以下代码在sec group中查找0.0.0.0/0并在slack上打印。
def getTag(connection, instanceId):
reservations=connection.get_all_instances(filters={'instance_id':instanceId})
for res in reservations:
for instance in res.instances:
if instance.state == "running":
return instance.tags['Name'],instance.private_ip_address,instance.region
else:
return None
#regions = ['us-east-1','us-west-1','us-west-2','eu-west-1','sa-east-1','ap-southeast-1','ap-southeast-2','ap-northeast-1']
#regions = ['us-west-2','eu-central-1','ap-southeast-1'] ##Prod VPC
regions = ['us-west-2']
data = []
header = ["Port","Open For","Security group","Instance Details"]
for region in regions:
connection=ec2.connect_to_region(region)
sg = connection.get_all_security_groups()
try:
for securityGroup in sg:
for rule in securityGroup.rules:
if '0.0.0.0/0' in str(rule.grants):
for instanceid in securityGroup.instances():
instanceId=str(instanceid)
# print instanceId
tag = getTag(connection, instanceId.split(':')[1])
if tag is not None:
# print tab
tab =[str(rule.to_port),"0.0.0.0/0",str(securityGroup.name),str(getTag(connection, instanceId.split(':')[1]))]
data.append(tab)
except Exception,e:
pass
print tabulate(data, headers=header, tablefmt='simple')
cool_stuff = tabulate(data, headers=header, tablefmt='simple')
slack.chat.post_message('#scanbot','```'+cool_stuff+'```',username='AWS_security_group_scanner')
问题是,这打印:
Port Open For Security group Instance Details
------ ---------- --------------------------------- ----------------------------------------------------------------------------------
1433 0.0.0.0/0 default (u'ABCcorp', u'10.17.9.22', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'dev-lb05', u'10.17.5.249', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'dev-sdl-lb02', u'10.17.5.63', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'lbCasio', u'10.17.5.11', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'lb01', u'10.17.4.196', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'lb01', u'10.17.5.133', RegionInfo:us-west-2)
80 0.0.0.0/0 pdx01-ms-dev-elbs (u'gehc-lb01', u'10.17.5.222', RegionInfo:us-west-2)
443 0.0.0.0/0 pdx01-ms-dev-elbs (u'lb05', u'10.17.5.249', RegionInfo:us-west-2)
我想摆脱' u'因为他们正在搞乱这些松散的东西。有人能帮助我吗?
答案 0 :(得分:2)
希望这有效
import unicodedata
for region in regions:
connection=ec2.connect_to_region(region)
sg = connection.get_all_security_groups()
try:
for securityGroup in sg:
for rule in securityGroup.rules:
if '0.0.0.0/0' in str(rule.grants):
for instanceid in securityGroup.instances():
instanceId=str(instanceid)
# print instanceId
tag = getTag(connection, instanceId.split(':')[1])
if tag is not None:
# print tab
tab =[str(rule.to_port),"0.0.0.0/0",str(securityGroup.name),unicodedata.normalize('NFKD', getTag(connection, instanceId.split(':')[1])).encode('ascii','ignore')]
data.append(tab)
except Exception,e:
pass
答案 1 :(得分:2)
更改此
tab = [str(rule.to_port), "0.0.0.0/0", str(securityGroup.name), str(getTag(connection, instanceId.split(':')[1]))]
到
tab = [str(rule.to_port), "0.0.0.0/0", str(securityGroup.name), tuple(list(i.encode('UTF8') for i in getTag(connection, instanceId.split(':')[1])[0:2] ) + [getTag(connection, instanceId.split(':')[1])[2]] )]