table of contents
Net::Nessus::XMLRPC(3pm) | User Contributed Perl Documentation | Net::Nessus::XMLRPC(3pm) |
NAME¶
Net::Nessus::XMLRPC - Communicate with Nessus scanner(v4.2+) via XMLRPCVERSION¶
Version 0.30SYNOPSIS¶
This is Perl interface for communication with Nessus scanner over XMLRPC. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.use Net::Nessus::XMLRPC; # '' is same as https://localhost:8834/ my $n = Net::Nessus::XMLRPC->new ('','user','pass'); die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in); print "Logged in\n"; my $polid=$n->policy_get_first; print "Using policy ID: $polid "; my $polname=$n->policy_get_name($polid); print "with name: $polname\n"; my $scanid=$n->scan_new($polid,"perl-test","127.0.0.1"); while (not $n->scan_finished($scanid)) { print "$scanid: ".$n->scan_status($scanid)."\n"; sleep 15; } print "$scanid: ".$n->scan_status($scanid)."\n"; my $reportcont=$n->report_file_download($scanid); my $reportfile="report.xml"; open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!"; print FILE $reportcont; close (FILE);
NOTICE¶
This CPAN module uses LWP for communicating with Nessus over XMLRPC via https. Therefore, make sure that you have Net::SSL (provided by Crypt::SSLeay): http://search.cpan.org/perldoc?Crypt::SSLeay or IO::Socket::SSL: http://search.cpan.org/perldoc?IO::Socket::SSLIf you think you have login problems, check this first!
METHODS¶
new ([$nessus_url], [$user], [$pass])¶
creates new object Net::Nessus::XMLRPCDESTROY¶
destructor, calls logout method on destructionnurl ( [$nessus_url] )¶
get/set Nessus base URLtoken ( [$nessus_token] )¶
get/set Nessus login tokennessus_http_request ( $uri, $post_data )¶
low-level function, makes HTTP request to Nessus URLnessus_request ($uri, $post_data)¶
low-level function, makes XMLRPC request to Nessus URL and returns XMLlogin ( $user, $password )¶
login to Nessus server via $user and $passwordlogout¶
logout from Nessus serverlogged_in¶
returns true if we're logged inscan_new ( $policy_id, $scan_name, $targets )¶
initiates new scanscan_new_file ( $policy_id, $scan_name, $targets, $filename )¶
initiates new scan with hosts from file named $filenamescan_stop ( $scan_id )¶
stops the scan identified by $scan_idscan_stop_all¶
stops all scansscan_pause ( $scan_id )¶
pauses the scan identified by $scan_idscan_pause_all¶
pauses all scansscan_resume ( $scan_id )¶
resumes the scan identified by $scan_idscan_resume_all¶
resumes all scansscan_list_uids¶
returns array of IDs of (active) scansscan_get_name ( $uuid )¶
returns name of the scan identified by $uuidscan_status ( $uuid )¶
returns status of the scan identified by $uuidscan_finished ( $uuid )¶
returns true if scan is finished/completed (identified by $uuid)nessus_http_upload_request ( $uri, $post_data )¶
low-level function, makes HTTP upload request to URI specifiedfile_upload ( $filename )¶
uploads $filename to nessus server, returns filename of file uploaded or '' if failedNote that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
upload ( $filename, $content )¶
uploads $filename to nessus server using $content as content of file, returns filename of file uploaded or '' if failedNote that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
policy_get_first¶
returns policy id for the first policy foundpolicy_get_firsth¶
returns ref to hash %value with basic info of first policy/scan returned by the server$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_list_hash¶
returns ref to array of hashes %value with basic info of first policy/scan returned by the server$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_list_uids¶
returns ref to array of IDs of policies availablepolicy_list_names¶
returns ref to array of names of policies availablepolicy_get_info ( $policy_id )¶
returns ref to hash %value with basic info of policy/scan identified by $policy_id$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_get_id ( $policy_name )¶
returns ID of the scan/policy identified by $policy_namepolicy_get_name ( $policy_id )¶
returns name of the scan/policy identified by $policy_idpolicy_delete ( $policy_id )¶
delete policy identified by $policy_idpolicy_copy ( $policy_id )¶
copy policy identified by $policy_id, returns $policy_id of new copied policypolicy_rename ( $policy_id, $policy_name )¶
rename policy to $policy_name identified by $policy_idpolicy_edit ( $policy_id, $params )¶
edit policy identified by $policy_id%params (must be present): policy_name => name policy_shared => 1
%params can be (examples) max_hosts => 50, max_checks=> 10, use_mac_addr => no, throttle_scan => yes, optimize_test => yes, log_whole_attack => no, ssl_cipher_list => strong, save_knowledge_base => no, port_range => 1-65535
policy_new ( $params )¶
create new policy with $params, %params must be present: policy_name policy_sharedthe others parameters are same as policy_edit
policy_get_opts ( $policy_id )¶
returns hashref with different options for policy identified by $policy_idpolicy_set_opts ( $policy_id , $params )¶
sets policy options via hashref $params identified by $policy_idreport_list_uids¶
returns ref to array of IDs of reports availablereport_list_hash¶
returns ref to array of hashes with basic info of reports hash has following keys: name status readableName timestampreport_file_download ($report_id)¶
returns XML report identified by $report_id (Nessus XML v2)report_file1_download ($report_id)¶
returns XML report identified by $report_id (Nessus XML v1)report_delete ($report_id)¶
delete report identified by $report_idreport_import ( $filename )¶
tells nessus server to import already uploaded file named $filename ( i.e. you already uploaded the file via file_upload() )report_import_file ( $filename )¶
uploads $filename to nessus server and imports it as nessus reportusers_list¶
returns ref to array of hash %values with users info $values{'name'} $values{'admin'} $values{'lastlogin'}users_delete ( $login )¶
deletes user with $loginusers_add ( $login, $password )¶
deletes user with $login and $password, return username created, '' if notusers_passwd ( $login, $password )¶
change user password to $password identified with $login, return username, '' if notAUTHOR¶
Vlatko Kosturjak, "<kost at linux.hr>"BUGS¶
Please report any bugs or feature requests to "bug-net-nessus-xmlrpc at rt.cpan.org", or through the web interface at <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Nessus-XMLRPC>. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.SUPPORT¶
You can find documentation for this module with the perldoc command.perldoc Net::Nessus::XMLRPC
You can also look for information at:
- RT: CPAN's request tracker
<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Net-Nessus-XMLRPC>
- AnnoCPAN: Annotated CPAN documentation
- CPAN Ratings
- Search CPAN
REPOSITORY¶
Repository is available on GitHub: http://github.com/kost/nessus-xmlrpc-perlACKNOWLEDGEMENTS¶
I have made Ruby library as well: http://nessus-xmlrpc.rubyforge.org/There you can find some early documentation about XMLRPC protocol used.
COPYRIGHT & LICENSE¶
Copyright 2010 Vlatko Kosturjak, all rights reserved.This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
2017-08-18 | perl v5.26.0 |