Sunday, January 5, 2014

Nessus 5.2 XMLRPC Automation

Recently, I was trying to use my previously automated Nessus Automation scripts and detected they aren’t working on latest Nessus 5.2 XMLRPC.  Last time, I automated network scanning tasks using XMLRPC in Perl but strange it did not work anymore with Nessus 5.2.

Here’s the error message I got while running my old scripts:

Cannot login to: https://localhost:8834/

I tried to resolve this error, read latest XMLRPC documentation but could not made it working. I then used XMLRPC in Python and this did not worked either. Strange!!!

Next and last attempt was to use XMLRPC in Ruby and this worked for me..:) To make this working, you need to have nessus-xmlrpc gem installed within your ruby installation (obviously). Refer here for complete installation of Ruby and gem on Mac.

Here are my Nessus 5.2 working script using ruby XMLRPC:

#!/usr/bin/env ruby
require 'nessus-xmlrpc'
ARGV.each do|a|
    a = ARGV[1]
    n=NessusXMLRPC::NessusXMLRPC.new('','username','password');
if n.logged_in
  id,name = n.policy_get_first
  puts "using policy ID: " + id + " with name: " + name
  uid=n.scan_new(id,"#{ARGV[0]}","#{ARGV[0]}")
  puts "scanning for: " + "#{ARGV[0]}"
  puts "report will be saved as " + "#{a}_report.xml"
  puts "status: " + n.scan_status(uid)
  while not n.scan_finished(uid)
    sleep 10
  end
  content=n.report_file_download(uid)
  File.open("#{a}_report.xml", 'w') {|f| f.write(content) }
end
end

Above script takes two user input from standard STDIN i.e. IP Address and Report Name using a shell script. Here’s is my shell script that I use to run Nessus against a single IP:

#! /bin/sh
echo "Enter the IP address to scan:"
read ipaddr
echo "Enter the report name:"
read filename
echo "Nessus running for $ipaddr"
ruby nessus.rb $ipaddr $filename
echo "Completed scans for IP: $ipaddr"
echo "Output saved starting with $filename"

Just copy above scripts and place them in same folder and you are ready to go from terminal. Here’s a sample output for your reference:



Cheers!!! 
Posted by at
Labels: , , , , , ,

1 comment:

  1. AnonymousJuly 1, 2014 at 10:56 AM

    Hi,

    I'm facing the same problem when using Nessus 5.2 XMLRPC with perl. have you resolved it?

    Ceers

    ReplyDelete

Subscribe to: Post Comments (Atom)