AWVS 批量添加扫描/删除任务脚本

纸条

论坛已经有过一个Python2写的：
https://www.52pojie.cn/thread-610851-1-1.html

用Python3写了一个，只有批量添加和批量删除两个功能，因为其他功能我用不到。


替换awvs的链接、API这两个地方就可以了：

[Python] 纯文本查看 复制代码

self.scanner = 'https://192.168.137.100/'
self.api = '1986ad8c0a5b3df4d7028d5f3c06e936c877aeb9c8ce346c382e8005aae03e71f'

源码：

[Python] 纯文本查看 复制代码

import json
import queue
import requests
requests.packages.urllib3.disable_warnings()

class AwvsScan(object):
    def __init__(self):
        self.scanner = 'https://192.168.137.100/'
        self.api = '1986ad8c0a5b3df4d7028d5f3c06e936c877aeb9c8ce346c382e8005aae03e71f'
        self.ScanMode = '11111111-1111-1111-1111-111111111115'
        self.headers = {'X-Auth': self.api, 'content-type': 'application/json'}
        self.targets_id = queue.Queue()
        self.scan_id = queue.Queue()
        self.site = queue.Queue()

    def main(self):
        print('='*80)
        print("""1、使用awvs.txt添加扫描任务\n2、删除所有任务""")
        print('='*80)
        choice = input(">")
        if choice == '1':
            self.scans()
        if choice == '2':
            self.del_targets()
        self.main()

    def openfile(self):
        with open('awvs.txt') as cent:
            for web_site in cent:
                web_site = web_site.strip('\n\r')
                self.site.put(web_site)

    def targets(self):
        self.openfile()
        while not self.site.empty():
            website = self.site.get()
            try:
                data = {'address':website,
                        'description':'awvs-auto',
                        'criticality':'10'}
                response = requests.post(self.scanner + '/api/v1/targets', data=json.dumps(data), headers=self.headers, verify=False)
                cent = json.loads(response.content)
                target_id = cent['target_id']
                self.targets_id.put(target_id)
            except Exception as e:
                print('Target is not website! {}'.format(website))

    def scans(self):
        self.targets()
        while not self.targets_id.empty():
            data = {'target_id' : self.targets_id.get(),
                    'profile_id' : self.ScanMode,
                    'schedule' : {'disable': False, 'start_date': None, 'time_sensitive' : False}}

            response = requests.post(self.scanner + '/api/v1/scans', data=json.dumps(data), headers=self.headers, allow_redirects=False, verify=False)
            if response.status_code == 201:
                cent = response.headers['Location'].replace('/api/v1/scans/','')
                print(cent)

    def get_targets_id(self):
        response = requests.get(self.scanner + "/api/v1/targets", headers=self.headers, verify=False)
        content = json.loads(response.content)
        for cent in content['targets']:
            self.targets_id.put([cent['address'],cent['target_id']])

    def del_targets(self):
        while True:
            self.get_targets_id()
            if self.targets_id.qsize() == 0:
                break
            else:
                while not self.targets_id.empty():
                    targets_info = self.targets_id.get()
                    response = requests.delete(self.scanner + "/api/v1/targets/" + targets_info[1], headers=self.headers, verify=False)
                    if response.status_code == 204:
                        print('delete targets {}'.format(targets_info[0]))

if __name__ == '__main__':
    Scan = AwvsScan()
    Scan.main()

QingFD

感谢楼主

用温柔将我杀死

好东西 收下了

huantaiping

自从被我党实拳教育以后，我再也没碰过这些东西了！还是感谢楼主！

_pan

谢谢分享

lenghulin

计划任务，周期性漏扫

kkuaa

谢谢楼主的分享

小黑LLB

感谢楼主分享 点赞 支持一波

hangez

感谢楼主的分享，现在正需要这样的脚本，有机会自己也写一个

hackxiaoxion

请问一下默认的脚本添加后扫描模式都是弱口令，怎么修改扫描模式