基於RSAS版本V6.0R03F00SP01，輸出具有危險的IP，弱口令列表

書接上回：https://blog.csdn.net/Amdy_amdy/article/details/103012605    對代碼封裝，加入弱口令

RSAS主機掃描過程中，如果加入了弱口令掃描，則掃描出弱口令，會通過弱口令掃描服務器。一般情況下，這種掃描出來的漏洞會更多。所以，將兩個報告分開掃描，將可變因素降至最低。所以下面代碼中獲取的IP與弱口令不在一個報告中。

本次基於RSAS導出的html報告類型。

具體代碼如下：

"""
======================
@Auther:CacheYu
@Time:2019/11/19 上午
======================
"""
#!usr/bin/python
#coding:utf-8

import zipfile
from bs4 import BeautifulSoup
import sys
import os 

# 獲取IP危險等級信息
def html(file):
	with zipfile.ZipFile(file,'r') as z:
		# print(z.namelist())
		f=z.open('index.html')
		souphtml = BeautifulSoup(f,'lxml')
		soup_hostsum = souphtml.find_all(class_="report_table plumb")
		hostsum = soup_hostsum[2].find(class_="even").find('td').get_text().replace(' ','').replace('\t','').replace('\n','').replace('\r','')
		print(hostsum)
		try:
			find_name = "report_content"
			soupfind = souphtml.find_all(class_=find_name)
			html_ip(soupfind)
		except:
			find_name = "report_table"
			soupfind = souphtml.find_all(class_=find_name)
			html_weekpasswd(soupfind)
	f.close()


#獲取弱口令列表-直接輸出
def html_weekpasswd(soupfind):
	try:
		table = soupfind[13]
		table_tr = table.find_all('tr')
		trhtml = table_tr[0].get_text().replace('\n','\t').lstrip('\t')
		print(trhtml)

		count = 0
		for trhtml in table_tr:
			tdhtml = trhtml.find_all('td')
			if len(tdhtml)==0:#如果列表爲空，則跳過
				continue
			ip = tdhtml[0].find('a').get_text()
			name = tdhtml[1].get_text()
			passwd = tdhtml[2].get_text().replace(' ','').replace('\t','').replace('\n','').replace('\r','')
			A_type = tdhtml[3].get_text()
			iplist = ip + '\t' + name + '\t' + passwd + '\t' + A_type
			print(iplist)
			count += 1
		print('Sumpasswd:' + str(count))
	except:
		print("NO WEEK PASSWORD!")


#獲取IP列表-存儲在文件中
def html_ip(soupfind):
	table = soupfind[2].find(class_="report_table").find('tbody').find_all('tr')

	first_int = second_int = 0
	for trhtml in table:
		tdhtml = trhtml.find_all('td')
		ip = tdhtml[0].find('a').get_text()
		host = tdhtml[1].get_text()
		os = tdhtml[2].get_text()
		first = tdhtml[3].get_text()
		second = tdhtml[4].get_text()
		three = tdhtml[5].get_text()
		total = tdhtml[6].get_text()
		risk = tdhtml[7].get_text()
		iplist = ip + '\t' + host + '\t' + os + '\t' + first + '\t' + second + '\t' + three + '\t' + total + '\t' + risk + '\n'
		outputfile.write(iplist)

		first_int = first_int + int(first)
		second_int = second_int + int(second)
	first_string = str(first_int)
	second_string = str(second_int)
	SUM = str(first_int+second_int)
	print("SUM="+SUM+"\t(FirstSum="+first_string+" || SecondSum="+second_string+")")
	print('if you want know the ListIP, please open ./html.txt')



if __name__ =='__main__':
	outputfile=open("./html.txt",'w') #w表示覆蓋，a+表示追加
	file = sys.argv[1]
	html(file)
	outputfile.close()

結果顯示：

IP列表：

弱口令：