问题描述
我正在尝试使用SoftLayer的Python库运行自动漏洞扫描。 不幸的是,我得到以下异常:
SoftLayerAPIError:SoftLayerAPIError(SoftLayer_Exception):无法创建类型为SoftLayer_Network_Security_Scanner_Request_Nessus的新对象。 确保身份验证方法正确。
我使用的代码可以在下面看到。
import SoftLayer
USERNAME="" # I put valid value in here
APIKEY="" # I put valid value in here
TARGET="" # I put valid value in here
client = SoftLayer.create_client_from_env(
username=USERNAME,
api_key=APIKEY
)
""" ALTERNATE I TRIED ALSO FROM DOCUMENTATION:
client = SoftLayer.Client(
username=USERNAME,
api_key=APIKEY
)
"""
account = client['Account'].getObject()
scanner = client.call(
"SoftLayer_Network_Security_Scanner_Request",
"createObject", {
"accountId": account.get('id'),
"ipAddress": TARGET
})
Python库发送的HTTP请求如下所示:
POST /xmlrpc/v3.1/SoftLayer_Network_Security_Scanner_Request HTTP/1.1
Host: api.softlayer.com
Connection: keep-alive
Accept: */*
Content-Type: application/xml
Content-Length: 798
<?xml version='1.0'?>
<methodCall>
<methodName>createObject</methodName>
<params>
<param>
<value><struct>
<member>
<name>headers</name>
<value><struct>
<member>
<name>authenticate</name>
<value><struct>
<member>
<name>username</name>
<value><string>***USERNAME_HERE***</string></value>
</member>
<member>
<name>apiKey</name>
<value><string>***API_KEY_HERE***</string></value>
</member>
</struct></value>
</member>
</struct></value>
</member>
</struct></value>
</param>
<param>
<value><struct>
<member>
<name>ipAddress</name>
<value><string>***TARGET_IP_HERE***</string></value>
</member>
<member>
<name>accountId</name>
<value><int>***ACCOUNT_ID_HERE***</int></value>
</member>
</struct></value>
</param>
</params>
</methodCall>
收到的HTTP响应是:
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2017 12:47:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml
Content-Length: 495
<?xml version="1.0" encoding="iso-8859-1"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value>
<string>SoftLayer_Exception</string>
</value>
</member>
<member>
<name>faultString</name>
<value>
<string>Unable to create a new object of type SoftLayer_Network_Security_Scanner_Request_Nessus. Make sure the authentication method is correct.</string>
</value>
</member>
</struct>
</value>
</fault>
</methodResponse>
有人可以帮助我,看看代码,因为我不知道问题出在哪里。 您能否同时提供此功能所需的最低权限列表?
注意 :我尝试启用所有可能的调试权限,但没有运气
1楼
这看起来像API的问题,它仅在指定需要指定hardwareId(对于裸机服务器)或guestId(对于虚拟访客服务器)时需要指定IP地址才起作用
因此,请尝试以下代码:
import SoftLayer
USERNAME="set me" # I put valid value in here
APIKEY="set me" # I put valid value in here
TARGET="set me" # I put valid value in here
client = SoftLayer.create_client_from_env(
username=USERNAME,
api_key=APIKEY
)
account = client['Account'].getObject()
server = client['Virtual_Guest'].findByIpAddress(TARGET)
if (server) :
request = {
"accountId": account["id"],
"guestId": server["id"]
}
else:
server = client['Hardware_Server'].findByIpAddress(TARGET)
if (server):
request = {
"accountId": account["id"],
"hardwareId": server["id"]
}
else:
print ("server does not exist.")
exit
scanner = client['Network_Security_Scanner_Request'].createObject(request)
2楼
我测试了来自Nelson的上述注释,它与针对虚拟系统设置的guestId一起使用。 因此,您必须提供accountId,guestId和ipAddress才能正常工作。 我还将测试硬件,并期望同样的成功。 如果没有,我会再回发一次