smallcham / sec-admin Goto Github PK
View Code? Open in Web Editor NEW分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
License: GNU General Public License v3.0
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
License: GNU General Public License v3.0
按照文档搭建docker版本的服务后可正常登录入系统,但是新建资产时会一直加载,不会成功
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
报上述错误,然后就一直都跑不起来
按步骤执行后,打印输出如下,因为会刷新,所以无法截取完整记录,只保留到3段。
11:C 18 Apr 21:38:09.277 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
11:C 18 Apr 21:38:09.277 # Redis version=4.0.9, bits=64, commit=00000000, modified=0, pid=11, just started
11:C 18 Apr 21:38:09.277 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
11:M 18 Apr 21:38:09.278 * Running mode=standalone, port=6379.
11:M 18 Apr 21:38:09.278 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
11:M 18 Apr 21:38:09.278 # Server initialized
11:M 18 Apr 21:38:09.278 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
11:M 18 Apr 21:38:09.278 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
11:M 18 Apr 21:38:09.278 * Ready to accept connections
* Stopping MySQL database server mysqld
...done.
* Starting MySQL database server mysqld
MQ_ENV: None
MQ_ENV: None
MQ_SCAN_ENV: prod_scan_queue:3
MQ_HEART_ENV: prod_heart_exchange:fanout
MQ_RESULT_ENV: prod_result_exchange:fanout
REDIS_ENV: 0@localhost:6379
HEART_RATE: 60
MQ_ENV: None
MQ_SCAN_ENV: prod_scan_queue:3
MQ_HEART_ENV: prod_heart_exchange:fanout
MQ_RESULT_ENV: prod_result_exchange:fanout
REDIS_ENV: 0@localhost:6379
HEART_RATE: 60
MQ_SCAN_ENV: prod_scan_queue:3
MQ_HEART_ENV: prod_heart_exchange:fanout
MQ_RESULT_ENV: prod_result_exchange:fanout
REDIS_ENV: 0@localhost:6379
HEART_RATE: 60
2020-04-18 21:41:53,410 scan.py(19) [746] INFO scan <module> 我准备好,要开始监控有没有任务了!!!!ready loop scan....
2020-04-18 21:41:53,388 scan.py(19) [744] INFO scan <module> 我准备好,要开始监控有没有任务了!!!!ready loop scan....
2020-04-18 21:41:53,413 ScanHandler.py(21) [744] INFO ScanHandler receive receive......
2020-04-18 21:41:53,400 scan.py(19) [745] INFO scan <module> 我准备好,要开始监控有没有任务了!!!!ready loop scan....
2020-04-18 21:41:53,418 ScanHandler.py(21) [745] INFO ScanHandler receive receive......
2020-04-18 21:41:53,424 ScanHandler.py(21) [746] INFO ScanHandler receive receive......
2020-04-18 21:41:53,429 redishelper.py(55) [744] INFO redishelper getonetask no task, sleep....
2020-04-18 21:41:53,430 redishelper.py(55) [745] INFO redishelper getonetask no task, sleep....
2020-04-18 21:41:53,431 redishelper.py(55) [746] INFO redishelper getonetask no task, sleep....
Requirement already satisfied: alabaster==0.7.12 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 1))
Requirement already satisfied: Babel==2.8.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 2))
Requirement already satisfied: bcrypt==3.1.7 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 3))
Requirement already satisfied: certifi==2019.11.28 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 4))
Requirement already satisfied: cffi==1.14.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 5))
Requirement already satisfied: chardet==3.0.4 in /usr/local/lib/python3.6/dist-packages/chardet-3.0.4-py3.6.egg (from -r requirements.txt (line 6))
Requirement already satisfied: click==7.1.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 7))
Requirement already satisfied: cryptography==2.8 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 8))
Requirement already satisfied: dnspython==1.15.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 9))
Requirement already satisfied: dnspython3==1.15.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 10))
Requirement already satisfied: docker==4.2.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 11))
Requirement already satisfied: docutils==0.16 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 12))
Requirement already satisfied: Flask==1.1.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 13))
Requirement already satisfied: Flask-SQLAlchemy==2.4.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 14))
Requirement already satisfied: gunicorn==20.0.4 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 15))
Requirement already satisfied: idna==2.9 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 16))
Requirement already satisfied: imagesize==1.2.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 17))
Requirement already satisfied: IPy==1.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 18))
Requirement already satisfied: itsdangerous==1.1.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 19))
Requirement already satisfied: Jinja2==2.11.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 20))
Requirement already satisfied: MarkupSafe==1.1.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 21))
Requirement already satisfied: mysqlclient==1.4.6 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 22))
Requirement already satisfied: packaging==20.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 23))
Requirement already satisfied: paramiko==2.7.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 24))
Requirement already satisfied: pika==1.1.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 25))
Requirement already satisfied: pycparser==2.20 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 26))
Requirement already satisfied: Pygments==2.6.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 27))
Requirement already satisfied: pymongo==3.10.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 28))
Requirement already satisfied: PyMySQL==0.9.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 29))
Requirement already satisfied: PyNaCl==1.3.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 30))
Requirement already satisfied: pyparsing==2.4.6 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 31))
Requirement already satisfied: python3-nmap==1.4.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 32))
Requirement already satisfied: pytz==2019.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 33))
Requirement already satisfied: redis==3.4.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 34))
Requirement already satisfied: requests==2.23.0 in /usr/local/lib/python3.6/dist-packages/requests-2.23.0-py3.6.egg (from -r requirements.txt (line 35))
Requirement already satisfied: simplejson==3.17.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 36))
Requirement already satisfied: six==1.14.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 37))
Requirement already satisfied: snowballstemmer==2.0.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 38))
Requirement already satisfied: Sphinx==2.4.4 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 39))
Requirement already satisfied: sphinx-rtd-theme==0.4.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 40))
Requirement already satisfied: sphinxcontrib-applehelp==1.0.2 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 41))
Requirement already satisfied: sphinxcontrib-devhelp==1.0.2 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 42))
Requirement already satisfied: sphinxcontrib-htmlhelp==1.0.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 43))
Requirement already satisfied: sphinxcontrib-jsmath==1.0.1 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 44))
Requirement already satisfied: sphinxcontrib-qthelp==1.0.3 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 45))
Requirement already satisfied: sphinxcontrib-serializinghtml==1.1.4 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 46))
Requirement already satisfied: SQLAlchemy==1.3.15 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 47))
Requirement already satisfied: urllib3==1.25.8 in /usr/local/lib/python3.6/dist-packages/urllib3-1.25.8-py3.6.egg (from -r requirements.txt (line 48))
Requirement already satisfied: websocket-client==0.57.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 49))
Requirement already satisfied: Werkzeug==1.0.0 in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 50))
Requirement already satisfied: setuptools>=3.0 in /usr/lib/python3/dist-packages (from gunicorn==20.0.4->-r requirements.txt (line 15))
loading service...
[2020-04-18 21:41:54 +0800] [770] [INFO] Starting gunicorn 20.0.4
[2020-04-18 21:41:54 +0800] [770] [INFO] Listening at: http://127.0.0.1:8000 (770)
[2020-04-18 21:41:54 +0800] [770] [INFO] Using worker: sync
[2020-04-18 21:41:54 +0800] [774] [INFO] Booting worker with pid: 774
[2020-04-18 21:41:54 +0800] [776] [INFO] Booting worker with pid: 776
[2020-04-18 21:41:54 +0800] [777] [INFO] Booting worker with pid: 777
[2020-04-18 21:41:54 +0800] [780] [INFO] Booting worker with pid: 780
[2020-04-18 21:41:54 +0800] [782] [INFO] Booting worker with pid: 782
[2020-04-18 21:41:54 +0800] [783] [INFO] Booting worker with pid: 783
[2020-04-18 21:41:54 +0800] [786] [INFO] Booting worker with pid: 786
[2020-04-18 21:41:54 +0800] [787] [INFO] Booting worker with pid: 787
[2020-04-18 21:41:54 +0800] [789] [INFO] Booting worker with pid: 789
[2020-04-18 21:41:54 +0800] [792] [INFO] Booting worker with pid: 792
Waiting Init System Config...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--.
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
(MySQLdb._exceptions.OperationalError) (2002, "Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)")
(Background on this error at: http://sqlalche.me/e/e3q8)
^C
root@ubuntu:/home/user#
Mac 上尝试部署多个扫描节点,拉取secnode出现如下问题。
docker run -d --restart=always --env HEART_RATE=30 --env REDIS_ENV=0@localhost:6379 --name node_localhost_zl86U6Fk1UON --hostname node_localhost_zl86U6Fk1UON ccr.ccs.tencentyun.com/whitney/xn-secnode:1.5.1
Unable to find image 'ccr.ccs.tencentyun.com/whitney/xn-secnode:1.5.1' locally
1.5.1: Pulling from whitney/xn-secnode
c9b1b535fdd9: Pulling fs layer
2cc5ad85d9ab: Pulling fs layer
756a868c4378: Pulling fs layer
444b2fc9a129: Waiting
ea15f1150254: Waiting
02af8c9b47ac: Waiting
8beeef991c22: Waiting
787bd8aa47df: Waiting
50077fbfc87c: Waiting
7b31b3a436d9: Waiting
9da9ce3b5fa3: Waiting
28a733bc3798: Waiting
c557ef263971: Waiting
docker: error pulling image configuration: error parsing HTTP 403 response body: invalid character '<' looking for beginning of value: "<?xml version='1.0' encoding='utf-8' ?>\n<Error>\n\t<Code>AccessDenied</Code>\n\t<Message>Access Denied.</Message>\n\t<Resource>ccr-1253687700.cn-south.myqcloud.com/docker/registry/v2/blobs/sha256/58/5857a8fbb466937d081a5f35f6765dddb03eb4ff85f6922ffd3b416714f2826b/data</Resource>\n\t<RequestId>NWZiZTE4NTFfNWVhYTk0MGFfN2YwNl80NGE0ZTgy</RequestId>\n\t<TraceId>OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWI2NmQ0YjJkZWE3NjcxYTUzN2Q1NDQzNjY0ZmI3ZTMyMDA5MzA2YzAyZGU5M2M3MjcwNTA4NjM2YjM1ODY2ZjE=</TraceId>\n</Error>\n\n".
See 'docker run --help'.
找了下,有说是aws s3的问题,和system-docker和user-docker的问题,没搞定。
aws/amazon-vpc-cni-k8s#917
https://success.mirantis.com/article/http-403-invalidobjectstate-during-docker-pull-from-dtr
https://aws.amazon.com/cn/premiumsupport/knowledge-center/ecs-ecr-docker-image-error/
rancher/os#2032
但你这个是在腾讯云上的呀 ~ 不知您上传docker image的时候,是有什么限制吗?
测试使用容器分布式部署,我是本地有mysql和redis服务的,没有用docker。
mysql密码:secpassword,redis 空密码,127.0.0.1访问。
# netstat -lntp | grep 3306
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5183/mysqld
# netstat -lntp | grep 6379
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 5429/redis-server 1
tcp6 0 0 ::1:6379 :::* LISTEN 5429/redis-server 1
启动SEC控制系统命令如下:
docker run -d -p 8793:80 --name sec --env HOST=http://xx.xx.xx.xx:8793 --env DB_URL=root:[email protected]:3306/sec --env RDS_URL=0:@127.0.0.1:6379 -v ~/sec-script:/var/www/html/sec-admin/static/plugin/usr smallcham/sec:core-0.2 && docker logs -f sec --tail 10
另外,给文档提点建议,密码用同一个默认的密码即可,测试跑通了就行 ->_->
大佬您好,想把web登陆界面重新设计一下,本地搭环境一直不成功,请问用docker部署,可以在里边更改吗
ubuntu 本地部署之后的密码是啥啊,secretkey输入显示密码错误
1、请问默认探测的端口列表是?
简单翻了下代码,用的是nmap3的nmap_tcp_scan()。
这个其实应该是nmap -sT 参数,不知道默认是扫的nmap的默认常见端口?
nmap3还有个scan_top_ports()函数。
2、插件调用
Line 417 in 57f683a
布置了任务后一直没有分配执行任务的节点,是否有日志可以查看在哪儿出现了问题
请问一下, 以后会提供更多的插件和 字典吗
大佬您好,我发现拉取镜像后并没有子域名识别功能,请问是不是docker拉取的版本没用这个功能呢
使用docker部署完毕。
下发任务之后,执行节点一直未分配是什么原因呢?
求解答,谢谢
docker部署后 打开任务计划-执行脚本
http://localhost:8000/static/plugin/usr/MySQL%E5%BC%B1%E5%8F%A3%E4%BB%A4%E6%89%AB%E6%8F%8F[3306]_06606a8b-6a0f-4559-97af-d150770dbcdd.py
应改为./static/plugin/usr/MySQL%E5%BC%B1%E5%8F%A3%E4%BB%A4%E6%89%AB%E6%8F%8F[3306]_06606a8b-6a0f-4559-97af-d150770dbcdd.py
不应该加host
大哥,我这里测试爆破一个ssh大概花了10分钟左右 账户密码是root toor 是不是有点慢啊😂
$ npm install
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/vue
npm ERR! vue@"^2.5.2" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer vue@"^3.2.0" from [email protected]
npm ERR! node_modules/vuex
npm ERR! vuex@"latest" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR!
npm ERR! For a full report see:
docker打印的密码没有看关了。怎么重置密码啊
这脚本只适用于内网扫描吧?公网不太现实
下载脚本失败:HTTPConnectionPool(host='0.0.0.0', port=81): Max retries exceeded with url: /static/plugin/usr/SSH_other_port_5156417d-1d10-4dda-82e1-d4a6f30992cd.py (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f9e7a5d1580>: Failed to establish a new connection: [Errno 111] Connection refused')) | 重试
|
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.