我正在尝试将 sslscan 命令的输出与密码列表进行比较,以检查端点是否安全。 这是我正在使用的代码片段:
*** Settings ***
Library OperatingSystem
Library Process
*** Variables ***
${endpoint} myendpoint.com
*** Test Cases ***
Check ciphers
${secure_ciphers} = Create list ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
${insecure_ciphers} = Create list ECDH aNULL eNULL
${result} = Run process sslscan --no-cipher-details --no-compression --no-fallback --no-groups --no-heartbleed --no-colour ${endpoint} shell=True
Log SSLScan Output: ${output}
Check secureCiphers ${result.output} ${secure_ciphers}
Check insecureCiphers ${result.output} ${insecure_ciphers}
*** Keywords ***
Check Secure Ciphers
[Arguments] ${output} ${secureCiphers}
FOR ${cipher} IN @{secureCiphers}
Log ${output}
Should Contain ${output} ${cipher}
END
Check Insecure Ciphers
[Arguments] ${output} ${insecureCiphers}
FOR ${cipher} IN @{insecureCiphers}
Log ${output}
Should Not Contain ${output} ${cipher}
END
但是,我收到以下输出错误:
Check ciphers | FAIL |
Resolving variable '${result.output}' failed: AttributeError: 'ExecutionResult' object has no attribute 'output'
sslscan 的输出如下所示:
Testing SSL server mydomain.com on port 443 using SNI name mydomain.com
SSL/TLS Protocols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 enabled
TLS renegotiation:
Session renegotiation not supported
Supported Server Cipher(s):
Preferred TLSv1.3 128 bits TLS_AES_128_GCM_SHA256
Accepted TLSv1.3 256 bits TLS_AES_256_GCM_SHA384
Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256
Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384
Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384
Accepted TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256
Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256
SSL Certificate:
Signature Algorithm: sha256WithRSXEncryption
RSA Key Strength: 2048
Subject: *.etx-dev.ktc-int.net
Altnames: DNS:mydomain.com, DNS:*.mydomain.com
Issuer: StackOverflow
Not valid before: Dec 18 11:52:04 2023 GMT
Not valid after: Nov 9 11:52:04 2160 GMT
我假设我没有正确保存命令输出。保存和比较输出的正确方法是什么?
从文档中读取,
Process
库返回一个包含以下属性的结果对象:
- rc:以整数形式返回进程的代码。
- stdout:标准输出流的内容。
- stderr:标准错误流的内容。
- stdout_path:stdout 被重定向的路径,如果没有重定向,则为 None。
- stderr_path :stderr 被重定向的路径,如果未重定向则为 None。
为了读取 shell 命令的输出,您可以从
${result.stdout}
读取。请注意,如果您的子流程执行失败,它将为空,在这种情况下,可以将信息写入${result.stderr}
而不是