集成了乌云漏洞查询

boy-hack · boy-hack · commit ab1fb88c7df3 · 2016-11-22T16:47:09.000+08:00
diff --git a/README.md b/README.md
@@ -4,15 +4,20 @@
 > web框架是flask  前端框架是amazeUI
 
 ## 安装
-pip install flask
-pip install requests
+`pip install flask`
+`pip install requests`
+`pip install MySQLdb  `
+
 [usage]: python `myweb.py `
 
+乌云数据库文件安装 链接: http://pan.baidu.com/s/1hrKYy8W 密码: yrrr
+
 ## 更新
 
 - 11.7 更新 加入了在线社工库 调用的接口~
 - 10.25 更新 加入了社会工程学密码生成和whois查询
 - 10.21 更新 加入了CMS在线识别
+- 11.22 更新 集成了乌云漏洞查询 [搭建教程][3]
 
 ## 学习教程
 每一步都记录了 [编写记录][1]
@@ -23,3 +28,4 @@ pip install requests
 
   [1]: http://bbs.ichunqiu.com/forum.php?mod=collection&action=view&ctid=65
   [2]: http://systeminfo.applinzi.com/
+  [3]: http://bbs.ichunqiu.com/forum.php?mod=viewthread&tid=15744&page=1&extra=#pid261144
diff --git a/myweb.py b/myweb.py
@@ -10,12 +10,18 @@
 import whois
 import skg
 
+import MySQLdb
+import sys
 reload(sys)
 sys.setdefaultencoding('utf-8')
 
-app = Flask(__name__)
 
 
+app = Flask(__name__)
+#连接数据库操作
+db = MySQLdb.connect("127.0.0.1","root","","pyhack",charset='utf8' )
+cursor = db.cursor()
+
 @app.route('/',methods=["get","post"])
 def index():
     return render_template('ip.html')
@@ -94,5 +100,33 @@ def findpass():
     else:
         return render_template('skg.html',title="社工库查询")
 
+#集成wooyun漏洞平台
+@app.route('/wooyun',methods=["get","post"])
+def wooyun():
+    searchword = request.args.get('key', '').strip()
+    log_id = request.args.get('id', '').strip()
+    data = {}
+    table = list()
+    if log_id:
+        # 使用execute方法执行SQL语句
+        cursor.execute(MySQLdb.escape_string("SELECT * from emlog_blog where gid=%s"%log_id))
+        # 使用 fetchone() 方法获取一条数据库。
+        results = cursor.fetchone()
+        data["id"] = results[0]
+        data["text"] = results[2]
+        data["title"] = results[1]
+    if searchword:
+        sql = 'SELECT gid,title from emlog_blog where title like "%%%s%%"'%searchword
+        cursor.execute(sql)
+        #cursor.execute('SELECT * from emlog_blog limit 10')
+        results = cursor.fetchall()
+
+        for rows in results:
+            tdata = {}
+            tdata["id"] = rows[0]
+            tdata["title"] = rows[1]
+            table.append(tdata)
+    return render_template("wooyun.html",title="乌云漏洞查询",data=data,table=table)
+
 if __name__ == '__main__':
     app.run(debug=True)
diff --git a/templates/base.html b/templates/base.html
@@ -168,6 +168,7 @@ <h1 class="am-topbar-brand">
           <li><a href="/password"><span class="am-icon-cube"></span> 密码生成</a></li>
           <li><a href="/whois"><span class="am-icon-cube"></span> whois查询</a></li>
           <li><a href="/pass"><span class="am-icon-cube"></span> 社工库</a></li>
+          <li><a href="/wooyun"><span class="am-icon-cube"></span> 漏洞查询</a></li>
           <li><a href="javascript:;" id="admin-fullscreen"><span class="am-icon-arrows-alt"></span> <span class="admin-fullText">开启全屏</span></a></li>
 
      </ul>
diff --git a/templates/wooyun.html b/templates/wooyun.html
@@ -0,0 +1,58 @@
+{% extends "base.html" %}
+{% block content %}
+<div class="get">
+  <div class="am-g">
+    <div class="am-u-lg-12">
+      <h1 class="get-title">WooYun漏洞查询</h1>
+    </div>
+	    <div class="am-form-group">
+          <form action="" method="GET">
+	      <div class="am-u-sm-5 am-u-sm-offset-3">
+	      <input id='search1' type="text" name="key" minchecked="3" class="am-form-field am-round" placeholder="请输入KeyWords"/>
+	      </div>
+		<div class="am-u-sm-1">
+	      <button id='search' type="submit" class="am-btn am-btn-primary">查询</button>
+	      </div>
+
+		  	  <div class="box">
+						</div></form>
+	    </div>
+  </div>
+</div>
+
+<div class="about">
+  <div class="am-g am-container">
+	<div class="am-g doc-am-g">
+    <div class="am-form-group">
+    {% if table %}
+            <table class="am-table am-table-bordered am-table-radius">
+    <thead>
+        <tr>
+            <th>id</th>
+            <th>标题</th>
+            <th>查看</th>
+        </tr>
+    </thead>
+    <tbody>
+    {% for foo in table %}
+        <tr>
+            <td>{{foo.id}}</td>
+            <td>{{foo.title}}</td>
+            <td><a href="?id={{ foo.id }}">查看</a></td>
+        </tr>
+    {% endfor %}
+    </tbody>
+</table>
+        {% endif %}
+                {% if data %}
+                <h1>{{data.title}}</h1>
+                {{data.text|safe}}
+            {% endif %}
+	  	  <div class="box">
+					</div>
+    </div>
+    </div>
+    </div>
+
+    </div>
+{% endblock %}
