def zhengli_html(srcFile, info_flag):
#csv读取整合
#预处理,读取csv数据文件
csv_list = read_html(srcFile, info_flag)
#连接漏洞数据库
conn = sqlite3.connect('nessus.db')
conn.text_factory = str
cursor = conn.cursor()
# text = cursor.execute("select * from vuln where vuln_en='Anonymous FTP Enabled'")
# for row in text:
# print(row)
#新建list,存放在漏洞库中的数据及翻译后的数据
# print(csv_list)
# new_list = csv_list
j = 0
for i in csv_list:
tmp_en_name = i[1]
result = cursor.execute("select * from nessus where pluginID=?",
(int(i[0]), ))
#单纯用result的话,取其长度后,值就无法取出来了,所以要先fetchall
result1 = result.fetchall()
if len(list(result1)):
for row in result1:
# new_list[j][1] = row[2]
# new_list[j][4] = row[4]
i[1] = row[3]
i[4] = row[5]
print('这个是从数据库中取出来的值')
print(i)
else:
#翻译并写入漏洞库
# new_list[j][1] = googletranslater.googleTrans(i[1])
# new_list[j][4] = googletranslater.googleTrans(i[4])
# conn.execute("insert into nessus values(?, ?, ?, ?, ?)", (int(i[0]), i[1], new_list[j][1], i[2], new_list[j][4]))
i[1] = googletranslater.googleTrans(i[1])
i[4] = googletranslater.googleTrans(i[4])
print(tmp_en_name)
print('*************\n')
print(i[1])
conn.execute(
"insert into nessus(pluginID, vuln_en, vuln_zh, risk, solution) values(?, ?, ?, ?, ?)",
(int(i[0]), tmp_en_name, i[1], i[2], i[4]))
j = j + 1
#数据库中的数据有可能有不管怎样替换都会存在自动换行,在这里替换效果最好
#write2docx中只有4个字段,无pluginID,所以这里要去掉
nessus_list = []
# for x in new_list:
for x in csv_list:
x[1] = x[1].replace("\n", "")
x[4] = x[4].replace("\n", "")
nessus_list.append([x[1], x[2], x[3], x[4]])
# write2csv(new_list, destFile)
#提交插入
conn.commit()
return ("主机IP", nessus_list)
def zhengli_csv(srcFile, info_flag):
# csv读取整合
# 预处理,读取csv数据文件
csv_list = read_csv(srcFile, info_flag)
# 连接漏洞数据库
conn = sqlite3.connect('nessus.db')
conn.text_factory = str
cursor = conn.cursor()
# text = cursor.execute("select * from vuln where vuln_en='Anonymous FTP Enabled'")
# for row in text:
# print(row)
# 新建list,存放在漏洞库中的数据及翻译后的数据
# print(csv_list)
new_list = csv_list
j = 0
for i in new_list:
print(i[0])
result = cursor.execute("select * from nessus where pluginID=?", (int(i[0]),))
# 单纯用result的话,取其长度后,值就无法取出来了,所以要先fetchall
result1 = result.fetchall()
if len(list(result1)):
for row in result1:
new_list[j][1] = row[2]
new_list[j][4] = row[4]
else:
# 翻译并写入漏洞库
new_list[j][1] = googletranslater.googleTrans(i[1])
#x = googletranslater.googleTrans(i[4].replace('\n', '').replace('\r', ''))
new_list[j][4] = googletranslater.googleTrans(i[4].replace('\n', '').replace('\r', ''))
#print('1234',new_list[j][4])
conn.execute("insert into nessus values(?, ?, ?, ?, ?)",
(int(i[0]), i[1], new_list[j][1], i[2], new_list[j][4]))
# print(new_list[j][1])
# print(type(new_list[j][4]))
j = j + 1
# 数据库中的数据有可能有不管怎样替换都会存在自动换行,在这里替换效果最好
# write2docx中只有4个字段,无pluginID,所以这里要去掉
nessus_list = []
for x in new_list:
# x[1] = x[1].replace("\n", "")
# x[4] = x[4].replace("\n", "")
nessus_list.append([x[1], x[2], x[3], x[4]])
# write2csv(new_list, destFile)
# 提交插入
conn.commit()
print(nessus_list)
return nessus_list
def zhengli(fileName, info_flag):
# 'r'时出现"UnicodeDecodeError: 'gbk' codec can't decode byte 0x80 in position 205: illegal multibyte sequence"
#错误,方法一:r 后加encoding='utf-8';法二,'rb'
#打开文件
# print(info_flag)
with open(fileName, 'r', encoding='utf-8') as f:
text = ''.join(f.readlines())
text1 = text.replace(
'<td colspan="16" class="s37">Acunetix Website Audit</td>', '')
text2 = text1.replace(
'<td class="s37" colspan="16">Acunetix Website Audit</td>', '')
html = bs(text2, "html.parser")
# html.replace('<td colspan="16" class="s37">Acunetix Website Audit</td>','')
url = ''
#变量声明,使用risk level分成3个列表代替排序
awvs_list, risk_high, risk_medium, risk_low = [], [], [], []
#baseurl为基础地址,如http:192.168.1.2:8080
awvs_baseURL = str(html.find(text=re.compile('^Scan of'))).replace(
'Scan of ', '').split('/')
baseurl = awvs_baseURL[0] + "//" + awvs_baseURL[2]
#得到Alert group的坐标,个人认为是最优选择。因为上面就是参数或URL,比较方便选择。
#涉及到的 s10 之类的为class值,如模板改变,需改变相应的值。
#s30为 alert group
# tmps = html.find_all(class_=re.compile('^s30'), text='Alert group')
tmps = html.find_all(class_=re.compile('^s'), text='Alert group')
for tmp in tmps:
#s31为漏洞等级
# risk_level = tmp.find_next(class_=re.compile('^s31')).get_text()
risk_level = tmp.find_next(
class_=re.compile('^s'),
text='Severity').find_next(class_=re.compile('^s')).get_text()
#如果是消息级别不整理
#如果是高级别,则放到一个单独的list里,后续2个都一样
if risk_level == "High":
#awvs的参数不是每个漏洞都有,没有的漏洞在HTML里也没有体现parameter这个字段,所以这里采取不记录这个字段
#有则跳过,没有则找漏洞URL
if "Parameter" in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = tmp.find_previous(
class_=re.compile('^s')).find_previous(
class_=re.compile('^s')).get_text()
#因为漏洞URL这个字段也不是每个漏洞都有,HTML中也相应没有这个字段,所以要查找上个漏洞的详情确定是否存在URL
#awvs这个HTML排版 任性得很
elif 'Connection: Keep-alive' in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = ''
else:
url = tmp.find_previous(class_=re.compile('^s')).get_text()
#一系列折腾得到的URL,居然还会有web server、'/' 和 ''这几种操作
if url == 'Web Server' or url == '':
awvs_url = baseurl + '/'
else:
#拼接得到完整URL
awvs_url = baseurl + url
# alert group 后一个是漏洞名字
awvs_name = tmp.find_next(class_=re.compile('^s')).get_text()
#awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text()
#因为确定是高,直接写高了
awvs_risk = "高"
# awvs_url =
#Recommendations 后一个是解决方案
awvs_solution = tmp.find_next(
class_=re.compile('^s'), text='Recommendations').find_next(
class_=re.compile('^s')).get_text()
risk_high.append(
[awvs_name, awvs_risk, awvs_url, awvs_solution])
#和上面注释一样
elif risk_level == "Medium":
if "Parameter" in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = tmp.find_previous(
class_=re.compile('^s')).find_previous(
class_=re.compile('^s')).get_text()
elif 'Connection: Keep-alive' in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = ''
else:
url = tmp.find_previous(class_=re.compile('^s')).get_text()
if url == 'Web Server' or url == '':
awvs_url = baseurl + '/'
else:
awvs_url = baseurl + url
awvs_name = tmp.find_next(class_=re.compile('^s')).get_text()
#awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text()
awvs_risk = "中"
# awvs_url =
awvs_solution = tmp.find_next(
class_=re.compile('^s'), text='Recommendations').find_next(
class_=re.compile('^s')).get_text()
risk_medium.append(
[awvs_name, awvs_risk, awvs_url, awvs_solution])
elif risk_level == "Low":
if "Parameter" in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = tmp.find_previous(
class_=re.compile('^s')).find_previous(
class_=re.compile('^s')).get_text()
elif 'Connection: Keep-alive' in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = ''
else:
url = tmp.find_previous(class_=re.compile('^s')).get_text()
if url == 'Web Server' or url == '':
awvs_url = baseurl + '/'
else:
awvs_url = baseurl + url
awvs_name = tmp.find_next(class_=re.compile('^s')).get_text()
#awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text()
awvs_risk = "低"
# awvs_url =
awvs_solution = tmp.find_next(
class_=re.compile('^s'), text='Recommendations').find_next(
class_=re.compile('^s')).get_text()
risk_low.append(
[awvs_name, awvs_risk, awvs_url, awvs_solution])
elif risk_level == 'Informational' and info_flag:
if "Parameter" in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = tmp.find_previous(
class_=re.compile('^s')).find_previous(
class_=re.compile('^s')).get_text()
elif 'Connection: Keep-alive' in tmp.find_previous(
class_=re.compile('^s')).get_text():
url = ''
else:
url = tmp.find_previous(class_=re.compile('^s')).get_text()
if url == 'Web Server' or url == '':
awvs_url = baseurl + '/'
else:
awvs_url = baseurl + url
awvs_name = tmp.find_next(class_=re.compile('^s')).get_text()
#awvs_risk = tmp.find_next(class_=re.compile('^s31')).get_text()
awvs_risk = "低"
# awvs_url =
awvs_solution = tmp.find_next(
class_=re.compile('^s'), text='Recommendations').find_next(
class_=re.compile('^s')).get_text()
risk_low.append(
[awvs_name, awvs_risk, awvs_url, awvs_solution])
# awvs_list.append([awvs_name, awvs_risk, awvs_url, awvs_solution])
#list按漏洞名称排序,方便合并URL
risk_high.sort(key=takeName)
risk_medium.sort(key=takeName)
risk_low.sort(key=takeName)
#把三个列表合并成一个列表
awvs_list.extend(risk_high)
awvs_list.extend(risk_medium)
awvs_list.extend(risk_low)
list1 = []
#如果有相同的就去重,以防万一
for x in awvs_list:
if x not in list1:
list1.append(x)
#合并URL
new_list = hebing_url(list1)
#翻译
for x in new_list:
x[0] = googletranslater.googleTrans(x[0])
x[3] = googletranslater.googleTrans(x[3])
return ("URL地址", new_list)
def zhengli(fileName, info_flag):
#思路:获取所有的<span class="BODH0"(不用<p class='TOCH0'),得到漏洞名字,find_next span class_='TEXT'得到所有url,大于5个取5个
#再find_next h2 text='Issue remediation' 的前一个是 Issue remediation,得到漏洞修复建议
#找到 summary_table ,类型和awvs 及APPscan有点相似
with open(fileName, 'r', encoding='utf-8') as f:
content = bs(f, "html.parser")
# '''
#找到<span class="BODH0">中标签a的值
#应用系统的根地址
host = ''
#存放的漏洞信息,为漏洞名字、漏洞风险等级、漏洞url、漏洞修复建议
vulnBurp = []
#找到所有<span class="BODH0">,为漏洞文件名的标签。并以此为基点,向下寻找第一个符合情况的标签,包括risk、url、solution
names = content.find_all('span', class_='BODH0')
for name in names:
#初始化缓冲输出为空
urlstr = ''
vulnName = ''
vulnRisk = ''
vulnURLs = ''
vulnSolution = ''
#得到漏洞名称
vulnName = name.find('a').text
#找到漏洞urls
urls = name.find_next('span', class_='TEXT')
#找到详细问题的table,里面有risk 和 host
table = name.find_next(
'table', class_='summary_table').get_text().split('\n')
#得到漏洞修复建议
vulnSolution = name.find_next(
'h2', text='Issue remediation').find_next('span').get_text()
#根据值的规律,得到第五个字段为风险等级,第13个字段为host名字
vulnRisk = table[4]
if vulnRisk == 'Information':
#info_flag 传进来是false,为不输出消息漏洞。负负得正
# if info_flag:
# pass
# else:
# break
if not info_flag:
break
host = table[12]
#此处设置url只取5个值及以下
i = 5
for url in urls.select('li'):
#退出本层循环
if i < 1:
break
#得到的url缺失host头,拼接并追加\n
urlstr += host + url.get_text() + '\n'
i -= 1
if urlstr:
vulnURLs = urlstr[:-2]
else:
#如果没有漏洞url,则为应用系统根地址
vulnURLs = host
#单个漏洞的全部示例
vulnBurp.append([vulnName, vulnRisk, vulnURLs, vulnSolution])
#翻译并返回数据
# print(info_flag)
for x in vulnBurp:
if x[1] == 'High':
x[1] = '高'
elif x[1] == 'Medium':
x[1] = '中'
elif x[1] == 'Low':
x[1] = '低'
elif x[1] == 'Information':
x[1] = '低'
for x in vulnBurp:
x[0] = googletranslater.googleTrans(x[0])
x[3] = googletranslater.googleTrans(x[3])
return vulnBurp
