1

I recently started a small web app project that uses nmap to scan the network and pull table results back to the UI(html page). The discovery script works great and sends the results to an SQL db. The second script I was working with is meant to pull back the results from SQL and create a table in HTML. I have been able to get the results into HTML using Jinja2 but the formatting is all messed up. Its been a few days and I'm really struggling with this so I thought I would ask for some help. The application.py code with the SQL query is below: ''' from flask import Flask, render_template from jinja2 import Template import pandas as pd import pandas import pyodbc import urllib from sqlalchemy import create_engine

app = Flask(__name__)

@app.route('/')
def index():
return render_template('/layout.html')

@app.route('/Dashboard')
def Dashboard():
return render_template('/Dashboard.html')

@app.route('/Network')
def Network():
params = 'DRIVER={ODBC Driver 17 for SQL Server};' \
         'SERVER=localhost;' \
         'PORT=1433;' \
         'DATABASE=;' \
         'UID=SA;' \
         'PWD=reallyStrongPwd123;'

params = urllib.parse.quote_plus(params)

db = create_engine('mssql+pyodbc:///?odbc_connect=%s' % params)
df = pandas.read_sql_query("SELECT * FROM dbo.discovery", con = db ) #hosts

df = pandas.DataFrame(df, columns=.      
['host','hostname','hostname_type','protocol','port',
'name','state','product','extrainfo','reason','version','conf','cpe'])

return render_template('/Network.html', df=df)


@app.route('/Vulnerabilities')
def Vulnerabilities():
return render_template('/Vulnerabilities.html')

if __name__ == "__main__":
app.run(debug=True)
'''

The HTML page code as follows: (Sparing most of the page)

<table>
<tr> {{ df }} </tr>
</table>

I cannot attach images here for some reason so below is the output in the HTML page

host hostname hostname_type protocol port name state \ 0 10.0.0.1 None None tcp 22 ssh filtered 1 10.0.0.1 None None tcp 23 telnet filtered 2 10.0.0.1 None None tcp 53 domain open 3 10.0.0.1 None None tcp 80 http open 4 10.0.0.1 None None tcp 443 http open 5 10.0.0.1 None None tcp 49152 upnp open 6 10.0.0.131 None None tcp 80 upnp open 7 10.0.0.131 None None tcp 139 tcpwrapped open 8 10.0.0.131 None None tcp 445 microsoft-ds open 9 10.0.0.131 None None tcp 515 printer open 10 10.0.0.131 None None tcp 631 upnp open 11 10.0.0.131 None None tcp 9100 jetdirect open 12 10.0.0.157 None None tcp 62078 iphone-sync open 13 10.0.0.218 None None tcp 1433 ms-sql-s open 14 10.0.0.254 None None tcp 49152 upnp open product extrainfo \ 0 None None 1 None None 2 dnsmasq None 3 lighttpd None 4 lighttpd None 5 Portable SDK for UPnP devices Linux 3.12.14; UPnP 1.0 6 Epson Stylus NX230 printer UPnP UPnP 1.0; Epson UPnP SDK 1.0 7 None None 8 None None 9 None None 10 Epson Stylus NX230 printer UPnP UPnP 1.0; Epson UPnP SDK 1.0 11 None None 12 None None 13 Microsoft SQL Server vNext tech preview None 14 Cisco-Linksys E4200 WAP upnpd UPnP 1.0 reason version conf cpe 0 no-response None 3 None 1 no-response None 3 None 2 syn-ack 2.78 10 cpe:/a:thekelleys:dnsmasq:2.78 3 syn-ack None 10 cpe:/a:lighttpd:lighttpd 4 syn-ack None 10 cpe:/a:lighttpd:lighttpd 5 syn-ack 1.6.22 10 cpe:/o:linux:linux_kernel:3.12.14 6 syn-ack None 10 cpe:/o:linux:linux_kernel 7 syn-ack None 8 None 8 syn-ack None 10 None 9 syn-ack None 10 None 10 syn-ack None 10 cpe:/o:linux:linux_kernel 11 syn-ack None 3 None 12 syn-ack None 3 None 13 syn-ack 14.00.3048 10 cpe:/a:microsoft:sql_server 14 syn-ack None 10 cpe:/h:cisco:e4200

The output however results in this mess. So my question is how can I turn this into a table and what am I doing wrong?

enter image description here

Trenton McKinney
  • 56,955
  • 33
  • 144
  • 158
PioneerPrawn
  • 23
  • 1
  • 5
  • I just realized this did not copy in my full code. I'm importing these packages: from flask import Flask, render_template from jinja2 import Template import pandas as pd import pandas import pyodbc import urllib from sqlalchemy import create_engine – PioneerPrawn Sep 28 '19 at 14:03
  • you can edit your question and add the remaining code. – Shikhar Arora Sep 28 '19 at 14:07

1 Answers1

0

I'm yet to be able to add comments so i'll just assume that I'm right with where I'm going and if not correct me ... Anyway, the problem that I understood your facing is that rendering the pandas data frame gets all messy on the Html side... Try to add:

return render_template('simple.html',  tables=[df.to_html(classes='data', header="true")])

as for the references How to show a pandas dataframe into a existing flask html table? https://pythonexamples.org/pandas-render-dataframe-as-html-table/ hope this will be helpful (:

Yoel Nisanov
  • 984
  • 7
  • 16
  • YES! That worked! Thank you so much! I really appreciate it – PioneerPrawn Sep 28 '19 at 17:38
  • haha, I'm so glad to be able to help! (: btw, the idea of your site, could you explain to me a little more about it? It actually sounds really interesting. – Yoel Nisanov Sep 28 '19 at 18:23
  • Sure. So it started off as a project but turning into a little more. I wanted to scan the network with nmap for a list of devices and load the results into an SQL database and then query the database using python and pull it all back to the UI and create a table. From there I'm planning to link the vulnerabilities to the devices and allow the user to test them against the device. So if there's a vuln for a remote session you could launch it from the UI – PioneerPrawn Sep 28 '19 at 18:55
  • How are you planning to test the vulns on the devices themselves? plus, if it's possible to upvote my answer that'll be really appreciated! (: – Yoel Nisanov Sep 28 '19 at 18:58
  • another nmap scan for the vulnerabilities. From there I can use metasploit to launch them. Its basically curriculum from the CEH exam. If your interested its pretty neat stuff. All hacking tools basically. And I did try to upvote you but I'm receiving this "Thanks for the feedback! Votes cast by those with less than 15 reputation are recorded, but do not change the publicly displayed post score." – PioneerPrawn Sep 28 '19 at 19:32
  • haha I see, thanks for that. And I would LOVE to take part in that project (I'm originally from the cyber field although abit rusty because transferred lately to ML) but if you write it as an open code project maybe we could work together(?) – Yoel Nisanov Sep 28 '19 at 19:39
  • any chance you know Javascript? :) – PioneerPrawn Sep 28 '19 at 19:52
  • I do know JS altough I'm alot familier with python – Yoel Nisanov Sep 28 '19 at 20:40
  • Hey Yoel, do you have an email address I can contact you on? I tried to find a chat here but I didn’t see it – PioneerPrawn Sep 30 '19 at 12:58