我正在处理Nmap脚本引擎的输出,我遇到字符串转换问题。
nmap的结果将它放在一个字典中,我将其转换为字符串:
nm = nmap.PortScanner()
sslNmapOutput = nm.scan(hosts='192.168.2.50', arguments='--script ssl-enum-ciphers -p443')
sslOutput = ', '.join("%s=%s" % (key,val) for (key,val) in sslNmapOutput.iteritems())
resultString = re.search("warnings:(.*)SHA1\n", sslOutput)
resultString = result.group(1)
print sslOutput.strip()
这将打印以下内容:
nmap={'scanstats': {'uphosts': '1', 'timestr': 'Wed Mar 15 17:59:42 2017', 'downhosts': '0', 'totalhosts': '1', 'elapsed': '18.85'}, 'scaninfo': {'tcp': {'services': '443', 'method': 'syn'}}, 'command_line': 'nmap -oX - --script ssl-enum-ciphers -p443
192.168.2.50'}, scan={'192.168.2.50': {'status': {'state': 'up', 'reason': 'reset'}, 'hostnames': [{'type': '', 'name': ''}], 'vendor': {}, 'addresses': {'ipv4': '192.168.2.50'}, 'tcp': {443: {'product': '', 'state': 'open', 'version': '', 'name': 'https', 'conf': '3', 'script': {'ssl-enum-ciphers': '\n SSLv3: \n ciphers: \n TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C\n TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C\n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A\n TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A\n TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 2048) - C\n TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n compressors: \n NULL\n cipher preference: server\n warnings: \n 64-bit block cipher 3DES vulnerable to SWEET32 attack\n Broken cipher RC4 is deprecated by RFC 7465\n CBC-mode cipher in SSLv3 (CVE-2014-3566)\n Weak certificate signature: SHA1\n }, 'extrainfo': '', 'reason': 'syn-ack', 'cpe': ''}}}}
我想获取warnings:和SHA1\n之间的所有信息。但是,当我打印正则表达式的结果时,我得到以下结果:
\n 64-bit block cipher 3DES vulnerable to SWEET32 attack\n Broken cipher RC4 is deprecated by RFC 7465\n CBC-mode cipher in SSLv3 (CVE-2014-3566)\n Weak certificate signature:
我想要的是打印的值,因为它会显示正确的空格和换行符缩进,如下所示:
test = "\n 64-bit block cipher 3DES vulnerable to SWEET32 attack\n Broken cipher RC4 is deprecated by RFC 7465\n CBC-mode cipher in SSLv3 (CVE-2014-3566)\n Weak certificate signature: "
print test.strip()
输出:
64-bit block cipher 3DES vulnerable to SWEET32 attack
Broken cipher RC4 is deprecated by RFC 7465
CBC-mode cipher in SSLv3 (CVE-2014-3566)
Weak certificate signature:
答案 0 :(得分:0)
以下是发生了什么的演示:
>>> s = 'a\nb'
>>> print s
a
b
>>> print {'key': s}
{'key': 'a\nb'}
sslNmapOutput是一个字典,其值在树的内部深处,包含实际的换行符。在作为字典的直接值上调用str(通过%s)会创建一个字符串表示形式,其中内部值中的换行符被两个字符\n替换。不要将正则表达式应用于sslOutput。而是将其应用于sslNmapOutput中包含的原始字符串,在本例中可用作:
sslNmapOutput['scan']['192.168.2.50']['tcp'][443]['script']['ssl-enum-ciphers']