add targetGZ完成目标感知,下班

author: shihaoyue <[email protected]> 2024-08-30 20:13:41 +0800
committer: shihaoyue <[email protected]> 2024-08-30 20:13:41 +0800
commit: 1df2a880b38e4b968b17371d78894ea26e9af7bd (patch)
tree: 848c9bfbf747b979c98bb756dfd140bf658b8847
parent: 0d3b329cf3c62b0e9b599c8c337c7dc5c1b8b840 (diff)
5 files changed, 128 insertions, 12 deletions
diff --git a/agent/app.py b/agent/app.py
index fc7146b..a96c8a7 100644
--- a/agent/app.py
+++ b/agent/app.py
@@ -12,11 +12,13 @@ from apiflask import APIFlask
 
 from apps.delay import bp as delaybp
 from apps.script import bp as scriptbp
+from apps.target_gz import bp as ganzhibp
 
 # 注册蓝图
 app = APIFlask(__name__, template_folder='./static/templates')
 app.register_blueprint(delaybp)
 app.register_blueprint(scriptbp)
+app.register_blueprint(ganzhibp)
 # 代理配置
 config = {}
 # 代理类型参数映射表
diff --git a/agent/apps/TargetGZ_Client_JSON b/agent/apps/TargetGZ_Client_JSON
new file mode 100755
index 0000000..0fc7dcc
--- /dev/null
+++ b/agent/apps/TargetGZ_Client_JSON
diff --git a/agent/apps/target_gz.py b/agent/apps/target_gz.py
new file mode 100644
index 0000000..7bfbba2
--- /dev/null
+++ b/agent/apps/target_gz.py
@@ -0,0 +1,24 @@
+# 目标感知
+import subprocess
+from apiflask import APIBlueprint
+from apiflask.fields import String
+from flask import json
+
+bp = APIBlueprint('target_gz', __name__, url_prefix='/target_gz')
+
+[email protected]('/<IP>')
+[email protected]("对攻击目标进行目标感知")
+def execute_command(IP):
+    output = None
+    while not output:
+        proc = subprocess.Popen(f"./apps/TargetGZ_Client_JSON --target {IP}", 
+                                shell=True, 
+                                stdout=subprocess.PIPE,
+                                stderr=subprocess.STDOUT, 
+                                universal_newlines=True,
+                                text=True, 
+                                encoding='utf-8')
+
+        output = proc.communicate()[0].strip()
+
+    return output
+\ No newline at end of file
diff --git a/server/apps/policy.py b/server/apps/policy.py
index 9d14d52..8a54817 100644
--- a/server/apps/policy.py
+++ b/server/apps/policy.py
@@ -6,13 +6,14 @@ from .util import is_ipaddress
 
 from exts import db
 from model import Policy, Target, TaskPolicy
+from .target import target_GZ
 
 def chiose_policy(task):
     if task.target_domain is not None:
         res = None
         # TODO:DoH处理
         pass
-    elif task.target_ip is not None:
+    else:
         ip_version = is_ipaddress(task.target_ip)
         if ip_version == 4 :
             res = db.session.query(Target).filter(Target.addrv4==task.target_ip).first()
@@ -24,18 +25,17 @@ def chiose_policy(task):
 
     # 不存在该目标的相关记录
     if not res:
-        # TODO:目标不存在时, 探测目标（fake）
+        target_GZ(task.target_ip)
         proto = ["IPv6"]
-    # 存在该目标的记录
-    else:
-        if res.ipv6:
-            proto.append("IPv6")
-        if res.doh:
-            proto.append("DOH")
-        if res.dot:
-            proto.append("DOT")
-        if res.dnssec:
-            proto.append("DNSSEC")
+
+    if res.ipv6:
+        proto.append("IPv6")
+    if res.doh:
+        proto.append("DOH")
+    if res.dot:
+        proto.append("DOT")
+    if res.dnssec:
+        proto.append("DNSSEC")
 
     # 可选策略范围 policy
     # 根据用户期望手段与目标协议寻找初始化策略
diff --git a/server/apps/target.py b/server/apps/target.py
index ef63f1c..9d50a5e 100644
--- a/server/apps/target.py
+++ b/server/apps/target.py
@@ -2,7 +2,9 @@
 # 时延测试接口
 import ipaddress
 import json
+import random
 import threading
+import asyncio
 from operator import or_
 
 import requests
@@ -67,6 +69,46 @@ class DelayOut(Schema):
     code = Integer()
     delay_data = List(Nested(Delay()))
 
+from marshmallow import Schema, fields
+
+class ProtectSchema(Schema):
+    dnssec_enabled = fields.Boolean(description="是否启用 DNSSEC（DNS 安全扩展）")
+    _0x20_encoding = fields.Boolean(description="是否使用 0x20 编码（域名是否随机化大小写）")
+    merge_dup = fields.Boolean(description="是否支持合并重复的 DNS 记录")
+    max_ns_cnt = fields.Integer(description="查询中允许的最大名称服务器（NS）记录数量")
+    max_cname_cnt = fields.Integer(description="查询中允许的最大 CNAME 链深度")
+    retry_limit = fields.Integer(description="在失败后重试 DNS 查询的最大次数")
+    fetch_limit = fields.Integer(description="在一次查询中可以获取的最大资源记录数")
+    timeout = fields.Integer(description="DNS 查询的超时时间，单位是毫秒")
+    random_port = fields.Boolean(description="是否使用随机端口进行 DNS 查询")
+    random_id = fields.Boolean(description="是否使用随机 ID 进行 DNS 查询")
+    version = fields.String(description="DNS 软件版本")
+    bailiwick = fields.Boolean(description="是否遵循 Bailiwick 规则")
+    max_ttl = fields.Integer(description="最大 TTL 值，单位为秒")
+    min_ttl = fields.Integer(description="最小 TTL 值，单位为秒")
+    edns_support = fields.Boolean(description="是否支持 EDNS")
+    rrl_qps = fields.Integer(description="每秒允许的资源记录锁查询次数")
+
+class TestNode(Schema):
+    Id = fields.String()
+    Name = fields.String()
+    Ip = fields.String()
+    Lat = fields.String()
+    Lng = fields.String()
+    Loc = fields.String()
+    addrv4 = fields.String()
+    addrv6 = fields.Boolean()
+    ipv6 = fields.Boolean()
+    dnssec = fields.Boolean()
+    dot = fields.Boolean()
+    doh = fields.Boolean()
+    cou = fields.String()
+    isp = fields.String()
+    lat = fields.String()
+    lng = fields.String()
+    protect = fields.Nested(ProtectSchema)
+
+
 
 # 地图统计信息返回结构体
 class CouInfo(Schema):
@@ -458,3 +500,51 @@ def map_info(query_data):
                            "value": 1, })
         query.close()
         return {"code": 200, "dataObject": {"earthAddTitle": target}}
+    
+
+[email protected]("/gz")
+[email protected]("目标感知")
+[email protected]({
+    "ip": IP(required=True)
+}, location="query")
+[email protected]({
+    "code": Integer(),
+    "dataObject": List(Nested(TargetSchema())),
+})
+def target_GZ(query_data):
+    IP_addr = query_data["ip"]
+    # 获取
+    csgz = db.session.query(Agent).filter_by(agent_type = 'gjst').all()
+    csgz = random.choice(csgz)
+
+    url = f"http://{csgz.ipaddr}:{csgz.port}/target_gz/{IP_addr}"
+    protect = requests.get(url)
+    
+    url = f'https://ipinfo.io/{IP_addr}/json?token=2c3db02b7ffce3'
+    response = requests.get(url)
+    data = response.json()
+
+    # 存数据库
+    tagret = Target(
+        addrv4 = IP_addr,
+        addrv6 = False,
+        ipv6 = False,
+        dnssec = json.loads(protect.text)['dnssec_enabled'],
+        dot = False,
+        doh = False,
+        cou = data.get('country'),
+        isp = data.get('org'),
+        lat = data.get('loc').split(',')[0],
+        lng = data.get('loc').split(',')[1],
+        protect = json.loads(protect.text),
+        doh_domain = None
+    )
+    existing_obj = db.session.query(Target).filter_by(addrv4 = tagret.addrv4).first()
+    if existing_obj:
+        db.session.delete(existing_obj)
+    db.session.add(tagret)
+    db.session.commit()
+    return {
+        'code': 200,
+        'dataObject': tagret
+    }
author	shihaoyue <[email protected]>	2024-08-30 20:13:41 +0800
committer	shihaoyue <[email protected]>	2024-08-30 20:13:41 +0800
commit	1df2a880b38e4b968b17371d78894ea26e9af7bd (patch)
tree	848c9bfbf747b979c98bb756dfd140bf658b8847
parent	0d3b329cf3c62b0e9b599c8c337c7dc5c1b8b840 (diff)