zoukankan      html  css  js  c++  java
  • python打造漏洞数据导出工具

       功能

    • [x] 支持导出的数据:IP地址、漏洞名称、风险等级、整改建议、漏洞描述、漏洞CVE编号、漏洞对应端口、漏洞对应协议、漏洞对应服务等。
    • [x] 导出不同端口的同一个漏洞,也就是一个端口对应一个漏洞,保证导出漏洞的完整性。
    • [x] 导出端口和导出网站为单独的功能,导出网站的功能是采用正则去匹配http、www这两个服务。
    • import os
      import re
      import sys
      import html
      import queue
      import shutil
      import zipfile
      import datetime
      import openpyxl
      import images_ico
      import PyQt5.sip
      from PyQt5.QtGui import QIcon
      from PyQt5 import QtCore, QtGui, QtWidgets
      from openpyxl.styles import PatternFill, Font, Alignment, Border, Side
      
      class Vul_re(object):
          def __init__(self):
              super(Vul_re, self).__init__()
              self.vul_list_re = '<python>ip<python>.*?<python>host<python>.*?<td valign="top".*?<th width="120">IP地址</th>.*?<td>(.*?)</td>.*?</td>.*?<python>host</python>.*?<python>vul_list<python>(.*?)<python>vul_list</python>.*?<python>ip</python>'
              self.vul_ip_re = '(<python>ip<python>.*?<python>ip</python>)'
              self.vul_detail_re = '<python>vul_detail<python>(.*?)<python>vul_detail</python>'
              self.vul_details_re = '<python>vul_details<python>(.*?)<python>vul_details</python>'
      
              self.danger_re = '<span class="level_danger_(.*?)".*?table_d_(d+).*?>(.*?)</span>'
              self.title_re = '<python>title<python>(.*?)<python>title</python>'
              self.time_re = '<python>host<python>.*?(d+-d+-d+).*?<python>host</python>'
              self.other_re = '<td class="vul_port">(.*?)</td>.*?<td>(.*?)</td>.*?<td>(.*?)</td>.*?<td>.*?<ul>(.*?)</ul>'
      
      class File_re(object):
          def __init__(self):
              super(File_re, self).__init__()
              self.file_re = '.*?.zip'
              self.uzip_re = '.*?.html'
              self.all_title_re = '<th width="120">任务名称</th>.*?<td>(.*?)</td>'
              self.vul_list_re = '(<table id="vuln_list" class="report_table">.*?</table>)'
              self.vul_detail_re = '(<div id="vul_detail">.*?</div>)'
              self.vul_details_re = '(<tr class="solution.*?">.*?<td>.*?<table class="report_table plumb".*?>.*?</table>.*?</td>.*?</tr>)'
              self.host_re = '(<td valign="top" style="50%;">.*?<table class="report_table plumb">.*?<tbody>.*?<th width="120">IP地址</th>.*?</tbody>.*?</table></td>)'
      
      class Vul_content(object):
          def __init__(self,vul_re):
              super(Vul_content, self).__init__()
              self.vul_ip_content = re.findall(vul_re.vul_ip_re,htmlcont,re.S|re.M)
              self.vul_detail_content = re.findall(vul_re.vul_detail_re,htmlcont,re.S|re.M)
      
      class Solve_re(object):
          def __init__(self):
              super(Solve_re, self).__init__()
              self.solve_re = '<th width="100">解决办法</th>.*?<td>(.*?)</td>'
              self.describe_re = '<tr class="solution.*?table_d_(d+).*?<th width="100">详细描述</th>.*?<td>(.*?)</td>'
              self.cve_re = '<th width="100">CVE编号</th>.*?<td><a target=.*?>(.*?)</a>.*?</td>'
      
      class Other(object):
          def __init__(self, vul_re, all_vuln_list):
              super(Other, self).__init__()
              self.all_other = re.findall(vul_re.other_re,all_vuln_list,re.S|re.M)
      
      class Danger(object):
          def __init__(self, vul_re, other):
              super(Danger, self).__init__()
              self.danger_coneent = re.findall(vul_re.danger_re,other,re.S|re.M)
      
      class Solve(object):
          def __init__(self, solve, all_vul_details):
              super(Solve, self).__init__()
              self.solve_plumb = re.findall(solve.solve_re,all_vul_details,re.S|re.M)
              self.describe_plumb = re.findall(solve.describe_re,all_vul_details,re.S|re.M)
              self.cve_plumb = re.findall(solve.cve_re,all_vul_details,re.S|re.M)
      
      class Port_File_re(object):
          def __init__(self):
              super(Port_File_re, self).__init__()
              self.file_re = '.*?.zip'
              self.uzip_re = '.*?.html'
              self.all_title_re = '<th width="120">任务名称</th>.*?<td>(.*?)</td>'
              self.host_re = '<th width="120">IP地址</th>.*?<td>(d+.d+.d+.d+)</td>.*?<th>扫描起始时间</th>.*?<td>(d+-d+-d+).*?</td>.*?<thead>.*?<th>端口</th>.*?<th>协议</th>.*?<th>服务</th>.*?<th>状态</th>.*?</thead>.*?<tbody>(.*?)</tbody>'
              self.port_re = '<tr class=".*?<td>(.*?)</td>.*?<td>(.*?)</td>.*?<td>(.*?)</td>.*?<td>(.*?)</td>.*?</tr>'
              self.http_re = '.*?http.*?'
              self.https_re = '.*?https.*?'
              self.www_re = '.*?www.*?'
      
      class Ui_MainWindow(object):
          def setupUi(self, MainWindow):
      
              try:
                  with open('set.ini') as set_ini:
                      name_ini = set_ini.readlines()[:1][0].split(':')[1].strip(' 
      ')
                  with open('set.ini') as set_ini:
                      company_ini = set_ini.readlines()[1:2][0].split(':')[1].strip(' 
      ')
              except Exception as e:
                  QtWidgets.QMessageBox.information(MainWindow, "提示", "找不到配置文件,请查看使用说明!", QtWidgets.QMessageBox.Yes | QtWidgets.QMessageBox.No ,  QtWidgets.QMessageBox.Yes )
      
              font = QtGui.QFont()
              font.setFamily("宋体")
              font.setPointSize(10)
              MainWindow.setFont(font)
              #定义程序的标题
              MainWindow.setWindowTitle('RSAS漏洞数据导出工具1.5')
              #设定程序的最大分辨率,禁止最大化、拖动窗口
              MainWindow.setFixedSize(520, 310)
              #设置图标
              MainWindow.setWindowIcon(QIcon(':/favicon.ico'))
              #获取显示器的分辨率
              screen = QtWidgets.QDesktopWidget().screenGeometry()
              #获取程序的宽和高
              size = MainWindow.geometry()
              #实现在屏幕中间显示程序
              MainWindow.move((screen.width() - size.width())/2, (screen.height() - size.height())/2)
      
              #这是底部的状态栏
              MainWindow.status = MainWindow.statusBar()
              MainWindow.status.showMessage("检查人员:%s  所属公司:%s" % (name_ini,company_ini))
      
              #这是一个框架,用来固定按钮用的
              self.formLayoutWidget = QtWidgets.QWidget(MainWindow)
              self.formLayoutWidget.setGeometry(QtCore.QRect(10, 10, 411, 54))
              self.formLayoutWidget.setObjectName("formLayoutWidget")
              self.formLayout = QtWidgets.QFormLayout(self.formLayoutWidget)
              self.formLayout.setContentsMargins(0, 0, 0, 0)
              self.formLayout.setObjectName("formLayout")
              #文字:原始报告路径
              self.input_label = QtWidgets.QLabel(self.formLayoutWidget)
              self.input_label.setObjectName("input_label")
              self.formLayout.setWidget(0, QtWidgets.QFormLayout.LabelRole, self.input_label)
              #文字:输出报告路径
              self.output_label = QtWidgets.QLabel(self.formLayoutWidget)
              self.output_label.setObjectName("output_label")
              self.formLayout.setWidget(2, QtWidgets.QFormLayout.LabelRole, self.output_label)
              #原始报告路径后边的文本框
              self.input_lineEdit = QtWidgets.QLineEdit(self.formLayoutWidget)
              self.input_lineEdit.setObjectName("input_lineEdit")
              self.formLayout.setWidget(0, QtWidgets.QFormLayout.FieldRole, self.input_lineEdit)
              #输出报告路径后边的文本框
              self.output_lineEdit = QtWidgets.QLineEdit(self.formLayoutWidget)
              self.output_lineEdit.setObjectName("output_lineEdit")
              self.formLayout.setWidget(2, QtWidgets.QFormLayout.FieldRole, self.output_lineEdit)
              #框架的结束部分
              spacerItem = QtWidgets.QSpacerItem(20, 40, QtWidgets.QSizePolicy.Minimum, QtWidgets.QSizePolicy.Expanding)
              self.formLayout.setItem(1, QtWidgets.QFormLayout.LabelRole, spacerItem)
              #这玩意就是打开路径按钮的框架
              self.start_verticalLayoutWidget = QtWidgets.QWidget(MainWindow)
              self.start_verticalLayoutWidget.setGeometry(QtCore.QRect(423, 2, 91, 71))
              self.start_verticalLayoutWidget.setObjectName("start_verticalLayoutWidget")
              self.start_verticalLayout = QtWidgets.QVBoxLayout(self.start_verticalLayoutWidget)
              self.start_verticalLayout.setContentsMargins(0, 0, 0, 0)
              self.start_verticalLayout.setObjectName("start_verticalLayout")
              #这是原始报告路径后边的文本框后边的打开路径按钮
              self.input_Button = QtWidgets.QPushButton(self.start_verticalLayoutWidget)
              self.input_Button.setObjectName("input_Button")
              self.start_verticalLayout.addWidget(self.input_Button)
              self.input_Button.clicked.connect(self.input_Button_click)
              #这是输出报告路径后边的文本框后边的打开路径按钮
              self.output_Button = QtWidgets.QPushButton(self.start_verticalLayoutWidget)
              self.output_Button.setObjectName("output_Button")
              self.start_verticalLayout.addWidget(self.output_Button)
              self.output_Button.clicked.connect(self.output_Button_click)
              #这又是一个框架,固定用的
              self.horizontalLayoutWidget = QtWidgets.QWidget(MainWindow)
              self.horizontalLayoutWidget.setGeometry(QtCore.QRect(10, 75, 411, 21))
              self.horizontalLayoutWidget.setObjectName("horizontalLayoutWidget")
              self.horizontalLayout = QtWidgets.QHBoxLayout(self.horizontalLayoutWidget)
              self.horizontalLayout.setContentsMargins(0, 0, 0, 0)
              self.horizontalLayout.setObjectName("horizontalLayout")
              #文字:选择导出数据
              self.data_label = QtWidgets.QLabel(self.horizontalLayoutWidget)
              self.data_label.setObjectName("data_label")
              self.horizontalLayout.addWidget(self.data_label)
              #复选框:高危
              self.hight_checkBox = QtWidgets.QCheckBox(self.horizontalLayoutWidget)
              self.hight_checkBox.setObjectName("hight_checkBox")
              self.horizontalLayout.addWidget(self.hight_checkBox)
              #复选框:中危
              self.middle_checkBox = QtWidgets.QCheckBox(self.horizontalLayoutWidget)
              self.middle_checkBox.setObjectName("middle_checkBox")
              self.horizontalLayout.addWidget(self.middle_checkBox)
              #复选框:低危
              self.low_checkBox = QtWidgets.QCheckBox(self.horizontalLayoutWidget)
              self.low_checkBox.setObjectName("low_checkBox")
              self.horizontalLayout.addWidget(self.low_checkBox)
              #复选框:端口
              self.port_checkBox = QtWidgets.QCheckBox(self.horizontalLayoutWidget)
              self.port_checkBox.setObjectName("port_checkBox")
              self.horizontalLayout.addWidget(self.port_checkBox)
              #复选框:网站
              self.web_checkBox = QtWidgets.QCheckBox(self.horizontalLayoutWidget)
              self.web_checkBox.setObjectName("web_checkBox")
              self.horizontalLayout.addWidget(self.web_checkBox)
              #这又是一个框架
              self.end_verticalLayoutWidget = QtWidgets.QWidget(MainWindow)
              self.end_verticalLayoutWidget.setGeometry(QtCore.QRect(423, 69, 91, 31))
              self.end_verticalLayoutWidget.setObjectName("end_verticalLayoutWidget")
              self.end_verticalLayout = QtWidgets.QVBoxLayout(self.end_verticalLayoutWidget)
              self.end_verticalLayout.setContentsMargins(0, 0, 0, 0)
              self.end_verticalLayout.setObjectName("end_verticalLayout")
              #按钮:开始导出
              self.start_Button = QtWidgets.QPushButton(self.end_verticalLayoutWidget)
              self.start_Button.setObjectName("start_Button")
              self.start_Button.clicked.connect(self.start_Button_click)
              #框架结尾
              self.end_verticalLayout.addWidget(self.start_Button)
              #文字:详细输出日志
              self.log_label = QtWidgets.QLabel(MainWindow)
              self.log_label.setGeometry(QtCore.QRect(10, 101, 91, 21))
              self.log_label.setObjectName("log_label")
              #详细输出日志的文本框
              self.log_textEdit = QtWidgets.QTextEdit(MainWindow)
              self.log_textEdit.setGeometry(QtCore.QRect(10, 120, 501, 171))
              self.log_textEdit.setObjectName("log_textEdit")
      
              self.retranslateUi(MainWindow)
              QtCore.QMetaObject.connectSlotsByName(MainWindow)
      
          def retranslateUi(self, MainWindow):
              _translate = QtCore.QCoreApplication.translate
              self.input_label.setText(_translate("MainWindow", "原始报告路径:"))
              self.output_label.setText(_translate("MainWindow", "输出报告路径:"))
              self.input_Button.setText(_translate("MainWindow", "打开路径"))
              self.output_Button.setText(_translate("MainWindow", "打开路径"))
              self.data_label.setText(_translate("MainWindow", "选择导出数据:"))
              self.hight_checkBox.setText(_translate("MainWindow", "高危"))
              self.middle_checkBox.setText(_translate("MainWindow", "中危"))
              self.low_checkBox.setText(_translate("MainWindow", "低危"))
              self.port_checkBox.setText(_translate("MainWindow", "端口"))
              self.web_checkBox.setText(_translate("MainWindow", "网站"))
              self.start_Button.setText(_translate("MainWindow", "开始导出"))
              self.log_label.setText(_translate("MainWindow", "详细输出日志:"))
      
          #原始报告路径的按钮
          def input_Button_click(self):
              self.input_Button_cent = QtWidgets.QFileDialog.getExistingDirectory(MainWindow)
              self.input_lineEdit.setText(self.input_Button_cent)
      
          #输出报告路径的按钮
          def output_Button_click(self):
              self.output_Button_cent = QtWidgets.QFileDialog.getExistingDirectory(MainWindow)
              self.output_lineEdit.setText(self.output_Button_cent)
      
          #开始导出的按钮
          def start_Button_click(self):
              #复选框事件
              self.hight_status = self.hight_checkBox.isChecked()
              self.middle_status = self.middle_checkBox.isChecked()
              self.low_status = self.low_checkBox.isChecked()
              self.port_status = self.port_checkBox.isChecked()
              self.web_status = self.web_checkBox.isChecked()
      
              try:
                  folder_end = self.output_Button_cent
                  folder_start = self.input_Button_cent
              except Exception as e:
                  QtWidgets.QMessageBox.information(MainWindow, "提示", "要先设置文件夹!", QtWidgets.QMessageBox.Yes | QtWidgets.QMessageBox.No ,  QtWidgets.QMessageBox.Yes )
                  return e
              else:
                  try:
                      with open('set.ini') as set_ini:
                          name_ini = set_ini.readlines()[:1][0].split(':')[1].strip(' 
      ')
                      with open('set.ini') as set_ini:
                          company_ini = set_ini.readlines()[1:2][0].split(':')[1].strip(' 
      ')
                  except Exception as e:
                      QtWidgets.QMessageBox.information(MainWindow, "提示", "找不到配置文件,请查看使用说明!", QtWidgets.QMessageBox.Yes | QtWidgets.QMessageBox.No ,  QtWidgets.QMessageBox.Yes )
                      return e
      
              try:
                  shutil.rmtree('temp')
              except Exception as e:
                  pass
      
              try:
                  shutil.rmtree(folder_end+'/汇总-漏洞跟踪表')
              except Exception as e:
                  pass
      
              try:
                  shutil.rmtree(folder_end+'/汇总-端口对应关系表')
              except Exception as e:
                  pass
      
              try:
                  shutil.rmtree(folder_end+'/汇总-WEB网站')
              except Exception as e:
                  pass
      
              if self.hight_status or self.middle_status or self.low_status == True:
                  starttime = datetime.datetime.now()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('正在提取数据,这个过程可能很慢,请耐心等待!' + '
      ')
                  QtWidgets.QApplication.processEvents()
      
                  os.mkdir('temp')
                  with open('temp/database.mdb', 'w',encoding='gb18030') as content:
                      content.write('')
      
                  dirList = os.listdir(folder_start)
                  for name in dirList:
                      all_file_name = re.findall(File_re().file_re,name)
                      for file_name in all_file_name:
                          uzip = zipfile.ZipFile(folder_start+'/'+file_name)
                          for uzip_content in uzip.namelist():
                              all_uzip_content = re.findall(File_re().uzip_re,uzip_content)
                              for all_uzip in all_uzip_content:
                                  htmlcont_zip = uzip.open(all_uzip).read().decode('utf8')
                                  title = re.findall(File_re().all_title_re,htmlcont_zip,re.S|re.M)
                                  for title_content in title:
                                      with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                          content.write('<python>title<python>')
                                          content.write(html.unescape(title_content))
                                          content.write('<python>title</python>
      ')
      
                                      with open('temp/database.mdb','a',encoding='gb18030') as content:
                                          content.write('temp/'+html.unescape(title_content)+'.mdb
      ')
      
                                  host = re.findall(File_re().host_re,htmlcont_zip,re.S|re.M)
                                  for host_content in host:
                                      with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                          content.write('<python>ip<python>
      ')
                                          content.write('<python>host<python>
      ')
                                          content.write(html.unescape(host_content))
                                          content.write('
      <python>host</python>
      ')
      
                                  vul_list = re.findall(File_re().vul_list_re,htmlcont_zip,re.S|re.M)
                                  for list_content in vul_list:
                                      with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                          content.write('<python>vul_list<python>
      ')
                                          content.write(html.unescape(list_content))
                                          content.write('
      <python>vul_list</python>
      ')
      
                                  vul_detail = re.findall(File_re().vul_detail_re,htmlcont_zip,re.S|re.M)
                                  for detail_content in vul_detail:
                                      with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                          content.write('<python>vul_detail<python>
      ')
      
                                      vul_details = re.findall(File_re().vul_details_re,detail_content,re.S|re.M)
                                      for list_details in vul_details:
                                          with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                              content.write('<python>vul_details<python>
      ')
                                              content.write(html.unescape(list_details))
                                              content.write('
      <python>vul_details</python>
      ')
      
                                  with open('temp/%s.mdb'%title_content, 'a',encoding='gb18030') as content:
                                      content.write('
      <python>vul_detail</python>
      ')
                                      content.write('<python>ip</python>
      ')
      
                          self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                          self.log_textEdit.insertPlainText('提取 %s'%file_name + ' 完成!
      ')
                          QtWidgets.QApplication.processEvents()
      
                  vul_list = queue.Queue()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('数据提取完成,正在生成漏洞跟踪表...
      ')
                  QtWidgets.QApplication.processEvents()
                  os.mkdir(folder_end+'/汇总-漏洞跟踪表')
      
                  vul_re = Vul_re()
      
                  with open('temp/database.mdb',encoding='gb18030') as content:
                      for zip_content in content:
                          vul_all_list = []
                          vul_all_detail = []
      
                          zip_cont = zip_content.strip('
      
      ')
                          content = open(zip_cont,'r',encoding='gb18030')
                          global htmlcont
                          htmlcont = content.read()
                          content.close()
      
                          sheet_name =  re.findall(vul_re.title_re,htmlcont,re.S|re.M)[0]
                          sheet_time =  re.findall(vul_re.time_re,htmlcont,re.S|re.M)[0]
                          self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                          self.log_textEdit.insertPlainText('正在导出 %s
      ' % sheet_name)
                          QtWidgets.QApplication.processEvents()
      
                          wb = openpyxl.Workbook()
                          ws = wb.active
                          ws.title = '漏洞数据'
                          ws.column_dimensions['A'].width = 6
                          ws.column_dimensions['B'].width = 13
                          ws.column_dimensions['C'].width = 24
                          ws.column_dimensions['D'].width = 11
                          ws.column_dimensions['E'].width = 11
                          ws.column_dimensions['F'].width = 53
                          ws.column_dimensions['G'].width = 6
                          ws.column_dimensions['H'].width = 6
                          ws.column_dimensions['I'].width = 53
                          ws.column_dimensions['J'].width = 53
                          ws.column_dimensions['K'].width = 15
                          ws.column_dimensions['L'].width = 11
                          ws.column_dimensions['M'].width = 13
                          ws.column_dimensions['N'].width = 13
                          ws.column_dimensions['O'].width = 13
                          ws.column_dimensions['P'].width = 16
                          ws.column_dimensions['Q'].width = 13
                          ws.column_dimensions['S'].width = 9
                          ws.column_dimensions['T'].width = 9
                          ws.column_dimensions['U'].width = 9
                          ws.column_dimensions['V'].width = 9
                          ws.column_dimensions['W'].width = 9
                          ws.column_dimensions['X'].width = 9
                          ws.column_dimensions['Y'].width = 11
      
                          ws['A3'] = '序号'
                          ws['B3'] = '主机名'
                          ws['C3'] = 'IP地址'
                          ws['D3'] = '漏洞对应端口'
                          ws['E3'] = '漏洞对应服务'
                          ws['F3'] = '漏洞名称'
                          ws['G3'] = '风险分类'
                          ws['H3'] = '风险等级'
                          ws['I3'] = '整改建议'
                          ws['J3'] = '漏洞描述'
                          ws['K3'] = '漏洞CVE编号'
                          ws['L3'] = '漏洞对应协议'
                          ws['M3'] = '是否已备案'
                          ws['N3'] = '是否已整改'
                          ws['O3'] = '%s核实是否已经整改' % company_ini
                          ws['P3'] = '漏洞复核时间'
                          ws['Q3'] = '备注'
                          ws['S1'] = '高风险总数'
                          ws['T1'] = '中风险总数'
                          ws['U1'] = '修补高风险数'
                          ws['V1'] = '修补中风险数'
                          ws['W1'] = '高风险修补率'
                          ws['X1'] = '中风险修补率'
                          ws['Y1'] = '总修补率'
                          ws['S2'].value = '=COUNTIF(H:H,"高")'
                          ws['T2'].value = '=COUNTIF(H:H,"中")'
                          ws['U2'].value = '=COUNTIFS(H:H,"高",O:O,"已完成整改")'
                          ws['V2'].value = '=COUNTIFS(H:H,"中",O:O,"已完成整改")'
                          ws['W2'].value = '=IF(S2=0,"无高风险漏洞",TEXT(U2/S2,"0.00%"))'
                          ws['X2'].value = '=IF(T2=0,"无中风险漏洞",TEXT(V2/T2,"0.00%"))'
                          ws['Y2'].value = '=TEXT((U2+V2)/(S2+T2),"0.00%")'
      
                          ws['A1'] = '高中风险漏洞整改情况跟踪表'
                          ws.merge_cells('A1:Q1')
                          ws['A2'] = '系统名称'
                          ws.merge_cells('A2:B2')
                          ws['C2'] = ''
                          ws.merge_cells('C2:F2')
                          ws['G2'] = '管理员'
                          ws.merge_cells('G2:H2')
                          ws['K2'] = '检查人员'
                          ws['L2'] = '%s'% name_ini 
                          ws.merge_cells('L2:M2')
                          ws['O2'] = '检查时间'
                          ws['P2'] = '%s' % sheet_time
                          ws.merge_cells('P2:Q2')
      
                          # 样式
                          font = Font(size=10, name='宋体')
                          thin = Side(border_style="thin")
                          border = Border(left=thin, right=thin, top=thin, bottom=thin)
                          # 对齐
                          alignment = Alignment(horizontal="center", vertical="center", wrap_text=True)
      
                          #设置第三行的格式
                          title_font = Font(size=12, bold=True, name='宋体', color= "ff0000")
                          ws.row_dimensions[3].height = 45
                          for title_style in ws['A3:L3']:
                              for title_cell in title_style:
                                  title_cell.font = title_font
                                  title_cell.border = border
                                  title_cell.alignment = alignment
      
                          #设置第三行的格式
                          title_end_font = Font(size=12, bold=True, name='宋体', color= "0000FF")
                          ws.row_dimensions[3].height = 45
                          for title_end_style in ws['M3:Q3']:
                              for title_cell in title_end_style:
                                  title_cell.font = title_end_font
                                  title_cell.border = border
                                  title_cell.alignment = alignment
      
                          #设置第一行的格式
                          one_font = Font(size=20, bold=True, name='宋体')
                          ws.row_dimensions[1].height = 45
                          for one_style in ws['A1:L1']:
                              for one_cell in one_style:
                                  one_cell.font = one_font
                                  one_cell.border = border
                                  one_cell.alignment = alignment
                                  one_cell.fill = openpyxl.styles.PatternFill(fill_type='solid',fgColor="008000")
      
                          #设置第二行的格式
                          two_font = Font(size=14, bold=True, name='宋体')
                          ws.row_dimensions[2].height = 20
                          for one_style in ws['A2:Q2']:
                              for one_cell in one_style:
                                  one_cell.font = two_font
                                  one_cell.border = border
                                  one_cell.alignment = alignment
                                  one_cell.fill = openpyxl.styles.PatternFill(fill_type='solid',fgColor="008000")
      
                          #设置统计的格式
                          count_font = Font(size=12, bold=True, name='宋体')
                          for count_style in ws['S1:Y2']:
                              for count_cell in count_style:
                                  count_cell.font = count_font
                                  count_cell.border = border
                                  count_cell.alignment = alignment
      
                          count_red = openpyxl.styles.PatternFill(fill_type='solid',fgColor="FF5353")
                          count_yellow = openpyxl.styles.PatternFill(fill_type='solid',fgColor="FCCC2C")
                          ws['S1'].fill = count_red
                          ws['U1'].fill = count_red
                          ws['W1'].fill = count_red
                          ws['T1'].fill = count_yellow
                          ws['V1'].fill = count_yellow
                          ws['X1'].fill = count_yellow
                          ws['Y1'].fill = openpyxl.styles.PatternFill(fill_type='solid',fgColor="008000")
      
                          vul_content = Vul_content(vul_re)
      
                          for all_vul_ip in vul_content.vul_ip_content:
                              vul_list_content = re.findall(vul_re.vul_list_re,all_vul_ip,re.S|re.M)
                              for all_vul_list in vul_list_content:
                                  for other in Other(vul_re,all_vul_list[1]).all_other:
                                      for danger in Danger(vul_re,other[3]).danger_coneent:
                                          vul_all_list.append([danger[1],all_vul_list[0],danger[2],danger[0].replace('low','低').replace('middle','中').replace('high','高'),other[0],other[1],other[2]])
      
                          for all_vul_detail in vul_content.vul_detail_content:
                              vul_details_content = re.findall(vul_re.vul_details_re,all_vul_detail,re.S|re.M)
                              for all_vul_details in vul_details_content:
                                  vul_detail = Solve(Solve_re(),all_vul_details)
                                  for solve,describe in zip(vul_detail.solve_plumb,vul_detail.describe_plumb):
                                      cve = vul_detail.cve_plumb
                                      if cve:
                                          pass
                                      else:
                                          cve = ['漏洞暂无CVE编号']
                                      vul_all_detail.append([describe[0],re.sub('s{2,}','
      ',html.unescape(re.sub('s{2,}','',solve)).replace('<br/>','
      ')),re.sub('s{2,}','
      ',html.unescape(re.sub('s{2,}','',describe[1])).replace('<br/>','
      ')),cve[0]])
      
                          for line_vul_list in vul_all_list:
                              vul_list.put(line_vul_list)
      
                          i = 1
                          while not vul_list.empty():
                              wait_list = vul_list.get()
                              for wait_detail in vul_all_detail:
                                  if wait_list[0] == wait_detail[0] and self.hight_status == True and wait_list[3] == '高':
                                      ws.row_dimensions[i+3].height = 25
                                      ws.append([i,'',wait_list[1],wait_list[4],wait_list[6],wait_list[2],'漏洞',wait_list[3],wait_detail[1].strip('
      '),wait_detail[2].strip('
      '),wait_detail[3],wait_list[5]])
                                      for row in ws['A%s:Q%s'%(i+3,i+3)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                      i += 1
                                      break
      
                                  if wait_list[0] == wait_detail[0] and self.middle_status == True and wait_list[3] == '中':
                                      ws.row_dimensions[i+3].height = 25
                                      ws.append([i,'',wait_list[1],wait_list[4],wait_list[6],wait_list[2],'漏洞',wait_list[3],wait_detail[1].strip('
      '),wait_detail[2].strip('
      '),wait_detail[3],wait_list[5]])
                                      for row in ws['A%s:Q%s'%(i+3,i+3)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                      i += 1
                                      break
      
                                  if wait_list[0] == wait_detail[0] and self.low_status == True and wait_list[3] == '低':
                                      ws.row_dimensions[i+3].height = 25
                                      ws.append([i,'',wait_list[1],wait_list[4],wait_list[6],wait_list[2],'漏洞',wait_list[3],wait_detail[1].strip('
      '),wait_detail[2].strip('
      '),wait_detail[3],wait_list[5]])
                                      for row in ws['A%s:Q%s'%(i+3,i+3)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                      i += 1
                                      break
      
                          wb.save(folder_end+'/汇总-漏洞跟踪表/高中风险漏洞跟踪表--%s.xlsx' % sheet_name)
                          del vul_all_list[:]
                          del vul_all_detail[:]
                      self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                      self.log_textEdit.insertPlainText('漏洞跟踪表导出完成,保存在 %s/汇总-漏洞跟踪表 目录下。
      '%folder_end)
                      QtWidgets.QApplication.processEvents()
      
                  shutil.rmtree('temp')
                  endtime = datetime.datetime.now()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('导出花时:%s秒...
      '%(endtime - starttime).seconds)
                  QtWidgets.QApplication.processEvents()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('
      ' + '*'*67 + '
      ')
                  QtWidgets.QApplication.processEvents()
      
              if self.port_status:
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('正在导出端口,请稍后!
      ')
                  QtWidgets.QApplication.processEvents()
                  starttime = datetime.datetime.now()
                  os.mkdir(folder_end+'/汇总-端口对应关系表')
                  dirList = os.listdir(folder_start)
                  for name in dirList:
                      all_file_name = re.findall(Port_File_re().file_re,name)
                      for file_name in all_file_name:
                          uzip = zipfile.ZipFile(folder_start+'/'+file_name)
                          i = 1
                          wb = openpyxl.Workbook()
                          ws = wb.active
      
                          ws.column_dimensions['A'].width = 16.5
                          ws.column_dimensions['B'].width = 16
                          ws.column_dimensions['C'].width = 20
                          ws.column_dimensions['D'].width = 30
                          ws.column_dimensions['E'].width = 25
                          ws.column_dimensions['F'].width = 28
                          ws.column_dimensions['G'].width = 42
                          ws.column_dimensions['H'].width = 17
      
                          ws.title = '端口数据'
                          ws['A1'] = '设备端口和服务信息表'
                          ws.merge_cells('A1:H1')
                          ws['A2'] = '收集时间'
                          ws.merge_cells('A2:B2')
                          ws.merge_cells('C2:D2')
                          ws['E2'] = '所属系统'
                          ws.merge_cells('F2:H2')
                          ws['A3'] = '填表人'
                          ws['C3'] = name_ini
                          ws.merge_cells('A3:B3')
                          ws.merge_cells('C3:D3')
                          ws['E3'] = '系统责任人'
                          ws.merge_cells('F3:H3')
                          ws['A4'] = 'IP地址'
                          ws['B4'] = '端口'
                          ws['C4'] = '协议'
                          ws['D4'] = '服务'
                          ws['E4'] = '状态'
                          ws['F4'] = '访问权限开放范围'
                          ws['G4'] = '应用说明'
                          ws['H4'] = '备注'
      
                          # 样式
                          font = Font(size=12, name='宋体')
                          thin = Side(border_style="thin")
                          border = Border(left=thin, right=thin, top=thin, bottom=thin)
                          # 对齐
                          alignment = Alignment(horizontal="center", vertical="center", wrap_text=True)
                          for excel_style in ws['A2:H4']:
                              for excel_cell in excel_style:
                                  excel_cell.font = font
                                  excel_cell.border = border
                                  excel_cell.alignment = alignment
                          #设置第一行的格式
                          one_font = Font(size=12, bold=True, name='宋体')
                          for one_style in ws['A1:H1']:
                              for one_cell in one_style:
                                  one_cell.font = one_font
                                  one_cell.border = border
                                  one_cell.alignment = alignment
      
                          for uzip_content in uzip.namelist():
                              all_uzip_content = re.findall(Port_File_re().uzip_re,uzip_content)
                              for all_uzip in all_uzip_content:
                                  htmlcont_zip = uzip.open(all_uzip).read().decode('utf8')
                                  vul_title = re.findall(Port_File_re().all_title_re,htmlcont_zip,re.S|re.M)
                                  for title_content in vul_title:
                                      pass
      
                                  vul_host = re.findall(Port_File_re().host_re,htmlcont_zip,re.S|re.M)
                                  for host_content in vul_host:
                                    for vul_port in re.findall(Port_File_re().port_re,host_content[2],re.S|re.M):
                                      ws['C2'] = '%s' % host_content[1]
                                      ws.append([host_content[0],vul_port[0].replace(' ','').strip('
      '),vul_port[1].replace(' ','').strip('
      '),vul_port[2].replace(' ','').strip('
      '),vul_port[3].replace(' ','').strip('
      ')])
                                      for row in ws['A%s:H%s'%(i+4,i+4)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                      i += 1
      
                          wb.save(folder_end+'/汇总-端口对应关系表/端口服务对应关系表--%s.xlsx' % title_content)
                          self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                          self.log_textEdit.insertPlainText('导出 %s'%title_content+' 完成!
      ')
                          QtWidgets.QApplication.processEvents()
      
                  endtime = datetime.datetime.now()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('所有端口导出完成,保存在 %s/汇总-端口对应关系表 目录下。
      '%folder_end)
                  QtWidgets.QApplication.processEvents()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('导出花时:%s秒...
      '%(endtime - starttime).seconds)
                  QtWidgets.QApplication.processEvents()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('
      ' + '*'*67 + '
      ')
                  QtWidgets.QApplication.processEvents()
      
              if self.web_status:
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('正在WEB网站,请稍后!
      ')
                  QtWidgets.QApplication.processEvents()
                  starttime = datetime.datetime.now()
                  os.mkdir(folder_end+'/汇总-WEB网站')
                  dirList = os.listdir(folder_start)
                  for name in dirList:
                      all_file_name = re.findall(Port_File_re().file_re,name)
                      for file_name in all_file_name:
                          uzip = zipfile.ZipFile(folder_start+'/'+file_name)
                          x = 1
      
                          web = openpyxl.Workbook()
                          wes = web.active
                          wes.title = 'WEB网站'
      
                          wes.column_dimensions['A'].width = 16.5
                          wes.column_dimensions['B'].width = 16
                          wes.column_dimensions['C'].width = 20
                          wes.column_dimensions['D'].width = 30
                          wes.column_dimensions['E'].width = 25
                          wes.column_dimensions['F'].width = 45
      
                          wes['A1'] = 'IP地址'
                          wes['B1'] = '端口'
                          wes['C1'] = '协议'
                          wes['D1'] = '服务'
                          wes['E1'] = '状态'
                          wes['F1'] = 'WEB网站信息'
      
                          # 样式
                          font = Font(size=12, name='宋体')
                          thin = Side(border_style="thin")
                          border = Border(left=thin, right=thin, top=thin, bottom=thin)
                          # 对齐
                          alignment = Alignment(horizontal="center", vertical="center", wrap_text=True)
                          for excel_style in wes['A1:F1']:
                              for excel_cell in excel_style:
                                  excel_cell.font = font
                                  excel_cell.border = border
                                  excel_cell.alignment = alignment
      
                          for uzip_content in uzip.namelist():
                              all_uzip_content = re.findall(Port_File_re().uzip_re,uzip_content)
                              for all_uzip in all_uzip_content:
                                  htmlcont_zip = uzip.open(all_uzip).read().decode('utf8')
                                  vul_title = re.findall(Port_File_re().all_title_re,htmlcont_zip,re.S|re.M)
                                  for title_content in vul_title:
                                      pass
      
                                  vul_host = re.findall(Port_File_re().host_re,htmlcont_zip,re.S|re.M)
                                  for host_content in vul_host:
                                    for vul_port in re.findall(Port_File_re().port_re,host_content[2],re.S|re.M):
                                      vul_web = re.findall(Port_File_re().http_re,vul_port[2].replace(' ','').strip('
      '),re.S|re.M)
                                      if vul_web:
                                        wes.append([host_content[0],vul_port[0].replace(' ','').strip('
      '),vul_port[1].replace(' ','').strip('
      '),vul_port[2].replace(' ','').strip('
      '),vul_port[3].replace(' ','').strip('
      '),'http://'+ host_content[0] + ':' + vul_port[0].replace(' ','').strip('
      ')])
                                        for row in wes['A%s:E%s'%(x+1,x+1)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                          wes['F%s' % (x+1)].font = font
                                          wes['F%s' % (x+1)].border = border
                                        x += 1
                                      vul_web = re.findall(Port_File_re().https_re,vul_port[2].replace(' ','').strip('
      '),re.S|re.M)
                                      if vul_web:
                                        wes.append([host_content[0],vul_port[0].replace(' ','').strip('
      '),vul_port[1].replace(' ','').strip('
      '),vul_port[2].replace(' ','').strip('
      '),vul_port[3].replace(' ','').strip('
      '),'https://'+ host_content[0] + ':' + vul_port[0].replace(' ','').strip('
      ')])
                                        for row in wes['A%s:E%s'%(x+1,x+1)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                          wes['F%s' % (x+1)].font = font
                                          wes['F%s' % (x+1)].border = border
                                        x += 1
                                      vul_web = re.findall(Port_File_re().www_re,vul_port[2].replace(' ','').strip('
      '),re.S|re.M)
                                      if vul_web:
                                        wes.append([host_content[0],vul_port[0].replace(' ','').strip('
      '),vul_port[1].replace(' ','').strip('
      '),vul_port[2].replace(' ','').strip('
      '),vul_port[3].replace(' ','').strip('
      '),'http://'+ host_content[0] + ':' + vul_port[0].replace(' ','').strip('
      ')])
                                        for row in wes['A%s:E%s'%(x+1,x+1)]:
                                          for cell in row:
                                              cell.font = font
                                              cell.border = border
                                              cell.alignment = alignment
                                          wes['F%s' % (x+1)].font = font
                                          wes['F%s' % (x+1)].border = border
                                        x += 1
      
                          web.save(folder_end+'/汇总-WEB网站/WEB网站--%s.xlsx' % title_content)
                          self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                          self.log_textEdit.insertPlainText('导出 %s'%title_content+' 完成!
      ')
                          QtWidgets.QApplication.processEvents()
                  endtime = datetime.datetime.now()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('所有WEB网站导出导出完成,保存在 %s/汇总-WEB网站 目录下。
      '%folder_end)
                  QtWidgets.QApplication.processEvents()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('导出花时:%s秒...
      '%(endtime - starttime).seconds)
                  QtWidgets.QApplication.processEvents()
                  self.log_textEdit.moveCursor(QtGui.QTextCursor.End)
                  self.log_textEdit.insertPlainText('*'*67 + '
      ')
                  QtWidgets.QApplication.processEvents()
      
      if __name__ == '__main__':
          app = QtWidgets.QApplication(sys.argv)
          MainWindow = QtWidgets.QMainWindow()
          ui = Ui_MainWindow()
          ui.setupUi(MainWindow)
          MainWindow.show()
          sys.exit(app.exec_())
      

        

  • 相关阅读:
    PHP 操作redis常用方法代码
    PHP 大型网站 高并发大流量解决方案
    Nginx 负载均衡
    maven中mirror与repositories的关系
    Java事件机制---自定义事件
    sql优化几个方面
    临时表的概念
    sql产生临时表
    MySQL rows
    工厂模式 https://www.jianshu.com/p/6dfb5b66d088
  • 原文地址:https://www.cnblogs.com/68xi/p/9486990.html
Copyright © 2011-2022 走看看