在此处输入图像描述我正在尝试编写一个Powershell脚本,该脚本采用OpenVAS.csv文件并以我可以上传到Jira的格式输出。我编写了一个工作脚本,用于获取每个扫描项目并创建自己的条目,这肯定有一些改进的余地。我一直在尝试创建一个脚本,该脚本采用所有具有漏洞"TCP 时间戳"的主机(例如),并且仅创建一个 csv 条目。
起始输入(经过严格消毒): 在此处输入图像描述
第一个工作脚本(为每个项目制作单独的票证):
# Function for file picker
Function Get-FileName($initialDirectory)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
$OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
$OpenFileDialog.initialDirectory = $initialDirectory
$OpenFileDialog.filter = "CSV (*.csv)| *.csv"
$OpenFileDialog.ShowDialog() | Out-Null
$OpenFileDialog.filename
}
$scanImport = @()
$csvContents = @()
$inputFile = Get-FileName "C:temp"
$scanImport = Import-CSV $inputFile
# Removes the Information vulnerabilities
$scanImport = @($scanImport | Where-Object {$_."Risk Level" -ne "Info"})
$scanImport | Sort Vulnerability | ForEach {
$row = New-Object System.Object
$row | Add-Member -MemberType NoteProperty -Name "Hostname" -Value $_.Hostname
$row | Add-Member -MemberType NoteProperty -Name "IP Address" -Value $_."Host IP"
$row | Add-Member -MemberType NoteProperty -Name "Vulnerability Base Rating" -Value $_."Risk Level"
$row | Add-Member -MemberType NoteProperty -Name "Detection Method" -Value "OpenVAS"
$row | Add-Member -MemberType NoteProperty -Name "Vulnerability Name" -Value $_.Vulnerability.Split("`n")[0]
$row | Add-Member -MemberType NoteProperty -Name "Summary" -Value ($_.Hostname + " - " + $_.Vulnerability.Split("`n")[0])
$row | Add-Member -MemberType NoteProperty -Name "References" -Value ("Observation:" + " " + $_.Observation + "`n`n" + "Remediation:" + " " + $_.Remedation + "`n`n" + "Consequences:" + " " + $_.Consequences + "`n`n" + "Test Output:" + " " + $_."Test Output")
$row | Add-Member -MemberType NoteProperty -Name "Assigned To" -Value user1
$row | Add-Member -MemberType NoteProperty -Name "System Owner" -Value user2
$row | Add-Member -MemberType NoteProperty -Name "Users Affected" -Value "Needs to be entered"
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals" -Value user3
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals1" -Value user4
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals2" -Value user5
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals3" -Value user6
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals4" -Value user7
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals5" -Value user8
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals6" -Value user9
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals7" -Value user10
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals8" -Value user11
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals9" -Value user12
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals10" -Value user13
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals11" -Value user14
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals12" -Value user15
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals13" -Value user16
$csvContents += $row
}
$csvContents | Export-CSV -Path "Users$env:USERNAMEDesktopOpenVAS_to_Jira.csv" -NoTypeInformation
第一个脚本输出(主机名和漏洞名称已编辑。我使用了旧的漏洞扫描,但出于预防措施): 脚本输出
第二次脚本尝试(具有分组功能):
# Function for file picker
Function Get-FileName($initialDirectory)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
$OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
$OpenFileDialog.initialDirectory = $initialDirectory
$OpenFileDialog.filter = "CSV (*.csv)| *.csv"
$OpenFileDialog.ShowDialog() | Out-Null
$OpenFileDialog.filename
}
$scanImport = @()
$csvContents = @()
$hostnames = @()
$hostIPs = @()
$vulnList = @()
$counter = 0
$inputFile = Get-FileName "C:temp"
$scanImport = Import-CSV $inputFile
# Removes the Information vulnerabilities
$scanImport = @($scanImport | Where-Object {$_."Risk Level" -ne "Info"} | Sort Vulnerability)
$scanImport | Sort Vulnerability |
ForEach {
$vulnName = $_.Vulnerability.Split("`n")[0]
$row = New-Object System.Object
if ($scanImport[$counter].Vulnerability -eq $scanImport[($counter+1)].Vulnerability) {
$hostnames += $_.Hostname
$hostIPs += $_."Host IP"
}
else {
if ($hostnames -eq $null) {
$row | Add-Member -MemberType NoteProperty -Name "Summary" -Value ($_.Hostname + " - " + $_.Vulnerability.Split("`n")[0])
$row | Add-Member -MemberType NoteProperty -Name "Hostname" -Value $_.Hostname
$row | Add-Member -MemberType NoteProperty -Name "IP Address" -Value $_."Host IP"
}
else
{
$row | Add-Member -MemberType NoteProperty -Name "Summary" -Value ("Multiple Systems" + " - " + $_.Vulnerability.Split("`n")[0])
$row | Add-Member -MemberType NoteProperty -Name "Hostname" -Value $hostnames
$row | Add-Member -MemberType NoteProperty -Name "IP Address" -Value $hostIPs
$hostnames = @()
$hostIPs = @()
}
$row | Add-Member -MemberType NoteProperty -Name "Vulnerability Base Rating" -Value $_."Risk Level"
$row | Add-Member -MemberType NoteProperty -Name "Detection Method" -Value "OpenVAS"
$row | Add-Member -MemberType NoteProperty -Name "Vulnerability Name" -Value $_.Vulnerability.Split("`n")[0]
$row | Add-Member -MemberType NoteProperty -Name "References" -Value ("Observation:" + " " + $_.Observation + "`n`n" + "Remediation:" + " " + $_.Remedation + "`n`n" + "Consequences:" + " " + $_.Consequences + "`n`n" + "Test Output:" + " " + $_."Test Output")
$row | Add-Member -MemberType NoteProperty -Name "Assigned To" -Value user1
$row | Add-Member -MemberType NoteProperty -Name "System Owner" -Value user2
$row | Add-Member -MemberType NoteProperty -Name "Users Affected" -Value "Needs to be entered"
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals" -Value user3
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals1" -Value user4
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals2" -Value user5
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals3" -Value user6
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals4" -Value user7
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals5" -Value user8
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals6" -Value user9
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals7" -Value user10
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals8" -Value user11
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals9" -Value user12
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals10" -Value user13
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals11" -Value user14
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals12" -Value user15
$row | Add-Member -MemberType NoteProperty -Name "DS: Approvals13" -Value user16
$csvContents += $row
$counter += 1
}
}
$csvContents | Export-CSV -Path "Users$env:USERNAMEDesktopOpenVAS_to_Jira.csv" -NoTypeInformation
从本质上讲,我希望输出看起来像这样(excel 模型): 期望的输出
我知道我很有可能犯了很多错误或没有以正确的方式编写代码,但我希望得到任何反馈和帮助。提前感谢!
$input = Import-Csv "C:input.csv"
$Vulnerabilities = $input | Group-Object -Property Vulnerability -AsHashTable -AsString
foreach ($Vulnerability in ($Vulnerabilities.Keys | Sort-Object)) {
$row = [PSCustomObject]@{
"Hostname" = (($Vulnerabilities.$Vulnerability.HostName) -join ', ')
"IP Address" = (($Vulnerabilities.$Vulnerability."Host IP") -join ',')
"Vulnerability Base Rating" = ($Vulnerabilities.$Vulnerability)[0]."Risk Level"
"Detection Method" = "OpenVAS"
"Vulnerability Name" = $Vulnerability
}
Export-Csv -InputObject $row -Path "C:output.csv" -Append -NoTypeInformation
}