关于XPath解析xml文档
解析文件
<AURORA>
<vendor>绿盟科技</vendor>
<product>远程安全评估系统</product>
<version>V6.0R03F01SP02</version>
<plug_version>V6.0R02F01.1804</plug_version>
<TASK>
<TASK_ID>58</TASK_ID>
<TASK_NAME><![CDATA[扫描【10.62.144.54】]]></TASK_NAME>
<TASK_TARGETS><![CDATA[10.62.144.54]]></TASK_TARGETS>
<PLUGIN_TEMPLATE><![CDATA[自动匹配扫描]]></PLUGIN_TEMPLATE>
<PLUGIN_TEMPLATE_VUL></PLUGIN_TEMPLATE_VUL>
<START_TIME>2021-02-26 16:25:23</START_TIME>
<END_TIME>2021-02-26 16:28:32</END_TIME>
</TASK>
<INFOS>
<INFO>
<TARGET_IP>10.62.144.54</TARGET_IP>
<START_TIME>2021-02-26 16:25:26</START_TIME>
<END_TIME>2021-02-26 16:28:30</END_TIME>
<MESSS>
<MESS>
<MESS_TYPE>10</MESS_TYPE>
<MESS_TYPE_NAME><![CDATA[端口信息]]></MESS_TYPE_NAME>
<PLUGIN_ID></PLUGIN_ID>
<PORT></PORT>
<PROTO></PROTO>
<MESS_STRING>
<SP><![CDATA[3011]]></SP>
<SP><![CDATA[tcp]]></SP>
<SP><![CDATA[trusted-web]]></SP>
<SP><![CDATA[open]]></SP>
</MESS_STRING>
</MESS>
<MESS>
<MESS_TYPE>5</MESS_TYPE>
<MESS_TYPE_NAME><![CDATA[操作系统类型]]></MESS_TYPE_NAME>
<PLUGIN_ID></PLUGIN_ID>
<PORT></PORT>
<PROTO></PROTO>
<MESS_STRING>
<SP><![CDATA[Linux]]></SP>
<SP><![CDATA[]]></SP>
</MESS_STRING>
</MESS>
</MESSS>
</INFO>
</INFOS>
<VULS>
<VUL>
<TARGET_IP>10.62.144.54</TARGET_IP>
<SEVERITYS>
<SEVERITY>
<VUL_ID>50638</VUL_ID>
<PROTO>1</PROTO>
<PORT>0</PORT>
<SERVICE></SERVICE>
<MESS_STRING><![CDATA[初始时间戳:00000000\n接收时间戳:01cd3683\n传递时间戳:01cd3683\n]]></MESS_STRING>
</SEVERITY>
<SEVERITY>
<VUL_ID>50631</VUL_ID>
<PROTO>1</PROTO>
<PORT>0</PORT>
<SERVICE></SERVICE>
<MESS_STRING><![CDATA[路由跟踪列表:\n*\n136.63.45.77\n136.63.45.102\n*\n10.62.144.54\n]]></MESS_STRING>
</SEVERITY>
</SEVERITYS>
</VUL>
</VULS>
<PLUGINS>
<PLUGIN>
<PLUGIN_ID>50631</PLUGIN_ID>
<VUL_ID>50631</VUL_ID>
<NAME>允许Traceroute探测</NAME>
<CVE_ID></CVE_ID>
<NSFOCUS_ID></NSFOCUS_ID>
<BUGTRAQ_ID></BUGTRAQ_ID>
<RISK>1.0</RISK>
<SOLUTION><![CDATA[在防火墙中禁用Time Exceeded类型的ICMP包]]></SOLUTION>
<DESCRIPTION><![CDATA[本插件使用Traceroute探测来获取扫描器与远程主机之间的路由信息。攻击者也可以利用这些信息来了解目标网络的网络拓扑。]]></DESCRIPTION>
</PLUGIN>
<PLUGIN>
<PLUGIN_ID>50638</PLUGIN_ID>
<VUL_ID>50638</VUL_ID>
<NAME>ICMP timestamp请求响应漏洞</NAME>
<CVE_ID>CVE-1999-0524</CVE_ID>
<NSFOCUS_ID></NSFOCUS_ID>
<BUGTRAQ_ID></BUGTRAQ_ID>
<RISK>0.0</RISK>
<SOLUTION><![CDATA[NSFOCUS建议您采取以下措施以降低威胁:
* 在您的防火墙上过滤外来的ICMP timestamp(类型 13)报文以及外出的ICMP timestamp回复报文。]]></SOLUTION>
<DESCRIPTION><![CDATA[远程主机会回复ICMP_TIMESTAMP查询并返回它们系统的当前时间。
这可能允许攻击者攻击一些基于时间认证的协议。]]></DESCRIPTION>
</PLUGIN>
</PLUGINS>
</AURORA>
public static void vulnCollects() {
try {
DocumentBuilderFactory documentBuilderFactory=DocumentBuilderFactory.newInstance() ;
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder=documentBuilderFactory.newDocumentBuilder();
String file="E:\\vuln\\report_standard_1086_22286_58.xml";
Document document=documentBuilder.parse(new File(file));
XPath xpath= XPathFactory.newInstance().newXPath();
String vulnFile="/AURORA/PLUGINS/PLUGIN";
NodeList nodeList= (NodeList) xpath.compile(vulnFile).evaluate(document, XPathConstants.NODESET);
for(int i=0;i<nodeList.getLength();i++){
Node node=nodeList.item(i);
Element element= (Element) node;
System.out.println(element.getElementsByTagName("NAME").item(0).getTextContent());
}
} catch (Exception e) {
e.printStackTrace();
}
}
public static void fileDuler(){
String file="E:\\vuln\\report_standard_1086_22286_58.xml";
File files=new File(file);
if(files.exists()){
System.out.println("开始读取文件");
try {
DocumentBuilderFactory documentBuilderFactory=DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder= documentBuilderFactory.newDocumentBuilder();
Document document=documentBuilder.parse(files);
XPath xPath=XPathFactory.newInstance().newXPath();
String evaluate="/AURORA/product";
Node node = (Node) xPath.compile(evaluate).evaluate(document, XPathConstants.NODE);
System.out.println(node.getTextContent());
} catch (Exception e) {
e.printStackTrace();
}
}
}
public static void fileDulers(){
String file="E:\\vuln\\report_standard_1086_22286_58.xml";
File files=new File(file);
if(files.exists()){
System.out.println("开始读取文件");
try {
DocumentBuilderFactory documentBuilderFactory=DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder= documentBuilderFactory.newDocumentBuilder();
Document document=documentBuilder.parse(files);
XPath xPath=XPathFactory.newInstance().newXPath();
String evaluate="/AURORA/VULS/VUL";
NodeList nodeList = (NodeList) xPath.compile(evaluate).evaluate(document, XPathConstants.NODESET);
for(int i=0;i< nodeList.getLength();i++){
Node node=nodeList.item(i);
Element element= (Element) node;
System.out.println(element.getElementsByTagName("TARGET_IP").item(0).getTextContent());
NodeList nodeList1=element.getElementsByTagName("SEVERITY");
for(int j=0;j<nodeList1.getLength();j++){
Node node1=nodeList1.item(j);
Element element1= (Element) node1;
System.out.println("=VUL_ID"+element1.getElementsByTagName("VUL_ID").item(0).getTextContent());
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
