接上一篇文章,继续对接绿盟的扫描器。
本文为终结篇,暂时不会对该接口进行开发,且该脚本符合程序应用要求。
满足需求使用,且完成目标。
nsf_2.0.py
# -*-coding:utf-8 -*-
# BY WANGCC
# -*-coding:utf-8 -*-
# BY WANGCC
import xml.dom.minidom as minidom
import sys,re
class Nsf_currency:
task_type='domain'
os_match = 'yes'
messtypes='5;6;7;8;9;10;11;12;13;14;15;16;17;18;20;21;22;23;24;25;26;27;28'
isguesspwd='no'
port_strategy='user'
port_speed='3'
port_tcp='T'
port_udp='yes'
live='yes'
live_icmp='yes'
live_udp='no'
live_tcp='yes'
live_tcp_ports='21,22,23,25,80,443,445,139,3389,6000'
scan_level='3'
timeout_plugins='40'
timeout_read='5'
enable_unsafe_plugins='no'
scan_alert='yes'
alert_msg=''
scan_huawei='no'
check_addtional='no'
scan_oracle='yes'
ifdebug='no'
encoding='UTF-8'
class Nsf_conf(Nsf_currency):
def __init__(self,targets, port_strategy_userports):
self.targets=targets
self.port_strategy_userports=port_strategy_userports
def create_tree(argv):
ip_list=argv[1]
ports=argv[2]
task_xml=argv[3]
task_name=argv[4]
dom = minidom.getDOMImplementation().createDocument(None, 'config', None)
root = dom.documentElement
employee = dom.createElement('server')
root.appendChild(employee)
targets = dom.createElement('targets')
targets.appendChild(dom.createTextNode('\n\t'))
root.appendChild(targets)
report = dom.createElement('report')
report.appendChild(dom.createTextNode('\n\t'))
root.appendChild(report)
pwdguess = dom.createElement('pwdguess')
pwdguess.appendChild(dom.createTextNode('\n\t'))
root.appendChild(pwdguess)
#----------------
taskname = dom.createElement('taskname')
taskname.appendChild(dom.createCDATASection(task_name))
root.appendChild(taskname)
#--------------------plugin_template_id
plugin_template_id = dom.createElement('plugin_template_id')
plugin_template_id.appendChild(dom.createTextNode('0'))
root.appendChild(plugin_template_id)
#---------------------
scanpri = dom.createElement('scanpri')
scanpri.appendChild(dom.createTextNode('2'))
root.appendChild(scanpri)
def dom_createE(name, value):
element = dom.createElement('key')
element.setAttribute('name', name)
element.setAttribute('value', value)
employee.appendChild(element)
return
def writeInfoToXml(object,task_xml):
# 内容参数
dom_createE(name='task_type', value=Nsf_currency.task_type)
dom_createE(name='targets', value=object.targets)
dom_createE(name='os_match', value=object.os_match)
dom_createE(name='messtypes', value=object.messtypes)
dom_createE(name='isguesspwd', value=object.isguesspwd)
dom_createE(name='port_strategy', value=object.port_strategy)
dom_createE(name='port_strategy_userports', value=object.port_strategy_userports)
dom_createE(name='port_speed', value=object.port_speed)
dom_createE(name='port_tcp', value=object.port_tcp)
dom_createE(name='port_udp', value=object.port_udp)
dom_createE(name='live', value=object.live)
dom_createE(name='live_icmp', value=object.live_icmp)
dom_createE(name='live_udp', value=object.live_udp)
dom_createE(name='live_tcp', value=object.live_tcp)
dom_createE(name='live_tcp_ports', value=object.live_tcp_ports)
dom_createE(name='scan_level', value=object.scan_level)
dom_createE(name='timeout_plugins', value=object.timeout_plugins)
dom_createE(name='timeout_read', value=object.timeout_read)
dom_createE(name='enable_unsafe_plugins', value=object.enable_unsafe_plugins)
dom_createE(name='scan_alert', value=object.scan_alert)
dom_createE(name='scan_huawei', value=object.scan_huawei)
dom_createE(name='check_addtional', value=object.check_addtional)
dom_createE(name='scan_oracle', value=object.scan_oracle)
dom_createE(name='ifdebug', value=object.ifdebug)
dom_createE(name='encoding', value=object.encoding)
def Before_execution(ip_list, ports, task_xml):
print('进入Before_execution')
object = Nsf_conf(ip_list, ports)
writeInfoToXml(object, task_xml)
if task_xml:
print(task_xml + '生成成功')
else:
exit('发生错误')
Before_execution(ip_list, ports, task_xml)
with open(task_xml, 'w', encoding='utf-8') as f:
dom.writexml(f, addindent='\t', newl='\n', encoding='utf-8')
def Verification(argv):
compile_ip = re.compile('^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)$')
if compile_ip.match(argv[1]) and re.search('[a-z]',argv[2]) is None:
pass
else:
print('python nsf_class.py [ip] [ports] [task_xml] [task_name]' )
exit('参数不合规')
def main():
if len(sys.argv)==5:
Verification(sys.argv)
create_tree(sys.argv)
else:
exit('参数不足')
main()
调用文件
# -*-coding:utf-8 -*-
# BY WANGCC
import pycurl
import StringIO
import urllib
import os,sys
##########参数部分,需要根据实际情况修改##########
# 接口IP
host = '192.168.1.2'
# 全局参数配置
username = 'user'
password = 'mypassword'
result_format = 'xml'
# 请求参数(POST)
# XML路径
config_xml = sys.argv[3]
# 任务类型
task_type = '1'
#外部脚本
ip_list = sys.argv[1]
ports = sys.argv[2]
task_xml = sys.argv[3]
task_name = sys.argv[4]
os.system("python nsf_2.py ip_list ports task_xml task_name")
# https://{device_ip}/api/{api_name}?{query_string}
url = 'https://' + host + '/api/task/create?username=' + username + '&password=' + password + '&format=' + result_format
io = StringIO.StringIO()
curl = pycurl.Curl()
curl.setopt(pycurl.URL,url)
curl.setopt(pycurl.WRITEFUNCTION, io.write)
curl.setopt(pycurl.SSL_VERIFYPEER, 0)
curl.setopt(pycurl.SSL_VERIFYHOST, 0)
# POST请求参数type和config_xml
curl.setopt(pycurl.HTTPPOST, [('config_xml',(curl.FORM_FILE, config_xml)),
('type',(curl.FORM_CONTENTS, task_type)),
])
curl.perform()
ret = io.getvalue()
print(ret)
io.close()
curl.close()
写在后面,虽然因为种种原因吧,虽然测试通过了,但是没有在生产系统使用,但是也是一次真实的体验。
从侧面透露出了基本功的掌握不扎实,对类与对象的理解不够深入、透彻,人生中所有付出的汗水,都将是驱人奋进的力量!
