Skip to content

Commit

Permalink
MySQL数据库模型完善,扫描结果联合
Browse files Browse the repository at this point in the history
  • Loading branch information
@Cl0udG0d
Cl0udG0d committed May 6, 2020
1 parent 0c570b2 commit 0f2deb6
Show file tree
Hide file tree
Showing 20 changed files with 213 additions and 59 deletions.
2 changes: 1 addition & 1 deletion .idea/WebScan.iml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .idea/misc.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

23 changes: 19 additions & 4 deletions ImportToRedis.py
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
import redis
from index import app
from exts import db
from models import BugType

PASSWORD = "123456"
# PASSWORD = ""
# HOST = "127.0.0.1"
HOST = "192.168.88.128"
# PASSWORD = "123456"
PASSWORD = ""
HOST = "127.0.0.1"
# HOST = "192.168.88.128"

'''
默认6379端口,第0个数据库
Expand All @@ -30,5 +33,17 @@ def ToRedis():
r.lpush("XSSpayloads",line3.replace("\n",""))
file3.close()

def ToMySQL():
bugtype = open('dict/dbbugtype.txt', 'r')
with app.app_context():
for i in bugtype.readlines():
type,grade=i.split(":")[0],i.split(":")[1]
temp = BugType(bugtype=type,buggradeid=grade)
db.session.add(temp)
db.session.commit()
bugtype.close()
return None


ToRedis()
# ToMySQL()
57 changes: 22 additions & 35 deletions SZheConsole.py
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,18 @@
from BaseMessage import GetBaseMessage
import re
from IPMessage import IPMessage
from DomainMessage import DomainMessage
from index import app
from exts import db
from models import BaseInfo,IPInfo,DomainInfo,BugList
import ImportToRedis
import redis
from models import BaseInfo,IPInfo,DomainInfo,BugList,BugType
from XSSBug.XSSCheck import GetXSS
from BugScan import BugScan
import ImportToRedis
import redis
import time
import re

Bugs=["SQLBugScan","XSSBugScan","ComInScan","FileIncludeScan","WebLogicScan","POCScan"]

Bugs={
1:"SQLBugScan",
2:"XSSBugScan",
3:"ComInScan",
4:"FileIncludeScan",
5:"WebLogicScan",
6:"POCScan"
}
BugLevel={
"Serious":1,
"High":2,
"Medium":3,
"Low":4
}

'''
获取baseinfo ->MySQL
Expand All @@ -38,25 +25,25 @@
def BugScanConsole(attackurl,redispool):
'''
动态调用类方法,减少冗余代码
将存在bug的url存在buglist表中,同时根据漏洞类型的不同,指向bugtype表中对应的漏洞类型
'''
while redispool.scard(attackurl) != 0:
print("111")
url = redispool.spop(attackurl)
Bug=BugScan(url,redispool)
for key,value in Bugs.items():
vulnerable, payload,bugdetail=getattr(Bug, value)()
# print(payload)
# print(bugdetail)
if vulnerable:
try:
with app.app_context():
bug = BugList(oldurl=attackurl,bugurl=url,bugtype=value,buggrade=key,payload=payload,bugdetail=bugdetail)
db.session.add(bug)
db.session.commit()
except Exception as e:
print(e)
pass
try:
while redispool.scard(attackurl) != 0:
print("111")
url = redispool.spop(attackurl)
Bug=BugScan(url,redispool)
with app.app_context():
for value in Bugs:
vulnerable, payload,bugdetail=getattr(Bug, value)()
if vulnerable:
bugtype = BugType.query.filter(BugType.bugtype == value).first()
bug = BugList(oldurl=attackurl,bugurl=url,bugtypeid=bugtype.id,payload=payload,bugdetail=bugdetail)
db.session.add(bug)
db.session.commit()
time.sleep(0.5)
except Exception as e:
print(e)
pass

def SZheConsole(url,redispool):
baseinfo=GetBaseMessage(url,redispool)
Expand Down
Binary file modified XSSBug/__pycache__/XSSCheck.cpython-37.pyc
View file
Binary file not shown.
Binary file modified __pycache__/ImportToRedis.cpython-37.pyc
View file
Binary file not shown.
Binary file modified __pycache__/get_message.cpython-37.pyc
View file
Binary file not shown.
Binary file modified __pycache__/index.cpython-37.pyc
View file
Binary file not shown.
Binary file modified __pycache__/models.cpython-37.pyc
View file
Binary file not shown.
5 changes: 5 additions & 0 deletions dict/dbbugtype.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
SQLBugScan:1
ComInScan:1
WebLogicScan:2
XSSBugScan:2
FileIncludeScan:2
3 changes: 1 addition & 2 deletions get_message.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
from multiprocessing.pool import ThreadPool
import socket
import urllib3
import ImportToRedis

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# 禁用安全警告
Expand Down Expand Up @@ -335,7 +334,7 @@ def FindIpAdd(ip):


if __name__ == "__main__":
r = redis.Redis(connection_pool=ImportToRedis.redisPool)
# r = redis.Redis(connection_pool=ImportToRedis.redisPool)
# 测试数据
# print(GetBindingIP('202.202.157.110'))
# print(GetSiteStation('202.202.157.110'))
Expand Down
2 changes: 0 additions & 2 deletions index.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@
import config
from models import User, Log, BaseInfo
from exts import db
from decorators import login_required
import ImportToRedis
from BaseMessage import GetBaseMessage
import json
from concurrent.futures import ThreadPoolExecutor
Expand Down
32 changes: 32 additions & 0 deletions migrations/versions/4e694382f616_.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
"""empty message
Revision ID: 4e694382f616
Revises: 545fe1ae767c
Create Date: 2020-05-06 13:53:37.342639
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import mysql

# revision identifiers, used by Alembic.
revision = '4e694382f616'
down_revision = '545fe1ae767c'
branch_labels = None
depends_on = None


def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.drop_column('buglist', 'buggrade')
op.drop_column('buglist', 'bugtype')
op.add_column('bugtype', sa.Column('buggradeid', sa.Integer(), nullable=False))
# ### end Alembic commands ###


def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.drop_column('bugtype', 'buggradeid')
op.add_column('buglist', sa.Column('bugtype', mysql.TEXT(), nullable=True))
op.add_column('buglist', sa.Column('buggrade', mysql.VARCHAR(length=10), nullable=True))
# ### end Alembic commands ###
61 changes: 61 additions & 0 deletions migrations/versions/545fe1ae767c_.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
"""empty message
Revision ID: 545fe1ae767c
Revises: fd29b1639463
Create Date: 2020-05-06 13:43:09.238269
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import mysql

# revision identifiers, used by Alembic.
revision = '545fe1ae767c'
down_revision = 'fd29b1639463'
branch_labels = None
depends_on = None


def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.create_table('bugtype',
sa.Column('id', sa.Integer(), autoincrement=True, nullable=False),
sa.Column('buglistid', sa.Integer(), nullable=False),
sa.Column('bugtypeid', sa.Integer(), nullable=False),
sa.PrimaryKeyConstraint('id')
)
op.drop_table('highbug')
op.drop_table('mediumbug')
op.drop_table('seriousbug')
op.drop_table('lowbug')
# ### end Alembic commands ###


def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.create_table('lowbug',
sa.Column('id', mysql.INTEGER(display_width=11), autoincrement=True, nullable=False),
sa.PrimaryKeyConstraint('id'),
mysql_default_charset='utf8',
mysql_engine='MyISAM'
)
op.create_table('seriousbug',
sa.Column('id', mysql.INTEGER(display_width=11), autoincrement=True, nullable=False),
sa.PrimaryKeyConstraint('id'),
mysql_default_charset='utf8',
mysql_engine='MyISAM'
)
op.create_table('mediumbug',
sa.Column('id', mysql.INTEGER(display_width=11), autoincrement=True, nullable=False),
sa.PrimaryKeyConstraint('id'),
mysql_default_charset='utf8',
mysql_engine='MyISAM'
)
op.create_table('highbug',
sa.Column('id', mysql.INTEGER(display_width=11), autoincrement=True, nullable=False),
sa.PrimaryKeyConstraint('id'),
mysql_default_charset='utf8',
mysql_engine='MyISAM'
)
op.drop_table('bugtype')
# ### end Alembic commands ###
Binary file added migrations/versions/__pycache__/4e694382f616_.cpython-37.pyc
View file
Binary file not shown.
Binary file added migrations/versions/__pycache__/545fe1ae767c_.cpython-37.pyc
View file
Binary file not shown.
Binary file added migrations/versions/__pycache__/f810509fd6ce_.cpython-37.pyc
View file
Binary file not shown.
34 changes: 34 additions & 0 deletions migrations/versions/f810509fd6ce_.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
"""empty message
Revision ID: f810509fd6ce
Revises: 4e694382f616
Create Date: 2020-05-06 14:07:33.872530
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import mysql

# revision identifiers, used by Alembic.
revision = 'f810509fd6ce'
down_revision = '4e694382f616'
branch_labels = None
depends_on = None


def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.add_column('buglist', sa.Column('bugtypeid', sa.Integer(), nullable=False))
op.add_column('bugtype', sa.Column('bugtype', sa.String(length=50), nullable=False))
op.drop_column('bugtype', 'buglistid')
op.drop_column('bugtype', 'bugtypeid')
# ### end Alembic commands ###


def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.add_column('bugtype', sa.Column('bugtypeid', mysql.INTEGER(display_width=11), autoincrement=False, nullable=False))
op.add_column('bugtype', sa.Column('buglistid', mysql.INTEGER(display_width=11), autoincrement=False, nullable=False))
op.drop_column('bugtype', 'bugtype')
op.drop_column('buglist', 'bugtypeid')
# ### end Alembic commands ###
51 changes: 37 additions & 14 deletions models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,26 +51,49 @@ class BugList(db.Model):
id=db.Column(db.Integer,primary_key=True,autoincrement=True)
oldurl=db.Column(db.String(50),nullable=True)
bugurl=db.Column(db.String(50),nullable=True)
bugtype=db.Column(db.Text,nullable=True)
buggrade=db.Column(db.String(10),nullable=True)
bugtypeid=db.Column(db.Integer,nullable=False)
payload=db.Column(db.String(100),nullable=True)
bugdetail=db.Column(db.Text,nullable=True)

class SeriousBug(db.Model):
__tablename__='seriousbug'
id = db.Column(db.Integer, primary_key=True, autoincrement=True)

class HighBug(db.Model):
__tablename__='highbug'
'''
buglist表
oldurl 扫描的原域名或IP
bugurl 原域名或IP下的存在漏洞的一个url
payload 漏洞利用的url payload
bugdetail 使用payload之后网页的请求源代码
'''
class BugType(db.Model):
__tablename__='bugtype'
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
bugtype=db.Column(db.String(50),nullable=False)
buggradeid=db.Column(db.Integer,nullable=False)

class MediumBug(db.Model):
__tablename__='mediumbug'
id = db.Column(db.Integer, primary_key=True, autoincrement=True)

class LowBug(db.Model):
__tablename__='lowbug'
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
'''
buglistid 对应buglist表中漏洞的id编号,事实上buglistid也是唯一的
bugtypeid 对应该漏洞的类型
buggradeid 对应buglist表中漏洞的等级
0 serious
1 high
2 medium
3 low
'''
# class SeriousBug(db.Model):
# __tablename__='seriousbug'
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
#
# class HighBug(db.Model):
# __tablename__='highbug'
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
#
# class MediumBug(db.Model):
# __tablename__='mediumbug'
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
#
# class LowBug(db.Model):
# __tablename__='lowbug'
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)

class Log(db.Model):
__tablename__='log'
Expand Down
Binary file modified sqlinjection/__pycache__/ErrorInjection.cpython-37.pyc
View file
Binary file not shown.

0 comments on commit 0f2deb6

Please sign in to comment.