#!/bin/bash
#########################################################################
# File Name: check_win_baseline.sh
# Author: shin
# Created Time: 2018年09月06日 星期四 10时08分36秒
#########################################################################
[ $# -ne 0 ] && {
echo "使用方法:sh $0"
exit
}
. /etc/init.d/functions
read -p "请输入要进行windows安全基线检查的服务器IP(回车后下一步):" ip
read -p "请输入要进行windows安全基线检查的服务器管理员账户(回车后下一步):" user
read -p "请输入要进行windows安全基线检查的服务器管理员密码(回车后开始检查):" pass
echo -e "\033[5m\033[36m检查中,请稍后...\033[0m\033[0m"
gp_res=./check_win_baseline_result_gp_$ip
gp_py=./check_win_baseline_gp_$ip.py
[ -s $gp_res ] && {
mv $gp_res $gp_res"_bak"
echo 文件$gp_res已存在,备份为$gp_res'_bak'
}
[ -s $gp_py ] && {
mv $gp_py $gp_py"_bak"
echo 文件$gp_py已存在,备份为$gp_py'_bak'
}
>$gp_res
>$gp_py
cat >>$gp_py<<EOF
#!/usr/bin/env python
#coding:utf-8
import paramiko
'''mingling = raw_input('pls input your powershell command:')'''
host = '$ip'
port = 22
user = '$user'
passwd = '$pass'
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=host, port=port, username=user, password=passwd)
#paramiko.util.log_to_file('syslogin.log') #将登录信息记录日志
# 执行命令(Text后面接powershell命令)
'''
命令参考:
获取软件安装列表 Get-WmiObject win32_product
'''
stdin, stdout, stderr = ssh.exec_command("powershell -InputFormat none -OutputFormat Text chcp 65001 ; gpresult /Z")
# 获取命令结果
result = stdout.read()
print(result)
# 关闭连接
ssh.close()
EOF
/usr/bin/python $gp_py > $gp_res 2>&1
CheckPwd=`grep -Ev "^#" $gp_res|grep -i -w "Authentication failed"|sort -u|wc -l`
if [ $CheckPwd -eq "1" ];then echo -e "\033[31m登录验证失败,请确认用户名密码是否正确!\033[0m" && rm -rf $gp_res $gp_py && exit
fi
dos2unix $gp_res >/dev/null 2>&1
wmi_res=./check_win_baseline_result_wmi_$ip
wmi_py=./check_win_baseline_wmi_$ip.py
[ -s $wmi_res ] && {
mv $wmi_res $wmi_res"_bak"
echo 文件$wmi_res已存在,备份为$wmi_res'_bak'
}
[ -s $wmi_py ] && {
mv $wmi_py $wmi_py"_bak"
echo 文件$wmi_py已存在,备份为$wmi_py'_bak'
}
>$wmi_res
>$wmi_py
cat >>$wmi_py<<EOF
#!/usr/bin/env python
#coding:utf-8
import paramiko
'''mingling = raw_input('pls input your powershell command:')'''
host = '$ip'
port = 22
user = '$user'
passwd = '$pass'
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=host, port=port, username=user, password=passwd)
#paramiko.util.log_to_file('syslogin.log') #将登录信息记录日志
# 执行命令(Text后面接powershell命令)
'''
命令参考:
获取软件安装列表 Get-WmiObject win32_product
'''
stdin, stdout, stderr = ssh.exec_command("powershell -InputFormat none -OutputFormat Text chcp 65001 ; Get-WmiObject win32_OperatingSystem FreePhysicalMemory; Get-WmiObject win32_OperatingSystem TotalVisibleMemorySize; gwmi Win32_PhysicalMemory | %{\$sum = 0} { \$sum += \$_.Capacity } {Write-Host 'SumPhysicalMemory ' (\$sum / 1GB) 'GB'}; Get-WMIObject Win32_LogicalDisk |Where-Object{\$_.Size}|Foreach-Object { 'Disk {0} has {1:0.0} GB AvailableSpace,has {2:0.0} GB TotalSpace' -f \$_.Caption, (\$_.FreeSpace / 1GB),(\$_.Size / 1GB)} ; Get-WmiObject win32_processor|select SystemName, LoadPercentage")
# 获取命令结果
result = stdout.read()
print(result)
# 关闭连接
ssh.close()
EOF
/usr/bin/python $wmi_py > $wmi_res
dos2unix $wmi_res >/dev/null 2>&1
sec_res=./check_win_baseline_result_sec_$ip
sec_py=./check_win_baseline_sec_$ip.py
[ -s $sec_res ] && {
mv $sec_res $sec_res"_bak"
echo 文件$sec_res已存在,备份为$sec_res'_bak'
}
[ -s $sec_py ] && {
mv $sec_py $sec_py"_bak"
echo 文件$sec_py已存在,备份为$sec_py'_bak'
}
>$sec_res
>$sec_py
cat >>$sec_py<<EOF
#!/usr/bin/env python
#coding:utf-8
import paramiko
'''mingling = raw_input('pls input your powershell command:')'''
host = '$ip'
port = 22
user = '$user'
passwd = '$pass'
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=host, port=port, username=user, password=passwd)
#paramiko.util.log_to_file('syslogin.log') #将登录信息记录日志
# 执行命令(Text后面接powershell命令)
'''
命令参考:
获取软件安装列表 Get-WmiObject win32_product
'''
stdin, stdout, stderr = ssh.exec_command("powershell -InputFormat none -OutputFormat Text chcp 65001 ; secedit /export /cfg c:\\\check_win_baseline_result_sec1; (type 'c:\\\check_win_baseline_result_sec1') -replace ('MACHINE\\\\\\\Software\\\\\\\Microsoft\\\\\\\',' ') -replace ('MACHINE\\\\\\\System\\\\\\\CurrentControlSet\\\\\\\',' ') -replace ('MACHINE\\\\\\\Software\\\\\\\Policies\\\\\\\',' ')|out-file c:\\\check_win_baseline_result_sec; get-content -path c:\\\check_win_baseline_result_sec; remove-item c:\\\check_win_baseline_result_sec1; remove-item c:\\\check_win_baseline_result_sec")
# 获取命令结果
result = stdout.read()
print(result)
# 关闭连接
ssh.close()
EOF
/usr/bin/python $sec_py > $sec_res
dos2unix $sec_res >/dev/null 2>&1
reg_res=./check_win_baseline_result_reg_$ip
reg_py=./check_win_baseline_reg_$ip.py
[ -s $reg_res ] && {
mv $reg_res $reg_res"_bak"
echo 文件$reg_res已存在,备份为$reg_res'_bak'
}
[ -s $reg_py ] && {
mv $reg_py $reg_py"_bak"
echo 文件$reg_py已存在,备份为$reg_py'_bak'
}
>$reg_res
>$reg_py
cat >>$reg_py<<EOF
#!/usr/bin/env python
#coding:utf-8
import paramiko
'''mingling = raw_input('pls input your powershell command:')'''
host = '$ip'
port = 22
user = '$user'
passwd = '$pass'
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=host, port=port, username=user, password=passwd)
#paramiko.util.log_to_file('syslogin.log') #将登录信息记录日志
# 执行命令(Text后面接powershell命令)
'''
命令参考:
获取软件安装列表 Get-WmiObject win32_product
'''
stdin, stdout, stderr = ssh.exec_command("powershell -InputFormat none -OutputFormat Text chcp 65001 ; Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\services ; Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\services\Tcpip\Parameters; Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa; Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters")
# 获取命令结果
result = stdout.read()
print(result)
# 关闭连接
ssh.close()
EOF
/usr/bin/python $reg_py > $reg_res
dos2unix $reg_res >/dev/null 2>&1
svc_res=./check_win_baseline_result_svc_$ip
svc_py=./check_win_baseline_svc_$ip.py
[ -s $svc_res ] && {
mv $svc_res $svc_res"_bak"
echo 文件$svc_res已存在,备份为$svc_res'_bak'
}
[ -s $svc_py ] && {
mv $svc_py $svc_py"_bak"
echo 文件$svc_py已存在,备份为$svc_py'_bak'
}
>$svc_res
>$svc_py
cat >>$svc_py<<EOF
#!/usr/bin/env python
#coding:utf-8
import paramiko
'''mingling = raw_input('pls input your powershell command:')'''
host = '$ip'
port = 22
user = '$user'
passwd = '$pass'
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=host, port=port, username=user, password=passwd)
#paramiko.util.log_to_file('syslogin.log') #将登录信息记录日志
# 执行命令(Text后面接powershell命令)
'''
命令参考:
获取软件安装列表 Get-WmiObject win32_prod
shell实现对Windows服务器的安全基线检查
4星 · 超过85%的资源 需积分: 50 113 浏览量
2018-10-28
12:28:02
上传
评论 3
收藏 9KB RAR 举报 
html_check_win_baseline.rar (1个子文件) 
html_check_win_baseline.sh 57KB资源评论
清风愚樵2021-03-03使用不来,可以讲讲怎么使用这个脚本啊,谢谢!
ychshe2018-10-31脚本写的很详细,linux运行的检测脚本。 流星影shin2018-11-01忘记在上面贴链接了。借下楼:D 这个链接里面我有脚本的使用说明,有不清楚的可以留言 https://blog.csdn.net/shinshin1982/article/details/83473153
