【4】Golismero报表编写-ReportPlugin插件编写

最新推荐文章于 2022-02-23 14:22:41 发布

天天睡懒觉的墨鱼

最新推荐文章于 2022-02-23 14:22:41 发布

阅读量1.5k

点赞数

分类专栏： Web扫描文章标签： golismero web扫描器插件编写 reportplugin

本文链接：https://blog.csdn.net/hujkay/article/details/13504331

版权

Web扫描专栏收录该内容

9 篇文章 0 订阅

订阅专栏

瞬息万变，匆匆至碌

地址： http://blog.csdn.net/hujkay

作者：Jekkay Hu(34538980@qq.com)

关键词：golismero, web扫描器，插件编写

时间： 2013/10/29

4. 报表插件

报表插件(ReportPlugin)是用于在扫描完成后，将扫描结果输出为特定格式的的插件，它的接口类是：

接口

class golismero.api.plugin.ReportPlugin

基类

+ golismero.api.plugin.Plugin

+ Object

该类的接口方法如下：

接口方法	说明
_init_	x.__init__(...) initializes x; see help(type(x)) for signature
generate_report(output_file)	Run plugin and generate the report. This is the entry point for Report plugins, where most of the logic resides. Parameters: output_file (str) – Output file to generate.
is_supported(output_file)	Determine if this plugin supports the requested file format. Tipically, here is where Report plugins examine the file extension. Parameters: output_file (str) – Output file to generate. Returns: True if this plugin supports the format, False otherwise. Return type: bool
state	Returns: Shared plugin state variables. Return type: PluginState
update_status(progress=None)	Plugins can call this method to tell the user of the current progress of whatever the plugin is doing. Warning Do not override this method! Note This method may not be supported in future versions of GoLismero. Parameters: progress (float \| None) – Progress percentage [0, 100] as a float, or None to indicate progress can’t be measured.

下面我就以写一个报表插件vul，用输出XML格式的漏洞列表。

1. 新建配置文件plugins/report/vul.golismero，定义插件的相关描述信息，其内容如下：

[Documentation]

Name = vul Report

Description = Writes XML text reports about Vulnerabilities.

Author = Jekkay Hu

Version = 0.1

Website = http://blog.csdn.net/hujkay

License = GNU Public License

2. 新建插件vul实现文件plugins/report/vul.py，其代码内容如下：

#!/usr/bin/env python

# -*- coding: utf-8 -*-

from golismero.api.data import Data

from golismero.api.data.db import Database

from golismero.api.plugin import ReportPlugin, get_plugin_name

class VulReport(ReportPlugin):

def __init__(self):

super(VulReport,self).__init__()

self._fd = None

def is_supported(self, output_file):

"""

judge if support output file

"""

return (

output_file

and output_file.lower().endswith(".vul")

)

def generate_report(self, output_file):

with open(output_file, mode='w') as self.__fd:

self.__write_report()

def __iterate(self, data_type = None, data_subtype = None):

if Database.count(data_type, data_type) < 100:

return Database.get_many(

Database.keys(data_type=data_type, data_subtype=data_subtype)

)

return Database.iterate(data_type=data_type, data_subtype=data_subtype)

def __write_report(self):

count = Database.count(Data.TYPE_VULNERABILITY)

print >> self._fd, r"<vulroot version='1.0' amount='%d' >" % count

if count <= 0:

print >> self._fd, r"</vulroot>"

return

vuln_types = { v.display_name: v.vulnerability_type for v in self.__iterate(Data.TYPE_VULNERABILITY) }

titles = vuln_types.keys()

titles.sort()

if "Uncategorized Vulnerability" in titles:

titles.remove("Uncategorized Vulnerability")

titles.append("Uncategorized Vulnerability")

for title in titles:

data_subtype = vuln_types[title]

print >> self.__fd, r" <vuls title='%s' data_subtype='%s'>" % (title, data_subtype)

for vuln in self.__iterate(Data.TYPE_VULNERABILITY, data_subtype):

print >> self.__fd, r" <vul>"

print >> self.__fd, r" <Occurrence ID='%s'/>" % (vuln.identity)

print >> self.__fd, r" <Title>%s</Title>" % (vuln.title)

print >> self.__fd, r" <Foundby>%s</Foundby>" % get_plugin_name(vuln.plugin_id)

print >> self.__fd, r" <Level>%s</Level>" % str(vuln.level)

print >> self.__fd, r" <Impact>%s</Impact>" % str(vuln.impact)

print >> self.__fd, r" <Severity>%s</Severity>" % str(vuln.severity)

print >> self.__fd, r" <Risk>%s</Risk>" % str(vuln.risk)

print >> self.__fd, r" <Description>%s</Description>" % str(vuln.description)

print >> self.__fd, r" <Solution>%s</Solution>" % str(vuln.solution)

print >> self.__fd, r" </vul>"

print >> self.__fd, r" </vuls>"

print >> self._fd, r"</vulroot>"

3. 启动命令

python golismero.py -nd -e spider -e findadminpage -o result.vul 127.0.0.1 -r 3

4. 执行完之后，查看文件result.vul内容：

<vul>

<Title>User attention required by: testing/scan/findadminpage</Title>

<Foundby>testing/scan/findadminpage</Foundby>

<Level>informational</Level>

<Description>Find the admin webpage [http://127.0.0.1/admin.html] </Description>

<Solution>No additional details are available.</Solution>

</vul>

</vuls>

BTW，爬虫一直是非常耗时的，而Golismero从版本2.0.0开始已经可以支持自定爬虫深度和插件处理资源的深度（事实上，爬虫也是一种插件），比如使用参数 -r 2，那么所有的插件都只会处理深度为2以内的url等资源，而‘-r inf’表示无限，但是目前版本2.0.0b2中仍然存在一个小问题，就是不管设置深度为多少，爬虫插件都会抓取所有的页面，期待下个版本会加以优化。

Jekkay Hu，胡杨

2013/10/29

天天睡懒觉的墨鱼

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
【4】Golismero报表编写-ReportPlugin插件编写

瞬息万变，匆匆至碌地址： http://blog.csdn.net/hujkay作者：Jekkay Hu(34538980@qq.com)关键词：golismero, web扫描器，插件编写时间： 2013/10/204. 报表插件报表插件(ReportPlugin)是用于在扫描完成后，将扫描结果输出为特定格式的的插
复制链接

扫一扫