table of contents
| Net::Nessus::XMLRPC(3pm) | User Contributed Perl Documentation | Net::Nessus::XMLRPC(3pm) |
NAME¶
Net::Nessus::XMLRPC - Communicate with Nessus scanner(v4.2+) via XMLRPC
VERSION¶
Version 0.30
SYNOPSIS¶
This is Perl interface for communication with Nessus scanner over XMLRPC. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.
use Net::Nessus::XMLRPC;
# '' is same as https://localhost:8834/
my $n = Net::Nessus::XMLRPC->new ('','user','pass');
die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);
print "Logged in\n";
my $polid=$n->policy_get_first;
print "Using policy ID: $polid ";
my $polname=$n->policy_get_name($polid);
print "with name: $polname\n";
my $scanid=$n->scan_new($polid,"perl-test","127.0.0.1");
while (not $n->scan_finished($scanid)) {
print "$scanid: ".$n->scan_status($scanid)."\n";
sleep 15;
}
print "$scanid: ".$n->scan_status($scanid)."\n";
my $reportcont=$n->report_file_download($scanid);
my $reportfile="report.xml";
open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";
print FILE $reportcont;
close (FILE);
NOTICE¶
This CPAN module uses LWP for communicating with Nessus over XMLRPC via https. Therefore, make sure that you have Net::SSL (provided by Crypt::SSLeay): http://search.cpan.org/perldoc?Crypt::SSLeay or IO::Socket::SSL: http://search.cpan.org/perldoc?IO::Socket::SSL
If you think you have login problems, check this first!
METHODS¶
new ([$nessus_url], [$user], [$pass])¶
creates new object Net::Nessus::XMLRPC
DESTROY¶
destructor, calls logout method on destruction
nurl ( [$nessus_url] )¶
get/set Nessus base URL
token ( [$nessus_token] )¶
get/set Nessus login token
nessus_http_request ( $uri, $post_data )¶
low-level function, makes HTTP request to Nessus URL
nessus_request ($uri, $post_data)¶
low-level function, makes XMLRPC request to Nessus URL and returns XML
login ( $user, $password )¶
login to Nessus server via $user and $password
logout¶
logout from Nessus server
logged_in¶
returns true if we're logged in
scan_new ( $policy_id, $scan_name, $targets )¶
initiates new scan
scan_new_file ( $policy_id, $scan_name, $targets, $filename )¶
initiates new scan with hosts from file named $filename
scan_stop ( $scan_id )¶
stops the scan identified by $scan_id
scan_stop_all¶
stops all scans
scan_pause ( $scan_id )¶
pauses the scan identified by $scan_id
scan_pause_all¶
pauses all scans
scan_resume ( $scan_id )¶
resumes the scan identified by $scan_id
scan_resume_all¶
resumes all scans
scan_list_uids¶
returns array of IDs of (active) scans
scan_get_name ( $uuid )¶
returns name of the scan identified by $uuid
scan_status ( $uuid )¶
returns status of the scan identified by $uuid
scan_finished ( $uuid )¶
returns true if scan is finished/completed (identified by $uuid)
nessus_http_upload_request ( $uri, $post_data )¶
low-level function, makes HTTP upload request to URI specified
file_upload ( $filename )¶
uploads $filename to nessus server, returns filename of file uploaded or '' if failed
Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
upload ( $filename, $content )¶
uploads $filename to nessus server using $content as content of file, returns filename of file uploaded or '' if failed
Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
policy_get_first¶
returns policy id for the first policy found
policy_get_firsth¶
returns ref to hash %value with basic info of first policy/scan returned by the server
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_list_hash¶
returns ref to array of hashes %value with basic info of first policy/scan returned by the server
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_list_uids¶
returns ref to array of IDs of policies available
policy_list_names¶
returns ref to array of names of policies available
policy_get_info ( $policy_id )¶
returns ref to hash %value with basic info of policy/scan identified by $policy_id
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
policy_get_id ( $policy_name )¶
returns ID of the scan/policy identified by $policy_name
policy_get_name ( $policy_id )¶
returns name of the scan/policy identified by $policy_id
policy_delete ( $policy_id )¶
delete policy identified by $policy_id
policy_copy ( $policy_id )¶
copy policy identified by $policy_id, returns $policy_id of new copied policy
policy_rename ( $policy_id, $policy_name )¶
rename policy to $policy_name identified by $policy_id
policy_edit ( $policy_id, $params )¶
edit policy identified by $policy_id
%params (must be present): policy_name => name policy_shared => 1
%params can be (examples) max_hosts => 50, max_checks=> 10, use_mac_addr => no, throttle_scan => yes, optimize_test => yes, log_whole_attack => no, ssl_cipher_list => strong, save_knowledge_base => no, port_range => 1-65535
policy_new ( $params )¶
create new policy with $params, %params must be present: policy_name policy_shared
the others parameters are same as policy_edit
policy_get_opts ( $policy_id )¶
returns hashref with different options for policy identified by $policy_id
policy_set_opts ( $policy_id , $params )¶
sets policy options via hashref $params identified by $policy_id
report_list_uids¶
returns ref to array of IDs of reports available
report_list_hash¶
returns ref to array of hashes with basic info of reports hash has following keys: name status readableName timestamp
report_file_download ($report_id)¶
returns XML report identified by $report_id (Nessus XML v2)
report_file1_download ($report_id)¶
returns XML report identified by $report_id (Nessus XML v1)
report_delete ($report_id)¶
delete report identified by $report_id
report_import ( $filename )¶
tells nessus server to import already uploaded file named $filename ( i.e. you already uploaded the file via file_upload() )
report_import_file ( $filename )¶
uploads $filename to nessus server and imports it as nessus report
users_list¶
returns ref to array of hash %values with users info $values{'name'} $values{'admin'} $values{'lastlogin'}
users_delete ( $login )¶
deletes user with $login
users_add ( $login, $password )¶
deletes user with $login and $password, return username created, '' if not
users_passwd ( $login, $password )¶
change user password to $password identified with $login, return username, '' if not
AUTHOR¶
Vlatko Kosturjak, "<kost at linux.hr>"
BUGS¶
Please report any bugs or feature requests to "bug-net-nessus-xmlrpc at rt.cpan.org", or through the web interface at <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Nessus-XMLRPC>. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
SUPPORT¶
You can find documentation for this module with the perldoc command.
perldoc Net::Nessus::XMLRPC
You can also look for information at:
- RT: CPAN's request tracker
<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Net-Nessus-XMLRPC>
- AnnoCPAN: Annotated CPAN documentation
- CPAN Ratings
- Search CPAN
REPOSITORY¶
Repository is available on GitHub: http://github.com/kost/nessus-xmlrpc-perl
ACKNOWLEDGEMENTS¶
I have made Ruby library as well: http://nessus-xmlrpc.rubyforge.org/
There you can find some early documentation about XMLRPC protocol used.
COPYRIGHT & LICENSE¶
Copyright 2010 Vlatko Kosturjak, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
| 2017-08-18 | perl v5.26.0 |