260 lines
8.2 KiB
YAML
260 lines
8.2 KiB
YAML
---
|
|
- name: Kali Linux 系统测试
|
|
hosts: kali
|
|
become: yes
|
|
gather_facts: yes
|
|
|
|
vars:
|
|
test_results_dir: "/tmp/kali_test_results"
|
|
test_log_file: "{{ test_results_dir }}/kali_test.log"
|
|
|
|
tasks:
|
|
- name: 创建测试结果目录
|
|
file:
|
|
path: "{{ test_results_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: 初始化测试日志
|
|
copy:
|
|
content: "Kali Linux 系统测试日志 - {{ ansible_date_time.iso8601 }}\n\n"
|
|
dest: "{{ test_log_file }}"
|
|
|
|
- name: 记录系统基本信息
|
|
block:
|
|
- name: 获取系统信息
|
|
setup:
|
|
register: system_info
|
|
|
|
- name: 记录系统信息到日志
|
|
copy:
|
|
content: |
|
|
=== 系统基本信息 ===
|
|
主机名: {{ ansible_hostname }}
|
|
操作系统: {{ ansible_distribution }} {{ ansible_distribution_version }}
|
|
内核版本: {{ ansible_kernel }}
|
|
架构: {{ ansible_architecture }}
|
|
CPU核心数: {{ ansible_processor_vcpus }}
|
|
内存总量: {{ ansible_memtotal_mb }} MB
|
|
磁盘空间: {{ ansible_mounts | map(attribute='size_total') | sum | human_readable }}
|
|
|
|
dest: "{{ test_results_dir }}/system_info.txt"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] 系统基本信息收集完成"
|
|
|
|
- name: 测试网络连接
|
|
block:
|
|
- name: 测试网络连通性
|
|
uri:
|
|
url: https://www.google.com
|
|
method: GET
|
|
timeout: 10
|
|
register: network_test
|
|
ignore_errors: yes
|
|
|
|
- name: 记录网络测试结果
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "{% if network_test.failed %}[✗] 网络连接测试失败{% else %}[✓] 网络连接测试成功{% endif %}"
|
|
|
|
- name: 测试包管理器
|
|
block:
|
|
- name: 更新包列表
|
|
apt:
|
|
update_cache: yes
|
|
changed_when: false
|
|
|
|
- name: 记录包管理器测试结果
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] APT包管理器工作正常"
|
|
|
|
- name: 检查Kali工具
|
|
block:
|
|
- name: 检查常见Kali工具是否安装
|
|
command: "which {{ item }}"
|
|
loop:
|
|
- nmap
|
|
- metasploit-framework
|
|
- wireshark
|
|
- john
|
|
- hydra
|
|
- sqlmap
|
|
- burpsuite
|
|
- aircrack-ng
|
|
register: tool_check
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- name: 记录工具检查结果
|
|
copy:
|
|
content: |
|
|
=== Kali工具检查结果 ===
|
|
{% for result in tool_check.results %}
|
|
{{ result.item }}: {% if result.rc == 0 %}已安装{% else %}未安装{% endif %}
|
|
{% endfor %}
|
|
|
|
dest: "{{ test_results_dir }}/tool_check.txt"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] Kali工具检查完成"
|
|
|
|
- name: 测试系统安全性
|
|
block:
|
|
- name: 检查防火墙状态
|
|
command: "ufw status"
|
|
register: firewall_status
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- name: 检查SSH配置
|
|
command: "grep -E '^PermitRootLogin|^PasswordAuthentication' /etc/ssh/sshd_config"
|
|
register: ssh_config
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- name: 记录安全检查结果
|
|
copy:
|
|
content: |
|
|
=== 系统安全检查 ===
|
|
防火墙状态:
|
|
{{ firewall_status.stdout }}
|
|
|
|
SSH配置:
|
|
{{ ssh_config.stdout }}
|
|
|
|
dest: "{{ test_results_dir }}/security_check.txt"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] 系统安全检查完成"
|
|
|
|
- name: 测试系统性能
|
|
block:
|
|
- name: 获取CPU使用率
|
|
command: "top -bn1 | grep 'Cpu(s)'"
|
|
register: cpu_usage
|
|
changed_when: false
|
|
|
|
- name: 获取内存使用情况
|
|
command: "free -h"
|
|
register: memory_usage
|
|
changed_when: false
|
|
|
|
- name: 获取磁盘使用情况
|
|
command: "df -h"
|
|
register: disk_usage
|
|
changed_when: false
|
|
|
|
- name: 记录性能测试结果
|
|
copy:
|
|
content: |
|
|
=== 系统性能信息 ===
|
|
CPU使用率:
|
|
{{ cpu_usage.stdout }}
|
|
|
|
内存使用情况:
|
|
{{ memory_usage.stdout }}
|
|
|
|
磁盘使用情况:
|
|
{{ disk_usage.stdout }}
|
|
|
|
dest: "{{ test_results_dir }}/performance.txt"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] 系统性能测试完成"
|
|
|
|
- name: 测试网络工具
|
|
block:
|
|
- name: 测试ping命令
|
|
command: "ping -c 4 8.8.8.8"
|
|
register: ping_test
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- name: 测试nslookup命令
|
|
command: "nslookup google.com"
|
|
register: nslookup_test
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- name: 记录网络工具测试结果
|
|
copy:
|
|
content: |
|
|
=== 网络工具测试 ===
|
|
Ping测试结果:
|
|
{{ ping_test.stdout }}
|
|
|
|
NSlookup测试结果:
|
|
{{ nslookup_test.stdout }}
|
|
|
|
dest: "{{ test_results_dir }}/network_tools.txt"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] 网络工具测试完成"
|
|
|
|
- name: 生成测试报告
|
|
block:
|
|
- name: 创建测试报告
|
|
copy:
|
|
content: |
|
|
# Kali Linux 系统测试报告
|
|
|
|
**测试时间**: {{ ansible_date_time.iso8601 }}
|
|
**测试主机**: {{ ansible_hostname }}
|
|
|
|
## 测试结果摘要
|
|
|
|
{% if network_test.failed %}- [✗] 网络连接测试失败{% else %}- [✓] 网络连接测试成功{% endif %}
|
|
- [✓] APT包管理器工作正常
|
|
- [✓] Kali工具检查完成
|
|
- [✓] 系统安全检查完成
|
|
- [✓] 系统性能测试完成
|
|
- [✓] 网络工具测试完成
|
|
|
|
## 详细结果
|
|
|
|
请查看以下文件获取详细测试结果:
|
|
- system_info.txt: 系统基本信息
|
|
- tool_check.txt: Kali工具检查结果
|
|
- security_check.txt: 系统安全检查
|
|
- performance.txt: 系统性能信息
|
|
- network_tools.txt: 网络工具测试
|
|
- kali_test.log: 完整测试日志
|
|
|
|
## 建议
|
|
|
|
{% for result in tool_check.results %}
|
|
{% if result.rc != 0 %}
|
|
- 建议安装 {{ result.item }} 工具: `sudo apt install {{ result.item }}`
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
dest: "{{ test_results_dir }}/README.md"
|
|
|
|
- name: 记录到主日志
|
|
lineinfile:
|
|
path: "{{ test_log_file }}"
|
|
line: "[✓] 测试报告生成完成"
|
|
|
|
- name: 显示测试结果位置
|
|
debug:
|
|
msg: "Kali Linux 系统测试完成!测试结果保存在 {{ test_results_dir }} 目录中"
|
|
|
|
- name: 显示测试日志最后几行
|
|
command: "tail -10 {{ test_log_file }}"
|
|
register: log_tail
|
|
|
|
- name: 输出测试日志摘要
|
|
debug:
|
|
msg: "{{ log_tail.stdout_lines }}" |