介绍
&这辈子写过最多行但又特别简单,看起来又特别复杂,而且没有任何技术水平,职业程序员看了都会骂的代码。
这个脚本仅支持迪普扫描器扫描的报告生成,还写了个awvs版本的,相差也不大,就改改里面的亿点点就行,整体框架一样。
代码
以此纪念我曾经每个月要写几百份报告的青春!
虽然写得菜,但是版权所有,禁止商用!
# * coding:utf-8 *
"""
docx库学习,顺带创建漏扫报告模板,表格需要改变字体大小:
https://stackoverflow.com/questions/43007725/python-docx-how-to-change-table-font-size
docx库官方翻译文档:
https://www.jianshu.com/nb/45603922
python文本提取方式:
Python-goose
BeautifulSoup
html2text
nltk
plaintext
"""
import os
import re
from docx import Document
from docx.enum.table import WD_CELL_VERTICAL_ALIGNMENT
from docx.shared import Cm, Inches, Pt
from docx.enum.text import WD_PARAGRAPH_ALIGNMENT
from docx.oxml.ns import nsdecls
from docx.oxml import parse_xml
def create_docx():
os.chdir(save_path)
mydoc = Document("test.docx")
mydoc.add_paragraph('', style='info_style')
mydoc.add_paragraph('', style='info_style')
mydoc.add_paragraph(customer_name + "-" + ip, style='index_style')
mydoc.add_paragraph("主机安全扫描报告", style='index_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.add_paragraph('', style='null_style')
mydoc.save(doc_path + customer_name + "-" + ip + "-主机漏洞扫描报告.docx")
"""===这里图片居中的原因是因为样式居中,插入的图片也自动居中了"""
logo = mydoc.paragraphs[12].add_run().add_picture(save_path + "logo.png")
logo.height = Cm(2.74)
logo.width = Cm(3.15)
mydoc.add_paragraph(company_name, style='info_style')
mydoc.add_paragraph(report_data, style='info_style')
mydoc.add_page_break()
mydoc.add_heading("1、扫描任务信息", level=1)
scan_info_table = mydoc.add_table(rows=5, cols=4, style="Table Grid")
scan_info_table.cell(0, 0).width = Inches(2.3)
scan_info_table.cell(0, 1).width = Inches(3.5)
scan_info_table.cell(0, 2).width = Inches(2.2)
scan_info_table.cell(0, 3).width = Inches(2.5)
scan_info_table.style.font.size = Pt(10)
scan_info_table.style.paragraph_format.alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
scan_info_table_bg00 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg02 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg10 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg12 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg20 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg22 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg30 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg32 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg40 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table_bg42 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
scan_info_table.rows[0].cells[0]._tc.get_or_add_tcPr().append(scan_info_table_bg00)
scan_info_table.rows[0].cells[2]._tc.get_or_add_tcPr().append(scan_info_table_bg02)
scan_info_table.rows[1].cells[0]._tc.get_or_add_tcPr().append(scan_info_table_bg10)
scan_info_table.rows[1].cells[2]._tc.get_or_add_tcPr().append(scan_info_table_bg12)
scan_info_table.rows[2].cells[0]._tc.get_or_add_tcPr().append(scan_info_table_bg20)
scan_info_table.rows[2].cells[2]._tc.get_or_add_tcPr().append(scan_info_table_bg22)
scan_info_table.rows[3].cells[0]._tc.get_or_add_tcPr().append(scan_info_table_bg30)
scan_info_table.rows[3].cells[2]._tc.get_or_add_tcPr().append(scan_info_table_bg32)
scan_info_table.rows[4].cells[0]._tc.get_or_add_tcPr().append(scan_info_table_bg40)
scan_info_table.rows[4].cells[2]._tc.get_or_add_tcPr().append(scan_info_table_bg42)
scan_info_table_align40 = scan_info_table.cell(4, 0)
scan_info_table_align40.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
scan_info_table_align40.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
scan_info_table_align41 = scan_info_table.cell(4, 1)
scan_info_table_align41.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
scan_info_table_align41.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
scan_info_table_align42 = scan_info_table.cell(4, 2)
scan_info_table_align42.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
scan_info_table_align42.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
scan_info_table_align43 = scan_info_table.cell(4, 3)
scan_info_table_align43.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
scan_info_table_align43.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
line00 = scan_info_table.cell(0, 0).paragraphs[0].add_run("任务名称")
line00.font.name = "宋体"
line00.font.size = Pt(10)
line00.bold = True
line01 = scan_info_table.cell(0, 1).paragraphs[0].add_run(customer_name + "主机漏洞扫描")
line01.font.name = "宋体"
line01.font.size = Pt(10)
line02 = scan_info_table.cell(0, 2).paragraphs[0].add_run("任务创建")
line02.font.name = "宋体"
line02.font.size = Pt(10)
line02.bold = True
line03 = scan_info_table.cell(0, 3).paragraphs[0].add_run("张三")
line03.font.name = "宋体"
line03.font.size = Pt(10)
line10 = scan_info_table.cell(1, 0).paragraphs[0].add_run("策略名称")
line10.font.name = "宋体"
line10.font.size = Pt(10)
line10.bold = True
line11 = scan_info_table.cell(1, 1).paragraphs[0].add_run("系统漏洞扫描")
line11.font.name = "宋体"
line11.font.size = Pt(10)
line12 = scan_info_table.cell(1, 2).paragraphs[0].add_run("任务状态")
line12.font.name = "宋体"
line12.font.size = Pt(10)
line12.bold = True
line13 = scan_info_table.cell(1, 3).paragraphs[0].add_run("扫描结束")
line13.font.name = "宋体"
line13.font.size = Pt(10)
line20 = scan_info_table.cell(2, 0).paragraphs[0].add_run("扫描时间")
line20.font.name = "宋体"
line20.font.size = Pt(10)
line20.bold = True
line21 = scan_info_table.cell(2, 1).paragraphs[0].add_run(scan_time)
line21.font.name = "宋体"
line21.font.size = Pt(10)
line22 = scan_info_table.cell(2, 2).paragraphs[0].add_run("扫描用时")
line22.font.name = "宋体"
line22.font.size = Pt(10)
line22.bold = True
line23 = scan_info_table.cell(2, 3).paragraphs[0].add_run("00:16:25")
line23.font.name = "宋体"
line23.font.size = Pt(10)
line30 = scan_info_table.cell(3, 0).paragraphs[0].add_run("扫描范围")
line30.font.name = "宋体"
line30.font.size = Pt(10)
line30.bold = True
line31 = scan_info_table.cell(3, 1).paragraphs[0].add_run(ip)
line31.font.name = "宋体"
line31.font.size = Pt(10)
line32 = scan_info_table.cell(3, 2).paragraphs[0].add_run("扫描引擎")
line32.font.name = "宋体"
line32.font.size = Pt(10)
line32.bold = True
line33 = scan_info_table.cell(3, 3).paragraphs[0].add_run("本机")
line33.font.name = "宋体"
line33.font.size = Pt(10)
line40 = scan_info_table.cell(4, 0).paragraphs[0].add_run("应用安全状态")
line40.font.name = "宋体"
line40.font.size = Pt(10)
line40.bold = True
line41 = scan_info_table.cell(4, 1).paragraphs[0].add_run("%s" % (get_status()))
line41.font.name = "宋体"
line41.font.size = Pt(10)
line42 = scan_info_table.cell(4, 2).paragraphs[0].add_run("发现漏洞")
line42.font.name = "宋体"
line42.font.size = Pt(10)
line42.bold = True
line43 = scan_info_table.cell(4, 3).paragraphs[0].add_run(
"高危漏洞:%d\n中危漏洞:%d\n低危漏洞:%d" % (high_num, medium_num, low_num))
line43.font.name = "宋体"
line43.font.size = Pt(10)
mydoc.add_heading("2、扫描结果统计", level=1)
result_table = mydoc.add_table(rows=vuln_row, cols=4, style="Table Grid")
result_table.cell(0, 0).width = Inches(0.5)
result_table.cell(0, 1).width = Inches(5.5)
result_table.cell(0, 2).width = Inches(2)
result_table.cell(0, 3).width = Inches(2)
result_table.cell(0, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
result_table.cell(0, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
result_table.cell(0, 2).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
result_table.cell(0, 3).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
result_table_bg00 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
result_table_bg01 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
result_table_bg02 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
result_table_bg03 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
result_table.rows[0].cells[0]._tc.get_or_add_tcPr().append(result_table_bg00)
result_table.rows[0].cells[1]._tc.get_or_add_tcPr().append(result_table_bg01)
result_table.rows[0].cells[2]._tc.get_or_add_tcPr().append(result_table_bg02)
result_table.rows[0].cells[3]._tc.get_or_add_tcPr().append(result_table_bg03)
result_table_id = result_table.cell(0, 0).paragraphs[0].add_run("序号")
result_table_id.font.name = "黑体"
result_table_id.font.size = Pt(12)
result_table_id.bold = True
result_table_vuln = result_table.cell(0, 1).paragraphs[0].add_run("漏洞名称")
result_table_vuln.font.name = "黑体"
result_table_vuln.font.size = Pt(12)
result_table_vuln.bold = True
result_table_number = result_table.cell(0, 2).paragraphs[0].add_run("漏洞数量")
result_table_number.font.name = "黑体"
result_table_number.font.size = Pt(12)
result_table_number.bold = True
result_table_level = result_table.cell(0, 3).paragraphs[0].add_run("风险等级")
result_table_level.font.name = "黑体"
result_table_level.font.size = Pt(12)
result_table_level.bold = True
for xuhao in range(0, vuln_row - 1):
"""自动填充序号 第一列"""
result_table_align00 = result_table.cell(xuhao + 1, 0)
result_table_align00.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
result_table_align00.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
name_0 = result_table.cell(xuhao + 1, 0).paragraphs[0].add_run("%d" % (xuhao + 1))
name_0.font.name = "宋体"
name_0.font.size = Pt(10)
result_table.cell(xuhao + 1, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
xuhao += 1
for line in range(0, len(get_huiyan_vuln_name())):
"""自动填充漏洞名称 第二列"""
name_1 = result_table.cell(line + 1, 1).paragraphs[0].add_run(get_huiyan_vuln_name()[line])
name_1.font.name = "宋体"
name_1.font.size = Pt(10)
result_table.cell(line + 1, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
line += 1
for shuliang in range(0, vuln_row - 1):
"""自动填充漏洞数量 第三列"""
result_table_align02 = result_table.cell(shuliang + 1, 2)
result_table_align02.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
result_table_align02.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
name_2 = result_table.cell(shuliang + 1, 2).paragraphs[0].add_run("1")
name_2.font.name = "宋体"
name_2.font.size = Pt(10)
result_table.cell(shuliang + 1, 2).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
shuliang += 1
for dengji in range(0, vuln_row - 1):
"""自动填充风险等级 第四列"""
result_table_align03 = result_table.cell(dengji + 1, 3)
result_table_align03.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
result_table_align03.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
name_3 = result_table.cell(dengji + 1, 3).paragraphs[0].add_run(get_huiyan_vuln_level()[dengji])
name_3.font.name = "宋体"
name_3.font.size = Pt(10)
result_table.cell(dengji + 1, 3).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
dengji += 1
mydoc.add_heading("3、漏洞风险分布统计", level=1)
mydoc.add_paragraph()
"""========== 下面是创建漏洞风险分布统计表 =========="""
risk_distribution_table = mydoc.add_table(rows=2, cols=4, style="Table Grid")
risk_distribution_table.cell(0, 0).width = Inches(2.5)
risk_distribution_table.cell(0, 1).width = Inches(2.5)
risk_distribution_table.cell(0, 2).width = Inches(2.5)
risk_distribution_table.cell(0, 3).width = Inches(2.5)
risk_distribution_table.style.font.size = Pt(10)
risk_distribution_table.style.paragraph_format.alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(0, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(0, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(0, 2).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(0, 3).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(1, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(1, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(1, 2).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk_distribution_table.cell(1, 3).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.CENTER
risk00 = risk_distribution_table.cell(0, 0).paragraphs[0].add_run("高危险")
risk00.font.name = "宋体"
risk00.font.size = Pt(12)
risk01 = risk_distribution_table.cell(0, 1).paragraphs[0].add_run("中危险")
risk01.font.name = "宋体"
risk01.font.size = Pt(12)
risk02 = risk_distribution_table.cell(0, 2).paragraphs[0].add_run("低危险")
risk02.font.name = "宋体"
risk02.font.size = Pt(12)
risk03 = risk_distribution_table.cell(0, 3).paragraphs[0].add_run("总计")
risk03.font.name = "宋体"
risk03.font.size = Pt(12)
risk10 = risk_distribution_table.cell(1, 0).paragraphs[0].add_run("%d" % high_num)
risk10.font.name = "宋体"
risk10.font.size = Pt(10)
risk11 = risk_distribution_table.cell(1, 1).paragraphs[0].add_run("%d" % medium_num)
risk11.font.name = "宋体"
risk11.font.size = Pt(10)
risk12 = risk_distribution_table.cell(1, 2).paragraphs[0].add_run("%d" % low_num)
risk12.font.name = "宋体"
risk12.font.size = Pt(10)
risk13 = risk_distribution_table.cell(1, 3).paragraphs[0].add_run("%d" % total_num)
risk13.font.name = "宋体"
risk13.font.size = Pt(10)
"""==========下面开始创建漏洞扫描详细列表=========="""
mydoc.add_heading("4、漏洞扫描详细列表", level=1)
for vuln_info in range(0, vuln_row - 1):
key = get_huiyan_vuln_name()[vuln_info]
print(key)
mydoc.add_paragraph("漏洞名称:%s" % key, style='title_line')
vlun_list_table = mydoc.add_table(rows=6, cols=2, style="Table Grid")
vlun_list_table.cell(1, 0).width = Inches(2)
vlun_list_table.cell(1, 1).width = Inches(8)
vlun_list_table.cell(2, 0).width = Inches(2)
vlun_list_table.cell(2, 1).width = Inches(8)
vlun_list_table.cell(3, 0).width = Inches(2)
vlun_list_table.cell(3, 1).width = Inches(8)
vlun_list_table.cell(4, 0).width = Inches(2)
vlun_list_table.cell(4, 1).width = Inches(8)
vlun_list_table.cell(5, 0).width = Inches(2)
vlun_list_table.cell(5, 1).width = Inches(8)
vlun_list_table.cell(0, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(0, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(1, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(1, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(2, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(2, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(3, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(3, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(4, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(4, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(5, 0).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table.cell(5, 1).paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.LEFT
vlun_list_table_bg00 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table_bg10 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table_bg20 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table_bg30 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table_bg40 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table_bg50 = parse_xml(r'<w:shd {} w:fill="D3D3D3"/>'.format(nsdecls('w')))
vlun_list_table.rows[0].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg00)
vlun_list_table.rows[1].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg10)
vlun_list_table.rows[2].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg20)
vlun_list_table.rows[3].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg30)
vlun_list_table.rows[4].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg40)
vlun_list_table.rows[5].cells[0]._tc.get_or_add_tcPr().append(vlun_list_table_bg50)
vlun_list_table_align00 = vlun_list_table.cell(0, 0)
vlun_list_table_align00.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align00.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
vlun_list_table_align10 = vlun_list_table.cell(1, 0)
vlun_list_table_align10.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align10.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
vlun_list_table_align20 = vlun_list_table.cell(2, 0)
vlun_list_table_align20.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align20.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
vlun_list_table_align30 = vlun_list_table.cell(3, 0)
vlun_list_table_align30.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align30.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
vlun_list_table_align40 = vlun_list_table.cell(4, 0)
vlun_list_table_align40.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align40.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
vlun_list_table_align50 = vlun_list_table.cell(5, 0)
vlun_list_table_align50.vertical_alignment = WD_CELL_VERTICAL_ALIGNMENT.CENTER
vlun_list_table_align50.paragraphs[0].alignment = WD_PARAGRAPH_ALIGNMENT.JUSTIFY
list00 = vlun_list_table.cell(0, 0).paragraphs[0].add_run("漏洞名称")
list00.font.name = "宋体"
list00.font.size = Pt(12)
list01 = vlun_list_table.cell(0, 1).paragraphs[0].add_run("%s" % key)
list01.font.name = "宋体"
list01.font.size = Pt(10)
list10 = vlun_list_table.cell(1, 0).paragraphs[0].add_run("严重程度")
list10.font.name = "宋体"
list10.font.size = Pt(12)
list11 = vlun_list_table.cell(1, 1).paragraphs[0].add_run(vuln_level[vuln_info])
list11.font.name = "宋体"
list11.font.size = Pt(10)
list20 = vlun_list_table.cell(2, 0).paragraphs[0].add_run("漏洞描述")
list20.font.name = "宋体"
list20.font.size = Pt(12)
list21 = vlun_list_table.cell(2, 1).paragraphs[0].add_run(get_huiyan_vuln_describe()[vuln_info])
list21.font.name = "宋体"
list21.font.size = Pt(10)
list30 = vlun_list_table.cell(3, 0).paragraphs[0].add_run("修复建议")
list30.font.name = "宋体"
list30.font.size = Pt(12)
list31 = vlun_list_table.cell(3, 1).paragraphs[0].add_run(get_huiyan_vuln_advice()[vuln_info])
list31.font.name = "宋体"
list31.font.size = Pt(10)
list40 = vlun_list_table.cell(4, 0).paragraphs[0].add_run("细节")
list40.font.name = "宋体"
list40.font.size = Pt(12)
list41 = vlun_list_table.cell(4, 1).paragraphs[0].add_run("")
list41.font.name = "宋体"
list41.font.size = Pt(10)
list50 = vlun_list_table.cell(5, 0).paragraphs[0].add_run("参考网址")
list50.font.name = "宋体"
list50.font.size = Pt(12)
list51 = vlun_list_table.cell(5, 1).paragraphs[0].add_run("")
list51.font.name = "宋体"
list51.font.size = Pt(10)
vuln_info += 1
mydoc.save(doc_path + customer_name + "-" + ip + "-主机漏洞扫描报告.docx")
def get_status():
"""
================ 判断安全状态 ===============
"""
if high_num > 0:
high = "1"
medium = "0"
low = "0"
safe = "0"
elif medium_num > 0:
high = "0"
medium = "1"
low = "0"
safe = "0"
elif low_num > 0:
high = "0"
medium = "0"
low = "1"
safe = "0"
else:
high = "0"
medium = "0"
low = "0"
safe = "1"
app_status = "高度危险:" + high + "\n中度危险:" + medium + "\n低度危险:" + low + "\n比较安全:" + safe
return app_status
def get_huiyan_vuln_level():
"""
================ 提取慧眼漏洞风险等级 ===============
"""
os.chdir(file_path)
get_vuln_list = r'(?<=font-family: 微软雅黑; font-size: 8pt; font-weight: bold">).*?(?=</span>)'
with open(file_name, "r", encoding="utf-8", errors="ignore") as html:
huiyan_html = html.read()
vuln_list = re.findall(get_vuln_list, huiyan_html)
a = len(vuln_name)
b_r = list(reversed(vuln_list))
cc = b_r[12:(a * 2) + 12:2]
b = list(reversed(cc))
return b
def get_huiyan_ip():
"""
================ 提取慧眼ip ===============
"""
os.chdir(file_path)
get_ip = r'(?<=主机设备).*?(?=在本次检测中共发现)'
with open(file_name, "r", encoding="utf-8", errors="ignore") as html:
huiyan_html = html.read()
ip_list = re.findall(get_ip, huiyan_html)
huiyan_ip = ip_list[0]
return huiyan_ip
def get_huiyan_vuln_name():
"""
================ 提取慧眼漏洞名称 ===============
"""
os.chdir(file_path)
get_vuln_name = r'(?<=style="font-family: 微软雅黑; font-size: 8pt; padding-left: 20px">).*?(?=</span>)'
with open(file_name, "r", encoding="utf-8", errors="ignore") as html:
huiyan_html = html.read()
vuln_list = re.findall(get_vuln_name, huiyan_html)
return vuln_list
def get_huiyan_vuln_describe():
"""自动提取慧眼漏洞描述"""
os.chdir(file_path)
describe = r'(?<=<spanstyle="color:#00000a;font-family:微软雅黑;font-size:10pt">).*?(?=</span>)'
with open(file_name, "r", encoding="utf-8", errors="ignore") as file:
html = file.read()
new = html.replace('\n', '').replace(' ', '').replace('\t', '')
get_str = re.findall(describe, new)
result = get_str[3::5]
return result
def get_huiyan_vuln_advice():
"""自动提取慧眼修复建议"""
os.chdir(file_path)
advie = r'(?<=<spanstyle="color:#00000a;font-family:微软雅黑;font-size:10pt">).*?(?=</span>)'
with open(file_name, "r", encoding="utf-8", errors="ignore") as file:
html = file.read()
new = html.replace('\n', '').replace(' ', '').replace('\t', '')
get_str = re.findall(advie, new)
result = get_str[4::5]
return result
customer_name = "xxx客户"
company_name = "xxx公司"
scan_time = "2020-12-21 22:00:09"
report_data = "2021-01-04"
file_path = "D:\\MyCreate\\Python项目\\慧眼扫描器自动生成漏洞扫描报告\\项目文件\\源文件\\" # 慧眼扫描源文件的目录
file_name = "huiyan.html" # 需要完成报告的html文件名
save_path = os.getcwd() + "\\项目文件\\"
doc_path = os.getcwd() + "\\项目文件\\文件保存\\" # 文档保存路径
print("=======开始运行===========")
ip = get_huiyan_ip()
vuln_name = get_huiyan_vuln_name()
vuln_row = len(vuln_name) + 1
vuln_level = get_huiyan_vuln_level()
high_num = vuln_level.count("高危")
medium_num = vuln_level.count("中危")
low_num = vuln_level.count("低危")
total_num = high_num + medium_num + low_num
get_huiyan_vuln_describe()
get_huiyan_vuln_advice()
create_docx()
print("=======结束运行===========")
print("报告已经生成并保存到\n" + doc_path + customer_name + "-" + ip + "-主机漏洞扫描报告.docx")结束
其实也没啥功效,就是把扫描报告从图A变成了图B的样子。从html文件变成了doc文件。主要就是数量多,人都写麻了。
to
