server端仪表盘界面接口定义完毕

author: 韩丁康 <[email protected]> 2024-04-01 17:15:23 +0800
committer: 韩丁康 <[email protected]> 2024-04-01 17:15:23 +0800
commit: 3629e09817d184f0c41711694136bd3379ff16f9 (patch)
tree: 33fbb2309bc9eeb527c87bfa1ce50e56de021103 /agent
parent: 022894713a0cb733445bc8954c17b225037850fd (diff)
3 files changed, 54 insertions, 104 deletions
diff --git a/agent/app.py b/agent/app.py
index eaca222..d78c893 100644
--- a/agent/app.py
+++ b/agent/app.py
@@ -7,8 +7,8 @@ import geocoder
 import psutil
 import requests
 from apiflask import APIFlask
+from server.apps.datacheck import bp as datacheckbp
 
-from apps.datacheck import bp as datacheckbp
 from apps.delay import bp as scriptbp
 
 # 注册蓝图
diff --git a/agent/apps/datacheck.py b/agent/apps/datacheck.py
deleted file mode 100644
index 260c496..0000000
--- a/agent/apps/datacheck.py
+++ /dev/null
@@ -1,50 +0,0 @@
-# 状态感知——DNS记录测试接口
-import dns.nameserver
-from apiflask import APIBlueprint
-from apiflask.fields import String
-from apiflask.validators import OneOf
-from dns import resolver
-
-bp = APIBlueprint("check", __name__, url_prefix="/check")
-
-
-[email protected]("/")
-[email protected]("通过指定的解析器获取指定域名的A/AAAA记录")
-[email protected]({
-    'rev': String(required=True),
-    'domain': String(required=True),
-    'qtype': String(required=True, validate=OneOf(['A', 'AAAA', "CNAME", "NS"]))
-}, location='query')
-def record(query_data):
-    # 特殊协议头
-    protols = ["https", "tls"]
-    ans = []
-    # 参数读取
-    rev = query_data['rev']
-    domain = query_data['domain']
-    qtype = query_data['qtype']
-
-    # 解析器配置
-    myResolver = resolver.Resolver()
-    # 根据rev参数配置解析器
-    is_Do53 = any(proto if proto in rev else False for proto in protols)
-    if not is_Do53:
-        # 存在端口指定
-        if ":" in rev:
-            res = rev.split(":")
-            myResolver.nameservers = [dns.nameserver.Do53Nameserver(res[0], port=res[1])]
-        else:
-            myResolver.nameservers = [rev]
-    else:
-        #  doh服务
-        if "https" in rev:
-            myResolver.nameservers = [dns.nameserver.DoHNameserver(url=rev)]
-        # dot服务
-        if "tls" in rev:
-            res = rev.split("//")
-            myResolver.nameservers = [dns.nameserver.DoTNameserver(address=res[1])]
-    myAnswers = myResolver.resolve(domain, qtype)
-    if myAnswers.rrset is not None:
-        for r in myAnswers.rrset:
-            ans.append({"rrset": str(r)})
-    return {'ans': ans}
diff --git a/agent/apps/script.py b/agent/apps/script.py
index fed769d..f9886b4 100644
--- a/agent/apps/script.py
+++ b/agent/apps/script.py
@@ -1,53 +1,53 @@
-# 调用不同的脚本
-import time
-import apps.utiltcping as utping
-from flask import Blueprint,request
-from icmplib import ping
-from dns import resolver
-import dns.nameserver
-
-bp=Blueprint("script",__name__,url_prefix="/script")
-
-[email protected]("/test")
-def hello():
-    return "hello"
-
-# icmp时延测试
-[email protected]("/icmpdelay")
-def icmpdelay():
-    addr=request.args.get("ip")
-    host=ping(addr,count=2,interval=0.1,timeout=2)
-    return str(host.avg_rtt)
-
-
-[email protected]("/tcpdelay")
-def tcpdelay():
-    addr=request.args.get("ip")
-    port=request.args.get("port",default=53)
-    tdelay=utping.cli(addr,port,2,2)
-    return str(tdelay)
-
-# dns时延测试函数，返回执行完成时的时间戳
-[email protected]("/dnsdelay")
-def dnsdelay():
-    addr = request.args.get("ip")
-    port = request.args.get("port",default=53)
-    domain = request.args.get("domain", default="www.baidu.com")
-    qtype=request.args.get("qtype",default="A")
-
-    start_time=time.time()
-    # 解析器配置
-    myResolver = resolver.Resolver()
-    myResolver.nameservers = [dns.nameserver.Do53Nameserver(addr, port=port)]
-
-    # 开始解析
-    ans=myResolver.resolve(domain,qtype,lifetime=4)
-    stop_time=time.time()
-    t=stop_time-start_time
-    return  str(format(t*1000,".3f"))
-
-
-
-
-
-
+# 渗透、目标参数感知脚本
+import subprocess
+from concurrent.futures import ThreadPoolExecutor
+
+import select
+from apiflask import APIBlueprint
+from apiflask.fields import String
+
+bp = APIBlueprint('script', __name__, url_prefix='/script')
+# 线程池
+executor = ThreadPoolExecutor(5)
+
+
+[email protected]('/')
+[email protected]("渗透任务参数接收接口", "返回任务执行状态")
+[email protected]({
+    'name': String(required=True),
+    'param': String(required=True)
+})
+def start_script(query_data):
+    # 执行命令
+    exe = [query_data['name']]
+    # 执行参数
+    params = query_data['param'].split()
+    if '.py' in query_data['name']:
+        exe = ["python"] + exe
+    # 通过
+    executor.submit(process_script, exe + params)
+    return {"code": 200, "msg": "ok"}
+
+
+def process_script(command):
+    # 开始执行命令，不等待其执行完毕
+    process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    while True:
+        # 使用select来监测stdout和stderr是否有数据
+        # select函数会阻塞，直到有数据可读
+        # 返回值是三个列表，第一个列表是可读的文件对象
+        readable, _, _ = select.select([process.stdout, process.stderr], [], [])
+
+        for stream in readable:
+            # 读取输出并转换成字符串
+            output = stream.readline().decode('utf-8')
+            if output:
+                # TODO:存储输出到数据库中
+                print(output.strip())
+
+        # 检查子进程是否结束
+        if process.poll() is not None:
+            break
+
+    # 获取子进程的返回值
+    rc = process.wait()
author	韩丁康 <[email protected]>	2024-04-01 17:15:23 +0800
committer	韩丁康 <[email protected]>	2024-04-01 17:15:23 +0800
commit	3629e09817d184f0c41711694136bd3379ff16f9 (patch)
tree	33fbb2309bc9eeb527c87bfa1ce50e56de021103 /agent
parent	022894713a0cb733445bc8954c17b225037850fd (diff)