企业Web网站很多直接对Internet提供服务,往往会被黑客作为恶意攻击的突破口,Web的安全和企业的信息安全高度相连 。
现实的管理中,在安全制度不完善的情况下,网站开发人员和维护人员经常因为业务紧急上线或者Bug修复,私自上线新的内容或变更,安全人员往往在出现问题后追查时才发现,之前的安全环境或者代码已经都变更了 。
今天介绍如何利用GitHut上的SimpleAutoBurp项目,利用Python脚本实现网站的定时的自动扫描,这样能够在更短的时间发现Web系统的漏洞 。GitHub上的脚本针对Linux平台,本文将脚本修改为在Windows平台上运行 。
一、工作原理:
利用Crontab(linux平台)或任务计划程序(windows平台)定期执行SimpleAutoBurp.py,该脚本利用BurpsuitePro的RESTAPI和配置文件config.json对目标主机进行web扫描 。
二、脚本文件 SimpleAutoBurp Config.json
SimpleAutoBurp.py 是调用Burp suite API的脚本,config.json是其配置文件 。
SimpleAutoBurp.py
【电脑pdf转word软件推荐 word转换pdf格式软件免费版】
from os import strerrorfrom subprocess import Popenimport requestsimport timeimport subprocessimport loggingimport osimport signalimport jsonimport sysfrom datetime import datetime#将configFile指向你的config.json文件configFile = r"F:/pythonCode/SimpleAutoBurp/SimpleAutoBurp-main/config.json"try:with open(configFile) as json_data:config=json.load(json_data)except:print("Missing config.json file. Make sure the configuration file is in the same folder")sys.exit()burpConfigs=config["burpConfigs"][0]siteConfigs=config["sites"]def set_logging():global rootLoggerlogFormatter = logging.Formatter("%(asctime)s [%(levelname)-5.5s]%(message)s")rootLogger = logging.getLogger()NumericLevel = getattr(logging, burpConfigs["loglevel"].upper(), 10)rootLogger.setLevel(NumericLevel)fileHandler = logging.FileHandler("{0}/{1}.log".format(burpConfigs["logPath"], burpConfigs["logfileName"]))fileHandler.setFormatter(logFormatter)rootLogger.addHandler(fileHandler)consoleHandler = logging.StreamHandler()consoleHandler.setFormatter(logFormatter)rootLogger.addHandler(consoleHandler)def execute_burp(site):cmd = burpConfigs["java"]" -jar -Xmx"burpConfigs["memory"]" -Djava.awt.headless="str(burpConfigs["headless"])" "burpConfigs["burpJar"]" --project-file="site["project"]" --unpause-spider-and-scanner"try:rootLogger.debug("Executing Burp: "str(cmd))p = Popen(cmd, shell=True, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)return p.pidexcept:rootLogger.error("Burp Suite failed to execute.")exit()def check_burp(site):count = 0url = "http://127.0.0.1:1337/"site["apikey"]"/v0.1/"time.sleep(10)while True:if count > burpConfigs["retry"]:rootLogger.error("Too many attempts to connect to Burp")exit()else:rootLogger.debug("Cheking API: "str(url))init = requests.get(url)if init.status_code == 200:rootLogger.debug("API running, response code: "str(init.status_code))# Let Brup time to load extensionstime.sleep(30)breakelse:rootLogger.debug("Burp is not ready yet, response code: "str(init.status_code))time.sleep(10)def execute_scan(site):data = 'https://www.shwenmu.com/wenda/{"urls":["'site["scanURL"]'"]}'url="http://127.0.0.1:1337/"site["apikey"]"/v0.1/scan"rootLogger.info("Starting scan to: "str(site["scanURL"]))scan = requests.post(url, data=https://www.shwenmu.com/wenda/data)rootLogger.debug("Task ID: "scan.headers["Location"])while True:url="http://127.0.0.1:1337/"site["apikey"]"/v0.1/scan/"scan.headers["Location"]scanresults = requests.get(url)data = https://www.shwenmu.com/wenda/scanresults.json()rootLogger.info("Current status: "data["scan_status"])if data["scan_status"] == "failed":rootLogger.error("Scan failed")kill_burp()exit()elif data["scan_status"] == "succeeded":rootLogger.info("Scan competed")return dataelse:rootLogger.debug("Waiting 60 before cheking the status again")time.sleep(60)def kill_burp(child_pid):rootLogger.info("Killing Burp.")try:os.kill(child_pid, signal.SIGTERM)rootLogger.debug("Burp killed")except:rootLogger.error("Failed to stop Burp")def get_data(data, site):for issue in data["issue_events"]:rootLogger.info("Vulnerability - Name: "issue["issue"]["name"]" Path: "issue["issue"]["path"]" Severity: "issue["issue"]["severity"])token=site["scanURL"].split('/')[2]top_level=token.split('.')[-2] '.' token.split('.')[-1]file = top_level"-"datetime.now().strftime("%Y_%m_%d-%I_%M_%S_%p")".txt"file = burpConfigs["ScanOutput"]filerootLogger.info("Writing full results to: "file)with open(file, "w") as f:f.write(str(data["issue_events"]))def main():set_logging()for site in config["sites"]:# Execute BurpSuite Prochild_pid = execute_burp(site)# Check if API burp is upcheck_burp(site)# Execute Scandata = https://www.shwenmu.com/wenda/execute_scan(site)# Get Vulnerability dataget_data(data, site)# Stop BurprootLogger.info("Scan finished, killing Burp.")kill_burp(child_pid)if __name__ == '__main__':main()
推荐阅读
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- 免费扫描识别文字 电脑免费的图片转换成word软件
- 电脑锁屏快捷键 电脑锁屏的快捷键
- 教你ACDSee翻转单张图像的操作教程 教你怎么查一个人开的房记录
- Word转PPT可以很简单,速速Get正确方法!
- 一键破解加密PDF文件,不到一分钟
- win10电脑电池图标不见了怎么办?
- 电脑怎么重装系统简单又快速?系统之家一键重装Win11系统教程
- 高铁中转票为什么那么便宜,同样的火车票为什么改签后会有差价比原来便宜了8元
- 电脑打印文件全部步骤 电脑打印文件的步骤
- 电脑一直处于关机状态