import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Iterator;
import java.util.List;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.Element;
import org.dom4j.io.SAXReader;
public class PaserNessus {
public static void main(String[] args) {
// TODO Auto-generated method stub
setupDB();
}
public static Connection getConnection() throws SQLException, java.lang.ClassNotFoundException, IOException {
Class.forName("com.mysql.jdbc.Driver");
String url = "jdbc:mysql://192.168.140.128:3306/nvd";
String userName = "root";
String password = "";
Connection con = DriverManager.getConnection(url, userName, password);
return con;
}
public static void setupDB() {
try {
// String filename = "nvdcve-2008.xml";
Connection con = getConnection();
Statement sql = con.createStatement();
sql.execute("drop table if exists nessus"); // ,primary key(id)
sql.execute(
"create table nessus(host_ip varchar(20) not null,operating_system varchar(160) not null default 'undefined',svc_name varchar(100) not null default 'undefined',protocol varchar(100) not null default 'undefind',port varchar(20) not null default 'unefined',cve varchar(20) not null default 'unefined');");
SAXReader saxReader = new SAXReader();
String fname = "D:\\JavaProject\\AttacKGraph\\src\\scan.nessus";
Document document = saxReader.read(fname);
Element root = document.getRootElement().element("Report");
List entry = root.selectNodes("ReportHost");
Iterator ent = entry.iterator();
while (ent.hasNext()) {
Element id = (Element) ent.next();
Element hostProperties = id.element("HostProperties");
String host_ip = "";
String operating_system = "";
List tags = hostProperties.elements();
Iterator it = tags.iterator();
while (it.hasNext()) {
Element element = (Element) it.next();
if ("host-ip".equalsIgnoreCase(element.attributeValue("name"))) {
host_ip = element.getText();
} else if ("operating-system".equalsIgnoreCase(element.attributeValue("name"))) {
operating_system = element.getText();
}
}
List reportItems = id.elements("ReportItem");
Iterator iterator = reportItems.iterator();
while (iterator.hasNext()) {
Element reportItem = (Element) iterator.next();
String svc_name = reportItem.attributeValue("svc_name");
String protocol = reportItem.attributeValue("protocol");
String port = reportItem.attributeValue("port");
String cve = reportItem.elementText("cve");
String insert = "insert nessus values('" + host_ip + "','" + operating_system + "','" + svc_name
+ "','" + protocol + "','" + port + "','" + cve + "')";
sql.execute(insert);
}
}
sql.close();
con.close();
} catch (java.lang.ClassNotFoundException e) {
System.err.println("ClassNotFoundException:" + e.getMessage());
} catch (SQLException ex) {
System.err.println("SQLException:" + ex.getMessage());
} catch (DocumentException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
利用dom4j 对nessus xml文件解析,并存入mysql
最新推荐文章于 2023-09-28 15:07:22 发布