欢迎光临
我们一直在努力

改造dnslog的api为我们需要的输出方式

<

div>

以前有cloudeye,发现它的api友好的不得了,后来又尝试过一段时间的ceye.io就是ceye.io其实不稳定,后来把目光转向了dnslog不得不说dnslog的开源确实是方便,但是它的api确实是蛋疼的紧
比如我们有一个whoami的参数
524107888 改造dnslog的api为我们需要的输出方式

通过api查询

 http://webadmin.secevery.com/api/web/www/whoami/

524107888 改造dnslog的api为我们需要的输出方式

发现是false,仔细对比了下它的api函数,居然是

 def api(request, logtype, udomain, hashstr):     apistatus = False     host = "%s.%s." % (hashstr, udomain)     if logtype == 'dns':         res = DNSLog.objects.filter(host__contains=host)         if len(res) > 0:             apistatus = True     elif logtype == 'web':         res = WebLog.objects.filter(path__contains=host)         if len(res) > 0:             apistatus = True     else:         return HttpResponseRedirect('/')     return render(request, 'api.html', {'apistatus': apistatus})


host = "%s.%s." % (hashstr, udomain) 这尼玛~
只能查询xxxx.fuck.dns5.org的类型了.对于fuck.dns5.org/?cmd=fuck的形式好像不能查询。这尼玛~本想重新改写的.发现工程量太大了,就拿dnslog来修改api函数就好了
 #重新改写api
#1.默认访问全部的日志信息
#2.可以访问/api/xxxx/dns|web/
#3.可以精确定位到/api/xxxx/(dns|web)/xxxx/
步骤
#先获取userid 
#xxx = (select userid from logview_user where udomain = udomain)
 
再根据dns|web的方式分别执行sql语句
if logtype == 'dns':
        #需要执行的是select log_time,host from logview_dnslog where userid = xxx and path like '%hashstr%'
elif logtype == 'web':
        #需要执行的是SELECT "remote_addr","http_user_agent","log_time","path" FROM "logview_weblog" WHERE "user_id"=xxx and path like '%hashstr%'
 
这里的hashstr其实是可以为空的.就拿默认的数据库来测试

 SELECT "log_time","remote_addr","http_user_agent","path" FROM "logview_weblog" WHERE user_id=(select id from logview_user where udomain = 'test') and path like '3%'
 log_time    remote_addr http_user_agent path 113.135.96.202  Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36    123.test.dnslog.link/ 113.135.96.202  Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36    123.test.dnslog.link/favicon.ico

保持hashstr为空

 SELECT "log_time","remote_addr","http_user_agent","path" FROM "logview_weblog" WHERE user_id=(select id from logview_user where udomain = 'test') and path like '%%'

结果依然是

 log_time    remote_addr http_user_agent path 113.135.96.202  Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36    123.test.dnslog.link/ 113.135.96.202  Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36    123.test.dnslog.link/favicon.ico

这样就保证了xxx的完整性
 
大概改写后的api函数为

 def api(request, logtype, udomain, hashstr):     result = ''     #首先保证udomain不能为空     if len(udomain)>0:         if logtype == 'dns':             sql = "select log_time,host from logview_dnslog where userid = (select userid from logview_user /"                 "where udomain = {udomain}) and path like '%{hash}%'".format(udomain=udomain,hash=hashstr)         elif logtype == 'web':             sql = "SELECT log_time,remote_addr,http_user_agent,path FROM logview_weblog WHERE user_id=(select /"                 "id from logview_user where udomain = {udomain}) and path like '%{hash}%'".format(udomain=udomain,hash=hashstr)         logging.info(sql)         #excute.sql     return result    

其实意淫而已。不熟悉django.还在泪奔中。真特么的狗日的chrome的未知bug。动方向键就奔溃。

524107888 改造dnslog的api为我们需要的输出方式
大约完毕了,以后有bug再说

 def api(request, logtype, udomain, hashstr):       import json                                              result = None     re_result =                                                                                   host = "%s.%s." % (hashstr, udomain)                                                                    if logtype == 'web':                                                                                        res = WebLog.objects.all().filter(path__contains=hashstr)                                                                                                                           if len(res) > 0:                                                                                            for rr in res:                 result = dict(                     time= str(rr.log_time),                     ipaddr = rr.remote_addr,                     ua = rr.http_user_agent,                     path = rr.path                 )                                                                                      re_result.append(result)      elif logtype == 'dns':               res = DNSLog.objects.all().filter(host__contains=host)              if len(res) > 0:             for rr in res:                 result = dict(                     time = str(rr.log_time),                     host = rr.host                     )                 re_result.append(result)      else:         return HttpResponseRedirect('/')     return render(request, 'api.html', {'apistatus': json.dumps(re_result)})

     &lt;p&gt;
未经允许不得转载:杂术馆 » 改造dnslog的api为我们需要的输出方式
分享到: 更多 (0)