利用acunetix-api进行扫描

来源：互联网发布：淘宝上出售游戏账号编辑：程序博客网时间：2024/04/29 16:28

自从Acunetix Web Vulnerability Scanner 11.x被52的大大Hmily破解以后，被它的界面惊艳到了。想着这玩意如果分布式的部署起来扫描应该会很爽。找了资料，发现api从官方获取好像需要联系他们。网速的相关东西很少。

主要依靠https://github.com/jenkinsci/acunetix-plugin/blob/master/src/main/java/com/acunetix/Engine.java里面所提供的api改写而来.

全局依赖于获取到的api-key
headers = {"X-Auth":apikey,"content-type": "application/json"}
1.添加任务
post /api/v1/targets
data = {"address":url,"description":url,"criticality":"10"}
2.扫描任务
post /api/v1/scans
data = {"target_id":target_id,"profile_id":"11111111-1111-1111-1111-111111111111","schedule": {"disable": False,"start_date":None,"time_sensitive": False}}
target_id 为第一步添加任务返回的结果
3.获取任务概要
get /api/v1/scans
4.获取任务详情
get /api/v1/scans/+scan_id
5.生成报告
post /api/v1/reports
data = {"template_id":"11111111-1111-1111-1111-111111111111","source":{"list_type":"scans","id_list":[scan_id]}}

转换了python格式的。添加的时候检测是否重复，获取全部的扫描查看状态是否结束，结束就输出报告

复制代码

#!/usr/bin/python
# -*- coding: utf-8 -*-
import json
import requests
import requests.packages.urllib3
'''
import requests.packages.urllib3.util.ssl_
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS = 'ALL'
or
pip install requests[security]
'''
requests.packages.urllib3.disable_warnings()
tarurl = "https://127.0.0.1:3443/"
apikey="yourapikey"
headers = {"X-Auth":apikey,"content-type": "application/json"}
def addtask(url=''):
#添加任务
data = {"address":url,"description":url,"criticality":"10"}
try:
response = requests.post(tarurl+"/api/v1/targets",data=json.dumps(data),headers=headers,timeout=30,verify=False)
result = json.loads(response.content)
return result['target_id']
except Exception as e:
print(str(e))
return
def startscan(url):
# 先获取全部的任务.避免重复
# 添加任务获取target_id
# 开始扫描
targets = getscan()
if url in targets:
return "repeat"
else:
target_id = addtask(url)
data = {"target_id":target_id,"profile_id":"11111111-1111-1111-1111-111111111111","schedule": {"disable": False,"start_date":None,"time_sensitive": False}}
try:
response = requests.post(tarurl+"/api/v1/scans",data=json.dumps(data),headers=headers,timeout=30,verify=False)
result = json.loads(response.content)
return result['target_id']
except Exception as e:
print(str(e))
return
def getstatus(scan_id):
# 获取scan_id的扫描状况
try:
response = requests.get(tarurl+"/api/v1/scans/"+str(scan_id),headers=headers,timeout=30,verify=False)
result = json.loads(response.content)
status = result['current_session']['status']
#如果是completed 表示结束.可以生成报告
if status == "completed":
return getreports(scan_id)
else:
return result['current_session']['status']
except Exception as e:
print(str(e))
return
def getreports(scan_id):
# 获取scan_id的扫描报告
data = {"template_id":"11111111-1111-1111-1111-111111111111","source":{"list_type":"scans","id_list":[scan_id]}}
try:
response = requests.post(tarurl+"/api/v1/reports",data=json.dumps(data),headers=headers,timeout=30,verify=False)
result = response.headers
report = result['Location'].replace('/api/v1/reports/','/reports/download/')
return tarurl.rstrip('/')+report
except Exception as e:
print(str(e))
return
def getscan():
#获取全部的扫描状态
targets = []
try:
response = requests.get(tarurl+"/api/v1/scans",headers=headers,timeout=30,verify=False)
results = json.loads(response.content)
for result in results['scans']:
targets.append(result['target']['address'])
print result['scan_id'],result['target']['address'],getstatus(result['scan_id'])#,result['target_id']
return list(set(targets))
except Exception as e:
raise e
if __name__ == '__main__':
print startscan('http://testhtml5.vulnweb.com/')

感觉排版有点问题.原文件在https://github.com/0xa-saline/acunetix-api/blob/master/acunetix.py

详情参考
http://0cx.cc/about_awvs11_api.jspx

无耻的打了个广告

last:有人问咋个可以远程访问
[attachment=5443]

阅读全文

0 0