import os
import re
import psutil
import socket
import winreg
import platform
import wmi
import uuid
import sys
import time
import string
if os.path.exists(r'D:\巡检脚本.txt'):
os.remove(r'D:\巡检脚本.txt')
else:
pass
def software_name(): # 获取软件安装列表
print('获取程序安装列表...')
sub_key = [r'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall',
r'SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall']
software_name = []
# software_name=iter(software_name)
for i in sub_key:
key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, i, 0, winreg.KEY_ALL_ACCESS)
for j in range(0, winreg.QueryInfoKey(key)[0] - 1):
try:
key_name = winreg.EnumKey(key, j)
key_path = i + '\\' + key_name
each_key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, key_path, 0, winreg.KEY_ALL_ACCESS)
DisplayName, reg_sz = winreg.QueryValueEx(each_key, 'DisplayName')
DisplayName = DisplayName.lstrip()
software_name.append("('"+DisplayName+"')")
except WindowsError:
pass
software_name = list(set(software_name))
software_name = sorted(software_name)
software_name = ','.join(software_name)
query='insert into Application (NAME) values {};'.format(software_name)
return query
def account(): # 本地账户检查
print('检查本地账户情况...')
try:
admin_info = os.popen('net localgroup administrators').read()
administrators = re.findall(r'-\n(.+?)命令成功完成', admin_info, re.S)[0] # 管理组
users_info = os.popen('net localgroup users').read()
users = re.findall(r'-\n(.+?)命令成功完成', users_info, re.S)[0] # 用户组
guest_info = os.popen('net user guest').read()
guest = re.findall(r'帐户启用(.+?)帐户到期', guest_info, re.S)[0].replace(' ', '').replace('\n', '') # guest账户是否禁止
if guest == 'No':
guest_able = 'guest账户已禁用'
elif guest == 'Yes':
guest_able = '注意,guest账户未禁用!'
account = '管理组:\n{}\n用户组:\n{}\n{}'.format(administrators, users, guest_able)
return account
except:
print('无法获取本地账户信息')
def tasklist(): # 获取进程列表
print('获取进程列表...')
process=[]
for i in psutil.process_iter():
try:
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
except psutil.NoSuchProcess:
pass
process=','.join(process)
query = 'insert into Process (NAME,PID,STATUS,STARTED) values {};'.format(process)
return query
def service(): # 获取已启用的服务
print('获取服务列表...')
a = wmi.WMI()
b = a.Win32_Service()
try:
a = wmi.WMI()
b = a.Win32_Service()
c = []
for i in b:
c.append("("+'"'+str(i.name)+'"'+","+'"'+str(i.Caption)+'"'+","+'"'+str(i.Description).replace('"','')+'"'+","+'"'+str(i.Status)+'"'+","+'"'+str(i.State)+'"'+")")
c = list(set(c))
c = sorted(c)
c = ','.join(c)
query = 'insert into Service (NAME,CAPTION,DESCRIPTION,STATUE,STATE) values {};'.format(c)
return query
except TypeError as e:
print('输出错误',e)
def schtasks(): # 获取计划任务
print('获取计划任务...')
try:
schtasks_info = os.popen('schtasks.exe').read()
schtasks = re.findall(r'\n(.+?)文件夹:', schtasks_info, re.S)[0]
return schtasks
except:
print('无法获取计划任务信息')
def firewall(): # 获取防火墙信息
print('获取防火墙信息...')
try:
firewall_info = os.popen('netsh firewall show state').read()
firewall = re.findall(r'\n(.+?)重要信息', firewall_info, re.S)[0]
return firewall
except:
print('无法获取防火墙信息')
def hardware(): # 获取硬件信息
query=[]
print('获取硬件信息...')
#CPU
i = wmi.WMI()
for i in i.Win32_Processor():
cpu = [
'"'+platform.machine()+'"',
'"'+ platform.processor()+'"',
'"'+ i.ProcessorId.strip()+'"',
'"'+ i.Name+'"',
'"'+ str(i.NumberOfCores)+'"',
]
cpu=','.join(cpu)
#内存
memory = psutil.virtual_memory()
total_nc = round(( float(memory.total) / 1024 / 1024 / 1024), 2) # 总内存
used_nc = round(( float(memory.used) / 1024 / 1024 / 1024), 2) # 已用内存
free_nc = round(( float(memory.free) / 1024 / 1024 / 1024), 2) # 空闲内存
syl_nc = round((float(memory.used) / float(memory.total) * 100), 2) # 内存使用率
ret_list = ['"'+str(total_nc)+'"','"'+ str(used_nc)+'"','"'+ str(free_nc)+'"','"'+ str(syl_nc)+'%'+'"']
ret_list=','.join(ret_list)
#MAC地址
node = uuid.getnode()
mac = '"'+str(uuid.UUID(int=node).hex[-12:])+'"'
#硬盘型号
c = wmi.WMI()
for d in c.Win32_DiskDrive():
disk=[
'"' +str(d.Caption)+ '"',
'"' + str(int(d.Size) // 1024 // 1024 // 1024) + '"']
disk = ','.join(disk)
query.append('insert into Hardware (CPUODM,CPUPROCESSOR,CPUSTRIP,CPUNAME,CPUCORESNUM,MEMTOTAL,MEMUSED,MEMFREE,MEMUSEPERCENT,MACADD,DISKCAPTION,DISKSIZE) values ({},{},{},{});'.format(cpu,ret_list,mac,disk))
#硬盘分区
disk_list=[]
for x in string.ascii_uppercase:
if os.path.isdir(x+':'):
disk_list.append(x)
disk =[]
for y in disk_list:
disk.append("("+'"'+str(y)+'"'+","+'"'+str(int( psutil.disk_usage(y+':/').total / (1024.0 * 1024.0 * 1024.0))) +'"'+","+'"'+str(int( psutil.disk_usage(y+':/').free / (1024.0 * 1024.0 * 1024.0))) +'",'+'"'+str(round((( psutil.disk_usage(y+':/').used / psutil.disk_usage(y+':/').total)*100),2)) +'%'+'"'+")")
disk = list(set(disk))
disk = sorted(disk)
disk=','.join(disk)
query.append('insert into Disklist (VOLUME,TOTAL,FREE,USEPERCENT) values {};'.format(disk))
#网卡
netcard_info = []
info = psutil.net_if_addrs()
for k,v in info.items():
for item in v:
if item[0] == 2 and not item[1]=='127.0.0.1':
a=('("'+str(k)+'",'+'"'+str(item[1])+'")')
netcard_info.append(a)
netcard_info=','.join(netcard_info)
query.append('insert into Netcard (NAME,IP) values ({});'.format(netcard_info))
query='\n'.join(query)
return query
def system(): # 获取操作系统信息
print('获取操作系统信息...')
system = [
'"'+str(platform.platform())+'"',
'"'+str(platform.version())+'"',
'"'+ str(platform.architecture())+'"',
'"'+ str(platform.machine())+'"',
'"'+ str(platform.node())+'"',
'"'+ str(platform.processor())+'"',
'"'+ str(platform.system())+'"']
system = ','.join(system)
try:
key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, r'SOFTWARE\Microsoft\InetStp')
iis = '"'+ str(winreg.QueryValueEx(key, 'VersionString')[0])+'"'
except:
iis='"获取iis信息失败"'
key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, r'SOFTWARE\UIH\UPLUS\MachineFingerPrint')
license = '"'+ str(winreg.QueryValueEx(key, 'FingerPrint')[0])+'"'
query='insert into System (PLATEFORM,VERSION,ARCHITECTURE,MACHINE,NODE,PROCESSOR,SYSTEM,IISVERSION,FINGERPRINT) values ({},{},{});'.format(system,iis,license)
return query
def act_info():
print('获取动态信息...')
query=[]
act_info=[]
a= '"'+str(round((psutil.cpu_percent()),2))+'%'+'"'
act_info.append(a)
a='"'+str(round((((psutil.virtual_memory().total - psutil.virtual_memory().free) / (psutil.virtual_memory().total))*100),2))+'%'+'"'
act_info.append(a)
act_info=','.join(act_info)
query.append('insert into MemCPU (CPUPERCENT,MEMPERCENT) values ({});'.format(act_info))
disk_list=[]
for c in string.ascii_uppercase:
if os.path.isdir(c+':'):
disk_list.append(c)
disk =[]
for i in disk_list:
disk.append("("+'"'+str(i)+'"'+","+'"'+str(int( psutil.disk_usage(i+':/').free / (1024.0 * 1024.0 * 1024.0))) + "G"+'"'+","+'"'+str(round((( psutil.disk_usage(i+':/').used / psutil.disk_usage(i+':/').total)*100),2)) +'%'+'"'+")")
disk = list(set(disk))
disk = sorted(disk)
disk=','.join(disk)
query.append('insert into Disklist (VOLUME,FREE,USEPERCENT) values {};'.format(disk))
query='\n'.join(query)
return query
def net():
print('获取当前网速...')
def service_uih(): # 获取已启用的服务
print('获取UIH开头的服务状态...')
a = wmi.WMI()
b = a.Win32_Service()
try:
a = wmi.WMI()
b = a.Win32_Service()
c = []
for i in b:
if ('uih').upper() in (i.Caption).upper() :
c.append("("+'"'+str(i.name)+'"'+","+'"'+str(i.Caption)+'"'+","+'"'+str(i.Description).replace('"','')+'"'+","+'"'+str(i.Status)+'"'+","+'"'+str(i.State)+'"'+")")
else:
pass
c = list(set(c))
c = sorted(c)
c = ','.join(c)
query = 'insert into Service_UIH (NAME,CAPTION,DESCRIPTION,STATUE,STATE) values {};'.format(c)
return query
except TypeError as e:
print('输出错误',e)
def task_uih():
print("获取进程...")
process=[]
for i in psutil.process_iter():
try:
if 'UIH'.upper() in str(i).upper():
#a=i.as_dict(attrs=['name','pid','status'])
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
else:
pass
except psutil.NoSuchProcess:
pass
process=','.join(process)
query = 'insert into Process_UIH (NAME,PID,STATUS,STARTED) values {};'.format(process)
return query
#中间件服务状态(mysql,redis,tomcat,nginx)
def uih_midservice():
print('获取中间件服务状态...')
a = wmi.WMI()
b = a.Win32_Service()
try:
a = wmi.WMI()
b = a.Win32_Service()
c = []
for i in b:
if ('mysql').upper() in (i.Caption).upper() or ('redis').upper() in (i.Caption).upper() or ('tomcat').upper() in (i.Caption).upper() or ('nginx').upper() in (i.Caption).upper():
c.append("("+'"'+str(i.name)+'"'+","+'"'+str(i.Caption)+'"'+","+'"'+str(i.Description).replace('"','')+'"'+","+'"'+str(i.Status)+'"'+","+'"'+str(i.State)+'"'+")")
else:
pass
c = list(set(c))
c = sorted(c)
c = ','.join(c)
query = 'insert into Service_Middle (NAME,CAPTION,DESCRIPTION,STATUE,STATE) values {};'.format(c)
return query
except TypeError as e:
print('输出错误',e)
def uih_midtask():
print('获取中间件进程状态...')
process=[]
for i in psutil.process_iter():
try:
if 'mysql'.upper() in str(i).upper():
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
if 'redis'.upper() in str(i).upper():
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
if 'nginx'.upper() in str(i).upper():
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
if 'tomcat'.upper() in str(i).upper():
process.append("("+'"'+str(i.name())+'"'+","+'"'+str(i.pid)+'"'+","+'"'+str(i.status())+'"'+ ","+'"'+str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(i.create_time())))+'"'+ ")")
except psutil.NoSuchProcess:
pass
process=','.join(process)
query = 'insert into Process_Middle (NAME,PID,STATUS,STARTED) values {};'.format(process)
return query
def uih(): #产品信息
path = 'D:/UIH'
dirs = os.listdir(path)
uih = []
for a in dirs:
if 'uih'.upper() in a.upper():
uih.append(a)
info=[]
for a in uih:
try:
with open(r'D:/UIH/' + a + r'/CurrentVersion.txt') as b:
c = b.read()
if '\n' in c:
c = c.replace('\n', '')
except:
c= '无版本文件'
try:
with open(r'D:/UIH/' + a + r'/HotfixVersion.txt') as d:
e = f.read()
if '\n' in e:
e = e.replace('\n', '')
except:
e= '无补丁版本文件'
info.append(('("'+str(a)+'",'+'"'+str(c)+'",'+'"'+str(e)+'")'))
info = ','.join(info)
query = 'insert into UIH (PRODUCT,VERSION,HOTFIX) values {};'.format(info)
return query
act_info=act_info()
service_uih=service_uih()
task_uih=task_uih()
uih_midservice=uih_midservice()
uih_midtask=uih_midtask()
software_name = software_name()
system = system()
account = account() #还未改造
service = service()
hardware = hardware()
uih=uih()
try:
report = '----------------\n--【获取动态信息】:\n{}\n----------------\n--【UIH开头的服务状态信息】:\n{}\n----------------\n--【获取uih开头的进程状态】:\n{}\n----------------\n--【获取中间件服务状态...】:\n{}\n----------------\n--【获取中间件进程状态】:\n{}\n----------------\n--【产品部署信息】:\n{}\n----------------\n--【硬件信息】:\n{}\n----------------\n--【账户信息】:\n{}\n----------------\n--【操作系统信息】:\n{}\n----------------\n--【组件安装列表】:\n{}\n----------------\n--【服务列表】:\n{}\n----------------\n'.format(
act_info,service_uih,task_uih,uih_midservice,uih_midtask, uih,hardware, account, system, software_name, service)
with open("D:/巡检脚本.txt", "a") as f:
f.write(report)
print('文件D:/巡检脚本.txt已经生成!')
except:
print('注意查看waf杀软等是否拦截本程序')