python给批量图片添加文字脚本_AWVS 批量添加扫描/删除任务脚本

最新推荐文章于 2023-03-30 21:33:35 发布

独角兽邹教授

最新推荐文章于 2023-03-30 21:33:35 发布

阅读量297

点赞数

文章标签： python给批量图片添加文字脚本

本文链接：https://blog.csdn.net/weixin_35760849/article/details/112520505

版权

有时候拿到了一个文本的网址列表,需要做批量扫描的时候,用awvs的web界面批量添加目标扫描步骤很繁琐

这几天写了一个Python3的脚本把常用的功能抽离出来,方便操作

1.添加一个目标并扫描 -u

2.读取文本并扫描 -f

3.删除所有目标和扫描任务 -d

Python3代码

import requests
import hashlib
import json
import argparse
#公众号:漏洞推送
username = 'xxxx@qq.com'
password = 'xxxxx'
awvs_url = 'https://xx.xx.xx.xx:3443/'
class Awvs():
 awvs = ''
 headers = {
 'Content-Type': 'application/json;charset=UTF-8',
 }
 def __init__(self, awvs_url, username, password):
 self.awvs_url = awvs_url
 password = hashlib.sha256(password.encode()).hexdigest()
 info = {
 "email": username,
 "password": password,
 "remember_me": "false",
 "logout_previous":"true"
 }
 info = json.dumps(info)
 requests.packages.urllib3.disable_warnings()
 r = requests.session()
 try:
 X_Auth = r.post(self.awvs_url + 'api/v1/me/login', data=info, verify=False, headers=self.headers).headers['X-Auth']
 except:
 exit('awvs Login failed')
 self.headers['X-Auth'] = X_Auth
 self.awvs = r
 def addTarget(self,target_url):
 info = {
 "address": target_url,
 "description": '',
 'criticality':"10"
 }
 info = json.dumps(info)
 ret = self.awvs.post(self.awvs_url + 'api/v1/targets', data=info, verify=False, headers=self.headers).text
 ret = json.loads(ret)
 return ret['target_id']
 def scanTarget(self, target_id):
 info = '{"target_id":"xxxxxxxxxxxx","profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"start_date":null,"time_sensitive":false},"ui_session_id":"81ae275a0a97d1a09880801a533a0ff1"}'
 info = info.replace('xxxxxxxxxxxx', target_id)
 self.awvs.post(self.awvs_url+'/api/v1/scans',data=info, verify=False, headers=self.headers).text
 def getScanList(self):
 scan_list= self.awvs.get(self.awvs_url + "/api/v1/scans?l=100", verify=False, headers=self.headers).text
 scan_list = json.loads(scan_list)
 scan_lists = []
 for i in scan_list['scans']:
 scan_lists.append(i['scan_id'])
 return scan_lists
 def getTargetList(self):
 target_list = self.awvs.get(self.awvs_url + "/api/v1/targets?l=100", verify=False, headers=self.headers).text
 target_list = json.loads(target_list)
 target_lists = []
 for i in target_list['targets']:
 target_lists.append(i['target_id'])
 return target_lists
 def delTarget(self, target_id):
 self.awvs.delete(self.awvs_url + "/api/v1/targets/" + target_id, verify=False, headers=self.headers)
 def delScan(self, scan_id):
 self.awvs.delete(self.awvs_url + "/api/v1/scans/" + scan_id, verify=False, headers=self.headers)
if __name__ == "__main__":
 awvs = Awvs(awvs_url, username, password)
 parser = argparse.ArgumentParser()
 parser.add_argument('-u',help='scan a url')
 parser.add_argument('-f',help='scan a file list')
 parser.add_argument('-d',action='store_true',help='delete all target and scan')
 args = parser.parse_args()
 if (args.u):
 target_id = awvs.addTarget(args.u)
 awvs.scanTarget(target_id)
 print('starting scan '+args.u)
 if (args.f):
 with open(args.f) as f:
 for i in f:
 url = i.replace("\n", '')
 url = url.replace("\r", '')
 target_id = awvs.addTarget(url)
 awvs.scanTarget(target_id)
 print('starting scan ' + url)
 if (args.d):
 scan_list = awvs.getScanList()
 target_list = awvs.getTargetList()
 for i in scan_list:
 awvs.delScan(i)
 for i in target_list:
 awvs.delTarget(i)
 print('all delete success')