-
-
[原创][分享]中小企业网站漏洞自监测脚本
-
发表于: 2016-8-1 21:00
-
中小公司,没事写个破脚本自己定时去主动瞅瞅自己公司有没有上榜、被爆了漏洞。
#!/usr/bin/python
# -*- coding: utf-8 -*-
import urllib2
import re
import urllib
import smtplib
from email.mime.text import MIMEText
import json
import sys
import string
class Vul_Monitor:
def __init__(self):
self.botianurl = "https://butian.360.cn/vul/list/page/"
self.wooyunurl = "" #暂时访问不了
self.vulboxurl = "" #暂时访问不了
self.result = {} # 临时存放漏洞爬到的结果..
def Butian(self):
for num in range(1,10):
request = urllib2.Request(self.botianurl+str(num))
content = urllib2.urlopen(request).read()
rule = re.compile(r'<a\shref="/vul/info/qid/QTVA-\d{4}-\d{6}">.*杭州.*</a>') #匹配公司name特定字符串
for line in re.findall(rule,content):
value = re.sub(r'(<a\shref="/vul/info/qid/QTVA-\d{4}-\d{6}">)|(</a>)','',line).strip()
key = line[9:39]
self.result[key] = value
#def Wooyun(self):
#def Vulbox(self):
def Send_Mail(self,content):
host = 'smtp.163.com'
port = 25
sender = 'test@qq.com' # 发送者
pwd = 'password' # 邮箱密码
receiver = ['test1@qq.com','test2@163.com'] #
body = '<h1>Security_vul</h1>'+content # 设置邮件正文
msg = MIMEText(body, 'html','utf-8') # 设置正文为符合邮件格式的HTML内容
msg['subject'] = 'Security_vul' # 设置邮件标题
msg['from'] = sender # 设置发送人
msg['to'] = ';'.join(receiver) # 设置接收人
#s = smtplib.SMTP(host, port) # 注意!如果是使用SSL端口,这里就要改为SMTP_SSL
s = smtplib.SMTP_SSL(host,port)
s.login(sender, pwd) # 登陆邮箱
s.sendmail(sender, receiver, msg.as_string())
return 'True'
cz = Vul_Monitor()
cz.Butian()
if cz.result:
if cz.Send_Mail(json.dumps(cz.result,ensure_ascii=False)):
print 'email 发送成功..'
else:
print 'email 发送失败..'
else:
print "未采集到关联漏洞信息.."
sys.exit(0)
代码保存下,丢进crontab,定2-3h跑一次。
#!/usr/bin/python
# -*- coding: utf-8 -*-
import urllib2
import re
import urllib
import smtplib
from email.mime.text import MIMEText
import json
import sys
import string
class Vul_Monitor:
def __init__(self):
self.botianurl = "https://butian.360.cn/vul/list/page/"
self.wooyunurl = "" #暂时访问不了
self.vulboxurl = "" #暂时访问不了
self.result = {} # 临时存放漏洞爬到的结果..
def Butian(self):
for num in range(1,10):
request = urllib2.Request(self.botianurl+str(num))
content = urllib2.urlopen(request).read()
rule = re.compile(r'<a\shref="/vul/info/qid/QTVA-\d{4}-\d{6}">.*杭州.*</a>') #匹配公司name特定字符串
for line in re.findall(rule,content):
value = re.sub(r'(<a\shref="/vul/info/qid/QTVA-\d{4}-\d{6}">)|(</a>)','',line).strip()
key = line[9:39]
self.result[key] = value
#def Wooyun(self):
#def Vulbox(self):
def Send_Mail(self,content):
host = 'smtp.163.com'
port = 25
sender = 'test@qq.com' # 发送者
pwd = 'password' # 邮箱密码
receiver = ['test1@qq.com','test2@163.com'] #
body = '<h1>Security_vul</h1>'+content # 设置邮件正文
msg = MIMEText(body, 'html','utf-8') # 设置正文为符合邮件格式的HTML内容
msg['subject'] = 'Security_vul' # 设置邮件标题
msg['from'] = sender # 设置发送人
msg['to'] = ';'.join(receiver) # 设置接收人
#s = smtplib.SMTP(host, port) # 注意!如果是使用SSL端口,这里就要改为SMTP_SSL
s = smtplib.SMTP_SSL(host,port)
s.login(sender, pwd) # 登陆邮箱
s.sendmail(sender, receiver, msg.as_string())
return 'True'
cz = Vul_Monitor()
cz.Butian()
if cz.result:
if cz.Send_Mail(json.dumps(cz.result,ensure_ascii=False)):
print 'email 发送成功..'
else:
print 'email 发送失败..'
else:
print "未采集到关联漏洞信息.."
sys.exit(0)
代码保存下,丢进crontab,定2-3h跑一次。
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
是黑帽把乌云坑里么
|
