调用Metasploit RestFul接口，解决证书问题

来源：互联网发布：查询数据库所有触发器编辑：程序博客网时间：2024/06/05 08:37
调用Metasploit restful接口的时候，证书出现问题，下面是解决并调用
import java.awt.List;import java.io.BufferedReader;import java.io.DataInputStream;import java.io.DataOutputStream;import java.io.IOException;import java.io.InputStream;import java.io.InputStreamReader;import java.io.OutputStreamWriter;import java.io.PrintWriter;import java.net.HttpURLConnection;import java.net.MalformedURLException;import java.net.URL;import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import java.util.ArrayList;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import javax.xml.transform.Templates;import org.msgpack.MessagePack;import org.msgpack.template.Template;import org.omg.CORBA_2_3.portable.OutputStream;/** * @Title: Restful.java * @Package Restful * @author Ishadow * @date 2016��6��19�� ����1:15:43 * @version V1.0 */public class Restful {    public static String doGet(String restfulURL) throws KeyManagementException, NoSuchAlgorithmException {        HttpsURLConnection.setDefaultHostnameVerifier(new Restful().new NullHostNameVerifier());        SSLContext sc = SSLContext.getInstance("TLS");        sc.init(null, trustAllCerts, new SecureRandom());        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());        URL url = null;        InputStream iStream=null;        InputStreamReader iReader=null;        BufferedReader breader=null;        try {            url = new URL(restfulURL);            // restful            HttpURLConnection conn = (HttpURLConnection) url.openConnection();            conn.setRequestMethod("GET");// POST GET PUT DELETE            conn.setRequestProperty("Accept-Charset", "utf-8");            conn.setRequestProperty("accept", "*/*");            conn.setRequestProperty("Content-Type", "application/json;charset=utf-8");            conn.setRequestProperty("token", "4c54d80875b80047bdaa21ae16176e63");            conn.setConnectTimeout(130000);            conn.setReadTimeout(130000);            System.out.println(conn.getResponseCode());            if (200 == conn.getResponseCode()) {                iStream=conn.getInputStream();                iReader=new InputStreamReader(iStream,"utf-8");                breader=new BufferedReader(iReader);                StringBuffer sBuffer=new StringBuffer();                String temp="";                while ((temp=breader.readLine())!=null) {                    sBuffer.append(temp);                }                System.out.println(sBuffer.toString());                return sBuffer.toString();            }        } catch (MalformedURLException e) {            // TODO Auto-generated catch block            e.printStackTrace();        } catch (IOException e) {            // TODO Auto-generated catch block            e.printStackTrace();        } finally {            try {                if(breader!=null){                    breader.close();                }                if (iReader != null) {                    iReader.close();                }                if (iStream != null) {                    iStream.close();                }            } catch (IOException e) {                // TODO Auto-generated catch block                e.printStackTrace();            }        }        return "";    }    public static String doPOST(String restfulURL)throws KeyManagementException, NoSuchAlgorithmException {        HttpsURLConnection.setDefaultHostnameVerifier(new HttpClient().new NullHostNameVerifier());        SSLContext sc = SSLContext.getInstance("TLS");        sc.init(null, trustAllCerts, new SecureRandom());        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());        URL url = null;        InputStream iStream=null;        InputStreamReader iReader=null;        BufferedReader breader=null;        DataOutputStream dOutputStream=null;        try {            url = new URL(restfulURL);            HttpURLConnection conn = (HttpURLConnection) url.openConnection();            conn.setRequestMethod("POST");// POST GET PUT DELETE            conn.setDoInput(true);            conn.setDoOutput(true);            conn.setRequestProperty("Accept-Charset", "utf-8");            conn.setRequestProperty("accept", "*/*");            // 固定的设置binary/message-pack            conn.setRequestProperty("Content-Type", "binary/message-pack");            //conn.setRequestProperty("token", "4c54d80875b80047bdaa21ae16176e63");            conn.setConnectTimeout(130000);            conn.setReadTimeout(130000);            conn.connect();            ArrayList<String> requeStrings=new ArrayList<String>();            requeStrings.add("auth.login");            requeStrings.add("AttUser002");            requeStrings.add("+123TestCheck");            //requeStrings.add("4c54d80875b80047bdaa21ae16176e63");            MessagePack messagePack=new MessagePack();            byte [] bytes=messagePack.write(requeStrings);            //输入流            dOutputStream=new DataOutputStream(conn.getOutputStream());            dOutputStream.write(bytes);            dOutputStream.flush();            iStream=conn.getInputStream();            iReader=new InputStreamReader(iStream,"UTF-8");            breader=new BufferedReader(iReader);            StringBuffer sBuffer=new StringBuffer();            String temp="";            while ((temp=breader.readLine())!=null) {                sBuffer.append(temp);            }            System.out.println(sBuffer.toString());            return sBuffer.toString();        } catch (MalformedURLException e) {            // TODO Auto-generated catch block            e.printStackTrace();        } catch (IOException e) {            // TODO Auto-generated catch block            e.printStackTrace();        } finally {            try {                if(breader!=null){                    breader.close();                }                if (iReader != null) {                    iReader.close();                }                if (iStream != null) {                    iStream.close();                }            } catch (IOException e) {                // TODO Auto-generated catch block                e.printStackTrace();            }        }        return "";    }    public static void main(String[] args) throws IOException, KeyManagementException, NoSuchAlgorithmException {        //doGet("https://172.16.30.99:3790/rest_api/v2/workspaces/6/hosts/4/services/46/vulns");        doPOST("https://172.16.30.99:3790/api/1.0/");    }    static TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {        @Override        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {            // TODO Auto-generated method stub        }        @Override        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {            // TODO Auto-generated method stub        }        @Override        public X509Certificate[] getAcceptedIssuers() {            // TODO Auto-generated method stub            return null;        }    } };    public class NullHostNameVerifier implements HostnameVerifier {        /*         * (non-Javadoc)         *          * @see javax.net.ssl.HostnameVerifier#verify(java.lang.String,         * javax.net.ssl.SSLSession)         */        @Override        public boolean verify(String arg0, SSLSession arg1) {            // TODO Auto-generated method stub            return true;        }    }}
0 0