进行部分修改

shadowsiren · Jun 3, 2020 · 0e58200 · 0e58200
1 parent 949f3cc
commit 0e58200
Show file tree

Hide file tree

Showing 20 changed files with 129 additions and 234 deletions.
diff --git a/BaseMessage.py b/BaseMessage.py
@@ -121,15 +121,15 @@ def AngelSwordMain(self):
     # redispool=redis.ConnectionPool(host='127.0.0.1',port=6379, decode_responses=True)
     # redispool = redis.Redis(connection_pool=ImportToRedis.redisPool)
     try:
-        rep=requests.get(url="http://testphp.vulnweb.com",headers=core.GetHeaders(),timeout=10)
-        test=GetBaseMessage("testphp.vulnweb.com","http://testphp.vulnweb.com",rep)
+        rep=requests.get(url="https://www.nowcoder.com",headers=core.GetHeaders(),timeout=10)
+        test=GetBaseMessage("www.nowcoder.com","https://www.nowcoder.com",rep)
         # test.AngelSwordMain()
-        # print(test.GetStatus())
-        # print(test.GetTitle())
-        # print(test.GetResponseHeader())
+        print(test.GetStatus())
+        print(test.GetTitle())
+        print(test.GetResponseHeader())
         print(test.GetFinger())
-        # print(test.PortScan())
-        # print(test.SenDir())
+        print(test.PortScan())
+        print(test.SenDir())
 
     except Exception as e:
         print(e)

diff --git a/DomainMessage.py b/DomainMessage.py
@@ -59,7 +59,7 @@ def FindDomainAdd(self):
             return "None"
 
 if __name__=='__main__':
-    test=DomainMessage("www.runoob.com")
+    test=DomainMessage("www.nowcoder.com")
     try:
         print(test.GetSiteStation())
         print(test.GetBindingIP())

diff --git a/SZheConsole.py b/SZheConsole.py
@@ -95,8 +95,8 @@ def SZheScan(url):
                                 domainaddr=domaininfo.FindDomainAdd())
                 db.session.add(domaininfo)
             db.session.commit()
-            #默认url深度爬取为 1 ，避免大站链接过多，可在设置中进行修改
-            SpiderGetUrl2(attackurl,deepth=1)
+            #默认url深度爬取为 2 ，避免大站链接过多，可在设置中进行修改
+            SpiderGetUrl2(attackurl,deepth=2)
             print("对该网站爬取到的url进行常规漏扫 :D")
             BugScanConsole(url)
             try:

diff --git a/__pycache__/BaseMessage.cpython-37.pyc b/__pycache__/BaseMessage.cpython-37.pyc
diff --git a/__pycache__/DomainMessage.cpython-37.pyc b/__pycache__/DomainMessage.cpython-37.pyc
diff --git a/__pycache__/SZheConsole.cpython-37.pyc b/__pycache__/SZheConsole.cpython-37.pyc
diff --git a/__pycache__/config.cpython-37.pyc b/__pycache__/config.cpython-37.pyc
diff --git a/__pycache__/models.cpython-37.pyc b/__pycache__/models.cpython-37.pyc
diff --git a/config.py b/config.py
@@ -5,15 +5,15 @@
     debug=true
     secret_key,session中的24位随机盐值
     MySQL数据库配置
-    数据库名为scan_test_demo
+    数据库名为SZheScan
         python3:https://blog.csdn.net/qq562029186/article/details/81325074
 '''
-DEBUG=True
+DEBUG=False
 SECRET_KEY=os.urandom(24)
 
 HOSTNAME='127.0.0.1'
 PORT='3306'
-DATABASE='scan_test_demo'
+DATABASE='SZheScan'
 USERNAME='root'
 PASSWORD='root'
 #SQLALCHEMY_DATABASE_URI = 'mysql+pymysql://root:[email protected]/tushare?charset=utf8'
@@ -22,7 +22,5 @@
 SQLALCHEMY_TRACK_MODIFICATIONS=False
 
 # PASSWORD = "123456"
-PASSWORD = ""
 HOST = "127.0.0.1"
-# HOST = "192.168.88.128"
-redisPool = redis.ConnectionPool(host=HOST, password=PASSWORD, port=6379, db=0, decode_responses=True)
+redisPool = redis.ConnectionPool(host=HOST, port=6379, db=0, decode_responses=True)
diff --git a/index.py b/index.py
@@ -48,7 +48,7 @@ def validate(email, username, password1, password2):
 
 @app.route('/<int:page>',methods=['GET'])
 @app.route('/')
-# @login_required
+@login_required
 def index(page=None):
     bugbit,bugtype=core.GetBit()
     if not page:
@@ -60,7 +60,7 @@ def index(page=None):
 
 
 @app.route('/POCmanage',methods=['GET','POST'])
-# @login_required
+@login_required
 def POCmanage():
     bugbit,bugtype=core.GetBit()
     poclist=POC.query.order_by(POC.id.desc()).all()
@@ -80,7 +80,7 @@ def POCmanage():
 
 
 @app.route('/editinfo',methods=['GET','POST'])
-# @login_required
+@login_required
 def editinfo():
     user_id = session.get('user_id')
     nowuser = User.query.filter(User.id == user_id).first()
@@ -122,7 +122,7 @@ def editinfo():
 
 @app.route('/domaindetail/<int:id>',methods=['GET'])
 @app.route('/domaindetail')
-# @login_required
+@login_required
 def domaindetail(id=None):
     bugbit, bugtype = core.GetBit()
     if not id:
@@ -139,7 +139,7 @@ def domaindetail(id=None):
 
 @app.route('/buglist/<int:page>',methods=['GET'])
 @app.route('/buglist')
-# @login_required
+@login_required
 def buglist(page=None):
     bugbit,bugtype=core.GetBit()
     if not page:
@@ -152,7 +152,7 @@ def buglist(page=None):
 
 @app.route('/bugdetail/<int:id>',methods=['GET'])
 @app.route('/bugdetail')
-# @login_required
+@login_required
 def bugdetail(id=None):
     bugbit, bugtype = core.GetBit()
     if not id:
@@ -165,7 +165,7 @@ def bugdetail(id=None):
 
 @app.route('/assetdetail/')
 @app.route('/assetdetail/<name>', methods=['GET'])
-# @login_required
+@login_required
 def assetdetail(name=None):
     if not name:
         return redirect(url_for('index'))
@@ -176,7 +176,7 @@ def assetdetail(name=None):
 
 
 @app.route('/user', methods=['GET', 'POST'])
-# @login_required
+@login_required
 def user():
     allcode=InvitationCode.query.order_by(InvitationCode.id.desc()).limit(10).all()
     user_id = session.get('user_id')
@@ -193,8 +193,8 @@ def user():
         return render_template('user-center.html',allcode=allcode,username=username,profile=profile,assetname=assetname)
 
 
-@app.route('/test_console', methods=['GET', 'POST'])
-# @login_required
+@app.route('/console', methods=['GET', 'POST'])
+@login_required
 def console():
     bugbit,bugtype=core.GetBit()
     counts=core.GetCounts()
@@ -240,7 +240,7 @@ def login():
 
 # 生成邀请码
 @app.route('/GenInvitationCode', methods=['GET', 'POST'])
-# @login_required
+@login_required
 def GenInvitationCode():
     user_id = session.get('user_id')
     profile = Profile.query.filter(Profile.userid == user_id).first()
@@ -282,7 +282,7 @@ def regist():
 
 
 @app.route('/logout/')
-# @login_required
+@login_required
 def logout():
     # session.pop('user_id')
     # del session('user_id')
@@ -291,15 +291,15 @@ def logout():
 
 
 @app.route('/about/')
-# @login_required
+@login_required
 def about():
     return render_template('about.html')
 
 
 # 日志每页显示38条
 @app.route('/log_detail/')
 @app.route('/log_detail/<int:page>', methods=['GET'])
-# @login_required
+@login_required
 def log_detail(page=None):
     bugbit,bugtype=core.GetBit()
     if not page:

diff --git a/init.sql.zip b/init.sql.zip
@@ -0,0 +1,100 @@
+CREATE DATABASE IF NOT EXISTS SZheScan default charset utf8 COLLATE utf8_general_ci;
+
+use SZheScan;
+
+DROP TABLE IF EXISTS `table1`;
+
+CREATE TABLE `user` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`email` varchar(20) NOT NULL,
+`username` varchar(50) NOT NULL,
+`pw_hash` varchar(128) NOT NULL,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+INSERT INTO `user` (`id`, `email`, `username`, `pw_hash`)
+VALUES
+(1,'[email protected]','springbird','pbkdf2:sha256:150000$XNEKW4J4$726b6b5f7d07c3e7f4280634b547b90c64055018f31290c05857aade0b983057');
+
+CREATE TABLE `profile` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`userid` int(11) NOT NULL,
+`blog` varchar(100) NULL,
+`signature` TEXT NULL,
+
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `baseinfo` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`url` varchar(50) NOT NULL,
+`status` varchar(3) NOT NULL,
+`title` varchar(50),
+`date` varchar(30) NOT NULL,
+`responseheader` TEXT NOT NULL,
+`Server` TEXT,
+`portserver` TEXT,
+`sendir` TEXT,
+`boolcheck` tinyint(1),
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+
+CREATE TABLE `ipinfo` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`baseinfoid` int(11) NOT NULL,
+`bindingdomain` TEXT,
+`sitestation` TEXT,
+`CMessage` TEXT NOT NULL,
+`ipaddr` varchar(100) NOT NULL,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+
+CREATE TABLE `domaininfo` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`baseinfoid` int(11) NOT NULL,
+`subdomain` TEXT,
+`whois` TEXT,
+`bindingip` TEXT,
+`sitestation` TEXT,
+`recordinfo` TEXT,
+`domainaddr` varchar(200),
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `buglist` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`oldurl` varchar(50),
+`bugurl` varchar(200),
+`bugname` varchar(100) NOT NULL,
+`buggrade` varchar(7) NOT NULL,
+`payload` TEXT,
+`bugdetail` TEXT,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `poc` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`name` varchar(100) NOT NULL,
+`rule` TEXT,
+`expression` TEXT,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `log` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`ip` varchar(20) NOT NULL,
+`email` varchar(50) NOT NULL,
+`date` DATE,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+
+CREATE TABLE `invitationcode` (
+`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+`code` varchar(36) NOT NULL,
+PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+
diff --git a/migrations/README b/migrations/README
diff --git a/migrations/__pycache__/env.cpython-38.pyc b/migrations/__pycache__/env.cpython-38.pyc
diff --git a/migrations/alembic.ini b/migrations/alembic.ini