äºåå®å ¨ç®¡çæå¡ä¸å®¶æ°éäºæ
ä¸ãéæ±
æ天ï¼æ个客æ·æäºä¸ªéæ±ï¼éè¦æ们æ¯ä¸ªæå®æåéåºæ¥æ¼æ´åç³»ç»æ¼æ´çæ¥è¡¨ï¼å¹¶éè¦æå¨å ³è项ç®ä»£ç åä¾åºåè´è´£äººçç¸å ³ä¿¡æ¯ã
æ们å¨æä½è¿ç¨ä¸éå°ä»¥ä¸å 个é®é¢ï¼
1ã客æ·çäºå®å ¨ä¸å¿æ¯å è´¹çæ¬ï¼æ æ³ç¹å»ä¸è½½æé®ä¸é®ä¸è½½ï¼åªè½éè¿apiå»è°ï¼çæèªå¨æ¥è¡¨
2ãæå¨æä½éè¿è°·ææµè§å¨å®è£ XPATHæ件ï¼æåå段å模å¼ï¼çæExcelè¡¨æ ¼ï¼å¹¶å ³èå个å段çææ¥è¡¨ï¼æå¨æä½èæ¶èåï¼æ æ³é¿å 人æä½å¤±è¯¯
æ¼æ´èªå¨åæµç¨å¾ï¼
äºãåºç¨åºæ¯å®è·µ
1ãäºè§£é¿éäºOpenAPI
é¿éäº OpenAPI å¼åè é¨æ·æ¯ä¸æ¬¾é OpenAPI æºè½æç´¢ãOpenAPI ææ¡£ãOpenAPI å¨çº¿è°è¯ãSDK è·åãCodeSampleãè°ç¨åºéè¯æãè°ç¨ç»è®¡ãæ¨å¯ä»¥å¨ OpenAPI Explorer ä¸è°ç¨é¿éäºåäºäº§åå¼æ¾ç APIï¼æ¥çAPI请æ±åè¿åç»æãæ¤å¤ï¼OpenAPI Explorer ä¼èªå¨çæç¸åº API ç SDK è°ç¨ç¤ºä¾ï¼å¸®å©æ¨ä½¿ç¨é¿éäº APIã
OpenAPI Explorer ç»å½å°åï¼https://next.api.aliyun.comã
OpenAPI Explorer æä¾ä»¥ä¸åè½
⢠API æ£ç´¢
æ±éé¿éäºå¤ä¸ªäº§åç APIï¼å¯ä»¥å¨æ¤éä¸æ£ç´¢ï¼å¿«éæ¾å°æ¨æéè¦ç APIã
⢠API è°ç¨
æ éç¼å代ç ï¼å¨è°ç¨é¡µé¢ä¸å¡«å请æ±åæ°ï¼ä¾¿å¯è°ç¨ APIã
⢠æ¥ç API 请æ±
æ ¹æ®æ¨å¡«åç请æ±åæ°èªå¨çæ API 请æ±ï¼å¹¶æå°å°ç½é¡µä¸ï¼è®©æ¨ç´è§çæ¥çå°çå®åéç API 请æ±ã
⢠ç»æåè¾åºè¿åç»æ
æ ¹æ® API 请æ±ï¼è¿åçå®ç API è°ç¨ç»æï¼ç»æåè¾åºã
⢠çæ SDK è°ç¨ç¤ºä¾
æ ¹æ®è¾å ¥ç API 请æ±åæ°ï¼èªå¨çæå¤ç§è¯è¨ç SDK è°ç¨ç¤ºä¾ã
⢠å½ä»¤è¡è°ç¨
æä¾ç½é¡µçå½ä»¤è¡å·¥å ·ï¼æ¨¡æ Linux æä½ä½éªä½¿ç¨å½ä»¤è¡è°ç¨ APIã
使ç¨åºæ¯
OpenAPI Explorer è´åäºå¸®å©æ¨æ´å¿«å°æ¥æ¾é¿éäºäºäº§å API ãæ´ä¾¿æ·å°ä½¿ç¨é¿éäºç API è¿è¡äºæ¬¡å¼åãæ¨å¯ä»¥ä½¿ç¨ OpenAPI Explorer æ¥æ£ç´¢é¿éäºå¼æ¾äºåªäº APIãæ¥ç API å®ä¹ï¼éç¨äº API è°è¯ãæ éææ¥çåºæ¯ã
â¢API è°è¯
å¨åºäºé¿éäº API è¿è¡äºæ¬¡å¼ååï¼æ¨å¯ä»¥é¢å éªè¯ API 请æ±æ¹å¼åæ¥ç API çè¿åç»æãOpenAPI Explorer æä¾äºç½é¡µåå½ä»¤è¡ä¸¤ç§æ¹å¼ï¼è®©æ¨ç´è§çæ¥ç API çè°ç¨ç»æãèä¸ï¼å½è°ç¨åºéæ¶ï¼OpenAPI Explorer è¿ä¼æ示æ¨å¦ä½è§£å³ã
â¢æ¥ç SDK 示ä¾
å¨æ¨ä½¿ç¨ SDK è¿è¡å¼åæ¶ï¼å¾å¾éè¦ä¸äºä»£ç 示ä¾æ¥è¾ å©æ¨è¿è¡å¼åãå¨ OpenAPI Explorer ä¸è¾å ¥ API 请æ±åæ°çåæ¶ï¼ä¼å¸®æ¨çæ JavaãPHPãPythonãNode.js ç示ä¾ä»£ç ï¼ä»¥å¼å¯¼æ¨è¿è¡å¼åã
2ãæ«ææ¼æ´
å¨äºè§£äºé¿éäºOpenAPIä¹åï¼æ们å°è¯ä½¿ç¨å®å®æ第ä¸ä¸ªéæ±ï¼ä½¿ç¨pythonèæ¬èªå¨å¼å¯æ§å¶å°æ¼æ´ä¿®å¤é¡µé¢çä¸é®æ«æåè½ï¼è¿é以ã
å¼å¯æ§å¶å°æ¼æ´ä¿®å¤é¡µé¢çä¸é®æ«æåè½APIå°åï¼
https://next.api.aliyun.com/api/Sas/2018-12-03/ModifyStartVulScan?params={}
第ä¸æ¥ãOpenAPI å¨çº¿è°è¯
æå¼ä¸é¢çé¾æ¥å°åï¼æ¾å°âå¼å¯æ§å¶å°æ¼æ´ä¿®å¤é¡µé¢çä¸é®æ«æåè½âè¿ä¸ªAPIï¼æç §éæ±å¡«åæå¡å°åååæ°ï¼æ³¨æï¼å¸¦æå·çåæ°å¿ å¡«ï¼ï¼å¡«å®åæ°åç¹å»âåèµ·è°ç¨âæé®ãå¯ä»¥çå°å³è¾¹ç»åä½ç½®ï¼â200 OKâåè°ç¨å®æä¸æåï¼å¹¶å¨ä¸æ¹æ¥çè°ç¨åçç»æãå¦æè°ç¨å¤±è´¥ï¼è¯·æ ¹æ®é误æ示ï¼ä¿®æ¹API请æ±ã
å¯ä»¥çå°äºå®å ¨ä¸å¿å·²ç»å¼å§æ«æåºç¨æ¼æ´äºã
æ´å¤æ¥å£è¯¦ç»ä¿¡æ¯ï¼è¯·çAPIææ¡£ï¼å°åï¼https://next.api.aliyun.com/document/Sas/2018-12-03/ModifyStartVulScan
第äºæ¥ãä½¿ç¨ SDK è¿è¡äºæ¬¡å¼å
é¦å ï¼æç §ä¸å¾æ示ï¼è·åSDKå®è£ å½ä»¤ï¼å¨æ¬å°æ§è¡å®è£ SDKã
Python
pip install alibabacloud_sas20181203==1.1.29
å®è£ å®SDKä¾èµåï¼æç §ä¸å¾æ示ï¼æ ¹æ®éæ±å¡«åæå¡å°åååæ°ãç¹å»âSDK示ä¾âæé®ï¼æè¿éæ¯ä½¿ç¨pythonè¯è¨è¿è¡çäºæ¬¡å¼åï¼æ以è¿è¾¹éæ©âPythonâæé®ï¼å¤å¶ä¸é¢ç示ä¾ä»£ç ï¼æç §ä¸é¢çæ¥éª¤è¿è¡ä¿®æ¹åæ¹å¯ä½¿ç¨ãå¦å¤ï¼å¦æå¨åæ°é ç½®ä¸å¡«åäºåæ°ï¼åä¼èªå¨å°è¯¥åæ°å¡«åå°SDK示ä¾ä»£ç ä¸ï¼å¯¹æ们æ°ææ¥è¯´é常å好ã
é£åæ°è¯¥æä¹å¡«å¢ï¼å¦ä¸å¾æ示ï¼å°é¼ æ 移è³åæ°æçé®å·å¾æ ä¸ï¼å³å¯çå°å¯ä»¥è®¾ç½®åªäºåå¼ã
å¡«åcveï¼ååªä¼æ«æLinux软件æ¼æ´ï¼å¡«åsysï¼ååªä¼æ«æWindowsç³»ç»æ¼æ´ï¼åçï¼......ã注æçä¸é¢ç说æï¼å¦æ该èä½ç©ºï¼ä¼æ£æµæææ¼æ´ç±»åãæ以å¨å¡«ååæ°çæ¶åä¸å®è¦çä»ç»ï¼å°¤å ¶æ¯ä¸äºå±é©çæä½ï¼ç¡®ä¿æ²¡é®é¢ååæ§è¡ã
å°å¤å¶è¿æ¥ç代ç è¿è¡ä¿®æ¹ï¼å é¤äºå ¶ä¸å¼æ¥çmain_asyncå½æ°ï¼è¿éæ们ä¸éè¦ç¨å°å¼æ¥ãè¿é主è¦æ¯éè¦å¡«åAccessKeyï¼æåç°éè¦å¡«å两å¤ï¼ç´¢æ§å°±å建两个åéï¼é£ä¸¤å¤éè¦å¡«åAccessKeyçå°åï¼ç´æ¥ç¨åé代æ¿ï¼å¦ä¸ä»£ç æ¡ä¸æ示ãå ¶ä½çå¯ä»¥æç §èªå·±çéæ±è¿è¡äºæ¬¡å¼åï¼æè¿è¾¹æ²¡æå ¶ä»éè¦åæ´çéæ±äºï¼æ以è¿éä¹å°±ä¸åå¦å¤çæ¹å¨äºã
并ä¸éè¦ç»å°è¯¥ç¨æ·ç¸åºçæéï¼å¦åä¹æ¯æ æéè°ç¨è¯¥APIï¼ä¼å¯¼è´æ§è¡å¤±è´¥ã
Python
# -*- coding: utf-8 -*-
import sys
from typing import List
from alibabacloud_sas20181203.client import Client as Sas20181203Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_sas20181203 import models as sas_20181203_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient
ak="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey ID
sk="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey Secret
class Sample:
def __init__(self):
pass
@staticmethod
def create_client(
access_key_id: str,
access_key_secret: str,
) -> Sas20181203Client:
config = open_api_models.Config(
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
access_key_id=ak,
access_key_secret=sk
)
config.endpoint = f'tds.aliyuncs.com'
return Sas20181203Client(config)
@staticmethod
def main(
args: List[str],
) -> None:
#æ对è¿ä¸è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
client = Sample.create_client(ak,sk)
modify_start_vul_scan_request = sas_20181203_models.ModifyStartVulScanRequest(
types='emg' #è¿é以åºæ¥æ¼æ´ä¸ºä¾ï¼æ以åªæ«æåºæ¥æ¼æ´
)
runtime = util_models.RuntimeOptions()
try:
client.modify_start_vul_scan_with_options(modify_start_vul_scan_request, runtime)
except Exception as error:
UtilClient.assert_as_string(error.message)
if __name__ == '__main__':
Sample.main(sys.argv[1:])
æ§è¡ä¸é¢çèæ¬åï¼è¿å ¥äºå®å ¨ä¸å¿æ£æ¥ï¼æ¥çåºæ¥æ¼æ´æ¯å¦æ£å¨æ«æï¼å¦ä¸å¾æ示å³ä¸ºæ£å¨æ«æåºæ¥æ¼æ´ï¼å¦å请æ£æ¥ä»£ç æ¯å¦æ£ç¡®ã
3ã导åºæ¼æ´å表
æ¾å°â导åºæ¼æ´å表âçAPIï¼å¡«ååæ°é ç½®ï¼è¿éæå¡«åäºå¦ä¸å¾æ示çåæ°ï¼å¯¼åºåºæ¥æ¼æ´ï¼æ¼æ´ä¿®å¤ä¼å 级为é«ï¼ä¸æªä¿®å¤çæ¼æ´ä¿¡æ¯ã
å¡«åå®ç¸å ³åæ°åï¼ç¹å»âåèµ·è°ç¨æé®âãå¯ä»¥çå°è°ç¨ç»æ并ä¸æ¯æ们æ³è±¡ä¸çç´æ¥ä¸è½½æ件
å¨è¯¥APIææ¡£ä¸ææ确说æï¼âæ¬æ¥å£ä¸DescribeVulExportInfoæ¥å£é å使ç¨ã使ç¨æ¬æ¥å£å»ºç«æ¼æ´å¯¼åºä»»å¡ä¹åï¼å¯è°ç¨DescribeVulExportInfoæ¥å£å½å ¥æ¼æ´å¯¼åºä»»å¡çIDï¼æ¥çæ¼æ´å¯¼åºä»»å¡çè¿åº¦ãâæ以ï¼æ们éè¦å ååºæ¼æ´å¯¼åºä»»å¡çIDï¼åé åDescribeVulExportInfoæ¥å£æè½ä¸è½½å¯¼åºçå表ã
æ¥ä¸æ¥å°±æ¯å¯¹è¿ä¸ªæ¥å£è¿è¡äºæ¬¡å¼åï¼ååºæ们æéè¦çâæ¼æ´å¯¼åºä»»å¡çIDâãå¦ä¸å¾æ示ï¼å¨å¡«åå®æéåæ°åï¼å¤å¶å³è¾¹çpython SDK示ä¾ä»£ç ã
æç §ä¸é¢è®²è¿çæ¹æ³ï¼éç¨åéçæ¹å¼ï¼å¡«åå®AccessKeyåè¿è¡ä¸é¢ä»£ç ã
Python
# -*- coding: utf-8 -*-
import sys
from typing import List
from alibabacloud_sas20181203.client import Client as Sas20181203Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_sas20181203 import models as sas_20181203_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient
ak="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey ID
sk="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey Secret
class Sample:
def __init__(self):
pass
@staticmethod
def create_client(
access_key_id: str,
access_key_secret: str,
) -> Sas20181203Client:
config = open_api_models.Config(
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
access_key_id=ak,
access_key_secret=sk
)
config.endpoint = f'tds.aliyuncs.com'
return Sas20181203Client(config)
@staticmethod
def main(
args: List[str],
) -> None:
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
client = Sample.create_client(ak, sk)
export_vul_request = sas_20181203_models.ExportVulRequest(
type='emg',
lang='zh',
necessity='asap',
dealed='n'
)
runtime = util_models.RuntimeOptions()
try:
# å¤å¶ä»£ç è¿è¡è¯·èªè¡æå° API çè¿åå¼
client.export_vul_with_options(export_vul_request, runtime) #æ示ï¼ä¸é¢æ们å°å¯¹è¿ä¸é¨åè¿è¡ä¿®æ¹
except Exception as error:
# å¦æéè¦ï¼è¯·æå° error
UtilClient.assert_as_string(error.message)
if __name__ == '__main__':
Sample.main(sys.argv[1:])
è¿è¡åï¼åç°å¹¶æ²¡æè¾åºç»æãæç §æ示对代ç è¿è¡ä¿®æ¹åæå°
Python
print(client.export_vul_with_options(export_vul_request, runtime))
è¾åºçç»æå¦ä¸å¾æ示ï¼è¿æ¯ä½¿ç¨âpython代ç ç¾åå·¥å ·âç¾ååçç»æï¼ä¾¿äºæ们æ¥çãåç°å ¶ä¸çIdæ£æ¯æ们æéè¦çâæ¼æ´å¯¼åºä»»å¡çIDâãä¸é¢å°è®²è¿°å¦ä½ååºæ们æéè¦çIdã
type() å½æ°å±äºPythonå ç½®å½æ°ï¼é常ç¨æ¥æ¥çæ个åéçå ·ä½ç±»å
Python
print(type(client.export_vul_with_options(export_vul_request, runtime)))
#<class 'alibabacloud_sas20181203.models.ExportVulResponse'>
使ç¨__dict__ æå°è¿ä¸ªç±»ä¸ææçå±æ§ï¼ä»æå°ç»æä¸å¤§è´ç¥éheaderséæ¯ä¸äºå¤´ä¿¡æ¯ï¼status_codeæ¯ååºç¶æç ï¼bodyæ¯ååºå 容ï¼èæ们éè¦çIdåºè¯¥å¨ååºå 容ä¸ã
Python
print(client.export_vul_with_options(export_vul_request, runtime).__dict__)
使ç¨âç±»å.å±æ§âçæ¹å¼è·åå±æ§çå¼ï¼å¦ä¸æ示è·åbodyå±æ§çå¼ï¼å¹¶ä½¿ç¨typeå½æ°æ¥ç该å¼æ¯å±äºä»ä¹ç±»åãä¸é¢è¿è¡æ¯ä¿®æ¹åç代ç ï¼äºå·åé¢çå 容为è¾åºçç»æï¼æ们åç°è¿ä¸ªå¼ä¹æ¯ä¸ä¸ªç±»ã
Python
print(type(client.export_vul_with_options(export_vul_request, runtime).body))
#<class 'alibabacloud_sas20181203.models.ExportVulResponseBody'>
åçï¼è°ç¨ __dict__æ¥çè¿ä¸ªç±»ä¸çææå±æ§ï¼åç°äºidè¿ä¸ªå±æ§ï¼æ£æ¯ææéè¦çâæ¼æ´å¯¼åºä»»å¡çIDâã
Python
print(client.export_vul_with_options(export_vul_request, runtime).body.__dict__)
#{'file_name': 'emg_20220831', 'id': 119828, 'request_id': '79B83B4B-1CE6-5987-9BDF-C3AB995E94D4'}
åçï¼ä½¿ç¨âç±»å.å±æ§âçæ¹å¼è·åå±æ§çå¼ãå¯ä»¥çå°æ£æ¯æ们æéè¦çâæ¼æ´å¯¼åºä»»å¡çIDâã
Python
print(client.export_vul_with_options(export_vul_request, runtime).body.id)
#119828
æç»è°æ´åç代ç å¦ä¸æ示ï¼
Python
# -*- coding: utf-8 -*-
import sys
from typing import List
from alibabacloud_sas20181203.client import Client as Sas20181203Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_sas20181203 import models as sas_20181203_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient
ak="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey ID
sk="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey Secret
class Sample:
def __init__(self):
pass
@staticmethod
def create_client(
access_key_id: str,
access_key_secret: str,
) -> Sas20181203Client:
config = open_api_models.Config(
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
access_key_id=ak,
access_key_secret=sk
)
config.endpoint = f'tds.aliyuncs.com'
return Sas20181203Client(config)
@staticmethod
def main(
args: List[str],
) -> None:
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
client = Sample.create_client(ak, sk)
export_vul_request = sas_20181203_models.ExportVulRequest(
type='emg',
lang='zh',
necessity='asap',
dealed='n'
)
runtime = util_models.RuntimeOptions()
try:
# æ对è¿è¡ä»£ç è¿è¡äºè°æ´ï¼è·åâæ¼æ´å¯¼åºä»»å¡çIDâ
print(client.export_vul_with_options(export_vul_request, runtime).body.id)
except Exception as error:
UtilClient.assert_as_string(error.message)
if __name__ == '__main__':
Sample.main(sys.argv[1:])
4ãæ¥çæ¼æ´å¯¼åºä»»å¡çè¿åº¦
è·åå°âæ¼æ´å¯¼åºä»»å¡çIDâä¹åï¼æ ¹æ®ä¸é¢çAPIææ¡£æ示ï¼æ¾å°â导åºæ¼æ´å表âçAPIï¼å¨åæ°é ç½®ä¸å°è·åå°çâæ¼æ´å¯¼åºä»»å¡çIDâå¡«å ¥ï¼å¹¶å¤å¶å³ä¾§ä»£ç è¿è¡äºæ¬¡å¼åã
æ¥ç该APIææ¡£ï¼åç°æ们éè¦è·åå ¶ä¸çâ导åºåExcelçä¸è½½é¾æ¥âï¼æè½ä¸è½½å¯¼åºçå表ã
æç §æä¸é¢è®²è¿°çæ¹æ³ï¼å¯¹ä»£ç è¿è¡ä¿®æ¹ï¼è¿éå°±ä¸åéå¤äºï¼ä¿®æ¹åç代ç å¦ä¸æ示ï¼
Python
# -*- coding: utf-8 -*-
import sys
from typing import List
from alibabacloud_sas20181203.client import Client as Sas20181203Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_sas20181203 import models as sas_20181203_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient
ak="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey ID
sk="" #请å¨æ¤å¤å¡«åæ¨ç AccessKey Secret
class Sample:
def __init__(self):
pass
@staticmethod
def create_client(
access_key_id: str,
access_key_secret: str,
) -> Sas20181203Client:
config = open_api_models.Config(
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
access_key_id=ak,
access_key_secret=sk
)
config.endpoint = f'tds.aliyuncs.com'
return Sas20181203Client(config)
@staticmethod
def main(
args: List[str],
) -> None:
#æ对è¿ä¸¤è¡ä»£ç è¿è¡äºä¿®æ¹ï¼éç¨åéçæ¹å¼ï¼æ ééå¤å¡«åAKSK
client = Sample.create_client(ak, sk)
describe_vul_export_info_request = sas_20181203_models.DescribeVulExportInfoRequest(
export_id=119828 #æ¤å¤å¡«å第ä¸æ¥è·åå°çâæ¼æ´å¯¼åºä»»å¡çIDâ
)
runtime = util_models.RuntimeOptions()
try:
# æ对è¿è¡ä»£ç è¿è¡äºè°æ´ï¼è·åâ导åºåExcelçä¸è½½é¾æ¥â
print(client.describe_vul_export_info_with_options(describe_vul_export_info_request, runtime).body.link)
except Exception as error:
UtilClient.assert_as_string(error.message)
if __name__ == '__main__':
Sample.main(sys.argv[1:])
è¿è¡ä»£ç ï¼å³å¯å¾å°å¯¼åºåExcelçä¸è½½é¾æ¥
5ãä¸è½½å¹¶è§£å
å®è£ wgetå ï¼ä½¿ç¨wgetè¿è¡ä¸è½½ã
Python
pip install wget
å ·ä½ä»£ç å¦ä¸ï¼
Python
import time,wget,ssl #导å
¥æéè¦çå
ssl._create_default_https_context = ssl._create_unverified_context #å
³éssl认è¯
url="https://vul-export.oss-cn-shanghai.aliyuncs.com/export/emg_20220826_xxx.zip?Expires=xxx" #å¡«åä¸é¢è·åçâ导åºåExcelçä¸è½½é¾æ¥â
now_time=time.strftime('%Y%m%d',time.localtime(time.time())) #å®ä¹å½åæ¶é´çåéï¼è·åå½åçæ¶é´
zip_name="emg_{}.zip".format(now_time) #å®ä¹zipå
ååéï¼ä»¥å½åæ¶é´å½åçzipå
å
wget.download(url,out=zip_name) #使ç¨wgetä¸è½½ï¼ä¸è½½çzipå
ä¸å½å代ç å¨å级ç®å½
æ§è¡ä¸é¢ç代ç ï¼å¨ä»£ç çå级ç®å½ä¸æ¥çï¼æ¯å¦æ°å¢äºä»¥å½åæ¶é´å½åçzipå ï¼è¿ä¸ªzipå å°±æ¯æ们æéçæ¼æ´å表ã
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
å 为访é®çç½ç«æ¯https://ï¼éè¦SSL认è¯ï¼èç´æ¥ç¨urllibä¼å¯¼è´æ¬å°éªè¯å¤±è´¥ï¼å
·ä½åå æªæ¥æï¼ï¼æ以使ç¨ssl._create_unverified_contextå
³é认è¯ï¼å¦åä¼æ¥ä¸é¢è¿ä¸ªéï¼
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)>
å®è£ 解åæé模å
Python
pip install zipfile36
解åzipå ç代ç å¦ä¸
Python
import zipfile #导å
¥æé模å
with zipfile.ZipFile("emg_20220826.zip") as zf: #解åzipå
zf.extractall()
æ§è¡ä»£ç ï¼å¦ä¸å¾æ示"emg_20220826.xlsx"å³ä¸ºè§£ååçæ¼æ´å表ã
6ãxlsx转æcsvæ ¼å¼
excelæ¬èº«ç.xlsxæ ¼å¼å¯¼å ¥æ°æ®åºæ¶å¯è½ä¼æ¥éï¼ä¸ºäºé¿å ä¸å¿ è¦çæ ¼å¼é误ï¼ç´æ¥ä½¿ç¨.csvæ ¼å¼ï¼æ以æ们éè¦å°xlsx转æcsvæ ¼å¼ã
å®è£ æé模å
Python
pip install pandas
xlsx转æcsvæ ¼å¼ä»£ç å¦ä¸æ示ï¼
Python
import pandas as pd #导å
¥æé模å
pd.read_excel("emg_20220826.xlsx", index_col=0).to_csv("emg_20220826.csv", encoding='utf-8') #xlsx转æcsvæ ¼å¼
æ§è¡ä»£ç ï¼å¦ä¸å¾æ示"emg_20220826.csv"å³ä¸ºè½¬æ¢åçcsvæ¼æ´å表ã
å¨æ§è¡ä¸é¢ä»£ç çè¿ç¨ä¸ï¼åç°è¾åºäºå¦ä¸WARNæ¥å¿ï¼
UserWarning: Workbook contains no default style, apply openpyxl's default
warn("Workbook contains no default style, apply openpyxl's default")
ä¸æç¿»è¯ï¼
ç¨æ·è¦åï¼å·¥ä½ç°¿ä¸å
å«é»è®¤æ ·å¼ï¼è¯·åºç¨openpyxlçé»è®¤æ ·å¼
è¦åï¼âå·¥ä½ç°¿ä¸å
å«é»è®¤æ ·å¼ï¼åºç¨openpyxlçé»è®¤æ ·å¼âï¼
æ
éåæï¼
è¿ä¸ªexcelæ件没æ设置é»è®¤çæ ·å¼ãä¸è¬è¿ç§æ²¡æé»è®¤æ ·å¼çexcelææ¡£æ¯ç±javaç¨åºçæçï¼ä¸æ¯åwindowsç³»ç»æ¥å¸¸ä½¿ç¨ä¸éè¿å³é®ç¹å»å建çexcelææ¡£ã
解å³æ¹æ³ï¼
第ä¸ç§æ¹æ³ï¼å¯¼å
¥warnings模åï¼å¿½ç¥è¦å级å«çæ示ãï¼è¿éæç¨çæ¯è¿ä¸ç§æ¹æ³ï¼
import warnings
warnings.simplefilter("ignore")
第äºç§æ¹æ³ï¼ç¨excelç¨åºï¼æå¼ä¿åä¸ä¸è¿ä¸ªææ¡£ï¼ä½¿è¯¥ææ¡£ç¨åºå±æ§åæMicrosoft EXCELï¼åæ¶åºè¯¥ä¹ä¿åäºé»è®¤çexcelæ ·å¼
æ·»å 忽ç¥è¦å级å«æ示åç代ç å¦ä¸æ示ï¼
Python
import pandas as pd
import warnings
warnings.simplefilter("ignore")
pd.read_excel("emg_20220826.xlsx", index_col=0).to_csv("emg_20220826.csv", encoding='utf-8')
7ãå ³èä¾åºåä¿¡æ¯
è¿éææ¯ä½¿ç¨æ°æ®åºè¿è¡è¿è¡¨æ¥è¯¢çæ¹å¼ï¼å°ä¾åºåä¿¡æ¯åæ¼æ´å表ç¸å ³èï¼å¹¶ä¸å°å ³èåç表导åºæEXCELè¡¨æ ¼ï¼ä¸é¢æè¿°çæ¯å ·ä½çæä½ï¼
å¨æ°æ®åºä¸ï¼æ°å»ºå¦ä¸ä¸¤å¼ 表ï¼webbugsec表å³çä¸éè¦å¯¼å ¥æ¼æ´å表ååå¤ï¼code表为项ç®åä¾åºåä¿¡æ¯çè¡¨æ ¼ï¼å¯æç §éæ±èªè¡ä¿®æ¹ï¼ä½æ¯éè¦åå¨ä¸¤å¼ 表å¯ä»¥ç¸äºå ³èçå段ï¼æ¯å¦è¯´ï¼å½±åèµäº§IDãå½±åèµäº§å¤æ³¨å称ãå½±åèµäº§IPï¼å ¬ç½ï¼ãå½±åèµäº§IPï¼ç§ç½ï¼ççã
Python
CREATE TABLE `webbugsec` (
`id` int(25) NOT NULL COMMENT 'æ¼æ´ID',
`vulnerability` varchar(100) NOT NULL COMMENT 'æ¼æ´å称',
`urgency_level` varchar(25) NOT NULL COMMENT 'ä¿®å¤ç´§æ¥åº¦',
`affected_assets_id` varchar(25) DEFAULT NULL COMMENT 'å½±åèµäº§ID',
`affected_assets_ip_internet` varchar(50) DEFAULT NULL COMMENT 'å½±åèµäº§IPï¼å
¬ç½ï¼',
`affected_assets_ip_intranet` varchar(50) DEFAULT NULL COMMENT 'å½±åèµäº§IPï¼ç§ç½ï¼',
`affected_assets_name` varchar(100) DEFAULT NULL COMMENT 'å½±åèµäº§å¤æ³¨å称',
`first_detect_time` varchar(50) NOT NULL COMMENT 'é¦æ¬¡åç°æ¶é´',
`last_detect_time` varchar(50) NOT NULL COMMENT 'æè¿ä¸æ¬¡åç°æ¶é´',
`handle_time` varchar(50) DEFAULT NULL COMMENT 'å¤çæ¶é´',
`note` varchar(1500) NOT NULL COMMENT 'æ¼æ´è¯´æ',
`status` varchar(25) NOT NULL COMMENT 'æ¼æ´ç¶æ',
`fix_command` varchar(100) DEFAULT NULL COMMENT 'ä¿®å¤å½ä»¤',
`cve_id` varchar(50) DEFAULT NULL COMMENT 'CVEç¼å·',
`tags` varchar(50) DEFAULT NULL COMMENT 'æ ç¾',
`suggestion` varchar(1500) NOT NULL COMMENT 'ä¿®å¤å»ºè®®'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4
CREATE TABLE `code` (
`code` varchar(25) NOT NULL COMMENT 'code',
`affected_assets_name` varchar(50) NOT NULL COMMENT 'å½±åèµäº§å¤æ³¨å称',
`affected_assets_id` varchar(25) NOT NULL COMMENT 'å½±åèµäº§ID',
`affected_assets_ip_internet` varchar(50) DEFAULT NULL COMMENT 'å½±åèµäº§IP(å
¬ç½)',
`affected_assets_ip_intranet` varchar(50) NOT NULL COMMENT 'å½±åèµäº§IP(ç§ç½)',
`project_description` varchar(100) DEFAULT NULL COMMENT '项ç®æè¿°',
`bsm` varchar(100) NOT NULL COMMENT 'BSM'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4
åä¸è½½çæ¼æ´å表第ä¸è¡ä¸ºä¸æåæ é¢ï¼å¦æç´æ¥å¯¼å ¥ï¼ä¼åºç°å¦ä¸æ¥éï¼
æ们éè¦å¯¹ç¬¬ä¸è¡åæ é¢è¿è¡ä¿®æ¹ï¼æ¹æä¸webbugsec表ç¸å¯¹åºçå段ï¼å ·ä½ä»£ç å¦ä¸æ示ï¼
Python
with open("emg_20220826.csv", 'r', encoding='utf8') as f:
msg = f.read()
msg = msg.replace(
"æ¼æ´ID,æ¼æ´å称,ä¿®å¤ç´§æ¥åº¦,å½±åèµäº§ID ,å½±åèµäº§IPï¼å
¬ç½ï¼,å½±åèµäº§IPï¼ç§ç½ï¼,å½±åèµäº§å¤æ³¨å称,é¦æ¬¡åç°æ¶é´,æè¿ä¸æ¬¡åç°æ¶é´,å¤çæ¶é´,æ¼æ´è¯´æ,æ¼æ´ç¶æ,ä¿®å¤å½ä»¤,CVEç¼å·,æ ç¾,ä¿®å¤å»ºè®®",
'id,vulnerability,urgency_level,affected_assets_id,affected_assets_ip_internet,affected_assets_ip_intranet,affected_assets_name,first_detect_time,last_detect_time,handle_time,note,status,fix_command,cve_id,tags,suggestion')
with open("emg_20220826.csv", 'w', encoding='utf8') as f:
f.write(msg)
è¿è¡ä»£ç åï¼å¯ä»¥çå°ç¬¬ä¸è¡åæ é¢å·²è¿è¡ä¿®æ¹ï¼å¦ä¸å¾æ示ï¼
å©ä¸çå°±æ¯å°csvä¸çæ°æ®å¯¼å ¥å°webbugsec表ä¸ï¼å¹¶åcode表è¿è¡è¿è¡¨æ¥è¯¢ï¼å°å个æ¼æ´ä¿¡æ¯ä¸ä¾åºåä¿¡æ¯ç¸ç»åï¼å¹¶å¯¼åºæEXCELè¡¨æ ¼ï¼ä»£ç å¦ä¸æ示ï¼
Python
#导å
¥æé模å
import pandas as pd #as表示ç»è¿ä¸ªæ¨¡ååå«åï¼è°ç¨è¿ä¸ªæ¨¡åçæ¶åç´æ¥ç¨å«åå°±å¯ä»¥äº
from urllib import parse #表示使ç¨ullib模åä¸çparseæ¹æ³
from sqlalchemy import create_engine
#请填åæ°æ®åºè¿æ¥ä¿¡æ¯
user = "root"
password = "xxx"
host = "127.0.0.1"
db = "db_name"
pwd = parse.quote_plus(password) #æ¯å°ä¸äºç¹æ®çå符串转æ¢ä¸ºåºå®çä¸äºç¬¦å·åæ¯æ°åç»åï¼è¥æ¯å¯ç ä¸å«æç¹æ®å符ï¼å¨è¿æ¥æ°æ®åºçæ¶åä¹ä¸ä¼æ¥éã
engine = create_engine(f"mysql+pymysql://{user}:{pwd}@{host}:3306/{db}?charset=utf8") #å建ä¸ä¸ªå¼æ对象ï¼åå§åæ°æ®åºè¿æ¥
connection = engine.connect() #å建ä¸ä¸ªè¿æ¥å¯¹è±¡
#æ¸
空webbugsec表ä¸çæææ°æ®
with engine.begin() as conn:
conn.execute("truncate table webbugsec")
#æ£æ¥webbugsec表æ¯å¦æ¸
空
print(pd.read_sql(sql="select * from webbugsec;", con=engine))
#读åxlsxæ件
df=pd.read_csv("emg_20220826.csv")
#导å
¥å°mysqlæ°æ®åºä¸çwebbugsec表ä¸ï¼å¦æåå¨åæ¿æ¢
df.to_sql(name='webbugsec', con=engine, index=False, if_exists='append')
#è¿è¡¨æ¥è¯¢æ们éè¦çæ°æ®ï¼å¯æç
§èªå·±çéæ±è¿è¡è°æ´
db = pd.read_sql(sql="select w.affected_assets_name as 'å½±åèµäº§å¤æ³¨å称',c.code as 'CODE',c.project_description as '项ç®æè¿°',c.bsm as 'BSM',w.affected_assets_id as 'å½±åèµäº§ID',w.affected_assets_ip_internet as 'å½±åèµäº§IPï¼å
¬ç½ï¼',w.affected_assets_ip_intranet as 'å½±åèµäº§IPï¼ç§ç½ï¼',w.vulnerability as 'æ¼æ´å称', w.note as 'æ¼æ´è¯´æ',w.suggestion as 'ä¿®å¤å»ºè®®' from webbugsec w,code c where w.affected_assets_id=c.affected_assets_id ORDER BY c.code ASC;",con=engine)
#å°æ¥æ¾å°çå
容导åºå°åºæ¥æ¼æ´_20220826.xlsx表ä¸
excel_o_file_name="./åºæ¥æ¼æ´_20220826.xlsx"
excel_o_file = pd.ExcelWriter(excel_o_file_name)
db.to_excel(excel_o_file, index=False, encoding='utf-8', sheet_name='Sheet1')
excel_o_file.save()
#å
³éæ°æ®åºè¿æ¥
connection.close()
æ§è¡ä¸é¢ç代ç åï¼å¯¼åºçEXCELè¡¨æ ¼å 容ï¼å¦ä¸å¾æ示ï¼
8ãéç¥
é®ä»¶éç¥
å¦ä¸ä¸ºåéé®ä»¶ç代ç ï¼
Python
import smtplib
from urllib import parse
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
def send_mail(MAIL_SERVER, MAIL_USERNAME, MAIL_PASSWORD, accept_list, Cc_list, SUBJECT, text, file_name):
message = MIMEMultipart()
message['From'] = MAIL_USERNAME # å件人
message['To'] = ";".join(accept_list) # æ¶ä»¶äººï¼å°å表转æ¢ä¸ºå符串
message["Cc"] = ";".join(Cc_list) # æé人ï¼å°å表转æ¢ä¸ºå符串
message['Subject'] = SUBJECT # é®ä»¶ä¸»é¢
message.attach(MIMEText(text, 'plain', 'utf-8')) # æ ¼å¼åé®ä»¶å
容ï¼ç¼ç 为utf-8
att1 = MIMEText(open(file_name, 'rb').read(), 'base64', 'utf-8') # æ·»å é件
att1["Content-Type"] = 'application/octet-stream' # 设置类å
#é件å称为ä¸ææ¶çåæ³
att1.add_header('Content-Disposition', 'attachment', filename = "åºæ¥æ¼æ´_20220831.xlsx")
#é件å称éä¸ææ¶çåæ³
#att1["Content-Disposition"] = 'attachment; filename="{0}"'.format(parse.quote_plus("åºæ¥æ¼æ´_20220831.xlsx")) # 设置é®ä»¶ç¨ç°å®çå称
message.attach(att1)
try:
#使ç¨25端å£ï¼ä¸å¯ç¨ssl
#mailServer = smtplib.SMTP(MAIL_SERVER, 25)
#使ç¨465端å£ï¼å¯ç¨ssl
mailServer = smtplib.SMTP_SSL(MAIL_SERVER, 465)
# ç»å½é®ç®±
mailServer.login(MAIL_USERNAME, MAIL_PASSWORD) # éè¦çæ¯ï¼é®ç®±çå°ååææå¯ç
# åéæ件
mailServer.sendmail(MAIL_USERNAME, accept_list + Cc_list, message.as_string())
mailServer.close() # å
³éè¿æ¥
return True
except Exception as e:
print(e)
return False
def main():
MAIL_SERVER = '' # smtpæå¡å¨
MAIL_USERNAME = '' # å件人
MAIL_PASSWORD = '' # åéè
ææç æå¯ç
accept_list = ['', ] # æ¶ä»¶äººï¼å¤ä¸ªæ¶ä»¶äººç¨å表çæ¹å¼å¡«å
Cc_list = ['',] # æé人ï¼å¤ä¸ªæé人ç¨å表çæ¹å¼å¡«å
SUBJECT = "äºå®å
¨ä¸æ¼æ´ç®¡ç" # 主é¢
text = "äºå®å
¨ä¸å¿æ¼æ´ç®¡ç:\nåºæ¥æ¼æ´:emg_20220729.xlsxæ件大å°[33kb]" # å
容
file_name = "./åºæ¥æ¼æ´_20220831.xlsx" # é件路å¾
print(send_mail(MAIL_SERVER, MAIL_USERNAME, MAIL_PASSWORD, accept_list, Cc_list, SUBJECT, text, file_name))
if __name__ == '__main__':
main()
æ¶å°çé®ä»¶å 容å¦ä¸å¾æ示ï¼
éééç¥
å®è£ éééç¥æ¨¡å
Python
pip install DingtalkChatbot
æå¨æºå¨äººçå ³é®åä¸å®ä¹äºãéç¥ãå ³é®åï¼æ们æ¥çå¦ä¸ä»£ç æ¥å®ç°åéæ¶æ¯ï¼
Python
from dingtalkchatbot.chatbot import DingtalkChatbot
# åå§åæºå¨äºº
xiaoding = DingtalkChatbot('è¿éå¡«åWebHookå°å')
# Textæ¶æ¯å¹¶@æå®ç¨æ·
xiaoding.send_text(msg="è¿éå¡«åéç¥å
容", at_mobiles=['è¿éå¡«åè¦@çç¨æ·ä¸ééç»å®çææºå·',])
éé群éå°ä¼æ¶å°è¿æ ·ä¸æ¡éç¥ï¼
å¦å¤æå ä¸äºæ¥çæ件大å°å使ç¨markdownæ ¼å¼çéééç¥ï¼ä»£ç å¦ä¸æ示ï¼
Python
from dingtalkchatbot.chatbot import DingtalkChatbot
import os
# åå§åæºå¨äºº
xiaoding = DingtalkChatbot('è¿éå¡«åWebHookå°å')
# æ¥ç导åºçè¡¨æ ¼å¤§å°
filesize = int(os.path.getsize("./åºæ¥æ¼æ´_20220831.xlsx")/1024)
# 使ç¨markdownæ ¼å¼åééééç¥ï¼å¹¶@æå®äººå
xiaoding.send_markdown(title="äºå®å
¨ä¸å¿æ¼æ´ç®¡ç",text='### äºå®å
¨ä¸å¿æ¼æ´ç®¡ç\n\n**åºæ¥æ¼æ´:**emg_20220729.xlsxæ件大å°[{}kb]\n\n'.format(filesize), at_mobiles=['è¿éå¡«åè¦@çç¨æ·ä¸ééç»å®çææºå·', ])
æç»éééç¥çææï¼
9ãå®æ¶ä»»å¡
ç产ç¯å¢æ¯å¨æ¯ä¸ªæ第ä¸å¨çå¨åæè¡¥ä¸ï¼éç产ç¯å¢æ¯ç¬¬äºå¨çå¨åãæ以éè¦å¨è¿ä¹åï¼ç¬¬äºå¨çå¨ä¸å°æ¼æ´å表ç»å¯¼åºæ¥ãä¸é¢æ¯æç¨crontabåçå®æ¶ä»»å¡ï¼
Python
[root@iZuf6d2ri21ufpdxZ ~]# crontab -l
#é¿éäºäºå®å
¨ä¸å¿æ¼æ´ä»»å¡
10 8 8 * * /usr/local/bin/python3 /usr/local/aliyun/ali-secemg.py
10ãæ»ç»
a. èæ¬å ·æå¯å¤ç¨è¡ï¼å¯ä»¥å¨å ¶ä»é¡¹ç®æè ä¾åºåä¸ä½¿ç¨ã
b. ç±äºèæ¬æ¯å®æèªå¨æ§è¡çï¼æ以ä¸åå¨éå¿åæ§è¡è¿ç¨ä¸çç忽ã
c. éè¦çæ¯æ´å¥½å°å©ç¨èµæºï¼å°ç¹ççä»»å¡èªå¨åï¼å¯ä»¥æé«åç¡®æ§åè¿ç»´äººåç积ææ§ï¼å°è¿ç»´äººå解è±åºæ¥ï¼æå ¥æ´å¤ç²¾åæå ¥å°éè¦çäºæ ä¸ã
ä¸ãåç±»å®å ¨å·¥å ·æ¨è
1ãå®æåºçº¿æ«æ
æ¨è使ç¨TiOPSæè å¼æºç软件æè ç¼åçèæ¥shellãpowershell
2ãwebæ¸éæµè¯
æ¨è使ç¨BurpsuiteãNessusãAppscanãAWVSãQualysGuard ãNetsparkerç
3ãç³»ç»è¡¥ä¸æ´æ°
å大ååå®æ¹æºæèªå»ºçæº Windowsæ建WSUS Linux yumä»åºæº