def zhengli_html(srcFile, info_flag): #csv读取整合 #预处理,读取csv数据文件 csv_list = read_html(srcFile, info_flag) #连接漏洞数据库 conn = sqlite3.connect('nessus.db') conn.text_factory = str cursor = conn.cursor() # text = cursor.execute("select * from vuln where vuln_en='Anonymous FTP Enabled'") # for row in text: # print(row) #新建list,存放在漏洞库中的数据及翻译后的数据 # print(csv_list) # new_list = csv_list j = 0 for i in csv_list: tmp_en_name = i[1] result = cursor.execute("select * from nessus where pluginID=?", (int(i[0]), )) #单纯用result的话,取其长度后,值就无法取出来了,所以要先fetchall result1 = result.fetchall() if len(list(result1)): for row in result1: # new_list[j][1] = row[2] # new_list[j][4] = row[4] i[1] = row[3] i[4] = row[5] print('这个是从数据库中取出来的值') print(i) else: #翻译并写入漏洞库 # new_list[j][1] = googletranslater.googleTrans(i[1]) # new_list[j][4] = googletranslater.googleTrans(i[4]) # conn.execute("insert into nessus values(?, ?, ?, ?, ?)", (int(i[0]), i[1], new_list[j][1], i[2], new_list[j][4])) i[1] = googletranslater.googleTrans(i[1]) i[4] = googletranslater.googleTrans(i[4]) print(tmp_en_name) print('*************\n') print(i[1]) conn.execute( "insert into nessus(pluginID, vuln_en, vuln_zh, risk, solution) values(?, ?, ?, ?, ?)", (int(i[0]), tmp_en_name, i[1], i[2], i[4])) j = j + 1 #数据库中的数据有可能有不管怎样替换都会存在自动换行,在这里替换效果最好 #write2docx中只有4个字段,无pluginID,所以这里要去掉 nessus_list = [] # for x in new_list: for x in csv_list: x[1] = x[1].replace("\n", "") x[4] = x[4].replace("\n", "") nessus_list.append([x[1], x[2], x[3], x[4]]) # write2csv(new_list, destFile) #提交插入 conn.commit() return ("主机IP", nessus_list)
def zhengli_csv(srcFile, info_flag): # csv读取整合 # 预处理,读取csv数据文件 csv_list = read_csv(srcFile, info_flag) # 连接漏洞数据库 conn = sqlite3.connect('nessus.db') conn.text_factory = str cursor = conn.cursor() # text = cursor.execute("select * from vuln where vuln_en='Anonymous FTP Enabled'") # for row in text: # print(row) # 新建list,存放在漏洞库中的数据及翻译后的数据 # print(csv_list) new_list = csv_list j = 0 for i in new_list: print(i[0]) result = cursor.execute("select * from nessus where pluginID=?", (int(i[0]),)) # 单纯用result的话,取其长度后,值就无法取出来了,所以要先fetchall result1 = result.fetchall() if len(list(result1)): for row in result1: new_list[j][1] = row[2] new_list[j][4] = row[4] else: # 翻译并写入漏洞库 new_list[j][1] = googletranslater.googleTrans(i[1]) #x = googletranslater.googleTrans(i[4].replace('\n', '').replace('\r', '')) new_list[j][4] = googletranslater.googleTrans(i[4].replace('\n', '').replace('\r', '')) #print('1234',new_list[j][4]) conn.execute("insert into nessus values(?, ?, ?, ?, ?)", (int(i[0]), i[1], new_list[j][1], i[2], new_list[j][4])) # print(new_list[j][1]) # print(type(new_list[j][4])) j = j + 1 # 数据库中的数据有可能有不管怎样替换都会存在自动换行,在这里替换效果最好 # write2docx中只有4个字段,无pluginID,所以这里要去掉 nessus_list = [] for x in new_list: # x[1] = x[1].replace("\n", "") # x[4] = x[4].replace("\n", "") nessus_list.append([x[1], x[2], x[3], x[4]]) # write2csv(new_list, destFile) # 提交插入 conn.commit() print(nessus_list) return nessus_list
def zhengli(fileName, info_flag): # 'r'时出现"UnicodeDecodeError: 'gbk' codec can't decode byte 0x80 in position 205: illegal multibyte sequence" #错误,方法一:r 后加encoding='utf-8';法二,'rb' #打开文件 # print(info_flag) with open(fileName, 'r', encoding='utf-8') as f: text = ''.join(f.readlines()) text1 = text.replace( '<td colspan="16" class="s37">Acunetix Website Audit</td>', '') text2 = text1.replace( '<td class="s37" colspan="16">Acunetix Website Audit</td>', '') html = bs(text2, "html.parser") # html.replace('<td colspan="16" class="s37">Acunetix Website Audit</td>','') url = '' #变量声明,使用risk level分成3个列表代替排序 awvs_list, risk_high, risk_medium, risk_low = [], [], [], [] #baseurl为基础地址,如http:192.168.1.2:8080 awvs_baseURL = str(html.find(text=re.compile('^Scan of'))).replace( 'Scan of ', '').split('/') baseurl = awvs_baseURL[0] + "//" + awvs_baseURL[2] #得到Alert group的坐标,个人认为是最优选择。因为上面就是参数或URL,比较方便选择。 #涉及到的 s10 之类的为class值,如模板改变,需改变相应的值。 #s30为 alert group # tmps = html.find_all(class_=re.compile('^s30'), text='Alert group') tmps = html.find_all(class_=re.compile('^s'), text='Alert group') for tmp in tmps: #s31为漏洞等级 # risk_level = tmp.find_next(class_=re.compile('^s31')).get_text() risk_level = tmp.find_next( class_=re.compile('^s'), text='Severity').find_next(class_=re.compile('^s')).get_text() #如果是消息级别不整理 #如果是高级别,则放到一个单独的list里,后续2个都一样 if risk_level == "High": #awvs的参数不是每个漏洞都有,没有的漏洞在HTML里也没有体现parameter这个字段,所以这里采取不记录这个字段 #有则跳过,没有则找漏洞URL if "Parameter" in tmp.find_previous( class_=re.compile('^s')).get_text(): url = tmp.find_previous( class_=re.compile('^s')).find_previous( class_=re.compile('^s')).get_text() #因为漏洞URL这个字段也不是每个漏洞都有,HTML中也相应没有这个字段,所以要查找上个漏洞的详情确定是否存在URL #awvs这个HTML排版 任性得很 elif 'Connection: Keep-alive' in tmp.find_previous( class_=re.compile('^s')).get_text(): url = '' else: url = tmp.find_previous(class_=re.compile('^s')).get_text() #一系列折腾得到的URL,居然还会有web server、'/' 和 ''这几种操作 if url == 'Web Server' or url == '': awvs_url = baseurl + '/' else: #拼接得到完整URL awvs_url = baseurl + url # alert group 后一个是漏洞名字 awvs_name = tmp.find_next(class_=re.compile('^s')).get_text() #awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text() #因为确定是高,直接写高了 awvs_risk = "高" # awvs_url = #Recommendations 后一个是解决方案 awvs_solution = tmp.find_next( class_=re.compile('^s'), text='Recommendations').find_next( class_=re.compile('^s')).get_text() risk_high.append( [awvs_name, awvs_risk, awvs_url, awvs_solution]) #和上面注释一样 elif risk_level == "Medium": if "Parameter" in tmp.find_previous( class_=re.compile('^s')).get_text(): url = tmp.find_previous( class_=re.compile('^s')).find_previous( class_=re.compile('^s')).get_text() elif 'Connection: Keep-alive' in tmp.find_previous( class_=re.compile('^s')).get_text(): url = '' else: url = tmp.find_previous(class_=re.compile('^s')).get_text() if url == 'Web Server' or url == '': awvs_url = baseurl + '/' else: awvs_url = baseurl + url awvs_name = tmp.find_next(class_=re.compile('^s')).get_text() #awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text() awvs_risk = "中" # awvs_url = awvs_solution = tmp.find_next( class_=re.compile('^s'), text='Recommendations').find_next( class_=re.compile('^s')).get_text() risk_medium.append( [awvs_name, awvs_risk, awvs_url, awvs_solution]) elif risk_level == "Low": if "Parameter" in tmp.find_previous( class_=re.compile('^s')).get_text(): url = tmp.find_previous( class_=re.compile('^s')).find_previous( class_=re.compile('^s')).get_text() elif 'Connection: Keep-alive' in tmp.find_previous( class_=re.compile('^s')).get_text(): url = '' else: url = tmp.find_previous(class_=re.compile('^s')).get_text() if url == 'Web Server' or url == '': awvs_url = baseurl + '/' else: awvs_url = baseurl + url awvs_name = tmp.find_next(class_=re.compile('^s')).get_text() #awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text() awvs_risk = "低" # awvs_url = awvs_solution = tmp.find_next( class_=re.compile('^s'), text='Recommendations').find_next( class_=re.compile('^s')).get_text() risk_low.append( [awvs_name, awvs_risk, awvs_url, awvs_solution]) elif risk_level == 'Informational' and info_flag: if "Parameter" in tmp.find_previous( class_=re.compile('^s')).get_text(): url = tmp.find_previous( class_=re.compile('^s')).find_previous( class_=re.compile('^s')).get_text() elif 'Connection: Keep-alive' in tmp.find_previous( class_=re.compile('^s')).get_text(): url = '' else: url = tmp.find_previous(class_=re.compile('^s')).get_text() if url == 'Web Server' or url == '': awvs_url = baseurl + '/' else: awvs_url = baseurl + url awvs_name = tmp.find_next(class_=re.compile('^s')).get_text() #awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text() awvs_risk = "低" # awvs_url = awvs_solution = tmp.find_next( class_=re.compile('^s'), text='Recommendations').find_next( class_=re.compile('^s')).get_text() risk_low.append( [awvs_name, awvs_risk, awvs_url, awvs_solution]) # awvs_list.append([awvs_name, awvs_risk, awvs_url, awvs_solution]) #list按漏洞名称排序,方便合并URL risk_high.sort(key=takeName) risk_medium.sort(key=takeName) risk_low.sort(key=takeName) #把三个列表合并成一个列表 awvs_list.extend(risk_high) awvs_list.extend(risk_medium) awvs_list.extend(risk_low) list1 = [] #如果有相同的就去重,以防万一 for x in awvs_list: if x not in list1: list1.append(x) #合并URL new_list = hebing_url(list1) #翻译 for x in new_list: x[0] = googletranslater.googleTrans(x[0]) x[3] = googletranslater.googleTrans(x[3]) return ("URL地址", new_list)
def zhengli(fileName, info_flag): #思路:获取所有的<span class="BODH0"(不用<p class='TOCH0'),得到漏洞名字,find_next span class_='TEXT'得到所有url,大于5个取5个 #再find_next h2 text='Issue remediation' 的前一个是 Issue remediation,得到漏洞修复建议 #找到 summary_table ,类型和awvs 及APPscan有点相似 with open(fileName, 'r', encoding='utf-8') as f: content = bs(f, "html.parser") # ''' #找到<span class="BODH0">中标签a的值 #应用系统的根地址 host = '' #存放的漏洞信息,为漏洞名字、漏洞风险等级、漏洞url、漏洞修复建议 vulnBurp = [] #找到所有<span class="BODH0">,为漏洞文件名的标签。并以此为基点,向下寻找第一个符合情况的标签,包括risk、url、solution names = content.find_all('span', class_='BODH0') for name in names: #初始化缓冲输出为空 urlstr = '' vulnName = '' vulnRisk = '' vulnURLs = '' vulnSolution = '' #得到漏洞名称 vulnName = name.find('a').text #找到漏洞urls urls = name.find_next('span', class_='TEXT') #找到详细问题的table,里面有risk 和 host table = name.find_next( 'table', class_='summary_table').get_text().split('\n') #得到漏洞修复建议 vulnSolution = name.find_next( 'h2', text='Issue remediation').find_next('span').get_text() #根据值的规律,得到第五个字段为风险等级,第13个字段为host名字 vulnRisk = table[4] if vulnRisk == 'Information': #info_flag 传进来是false,为不输出消息漏洞。负负得正 # if info_flag: # pass # else: # break if not info_flag: break host = table[12] #此处设置url只取5个值及以下 i = 5 for url in urls.select('li'): #退出本层循环 if i < 1: break #得到的url缺失host头,拼接并追加\n urlstr += host + url.get_text() + '\n' i -= 1 if urlstr: vulnURLs = urlstr[:-2] else: #如果没有漏洞url,则为应用系统根地址 vulnURLs = host #单个漏洞的全部示例 vulnBurp.append([vulnName, vulnRisk, vulnURLs, vulnSolution]) #翻译并返回数据 # print(info_flag) for x in vulnBurp: if x[1] == 'High': x[1] = '高' elif x[1] == 'Medium': x[1] = '中' elif x[1] == 'Low': x[1] = '低' elif x[1] == 'Information': x[1] = '低' for x in vulnBurp: x[0] = googletranslater.googleTrans(x[0]) x[3] = googletranslater.googleTrans(x[3]) return vulnBurp