OpenVAS6到8的OpenVAS管理器和XML报表分析器
openvas-lib的Python项目详细描述
这个lib是什么?
此项目是一个python库,用于使用omp协议连接和管理openvas服务器。支持OpenVAS6、7、8和9(7和8版本仍处于试验阶段)
此外,您还可以解析和解释openvas xml报告。
为什么要这么做?
openvas有一个[官方的python库](https://pypi.python.org/pypi/openvas.omplib),但它不能与基于ompv4的版本(openvas 6)一起工作。
此外,官方库还有许多未修复的错误,它无法读取和解释xml报告。
许可证
此库是根据BSD第3条许可证发布的
python版本
目前,这个库只在Python2.7及更高版本下运行。未计划到Python3.x的端口。
错误、端口和新功能
请随意移植、修补或添加任何新功能到此库中,并向我们发送拉取请求。我们提前感谢您:)
快速启动
安装
从代码下载
要下载最新的源代码,请输入以下命令:
git clone https://github.com/golismero/openvas_lib.git
然后,在默认的python安装中安装库,运行以下命令:
python setup.py install
使用pip安装
pip install openvas_lib
管理openvas服务器
连接到服务器
fromopenvas_libimportVulnscanManager,VulnscanExceptiontry:scanner=VulnscanManager(HOST,USER,PASSWORD,PORT,TIMEOUT)exceptVulnscanExceptionase:print("Error:")print(e)
启动一个简单的扫描
fromopenvas_libimportVulnscanManager,VulnscanExceptionscanner=VulnscanManager(HOST,USER,PASSWORD,PORT,TIMEOUT)scan_id,target_id=scanner.launch_scan(target="127.0.0.1",# Target to scanprofile="Full and fast")
启动高级扫描
库支持回调。它们将每10秒运行一次,并报告扫描状态(“callback_progress”)或扫描结束(“callback_end”)。
fromthreadingimportSemaphorefromfunctoolsimportpartialfromopenvas_libimportVulnscanManager,VulnscanExceptiondefmy_print_status(i):print(str(i))defmy_launch_scanner():sem=Semaphore(0)# Configuremanager=VulnscanManager("localhost","admin","admin")# Launchmanager.launch_scan(target,profile="empty",callback_end=partial(lambdax:x.release(),sem),callback_progress=my_print_status)# WaitSem.acquire()# Finished scanprint("finished")
运行它:
>>>my_launch_scanner()# It can take some time010396090finished
获取扫描结果
from__future__importprint_functionfromopenvas_libimportVulnscanManager,VulnscanExceptionscanner=VulnscanManager(HOST,USER,PASSWORD,PORT,TIMEOUT)openvas_results=scanner.get_results(SCAN_ID)
删除扫描
from__future__importprint_functionfromopenvas_libimportVulnscanManager,VulnscanExceptionscanner=VulnscanManager(HOST,USER,PASSWORD,PORT,TIMEOUT)scanner.delete_scan(SCAN_ID)
删除目标
from__future__importprint_functionfromopenvas_libimportVulnscanManager,VulnscanExceptionscanner=VulnscanManager(HOST,USER,PASSWORD,PORT,TIMEOUT)scanner.delete_target(TARGET_ID)
分析OpenVAS XML报表
您可以使用test/文件夹中的示例报告作为“xml”扩展。此报告是使用metasploitable生成的 Linux发行版。
>>> from__future__importprint_function>>> fromopenvas_libimportreport_parser>>> results=report_parser("tests/metasploitable_all.xml")>>> print(results)[<openvas_lib.data.OpenVASResult object at 0x108f2d250>, <openvas_lib.data.OpenVASResult object at 0x108f2d290>, <openvas_lib.data.OpenVASResult object at 0x108e7fcd0>, <openvas_lib.data.OpenVASResult object at 0x108e88e90>, <openvas_lib.data.OpenVASResult object at 0x108e88050>, <openvas_lib.data.OpenVASResult object at 0x108e88410>, <openvas_lib.data.OpenVASResult object at 0x108e88550>, <openvas_lib.data.OpenVASResult object at 0x108f2d650>, <openvas_lib.data.OpenVASResult object at 0x108f2d750>, <openvas_lib.data.OpenVASResult object at 0x108f2d850>, <openvas_lib.data.OpenVASResult object at 0x108f2d950>, <openvas_lib.data.OpenVASResult object at 0x108f2da50>, <openvas_lib.data.OpenVASResult object at 0x108f2db50>, <openvas_lib.data.OpenVASResult object at 0x108f2dc50>, <openvas_lib.data.OpenVASResult object at 0x108eb56d0>, <openvas_lib.data.OpenVASResult object at 0x108eb5750>, <openvas_lib.data.OpenVASResult object at 0x108f2ded0>, <openvas_lib.data.OpenVASResult object at 0x108f2dfd0>, <openvas_lib.data.OpenVASResult object at 0x108f35110>, <openvas_lib.data.OpenVASResult object at 0x108eb5950>, <openvas_lib.data.OpenVASResult object at 0x108f35210>, <openvas_lib.data.OpenVASResult object at 0x108eb5a90>, <openvas_lib.data.OpenVASResult object at 0x108eb5ad0>, <openvas_lib.data.OpenVASResult object at 0x108f355d0>, <openvas_lib.data.OpenVASResult object at 0x108f356d0>, <openvas_lib.data.OpenVASResult object at 0x108eb5dd0>, <openvas_lib.data.OpenVASResult object at 0x108f357d0>, <openvas_lib.data.OpenVASResult object at 0x108eb5f90>, <openvas_lib.data.OpenVASResult object at 0x108e101d0>, <openvas_lib.data.OpenVASResult object at 0x108e10390>, <openvas_lib.data.OpenVASResult object at 0x108eb5d90>, <openvas_lib.data.OpenVASResult object at 0x108f35910>, <openvas_lib.data.OpenVASResult object at 0x108f35a10>, <openvas_lib.data.OpenVASResult object at 0x108f35b10>, <openvas_lib.data.OpenVASResult object at 0x108f35c10>, <openvas_lib.data.OpenVASResult object at 0x108f35d10>, <openvas_lib.data.OpenVASResult object at 0x108f35e10>, <openvas_lib.data.OpenVASResult object at 0x108f35f10>, <openvas_lib.data.OpenVASResult object at 0x108f3a050>, <openvas_lib.data.OpenVASResult object at 0x108e102d0>, <openvas_lib.data.OpenVASResult object at 0x108e10910>, <openvas_lib.data.OpenVASResult object at 0x108e10ad0>, <openvas_lib.data.OpenVASResult object at 0x108e10c10>, <openvas_lib.data.OpenVASResult object at 0x108f3a150>, <openvas_lib.data.OpenVASResult object at 0x108f3a250>, <openvas_lib.data.OpenVASResult object at 0x108f3a350>, <openvas_lib.data.OpenVASResult object at 0x108f3a450>, <openvas_lib.data.OpenVASResult object at 0x108f3a550>, <openvas_lib.data.OpenVASResult object at 0x108e10e50>, <openvas_lib.data.OpenVASResult object at 0x108e10e90>, <openvas_lib.data.OpenVASResult object at 0x108e28090>, <openvas_lib.data.OpenVASResult object at 0x108f3a750>, <openvas_lib.data.OpenVASResult object at 0x108f3a910>, <openvas_lib.data.OpenVASResult object at 0x108f3aa10>, <openvas_lib.data.OpenVASResult object at 0x108e28250>, <openvas_lib.data.OpenVASResult object at 0x108e28210>, <openvas_lib.data.OpenVASResult object at 0x108e28350>, <openvas_lib.data.OpenVASResult object at 0x108e28450>, <openvas_lib.data.OpenVASResult object at 0x108f3ad10>, <openvas_lib.data.OpenVASResult object at 0x108f3ae10>, <openvas_lib.data.OpenVASResult object at 0x108f3ac10>, <openvas_lib.data.OpenVASResult object at 0x108e287d0>, <openvas_lib.data.OpenVASResult object at 0x108e28890>, <openvas_lib.data.OpenVASResult object at 0x108e289d0>, <openvas_lib.data.OpenVASResult object at 0x108e28ad0>, <openvas_lib.data.OpenVASResult object at 0x108e28c10>, <openvas_lib.data.OpenVASResult object at 0x108f3e210>, <openvas_lib.data.OpenVASResult object at 0x108e28710>, <openvas_lib.data.OpenVASResult object at 0x108e28d90>, <openvas_lib.data.OpenVASResult object at 0x108e28ed0>, <openvas_lib.data.OpenVASResult object at 0x108e28f10>, <openvas_lib.data.OpenVASResult object at 0x108e28f90>, <openvas_lib.data.OpenVASResult object at 0x108f3e510>, <openvas_lib.data.OpenVASResult object at 0x108f3e610>, <openvas_lib.data.OpenVASResult object at 0x108f3e710>, <openvas_lib.data.OpenVASResult object at 0x108f3e810>, <openvas_lib.data.OpenVASResult object at 0x108f3e910>, <openvas_lib.data.OpenVASResult object at 0x108f3ea10>, <openvas_lib.data.OpenVASResult object at 0x108f3eb10>] # get properties from a vuln with more info >>> r=None>>> forxinresults: if x.id == "07cdd3dc-9f5b-4a75-a173-f7ca50bfb4f3": r = x >>> r.id'07cdd3dc-9f5b-4a75-a173-f7ca50bfb4f3' >>> r.host'10.211.55.35' >>> r.raw_description"\n Summary:\n The host is running MySQL and is prone to Denial Of Service\n vulnerability.\n\n Vulnerability Insight:\n The flaw is due to an error when processing the 'ALTER DATABASE' statement and\n can be exploited to corrupt the MySQL data directory using the '#mysql50#'\n prefix followed by a '.' or '..'.\n\n NOTE: Successful exploitation requires 'ALTER' privileges on a database.\n Impact:\n Successful exploitation could allow an attacker to cause a Denial of Service.\n Impact Level: Application\n\n Affected Software/OS:\n MySQL version priot to 5.1.48 on all running platform.\n\n Solution:\n Upgrade to MySQL version 5.1.48\n For updates refer to http://dev.mysql.com/downloads\n" >>> print(r.raw_description) Summary: The host is running MySQL and is prone to Denial Of Service vulnerability. Vulnerability Insight: The flaw is due to an error when processing the 'ALTER DATABASE' statement and can be exploited to corrupt the MySQL data directory using the '#mysql50#' prefix followed by a '.' or '..'. NOTE: Successful exploitation requires 'ALTER' privileges on a database. Impact: Successful exploitation could allow an attacker to cause a Denial of Service. Impact Level: Application Affected Software/OS: MySQL version priot to 5.1.48 on all running platform. Solution: Upgrade to MySQL version 5.1.48 For updates refer to http://dev.mysql.com/downloads >>> r.summary'The host is running MySQL and is prone to Denial Of Service vulnerability.' >>> r.vulnerability_insight"The flaw is due to an error when processing the 'ALTER DATABASE' statement and can be exploited to corrupt the MySQL data directory using the '#mysql50#' prefix followed by a '.' or '..'. NOTE: Successful exploitation requires 'ALTER' privileges on a database." >>> r.impact'Successful exploitation could allow an attacker to cause a Denial of Service. Impact Level: Application' >>> r.affected_software'MySQL version priot to 5.1.48 on all running platform.' >>> r.solution'Upgrade to MySQL version 5.1.48 For updates refer to http://dev.mysql.com/downloads' >>> r.threat'Medium' >>> r.port.number3306 >>> r.port.proto'tcp' >>> r.port.port_name'mysql'