We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A day is a miniature of eternity.
PyCharm
DSScan
Django
cmd
sqliscan
app
python manage.py startapp sqliscan
models.py
SqlmapApi
task_id
id
target_url
url
scan_status
scan_data
scan_log
vulnerable
from django.db import models class SqlInjection(models.Model): task_id = models.CharField(max_length=1000, db_index=True) target_url = models.URLField(max_length=1000, unique=True) scan_status = models.CharField(max_length=1000) scan_data = models.CharField(max_length=1000) scan_log = models.CharField(max_length=1000) vulnerable = models.BooleanField(default=False, db_index=True) class Meta: ordering = ('-vulnerable', )
max_length
db_index
True
unique
settings.py
INSTALLED_APPS = [ ... 'sqliscan', ]
migrations
python manage.py makemigrations sqliscan
ImportError: No module named psycopg2.extras
* 说明没有安装 `psycopg2` ,利用 `PyCharm` 安装即可
Migrations for 'sqliscan': 0001_initial.py: - Create model SqlInjection
cmd python manage.py migrate
admin/rootroot
python manage.py createsuperuser
Models
Admin
sqliscan/admin.py
from django.contrib import admin from .models import SqlInjection class SqlInjectionAdmin(admin.ModelAdmin): list_display = ('task_id', 'target_url', 'scan_data', 'vulnerability', ) list_filter = ('scan_status', 'vulnerability', ) search_fields = ('target_url', ) ordering = ('-vulnerability', 'task_id', ) admin.site.register(SqlInjection, SqlInjectionAdmin)
verbose_name
# -*- coding: utf-8 -*- task_id = models.CharField('任务id', max_length=1000, db_index=True)
list_display
search_fields
list_filter
ordering
Meta
sqliscan/views.py
from django.shortcuts import render from .models import SqlInjection def sql_tasks(request): tasks = SqlInjection.objects.all() return render(request, 'sqliscan/task.html', {'tasks': tasks})
request
HttpResponse
render
render()
templates
templates/ sqliscan/ task.html base.html
base.html
{% extends "sqliscan/base.html" %}
静态文件
{% load staticfiles %}
{% static %}
static
manage.py
STATICFILES_DIRS = (os.path.join(BASE_DIR, "static"), )
{% block %}
block
{% load staticfiles %} <!DOCTYPE html> <html> <head> <title>{% block title %}{% endblock %}</title> <link rel="stylesheet" href="http://cdn.bootcss.com/bootstrap/3.3.0/css/bootstrap.min.css"> <script src="http://cdn.bootcss.com/jquery/1.11.1/jquery.min.js"></script> <script src="http://cdn.bootcss.com/bootstrap/3.3.0/js/bootstrap.min.js"></script> </head> <body> <div class="container"> <div class="row-fluid"> <!-- 顶部导航栏 --> <div class="col-lg-3"> <!-- 侧边导航栏 --> </div> <div class="col-lg-9"> {% block content %} {% endblock %} </div> </div> </div> </body> </html>
task.html
{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <!-- 所有task内容 --> {% endblock %}
DSScan/urls.py
URL
from django.conf.urls import url from django.contrib import admin urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^$', 'sqliscan.views.sql_tasks', name='sql_tasks'), ]
The text was updated successfully, but these errors were encountered:
No branches or pull requests
0x01 DSScan
PyCharm创建DSScan项目(Django)cmd下创建sqliscan应用(app)models.py中添加数据模型(在数据库中创建一张数据表用于存储数据)SqlmapApi相关数据:task_id: 任务idtarget_url: 目标urlscan_status: 扫描状态scan_data: 扫描结果数据scan_log: 扫描日志vulnerable: 是否存在漏洞(根据scan_data来判断)max_length是必要参数db_index如果设置为True,Django会在创建数据表的时候对这一列创建数据库索引unique如果设置为True, 这个字段的值在整个表中必须是唯一的settings.py文件中激活应用migrations命令)Migrations for 'sqliscan': 0001_initial.py: - Create model SqlInjectioncmd python manage.py migrateadmin/rootroot)Models)添加到Admin后台中sqliscan/admin.pytask_id等字段的标签名一般都是字段名,除非在数据模型中用verbose_name参数重新定义在后台显示的标签名verbose_name参数在第一个位置,可以省略不写list_display: 上边按列显示search_fields: 上边的快速查询栏(搜索栏)list_filter: 右边的按条件过滤ordering: 类似数据模型中的Meta用于排序sqliscan/views.pyrequest参数,最后返回的是一个HttpResponse对象(这里用render渲染)render()中第二个参数是渲染模板 --templates模板templates模板templates文件夹内,在sqliscan应用文件夹下创建templates文件夹templates文件夹中,创建sqliscan文件夹templates/ sqliscan/ task.html base.htmlbase.htmlbase.html就如同父类,其他的模板文件可以利用{% extends "sqliscan/base.html" %}继承这个模板base.html中会导入静态文件,利用{% load staticfiles %}(行首)静态文件,可以在模板中使用{% static %}标签static静态文件夹,创建在manage.py同级目录,需要在settings.py中添加{% block %}标签用于定义block(块),此后继承的模板文件只需要书写block块中的内容即可{% load staticfiles %} <!DOCTYPE html> <html> <head> <title>{% block title %}{% endblock %}</title> <link rel="stylesheet" href="http://cdn.bootcss.com/bootstrap/3.3.0/css/bootstrap.min.css"> <script src="http://cdn.bootcss.com/jquery/1.11.1/jquery.min.js"></script> <script src="http://cdn.bootcss.com/bootstrap/3.3.0/js/bootstrap.min.js"></script> </head> <body> <div class="container"> <div class="row-fluid"> <!-- 顶部导航栏 --> <div class="col-lg-3"> <!-- 侧边导航栏 --> </div> <div class="col-lg-9"> {% block content %} {% endblock %} </div> </div> </div> </body> </html>task.html继承base.html{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <!-- 所有task内容 --> {% endblock %}url,编辑DSScan/urls.py进行一一映射(利用正则表示URL)0x02 Life
The text was updated successfully, but these errors were encountered: