Acunetix与WAF集成:Acunetix和F5 BigIP ASM
该的Acunetix API让您有机会来实现任务自动化,从而提高效率-尤其是当你可以用加速您的工作流程的其他组件的功能整合。在此示例中,我们将在上一篇文章的基础上,向您展示如何在Bash脚本中使用Acunetix API:使用Bash和Acunetix API管理扫描。我们将代码添加到该Bash脚本中,以实现以下自动化:
在Acunetix中: 触发创建导出文件以随后导入到WAF中 监视导出状态,直到完成 下载导出文件 在BigIP ASM中 定义目标 定义安全策略 上载汇出 脚本添加的剖析 脚本添加遵循以下结构:
Acunetix API任务 导出文件的生成被触发 创建一个循环,该循环每10秒检查一次导出文件生成的状态,并等待状态完成 导出文件已下载 WAF API任务 为目标创建一个虚拟服务器 漏洞评估基准的ID是从WAF中检索的 创建Acunetix扫描的安全策略 从WAF检索安全策略的ID 安全策略的扫描程序类型设置为“通用扫描程序” 计算导出文件的大小 导出文件已上传到WAF 导出文件已导入到安全策略中 Bash脚本添加
... previous script above this line
Declare variables for Acunetix
MyTargetIP=getent hosts testphp.vulnweb.com | awk '{ print $1 } ExportTypeID="21111111-1111-1111-1111-111111111113" # F5 BigIP
Declare variables for F5 BigIp
MyTargetDomain=echo "$MyTargetURL" | sed -e 's|^[^/]*//||' -e 's|/.*$||' MyBigIpUser="admin" MyBigIpPass="adminpass123%" MyBigIpHost="192.168.72.128"
MyExportResult=curl -i -sS -k -X POST $MyAXURL/exports -H "Content-Type: application/json" -H "X-Auth: $MyAPIKEY" --data "{\"export_id\":\"$ExportTypeID\",\"source\":{\"list_type\":\"scan_result\",\"id_list\":[\"$MyScanResultID\"]}}"
MyExportElement=echo "$MyExportResult" | grep "Location: " | sed "s/Location: \/api\/v1\/exports\///" | sed "s/\r//g" | sed -z "s/\n//g" MyExportURL=echo "$MyAXURL/exports/$MyExportElement" MyExportID=echo "$MyExportResult" | grep -Po '"report_id": *\K"[^"]*"' | tr -d '"'
while true; do MyExportStatus=curl -sS -k -X GET "$MyAXURL/exports/{$MyExportID}" -H "Accept: application/json" -H "X-Auth: $MyAPIKEY"
if [[ "$MyExportStatus" == *""status": "processing""* ]]; then echo "Export status: Processing - waiting 10 seconds" elif [[ "$MyExportStatus" == *""status": "queued""* ]]; then echo "Export status: Queued - waiting 10 seconds" elif [[ "$MyExportStatus" == *""status": "completed""* ]]; then echo "Export status: Completed" # Break out of loop break else echo "Invalid export status - aborting" # Clean up and exit script cleanup exit 1 fi sleep 10 done
MyExportFile=echo $MyExportStatus | sed 's/.*\[ \"\/api\/v1\/reports\/download\/\([^]]*\)\" \].*/\1/g' echo "Export file: $MyExportFile"
Download export file from Acunetix
Dummy=curl -sS -k "$MyAXURL/reports/download/$MyExportFile" -o $MyExportFile
Create a virtual server for your target
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/ltm/virtual" -H "Content-type: application/json" --data '{"name":"MyWebApplication","destination":"'"$MyTargetIP"':80","ipProtocol":"tcp"}' echo "Created a virtual server"
Get the ID of the vulnerability assessment baseline policy
MyBigIpVulnBaselineID=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X GET "https://$MyBigIpHost/mgmt/tm/asm/policy-templates" -H "Content-type: application/json" | jq -r '.items[] | select(.title == "Vulnerability Assessment Baseline") | .id'
Create a security policy for Acunetix scans
MyBigIpPolicyResponse=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/policies" -H "Content-type: application/json" --data '{"name":"AcunetixPolicy","description":"Import from Acunetix Scan Results","virtualServers":["/Common/MyWebApplication"],"type":"security","enforcementMode":"blocking","templateReference":{"link":"https://$MyBigIpHost/mgmt/tm/asm/policy-templates/'"$MyBigIpVulnBaselineID"'"}}' MyBigIpPolicyID=echo $MyBigIpPolicyResponse | jq -r '.id' echo "Security policy ID: $MyBigIpPolicyID"
Set scanner type to Generic scanner
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X PATCH "https://$MyBigIpHost/mgmt/tm/asm/policies/$MyBigIpPolicyID/vulnerability-assessment" -H "Content-type: application/json" --data '{"scannerType":"generic"}' echo "Scanner type set to Generic scanner"
Get file size
MyExportFileSize=stat --printf="%s" $MyExportFile
Upload the file to the WAF
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/file-transfer/uploads/$MyExportFile" -H "Content-type: application/octet-stream" -H "Content-Range: 0-$((MyExportFileSize-1))/$MyExportFileSize" --data-binary @$MyExportFile echo "Acunetix export file uploaded to the WAF"
Import the file into the security policy
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/tasks/import-vulnerabilities" -H "Content-type: application/json" --data '{"policyReference":{"link":"https://'"$MyBigIpHost"'/mgmt/tm/asm/policies/'"$MyBigIpPolicyID"'"},"filename":"'"$MyExportFile"'","importAllDomainNames":false,"domainNames":["'"$MyTargetDomain"'"]}' echo "Acunetix export file imported to the security policy"
Get the vulnerabilities collection object
MyVulnerabilities=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X GET "https://$MyBigIpHost/mgmt/tm/asm/policies/$MyBigIpPolicyID/vulnerabilities" MyVulnerabilitiesItems=echo $MyVulnerabilities | jq '.totalItems' echo "Number of vulnerabilities imported: $MyVulnerabilitiesItems" if [[ $MyVulnerabilitiesItems -eq 0 ]]; then echo "No vulnerabilities imported; exiting" exit 1; fi
echo "$MyVulnerabilitiesItems vulnerabilities imported. You now need to configure resolution parameters for each vulnerability."
————————————————
版权声明:本文为CSDN博主「kevin20182019」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/kevin20182019/article/details/117121273