Automating Nessus Capabilities

In the process of automating network scans for large networks there is a necessity to automate Nessus scans as well. The major advantage and most important point of this automation is that it allows you to do a Schedule scan in Home Feed version (which is only available in Pro feed) and the easiest part is your scans would run as if you are running from your Nessus web interface client.

Below Nessus automation perl script takes the first policy defined in your Nessus web browser client to run the scans. The script is based on my previous concept of Automating NMAP:

use Net::Nessus::XMLRPC;

$file = "ipadr.txt";

my $n = Net::Nessus::XMLRPC->new ('','admin','admin');  #Enter nessus username and password

die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);

print "Logged in\n";

my $polid=$n->policy_get_first;

print "Using policy ID: $polid ";

my $polname=$n->policy_get_name($polid);

print "with name: $polname\n";

my $targets;

my $scanid=$n->scan_new_file($polid,"report",$targets,$file);

print "Performing scan on:\t$scanid\n";

while (not $n->scan_finished($scanid))

{

print "$scanid: ".$n->scan_status($scanid)."\n";

sleep 15;

}

print "$scanid: ".$n->scan_status($scanid)."\n";

my $reportcont=$n->report_file_download($scanid);

my $reportfile="report.html";

open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";

print FILE $reportcont;

close (FILE);

How to Run:

1.       Install perl and Net::Nessus::XMLRPC module

2.       Create a file named “ipadr.txt” and dump your entire IP list here; one entry on each line. For ex:

       

       10.0.0.1

       10.0.0.2

       10.0.0.3

3     Copy the above script in a textpad and save as nessus.pl

4.       Place nessus.pl and ipadr.txt in same folder. Ex: C:\Auto_Nessus

5.       Go to command prompt and browse till C:\Auto_Nessus.

6.       Fire command:

       perl nessus.pl

7.       The report will be saved in same folder as report.html. Alternatively, you can login to Nessus web client and view your report from there as well.

The next task is to make this script to work with the Windows Scheduler. Copy the below code in a textpad and save it as “Nessus_scan.bat”:

@ECHO OFF

REM cd to folder location

cd C:\Auto_Nessus

perl nessus.pl

Open your windows scheduler and schedule the batch file to execute at your desired time.

Happy Scanning!!!

Automating NMAP Capabilities

Many times I have encountered a problem with projects where large scanning of network host is required. In that case, you simply cannot expect your consultant to scan each host individually, analyze output and list down all vulnerable ports/services. Yes..we can even detect open ports with Nessus but still it has a host limitation per scan.

I thought to automate this process to get a list of open port for each host and dump the output in a single file. You just need to have perl installed on your machine to see how this works. Here’s a perl script to automate 

NMAP scan:

open FH, "ipadr.txt" or die $!;

my $line = <FH>;

my $s1="-sS -sV -P0"; #place your nmap scan command here

my $ip;

$file = ipadr.txt;

open (file) or die $!;

foreach $line (<file>)

{

chomp($line);

$ip=$line

$str="nmap $s1 $ip";

print "IP is:\t$str\n";

system($str);

}

close FH or die $!;

How to Use:

1.       Install perl from here

2.       Create a file named “ipadr.txt” and dump your entire IP list here; one entry on each line. For ex:

10.0.0.1

10.0.0.2

10.0.0.3

3.       Copy the above script in a textpad and save as nmap.pl

4.       Place nmap.pl and ipadr.txt in same folder. Ex: C:\Auto_NMAP

5.       Go to command prompt and browse till C:\Auto_NMAP.

6.       Fire command:

perl nmap.pl>output.txt

7.      Output.txt file will be created in the same folder and your entire nmap results will be dumped here.

Furthermore, you can use this script to run any NMAP command and get the output dumped in a single file. For running other commands you just need to edit below line:

my $s1="-sS -sV -P0";

Happy Scanning!!!