• XShell实现自动化执行脚本.sh文件)(网络安全检查) TheChosen


    1、自动化登录服务器操作:

    第一种方式:(login.vbs文件)

    Sub Main
    xsh.Screen.Send "ssh root@10.99.202.54"
    xsh.Screen.Send VbCr
    xsh.Screen.WaitForString "password: "
    xsh.Screen.Send "TOYxmx$Hpv"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "ifconfig"
    xsh.Screen.Send VbCr
    End Sub

     

    第二种方式:建立会话实现点击登录

    2、执行命令的脚本文件(basci.vbs文件)

    Sub Main
    xsh.Screen.Send "yum install lrzsz -y"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "yum -y install psmisc"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "yum install -y ntp"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "service ntpd start"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "cd /home"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "mkdir securityCheck"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "cd /home/securityCheck"
    xsh.Screen.Send VbCr
    End Sub

     3、上传文件

    rz (enter)

     4、执行脚本文件(查询信息,生成TXT文件并且导出到本地)run.vbs文件

    Sub Main
    xsh.Screen.Send "chmod +x securityCheck.sh"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "./securityCheck.sh"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "sz securityReport.txt"
    xsh.Screen.Send VbCr
    xsh.Screen.Send VbCr
    End Sub

    5、脚本文件具体内容(securityCheck.sh文件)

    #!/bin/bash
    echo "------------------------网络安全检查开始----------------------" >> /home/securityCheck/securityReport.txt
    echo "------------------第一部分——网卡配置查询--------------------" >> /home/securityCheck/securityReport.txt
    #01-网卡配置——查询命令总结
    network_scripts=`cat /etc/sysconfig/network-scripts/ifcfg-ens192`
    echo "1.1 系统网卡配置信息ifcfg-ens192:" >> /home/securityCheck/securityReport.txt
    echo "$network_scripts" >> /home/securityCheck/securityReport.txt
    ifconfig=`ifconfig`
    echo "1.2 系统网卡ifconfig具体信息:" >> /home/securityCheck/securityReport.txt
    echo "$ifconfig" >> /home/securityCheck/securityReport.txt
    #02-DNS文件配置——查询命令
    echo "------------------第二部分——DNS配置查询--------------------" >> /home/securityCheck/securityReport.txt
    DNS=`cat /etc/resolv.conf`
    echo "2.1 系统DNS配置信息:" >> /home/securityCheck/securityReport.txt
    echo "$DNS" >> /home/securityCheck/securityReport.txt

    #03-核查NTP文件配置-查询命令
    echo "------------------第三部分——NTP配置查询--------------------" >> /home/securityCheck/securityReport.txt
    #查询NTP文件配置
    NTP=`ntpq -p`
    echo "3.1 系统NTP配置信息" >> /home/securityCheck/securityReport.txt
    echo "$NTP" >> /home/securityCheck/securityReport.txt
    #显示网络时间同步状态
    NTPstat=`ntpstat`
    echo "3.2 系统网络时间同步状态信息" >> /home/securityCheck/securityReport.txt
    echo "$NTPstat" >> /home/securityCheck/securityReport.txt

    #04-端口检查-查询命令
    echo "------------------第四部分——端口信息查询--------------------" >> /home/securityCheck/securityReport.txt
    #所有端口检查
    PORT=`netstat -tunlp`
    echo "4.1 系统所有端口信息" >> /home/securityCheck/securityReport.txt
    echo "$PORT" >> /home/securityCheck/securityReport.txt
    #查看所有的服务和端口
    AllPORT=`netstat -anlp`
    echo "4.2 系统所有的服务及端口信息" >> /home/securityCheck/securityReport.txt
    echo "$AllPORT" >> /home/securityCheck/securityReport.txt
    #查看服务占用的端口(比如Nginx,mysqld)
    JAVA=`netstat -ntulp | grep java`
    echo "4.3-1 java服务占用的端口信息" >> /home/securityCheck/securityReport.txt
    echo "$JAVA" >> /home/securityCheck/securityReport.txt
    NGINX=`netstat -ntulp | grep nginx`
    echo "4.3-2 nginx服务占用的端口信息" >> /home/securityCheck/securityReport.txt
    echo "$NGINX" >> /home/securityCheck/securityReport.txt
    REDIS=`netstat -ntulp | grep redis`
    echo "4.3-3 redis服务占用的端口信息" >> /home/securityCheck/securityReport.txt
    echo "$REDIS" >> /home/securityCheck/securityReport.txt

    #ssh服务器端/etc/ssh/sshd_conf配置文件详解
    SSH=`cat /etc/ssh/sshd_config`
    echo "4.4 SSH服务的具体配置信息" >> /home/securityCheck/securityReport.txt
    echo "$SSH" >> /home/securityCheck/securityReport.txt

    echo "------------------第五部分——防火墙信息查询--------------------" >> /home/securityCheck/securityReport.txt
    #05-核查防火墙-查询命令
    #查看防火墙的状态
    FIREWALL=`firewall-cmd --state`
    echo "5.1 防火墙的具体信息" >> /home/securityCheck/securityReport.txt
    echo "$FIREWALL" >> /home/securityCheck/securityReport.txt

    #查看防火墙的规则
    FIRERULE=`firewall-cmd --list-all`
    echo "5.2 防火墙的具体信息" >> /home/securityCheck/securityReport.txt
    echo "$FIRERULE" >> /home/securityCheck/securityReport.txt

    echo "------------------第六部分——系统用户信息查询--------------------" >> /home/securityCheck/securityReport.txt
    #06-核查系统用户-查询命令
    #查询系统用户列表
    SYSTEMUSER=`cat /etc/passwd`
    echo "6.1 系统的用户状态信息" >> /home/securityCheck/securityReport.txt
    echo "$SYSTEMUSER" >> /home/securityCheck/securityReport.txt
    #查询系统用户密码列表
    USERPASSWORD=`cat /etc/shadow`
    echo "6.2 系统的用户密码信息" >> /home/securityCheck/securityReport.txt
    echo "$USERPASSWORD" >> /home/securityCheck/securityReport.txt
    #查看系统中有哪些用户
    USER=`cut -d : -f 1 /etc/passwd`
    echo "6.3 系统的用户列表" >> /home/securityCheck/securityReport.txt
    echo "$USER" >> /home/securityCheck/securityReport.txt
    #查看可以登录系统的用户
    LOGINUSER=`cat /etc/passwd | grep -v /sbin/nologin | cut -d : -f 1`
    echo "6.4 系统中具有登录权限的用户信息" >> /home/securityCheck/securityReport.txt
    echo "$LOGINUSER" >> /home/securityCheck/securityReport.txt

    echo "------------------第七部分——系统进程信息查询--------------------" >> /home/securityCheck/securityReport.txt
    #07-核查进程-查询命令
    #查询系统的所有进程
    PROCESS=`ps aux --sort=-%mem`
    echo "7.1 系统所有的进程信息(按照占用内存大小排序)" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS" >> /home/securityCheck/securityReport.txt
    #查询所有正在运行中的进程
    PROCESSING=`ps aux | less`
    echo "7.2 系统中正在运行的进程信息" >> /home/securityCheck/securityReport.txt
    echo "$PROCESSING" >> /home/securityCheck/securityReport.txt
    #显示系统所有进程的进程树
    PTREE=`pstree`
    echo "7.3 系统整体进程树信息" >> /home/securityCheck/securityReport.txt
    echo "$PTREE" >> /home/securityCheck/securityReport.txt
    #查询特定服务的进程树
    PTREE_JAVA=`pstree -aup | grep java`
    echo "7.4.1 系统中java服务的进程树信息" >> /home/securityCheck/securityReport.txt
    echo "$PTREE_JAVA" >> /home/securityCheck/securityReport.txt
    PTREE_REDIS=`pstree -aup | grep redis`
    echo "7.4.2 系统中redis服务的进程树信息" >> /home/securityCheck/securityReport.txt
    echo "$PTREE_REDIS" >> /home/securityCheck/securityReport.txt
    PTREE_NGINX=`pstree -aup | grep nginx`
    echo "7.4.3 系统中nginx服务的进程树信息" >> /home/securityCheck/securityReport.txt
    echo "$PTREE_NGINX" >> /home/securityCheck/securityReport.txt
    PTREE_SSH=`pstree -aup | grep ssh`
    echo "7.4.4 系统中SSH服务的进程树信息" >> /home/securityCheck/securityReport.txt
    echo "$PTREE_SSH" >> /home/securityCheck/securityReport.txt

    #查询某一个服务的进程数
    PROCESS_COUNT_JAVA=`ps -ef | grep java | wc -l`
    echo "7.5.1 系统中java服务的进程数" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_COUNT_JAVA" >> /home/securityCheck/securityReport.txt
    PROCESS_COUNT_REDIS=`ps -ef | grep redis | wc -l`
    echo "7.5.2 系统中redis服务的进程数" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_COUNT_JAVA" >> /home/securityCheck/securityReport.txt
    PROCESS_COUNT_NGINX=`ps -ef | grep nginx | wc -l`
    echo "7.5.3 系统中nignx服务的进程数" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_COUNT_NGINX" >> /home/securityCheck/securityReport.txt
    PROCESS_COUNT_SSH=`ps -ef | grep ssh | wc -l`
    echo "7.5.4 系统中ssh服务的进程数" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_COUNT_SSH" >> /home/securityCheck/securityReport.txt

    #查询某一个服务的进程详细信息
    PROCESS_DETAIL_JAVA=`ps -ef | grep java`
    echo "7.6.1 系统中java服务的具体进程信息" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_DETAIL_JAVA" >> /home/securityCheck/securityReport.txt
    PROCESS_DETAIL_REDIS=`ps -ef | grep redis`
    echo "7.6.2 系统中redis服务的具体进程信息" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_DETAIL_REDIS" >> /home/securityCheck/securityReport.txt
    PROCESS_DETAIL_NGINX=`ps -ef | grep nginx`
    echo "7.6.3 系统中nignx服务的具体进程信息" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_DETAIL_NGINX" >> /home/securityCheck/securityReport.txt
    PROCESS_DETAIL_SSH=`ps -ef | grep ssh`
    echo "7.6.4 系统中ssh服务的具体进程信息" >> /home/securityCheck/securityReport.txt
    echo "$PROCESS_DETAIL_SSH" >> /home/securityCheck/securityReport.txt

    echo "------------------第八部分——系统CPU信息查询--------------------" >> /home/securityCheck/securityReport.txt
    #08-核查CPU信息-查询命令
    #cpu逻辑核个数
    CPU_NUMBER_logistic=`cat /proc/cpuinfo | grep "processor" | wc -l`
    echo "8.1 系统CPU逻辑核个数" >> /home/securityCheck/securityReport.txt
    echo "$CPU_NUMBER_logistic" >> /home/securityCheck/securityReport.txt
    #cpu物理核个数
    CPU_NUMBER_physical=`cat /proc/cpuinfo | grep "cpu cores" | uniq`
    echo "8.2 系统CPU物理核个数" >> /home/securityCheck/securityReport.txt
    echo "$CPU_NUMBER_physical" >> /home/securityCheck/securityReport.txt
    #cpu个数
    CPU_NUMBER=`cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l`
    echo "8.3 系统CPU的个数" >> /home/securityCheck/securityReport.txt
    echo "$CPU_NUMBER" >> /home/securityCheck/securityReport.txt
    #cpu是否启用超线程(siblings 大于 cpu cores,说明启用了超线程)
    CHAO_THREAD=`cat /proc/cpuinfo | grep -e "cpu cores" -e "siblings" | sort | uniq`
    echo "8.4 系统的超线程情况信息" >> /home/securityCheck/securityReport.txt
    echo "$CHAO_THREAD" >> /home/securityCheck/securityReport.txt
    #cpu的具体信息查询
    CPU_DETAIL=`cat /proc/cpuinfo`
    echo "8.5 系统CPU的具体信息" >> /home/securityCheck/securityReport.txt
    echo "$CPU_DETAIL" >> /home/securityCheck/securityReport.txt
    #查询CPU的主频
    CPU_HZ=`cat /proc/cpuinfo |grep MHz|uniq`
    echo "8.6 系统CPU的主频信息" >> /home/securityCheck/securityReport.txt
    echo "$CPU_HZ" >> /home/securityCheck/securityReport.txt

    #查询内存的基本信息
    RAM=`cat /proc/meminfo`
    echo "8.7 系统内存信息" >> /home/securityCheck/securityReport.txt
    echo "$RAM" >> /home/securityCheck/securityReport.txt

    #查看CPU的型号
    CPU_TYPE=`dmidecode -s processor-version`
    echo "8.7 系统内存信息" >> /home/securityCheck/securityReport.txt
    echo "$CPU_TYPE" >> /home/securityCheck/securityReport.txt
    echo "------------------------网络安全检查结束----------------------" >> /home/securityCheck/securityReport.txt

    6、结束脚本内容(end.vbs)

    Sub Main
    xsh.Screen.Send "cd /home"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "rm -rf securityCheck"
    xsh.Screen.Send VbCr
    xsh.Screen.Send "ll"
    xsh.Screen.Send VbCr
    End Sub

    综合以上脚本内容和执行顺序,具体的文件如下所示:

     

     

  • 相关阅读:
    【洛谷P3901】数列找不同
    【洛谷P2966】Cow Toll Paths
    【CH6901】骑士放置
    【洛谷P2215】上升序列
    【洛谷P1637】三元上升子序列
    【POJ2226】Muddy Fields
    【UVA1194】Machine Schedule
    【CH6803】导弹防御塔
    【CH6802】车的放置
    hdu 3572(构图+最大流)
  • 原文地址:https://www.cnblogs.com/Yanjy-OnlyOne/p/15669176.html
Copyright © 2020-2023  润新知