diff --git a/CHANGELOG.md b/CHANGELOG.md index c1fc59b7..07822e11 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,19 @@ ## 更新日志 +### v0.3.2.2 + +更新时间:2021-05-28 + +- 更新7个漏洞镜像 +- 新增计时模式,管理可通过后台创建计时模式以及在时间模式中答题夺取排行。 +- 新增排行榜,可查看到各个模式中的排行。 +- 新增日志查询功能。 +- 修复过期时间设置为0,永不过期时,启动容器报错问题。 [#144](https://github.com/fofapro/vulfocus/issues/144) +- 修复页面布局问题。 [#142](https://github.com/fofapro/vulfocus/issues/142) +- 修复镜像启动之后,再次点击镜像详细信息不显示问题。 +- 修复靶场管理查询功能不显示输入内容问题。 +- 修复编排过程中上传图片问题。 + ### v0.3.2.1 更新时间:2021-05-21 diff --git a/Dockerfile b/Dockerfile index 217c7e77..ac2e9d56 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM python:3 -LABEL maintainer="r4v3zn " version="0.3.2.1" description="Vulfocus for Docker" +LABEL maintainer="Prometheus <992343696@qq.com>" version="0.3.2.2" description="Vulfocus for Docker" EXPOSE 80 RUN mkdir /vulfocus-api/ WORKDIR /vulfocus-api/ diff --git a/README.md b/README.md index 7764dacf..e817f65c 100644 --- a/README.md +++ b/README.md @@ -37,9 +37,8 @@ Vulfocus 的 docker 仓库 [https://hub.docker.com/u/vulfocus](https://hub.docke ## 使用 -![](./imgs/register.gif) +![](./imgs/10.png) -![](./imgs/login.gif) 1. 安装完成后,访问80端口 @@ -73,6 +72,10 @@ Vulfocus 的 docker 仓库 [https://hub.docker.com/u/vulfocus](https://hub.docke ![](./imgs/9.gif) +8. 计时模式 + +![](./imgs/11.gif) + ## FAQ **镜像启动后立即访问地址失败?** diff --git a/images/README.md b/images/README.md index fbb68571..d17248e2 100644 --- a/images/README.md +++ b/images/README.md @@ -4,6 +4,13 @@ Vulfocus 镜像维护目录,该目录中存储 Vulfocus 所有的 Dockerfile | 漏洞名称 | 拉取命令 | 描述 |贡献者| | :--------------- | :--------------------------------------------------- | :--------------- |:--------------- | +|CVE-2020-13384|`docker pull vulfocus/monstra-cve_2020_13384`|CVE-2020-13384|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2020-24741|`docker pull vulfocus/junams-cnvd_2020_24741`|CVE-2020-24741|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2020-22721|`docker pull vulfocus/seacms-cnvd_2020_22721`|CVE-2020-22721|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2019-8933|`docker pull vulfocus/dedecms-cve_2019_8933`|CVE-2019-8933|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2019-15642|`docker pull vulfocus/webmin-cve_2019_15642`|CVE-2019-15642|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2018-18086|`docker pull vulfocus/empirecms-cve_2018_18086`|CVE-2018-18086|[Vulfocus](https://github.com/fofapro/vulfocus)| +|CVE-2018-15877|`docker pull vulfocus/wordpress-cve_2018_15877`|CVE-2018-15877|[Vulfocus](https://github.com/fofapro/vulfocus)| |CVE-2020-16846|`docker pull vulfocus/saltstack-cve_2020_16846`|CVE-2020-16846|[Vulfocus](https://github.com/fofapro/vulfocus)| |CVE-2020-27175|`docker pull vulfocus/dcrcms-cnvd_2020_27175`|CVE-2020-27175|[Vulfocus](https://github.com/fofapro/vulfocus)| |CVE-2020-5504|`docker pull vulfocus/phpmyadmin-cve_2020_5504`|CVE-2020-5504|[Vulfocus](https://github.com/fofapro/vulfocus)| @@ -127,6 +134,16 @@ Vulfocus 镜像维护目录,该目录中存储 Vulfocus 所有的 Dockerfile ## 镜像新增日志 +2021-05-28 + +- vulfocus/monstra-cve_2020_13384 +- vulfocus/junams-cnvd_2020_24741 +- vulfocus/seacms-cnvd_2020_22721 +- vulfocus/dedecms-cve_2019_8933 +- vulfocus/webmin-cve_2019_15642 +- vulfocus/empirecms-cve_2018_18086 +- vulfocus/wordpress-cve_2018_15877 + 2021-05-21 - vulfocus/saltstack-cve_2020_16846 diff --git a/imgs/10.png b/imgs/10.png new file mode 100644 index 00000000..02515acb Binary files /dev/null and b/imgs/10.png differ diff --git a/imgs/11.gif b/imgs/11.gif new file mode 100644 index 00000000..e4d61d0c Binary files /dev/null and b/imgs/11.gif differ diff --git a/vulfocus-api/db.sqlite3 b/vulfocus-api/db.sqlite3 index 157c2661..c2135b74 100644 Binary files a/vulfocus-api/db.sqlite3 and b/vulfocus-api/db.sqlite3 differ diff --git a/vulfocus-api/dockerapi/migrations/0006_timemoudel_timerank_timetemp.py b/vulfocus-api/dockerapi/migrations/0006_timemoudel_timerank_timetemp.py new file mode 100644 index 00000000..ca9d734a --- /dev/null +++ b/vulfocus-api/dockerapi/migrations/0006_timemoudel_timerank_timetemp.py @@ -0,0 +1,56 @@ +# Generated by Django 3.1.4 on 2021-05-28 23:20 + +from django.db import migrations, models +import django.db.models.deletion +import uuid + + +class Migration(migrations.Migration): + + dependencies = [ + ('dockerapi', '0005_auto_20201223_2142'), + ] + + operations = [ + migrations.CreateModel( + name='TimeTemp', + fields=[ + ('temp_id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), + ('user_id', models.IntegerField(verbose_name='用户ID')), + ('time_range', models.IntegerField(verbose_name='计时模式时间')), + ('image_name', models.TextField(default='', verbose_name='图片名称')), + ('time_desc', models.TextField(null=True, verbose_name='计时模版描述')), + ('flag_status', models.BooleanField(default=False, verbose_name='用于判断')), + ], + options={ + 'db_table': 'time_Temp', + }, + ), + migrations.CreateModel( + name='TimeRank', + fields=[ + ('rank_id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), + ('user_id', models.IntegerField(verbose_name='用户ID')), + ('user_name', models.CharField(max_length=256, verbose_name='用户名称')), + ('rank', models.FloatField(verbose_name='Rank')), + ('time_temp', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='dockerapi.timetemp')), + ], + options={ + 'db_table': 'time_rank', + }, + ), + migrations.CreateModel( + name='TimeMoudel', + fields=[ + ('time_id', models.CharField(default='e3080cd3-2ba6-4f67-85e7-18413c14deac', max_length=255, primary_key=True, serialize=False, verbose_name='ID')), + ('user_id', models.IntegerField(verbose_name='用户ID')), + ('start_time', models.FloatField(verbose_name='开始时间戳')), + ('end_time', models.FloatField(verbose_name='结束时间')), + ('status', models.BooleanField(default=False, verbose_name='用于判断')), + ('temp_time_id', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='dockerapi.timetemp')), + ], + options={ + 'db_table': 'time_moudel', + }, + ), + ] diff --git a/vulfocus-api/dockerapi/migrations/0007_auto_20210528_2320.py b/vulfocus-api/dockerapi/migrations/0007_auto_20210528_2320.py new file mode 100644 index 00000000..d6991d35 --- /dev/null +++ b/vulfocus-api/dockerapi/migrations/0007_auto_20210528_2320.py @@ -0,0 +1,18 @@ +# Generated by Django 3.1.4 on 2021-05-28 23:20 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('dockerapi', '0006_timemoudel_timerank_timetemp'), + ] + + operations = [ + migrations.AlterField( + model_name='timemoudel', + name='time_id', + field=models.CharField(default='bff901de-a681-4035-af21-5eddc51bf0db', max_length=255, primary_key=True, serialize=False, verbose_name='ID'), + ), + ] diff --git a/vulfocus-api/layout_image/migrations/0015_auto_20210528_2320.py b/vulfocus-api/layout_image/migrations/0015_auto_20210528_2320.py new file mode 100644 index 00000000..f30532a8 --- /dev/null +++ b/vulfocus-api/layout_image/migrations/0015_auto_20210528_2320.py @@ -0,0 +1,44 @@ +# Generated by Django 3.1.4 on 2021-05-28 23:20 + +from django.db import migrations, models +import uuid + + +class Migration(migrations.Migration): + + dependencies = [ + ('layout_image', '0014_auto_20210426_1020'), + ] + + operations = [ + migrations.AlterField( + model_name='layout', + name='layout_id', + field=models.UUIDField(default=uuid.UUID('160d339b-f391-4c05-a964-d828f91d524d'), editable=False, primary_key=True, serialize=False, verbose_name='编排UUID'), + ), + migrations.AlterField( + model_name='layoutdata', + name='layout_user_id', + field=models.UUIDField(default=uuid.UUID('d5674fa8-7d5e-4412-8597-0a8cda01400f'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservice', + name='service_id', + field=models.UUIDField(default=uuid.UUID('30912a84-2e5d-467f-a621-8ba503326319'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicecontainer', + name='service_container_id', + field=models.UUIDField(default=uuid.UUID('1e8f9bd5-d749-442f-8d43-129c72424fb1'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicecontainerscore', + name='layout_service_container_score_id', + field=models.UUIDField(default=uuid.UUID('f90fc854-7c06-4298-ba2b-4040c17e3fea'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicenetwork', + name='layout_service_network_id', + field=models.UUIDField(default=uuid.UUID('c7fd4c61-e559-42e9-ba3a-7cc3d952d838'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + ] diff --git a/vulfocus-api/layout_image/migrations/0016_auto_20210528_2320.py b/vulfocus-api/layout_image/migrations/0016_auto_20210528_2320.py new file mode 100644 index 00000000..1a0028bc --- /dev/null +++ b/vulfocus-api/layout_image/migrations/0016_auto_20210528_2320.py @@ -0,0 +1,44 @@ +# Generated by Django 3.1.4 on 2021-05-28 23:20 + +from django.db import migrations, models +import uuid + + +class Migration(migrations.Migration): + + dependencies = [ + ('layout_image', '0015_auto_20210528_2320'), + ] + + operations = [ + migrations.AlterField( + model_name='layout', + name='layout_id', + field=models.UUIDField(default=uuid.UUID('192d50a3-b05e-4620-95dd-1aad4bb5fa15'), editable=False, primary_key=True, serialize=False, verbose_name='编排UUID'), + ), + migrations.AlterField( + model_name='layoutdata', + name='layout_user_id', + field=models.UUIDField(default=uuid.UUID('4085d12e-e9b4-45ad-9c84-decd1e925992'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservice', + name='service_id', + field=models.UUIDField(default=uuid.UUID('3521c837-963d-4e98-9fcb-a6645d5fe39b'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicecontainer', + name='service_container_id', + field=models.UUIDField(default=uuid.UUID('305a72c3-a2e3-4400-921b-a6efbfdb8853'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicecontainerscore', + name='layout_service_container_score_id', + field=models.UUIDField(default=uuid.UUID('2463f963-1d90-4801-8407-37507fb0aee5'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + migrations.AlterField( + model_name='layoutservicenetwork', + name='layout_service_network_id', + field=models.UUIDField(default=uuid.UUID('71eda58d-c071-41a9-88b1-b311a2628d05'), editable=False, primary_key=True, serialize=False, verbose_name='ID'), + ), + ] diff --git a/vulfocus-api/user/migrations/0003_auto_20210528_2320.py b/vulfocus-api/user/migrations/0003_auto_20210528_2320.py new file mode 100644 index 00000000..9869733b --- /dev/null +++ b/vulfocus-api/user/migrations/0003_auto_20210528_2320.py @@ -0,0 +1,18 @@ +# Generated by Django 3.1.4 on 2021-05-28 23:20 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('user', '0002_auto_20191029_1158'), + ] + + operations = [ + migrations.AlterField( + model_name='userprofile', + name='first_name', + field=models.CharField(blank=True, max_length=150, verbose_name='first name'), + ), + ] diff --git a/vulfocus-api/vulfocus/urls.py b/vulfocus-api/vulfocus/urls.py index b7fb6c42..1eff1bfd 100755 --- a/vulfocus-api/vulfocus/urls.py +++ b/vulfocus-api/vulfocus/urls.py @@ -24,12 +24,12 @@ from layout_image.views import LayoutViewSet, upload_img router = routers.DefaultRouter() -router.register('images', ImageInfoViewSet, base_name='Images') -router.register('container', ContainerVulViewSet, base_name='Container') -router.register('user/register', UserRegView, base_name='register') -router.register('user', UserSet, base_name='user') -router.register('syslog', SysLogSet, base_name="SysLog") -router.register('tasks', TaskSet, base_name="TaskSet") +router.register('images', ImageInfoViewSet, basename='Images') +router.register('container', ContainerVulViewSet, basename='Container') +router.register('user/register', UserRegView, basename='register') +router.register('user', UserSet, basename='user') +router.register('syslog', SysLogSet, basename="SysLog") +router.register('tasks', TaskSet, basename="TaskSet") router.register("network", NetWorkInfoViewSet, basename="network") router.register('layout', LayoutViewSet, basename="layout") router.register('time', TimeMoudelSet, basename="time")