-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmatching.py
64 lines (56 loc) · 2.06 KB
/
matching.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import pymysql
import configparser
import re
conn=pymysql.connect('localhost','root','password')
conn.select_db('logger')
cur=conn.cursor()
table_name = 'logger_watcher_2021_05_03_09'
cf = configparser.ConfigParser()
cf.read(r"config.ini")
ua_rule = cf.get("rule","ua_rule")
method_rule = cf.get("rule","method_rule")
sql_rule = cf.get("rule","sql_rule")
code_rule = cf.get("rule","code_rule")
with open("urlinfo.txt","w") as f:
cur.execute("select ip, request_url,status_code,ua from " + table_name + ";")
print("====================UA信息开始匹配==================")
while 1:
res=cur.fetchone()
if res is None:
break
if re.search(ua_rule,res[3], re.IGNORECASE):
info = [res[2],res[0],res[1]]
f.write(str(info)+"\n")
cur.execute("select ip, request_url,status_code,request_method from " + table_name + ";")
print("====================请求方式开始匹配==================")
while 1:
res=cur.fetchone()
if res is None:
break
if re.search(method_rule,res[3], re.IGNORECASE) == None:
print (res[2],res[0],res[1],res[3])
info = [res[2],res[0],res[1],res[3]]
f.write(str(info)+"\n")
cur.execute("select ip, request_url,status_code from " + table_name + ";")
print("====================状态码开始匹配==================")
while 1:
res=cur.fetchone()
if res is None:
break
if re.search(code_rule,str(res[2]), re.IGNORECASE):
print (res[2],res[0],res[1])
info = [res[2],res[0],res[1]]
f.write(str(info)+"\n")
cur.execute("select ip, request_url,status_code from " + table_name + ";")
print("====================URI开始匹配==================")
while 1:
res=cur.fetchone()
if res is None:
break
if re.search(sql_rule,res[1], re.IGNORECASE):
print (res[2],res[0],res[1])
info = [res[2],res[0],res[1]]
f.write(str(info)+"\n")
cur.close()
conn.commit()
conn.close()