diff --git a/dongtai_common/endpoint/__init__.py b/dongtai_common/endpoint/__init__.py index 84738976a..ab2bf7bee 100644 --- a/dongtai_common/endpoint/__init__.py +++ b/dongtai_common/endpoint/__init__.py @@ -32,6 +32,7 @@ from dongtai_common.models.department import Department from functools import reduce from operator import ior +from rest_framework.exceptions import AuthenticationFailed if TYPE_CHECKING: from django.core.paginator import _SupportsPagination @@ -107,9 +108,13 @@ def dispatch(self, request, *args, **kwargs): else: handler = self.http_method_not_allowed response = handler(request, *args, **kwargs) + except AuthenticationFailed as exc: + logger.debug(f'url: {self.request.path},exc:{exc}') + response = self.handle_exception(exc) except Exception as exc: - logger.error(f'url: {self.request.path},exc:{exc}', exc_info=True) + logger.warning(f'url: {self.request.path},exc:{exc}', exc_info=exc) response = self.handle_exception(exc) + finally: return self.finalize_response(request, response, *args, **kwargs) self.response = self.finalize_response(request, response, *args, @@ -198,7 +203,7 @@ def get_paginator( except EmptyPage: return page_summary, queryset.none() except BaseException as e: - logger.error(e, exc_info=e) + logger.info(e, exc_info=e) return page_summary, queryset.none() return page_summary, page_list diff --git a/dongtai_common/utils/http.py b/dongtai_common/utils/http.py index 418448bef..70a09e134 100644 --- a/dongtai_common/utils/http.py +++ b/dongtai_common/utils/http.py @@ -20,5 +20,5 @@ def build_response(header, body): _data = base64.b64decode(header.encode("utf-8")).decode("utf-8") except Exception as e: _data = '' - logger.error(f'Response Header解析出错,错误原因:{e}') + logger.warning(f'Response Header解析出错,错误原因:{e}', exc_info=e) return '{header}\n\n{body}'.format(header=_data, body=body) diff --git a/dongtai_engine/plugins/strategy_headers.py b/dongtai_engine/plugins/strategy_headers.py index 965842379..8034339a9 100644 --- a/dongtai_engine/plugins/strategy_headers.py +++ b/dongtai_engine/plugins/strategy_headers.py @@ -98,8 +98,10 @@ def check_response_header(method_pool): method_pool, position='HTTP Response Header') except Exception as e: - logger.error("check_response_header failed, reason: " + str(e), - exc_info=e) + logger.warning( + "check_response_header failed, reason: " + str(e), + exc_info=e, + ) def save_vul(vul_type, method_pool, position=None, data=None): @@ -110,7 +112,7 @@ def save_vul(vul_type, method_pool, position=None, data=None): state=const.STRATEGY_ENABLE, user_id__in=(1, method_pool.agent.user.id)).first() if vul_strategy is None: - logger.error( + logger.warning( f'There is no corresponding strategy for the current vulnerability: {vul_type}' ) diff --git a/dongtai_engine/plugins/strategy_sensitive.py b/dongtai_engine/plugins/strategy_sensitive.py index 5e1e81d2e..b749ee9f0 100644 --- a/dongtai_engine/plugins/strategy_sensitive.py +++ b/dongtai_engine/plugins/strategy_sensitive.py @@ -49,9 +49,9 @@ def check_response_content(method_pool): position=key, data=result.group(0)) except Exception as e: - logger.error( + logger.warning( f'check_response_content error, rule: {rule.id}, rule name: {rule.strategy.vul_type}, reason: {e}', - exc_info=True) + exc_info=e) elif json_response and rule.pattern_type.id == 2: pattern = jq.compile(rule.pattern) result = pattern.input(json_response).all() @@ -61,9 +61,9 @@ def check_response_content(method_pool): position='HTTP Response Body', data=' '.join(result)) except Exception as e: - logger.error( + logger.warning( f'check_response_content error, rule: {rule.id}, rule name: {rule.strategy.vul_type}, reason: {e}', - exc_info=True) + exc_info=e) search_id_card_leak(method_pool) @@ -89,8 +89,9 @@ def search_id_card_leak(method_pool): # todo: add highlight to id_card save_vul(vul_type='ID Number Leak', method_pool=method_pool, position=key, data=card) except Exception as e: - logger.error( - f'check_response_content error, rule name: ID Number Leak, Method Pool ID: {method_pool.id}, reason: {e}') + logger.warning( + f'check_response_content error, rule name: ID Number Leak, Method Pool ID: {method_pool.id}, reason: {e}', + exc_info=e) def check_id_card(id_card): diff --git a/dongtai_engine/tasks.py b/dongtai_engine/tasks.py index 77936731e..2a12f1aec 100644 --- a/dongtai_engine/tasks.py +++ b/dongtai_engine/tasks.py @@ -135,7 +135,7 @@ def search_and_save_vul(engine: Optional[VulEngine], ) return if not queryset.values('id').exists(): - logger.error( + logger.warning( f'current method pool hit rule {strategy.get("type")}, but no vul strategy.' ) return @@ -240,7 +240,7 @@ def search_vul_from_method_pool(self, method_pool_sign, agent_id, retryable=Fals tries = self.request.retries + 1 raise RetryableException(f'漏洞检测方法池 {method_pool_sign} 不存在,重试第 {tries} 次') else: - logger.error(f'漏洞检测超过最大重试次数 {self.max_retries},方法池 {method_pool_sign} 不存在') + logger.warning(f'漏洞检测超过最大重试次数 {self.max_retries},方法池 {method_pool_sign} 不存在') else: logger.warning(f'漏洞检测终止,方法池 {method_pool_sign} 不存在') return @@ -270,10 +270,9 @@ def search_vul_from_method_pool(self, method_pool_sign, agent_id, retryable=Fals delay = 5 + pow(3, self.request.retries) * 10 self.retry(exc=e, countdown=delay) else: - logger.error(f'漏洞检测超过最大重试次数,错误原因:{e}') + logger.info(f'漏洞检测超过最大重试次数,错误原因:{e}') except Exception as e: - logger.error(e, exc_info=True) - logger.error(f'漏洞检测出错,方法池 {method_pool_sign}. 错误原因:{e}') + logger.error(f'漏洞检测出错,方法池 {method_pool_sign}. 错误原因:{e}', exc_info=e) @shared_task(queue='dongtai-replay-vul-scan') @@ -559,7 +558,7 @@ def vul_recheck(): try: params = json.loads(vulnerability['param_name']) except JSONDecodeError as e: - logger.error(f'污点数据解析出错,原因:{e}') + logger.warning(f'污点数据解析出错,原因:{e}', exc_info=e) Replay.replay_failed(replay=replay, timestamp=timestamp) con = 1 else: @@ -619,7 +618,7 @@ def vul_recheck(): try: headers = base64.b64encode('\n'.join(header_raw)) except Exception as e: - logger.error(f'请求头解析失败,漏洞ID: {vulnerability["id"]}') + logger.warning(f'请求头解析失败,漏洞ID: {vulnerability["id"]}', exc_info=e) elif position == 'COOKIE': import base64 header_raw = base64.b64decode(headers).decode('utf-8').split('\n') diff --git a/dongtai_protocol/report/handler/saas_method_pool_handler.py b/dongtai_protocol/report/handler/saas_method_pool_handler.py index 71a55c49f..7e8502cb7 100644 --- a/dongtai_protocol/report/handler/saas_method_pool_handler.py +++ b/dongtai_protocol/report/handler/saas_method_pool_handler.py @@ -191,13 +191,13 @@ def save(self): logger.info( f"record method failed : {self.agent_id} {self.http_uri} {self.http_method}" ) - logger.warning(e, exc_info=True) + logger.warning(e, exc_info=e) try: logger.info(f"send normal method pool {self.agent_id} {self.http_uri} {pool_sign} to celery ") self.send_to_engine(method_pool_sign=pool_sign, update_record=update_record) except Exception as e: - logger.warning(e, exc_info=True) + logger.warning(e, exc_info=e) def to_json(self, pool_sign: str): timestamp = int(time.time()) @@ -369,7 +369,7 @@ def send_to_engine(self, method_pool_id="", method_pool_sign="", update_record=F ) # requests.get(url=settings.REPLAY_ENGINE_URL.format(id=method_pool_id)) except Exception as e: - logger.warning(f'[-] Failure: send method_pool [{method_pool_id}{method_pool_sign}], Error: {e}') + logger.error(f'[-] Failure: send method_pool [{method_pool_id}{method_pool_sign}], Error: {e}', exc_info=e) def calc_hash(self): sign_raw = '-'.join( diff --git a/dongtai_protocol/report/report_handler_factory.py b/dongtai_protocol/report/report_handler_factory.py index e90bff4bc..796aecf60 100644 --- a/dongtai_protocol/report/report_handler_factory.py +++ b/dongtai_protocol/report/report_handler_factory.py @@ -75,7 +75,7 @@ def handler(reports, user): result = class_of_handler().handle(reports, user) return result except Exception as e: - logger.error(e, exc_info=True) + logger.error(e, exc_info=e) return None @classmethod diff --git a/dongtai_protocol/views/report_upload.py b/dongtai_protocol/views/report_upload.py index b864bfa70..e404ec345 100644 --- a/dongtai_protocol/views/report_upload.py +++ b/dongtai_protocol/views/report_upload.py @@ -36,5 +36,5 @@ def post(self, request): data = ReportHandler.handler(report, request.user) return R.success(msg="report upload success.", data=data) except Exception as e: - logger.error(f"report upload failed, reason: {e}", exc_info=True) + logger.error(f"report upload failed, reason: {e}", exc_info=e) return R.failure(msg="report upload failed")