# -*- coding:utf-8 -*-
__author__ = 'magicpwn'
from xml.etree import ElementTree
# 向parse()传递一个打开的文件句柄 ,读取解析并返回一个Elementtree对象
with open('C:/XML/6.xml', 'rt') as f:
tree = ElementTree.parse(f)
#print tree
# 遍历解析树,实用iter()创建一个生成器,迭代处理Elementtree实例
# ElementTree元素树 和 Element元素 是不同的类,对象方法也不同
count = 0
for node in tree.iter():
if node.tag == 'cve':
print '==========================================='
print node.tag, node.attrib # 获取到了参数字典
count += 1
# help(ElementTree)
# help(ElementTree.Element)
print count
>>>
===========================================
cve {'cve-status': '', 'cve-name': 'CVE-2015-0006'}
===========================================
cve {'cve-status': '', 'cve-name': 'CVE-2015-0011'}
2
将打开的xml文件parse为ElementTree对象。
可以通过ElementTree的 getiterator(tag)获得tree的tag节点元素Element列表。
可以通过节点元素Element的node.attrib获取属性字典等
如:
<vuln vuln-id="73863" vuln-name="Microsoft Windows TrueType远程代码执行漏洞(MS12-078)" vuln-severity="3" vuln-value="3"> <asset-IP>192.168.28.23</asset-IP> <asset-port>0</asset-port> <port-type>其他</port-type> <asset-protocol /> <asset-service /> <system-affected>Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT</system-affected> - <remedy> <![CDATA[ 建议您采取以下措施进行修补以降低威胁: <br/> <br/>目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: <br/> <br/><a href='http://technet.microsoft.com/zh-cn/security/bulletin/MS12-078' style='color:#0000fe;text-decoration:underline;' target='_blank'>http://technet.microsoft.com/zh-cn/security/bulletin/MS12-078</a> </remedy> - <description> <![CDATA[ 受影响的组件处理特制 TrueType 字体文件的方式中存在一个远程执行代码漏洞。如果用户打开特制的 TrueType 字体文件,该漏洞可能允许远程执行代码。 </description> - <cve cve-name="CVE-2012-4786" cve-status=""> - <cve-desc> <![CDATA[ The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability." </cve-desc> </cve> <cncve>CNCVE-20124786</cncve> </vuln>
这个元素内含多个子元素,该元素<vuln>属性在头部括号内,通过节点attrib字段,可以访问属性字典。通过tag字段访问标记名称,通过text访问值,通过tail读末尾的文本(结束标记之后,下一开始标记或父元素标记结束之前)
还是以上面的xml为例子优雅的访问:
# -*-coding:utf-8 -*-
__author__ = 'Administrator'
class Vul:
vul_name = ''
ip = ''
system_affect = ''
desc = ''
cveNo = ''
cve_desc = ''
cncve = ''
def __init__(self, vul_name, ip, system_affect, desc, cveNo, cve_desc,cncve):
self.vul_name = vul_name
self.ip = ip
self.system_affect = system_affect
self.desc = desc
self.cveNo = cveNo
self.cve_desc = cve_desc
self.cncve = cncve
# -*- encoding:utf-8 -*-
__author__ = 'Administrator'
from xml.etree import ElementTree
import Vul
import pprint
with open('C:/XML/7.xml', 'rt') as f:
tree = ElementTree.parse(f)
# tree
vul_list = tree.getiterator('vuln-list')[0]
vuls = []
for vul in vul_list.iter(): # iter会遍历vullist每一个子项及子项的子项
if vul.tag == 'vuln':
if vul.attrib:
name = vul.attrib['vuln-name']
ip = vul.getiterator('asset-IP')[0].text
sys_aff = vul.getiterator('system-affected')[0].text
desc = vul.getiterator('description')[0].text
cvedict = vul.getiterator('cve')[0].attrib
cveNo = ''
cve_desc = ''
cncve = ''
if cvedict.has_key('cve-name'):
cveNo = cvedict['cve-name']
cve_desc = vul.getiterator('cve')[0].getiterator('cve-desc')[0].text
if vul.getiterator('cncve'):
cvcve = vul.getiterator('cncve')[0].text
temp = Vul.Vul(name, ip, sys_aff, desc, cveNo, cve_desc, cncve)
vuls.append(temp)
for vul in vuls:
print vul.vul_name,vul.cncve,vul.cveNo,vul.desc,vul