astatin3/Auto-Shodanner
1
0
Fork 0
mirror of https://github.com/Astatin3/Auto-Shodanner.git synced 2026-06-09 00:28:00 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab8d739444fc35dd05c3c97c13ba466334da11f1
Auto-Shodanner/modules/main/main.py
T

207 lines
5.7 KiB
Python
Raw Normal View History

Very WIP
2024-04-15 22:28:20 -06:00
import libs.scanutils as scanutils
mm = None
def dashboardMetrics(ac):
Add Scan Settings page, Work on saving data
2024-04-19 23:11:46 -06:00
pass
# ac.send('Scanner-Metrics', {
# "scanCount": scanutils.countScannedIps()
# })
Very WIP
2024-04-15 22:28:20 -06:00
def init(moduleMaster):
global mm
mm = moduleMaster
mm.addPageEventListener('/main/dashboard', dashboardMetrics)
# User settings
mm.addAuthEventListener('logout', logout)
mm.addAuthEventListener('unauth', unauth)
mm.addAuthEventListener('passwordChangeRequest', changePassword)
# Admin settings
mm.addAuthEventListener('addUserRequest', addUser)
mm.addAuthEventListener('disconnectAllSessions', disconnectAllSessions)
mm.addAuthEventListener('changeGroupsRequest', changeGroups)
mm.addAuthEventListener('deleteUserRequest', deleteUser)
# mm.addAuthEventListener('login', disconnectAllSessions)
mm.addPageEventListener('/main/User', loadSessions)
mm.addPageEventListener('/main/Admin', loadSessionsAdmin)
def main():
pass
def logout(ac, data):
mm.unauth(ac)
def unauth(ac, data):
removeClient = mm.getAuthClientByID(data['data'])
if removeClient == None:
return
if removeClient.user != ac.user and not mm.userInGroup(ac, "Admins"):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.unauth(removeClient)
mm.sendPopupSuccess(ac.rawClient, "Success", "Client removed!")
if(ac.currentPage == "/main/Admin" and mm.userInGroup(ac, "Admins")):
loadSessionsAdmin(ac)
else:
loadSessions(ac)
def loadSessions(ac):
obj = []
for client in mm.authServer.clients:
if client.user != ac.user:
continue
obj.append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
})
# obj.append(client.session)
ac.send('sessions', obj)
def changePassword(ac, data):
# If the account is not an admin, and the username is the same, and the password is correct => Change password
# If the account is not an admin, and the username is the same, and the password not correct and => Incorrect Password
# If the account is not an admin, and the username is not the same => Access denied
# If the account is an admin, and the username is the same, and the password is correct => Change password
# If the account is an admin, and the username is the same, and the password is not correct => Incorrect Password
# If the account is an admin, and the username is not the same => Change password
isAdmin = mm.userInGroup(ac, 'Admins')
correctName = ac.user.id == data['data']['id']
if isAdmin and correctName and not 'old' in data['data']:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
if isAdmin or correctName:
if not isAdmin and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
elif isAdmin and correctName and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
else:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
mm.setUserPassword(user, data['data']['new'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Password updated!")
if isAdmin:
loadSessionsAdmin(ac)
def loadSessionsAdmin(ac):
if not mm.userInGroup(ac, 'Admins'):
return
obj = {
'users': [],
'sessions': []
}
for client in mm.authServer.clients:
obj['sessions'].append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
})
for user in mm.authServer.users:
obj['users'].append({
'username': user.username,
'permGroups': user.permGroups,
'id': user.id,
'created': user.created,
'passwordUpdated': user.passwordUpdated
})
ac.send('sessions', obj)
def addUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.addUser(
data['data']['username'],
data['data']['groups'],
data['data']['password'])
loadSessionsAdmin(ac)
def disconnectAllSessions(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
for client in mm.authServer.clients:
if client.user == user:
mm.unauth(client)
loadSessionsAdmin(ac)
def changeGroups(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.setUserGroups(user, data['data']['groups'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Groups updated!")
loadSessionsAdmin(ac)
def deleteUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.deleteUser(user)
mm.sendPopupSuccess(ac.rawClient, "Success", "User deleted!")
loadSessionsAdmin(ac)
Reference in New Issue Copy Permalink