We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A day is a miniature of eternity.
PyCharm
DSScan
Django
cmd
sqliscan
app
python manage.py startapp sqliscan
models.py
SqlmapApi
task_id
id
target_url
url
scan_status
scan_data
scan_log
vulnerable
from django.db import models class SqlInjection(models.Model): task_id = models.CharField(max_length=1000, db_index=True) target_url = models.URLField(max_length=1000, unique=True) scan_status = models.CharField(max_length=1000) scan_data = models.CharField(max_length=1000) scan_log = models.CharField(max_length=1000) vulnerable = models.BooleanField(default=False, db_index=True) class Meta: ordering = ('-vulnerable', )
max_length
db_index
True
unique
settings.py
INSTALLED_APPS = [ ... 'sqliscan', ]
migrations
python manage.py makemigrations sqliscan
ImportError: No module named psycopg2.extras
* 说明没有安装 `psycopg2` ,利用 `PyCharm` 安装即可
Migrations for 'sqliscan': 0001_initial.py: - Create model SqlInjection
cmd python manage.py migrate
admin/rootroot
python manage.py createsuperuser
Models
Admin
sqliscan/admin.py
from django.contrib import admin from .models import SqlInjection class SqlInjectionAdmin(admin.ModelAdmin): list_display = ('task_id', 'target_url', 'scan_data', 'vulnerability', ) list_filter = ('scan_status', 'vulnerability', ) search_fields = ('target_url', ) ordering = ('-vulnerability', 'task_id', ) admin.site.register(SqlInjection, SqlInjectionAdmin)
verbose_name
# -*- coding: utf-8 -*- task_id = models.CharField('任务id', max_length=1000, db_index=True)
list_display
search_fields
list_filter
ordering
Meta
sqliscan/views.py
from django.shortcuts import render from .models import SqlInjection def sql_tasks(request): tasks = SqlInjection.objects.all() return render(request, 'sqliscan/task.html', {'tasks': tasks})
request
HttpResponse
render
render()
templates
templates/ sqliscan/ task.html base.html
base.html
{% extends "sqliscan/base.html" %}
静态文件
{% load staticfiles %}
{% static %}
static
manage.py
STATICFILES_DIRS = (os.path.join(BASE_DIR, "static"), )
{% block %}
block
{% load staticfiles %} <!DOCTYPE html> <html> <head> <title>{% block title %}{% endblock %}</title> <link rel="stylesheet" href="http://cdn.bootcss.com/bootstrap/3.3.0/css/bootstrap.min.css"> <script src="http://cdn.bootcss.com/jquery/1.11.1/jquery.min.js"></script> <script src="http://cdn.bootcss.com/bootstrap/3.3.0/js/bootstrap.min.js"></script> </head> <body> <div class="container"> <div class="row-fluid"> <!-- 顶部导航栏 --> <div class="col-lg-3"> <!-- 侧边导航栏 --> </div> <div class="col-lg-9"> {% block content %} {% endblock %} </div> </div> </div> </body> </html>
task.html
{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <!-- 所有task内容 --> {% endblock %}
DSScan/urls.py
URL
from django.conf.urls import url from django.contrib import admin urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^$', 'sqliscan.views.sql_tasks', name='sql_tasks'), ]
The text was updated successfully, but these errors were encountered:
No branches or pull requests
0x01 DSScan
PyCharm
创建DSScan
项目(Django
)cmd
下创建sqliscan
应用(app
)models.py
中添加数据模型(在数据库中创建一张数据表用于存储数据)SqlmapApi
相关数据:task_id
: 任务id
target_url
: 目标url
scan_status
: 扫描状态scan_data
: 扫描结果数据scan_log
: 扫描日志vulnerable
: 是否存在漏洞(根据scan_data
来判断)max_length
是必要参数db_index
如果设置为True
,Django
会在创建数据表的时候对这一列创建数据库索引unique
如果设置为True
, 这个字段的值在整个表中必须是唯一的settings.py
文件中激活应用migrations
命令)Migrations for 'sqliscan': 0001_initial.py: - Create model SqlInjection
cmd python manage.py migrate
admin/rootroot
)Models
)添加到Admin
后台中sqliscan/admin.py
task_id
等字段的标签名一般都是字段名,除非在数据模型中用verbose_name
参数重新定义在后台显示的标签名verbose_name
参数在第一个位置,可以省略不写list_display
: 上边按列显示search_fields
: 上边的快速查询栏(搜索栏)list_filter
: 右边的按条件过滤ordering
: 类似数据模型中的Meta
用于排序sqliscan/views.py
request
参数,最后返回的是一个HttpResponse
对象(这里用render
渲染)render()
中第二个参数是渲染模板 --templates
模板templates
模板templates
文件夹内,在sqliscan
应用文件夹下创建templates
文件夹templates
文件夹中,创建sqliscan
文件夹base.html
base.html
就如同父类,其他的模板文件可以利用{% extends "sqliscan/base.html" %}
继承这个模板base.html
中会导入静态文件
,利用{% load staticfiles %}
(行首)静态文件
,可以在模板中使用{% static %}
标签static
静态文件夹,创建在manage.py
同级目录,需要在settings.py
中添加{% block %}
标签用于定义block
(块),此后继承的模板文件只需要书写block
块中的内容即可task.html
继承base.html
{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <!-- 所有task内容 --> {% endblock %}
url
,编辑DSScan/urls.py
进行一一映射(利用正则表示URL
)0x02 Life
The text was updated successfully, but these errors were encountered: