我正在尝试解析 nessus xml 报告并尝试获取特定的描述和 plugin_output 但由于某种原因似乎无法获取
我有以下xml数据:
<ReportHost name="WebServerA.internal">
<HostProperties>
<tag name="cpe-1">cpe:/a:microsoft:iis:8.5</tag>
<tag name="cpe">cpe:/o:microsoft:windows</tag>
<tag name="patch-summary-total-cves">14</tag>
<tag name="cpe-0">cpe:/o:microsoft:windows_server_2012:r2</tag>
<tag name="system-type">general-purpose</tag>
<tag name="operating-system">Microsoft Windows Server 2012 R2 Standard</tag>
<tag name="LastUnauthenticatedResults">1545398521</tag>
<tag name="Credentialed_Scan">false</tag>
<tag name="policy-used">Basic Network Scan</tag>
<tag name="os">windows</tag>
<tag name="mac-address">00:10:36:A5:3B:AA</tag>
<tag name="host-fqdn">WebServerA.internal</tag>
<tag name="host-rdns">WebServerA.internal</tag>
<tag name="HOST_END">Fri Dec 21 08:22:01 2018</tag>
<tag name="netbios-name">WEBSERVERA</tag>
<tag name="host-ip">10.1.5.33</tag>
<tag name="HOST_START">Fri Dec 21 08:16:28 2018</tag>
</HostProperties>
<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="117886" pluginName="Local Checks Not Enabled (info)" pluginFamily="Settings">
<description>Nessus did not enable local checks on the remote host. This does not necessarily indicate a problem with the scan. </description>
<plugin_output>
The following issues were reported :
- Plugin : no_local_checks_credentials.nasl
Plugin ID : 110723
Plugin Name : No Credentials Provided
Message :
Credentials were not provided for detected SSH service.
</plugin_output>
</ReportItem>
<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="19506" pluginName="Nessus Scan Information" pluginFamily="Settings">
<description>This plugin displays, for each tested host, information about the scan itself :
- The version of the plugin set.
- The type of scanner (Nessus or Nessus Home).
- The version of the Nessus Engine.
- The port scanner(s) used.
- The port range scanned.
- Whether credentialed or third-party patch management checks are possible.
- The date of the scan.
- The duration of the scan.
- The number of hosts scanned in parallel.
- The number of checks done in parallel.
</description>
<plugin_output>Information about this scan :
Nessus version : 7.1.1
Plugin feed version : 201810052251
Scanner edition used : Nessus
</plugin_output>
</ReportHost>
以下代码是我试图用来循环并获取数据的代码,但是当我运行子循环并打印 child.attrib 时,它只是返回一个空白 {} 并且似乎不是能够抓取报告项目以及它们之间的内容。
for host in root.iter('HostProperties'):
for child in host:
print child.attrib