( 157 | model_name='result', 158 | name='team_about', 159 | field=models.TextField(default='', null=True), 160 | ), 161 | migrations.AlterField( 162 | model_name='result', 163 | name='team_name', 164 | field=models.CharField(default='', max_length=100, null=True), 165 | ), 166 | migrations.AlterField( 167 | model_name='result', 168 | name='team_url', 169 | field=models.CharField(default='', max_length=40, null=True), 170 | ), 171 | migrations.AlterField( 172 | model_name='result', 173 | name='title', 174 | field=models.CharField(default='', max_length=100, null=True), 175 | ), 176 | migrations.AlterField( 177 | model_name='result', 178 | name='url', 179 | field=models.CharField(default='', max_length=100, null=True), 180 | ), 181 | migrations.AlterField( 182 | model_name='result', 183 | name='username_url', 184 | field=models.CharField(default='', max_length=100, null=True), 185 | ), 186 | migrations.AlterField( 187 | model_name='result', 188 | name='visibility', 189 | field=models.CharField(default='', max_length=20, null=True), 190 | ), 191 | migrations.AlterField( 192 | model_name='result', 193 | name='vote_count', 194 | field=models.CharField(default='', max_length=40, null=True), 195 | ), 196 | migrations.AlterField( 197 | model_name='result', 198 | name='vulnerability_information', 199 | field=models.TextField(default='', null=True), 200 | ), 201 | migrations.AlterField( 202 | model_name='result', 203 | name='vulnerability_information_html', 204 | field=models.TextField(default='', null=True), 205 | ), 206 | migrations.AlterField( 207 | model_name='summar', 208 | name='can_create', 209 | field=models.CharField(default='', max_length=30, null=True), 210 | ), 211 | migrations.AlterField( 212 | model_name='summar', 213 | name='can_view', 214 | field=models.CharField(default='', max_length=30, null=True), 215 | ), 216 | migrations.AlterField( 217 | model_name='summar', 218 | name='category', 219 | field=models.CharField(default='', max_length=30, null=True), 220 | ), 221 | migrations.AlterField( 222 | model_name='summar', 223 | name='content', 224 | field=models.TextField(default='', null=True), 225 | ), 226 | migrations.AlterField( 227 | model_name='summar', 228 | name='content_html', 229 | field=models.TextField(default='', null=True), 230 | ), 231 | migrations.AlterField( 232 | model_name='summar', 233 | name='report_id', 234 | field=models.CharField(max_length=20, null=True), 235 | ), 236 | migrations.AlterField( 237 | model_name='summar', 238 | name='summaries_id', 239 | field=models.CharField(default='', max_length=30, null=True), 240 | ), 241 | migrations.AlterField( 242 | model_name='summary', 243 | name='create_time', 244 | field=models.DateTimeField(default=datetime.datetime(2017, 11, 10, 15, 37, 25, 998205)), 245 | ), 246 | migrations.AlterField( 247 | model_name='summary', 248 | name='pages', 249 | field=models.CharField(default='', max_length=30, null=True), 250 | ), 251 | migrations.AlterField( 252 | model_name='summary', 253 | name='total_reports', 254 | field=models.CharField(default='', max_length=30, null=True), 255 | ), 256 | ] 257 | -------------------------------------------------------------------------------- /report/migrations/0008_auto_20171110_1537.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/0008_auto_20171110_1537.pyc -------------------------------------------------------------------------------- /report/migrations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/__init__.py -------------------------------------------------------------------------------- /report/migrations/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/migrations/__init__.pyc -------------------------------------------------------------------------------- /report/models.py: -------------------------------------------------------------------------------- 1 | from __future__ import unicode_literals 2 | 3 | from django.db import models 4 | import datetime 5 | # Create your models here. 6 | class result(models.Model): 7 | report_id = models.CharField(max_length=20,default='',null=True) 8 | title = models.CharField(max_length=100,default='',null=True) 9 | url = models.CharField(max_length=100,default='',null=True) 10 | username = models.CharField(max_length=100,default='',null=True) 11 | username_url = models.CharField(max_length=100,default='',null=True) 12 | state = models.CharField(max_length=20,default='',null=True) 13 | substate = models.CharField(max_length=20,default='',null=True) 14 | severity_rating = models.CharField(max_length=20,default='',null=True) 15 | created_at = models.CharField(max_length=40,default='',null=True) 16 | team_name = models.CharField(max_length=100,default='',null=True) 17 | team_url = models.CharField(max_length=40,default='',null=True) 18 | team_about = models.TextField(default='',null=True) 19 | has_bounty = models.CharField(max_length=20,default='',null=True) 20 | can_view_team = models.CharField(max_length=20,default='',null=True) 21 | is_external_bug = models.CharField(max_length=20,default='',null=True) 22 | is_participant = models.CharField(max_length=20,default='',null=True) 23 | public = models.CharField(max_length=20,default='',null=True) 24 | visibility = models.CharField(max_length=20,default='',null=True) 25 | cve_ids = models.CharField(max_length=40,default='',null=True) 26 | singular_disclosure_disabled = models.CharField(max_length=40,default='',null=True) 27 | disclosed_at = models.CharField(max_length=40,default='',null=True) 28 | bug_reporter_agreed_on_going_public_at = models.CharField(max_length=40,default='',null=True) 29 | team_member_agreed_on_going_public_at = models.CharField(max_length=40,default='',null=True) 30 | comments_closed = models.CharField(max_length=40,default='',null=True) 31 | vulnerability_information = models.TextField(default='',null=True) 32 | vulnerability_information_html = models.TextField(default='',null=True) 33 | original_report_id = models.CharField(max_length=40,null=True) 34 | original_report_url= models.CharField(max_length=40,null=True) 35 | allow_singular_disclosure_at = models.CharField(max_length=40,default='',null=True) 36 | allow_singular_disclosure_after = models.CharField(max_length=40,default='',null=True) 37 | singular_disclosure_allowed = models.CharField(max_length=40,default='',null=True) 38 | vote_count = models.CharField(max_length=40,default='',null=True) 39 | def __unicode__(self): 40 | return self.title 41 | 42 | 43 | class dialogue(models.Model): 44 | report_id = models.CharField(max_length=10,default='',null=True) 45 | activity_id = models.CharField(max_length=10,default='',null=True) 46 | is_internal = models.CharField(max_length=10,default='',null=True) 47 | editable = models.CharField(max_length=10,default='',null=True) 48 | type = models.CharField(max_length=10,default='',null=True) 49 | message = models.TextField(default='',null=True) 50 | markdown_message = models.TextField(default='',null=True) 51 | automated_response = models.CharField(max_length=10,default='',null=True) 52 | created_at = models.CharField(max_length=40,default='',null=True) 53 | updated_at = models.CharField(max_length=40,default='',null=True) 54 | actor_username = models.CharField(max_length=40,default='',null=True) 55 | actor_url = models.CharField(max_length=40,default='',null=True) 56 | genius_execution_id = models.CharField(max_length=40,null=True) 57 | team_handle = models.CharField(max_length=40,default='',null=True) 58 | 59 | 60 | class summary(models.Model): 61 | pages = models.CharField(max_length=30,default='',null=True) 62 | total_reports = models.CharField(max_length=30,default='',null=True) 63 | create_time = models.DateTimeField(default=datetime.datetime.now()) 64 | class summar(models.Model): 65 | report_id = models.CharField(max_length=20,null=True) 66 | summaries_id = models.CharField(max_length=30,default='',null=True) 67 | content = models.TextField(default='',null=True) 68 | content_html = models.TextField(default='',null=True) 69 | category = models.CharField(max_length=30,default='',null=True) 70 | can_view = models.CharField(max_length=30,default='',null=True) 71 | can_create = models.CharField(max_length=30,default='',null=True) -------------------------------------------------------------------------------- /report/models.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/models.pyc -------------------------------------------------------------------------------- /report/templates/index.html: -------------------------------------------------------------------------------- 1 | home scrapper update 2 |
3 | {% csrf_token %} 4 | 5 | 6 |
7 |
reports pages:{{summarys.pages}}
8 |
reports totals:{{summarys.total_reports}}
9 |
reports update time:{{summarys.create_time}}
10 | {% load pagination_tags %} 11 | {% autopaginate results 25%} 12 |
13 | report_id title
14 | {% for result in results%} 15 | {{result.report_id}} {{result.title}}
16 | {% endfor %} 17 | {% paginate %} -------------------------------------------------------------------------------- /report/templates/report.html: -------------------------------------------------------------------------------- 1 |

home

2 | {%for result in results%} 3 | {{result.report_id}} {{result.title}}
4 | reporter:{{result.username}}
5 | report state:{{result.state}} report create at:{{result.created_at}}
6 | severity_rating:{{result.severity_rating}}
7 | {{result.vulnerability_information_html|safe }} 8 |
9 | {%endfor%} 10 | 11 | {%for summarie in summaries%} 12 | {%ifequal summarie.summaries_id "none"%} 13 | {%else%} 14 | {{summarie.summaries_id}}
15 | {{summarie.content_html | safe}} 16 | {%endifequal%} 17 | {%endfor%} 18 | 19 | {% for dialogue in dialogues%} 20 | activity_id:{{dialogue.activity_id}}
21 | type:{{dialogue.type}}
22 |

message:

{{dialogue.markdown_message | safe}}
23 | 24 |

25 | {%endfor%} -------------------------------------------------------------------------------- /report/templates/search.html: -------------------------------------------------------------------------------- 1 |

home

2 | {%for key in keys%} 3 | {{key.report_id}} {{key.title}}
4 | {% endfor%} -------------------------------------------------------------------------------- /report/templates/update.html: -------------------------------------------------------------------------------- 1 |

home

2 |

update success

3 |

last update time

4 | pages:{{ summary1.pages}}
5 | total_reports:{{summary1.total_reports}}
6 | create_time:{{summary1.create_time}}
7 |
8 |

privious update time

9 | {% for sum2 in summary2%}
10 | pages:{{ sum2.pages}}
11 | total_reports:{{sum2.total_reports}}
12 | create_time:{{sum2.create_time}} 13 | {%endfor%} -------------------------------------------------------------------------------- /report/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /report/views.py: -------------------------------------------------------------------------------- 1 | from django.shortcuts import render,render_to_response 2 | from crawl import * 3 | from report.models import * 4 | from django.http.response import HttpResponse 5 | from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger 6 | from forms import * 7 | # Create your views here. 8 | def scrapper(request): # all report crawl 9 | scrappe() 10 | 11 | return HttpResponse("crawl success") 12 | def index(request): 13 | results =result.objects.all() 14 | summarys= summary.objects.all().last() 15 | if request.method == "POST": 16 | key = request.POST['key'] 17 | title = result.objects.filter(title__contains=key) 18 | return render(request,'search.html',locals()) 19 | return render(request, 'index.html', locals()) 20 | 21 | def report(request,id): 22 | results =result.objects.filter(report_id=id) 23 | dialogues = dialogue.objects.filter(report_id=id) 24 | summaries = summar.objects.filter(report_id=id) 25 | return render_to_response("report.html",locals()) 26 | def updates(request): 27 | update() 28 | summary1= summary.objects.all().last() 29 | summary2= summary.objects.all().order_by('-pk')[1:2] 30 | return render_to_response("update.html",locals()) -------------------------------------------------------------------------------- /report/views.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yingshang/hack/3d9673f5dd37090bbc4ff4b173ed09b3fb933826/report/views.pyc -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | django==1.9.2 2 | dj_pagination==2.2.1 3 | requests 4 | --------------------------------------------------------------------------------