構建你比較滿意的分佈式掃描平臺（上）

時間 2019-12-07

原文原文鏈接

0x00、前言python

在雲安全內部安全能力建設中，對雲資產的端口掃描是一個必需要作的事情，由於開放一個端口對外提供一個服務都是擴大了您在雲上攻擊面。對於這種危險須要儘早的通知雲上用戶。那麼如何對幾萬甚至幾十萬雲主機作有效的端口掃描和精確的服務識別？這須要一套分佈式的掃描系統來支撐。redis

0x0一、實踐的認知shell

在此以前，作了一些的小實踐json

方向3的代碼以下：安全

# coding=utf-8
#!/usr/env/bin python
//存儲到redis
def store(result):
 r=redis.Redis(host='127.0.0.1',port=6379,decode_responses=True,password=xxxx)
 with open(result,'r') as f:
 for line in f:
 if line.startswith('{ '}:
 try:
 temp = json.loads(line[:-2])
 tmp1=temp["ports"][0]
 r.append(temp["ip"],str(tmp1["port"])+",")
 except:
 continue
 return r
//masscan掃描模塊
def Scan():
 try:
 global g_queue
 while not g_queue.empty():
 item = g_queue.get()
 result = "result"+item+".json"
 p = subprocess.Popen("/root/masscan/bin/masscan "+item+" -p T:21-23,25,80,81,88,110,143,443,1080,1433,1521,1158,3306-3308,3389,3690,5432,5900,6379,7001,8000,8080,9000,9418,27017-27019,50060,111,11211,2049 -oJ "+result, shell=True)
 p.wait()
 if p.returncode==0:
 print ('ok')
 if os.path.getsize(result) != 0:
 print item
 store(result)
 if g_queue.qsize() == 0:
 print (u'公有云高危端口掃描結束')
 return "ok"
 except Exception,e:
 print e
 return e
if __name__ == '__main__':
// ip地址壓入隊列
 csvfile2 = file('xxx_public_ip.csv', 'r')
 reader = csv.reader(csvfile2)
 for x in reader:
 ips = IP(x[0])
 for y in ips:
 g_queue.put(y.strNormal(0))

Nmap掃描模塊app

def NmapScan():
 try:
 global g_queue
 
 while not g_queue.empty():
 item = g_queue.get()
 filename = item.split(' ')[1]+"_"+item.split(' ')[0]
 result = "result"+filename.strip()+".xml"
 print result
 p = subprocess.Popen("/usr/bin/nmap -oX "+result+" -sV -p"+item, shell=True)
 p.wait()
 if p.returncode==0:
 nmap_report = NmapParser.parse_fromfile(result)
 for scanned_hosts in nmap_report.hosts:
 print scanned_hosts.address
 for serv in scanned_hosts.services:
 if serv.state == "open":
 m = serv.service_dict.get('extrainfo', '')
 print m
 if m.find('\'') != -1:
 pass
 else:
 writer.writerow([scanned_hosts.address,str(serv.port),serv.service,serv.service_dict.get('product', ''),serv.service_dict.get('version', ''),serv.service_dict.get('extrainfo', '')])
 print "size = ", g_queue.qsize()
 if g_queue.qsize() == 0:
 print (u'公網服務指紋掃描結束')
 return "ok"
 except Exception,e:
 print e
 return e

//從隊列中讀取掃描目標分佈式