验收线上版本！

author: shihaoyue <[email protected]> 2024-10-29 14:59:24 +0800
committer: shihaoyue <[email protected]> 2024-10-29 14:59:24 +0800
commit: 21d933a05c8982ce59e5655e97ba789253659281 (patch)
tree: 6362fb70b20572a43fc5922e5a9311d8dacd32d4 /server/apps
parent: f2a24804552afa40527c757e77e2b128f5e93956 (diff)
4 files changed, 44 insertions, 28 deletions
diff --git a/server/apps/agentcomm.py b/server/apps/agentcomm.py
index ad481c0..a7bbd75 100644
--- a/server/apps/agentcomm.py
+++ b/server/apps/agentcomm.py
@@ -10,7 +10,7 @@ from flask import request
 
 from .util import error, debug
 
-from model import Agent, TaskLog, Policy, TaskPolicy
+from model import Agent, Task, TaskLog, Policy, TaskPolicy
 from exts import db
 from sqlalchemy.exc import SQLAlchemyError
 
@@ -136,7 +136,11 @@ def stop_task_deliver(task_policy):
 def task_ret(json_data):
     if json_data["info"] == "finish":
         task_policy = db.session.query(TaskPolicy).get(json_data["taskpolicy"])
-        task_policy.task.status = "stopped"
+        task = db.session.query(Task).filter(Task.task_id == task_policy.for_task).first()
+        if task.status != "finish":
+            task.status = "stopped"
+
+
         db.session.commit()
         return {"code": 200, "msg": "ok"}
     import re
@@ -155,6 +159,7 @@ def task_ret(json_data):
                 tlog_info = entry,
                 tlog_tp = json_data["taskpolicy"]
         )
+        debug(task_log.tlog_info)
         db.session.add(task_log)
     try:
         db.session.commit()
diff --git a/server/apps/policy_list.py b/server/apps/policy_list.py
index 84c1313..ac632a3 100644
--- a/server/apps/policy_list.py
+++ b/server/apps/policy_list.py
@@ -14,26 +14,27 @@ ddos_policy_dic = [
     # {"id": "10", "payload": "-n 2 -wait 300 -round 5"},
 
     # ipv6 ./prober 
-    {"id": "5", "payload": "comm.e64.fun 5000 47.76.237.22"},
-    {"id": "5", "payload": "comm.e64.fun 10000 47.76.237.22 47.242.54.229"},
-    {"id": "5", "payload": "comm.e64.fun 15000 47.76.237.22 47.242.54.229 8.210.135.224"},
+    {"id": "5", "payload": "comm.e64.fun. 5000 47.76.237.22"},
+    {"id": "5", "payload": "comm.e64.fun. 10000 47.76.237.22 47.242.54.229"},
+    {"id": "5", "payload": "comm.e64.fun. 15000 47.76.237.22 47.242.54.229 8.210.135.224"},
 
 
     # dnssec ./dtool 
     {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d tree.ncache.site -r 50 -n 5000"},
-    {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d tree.ncache.site -r 200 -n 20000"},
-    {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d tree.ncache.site -r 300 -n 30000"},
     {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d alias.ncache.site -r 50 -n 5000"},
+    {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d tree.ncache.site -r 200 -n 20000"},
     {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d alias.ncache.site -r 200 -n 20000"},
+    {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d tree.ncache.site -r 300 -n 30000"},
     {"id": "3", "payload": "query 47.76.239.205 -p 53 -R -d alias.ncache.site -r 300 -n 30000"},
     
 ]
 sjqp_policy_dic = [
     # sjqp dnssec python proxy.py
     {"id": "4", "payload": ""},
-    
+
     # sjqp ipv6 ./attack.sh 
-    {"id": "6", "payload": "240b:4001:150:a600:5b9:609e:d0ae:e1a 2000::1 eth0 baidu.com 240b:4001:150:a600:5b9:609e:d0ae:e1b"},
+    {"id": "6", "payload": "240b:4001:150:a600:5b9:609e:d0ae:e1a 1.1.1.1 eth0 baidu.com 240b:4001:150:a600:5b9:609e:d0ae:e1b"},
+    # {"id": "6", "payload": "240b:4001:150:a600:5b9:609e:d0ae:e1a 2000::1 eth0 victim.duktig.xyz 240b:4001:150:a600:5b9:609e:d0ae:e1b"},
     # {"id": "6", "payload": "240b:4001:150:a600:5b9:609e:d0ae:e1a 2000::2 eth0 baidu.com 240b:4001:150:a600:5b9:609e:d0ae:e1b"},
     
     # sjqp doh python downgrade_phase1.py python downgrade_phase1.py 
diff --git a/server/apps/target.py b/server/apps/target.py
index 15f91da..31e719d 100644
--- a/server/apps/target.py
+++ b/server/apps/target.py
@@ -142,6 +142,13 @@ class TargetInfo(Schema):
     protect = String()
 
 
+def average_without_max(results):
+    if results:
+        results.remove(max(results))
+        return sum(results) / len(results) if results else 0
+    return 0
+
+
 
 def task_monitoring(task):
     with scheduler.app.app_context():
@@ -174,9 +181,9 @@ def task_monitoring(task):
                 dns_results.append(float(future.result()))
 
         # 计算平均值
-        icmp_avg = sum(icmp_results) / len(icmp_results) if icmp_results else 0
-        tcp_avg = sum(tcp_results) / len(tcp_results) if tcp_results else 0
-        dns_avg = sum(dns_results) / len(dns_results) if dns_results else 0
+        icmp_avg = average_without_max(icmp_results)
+        tcp_avg = average_without_max(tcp_results)
+        dns_avg = average_without_max(dns_results)
         # id, ip_port = nodes_info.items()[0]
         query_data = {
             'rev' : task.target.addrv4 if task.target.addrv4 else task.target.addrv6,
@@ -185,15 +192,15 @@ def task_monitoring(task):
         }
         target_domain = get_record(query_data)
         try:
-            first_ip = target_domain[0]["rrset"] if target_domain else None
+            ip_list = str([entry["rrset"] for entry in target_domain])
         except:
-            first_ip = ""
+            ip_list = ""
         target_status = TargetStatus(
             tp_id = task.task_policies[-1].tp_id,
             icmp = icmp_avg,
             tcp = tcp_avg,
             dns = dns_avg,
-            recorde = first_ip,
+            recorde = ip_list,
         )
 
         db.session.add(target_status)
@@ -391,12 +398,12 @@ def get_record(query_data):
     # 根据rev参数配置解析器
     is_Do53 = any(proto if proto in rev else False for proto in protols)
     if not is_Do53:
-        # 存在端口指定
-        if ":" in rev:
-            res = rev.split(":")
-            myResolver.nameservers = [dns.nameserver.Do53Nameserver(res[0], port=res[1])]
-        else:
-            myResolver.nameservers = [rev]
+        # # 存在端口指定
+        # if ":" in rev:
+        #     res = rev.split(":")
+        #     myResolver.nameservers = [dns.nameserver.Do53Nameserver(res[0], port=res[1])]
+        # else:
+        myResolver.nameservers = [rev]
     else:
         #  doh服务
         if "https" in rev:
@@ -410,6 +417,7 @@ def get_record(query_data):
         for r in myAnswers.rrset:
             ans.append({"rrset": str(r)})
     return ans
+
 @bp.get("/target_check")
 @bp.doc("展示数据库中的目标解析结果", description="参数说明:</br>" +
                                                 "rev:解析器的IP地址</br>"
@@ -435,7 +443,6 @@ def get_target_record(query_data):
             }
         ]
     }
-  
     return {"code": 200, 'ans': res["ans"]}
 
 @bp.get("/check")
diff --git a/server/apps/task.py b/server/apps/task.py
index 818248c..17fd9e4 100644
--- a/server/apps/task.py
+++ b/server/apps/task.py
@@ -129,9 +129,11 @@ def make_task(json_data):
         if task.target_rr == "" or task.target_domain == "":
             return {"code": 400, "msg": "数据欺骗缺乏目标域名或注入参数"}
 
-    if task.target_rr is not None:
+    try:
         task.target_rtype, task.target_rr = task.target_rr.split(" ")
-
+    except Exception:
+        task.target_rtype = None
+        task.target_rr = None
     # 关联目标
     Ip = str(json_data.get("target"))
     ip_version = is_ipaddress(Ip)
@@ -235,6 +237,7 @@ def stop_policy_change_timer(task):
 # 任务成功检测
 def effective_detection(task_policy):
     with scheduler.app.app_context():
+        task = db.session.query(Task).filter(Task.task_id == task_policy.for_task).first()
         base_policy = db.session.query(TaskPolicy).filter(TaskPolicy.for_task==task_policy.for_task).order_by(TaskPolicy.tp_time.asc()).first()
         base = db.session.query(TargetStatus).filter_by(tp_id=base_policy.tp_id).order_by(TargetStatus.time.asc()).first()
         now = db.session.query(TargetStatus).filter_by(tp_id=task_policy.tp_id).order_by(TargetStatus.time.desc()).first()
@@ -244,13 +247,13 @@ def effective_detection(task_policy):
         if p_type=="ddos":
             target_scan = db.session.query(Task).filter_by(task_id = task_policy.for_task).first().target_scan
             if target_scan=="icmp":
-                rec = base.icmp*4 < now.icmp       
+                rec = base.icmp*4 < now.icmp
             elif target_scan=="tcp":
-                rec = base.tcp*4 < now.tcp       
+                rec = base.tcp*4 < now.tcp
             elif target_scan=="auto" or target_scan=="dns":
                 rec = base.dns*4 < now.dns
         elif p_type=="sjqp":
-            rec = base.recorde!=now.recorde
+            rec = task.target_rr in now.recorde
             pass
         debug(f"能行吗{rec}：是{p_type}")
         return rec
@@ -393,7 +396,7 @@ def tasks_state(query_data):
 def calculate_response_rate(task_policy):
     
     base_policy = db.session.query(TaskPolicy).filter(TaskPolicy.for_task==task_policy.for_task).order_by(TaskPolicy.tp_time.asc()).first()
-    base = db.session.query(TargetStatus).filter_by(tp_id=base_policy.tp_id).order_by(TargetStatus.time.desc()).first()
+    base = db.session.query(TargetStatus).filter_by(tp_id=base_policy.tp_id).order_by(TargetStatus.time.asc()).first()
 
     # 查询总记录数和大于 threshold 的记录数
     total_count = db.session.query(TargetStatus).filter_by(tp_id=task_policy.tp_id).count()
author	shihaoyue <[email protected]>	2024-10-29 14:59:24 +0800
committer	shihaoyue <[email protected]>	2024-10-29 14:59:24 +0800
commit	21d933a05c8982ce59e5655e97ba789253659281 (patch)
tree	6362fb70b20572a43fc5922e5a9311d8dacd32d4 /server/apps
parent	f2a24804552afa40527c757e77e2b128f5e93956 (diff)