diff --git a/lib/utils/api.py b/lib/utils/api.py index c73adaec8..09aac2c5a 100644 --- a/lib/utils/api.py +++ b/lib/utils/api.py @@ -372,7 +372,7 @@ def task_delete(taskid): @get("/admin//list") -def task_list(taskid): +def task_list(taskid=None): """ List task pull """ @@ -383,7 +383,8 @@ def task_list(taskid): for key in DataStore.tasks: if DataStore.tasks[key].remote_addr == request.remote_addr: tasks.append(key) - + tasks = {x: dejsonize(scan_status(x))['status'] + for x in list(DataStore.tasks)} logger.debug("[%s] Listed task pool (%s)" % (taskid, "admin" if is_admin(taskid) else request.remote_addr)) return jsonize({"success": True, "tasks": tasks, "tasks_num": len(tasks)}) @@ -482,7 +483,9 @@ def scan_stop(taskid): """ Stop a scan """ - if taskid not in DataStore.tasks: + if (taskid not in DataStore.tasks or + DataStore.tasks[taskid].engine_process() is None or + DataStore.tasks[taskid].engine_has_terminated()): logger.warning("[%s] Invalid task ID provided to scan_stop()" % taskid) return jsonize({"success": False, "message": "Invalid task ID"}) @@ -497,7 +500,9 @@ def scan_kill(taskid): """ Kill a scan """ - if taskid not in DataStore.tasks: + if (taskid not in DataStore.tasks or + DataStore.tasks[taskid].engine_process() is None or + DataStore.tasks[taskid].engine_has_terminated()): logger.warning("[%s] Invalid task ID provided to scan_kill()" % taskid) return jsonize({"success": False, "message": "Invalid task ID"}) @@ -693,12 +698,12 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT): while True: try: - command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip() + command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip().lower() except (EOFError, KeyboardInterrupt): print break - if command.lower() in ("data", "log", "status"): + if command in ("data", "log", "status", "stop", "kill"): if not taskid: logger.error("No task ID in use") continue @@ -708,7 +713,7 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT): logger.error("Failed to execute command " + command) dataToStdout("%s\n" % raw) - elif command.lower().startswith("new"): + elif command.startswith("new"): if ' ' not in command: logger.error("Program arguments are missing") continue @@ -740,7 +745,7 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT): continue logger.info("Scanning started") - elif command.lower().startswith("use"): + elif command.startswith("use"): taskid = (command.split()[1] if ' ' in command else "").strip("'\"") if not taskid: logger.error("Task ID is missing") @@ -752,16 +757,27 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT): continue logger.info("Switching to task ID '%s' " % taskid) - elif command.lower() in ("exit", "bye", "quit", 'q'): + elif command in ("list", "flush"): + raw = _client(addr + "/admin/0/" + command) + res = dejsonize(raw) + if not res["success"]: + logger.error("Failed to execute command " + command) + dataToStdout("%s\n" % raw) + + elif command in ("exit", "bye", "quit", 'q'): return - elif command.lower() in ("help", "?"): + elif command in ("help", "?"): msg = "help Show this help message\n" msg += "new ARGS Start a new scan task with provided arguments (e.g. 'new -u \"http://testphp.vulnweb.com/artists.php?artist=1\"')\n" msg += "use TASKID Switch current context to different task (e.g. 'use c04d8c5c7582efb4')\n" msg += "data Retrieve and show data for current task\n" msg += "log Retrieve and show log for current task\n" msg += "status Retrieve and show status for current task\n" + msg += "stop Stop current task\n" + msg += "kill Kill current task\n" + msg += "list Display all tasks\n" + msg += "flush Flush tasks (delete all tasks)\n" msg += "exit Exit this client\n" dataToStdout(msg)