licc/dt_automate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增政务网防火墙ips数据获取

Browse Source
This commit is contained in:
李超 2025-03-19 15:25:38 +08:00
parent 7f15825b28
commit 1e984f62f4
5 changed files with 325 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

221
attackevent/fw_data.go
View File

@ -23,7 +23,7 @@ import (
// var Counts int //存储总条数
// var err error
// 传入cookie
// 互联网防火墙ips数据获取
func Fw_event(cookieStr, timeStr string) {
ss := spreadsheet.New()
sheet := ss.AddSheet()
@ -233,11 +233,226 @@ func Fw_event(cookieStr, timeStr string) {
if err := ss.Validate(); err != nil {
log.Fatalf("验证文件时出错: %s", err)
}
log.Println("表格生成完成,保存文件:" + "防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
if err := ss.SaveToFile("防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
log.Println("表格生成完成,保存文件:" + "互联网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
if err := ss.SaveToFile("互联网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
log.Fatalf("保存文件时出错: %s", err)
}
}
// 政务网防火墙ips数据获取
func Zww_event(cookieStr, timeStr string) {
ss := spreadsheet.New()
sheet := ss.AddSheet()
// sheet.SetFrozen(true, false)
v := sheet.InitialView()
v.SetState(sml.ST_PaneStateFrozen)
v.SetXSplit(0) //冻结列
v.SetYSplit(1) //冻结行
sheet.Cell("A1").SetString("序号")
sheet.Cell("B1").SetString("攻击时间")
sheet.Cell("C1").SetString("源安全域")
sheet.Cell("D1").SetString("目的安全域")
sheet.Cell("E1").SetString("源IP")
sheet.Cell("F1").SetString("目的IP")
sheet.Cell("G1").SetString("目的端口")
sheet.Cell("H1").SetString("威胁名称")
sheet.Cell("I1").SetString("攻击类别")
sheet.Cell("J1").SetString("攻击子类别")
sheet.Cell("K1").SetString("应用协议")
sheet.Cell("L1").SetString("CVE")
sheet.Cell("M1").SetString("域名host")
sheet.Cell("N1").SetString("请求路径")
sheet.Cell("O1").SetString("参数")
sheet.Cell("P1").SetString("源ip地区")
log.Println("生成表格列名完成")
//计算时间范围2023-01-01-2023-01-05示例
//2023-01-01
startTime, _ := time.Parse("2006-01-02", timeStr) //之前的时间
endTime, _ := time.Parse("2006-01-02", time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02")) //当前时间
//获取当前事件
// 计算时间段分成一天一段
for current := startTime; current.Before(endTime) || current.Equal(endTime); {
// 当天的开始时间00:00:00
dayStart := time.Date(current.Year(), current.Month(), current.Day(), 0, 0, 0, 0, current.Location())
// 当天的结束时间23:59:59
dayEnd := dayStart.AddDate(0, 0, 1).Add(-1 * time.Nanosecond)
// 如果当前计算的结束时间超过endTime则将endTime作为结束时间
if dayEnd.After(endTime) {
dayEnd = time.Date(endTime.Year(), endTime.Month(), endTime.Day(), 23, 59, 59, 999999999, endTime.Location())
}
fmt.Printf("从 %s 到 %s\n", dayStart.Format("2006-01-02T15:04:05"), dayEnd.Format("2006-01-02T15:04:05"))
// 构建 x-www-form-urlencoded 格式的请求体
values := url.Values{}
values.Add("xml", "<rpc message-id='101' xmlns='urn:ietf:params:xml:ns:netconf:base:1.0' xmlns:web='urn:ietf:params:xml:ns:netconf:base:1.0'><get-bulk><filter type='subtree'><top xmlns='http://www.unis.cn/netconf/data:1.0' xmlns:web='http://www.unis.cn/netconf/base:1.0' xmlns:data='http://www.unis.cn/netconf/data:1.0'><NTOP><LogPaging><Log><LogType>1</LogType><UserID/><ID/><TimeFilter><StartTime>"+dayStart.Format("2006-01-02T15:04:05")+"</StartTime><EndTime>"+dayEnd.Format("2006-01-02T15:04:05")+"</EndTime></TimeFilter><PageNo>1</PageNo><CountPerPage>200</CountPerPage><TotalCounts/><InputJSON>{&#34;SrcZoneName&#34;:&#34;yunwei&#34;,&#34;DestZoneName&#34;:&#34;Trust&#34;}</InputJSON><OutputJSON/></Log></LogPaging></NTOP></top></filter></get-bulk></rpc>")
values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
//请求头信息
header := map[string]string{
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"referer": "https://11.1.68.146/wnm/frame/index.php",
"cookie": cookieStr,
}
//查询数据//请求数据体
security_event_data := conn.DT_POST("https://11.1.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
if Date_v(security_event_data).NTOP.LogPaging != nil {
//获取页数
count_pages, _ := strconv.Atoi(Date_v(security_event_data).NTOP.LogPaging[0].TotalCounts)
if count_pages < 200 {
for _, k := range Date_v(security_event_data).NTOP.LogPaging {
// log.Println(len(sheet.Rows()))
con := len(sheet.Rows()) + 1
// IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
// sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
log.Printf("开始插入%s数据%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
//查询数据库中是否有重复数据
//查询sql 获取用户信息
// rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
// if err != nil {
// log.Println(err)
// }
// defer rows.Close()
// var timeStr sql.NullString
// // var typecho_userss []string
// for rows.Next() {
// if err := rows.Scan(&timeStr); err != nil {
// log.Println(err)
// }
// // typecho_userss = append(typecho_userss, timeStr)
// }
// log.Println(timeStr)
// if err := rows.Err(); err != nil {
// log.Fatal(err)
// }
// if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
// //调用ExecteSQL函数执行插入语句
// result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
// if err != nil {
// log.Println(err)
// }
// // 获取插入操作的最后插入ID和受影响的行数
// lastInsertId, err := result.LastInsertId()
// if err != nil {
// log.Fatal(err)
// }
// rowsAffected, err := result.RowsAffected()
// if err != nil {
// log.Fatal(err)
// }
// log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
// }
}
} else {
//计算页数
totalPages := int(math.Floor(float64(count_pages))/float64(200) + 1)
for i := 0; i < totalPages; i++ {
values := url.Values{}
values.Add("xml", "<rpc message-id='101' xmlns='urn:ietf:params:xml:ns:netconf:base:1.0' xmlns:web='urn:ietf:params:xml:ns:netconf:base:1.0'><get-bulk><filter type='subtree'><top xmlns='http://www.unis.cn/netconf/data:1.0' xmlns:web='http://www.unis.cn/netconf/base:1.0' xmlns:data='http://www.unis.cn/netconf/data:1.0'><NTOP><LogPaging><Log><LogType>1</LogType><UserID/><ID/><TimeFilter><StartTime>"+dayStart.Format("2006-01-02T15:04:05")+"</StartTime><EndTime>"+dayEnd.Format("2006-01-02T15:04:05")+"</EndTime></TimeFilter><PageNo>"+strconv.Itoa(i+1)+"</PageNo><CountPerPage>200</CountPerPage><TotalCounts/><InputJSON>{&#34;SrcZoneName&#34;:&#34;yunwei&#34;,&#34;DestZoneName&#34;:&#34;Trust&#34;}</InputJSON><OutputJSON/></Log></LogPaging></NTOP></top></filter></get-bulk></rpc>")
values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
//请求头信息
header := map[string]string{
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"referer": "https://11.1.68.146/wnm/frame/index.php",
"cookie": cookieStr,
}
//获取当天每页数据
daydata := conn.DT_POST("https://11.1.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
for _, k := range Date_v(daydata).NTOP.LogPaging {
// log.Println(len(sheet.Rows()))
con := len(sheet.Rows()) + 1
// IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
// sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
log.Printf("开始插入%s数据%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
// 调用ExecuteSQL函数执行插入操作
//查询数据库中是否有重复数据
//查询sql 获取用户信息
// rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
// if err != nil {
// log.Println(err)
// }
// defer rows.Close()
// var timeStr sql.NullString
// // var typecho_userss []string
// for rows.Next() {
// if err := rows.Scan(&timeStr); err != nil {
// log.Println(err)
// }
// // typecho_userss = append(typecho_userss, timeStr)
// }
// if err := rows.Err(); err != nil {
// log.Fatal(err)
// }
// if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
// //调用ExecteSQL函数执行插入语句
// result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
// if err != nil {
// log.Println(err)
// }
// // 获取插入操作的最后插入ID和受影响的行数
// lastInsertId, err := result.LastInsertId()
// if err != nil {
// log.Fatal(err)
// }
// rowsAffected, err := result.RowsAffected()
// if err != nil {
// log.Fatal(err)
// }
// log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
// }
}
}
}
} else {
log.Println("没有数据")
}
// 移动到下一天
current = current.AddDate(0, 0, 1)
}
// 保存修改后的 Excel 文件
if err := ss.Validate(); err != nil {
log.Fatalf("验证文件时出错: %s", err)
}
log.Println("表格生成完成,保存文件:" + "政务网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
if err := ss.SaveToFile("政务网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
log.Fatalf("保存文件时出错: %s", err)
}
}
func Date_get(jsonSter string) interface{} {
var jsonstr interface{}
err := json.Unmarshal([]byte(jsonSter), &jsonstr)

102
attackevent/hw_zww1_cookie..go Normal file
View File

@ -0,0 +1,102 @@
package attackevent
import (
"dt_automate/conf"
"dt_automate/tool"
"fmt"
"log"
"github.com/playwright-community/playwright-go"
)
func HW_zww1_cookie() string {
// 启动 Playwright
pw, err := playwright.Run()
if err != nil {
log.Fatalf("could not start Playwright: %v", err)
}
defer pw.Stop()
// 启动浏览器Chromium
browser, err := pw.Chromium.Launch(playwright.BrowserTypeLaunchOptions{
Headless: playwright.Bool(false), // 设置为 false 以显示浏览器界面
Args: []string{
"--ignore-certificate-errors", // 忽略证书错误[^28^][^29^]
},
})
if err != nil {
log.Fatalf("could not launch browser: %v", err)
}
defer browser.Close()
// 创建一个新页面
page, err := browser.NewPage()
if err != nil {
log.Fatalf("could not create page: %v", err)
}
// 设置浏览器窗口大小
err = page.SetViewportSize(1920, 1080) // 宽度为 1200px高度为 800px
if err != nil {
log.Fatalf("无法设置浏览器窗口大小: %v", err)
}
// 导航到指定网址
_, err = page.Goto("https://11.1.68.146/", playwright.PageGotoOptions{WaitUntil: playwright.WaitUntilStateCommit})
if err != nil {
log.Fatalf("could not go to the page: %v", err)
}
page.WaitForTimeout(3000)
//输入
if err := page.Locator(`#user_name`).Fill(tool.KeyStr("BV5kDMeBiV+32koO+yIo0w4MI1ZiTn4QrmD/4EPK1J7kXumFSJyNRiNxwBTQ8TbazscK1KMPFSJn7sUqdfnIy53E1Q/BBwxl6xcF8aLsHkkUiON1ghKkOdjN5QxsH6q85n/yviD9gAcixB0hSHu3jAwAehHn1rqd3oEhOrrBrn/5st2YDrsTOx4aeFE4OMB/goKizVXcIO5oXsTGbN7ip/xK8Lli4easA4bl3M73qAryGZ1f/7B3F8e8gE3nT6qLeYUBlMjJIpO9BD/IsluLjrHkx5uU8GpSjmiRfq6RAAmCCNleOiWWEtBEVk1HP7qbwasgFEFdozpYCd0T8P8yuw==")); err != nil {
log.Fatalf("could not fill input: %v", err)
}
if err := page.Locator(`#password`).Fill(tool.KeyStr("LcVHbSt29BTaMvK7DzBM//TcYvnRd6fjts4rMUxmmRB56UCZ1Sm0bR/87LFttuezWzoZbWgH1Q6JmqHSZmOWvvp7bNVCtWGSrs52YWrnEVK6SEwpohwVhLmgfBTxYWI7zZsph1yMfaDeejjqu5QzLuHcDor2A6i8xhrf7mlUhwIoc5p+4Z//cBocDgUrXcN1d6CTjwJwTYJfGa4jQKEv8glQYD5X3l6AjDv0osh1BQfKFnhxCALRXYrHP8OIbSYRAC4lyTli872AL3kwAH79UBKL5m2BixivgQZazsO2suUtjutvRgtBeqft3HYTNnhB8kxhUwNwx7rdSpJSWhaJLg==")); err != nil {
log.Fatalf("could not fill input: %v", err)
}
//登录
if err := page.Locator("#login_button").Click(); err != nil {
log.Fatalf("could not click button: %v", err)
}
page.WaitForTimeout(1000)
page.Evaluate(`
const now = new Date();
const year = now.getFullYear();
const month = (now.getMonth() + 1).toString().padStart(2, '0');
const day = now.getDate().toString().padStart(2, '0');
const hours = now.getHours().toString().padStart(2, '0');
const minutes = now.getMinutes().toString().padStart(2, '0');
const seconds = now.getSeconds().toString().padStart(2, '0');
const timestamp = year+"-"+month+"-"+day +" "+ hours+":"+minutes+":"+seconds;
const div = document.createElement('div');
div.style.position = 'fixed';
div.style.bottom = '10px';
div.style.right = '10px';
div.style.color = 'white';
div.style.backgroundColor = 'black';
div.style.padding = '5px';
div.style.borderRadius = '5px';
div.textContent = timestamp;
document.body.appendChild(div);
`, nil)
// 获取页面标题
title, err := page.Title()
if err != nil {
log.Fatalf("could not get title: %v", err)
}
log.Printf("Page title is: %s\n", title)
cookies, err := page.Context().Cookies("https://11.1.68.146/wnm/get.j")
if err != nil {
log.Println(err)
}
var cookieStr string
for _, cookie := range cookies {
cookieStr += fmt.Sprintf("%s=%s;", cookie.Name, cookie.Value)
// log.Printf("Cookie %d: %+v", i, cookie)
}
log.Println(cookieStr)
// attackevent.Fw_event(cookieStr)
conf.SET_Config_yaml("cookie", cookieStr) //临时存放数据
// StartBlocker()
return cookieStr
}

2
conf/test.yaml
View File

@ -1,4 +1,4 @@
cookie: vindex==44=1c=0AB00=0R;supportLang=cn%2Cen;lang=cn;sessionid=20000194c2464bf6a1f4f583fa01a649a09f;loginid=39b21ec76fad68bfe1ad3372d037d194;20000194c2464bf6a1f4f583fa01a649a09f=true;abcd1234=true;login=false;
cookie: vindex==9d=0a=0AB00=0R;supportLang=cn%2Cen;lang=cn;login=true;sessionid=200001de7193a844b613cc0b3eb401a990d4;loginid=0bd42e85c214a23401df3b4de3d0bfaa;200001de7193a844b613cc0b3eb401a990d4=true;
dtcloud_cookie: Hm_lvt_d980fb2543f406139975c7a72a5a0387=1740971050,1740974075,1741246647; ea6ee7ef65afa3fa0312817d0b12190e=787b65e4f93b05a0765ee0e7a6e2d24c; CECLOUD_OPS_SID=Tm1Sa01tUTRaakF0WW1FeE1DMDBNelUwTFdJMFl6QXROR1ppWWpWallqVXdNMlZsfGRYTmxjaTVvYkhjdVpIUmpiRzkxWkM1amIyMD0=; CECLOUD_OPS_CID=TmpObVpEbG1ORGd0WmpjNU1DMDBObUZtTFdKbVptWXRZVEJpWkRNd1pERTFOakk1fGRYTmxjaTVvYkhjdVpIUmpiRzkxWkM1amIyMD0=
mysql:
password: sLy1ZxZBEroGcoSv75P/xigUJ59/Yhsz1Z7896WzArcImdobrwg5+N6QEo4yT6CcpW22Y6bYy6a0ZWYAEzDaKZhOQG0odaUAv/SDP7JM7l7hH987XFJkUauaETu97Ev0kObsbS4laEiEg/+VG8fQrPuD2iRax1IWGXTKOtn+gHlyzSp016OhKOUUKKdW16OaC8AbVX9F3tVp10c2hsQNvLJl27MN5m3jXpoq9CTdcXsk15oHZVuIp3Kj9RWa8azpauiCPEKVE1KPvuJAhPYYakZBAdxGNU7Ye/YPZq68PJZHm6otEsaQxGJB1+DRNYh0oFWN9+aSYph6kAn0p5/c4g==

5
main.go
View File

@ -1,6 +1,7 @@
package main
import (
"dt_automate/attackevent"
_ "dt_automate/attackevent"
"dt_automate/auth"
_ "dt_automate/method"
@ -87,8 +88,10 @@ func main() {
// wps.ZWW_SYS_Word() //运维平台word文档生成
// 安全巡检文档生成
// wps.SAFET_Word() //安全巡检文档生成
//安全事件表格生成(需要先执行互联网区防火墙截图)
//互联网防火墙ips事件获取 安全事件表格生成
// attackevent.Fw_event(attackevent.HW_fw1_cookie(), "2025-03-17") //将防火墙安全事件存放到xlsx文件中
//政务网防火墙ips事件获取 安全事件表格生成
attackevent.Zww_event(attackevent.HW_zww1_cookie(), "2025-03-18") //将防火墙安全事件存放到xlsx文件中
//nessus的csv文件生成docx报告
// nessus.CSV_damo()
//翻译模块调用腾讯xt翻译月500万字限制

BIN
政务网防火墙安全事件20250319.xlsx Normal file
View File

Binary file not shown.