licc/dt_automate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d64b0ad0a5
dt_automate/attack_event/job.go

110 lines
5.4 KiB
Go
Raw Normal View History

20250226
2025-02-26 18:58:43 +08:00
package attackevent
import (
"dt_automate/conn"
"dt_automate/tool"
"fmt"
"log"
"time"
"github.com/robfig/cron/v3"
)
var cookieStr = "vindex==39=16=0AB00=0R; supportLang=cn%2Cen; lang=cn; sessionid=200001dc6ccf3da4c61484899a31aaf741de; loginid=975d5428764bcee5451c191f464cb5ad; 200001dc6ccf3da4c61484899a31aaf741de=true; abcd1234=true; login=false"
func FW_Job() {
job := cron.New(cron.WithSeconds())
j := &myJob{
t: time.Now(),
}
j1 := &myJob1{
t: time.Now(),
}
job.Schedule(cron.Every(3*60*time.Second), j)
job.Schedule(cron.Every(3*time.Second), j1)
job.Start()
select {}
}
type myJob struct {
i int
t time.Time
}
func (j *myJob) Run() { //心跳//三分钟触发一次
//当前时间
// EndTime := time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02T15:04:05")
// //今天0点
// StartTime := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Format("2006-01-02T15:04:05")
// 构建 x-www-form-urlencoded 格式的请求体
// values := url.Values{}
// values.Add("xml", "<rpc message-id='101' xmlns='urn:ietf:params:xml:ns:netconf:base:1.0' xmlns:web='urn:ietf:params:xml:ns:netconf:base:1.0'><get-bulk><filter type='subtree'><top xmlns='http://www.unis.cn/netconf/data:1.0' xmlns:web='http://www.unis.cn/netconf/base:1.0' xmlns:data='http://www.unis.cn/netconf/data:1.0'><NTOP><LogPaging><Log><LogType>1</LogType><UserID/><ID/><TimeFilter><StartTime>"+StartTime+"</StartTime><EndTime>"+EndTime+"</EndTime></TimeFilter><PageNo>1</PageNo><CountPerPage>200</CountPerPage><TotalCounts/><InputJSON>{&#34;SrcZoneName&#34;:&#34;Untrust&#34;,&#34;DestZoneName&#34;:&#34;Trust&#34;}</InputJSON><OutputJSON/></Log></LogPaging></NTOP></top></filter></get-bulk></rpc>")
// values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
header := map[string]string{
// "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"referer": "https://11.2.68.146/wnm/frame/index.php",
"cookie": cookieStr,
}
datas := conn.DT_POST("https://11.2.68.146/wnm/keepalive.j", header, nil)
// var a map[string]interface{}
// for v, k := range datas.([]interface{}) {
// b := k.(map[string]interface{})["OutputJSON"].(string)
// if err := json.Unmarshal([]byte(b), &a); err != nil {
// log.Fatalf("Failed to unmarshal JSON: %v", err)
// }
// fmt.Println(v, a)
// // fmt.Printf("序号:%d,攻击时间:[%s],安全域:%s-%s##攻击源IP%s#目的源IP%s:%s,攻击类型:%s,应用协议:%s,请求域名:%s\n", v, a["Time"], a["SrcZoneName"], a["DestZoneName"], a["SrcIPAddr"], a["DestIPAddr"], strconv.FormatFloat(a["DestPort"].(float64), 'f', 0, 64), a["ThreatName"], a["Application"], a["HttpHost"])
// }
log.Println(datas)
//#################################
j.i++
now := time.Now()
sub := now.Sub(j.t)
j.t = now
fmt.Printf("心跳: %d, duraction : %d ms %f \n", j.i, sub.Milliseconds(), sub.Minutes())
}
type myJob1 struct {
i int
t time.Time
}
func (j1 *myJob1) Run() { //定时任务1小时执行一次获取威胁数据
now := time.Now()
// 当前时间
EndTime := time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02T15:04:05")
h, _ := time.ParseDuration("-1h")
h1 := now.Add(1 * h).Format("2006-01-02T15:04:05")
log.Println(EndTime)
fmt.Println(h1)
// //今天0点
// StartTime := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Format("2006-01-02T15:04:05")
// // 构建 x-www-form-urlencoded 格式的请求体
// values := url.Values{}
// values.Add("xml", "<rpc message-id='101' xmlns='urn:ietf:params:xml:ns:netconf:base:1.0' xmlns:web='urn:ietf:params:xml:ns:netconf:base:1.0'><get-bulk><filter type='subtree'><top xmlns='http://www.unis.cn/netconf/data:1.0' xmlns:web='http://www.unis.cn/netconf/base:1.0' xmlns:data='http://www.unis.cn/netconf/data:1.0'><NTOP><LogPaging><Log><LogType>1</LogType><UserID/><ID/><TimeFilter><StartTime>"+StartTime+"</StartTime><EndTime>"+EndTime+"</EndTime></TimeFilter><PageNo>1</PageNo><CountPerPage>200</CountPerPage><TotalCounts/><InputJSON>{&#34;SrcZoneName&#34;:&#34;Untrust&#34;,&#34;DestZoneName&#34;:&#34;Trust&#34;}</InputJSON><OutputJSON/></Log></LogPaging></NTOP></top></filter></get-bulk></rpc>")
// values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
// header := map[string]string{
// "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
// "referer": "https://11.2.68.146/wnm/frame/index.php",
// "cookie": cookieStr,
// }
// datas := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))["NTOP"].(map[string]interface{})["LogPaging"]
// var a map[string]interface{}
// for v, k := range datas.([]interface{}) {
// b := k.(map[string]interface{})["OutputJSON"].(string)
// if err := json.Unmarshal([]byte(b), &a); err != nil {
// log.Fatalf("Failed to unmarshal JSON: %v", err)
// }
// fmt.Println(v, a)
// fmt.Printf("序号:%d,攻击时间:[%s],安全域:%s-%s##攻击源IP%s#目的源IP%s:%s,攻击类型:%s,应用协议:%s,请求域名:%s\n", v, a["Time"], a["SrcZoneName"], a["DestZoneName"], a["SrcIPAddr"], a["DestIPAddr"], strconv.FormatFloat(a["DestPort"].(float64), 'f', 0, 64), a["ThreatName"], a["Application"], a["HttpHost"])
// }
// ###############################################
j1.i++
// now := time.Now()
sub := now.Sub(j1.t)
j1.t = now
fmt.Printf("获取数据: %d, duraction : %d ms %f\n", j1.i, sub.Milliseconds(), sub.Hours())
}
Reference in New Issue Copy Permalink