diff --git a/attackevent/fw_data.go b/attackevent/fw_data.go
index 6b651ab..930cf17 100644
--- a/attackevent/fw_data.go
+++ b/attackevent/fw_data.go
@@ -23,7 +23,7 @@ import (
// var Counts int //存储总条数
// var err error
-// 传入cookie
+// 互联网防火墙ips数据获取
func Fw_event(cookieStr, timeStr string) {
ss := spreadsheet.New()
sheet := ss.AddSheet()
@@ -233,11 +233,226 @@ func Fw_event(cookieStr, timeStr string) {
if err := ss.Validate(); err != nil {
log.Fatalf("验证文件时出错: %s", err)
}
- log.Println("表格生成完成,保存文件:" + "防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
- if err := ss.SaveToFile("防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
+ log.Println("表格生成完成,保存文件:" + "互联网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
+ if err := ss.SaveToFile("互联网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
log.Fatalf("保存文件时出错: %s", err)
}
}
+
+// 政务网防火墙ips数据获取
+func Zww_event(cookieStr, timeStr string) {
+ ss := spreadsheet.New()
+ sheet := ss.AddSheet()
+ // sheet.SetFrozen(true, false)
+ v := sheet.InitialView()
+ v.SetState(sml.ST_PaneStateFrozen)
+ v.SetXSplit(0) //冻结列
+ v.SetYSplit(1) //冻结行
+ sheet.Cell("A1").SetString("序号")
+ sheet.Cell("B1").SetString("攻击时间")
+ sheet.Cell("C1").SetString("源安全域")
+ sheet.Cell("D1").SetString("目的安全域")
+ sheet.Cell("E1").SetString("源IP")
+ sheet.Cell("F1").SetString("目的IP")
+ sheet.Cell("G1").SetString("目的端口")
+ sheet.Cell("H1").SetString("威胁名称")
+ sheet.Cell("I1").SetString("攻击类别")
+ sheet.Cell("J1").SetString("攻击子类别")
+ sheet.Cell("K1").SetString("应用协议")
+ sheet.Cell("L1").SetString("CVE")
+ sheet.Cell("M1").SetString("域名(host)")
+ sheet.Cell("N1").SetString("请求路径")
+ sheet.Cell("O1").SetString("参数")
+ sheet.Cell("P1").SetString("源ip地区")
+ log.Println("生成表格列名完成")
+ //计算时间范围(2023-01-01-2023-01-05)示例
+ //2023-01-01
+ startTime, _ := time.Parse("2006-01-02", timeStr) //之前的时间
+ endTime, _ := time.Parse("2006-01-02", time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02")) //当前时间
+ //获取当前事件
+
+ // 计算时间段分成一天一段
+ for current := startTime; current.Before(endTime) || current.Equal(endTime); {
+ // 当天的开始时间(00:00:00)
+
+ dayStart := time.Date(current.Year(), current.Month(), current.Day(), 0, 0, 0, 0, current.Location())
+ // 当天的结束时间(23:59:59)
+ dayEnd := dayStart.AddDate(0, 0, 1).Add(-1 * time.Nanosecond)
+
+ // 如果当前计算的结束时间超过endTime,则将endTime作为结束时间
+ if dayEnd.After(endTime) {
+ dayEnd = time.Date(endTime.Year(), endTime.Month(), endTime.Day(), 23, 59, 59, 999999999, endTime.Location())
+ }
+
+ fmt.Printf("从 %s 到 %s\n", dayStart.Format("2006-01-02T15:04:05"), dayEnd.Format("2006-01-02T15:04:05"))
+
+ // 构建 x-www-form-urlencoded 格式的请求体
+ values := url.Values{}
+ values.Add("xml", "1"+dayStart.Format("2006-01-02T15:04:05")+""+dayEnd.Format("2006-01-02T15:04:05")+"1200{"SrcZoneName":"yunwei","DestZoneName":"Trust"}")
+ values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
+ //请求头信息
+ header := map[string]string{
+ "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+ "referer": "https://11.1.68.146/wnm/frame/index.php",
+ "cookie": cookieStr,
+ }
+ //查询数据//请求数据体
+ security_event_data := conn.DT_POST("https://11.1.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
+ if Date_v(security_event_data).NTOP.LogPaging != nil {
+ //获取页数
+ count_pages, _ := strconv.Atoi(Date_v(security_event_data).NTOP.LogPaging[0].TotalCounts)
+ if count_pages < 200 {
+ for _, k := range Date_v(security_event_data).NTOP.LogPaging {
+ // log.Println(len(sheet.Rows()))
+ con := len(sheet.Rows()) + 1
+ // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
+ sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
+ sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
+ sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
+ sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
+ sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
+ sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
+ sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
+ sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
+ sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
+ sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
+ sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
+ sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
+ sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
+ sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ // sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
+ log.Printf("开始插入%s数据:%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ //查询数据库中是否有重复数据
+ //查询sql 获取用户信息
+ // rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
+ // if err != nil {
+ // log.Println(err)
+ // }
+ // defer rows.Close()
+ // var timeStr sql.NullString
+ // // var typecho_userss []string
+ // for rows.Next() {
+ // if err := rows.Scan(&timeStr); err != nil {
+ // log.Println(err)
+ // }
+ // // typecho_userss = append(typecho_userss, timeStr)
+ // }
+ // log.Println(timeStr)
+ // if err := rows.Err(); err != nil {
+ // log.Fatal(err)
+ // }
+ // if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
+ // //调用ExecteSQL函数执行插入语句
+ // result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ // if err != nil {
+ // log.Println(err)
+ // }
+ // // 获取插入操作的最后插入ID和受影响的行数
+ // lastInsertId, err := result.LastInsertId()
+ // if err != nil {
+ // log.Fatal(err)
+ // }
+ // rowsAffected, err := result.RowsAffected()
+ // if err != nil {
+ // log.Fatal(err)
+ // }
+ // log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
+ // }
+ }
+ } else {
+ //计算页数
+ totalPages := int(math.Floor(float64(count_pages))/float64(200) + 1)
+ for i := 0; i < totalPages; i++ {
+ values := url.Values{}
+ values.Add("xml", "1"+dayStart.Format("2006-01-02T15:04:05")+""+dayEnd.Format("2006-01-02T15:04:05")+""+strconv.Itoa(i+1)+"200{"SrcZoneName":"yunwei","DestZoneName":"Trust"}")
+ values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
+ //请求头信息
+ header := map[string]string{
+ "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+ "referer": "https://11.1.68.146/wnm/frame/index.php",
+ "cookie": cookieStr,
+ }
+ //获取当天每页数据
+ daydata := conn.DT_POST("https://11.1.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
+ for _, k := range Date_v(daydata).NTOP.LogPaging {
+ // log.Println(len(sheet.Rows()))
+ con := len(sheet.Rows()) + 1
+ // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
+ sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
+ sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
+ sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
+ sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
+ sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
+ sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
+ sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
+ sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
+ sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
+ sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
+ sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
+ sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
+ sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
+ sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ // sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
+ log.Printf("开始插入%s数据:%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ // 调用ExecuteSQL函数执行插入操作
+ //查询数据库中是否有重复数据
+ //查询sql 获取用户信息
+ // rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
+ // if err != nil {
+ // log.Println(err)
+ // }
+ // defer rows.Close()
+ // var timeStr sql.NullString
+ // // var typecho_userss []string
+ // for rows.Next() {
+ // if err := rows.Scan(&timeStr); err != nil {
+ // log.Println(err)
+ // }
+ // // typecho_userss = append(typecho_userss, timeStr)
+ // }
+ // if err := rows.Err(); err != nil {
+ // log.Fatal(err)
+ // }
+ // if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
+ // //调用ExecteSQL函数执行插入语句
+ // result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ // if err != nil {
+ // log.Println(err)
+ // }
+ // // 获取插入操作的最后插入ID和受影响的行数
+ // lastInsertId, err := result.LastInsertId()
+ // if err != nil {
+ // log.Fatal(err)
+ // }
+ // rowsAffected, err := result.RowsAffected()
+ // if err != nil {
+ // log.Fatal(err)
+ // }
+ // log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
+ // }
+
+ }
+ }
+ }
+ } else {
+ log.Println("没有数据")
+ }
+
+ // 移动到下一天
+ current = current.AddDate(0, 0, 1)
+ }
+ // 保存修改后的 Excel 文件
+ if err := ss.Validate(); err != nil {
+ log.Fatalf("验证文件时出错: %s", err)
+ }
+ log.Println("表格生成完成,保存文件:" + "政务网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx")
+ if err := ss.SaveToFile("政务网防火墙安全事件" + time.Unix(tool.Timestamp("second"), 0).Format("20060102") + ".xlsx"); err != nil {
+ log.Fatalf("保存文件时出错: %s", err)
+ }
+}
+
func Date_get(jsonSter string) interface{} {
var jsonstr interface{}
err := json.Unmarshal([]byte(jsonSter), &jsonstr)
diff --git a/attackevent/hw_zww1_cookie..go b/attackevent/hw_zww1_cookie..go
new file mode 100644
index 0000000..bec4c4a
--- /dev/null
+++ b/attackevent/hw_zww1_cookie..go
@@ -0,0 +1,102 @@
+package attackevent
+
+import (
+ "dt_automate/conf"
+ "dt_automate/tool"
+ "fmt"
+ "log"
+
+ "github.com/playwright-community/playwright-go"
+)
+
+func HW_zww1_cookie() string {
+ // 启动 Playwright
+ pw, err := playwright.Run()
+ if err != nil {
+ log.Fatalf("could not start Playwright: %v", err)
+ }
+ defer pw.Stop()
+
+ // 启动浏览器(Chromium)
+ browser, err := pw.Chromium.Launch(playwright.BrowserTypeLaunchOptions{
+ Headless: playwright.Bool(false), // 设置为 false 以显示浏览器界面
+ Args: []string{
+ "--ignore-certificate-errors", // 忽略证书错误[^28^][^29^]
+ },
+ })
+ if err != nil {
+ log.Fatalf("could not launch browser: %v", err)
+ }
+ defer browser.Close()
+
+ // 创建一个新页面
+ page, err := browser.NewPage()
+ if err != nil {
+ log.Fatalf("could not create page: %v", err)
+ }
+ // 设置浏览器窗口大小
+ err = page.SetViewportSize(1920, 1080) // 宽度为 1200px,高度为 800px
+ if err != nil {
+ log.Fatalf("无法设置浏览器窗口大小: %v", err)
+ }
+
+ // 导航到指定网址
+ _, err = page.Goto("https://11.1.68.146/", playwright.PageGotoOptions{WaitUntil: playwright.WaitUntilStateCommit})
+ if err != nil {
+ log.Fatalf("could not go to the page: %v", err)
+ }
+
+ page.WaitForTimeout(3000)
+ //输入
+ if err := page.Locator(`#user_name`).Fill(tool.KeyStr("BV5kDMeBiV+32koO+yIo0w4MI1ZiTn4QrmD/4EPK1J7kXumFSJyNRiNxwBTQ8TbazscK1KMPFSJn7sUqdfnIy53E1Q/BBwxl6xcF8aLsHkkUiON1ghKkOdjN5QxsH6q85n/yviD9gAcixB0hSHu3jAwAehHn1rqd3oEhOrrBrn/5st2YDrsTOx4aeFE4OMB/goKizVXcIO5oXsTGbN7ip/xK8Lli4easA4bl3M73qAryGZ1f/7B3F8e8gE3nT6qLeYUBlMjJIpO9BD/IsluLjrHkx5uU8GpSjmiRfq6RAAmCCNleOiWWEtBEVk1HP7qbwasgFEFdozpYCd0T8P8yuw==")); err != nil {
+ log.Fatalf("could not fill input: %v", err)
+ }
+ if err := page.Locator(`#password`).Fill(tool.KeyStr("LcVHbSt29BTaMvK7DzBM//TcYvnRd6fjts4rMUxmmRB56UCZ1Sm0bR/87LFttuezWzoZbWgH1Q6JmqHSZmOWvvp7bNVCtWGSrs52YWrnEVK6SEwpohwVhLmgfBTxYWI7zZsph1yMfaDeejjqu5QzLuHcDor2A6i8xhrf7mlUhwIoc5p+4Z//cBocDgUrXcN1d6CTjwJwTYJfGa4jQKEv8glQYD5X3l6AjDv0osh1BQfKFnhxCALRXYrHP8OIbSYRAC4lyTli872AL3kwAH79UBKL5m2BixivgQZazsO2suUtjutvRgtBeqft3HYTNnhB8kxhUwNwx7rdSpJSWhaJLg==")); err != nil {
+ log.Fatalf("could not fill input: %v", err)
+ }
+ //登录
+ if err := page.Locator("#login_button").Click(); err != nil {
+ log.Fatalf("could not click button: %v", err)
+ }
+ page.WaitForTimeout(1000)
+ page.Evaluate(`
+ const now = new Date();
+ const year = now.getFullYear();
+ const month = (now.getMonth() + 1).toString().padStart(2, '0');
+ const day = now.getDate().toString().padStart(2, '0');
+ const hours = now.getHours().toString().padStart(2, '0');
+ const minutes = now.getMinutes().toString().padStart(2, '0');
+ const seconds = now.getSeconds().toString().padStart(2, '0');
+ const timestamp = year+"-"+month+"-"+day +" "+ hours+":"+minutes+":"+seconds;
+ const div = document.createElement('div');
+ div.style.position = 'fixed';
+ div.style.bottom = '10px';
+ div.style.right = '10px';
+ div.style.color = 'white';
+ div.style.backgroundColor = 'black';
+ div.style.padding = '5px';
+ div.style.borderRadius = '5px';
+ div.textContent = timestamp;
+ document.body.appendChild(div);
+ `, nil)
+ // 获取页面标题
+ title, err := page.Title()
+ if err != nil {
+ log.Fatalf("could not get title: %v", err)
+ }
+ log.Printf("Page title is: %s\n", title)
+ cookies, err := page.Context().Cookies("https://11.1.68.146/wnm/get.j")
+ if err != nil {
+ log.Println(err)
+ }
+ var cookieStr string
+ for _, cookie := range cookies {
+ cookieStr += fmt.Sprintf("%s=%s;", cookie.Name, cookie.Value)
+ // log.Printf("Cookie %d: %+v", i, cookie)
+ }
+ log.Println(cookieStr)
+ // attackevent.Fw_event(cookieStr)
+ conf.SET_Config_yaml("cookie", cookieStr) //临时存放数据
+ // StartBlocker()
+ return cookieStr
+}
diff --git a/conf/test.yaml b/conf/test.yaml
index 355f167..cfbd0fc 100644
--- a/conf/test.yaml
+++ b/conf/test.yaml
@@ -1,4 +1,4 @@
-cookie: vindex==44=1c=0AB00=0R;supportLang=cn%2Cen;lang=cn;sessionid=20000194c2464bf6a1f4f583fa01a649a09f;loginid=39b21ec76fad68bfe1ad3372d037d194;20000194c2464bf6a1f4f583fa01a649a09f=true;abcd1234=true;login=false;
+cookie: vindex==9d=0a=0AB00=0R;supportLang=cn%2Cen;lang=cn;login=true;sessionid=200001de7193a844b613cc0b3eb401a990d4;loginid=0bd42e85c214a23401df3b4de3d0bfaa;200001de7193a844b613cc0b3eb401a990d4=true;
dtcloud_cookie: Hm_lvt_d980fb2543f406139975c7a72a5a0387=1740971050,1740974075,1741246647; ea6ee7ef65afa3fa0312817d0b12190e=787b65e4f93b05a0765ee0e7a6e2d24c; CECLOUD_OPS_SID=Tm1Sa01tUTRaakF0WW1FeE1DMDBNelUwTFdJMFl6QXROR1ppWWpWallqVXdNMlZsfGRYTmxjaTVvYkhjdVpIUmpiRzkxWkM1amIyMD0=; CECLOUD_OPS_CID=TmpObVpEbG1ORGd0WmpjNU1DMDBObUZtTFdKbVptWXRZVEJpWkRNd1pERTFOakk1fGRYTmxjaTVvYkhjdVpIUmpiRzkxWkM1amIyMD0=
mysql:
password: sLy1ZxZBEroGcoSv75P/xigUJ59/Yhsz1Z7896WzArcImdobrwg5+N6QEo4yT6CcpW22Y6bYy6a0ZWYAEzDaKZhOQG0odaUAv/SDP7JM7l7hH987XFJkUauaETu97Ev0kObsbS4laEiEg/+VG8fQrPuD2iRax1IWGXTKOtn+gHlyzSp016OhKOUUKKdW16OaC8AbVX9F3tVp10c2hsQNvLJl27MN5m3jXpoq9CTdcXsk15oHZVuIp3Kj9RWa8azpauiCPEKVE1KPvuJAhPYYakZBAdxGNU7Ye/YPZq68PJZHm6otEsaQxGJB1+DRNYh0oFWN9+aSYph6kAn0p5/c4g==
diff --git a/main.go b/main.go
index ab44aa1..57234a0 100644
--- a/main.go
+++ b/main.go
@@ -1,6 +1,7 @@
package main
import (
+ "dt_automate/attackevent"
_ "dt_automate/attackevent"
"dt_automate/auth"
_ "dt_automate/method"
@@ -87,8 +88,10 @@ func main() {
// wps.ZWW_SYS_Word() //运维平台word文档生成
// 安全巡检文档生成
// wps.SAFET_Word() //安全巡检文档生成
- //安全事件表格生成(需要先执行互联网区防火墙截图)
+ //互联网防火墙ips事件获取 安全事件表格生成
// attackevent.Fw_event(attackevent.HW_fw1_cookie(), "2025-03-17") //将防火墙安全事件存放到xlsx文件中
+ //政务网防火墙ips事件获取 安全事件表格生成
+ attackevent.Zww_event(attackevent.HW_zww1_cookie(), "2025-03-18") //将防火墙安全事件存放到xlsx文件中
//nessus的csv文件生成docx报告
// nessus.CSV_damo()
//翻译模块调用腾讯xt翻译月500万字限制
diff --git a/政务网防火墙安全事件20250319.xlsx b/政务网防火墙安全事件20250319.xlsx
new file mode 100644
index 0000000..3265397
Binary files /dev/null and b/政务网防火墙安全事件20250319.xlsx differ