Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP : add : gen report #905

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions app/main/handlers/misc.js
Original file line number Diff line number Diff line change
Expand Up @@ -562,6 +562,13 @@ module.exports = (win, getClient) => {
handlerHelper.registerHandler(win, stream, streamStartVulinboxMap, token)
})

const streamGenQualityInspectionReportMap = new Map();
ipcMain.handle("cancel-GenQualityInspectionReport", handlerHelper.cancelHandler(streamGenQualityInspectionReportMap));
ipcMain.handle("GenQualityInspectionReport", (e, params, token) => {
let stream = getClient().GenQualityInspectionReport(params);
handlerHelper.registerHandler(win, stream, streamGenQualityInspectionReportMap, token)
})

const streamDiagnoseNetworkMap = new Map();
ipcMain.handle("cancel-DiagnoseNetwork", handlerHelper.cancelHandler(streamDiagnoseNetworkMap));
ipcMain.handle("DiagnoseNetwork", (e, params, token) => {
Expand Down
17 changes: 17 additions & 0 deletions app/main/handlers/pluginTool.js
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,23 @@ module.exports = (win, getClient) => {
})
})
}

ipcMain.handle("QueryYakScriptByIsCore", async (e, params) => {
return await asyncQueryYakScriptByIsCore(params)
})

const asyncQueryYakScriptByIsCore = (params) => {
return new Promise((resolve, reject) => {
getClient().QueryYakScriptByIsCore(params, (err, data) => {
if (err) {
reject(err)
return
}
resolve(data)
})
})
}

//企业版管理员获取所有可上传插件
ipcMain.handle("QueryYakScriptLocalAll", async (e, params) => {
return await asyncQueryYakScriptLocalAll(params)
Expand Down
280 changes: 230 additions & 50 deletions app/renderer/src/main/src/pages/vulinbox/VulinboxManager.tsx
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import React, {useEffect, useState} from "react";
import React, {useEffect, useRef, useState} from "react";
import {AutoCard} from "@/components/AutoCard";
import {EngineConsole} from "@/pages/engineConsole/EngineConsole";
import {failed, info, success, yakitNotify} from "@/utils/notification";
import {Form, Popconfirm, Progress, Space, Tag} from "antd";
import {failed, info, success, yakitFailed, yakitNotify} from "@/utils/notification";
import {Button, Form, Popconfirm, Progress, Space, Tag, Tooltip} from "antd";
import {YakitButton} from "@/components/yakitUI/YakitButton/YakitButton";
import useHoldingIPCRStream from "@/hook/useHoldingIPCRStream";
import {randomString} from "@/utils/randomUtil";
Expand All @@ -15,9 +15,25 @@ import {ExecResult} from "@/pages/invoker/schema";
import {StringToUint8Array, Uint8ArrayToString} from "@/utils/str";
import {useGetState} from "ahooks";
import styles from "@/pages/screenRecorder/ScreenRecorderPage.module.scss";
import {ChromeFrameSvgIcon, ChromeSvgIcon} from "@/assets/newIcon";
import {ChromeFrameSvgIcon, ChromeSvgIcon, InformationCircleIcon} from "@/assets/newIcon";
import {CheckOutlined} from "@ant-design/icons";
import {openExternalWebsite} from "@/utils/openWebsite";
import {YakitSelect} from "@/components/yakitUI/YakitSelect/YakitSelect";
import {SelectOptionProps} from "@/pages/fuzzer/HTTPFuzzerPage";
import {getRemoteValue} from "@/utils/kv";
import {WEB_FUZZ_PROXY_LIST} from "@/pages/fuzzer/HttpQueryAdvancedConfig/HttpQueryAdvancedConfig";
import TableHeader from "@/alibaba/ali-react-table-dist/dist/base-table/header";
import {TableResizableColumn} from "@/components/TableResizableColumn";
import {RiskDetails, TitleColor} from "@/pages/risks/RiskTable";
import {showModal} from "@/utils/showModal";
import {Risk} from "@/pages/risks/schema";
import {Empty} from "antd"
import {useInViewport} from "ahooks"
import {xtermClear} from "@/utils/xtermUtils";
import {ContentUploadInput} from "@/components/functionTemplate/ContentUploadTextArea";
import {BruteParamsForm} from "@/pages/brute/BrutePage";
import {ExtractExecResultMessageToYakitPort} from "@/components/yakitLogSchema";


export interface VulinboxManagerProp {

Expand All @@ -28,13 +44,22 @@ const {ipcRenderer} = window.require("electron");
export const VulinboxManager: React.FC<VulinboxManagerProp> = (props) => {
const [available, setAvailable] = useState(false);
const [started, setStarted] = useState(false);
const [checked, setChecked] = useState(false);
const [token, setToken] = useState(randomString(60));
const [currentParams, setCurrentParams] = useState<StartVulinboxParams>({
const [repToken, setRepToken] = useState(randomString(30));
const [currentParams, setCurrentParams, getCurrentParams] = useGetState<StartVulinboxParams>({
Host: "127.0.0.1",
Port: 8787,
NoHttps: true,
SafeMode: false,
});
const [infoState, {reset, setXtermRef}, xtermRef] = useHoldingIPCRStream(
"report", "GenQualityInspectionReport", repToken, () => {
setTimeout(() => setLoading(false), 300)
})
console.log("infoState ", infoState)
const [loading, setLoading] = useState(false)


useEffect(() => {
ipcRenderer.on(`${token}-data`, async (e, data: ExecResult) => {
Expand Down Expand Up @@ -73,51 +98,86 @@ export const VulinboxManager: React.FC<VulinboxManagerProp> = (props) => {
}, [])

return <div style={{height: "100%", width: "100%", overflow: "hidden"}}>
<AutoCard size={"small"} bordered={true} title={<Space>
<div>Vulinbox 管理器</div>
{available ? <>
<Tag color={"green"}>安装成功</Tag>
{currentParams && <YakitButton type='outline2' onClick={() => {
info("使用 Chrome 打开靶场")
openExternalWebsite(`${currentParams?.NoHttps ? "http://" : "https//"}${currentParams?.Host}:${currentParams?.Port}`)
}}>
<ChromeSvgIcon/>
</YakitButton>}
</> : <Tag color={"red"}>未安装</Tag>}
{available && (
started ? <Popconfirm title={"确定要关闭靶场进程吗?"} onConfirm={() => {
ipcRenderer.invoke("cancel-StartVulinbox", token).then(() => {
setStarted(false)
})
<AutoCard size={"small"} bordered={true} title={
<Space>
<div>Vulinbox 管理器</div>
{available ? <>
<Tag color={"green"}>安装成功</Tag>
{currentParams && <YakitButton type='outline2' onClick={() => {
info("使用 Chrome 打开靶场")
openExternalWebsite(`${currentParams?.NoHttps ? "http://" : "https//"}${currentParams?.Host}:${currentParams?.Port}`)
}}>
<YakitButton colors="danger">关闭靶场</YakitButton>
</Popconfirm> :
<YakitButton type={"primary"} onClick={() => {
const m = showYakitModal({
title: "启动靶场参数", width: "50%",
content: (
<div style={{marginTop: 20, marginLeft: 20}}>
<VulinboxStart onSubmit={param => {
ipcRenderer.invoke("StartVulinbox", param, token).then(() => {
setCurrentParams(param)
info("启动靶场成功")
setStarted(true)
m.destroy()
}).catch((e) => {
failed(`${e}`)
})
}} params={{
Host: "127.0.0.1",
Port: 8787, NoHttps: true,
SafeMode: false
}}/>
</div>
)
})

}}>启动靶场</YakitButton>
)}
</Space>} bodyStyle={{padding: 0}} extra={(
<ChromeSvgIcon/>
</YakitButton>}
</> : <Tag color={"red"}>未安装</Tag>}
{available && (
<>
{started ? (
<>
<Popconfirm title={"确定要关闭靶场进程吗?"} onConfirm={() => {
ipcRenderer.invoke("cancel-StartVulinbox", token).then(() => {
setStarted(false)
})
}}>
<YakitButton type={"text2"}>关闭靶场</YakitButton>
</Popconfirm>

<YakitButton type={"primary"} onClick={() => {
const m = showYakitModal({
title: "测试参数", width: "50%",
content: (
<div style={{marginTop: 20, marginLeft: 20}}>
<GenQualityInspectionReport onSubmit={params => {

ipcRenderer.invoke("GenQualityInspectionReport", params, repToken).then(() => {
info("开始测试")
setChecked(true)
m.destroy()
}).catch((e) => {
}
)
}} params={{
ScriptNames: [],
TaskName: "xxxx"
}}
/>
</div>
),
})
}}>
进行测试
</YakitButton>


</>
) : (
<YakitButton type={"primary"} onClick={() => {
const m = showYakitModal({
title: "启动靶场参数", width: "50%",
content: (
<div style={{marginTop: 20, marginLeft: 20}}>
<VulinboxStart onSubmit={param => {
ipcRenderer.invoke("StartVulinbox", param, token).then(() => {
setCurrentParams(param)
info("启动靶场成功")
setStarted(true)
m.destroy()
}).catch((e) => {
failed(`${e}`)
})
}} params={{
Host: "127.0.0.1",
Port: 8787, NoHttps: true,
SafeMode: false
}}/>
</div>
)
})
}}>启动靶场</YakitButton>
)}
</>
)}
</Space>} bodyStyle={{padding: 0}} extra={(
<Popconfirm title={"将从互联网下载靶场程序并安装"} onConfirm={() => {
const m = showYakitModal({
title: "安装靶场",
Expand All @@ -143,11 +203,62 @@ export const VulinboxManager: React.FC<VulinboxManagerProp> = (props) => {

)}
>
<EngineConsole/>

<div style={{width: "100%", height: "100%", overflow: "hidden auto"}}>
<PluginResultUI
// script={script}
loading={loading}
risks={infoState.riskState}
progress={infoState.processState}
results={infoState.messageState}
featureType={infoState.featureTypeState}
feature={infoState.featureMessageState}
statusCards={infoState.statusState}
onXtermRef={setXtermRef}
/>
</div>
{/*<EngineConsole/>*/}
</AutoCard>
</div>
};

export interface ReportViewerProps {
taskToken: string
}

export const ReportViewer: React.FC<ReportViewerProps> = (props) => {
const [taskToken, setTaskToken] = useState(props.taskToken)

const [infoState, {reset, setXtermRef}, xtermRef] = useHoldingIPCRStream(
"report", "GenQualityInspectionReport", taskToken, () => {
setTimeout(() => setLoading(false), 300)
})
console.log(infoState)
const [loading, setLoading] = useState(false)


return <div style={{flex: 1, overflow: "hidden"}}>
<div style={{height: "100%", display: "flex", flexDirection: "column"}}>
<div style={{flex: 1, overflow: "hidden"}}>
<AutoCard bodyStyle={{padding: 10, overflow: "hidden"}}>
<PluginResultUI
// script={script}
loading={loading}
risks={infoState.riskState}
progress={infoState.processState}
results={infoState.messageState}
featureType={infoState.featureTypeState}
feature={infoState.featureMessageState}
statusCards={infoState.statusState}
onXtermRef={setXtermRef}
/>
</AutoCard>
</div>
</div>
</div>

}

interface StartVulinboxParams {
Host: string
Port: number
Expand Down Expand Up @@ -185,6 +296,75 @@ const VulinboxStart: React.FC<VulinboxStartProp> = (props) => {
</Form>
};


interface GenQualityInspectionReportParams {
ScriptNames: string[]
TaskName: string
}

interface GenQualityInspectionReportProp {
params: GenQualityInspectionReportParams
setParams?: (p: GenQualityInspectionReportParams) => any
onSubmit: (p: GenQualityInspectionReportParams) => any
}

const GenQualityInspectionReport: React.FC<GenQualityInspectionReportProp> = (props) => {
const [params, setParams] = useState<GenQualityInspectionReportParams>(props.params);
const [scriptNamesList, setScriptNamesList] = useState<SelectOptionProps[]>([]) // 代理代表
useEffect(() => {
// 代理数据 最近10条
getRemoteValue(WEB_FUZZ_PROXY_LIST).then((remoteData) => {
try {
ipcRenderer.invoke("QueryYakScriptByIsCore", {IsCorePlugin: true}).then((res) => {
if (res.Data.length > 0) {
const scriptNames = res.Data.map(item => ({label: item.ScriptName, value: item.ScriptName}));
console.log(scriptNames)
setScriptNamesList(scriptNames);
}
}).catch((e) => {
failed(`${e}`)
})
} catch (error) {
yakitFailed("代理列表获取失败:" + error)
}
})
}, [])
return <Form
labelCol={{span: 5}} wrapperCol={{span: 14}}
onSubmitCapture={e => {
e.preventDefault()

props.onSubmit(params)
}}
size={"small"}
>
<InputItem label={"TaskName"} setValue={TaskName => setParams({...params, TaskName})} value={params.TaskName}/>
<Form.Item
label={
<span className={styles["advanced-config-form-label"]}>
内置插件
</span>
}
name='ScriptNames'

>
<YakitSelect
allowClear
options={scriptNamesList}
placeholder='请选择...'
mode='tags'
size='small'
value={params.ScriptNames}
onChange={ScriptNames => setParams({...params, ScriptNames})}
maxTagCount={10}
/>
</Form.Item>
<Form.Item colon={false} label={" "}>
<YakitButton type="primary" htmlType="submit"> 执行检测 </YakitButton>
</Form.Item>
</Form>
};

export interface InstallVulinboxPromptProp {
onFinished: () => any
}
Expand Down