書接上回:https://blog.csdn.net/Amdy_amdy/article/details/103012605 對代碼封裝,加入弱口令
RSAS主機掃描過程中,如果加入了弱口令掃描,則掃描出弱口令,會通過弱口令掃描服務器。一般情況下,這種掃描出來的漏洞會更多。所以,將兩個報告分開掃描,將可變因素降至最低。所以下面代碼中獲取的IP與弱口令不在一個報告中。
本次基於RSAS導出的html報告類型。
具體代碼如下:
"""
======================
@Auther:CacheYu
@Time:2019/11/19 上午
======================
"""
#!usr/bin/python
#coding:utf-8
import zipfile
from bs4 import BeautifulSoup
import sys
import os
# 獲取IP危險等級信息
def html(file):
with zipfile.ZipFile(file,'r') as z:
# print(z.namelist())
f=z.open('index.html')
souphtml = BeautifulSoup(f,'lxml')
soup_hostsum = souphtml.find_all(class_="report_table plumb")
hostsum = soup_hostsum[2].find(class_="even").find('td').get_text().replace(' ','').replace('\t','').replace('\n','').replace('\r','')
print(hostsum)
try:
find_name = "report_content"
soupfind = souphtml.find_all(class_=find_name)
html_ip(soupfind)
except:
find_name = "report_table"
soupfind = souphtml.find_all(class_=find_name)
html_weekpasswd(soupfind)
f.close()
#獲取弱口令列表-直接輸出
def html_weekpasswd(soupfind):
try:
table = soupfind[13]
table_tr = table.find_all('tr')
trhtml = table_tr[0].get_text().replace('\n','\t').lstrip('\t')
print(trhtml)
count = 0
for trhtml in table_tr:
tdhtml = trhtml.find_all('td')
if len(tdhtml)==0:#如果列表爲空,則跳過
continue
ip = tdhtml[0].find('a').get_text()
name = tdhtml[1].get_text()
passwd = tdhtml[2].get_text().replace(' ','').replace('\t','').replace('\n','').replace('\r','')
A_type = tdhtml[3].get_text()
iplist = ip + '\t' + name + '\t' + passwd + '\t' + A_type
print(iplist)
count += 1
print('Sumpasswd:' + str(count))
except:
print("NO WEEK PASSWORD!")
#獲取IP列表-存儲在文件中
def html_ip(soupfind):
table = soupfind[2].find(class_="report_table").find('tbody').find_all('tr')
first_int = second_int = 0
for trhtml in table:
tdhtml = trhtml.find_all('td')
ip = tdhtml[0].find('a').get_text()
host = tdhtml[1].get_text()
os = tdhtml[2].get_text()
first = tdhtml[3].get_text()
second = tdhtml[4].get_text()
three = tdhtml[5].get_text()
total = tdhtml[6].get_text()
risk = tdhtml[7].get_text()
iplist = ip + '\t' + host + '\t' + os + '\t' + first + '\t' + second + '\t' + three + '\t' + total + '\t' + risk + '\n'
outputfile.write(iplist)
first_int = first_int + int(first)
second_int = second_int + int(second)
first_string = str(first_int)
second_string = str(second_int)
SUM = str(first_int+second_int)
print("SUM="+SUM+"\t(FirstSum="+first_string+" || SecondSum="+second_string+")")
print('if you want know the ListIP, please open ./html.txt')
if __name__ =='__main__':
outputfile=open("./html.txt",'w') #w表示覆蓋,a+表示追加
file = sys.argv[1]
html(file)
outputfile.close()
結果顯示:
IP列表:
弱口令: