Nessus6 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f946afee24ef43e6b6628db34f17781d12d4ee9c
-  data.tar.gz: d143fca91c08c8cf0180f51410dc6e7fce95ffcf
+  metadata.gz: dcbf03fa0718601cfb9d3780f862eead39111c50
+  data.tar.gz: 3fd45dd455a363b77bfde3095048f123221c8686
 SHA512:
-  metadata.gz: f79d967ef973421555e7bb5b6a0ca06bf342480f44de6a3c5b8c8943076f90f96aeacc143ba59599d094cf1387455b6b60cf7bc3b6f9ce0161e0b4ce12b90630
-  data.tar.gz: 517c90f4d10b8b2fabc6050143b36c8a9acb974e58ccca8c604c79a25da353599758eda73355a6df880544da35350ba28e5064ddcbd065278ee16e7e05d647a6
+  metadata.gz: bfac592a8a198defceb5eaa15aaa1dfcbb18ec18390f81b2b9a55a9ac60f08e5185df79ed0b0900800ea872708f7bdc3eb3d635715972ccb602d2f79dd29b103
+  data.tar.gz: 16c0e2df32c239416b89ccd48676eb6a88757d619e495f7405b8dd9b1d8b875f22595b093c97125e5300b586534e973151b00457e809d2351eda04ac68600776

data/bin/export_nessus_results

@@ -0,0 +1,55 @@
+#!/usr/bin/env ruby
+
+require 'Nessus6'
+require 'fileutils'
+require 'logger'
+require 'sqlite3'
+require 'json'
+
+# Global variables for the script / binary
+@base_directory = '/opt/scanner'
+@results_directory = "#{@base_directory}/results"
+@send_mail = '/usr/lib/sendmail -t'
+
+credentials = {
+  access_key: 'NA',
+  secret_key: 'NA'
+}
+
+nessus_location = {
+  ip: 'localhost',
+  port: '8834'
+}
+
+@append_results = "x-scanner|#{nessus_location[:ip]}"
+
+# Prep work
+@logger = Logger.new(STDOUT)
+@logger.level = Logger::INFO
+
+# Begin the main portion of the app
+@logger.debug 'Creating Nessus API Client'
+@client = Nessus6::Client.new credentials, nessus_location
+
+@db = SQLite3::Database.new '/home/scripts/launched_nessus_scans.db'
+@db.execute 'SELECT * FROM active_scans' do |row|
+  mapped_row = {
+    request_id: row[0],
+    method: row[1],
+    scan_uuid: row[2],
+    scan_id: row[3]
+  }
+  opts = { format: :csv }
+  mapped_row[:file_id] = @client.scan.export mapped_row[:scan_id], opts
+
+  # Lock it in a closure so we don't have to have a huge one liner
+  export_status = Proc.new { @client.scan.export_status mapped_row[:scan_id], mapped_row[:file_id] }
+  ready_status = { 'status' => 'ready' }
+  @logger.debug 'Waiting...' while export_status.call != ready_status
+
+  file = @client.scan.download mapped_row[:scan_id],
+                               mapped_row[:file_id],
+                               "#{@results_directory}/#{mapped_row[:request_id].csv}"
+
+  puts file
+end

data/bin/launch_incoming_scans

@@ -3,6 +3,29 @@
 require 'Nessus6'
 require 'fileutils'
 require 'logger'
+require 'sqlite3'
+require 'json'
+
+def create_scan(scan_id_to_copy, opts)
+  @client.scan.copy scan_id_to_copy, opts
+end
+
+def launch_scan(target_scan_id, target_ip_addresses)
+  @logger.info 'Attempting to launch scan.'
+  begin
+    result = @client.scan.launch target_scan_id, target_ip_addresses
+    if result.key? 'scan_uuid'
+      @logger.info "Scan launched successfully. Scan has been assigned a UUID of #{result['scan_uuid']}."
+      result
+    else
+      @logger.info 'Failed to launch scan due to an unknown reason..'
+      false
+    end
+  rescue Nessus6::Error::InternalServerError
+    @logger.error 'Failed to launch scan. A scan is already running.'
+    false
+  end
+end
 
 # Global variables for the script / binary
 @base_directory = '/opt/scanner'
@@ -21,34 +44,101 @@ nessus_location = {
   port: '8834'
 }
 
+scan_templates = {
+  allportsnoping: 62,
+  allportswithping: 63,
+  atomic: 64,
+  default: 61,
+  pci: 60
+}
+
 @append_results = "x-scanner|#{nessus_location[:ip]}"
 
-# Prep work
-FileUtils.mkdir_p @temp_directory
-@logger = Logger.new(STDOUT)
-@logger.level = Logger::INFO
+begin
+  # Prep work
+  @logger = Logger.new(STDOUT)
+  @logger.level = Logger::INFO
+
+  @logger.info "Creating temporary directory: #{@temp_directory}"
+  FileUtils.mkdir_p @temp_directory
+
+  # Begin the main portion of the app
+  @logger.debug 'Creating Nessus API Client'
+  @client = Nessus6::Client.new credentials, nessus_location
+
+  # Loop through the directory and process each file in it.
+  Dir.foreach(@incoming_directory) do |file|
+    @logger.debug "Processing #{@incoming_directory}/#{file}"
+    next if file == '.' || file == '..' # skip current / parent directory opts
+
+    @logger.info "Archiving #{@incoming_directory}/#{file} to " \
+                 "#{@base_directory}/targets/archive/#{file}."
+    FileUtils.copy "#{@incoming_directory}/#{file}",
+                   "#{@base_directory}/targets/archive/#{file}"
+
+    @logger.info "Moving #{@incoming_directory}/#{file} to " \
+                 "#{@temp_directory}/#{file}"
+    FileUtils.move "#{@incoming_directory}/#{file}",
+                   "#{@temp_directory}/#{file}"
+
+    @logger.info 'Finding the target scan details (id, method, target ip).'
+    file_contents = File.open("#{@temp_directory}/#{file}") { |file| file.read }
+
+    # Take the request file and process each line individually
+    file_array = file_contents.split("\n")
+
+    request_id = []
+    method = []
+    ips = []
+
+    # Process the request file and find the Request ID, Method, and IP Addresses
+    file_array.each do |line|
+      if line =~ /requestid\:\t(?<request_id>\d+)/
+        request_id.push line[11..-1]
+        next
+      end
+      if line =~ /method\:\t(?<method>.+)/
+        method.push line[8..-1]
+        next
+      end
+      ips.push line[0..-3] if line =~ /^(?<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\/\d$/
+      ips.push line[0..-4] if line =~ /^(?<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\/\d\d$/
+      next
+    end
+
+    @logger.info "Found Request ID #{request_id[0]}; Found Method #{method[0]}; Found IP's #{ips}"
+
+    # Take the scan method and find the scan template UUID for it.
+    scan_template_id = scan_templates[method[0].to_sym]
+    scan_opts = { name: "Requested Scan ##{request_id[0]}", folder_id: 65,
+                  history: 'false' }
+    scan = create_scan scan_template_id, scan_opts
+
+    # Attempt to launch a scan. If it fails, wait 30 seconds then repeat.
+    @result = launch_scan(scan['id'], ips)
+    while @result == false
+      sleep 30
+      @result = launch_scan(scan_id_to_launch, ips)
+    end
+
+    @logger.info 'Attempting to connect to database'
+
+    db = SQLite3::Database.new '/home/scripts/launched_nessus_scans.db'
 
-# Begin the main portion of the app
-@logger.debug 'Creating Nessus API Client'
-@client = Nessus6::Client.new credentials, nessus_location
+    @logger.debug "Create new db with: require 'sqlite3'; db = SQLite3::Database.new '/home/scripts/launched_nessus_scans.db'; rows = db.execute 'create table active_scans (request_id bigint, method varchar(200), scan_uuid varchar(250), scan_id integer);'"
 
-Dir.foreach(@incoming_directory) do |file|
-  @logger.debug "Processing #{@incoming_directory}/#{file}"
-  next if file == '.' || file == '..' # skip current / parent directory opts
+    @logger.info "Inserting scan UUID with 'INSERT INTO active_scans (request_id, method, scan_uuid, scan_id) VALUES (?, ?, ?, ?)', "\
+                 "[#{request_id[0]}, #{method[0]}, #{@result['scan_uuid']}, #{scan['id']}]'"
 
-  @logger.info "Archiving #{@incoming_directory}/#{file} to " \
-               "#{@base_directory}/targets/archive/#{file}."
-#   FileUtils.copy "#{@incoming_directory}/#{file}",
-#                  "#{@base_directory}/targets/archive/#{file}"
+    db.execute 'INSERT INTO active_scans (request_id, method, scan_uuid, scan_id) VALUES (?, ?, ?, ?)',
+               [request_id[0], method[0], @result['scan_uuid'], scan['id']]
 
-  @logger.info "Moving #{@incoming_directory}/#{file} to " \
-               "#{@temp_directory}/#{file}"
-#   FileUtils.move "#{@incoming_directory}/#{file}",
-#                  "#{@temp_directory}/#{file}"
+    @logger.info 'Scan UUID saved successfully.'
 
-  @logger.info 'Finding the request ID in the file.'
-  request_id = File.readlines("#{@incoming_directory}/#{file}").select do |line|
-    line =~ /^requestid.*$/
+    @logger.info "Removing the temporary scan file #{@temp_directory}/#{file}"
+    FileUtils.rm "#{@temp_directory}/#{file}"
   end
-  puts request_id
+ensure
+  @logger.info "Removing temp directory: #{@temp_directory}"
+  FileUtils.rm_rf "#{@temp_directory}"
 end

data/bin/launch_incoming_scans.sh

@@ -11,10 +11,9 @@ RESULTSDIR=${BASEDIR}/results
 SENDMAIL="/usr/lib/sendmail -t"
 
 NESSUSBIN=/opt/nessus/bin/nessus
-NESSUSUSER=scripts
+NESSUSUSER=xxxx
 NESSUSPASSWORD=XXXXXXXXXXXXXXX
 
-IPADDR="153.39.86.90"
 APPENDRESULTS="x-scanner|${IPADDR}"
 
 mkdir -p ${TEMPDIR}

data/lib/Nessus6/scan.rb

@@ -28,7 +28,7 @@ module Nessus6
     # @param scan_id [String, Fixnum] The id of the scan to export.
     # @param query_params [Hash] Includes:
     #   :folder_id [String, Fixnum] - The id of the destination folder.
-    #   :history [TrueClass, FalseClass, String] - If true, the history for
+    #   :history [String] - If true, the history for
     #     the scan will be copied
     #   :name [String] - The name of the copied scan
     # @return [Hash]
@@ -124,6 +124,17 @@ module Nessus6
              not_found: "Scan ID #{scan_id} could not be found. Please try again"
     end
 
+    # Check the file status of an exported scan.
+    # This request requires can view scan permissions.
+    #
+    # @param scan_id [String, Fixnum] The id of the scan to export
+    # @param file_id [String, Fixnum] The id of the file to poll (Included in response from /scans/{scan_id}/export).
+    def export_status(scan_id, file_id)
+      response = @client.get "scans/#{scan_id}/export/#{file_id}/status"
+      verify response,
+             not_found: "Scan ID #{scan_id} could not be found. Please try again"
+    end
+
     # Launches a scan.
     #
     # @param scan_id [String, Fixnum] The id of the scan to launch.

data/lib/Nessus6/verification.rb

@@ -19,20 +19,20 @@ module Nessus6
       when 200
         return JSON.parse response.body
       when 400
-        fail Nessus6::Error::BadRequestError, "#{message[:bad_request]}"
+        fail Nessus6::Error::BadRequestError, "#{message[:bad_request]} | Response: #{response.body}"
       when 401
-        fail Nessus6::Error::UnauthorizedError, "#{message[:unauthorized]}"
+        fail Nessus6::Error::UnauthorizedError, "#{message[:unauthorized]} | Response: #{response.body}"
       when 403
-        fail Nessus6::Error::ForbiddenError, "#{message[:forbidden]}"
+        fail Nessus6::Error::ForbiddenError, "#{message[:forbidden]} | Response: #{response.body}"
       when 404
-        fail Nessus6::Error::NotFoundError, "#{message[:not_found]}"
+        fail Nessus6::Error::NotFoundError, "#{message[:not_found]} | Response: #{response.body}"
       when 405
-        fail Nessus6::Error::MethodNotAllowedError, "#{message[:not_allowed]}"
+        fail Nessus6::Error::MethodNotAllowedError, "#{message[:not_allowed]} | Response: #{response.body}"
       when 409
-        fail Nessus6::Error::ConflictError, "#{message[:conflict]}"
+        fail Nessus6::Error::ConflictError, "#{message[:conflict]} | Response: #{response.body}"
       when 500
         fail Nessus6::Error::InternalServerError,
-             "#{message[:internal_server_error]}"
+             "#{message[:internal_server_error]} | Response: #{response.body}"
       else
         fail Nessus6::Error::UnknownError, 'An unknown error occurred. ' \
                            'Please consult Nessus for further details.'

data/lib/Nessus6/version.rb

@@ -1,5 +1,5 @@
 # The Nessus6 module is used to interact with Nessus version 6 servers.
 module Nessus6
   # VERSION is the current version of the Nessus6 gem
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: Nessus6
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Kevin Kirsche
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-10-02 00:00:00.000000000 Z
+date: 2015-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -110,6 +110,7 @@ files:
 - README.md
 - Rakefile
 - bin/console
+- bin/export_nessus_results
 - bin/launch_incoming_scans
 - bin/launch_incoming_scans.sh
 - bin/setup