我尝试使用SoftLayer的Python库来运行自动漏洞扫描。不幸的是,我得到以下例外:
SoftLayerAPIError:SoftLayerAPIError(SoftLayer_Exception):无法创建SoftLayer_Network_Security_Scanner_Request_Nessus类型的新对象。确保身份验证方法正确。
我使用的代码如下所示。
import SoftLayer
USERNAME="" # I put valid value in here
APIKEY="" # I put valid value in here
TARGET="" # I put valid value in here
client = SoftLayer.create_client_from_env(
username=USERNAME,
api_key=APIKEY
)
""" ALTERNATE I TRIED ALSO FROM DOCUMENTATION:
client = SoftLayer.Client(
username=USERNAME,
api_key=APIKEY
)
"""
account = client['Account'].getObject()
scanner = client.call(
"SoftLayer_Network_Security_Scanner_Request",
"createObject", {
"accountId": account.get('id'),
"ipAddress": TARGET
})
Python库发送的HTTP请求如下所示:
POST /xmlrpc/v3.1/SoftLayer_Network_Security_Scanner_Request HTTP/1.1
Host: api.softlayer.com
Connection: keep-alive
Accept: */*
Content-Type: application/xml
Content-Length: 798
<?xml version='1.0'?>
<methodCall>
<methodName>createObject</methodName>
<params>
<param>
<value><struct>
<member>
<name>headers</name>
<value><struct>
<member>
<name>authenticate</name>
<value><struct>
<member>
<name>username</name>
<value><string>***USERNAME_HERE***</string></value>
</member>
<member>
<name>apiKey</name>
<value><string>***API_KEY_HERE***</string></value>
</member>
</struct></value>
</member>
</struct></value>
</member>
</struct></value>
</param>
<param>
<value><struct>
<member>
<name>ipAddress</name>
<value><string>***TARGET_IP_HERE***</string></value>
</member>
<member>
<name>accountId</name>
<value><int>***ACCOUNT_ID_HERE***</int></value>
</member>
</struct></value>
</param>
</params>
</methodCall>
收到的HTTP回复是:
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2017 12:47:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml
Content-Length: 495
<?xml version="1.0" encoding="iso-8859-1"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value>
<string>SoftLayer_Exception</string>
</value>
</member>
<member>
<name>faultString</name>
<value>
<string>Unable to create a new object of type SoftLayer_Network_Security_Scanner_Request_Nessus. Make sure the authentication method is correct.</string>
</value>
</member>
</struct>
</value>
</fault>
</methodResponse>
有人可以帮助我,看看代码,因为我无法弄清楚问题出在哪里。 您能否请提供此工作所需的最低权限列表?
注意:我尝试启用所有可能的权限进行调试但没有运气
答案 0 :(得分:0)
这看起来像API的一个问题,它不能仅指定指定hardwareId(用于裸机服务器)或guestId(用于虚拟客户机服务器)所需的IP地址
所以试试这段代码:
import SoftLayer
USERNAME="set me" # I put valid value in here
APIKEY="set me" # I put valid value in here
TARGET="set me" # I put valid value in here
client = SoftLayer.create_client_from_env(
username=USERNAME,
api_key=APIKEY
)
account = client['Account'].getObject()
server = client['Virtual_Guest'].findByIpAddress(TARGET)
if (server) :
request = {
"accountId": account["id"],
"guestId": server["id"]
}
else:
server = client['Hardware_Server'].findByIpAddress(TARGET)
if (server):
request = {
"accountId": account["id"],
"hardwareId": server["id"]
}
else:
print ("server does not exist.")
exit
scanner = client['Network_Security_Scanner_Request'].createObject(request)
答案 1 :(得分:0)
我测试了Nelson的上述评论,它正在为虚拟系统设置guestId。因此,您必须提供accountId,guestId和ipAddress才能使其正常工作。我也将测试硬件,并期望同样的成功。如果没有,我会再次回复