AWVS 批量添加扫描/删除任务脚本

纸条

论坛已经有过一个Python2写的：
https://www.52pojie.cn/thread-610851-1-1.html

用Python3写了一个，只有批量添加和批量删除两个功能，因为其他功能我用不到。


替换awvs的链接、API这两个地方就可以了：

[Python] 纯文本查看 复制代码

?

1 2	self.scanner = 'https://192.168.137.100/' self.api = '1986ad8c0a5b3df4d7028d5f3c06e936c877aeb9c8ce346c382e8005aae03e71f'

源码：

[Python] 纯文本查看 复制代码

?

01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80

import json import queue import requests requests.packages.urllib3.disable_warnings()   class AwvsScan(object):     def __init__(self):         self.scanner = 'https://192.168.137.100/'         self.api = '1986ad8c0a5b3df4d7028d5f3c06e936c877aeb9c8ce346c382e8005aae03e71f'         self.ScanMode = '11111111-1111-1111-1111-111111111115'         self.headers = {'X-Auth': self.api, 'content-type': 'application/json'}         self.targets_id = queue.Queue()         self.scan_id = queue.Queue()         self.site = queue.Queue()       def main(self):         print('='*80)         print("""1、使用awvs.txt添加扫描任务\n2、删除所有任务""")         print('='*80)         choice = input(">")         if choice == '1':             self.scans()         if choice == '2':             self.del_targets()         self.main()       def openfile(self):         with open('awvs.txt') as cent:             for web_site in cent:                 web_site = web_site.strip('\n\r')                 self.site.put(web_site)       def targets(self):         self.openfile()         while not self.site.empty():             website = self.site.get()             try:                 data = {'address':website,                         'description':'awvs-auto',                         'criticality':'10'}                 response = requests.post(self.scanner + '/api/v1/targets', data=json.dumps(data), headers=self.headers, verify=False)                 cent = json.loads(response.content)                 target_id = cent['target_id']                 self.targets_id.put(target_id)             except Exception as e:                 print('Target is not website! {}'.format(website))       def scans(self):         self.targets()         while not self.targets_id.empty():             data = {'target_id' : self.targets_id.get(),                     'profile_id' : self.ScanMode,                     'schedule' : {'disable': False, 'start_date': None, 'time_sensitive' : False}}               response = requests.post(self.scanner + '/api/v1/scans', data=json.dumps(data), headers=self.headers, allow_redirects=False, verify=False)             if response.status_code == 201:                 cent = response.headers['Location'].replace('/api/v1/scans/','')                 print(cent)       def get_targets_id(self):         response = requests.get(self.scanner + "/api/v1/targets", headers=self.headers, verify=False)         content = json.loads(response.content)         for cent in content['targets']:             self.targets_id.put([cent['address'],cent['target_id']])       def del_targets(self):         while True:             self.get_targets_id()             if self.targets_id.qsize() == 0:                 break             else:                 while not self.targets_id.empty():                     targets_info = self.targets_id.get()                     response = requests.delete(self.scanner + "/api/v1/targets/" + targets_info[1], headers=self.headers, verify=False)                     if response.status_code == 204:                         print('delete targets {}'.format(targets_info[0]))   if __name__ == '__main__':     Scan = AwvsScan()     Scan.main()

QingFD

感谢楼主

用温柔将我杀死

好东西 收下了

huantaiping

自从被我党实拳教育以后，我再也没碰过这些东西了！还是感谢楼主！

_pan

谢谢分享

lenghulin

计划任务，周期性漏扫

kkuaa

谢谢楼主的分享

小黑LLB

感谢楼主分享 点赞 支持一波

hangez

感谢楼主的分享，现在正需要这样的脚本，有机会自己也写一个

hackxiaoxion

请问一下默认的脚本添加后扫描模式都是弱口令，怎么修改扫描模式