nessus_rest 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/examples/backup-reports.rb +10 -10
- data/examples/serial-scan.rb +22 -0
- data/examples/simple.rb +1 -1
- data/lib/nessus_rest.rb +78 -4
- metadata +3 -2
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.1.
|
|
1
|
+
0.1.4
|
data/examples/backup-reports.rb
CHANGED
|
@@ -2,22 +2,22 @@
|
|
|
2
2
|
|
|
3
3
|
require 'nessus_rest'
|
|
4
4
|
|
|
5
|
-
n=NessusREST::Client.new
|
|
5
|
+
n=NessusREST::Client.new({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
|
|
6
6
|
|
|
7
7
|
formats=["nessus","csv","html"]
|
|
8
8
|
folders_id=Hash.new
|
|
9
9
|
|
|
10
10
|
sl["folders"].each do |f|
|
|
11
|
-
|
|
11
|
+
folders_id[f['id']]=f['name']
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
sl["scans"].each do |s|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
end
|
|
15
|
+
puts "backing up: "+s["name"]+":"+s["uuid"].to_s
|
|
16
|
+
formats.each do |format|
|
|
17
|
+
# fn = folder__name__scanid.format
|
|
18
|
+
outputfn=folders_id[s['folder_id']]+'__'+s['name']+'__'+s['id'].to_s+'.'+format
|
|
19
|
+
puts "-> Format: #{format} Filename: #{outputfn}"
|
|
20
|
+
n.report_download_file(s['id'],format,outputfn)
|
|
21
|
+
end # formats
|
|
22
|
+
end # scans
|
|
23
23
|
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'nessus_rest'
|
|
4
|
+
|
|
5
|
+
subnets_to_scan=[
|
|
6
|
+
{:name=>'lan1', :targets=>'192.168.1.0/24'},
|
|
7
|
+
{:name=>'lan2', :targets=>'10.1.1.0/24'}
|
|
8
|
+
]
|
|
9
|
+
|
|
10
|
+
n=NessusREST::Client.new(:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
|
|
11
|
+
|
|
12
|
+
subnets_to_scan.each do |subnet|
|
|
13
|
+
scanname='myscan-'+subnet[:name]
|
|
14
|
+
puts "Scanning: "+scanname
|
|
15
|
+
# you have to specify your own scan policy instead of ping-safe
|
|
16
|
+
qs=n.scan_quick_policy('ping-safe',scanname,subnet[:targets])
|
|
17
|
+
scanid=qs['scan']['id']
|
|
18
|
+
puts "Waiting to finish"
|
|
19
|
+
n.scan_wait4finish(scanid)
|
|
20
|
+
n.report_download_file(scanid,'nessus',scanname+'.nessus')
|
|
21
|
+
end
|
|
22
|
+
|
data/examples/simple.rb
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'nessus_rest'
|
|
4
4
|
|
|
5
|
-
n=NessusREST::Client.new
|
|
5
|
+
n=NessusREST::Client.new({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
|
|
6
6
|
qs=n.scan_quick_template('basic','name-of-scan','localhost')
|
|
7
7
|
scanid=qs['scan']['id']
|
|
8
8
|
n.scan_wait4finish(scanid)
|
data/lib/nessus_rest.rb
CHANGED
|
@@ -122,10 +122,29 @@ module NessusREST
|
|
|
122
122
|
def authenticate(username, password)
|
|
123
123
|
@username = username
|
|
124
124
|
@password = password
|
|
125
|
+
authdefault
|
|
126
|
+
end
|
|
127
|
+
alias_method :login, :authenticate
|
|
128
|
+
|
|
129
|
+
# Tries to authenticate to the Nessus REST JSON interface
|
|
130
|
+
#
|
|
131
|
+
# returns: true if logged in, false if not
|
|
132
|
+
#
|
|
133
|
+
# Usage:
|
|
134
|
+
#
|
|
135
|
+
# n=NessusREST::Client.new (:url=>'https://localhost:8834', :autologin=>false,
|
|
136
|
+
# :username=>'nessususer', :password=>'nessuspassword')
|
|
137
|
+
# if n.authdefault
|
|
138
|
+
# puts "Logged in"
|
|
139
|
+
# else
|
|
140
|
+
# puts "Error"
|
|
141
|
+
# end
|
|
142
|
+
def authdefault
|
|
125
143
|
payload = {
|
|
126
|
-
:username => @username,
|
|
127
|
-
:password => @password,
|
|
128
|
-
:json => 1
|
|
144
|
+
:username => @username,
|
|
145
|
+
:password => @password,
|
|
146
|
+
:json => 1,
|
|
147
|
+
:authenticationmethod => true
|
|
129
148
|
}
|
|
130
149
|
res = http_post(:uri=>"/session", :data=>payload)
|
|
131
150
|
if res['token']
|
|
@@ -136,7 +155,6 @@ module NessusREST
|
|
|
136
155
|
false
|
|
137
156
|
end
|
|
138
157
|
end
|
|
139
|
-
alias_method :login, :authenticate
|
|
140
158
|
|
|
141
159
|
# checks if we're logged in correctly
|
|
142
160
|
#
|
|
@@ -586,6 +604,17 @@ module NessusREST
|
|
|
586
604
|
# res = n.http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>n.x_cookie)
|
|
587
605
|
# puts res.code
|
|
588
606
|
def http_put(opts={})
|
|
607
|
+
ret=http_put_low(opts)
|
|
608
|
+
if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
|
|
609
|
+
authdefault
|
|
610
|
+
ret=http_put_low(opts)
|
|
611
|
+
return ret
|
|
612
|
+
else
|
|
613
|
+
return ret
|
|
614
|
+
end
|
|
615
|
+
end
|
|
616
|
+
|
|
617
|
+
def http_put_low(opts={})
|
|
589
618
|
uri = opts[:uri]
|
|
590
619
|
data = opts[:data]
|
|
591
620
|
fields = opts[:fields] || {}
|
|
@@ -625,6 +654,17 @@ module NessusREST
|
|
|
625
654
|
# res = n.http_delete(:uri=>"/session", :fields=>n.x_cookie)
|
|
626
655
|
# puts res.code
|
|
627
656
|
def http_delete(opts={})
|
|
657
|
+
ret=http_delete_low(opts)
|
|
658
|
+
if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
|
|
659
|
+
authdefault
|
|
660
|
+
ret=http_delete_low(opts)
|
|
661
|
+
return ret
|
|
662
|
+
else
|
|
663
|
+
return ret
|
|
664
|
+
end
|
|
665
|
+
end
|
|
666
|
+
|
|
667
|
+
def http_delete_low(opts={})
|
|
628
668
|
uri = opts[:uri]
|
|
629
669
|
fields = opts[:fields] || {}
|
|
630
670
|
res = nil
|
|
@@ -662,6 +702,22 @@ module NessusREST
|
|
|
662
702
|
# n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
|
|
663
703
|
# pp n.http_get(:uri=>"/users", :fields=>n.x_cookie)
|
|
664
704
|
def http_get(opts={})
|
|
705
|
+
raw_content = opts[:raw_content] || false
|
|
706
|
+
ret=http_get_low(opts)
|
|
707
|
+
if !raw_content then
|
|
708
|
+
if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
|
|
709
|
+
authdefault
|
|
710
|
+
ret=http_get_low(opts)
|
|
711
|
+
return ret
|
|
712
|
+
else
|
|
713
|
+
return ret
|
|
714
|
+
end
|
|
715
|
+
else
|
|
716
|
+
return ret
|
|
717
|
+
end
|
|
718
|
+
end
|
|
719
|
+
|
|
720
|
+
def http_get_low(opts={})
|
|
665
721
|
uri = opts[:uri]
|
|
666
722
|
fields = opts[:fields] || {}
|
|
667
723
|
raw_content = opts[:raw_content] || false
|
|
@@ -702,6 +758,24 @@ module NessusREST
|
|
|
702
758
|
# n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
|
|
703
759
|
# pp n.http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>n.x_cookie)
|
|
704
760
|
def http_post(opts={})
|
|
761
|
+
if opts.has_key?(:authenticationmethod) then
|
|
762
|
+
# i know authzmethod = opts.delete(:authorizationmethod) is short, but not readable
|
|
763
|
+
authzmethod = opts[:authenticationmethod]
|
|
764
|
+
opts.delete(:authenticationmethod)
|
|
765
|
+
end
|
|
766
|
+
ret=http_post_low(opts)
|
|
767
|
+
if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
|
|
768
|
+
if not authzmethod
|
|
769
|
+
authdefault
|
|
770
|
+
ret=http_post_low(opts)
|
|
771
|
+
return ret
|
|
772
|
+
end
|
|
773
|
+
else
|
|
774
|
+
return ret
|
|
775
|
+
end
|
|
776
|
+
end
|
|
777
|
+
|
|
778
|
+
def http_post_low(opts={})
|
|
705
779
|
uri = opts[:uri]
|
|
706
780
|
data = opts[:data]
|
|
707
781
|
fields = opts[:fields] || {}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nessus_rest
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-08-
|
|
12
|
+
date: 2016-08-31 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
@@ -92,6 +92,7 @@ files:
|
|
|
92
92
|
- Rakefile
|
|
93
93
|
- VERSION
|
|
94
94
|
- examples/backup-reports.rb
|
|
95
|
+
- examples/serial-scan.rb
|
|
95
96
|
- examples/simple.rb
|
|
96
97
|
- lib/nessus_rest.rb
|
|
97
98
|
- nessus_rest.gemspec
|