508 lines
17 KiB
Go
508 lines
17 KiB
Go
|
package pkg
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"archive/zip"
|
|||
|
|
"errors"
|
|||
|
|
"fmt"
|
|||
|
|
"github.com/antchfx/htmlquery"
|
|||
|
|
"github.com/schollz/progressbar/v3"
|
|||
|
|
"github.com/xuri/excelize/v2"
|
|||
|
|
"golang.org/x/net/html"
|
|||
|
|
"io"
|
|||
|
|
"regexp"
|
|||
|
|
"strconv"
|
|||
|
|
"strings"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
func RsasInit() *RsasScanner {
|
|||
|
|
return &RsasScanner{}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func (RsasScanner *RsasScanner) AnalyseZip(zipFile string) bool {
|
|||
|
|
//var filenames []string
|
|||
|
|
print("解析zip: " + zipFile)
|
|||
|
|
r, err := zip.OpenReader(zipFile)
|
|||
|
|
if err != nil {
|
|||
|
|
return false
|
|||
|
|
}
|
|||
|
|
defer r.Close()
|
|||
|
|
var htmlAllVulnInfos []HtmlAllVulnInfo
|
|||
|
|
for _, f := range r.File {
|
|||
|
|
//println(f.Name)
|
|||
|
|
re := regexp.MustCompile(`host/.*?.html`)
|
|||
|
|
htmlFilename := re.FindAllString(f.Name, -1)
|
|||
|
|
if len(htmlFilename) >= 1 {
|
|||
|
|
|
|||
|
|
htmlContent := GetHtmlContent(f)
|
|||
|
|
if htmlContent != "" {
|
|||
|
|
htmlAllVulnInfo := QueryHtmlInfo(htmlContent)
|
|||
|
|
//for _, vuln := range htmlAllVulnInfo.HtmlVulnInfos {
|
|||
|
|
// fmt.Printf(vuln.Solution)
|
|||
|
|
//}
|
|||
|
|
htmlAllVulnInfos = append(htmlAllVulnInfos, htmlAllVulnInfo)
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
}
|
|||
|
|
for _, eachHtmlVuln := range htmlAllVulnInfos {
|
|||
|
|
for _, eachVuln := range eachHtmlVuln.HtmlVulnInfos {
|
|||
|
|
RsasScanner.AllVulnInfos = append(RsasScanner.AllVulnInfos, eachVuln)
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return true
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func MergeRsasVulnToExcel(zipFile string, outputFilename string) error {
|
|||
|
|
//print("执行中")
|
|||
|
|
if zipFile == "" {
|
|||
|
|
return errors.New("请输入压缩文件文件名, -h 弹出帮助菜单")
|
|||
|
|
}
|
|||
|
|
rsas := RsasInit()
|
|||
|
|
rsas.AnalyseZip(zipFile)
|
|||
|
|
rsas.GenerateXlsx(outputFilename)
|
|||
|
|
//fmt.Printf("%v", rsas.AllVulnInfos)
|
|||
|
|
|
|||
|
|
return nil
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func GetHtmlContent(filename *zip.File) string {
|
|||
|
|
//println("打印..")
|
|||
|
|
htmlContent, err := filename.Open()
|
|||
|
|
if err != nil {
|
|||
|
|
println("解析html有问题")
|
|||
|
|
}
|
|||
|
|
//io流转string
|
|||
|
|
if b, err := io.ReadAll(htmlContent); err == nil {
|
|||
|
|
return string(b)
|
|||
|
|
}
|
|||
|
|
return ""
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func QueryHtmlInfo(content string) (htmlAllVulnInfo HtmlAllVulnInfo) {
|
|||
|
|
//var htmlAllVulnInfo HtmlAllVulnInfo
|
|||
|
|
|
|||
|
|
doc, err := htmlquery.Parse(strings.NewReader(content))
|
|||
|
|
if err != nil {
|
|||
|
|
println(err)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
//println(htmlquery.InnerText(ip)) //ip
|
|||
|
|
ip := htmlquery.FindOne(doc, "//*[@id=\"content\"]/div[2]/table[2]/tbody/tr/td[1]/table/tbody/tr[1]/td")
|
|||
|
|
|
|||
|
|
if strings.Contains(content, "非常安全(0分)") {
|
|||
|
|
println(htmlquery.InnerText(ip) + " 无漏洞")
|
|||
|
|
} else {
|
|||
|
|
vulnDetail := htmlquery.FindOne(doc, "//*[@id=\"vuln_list\"]/tbody")
|
|||
|
|
|
|||
|
|
//ip := htmlquery.FindOne(doc, "//*[@id=\"content\"]/div[2]/table[2]/tbody/tr/td[1]/table/tbody/tr[1]/td")
|
|||
|
|
|
|||
|
|
nodes := htmlquery.Find(vulnDetail, "//tr")
|
|||
|
|
htmlAllVulnInfo = FindVulnDetails(nodes, ip)
|
|||
|
|
//htmlVulnInfo.IpAddress = htmlquery.InnerText(ip)
|
|||
|
|
//htmlAllVulnInfo.HtmlVulnInfos = append(htmlAllVulnInfo.HtmlVulnInfos, htmlVulnInfo)
|
|||
|
|
vulnSolutionNode := htmlquery.FindOne(doc, "//*[@id=\"vul_detail\"]/table")
|
|||
|
|
solutionVulnInfos := FindVulnSolution(vulnSolutionNode)
|
|||
|
|
for _, solutionVulnInfo := range solutionVulnInfos {
|
|||
|
|
for i, htmlVulnInfo := range htmlAllVulnInfo.HtmlVulnInfos {
|
|||
|
|
if htmlVulnInfo.VulnInfos == solutionVulnInfo.VulnInfos {
|
|||
|
|
//println("找到解决方法:" + htmlVulnInfo.VulnInfos)
|
|||
|
|
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos[i].Solution = solutionVulnInfo.Solution
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos[i].CVENumber = solutionVulnInfo.CVENumber
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos[i].Details = solutionVulnInfo.Details
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos[i].RiskLevel = solutionVulnInfo.RiskLevel
|
|||
|
|
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return htmlAllVulnInfo
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func FindVulnDetails(nodes []*html.Node, ip *html.Node) HtmlAllVulnInfo {
|
|||
|
|
var htmlAllVulnInfo HtmlAllVulnInfo
|
|||
|
|
var htmlVulnInfo HtmlVulnInfo
|
|||
|
|
filterFirstLine := false
|
|||
|
|
for _, node := range nodes {
|
|||
|
|
if !filterFirstLine {
|
|||
|
|
filterFirstLine = true
|
|||
|
|
continue
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
td := htmlquery.Find(node, "//td")
|
|||
|
|
htmlVulnInfo.IpAddress = htmlquery.InnerText(ip)
|
|||
|
|
htmlVulnInfo.Port = htmlquery.InnerText(td[0])
|
|||
|
|
htmlVulnInfo.Protocol = htmlquery.InnerText(td[1])
|
|||
|
|
htmlVulnInfo.Service = htmlquery.InnerText(td[2])
|
|||
|
|
if JudgeMutiVulnName(td[3]) {
|
|||
|
|
vulnInfos := AddMutiVulnName(td[3], htmlVulnInfo)
|
|||
|
|
for _, vulnInfo := range vulnInfos {
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos = append(htmlAllVulnInfo.HtmlVulnInfos, vulnInfo)
|
|||
|
|
}
|
|||
|
|
} else {
|
|||
|
|
htmlVulnInfo.VulnInfos = htmlquery.InnerText(htmlquery.FindOne(td[3], "//span"))
|
|||
|
|
htmlVulnInfo.VulnInfos = strings.Replace(htmlVulnInfo.VulnInfos, "\r", "", -1)
|
|||
|
|
htmlVulnInfo.VulnInfos = strings.Replace(htmlVulnInfo.VulnInfos, "\n", "", -1)
|
|||
|
|
htmlVulnInfo.VulnInfos = strings.Replace(htmlVulnInfo.VulnInfos, " ", "", -1)
|
|||
|
|
versionDiv, _ := htmlquery.QueryAll(td[3], "//div/div")
|
|||
|
|
if len(versionDiv) == 0 {
|
|||
|
|
htmlVulnInfo.ServiceDetail = ""
|
|||
|
|
} else {
|
|||
|
|
//println("端口" + htmlVulnInfo.Port)
|
|||
|
|
//println(len(versionDiv))
|
|||
|
|
htmlVulnInfo.ServiceDetail = TrimString(htmlquery.InnerText(versionDiv[0]))
|
|||
|
|
|
|||
|
|
//println("单漏洞版本号: " + htmlVulnInfo.ServiceDetail)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
htmlVulnInfo.ServiceDetail = TrimString(htmlVulnInfo.ServiceDetail)
|
|||
|
|
htmlAllVulnInfo.HtmlVulnInfos = append(htmlAllVulnInfo.HtmlVulnInfos, htmlVulnInfo)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
//for _, n := range td {
|
|||
|
|
//
|
|||
|
|
// //text := strings.Replace(htmlquery.InnerText(n), "\r", "", -1)
|
|||
|
|
// //text = strings.Replace(text, "\n", "", -1)
|
|||
|
|
// //text = strings.Replace(text, " ", "", -1)
|
|||
|
|
// println(text)
|
|||
|
|
//}
|
|||
|
|
}
|
|||
|
|
return htmlAllVulnInfo
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func JudgeMutiVulnName(td *html.Node) bool {
|
|||
|
|
span := htmlquery.Find(td, "//span")
|
|||
|
|
if len(span) > 1 {
|
|||
|
|
return true
|
|||
|
|
}
|
|||
|
|
return false
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func AddMutiVulnName(td *html.Node, vulnInfo HtmlVulnInfo) (vulnInfos []HtmlVulnInfo) {
|
|||
|
|
|
|||
|
|
spans := htmlquery.Find(td, "//span")
|
|||
|
|
|
|||
|
|
for i, span := range spans {
|
|||
|
|
eachVulnInfo := HtmlVulnInfo{
|
|||
|
|
IpAddress: vulnInfo.IpAddress,
|
|||
|
|
Port: vulnInfo.Port,
|
|||
|
|
Service: vulnInfo.Service,
|
|||
|
|
Protocol: vulnInfo.Protocol,
|
|||
|
|
}
|
|||
|
|
//println("端口" + vulnInfo.Port)
|
|||
|
|
|
|||
|
|
versionDiv, _ := htmlquery.QueryAll(td, "//ul/li["+strconv.Itoa(i+1)+"]/div/div") ///html/body/div/div[4]/div[4]/div[2]/table/tbody/tr[8]/td[4]/ul/li[1]/div/div
|
|||
|
|
if len(versionDiv) == 0 {
|
|||
|
|
|
|||
|
|
eachVulnInfo.ServiceDetail = ""
|
|||
|
|
} else {
|
|||
|
|
|
|||
|
|
eachVulnInfo.ServiceDetail = TrimString(htmlquery.InnerText(versionDiv[0]))
|
|||
|
|
//eachVulnInfo.ServiceDetail = htmlquery.SelectAttr(versionDiv, "class")
|
|||
|
|
//println("多漏洞 版本号:" + eachVulnInfo.ServiceDetail)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
eachVulnInfo.VulnInfos = htmlquery.InnerText(span)
|
|||
|
|
eachVulnInfo.VulnInfos = strings.Replace(eachVulnInfo.VulnInfos, "\r", "", -1)
|
|||
|
|
eachVulnInfo.VulnInfos = strings.Replace(eachVulnInfo.VulnInfos, "\n", "", -1)
|
|||
|
|
eachVulnInfo.VulnInfos = strings.Replace(eachVulnInfo.VulnInfos, " ", "", -1)
|
|||
|
|
vulnInfos = append(vulnInfos, eachVulnInfo)
|
|||
|
|
}
|
|||
|
|
return
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
//先提取所有漏洞修复,再根据漏洞名称分配至每个漏洞内。
|
|||
|
|
func FindVulnSolution(vulnSolutionNode *html.Node) (solutionVulninfos []HtmlVulnInfo) {
|
|||
|
|
var count int
|
|||
|
|
var solutionVulnInfo HtmlVulnInfo
|
|||
|
|
nodes := htmlquery.Find(vulnSolutionNode, "//tr")
|
|||
|
|
for _, node := range nodes {
|
|||
|
|
//匹配修复表格中漏洞名称
|
|||
|
|
trClass := htmlquery.SelectAttr(node, "data-id")
|
|||
|
|
if trClass != "" {
|
|||
|
|
vulnName := htmlquery.InnerText(htmlquery.FindOne(node, "//td//span"))
|
|||
|
|
vulnName = strings.Replace(vulnName, "\r", "", -1)
|
|||
|
|
vulnName = strings.Replace(vulnName, "\n", "", -1)
|
|||
|
|
vulnName = strings.Replace(vulnName, " ", "", -1)
|
|||
|
|
solutionVulnInfo.VulnInfos = vulnName
|
|||
|
|
//println(vulnName)
|
|||
|
|
//漏洞等级
|
|||
|
|
spanClass := htmlquery.FindOne(node, "//span")
|
|||
|
|
className := htmlquery.SelectAttr(spanClass, "class")
|
|||
|
|
if className != "" {
|
|||
|
|
className = strings.Split(className, "_")[2]
|
|||
|
|
solutionVulnInfo.RiskLevel = GetChineseRiskLevel(className)
|
|||
|
|
//println(solutionVulnInfo.RiskLevel)
|
|||
|
|
}
|
|||
|
|
count += 1
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
trsolutionClass := htmlquery.SelectAttr(node, "class")
|
|||
|
|
if trsolutionClass == "solution" || trsolutionClass == "solution hide" {
|
|||
|
|
trsolutionTable := htmlquery.FindOne(node, "//table")
|
|||
|
|
GetSolutionInfo(trsolutionTable, &solutionVulnInfo)
|
|||
|
|
count += 1
|
|||
|
|
}
|
|||
|
|
if count == 2 {
|
|||
|
|
count = 0
|
|||
|
|
solutionVulninfos = append(solutionVulninfos, solutionVulnInfo)
|
|||
|
|
solutionVulnInfo = HtmlVulnInfo{}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
return
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func GetChineseRiskLevel(level string) (chineseLevel string) {
|
|||
|
|
if level == "low" {
|
|||
|
|
return "低"
|
|||
|
|
}
|
|||
|
|
if level == "middle" {
|
|||
|
|
return "中"
|
|||
|
|
}
|
|||
|
|
if level == "high" {
|
|||
|
|
return "高"
|
|||
|
|
}
|
|||
|
|
return "未定级"
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func GetSolutionInfo(htmlTable *html.Node, solutionVulnInfo *HtmlVulnInfo) {
|
|||
|
|
tr := htmlquery.Find(htmlTable, "//tr")
|
|||
|
|
for _, line := range tr {
|
|||
|
|
th := htmlquery.FindOne(line, "//th")
|
|||
|
|
|
|||
|
|
if htmlquery.InnerText(th) == "详细描述" {
|
|||
|
|
td := htmlquery.FindOne(line, "//td")
|
|||
|
|
text := htmlquery.InnerText(td)
|
|||
|
|
text = strings.Replace(text, "\r", "", -1)
|
|||
|
|
text = strings.Replace(text, "\n", "", -1)
|
|||
|
|
text = strings.Replace(text, " ", "", -1)
|
|||
|
|
solutionVulnInfo.Details = text
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
if htmlquery.InnerText(th) == "解决办法" {
|
|||
|
|
td := htmlquery.FindOne(line, "//td")
|
|||
|
|
text := htmlquery.InnerText(td)
|
|||
|
|
text = strings.Replace(text, "\r", "", -1)
|
|||
|
|
text = strings.Replace(text, "\n", "", -1)
|
|||
|
|
text = strings.Replace(text, " ", "", -1)
|
|||
|
|
solutionVulnInfo.Solution = text
|
|||
|
|
}
|
|||
|
|
if htmlquery.InnerText(th) == "CVE编号" {
|
|||
|
|
td := htmlquery.FindOne(line, "//td")
|
|||
|
|
text := htmlquery.InnerText(td)
|
|||
|
|
text = strings.Replace(text, "\r", "", -1)
|
|||
|
|
text = strings.Replace(text, "\n", "", -1)
|
|||
|
|
text = strings.Replace(text, " ", "", -1)
|
|||
|
|
solutionVulnInfo.CVENumber = text
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
if solutionVulnInfo.CVENumber == "" {
|
|||
|
|
solutionVulnInfo.CVENumber = "无cve编号"
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
func (RsasScanner RsasScanner) GenerateXlsx(output string) {
|
|||
|
|
filename := output + ".xlsx"
|
|||
|
|
|
|||
|
|
line := len(RsasScanner.AllVulnInfos)
|
|||
|
|
bar := progressbar.Default(int64(line))
|
|||
|
|
excel := excelize.NewFile()
|
|||
|
|
excel.NewSheet("主机漏洞清单")
|
|||
|
|
excel.SetSheetRow("主机漏洞清单", "A1", &[]string{"序号", "漏洞名称", "风险等级", "漏洞描述", "整改建议", "IP地址", "端口", "协议", "服务", "漏洞CVE编号", "版本"})
|
|||
|
|
|
|||
|
|
for i, infos := range RsasScanner.AllVulnInfos {
|
|||
|
|
bar.Add(1)
|
|||
|
|
axis := fmt.Sprintf("A%d", i+2)
|
|||
|
|
err := excel.SetSheetRow("主机漏洞清单", axis, &[]interface{}{
|
|||
|
|
i + 1,
|
|||
|
|
infos.VulnInfos,
|
|||
|
|
infos.RiskLevel,
|
|||
|
|
infos.Details,
|
|||
|
|
infos.Solution,
|
|||
|
|
infos.IpAddress,
|
|||
|
|
infos.Port,
|
|||
|
|
infos.Protocol,
|
|||
|
|
infos.Service,
|
|||
|
|
infos.CVENumber,
|
|||
|
|
infos.ServiceDetail,
|
|||
|
|
})
|
|||
|
|
if err != nil {
|
|||
|
|
println(err)
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
excel.DeleteSheet("Sheet1")
|
|||
|
|
|
|||
|
|
err := excel.SaveAs(filename)
|
|||
|
|
if err != nil {
|
|||
|
|
println(err.Error())
|
|||
|
|
} else {
|
|||
|
|
println("保存为:" + filename + ".xlsx")
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
//
|
|||
|
|
////检查是否有漏报情况
|
|||
|
|
//func CheckVulnHasAssetInfo() {}
|
|||
|
|
//
|
|||
|
|
////根据基线规则匹配是否排除漏洞 true 为满足基线
|
|||
|
|
//func JudgeWithBaseLine(vulnWithAsset VulnInfoWithAssetInfo) (bool, string) {
|
|||
|
|
//
|
|||
|
|
// if JudgeNginx(vulnWithAsset) {
|
|||
|
|
// return true, "nginx版本为 " + vulnWithAsset.HtmlVulnInfo.ServiceDetail + " ,符合基线要求,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// if JudgeTomcat(vulnWithAsset) {
|
|||
|
|
// return true, "tomcat版本为 " + vulnWithAsset.HtmlVulnInfo.ServiceDetail + " ,符合基线要求,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// if JudgeSql(vulnWithAsset) {
|
|||
|
|
// return true, vulnWithAsset.HtmlVulnInfo.VulnInfos + " 为数据库漏洞,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// if JudgeRedis(vulnWithAsset) {
|
|||
|
|
// return true, "redis版本为 " + vulnWithAsset.HtmlVulnInfo.ServiceDetail + " ,符合基线要求,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// if JudgeRabbitMQ(vulnWithAsset) {
|
|||
|
|
// return true, "RabbitMQ版本为 " + vulnWithAsset.HtmlVulnInfo.ServiceDetail + " ,符合基线要求,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// if JudgeOpenSSL(vulnWithAsset) {
|
|||
|
|
// return true, vulnWithAsset.HtmlVulnInfo.VulnInfos + " 为openssl漏洞,暂不处理"
|
|||
|
|
// }
|
|||
|
|
//
|
|||
|
|
|
|||
|
|
// if JudgeTls(vulnWithAsset) {
|
|||
|
|
// return true, vulnWithAsset.HtmlVulnInfo.VulnInfos + " 为ssl/tls漏洞,暂不处理"
|
|||
|
|
// }
|
|||
|
|
// return false, ""
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
////检查ng基线 true为符合基线
|
|||
|
|
//func JudgeNginx(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "nginx/") {
|
|||
|
|
// ngBanner := strings.Replace(vulnBanner, "nginx/", "", 1)
|
|||
|
|
// ngbaseInt, err := strconv.Atoi(strings.Replace(nginxVersion, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("nginx基线常量有问题: " + nginxVersion)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// ngBannerInt, err := strconv.Atoi(strings.Replace(ngBanner, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("nginx版本获取有问题!漏洞名称:" + vulnWithAsset.HtmlVulnInfo.VulnInfos + " ip: " + vulnWithAsset.HtmlVulnInfo.IpAddress + "ng信息: " + vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// ngBannerIntPrefix, err := strconv.Atoi(strings.Split(ngBanner, ".")[0] + strings.Split(ngBanner, ".")[1])
|
|||
|
|
// ngBaseIntPrefix, err := strconv.Atoi(strings.Split(nginxVersion, ".")[0] + strings.Split(nginxVersion, ".")[1])
|
|||
|
|
// if ngBannerInt >= ngbaseInt && ngBannerIntPrefix >= ngBaseIntPrefix {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// }
|
|||
|
|
//
|
|||
|
|
// return false
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
//func JudgeTomcat(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "tomcat/") {
|
|||
|
|
// tomcatBanner := strings.Replace(vulnBanner, "tomcat/", "", 1)
|
|||
|
|
// tomcatBanner = strings.Replace(tomcatBanner, ".tar", "", 1)
|
|||
|
|
// tomcatBanner = strings.Replace(tomcatBanner, " ", "", -1)
|
|||
|
|
// tomcatBaseInt, err := strconv.Atoi(strings.Replace(tomcatVersion, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("tomcat版本常量有问题: " + tomcatVersion)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// tomcatBannerInt, err := strconv.Atoi(strings.Replace(tomcatBanner, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("tomcat版本获取有问题!漏洞名称:" + vulnWithAsset.HtmlVulnInfo.VulnInfos + " ip: " + vulnWithAsset.HtmlVulnInfo.IpAddress + "ng信息: " + vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// tomcatBannerIntPrefix, err := strconv.Atoi(strings.Split(tomcatBanner, ".")[0] + strings.Split(tomcatBanner, ".")[1])
|
|||
|
|
// tomcatBaseIntPrefix, err := strconv.Atoi(strings.Split(tomcatVersion, ".")[0] + strings.Split(tomcatVersion, ".")[1])
|
|||
|
|
// if tomcatBannerInt >= tomcatBaseInt && tomcatBannerIntPrefix >= tomcatBaseIntPrefix {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// }
|
|||
|
|
// return false
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
////数据库类型匹配到就不修复
|
|||
|
|
//func JudgeSql(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "mysql/") {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// if strings.Contains(vulnBanner, "mariadb/") {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// if strings.Contains(vulnBanner, "mongodb/") {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
//
|
|||
|
|
// return false
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
//func JudgeRedis(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "redis/") {
|
|||
|
|
// redisBanner := strings.Replace(vulnBanner, "redis/", "", 1)
|
|||
|
|
// redisBaseInt, err := strconv.Atoi(strings.Replace(redisVersion, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("redis版本常量有问题: " + redisVersion)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// redisBannerInt, err := strconv.Atoi(strings.Replace(redisBanner, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("redis版本获取有问题!漏洞名称:" + vulnWithAsset.HtmlVulnInfo.VulnInfos + " ip: " + vulnWithAsset.HtmlVulnInfo.IpAddress + "ng信息: " + vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// redisBannerIntPrefix, err := strconv.Atoi(strings.Split(redisBanner, ".")[0] + strings.Split(redisBanner, ".")[1])
|
|||
|
|
// redisBaseIntPrefix, err := strconv.Atoi(strings.Split(redisVersion, ".")[0] + strings.Split(redisVersion, ".")[1])
|
|||
|
|
// if redisBannerInt >= redisBaseInt && redisBannerIntPrefix >= redisBaseIntPrefix {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// }
|
|||
|
|
// return false
|
|||
|
|
//
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
//func JudgeRabbitMQ(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "rabbitmq/") {
|
|||
|
|
// rabbitmqBanner := strings.Replace(vulnBanner, "rabbitmq/", "", 1)
|
|||
|
|
// rabbitmqBaseInt, err := strconv.Atoi(strings.Replace(RabbitMQ, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("RabbitMQ版本常量有问题: " + RabbitMQ)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// rabbitmqBannerInt, err := strconv.Atoi(strings.Replace(rabbitmqBanner, ".", "", -1))
|
|||
|
|
// if err != nil {
|
|||
|
|
// println("RabbitMQ版本获取有问题!漏洞名称:" + vulnWithAsset.HtmlVulnInfo.VulnInfos + " ip: " + vulnWithAsset.HtmlVulnInfo.IpAddress + "ng信息: " + vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// return false
|
|||
|
|
// }
|
|||
|
|
// rabbitmqBannerIntPrefix, err := strconv.Atoi(strings.Split(rabbitmqBanner, ".")[0] + strings.Split(rabbitmqBanner, ".")[1])
|
|||
|
|
// rabbitmqBaseIntPrefix, err := strconv.Atoi(strings.Split(RabbitMQ, ".")[0] + strings.Split(RabbitMQ, ".")[1])
|
|||
|
|
// if rabbitmqBannerInt >= rabbitmqBaseInt && rabbitmqBannerIntPrefix >= rabbitmqBaseIntPrefix {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// }
|
|||
|
|
// return false
|
|||
|
|
//
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
//func JudgeOpenSSL(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnBanner := strings.ToLower(vulnWithAsset.HtmlVulnInfo.ServiceDetail)
|
|||
|
|
// if strings.Contains(vulnBanner, "openssl/") && strings.Contains(strings.ToLower(vulnWithAsset.HtmlVulnInfo.VulnInfos), "openssl") {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// return false
|
|||
|
|
//}
|
|||
|
|
//
|
|||
|
|
//func JudgeTls(vulnWithAsset VulnInfoWithAssetInfo) bool {
|
|||
|
|
// vulnName := strings.ToLower(vulnWithAsset.HtmlVulnInfo.VulnInfos)
|
|||
|
|
// if strings.Contains(vulnName, "ssl/tls") || strings.Contains(vulnName, "tlsclient") {
|
|||
|
|
// return true
|
|||
|
|
// }
|
|||
|
|
// return false
|
|||
|
|
//}
|