Create nsfocus_bug_excel_update.py

RSAS V6.0R02F04SP03
2019-05-28 13:56:50 +08:00
parent faa6aadd9d
commit 5d44f4f8af
1 changed files with 155 additions and 0 deletions
--- a/nsfocus_bug_excel_update.py
+++ b/nsfocus_bug_excel_update.py
@@ -0,0 +1,155 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+# @Time    : 2019/05/27 10:37
+# @Author  : 852782749@qq.com
+# @File    : nsfocus_bug_excel_update.py
+# @Software: PyCharm
+'''将文件放在要处理的绿盟科技漏洞扫描综合报表内，自动识别index.html文件，会生成三个文件
+在当前目录下执行python nsfocus_bug_excel.py
+需要导入第三方库xlwt库、BeautifulSoup库、lxml库
+'''
+import time
+'''time.strftime('%Y-%m-%d.xls')'''
+import xlwt
+import sys
+reload(sys)
+sys.setdefaultencoding('utf-8')
+try:
+    from bs4 import BeautifulSoup
+except ImportError:
+    raise SystemExit('\n[!]python html库——BeautifulSoup导入错误;请执行 pip install BeautifulSoup安装!')
+import re
+import lxml
+'''
+脚本是用来获取绿盟漏洞扫描设备的html版本报告的漏洞信息的，包括主机，漏洞名称，漏洞描述，修复建议，CVE编号
+#buglv = ['high','middle','low']分别对应高中低三种类型的漏洞。
+'''
+soup = BeautifulSoup(open('index.html'),"lxml")
+#print soup.contents
+data = str(soup.find_all("div",{"class":'report_content'})).decode('unicode_escape')
+#删除空格、换行等特殊字符
+data = filter(lambda x:x not in ['\n','\r',' ','\t'],data)
+#print data
+#共有8个此处DIV，每处对应一章节
+#使用split分出每一章节
+data_list=data.split("report_content")
+#print data_list[4]
+data_bug_list = data_list[4]
+#print data_bug_list
+buglv = ['high','middle','low']
+#buglv = ['high']
+def bug_level(bug_lv):
+    #定义获取漏洞list(漏洞名称,详细信息,解决方案,CVE编号等,)
+    # 正则bug_lv为风险等级分为high,middle,low分别对应风险等级高中低;
+    # data_bug_list为全局变量，值是漏洞数据;
+    #返回bug_r_list为匹配到的漏洞数据list
+    bug_r = r'<trclass="\w*?vuln_'+bug_lv+'".*?</td></tr></table></td></tr>'
+    bug_r_re = re.compile(bug_r)
+    bug_r_list = re.findall(bug_r_re, data_bug_list)
+    return bug_r_list
+def vnln_hosts(bug_hosts):
+    # 匹配受影响主机
+    #data_host实参是漏洞信息中受影响主机
+    # bug_host_r_list是返回的受影响主机
+    bug_host_r = r'vulnhostHtml/hosts_(.*?).html'
+    # soup=BeautifulSoup(open('bug_host_r'),"lxml")
+    bug_host_r_re = re.compile(bug_host_r)
+    #print bug_host_r_re
+    bug_host_r_list = re.findall(bug_host_r_re, bug_hosts)
+    #print len(bug_host_r_list)
+    for num1 in range(len(bug_host_r_list)):
+#    for num1 in range(12,13):
+        html1 = 'vulnhostHtml/hosts_' + bug_host_r_list[num1] + '.html'
+        #print html1
+        soup1 = BeautifulSoup(open(html1), "lxml")
+        data1 = str(soup1.find_all("table", {"class": 'report_table'})).decode('unicode_escape')
+        data1 = filter(lambda x: x not in ['\n', '\r', ' ', '\t'], data1)
+        #print data1
+        re_host_r = r'host/(.*?).html'
+        re_host_r_r = re.compile(re_host_r)
+        re_host_r_list = re.findall(re_host_r_r, data1)
+        #print len(re_host_r_list)
+        return re_host_r_list
+
+def bug_main(bug_bug):
+    index =1
+    file = xlwt.Workbook()
+    # excel 第一行数据
+    excel_headDatas = [u'受影响主机', u'漏洞等级', u'漏洞名称', u'漏洞描述', u'修复建议', u'CVE编号']
+    table = file.add_sheet(u'漏洞数据', cell_overwrite_ok=True)
+    fist = 0
+    for data in excel_headDatas:
+        table.write(0, fist, data)
+        fist += 1
+    for i in range(len(bug_bug)):
+#    for i in range(1):
+        #print u'当前进行第%s个' %(i+1)
+        bug_n_r = r'trclass=".*?vuln_(.*?)"onclick.*?<spanstyle="color:.*?">(.*?)</span><!--<span'
+        bug_n_re = re.compile(bug_n_r)
+        bug_n_list = re.findall(bug_n_re, bug_bug[i])
+
+        bug_x_r = u'<!--<span.*?<th>详细描述</th><td>(.*?)</td></tr>'
+        bug_x_re = re.compile(bug_x_r)
+        bug_x_list = re.findall(bug_x_re,bug_bug[i])
+
+        bug_j_r = u'解决办法</th><td>(.*?)</td></tr>'
+        bug_j_re = re.compile(bug_j_r)
+        bug_j_list = re.findall(bug_j_re,bug_bug[i])
+
+        bug_c_r = r'target="_blank">(CVE.*?)</a></td></tr>'
+        bug_c_re = re.compile(bug_c_r)
+        bug_c_list = re.findall(bug_c_re,bug_bug[i])
+        for hs in range(len(vnln_hosts(bug_bug[i]))):
+            if len(bug_n_list)!=0:
+                bug_lv = bug_n_list[0][0]
+                bug_name = bug_n_list[0][1]
+            else:
+                bug_lv = ''
+                bug_name = ''
+            if len(bug_x_list)!=0:
+                bug_xin = bug_x_list[0]
+            else:
+                bug_xin = u'无'
+            if len(bug_j_list)!=0:
+                bug_jie = bug_j_list[0]
+            else:
+                bug_jie = u'无'
+            if len(bug_c_list)!=0:
+                #print bug_c_list
+                if 'blank' in bug_c_list[0]:
+                    #print bug_c_list
+                    cvem = '>'+bug_c_list[0]+'</a>'
+                    #print cvem
+                    bug_cve_r = r'>(CVE.*?)</a>'
+                    bug_cve_re = re.compile(bug_cve_r)
+                    bug_cve_list = re.findall(bug_cve_re,cvem)
+                    #print bug_cve_list
+                    #print len(bug_cve_list)
+                    bug_cve = ','.join(bug_cve_list)
+                    #print bug_cve
+                else:
+                    #print bug_c_list
+                    bug_cve = bug_c_list[0]
+            else:
+                bug_cve = u'无'
+            print vnln_hosts(bug_bug[i])[hs]+'Analogy'+bug_lv+bug_name+'Analogy'+bug_xin+'Analogy'+bug_jie+'Analogy'+bug_cve
+            print(vnln_hosts(bug_bug[i])[hs]+bug_lv+bug_name+bug_xin+bug_jie+bug_cve+'\n')
+            test_list = []
+            test_list.append(vnln_hosts(bug_bug[i])[hs])
+            test_list.append(bug_lv)
+            test_list.append(bug_name)
+            test_list.append(bug_xin)
+            test_list.append(bug_jie)
+            test_list.append(bug_cve)
+            #print test_list
+            for j in range(len(test_list)):
+                table.write(index,j,test_list[j])
+                print index
+            index +=1
+    file.save(time.strftime('%Y-%m-%d-%H-%S.xls'))
+    time.sleep(2)
+def main():
+    for bug in range(len(buglv)):
+        bug_main(bug_level(buglv[bug]))
+if __name__ == '__main__':
+    main()