class NessusXMLRPC::NessusXMLRPCrexml

Class which uses standard REXML to parse nessus XML RPC replies. It is adviseable to use NessusXMLRPC class, not this class directly. As NessusXMLRPC class will use nokogiri or rexml, depending on availability.

Public Class Methods

new(url,user,password) click to toggle source

initialize object: try to connect to Nessus Scanner using URL, user and password

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
# File lib/nessus-xmlrpc.rb, line 68
def initialize(url,user,password)
        if url == ''
                @nurl="https://localhost:8834/"
        else
                if url =~ /\/$/
                        @nurl=url
                else
                        @nurl=url + "/"
                end
        end
        @token=''
        login(user,password)
end

Public Instance Methods

logged_in() click to toggle source

checks if we’re logged in correctly

returns: true if logged in, false if not

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
if n.logged_in
    puts "Logged in"
else
    puts "Error"
end
# File lib/nessus-xmlrpc.rb, line 94
def logged_in
        if @token == ''
                return false
        else
                return true
        end
end
login(user, password) click to toggle source

login with user & password and sets object-wide @token, @name and @admin

# File lib/nessus-xmlrpc.rb, line 146
def login(user, password)
        post = { "login" => user, "password" => password }
        docxml=nessus_request('login', post)
        if docxml == '' 
                @token=''
        else
                @token = docxml.root.elements['contents'].elements['token'].text
                @name = docxml.root.elements['contents'].elements['user'].elements['name'].text
                @admin = docxml.root.elements['contents'].elements['user'].elements['admin'].text
                # puts "Got token:" + @token
        end
                
end
nessus_http_request(uri, post_data) click to toggle source

send standard Nessus HTTP request and check

returns: body of response

# File lib/nessus-xmlrpc.rb, line 124
def nessus_http_request(uri, post_data) 
        url = URI.parse(@nurl + uri) 
        request = Net::HTTP::Post.new( url.path )
        request.set_form_data( post_data )
        if not defined? @https        
                @https = Net::HTTP.new( url.host, url.port )
                @https.use_ssl = true
                @https.verify_mode = OpenSSL::SSL::VERIFY_NONE
        end
        # puts request
        begin
                response = @https.request( request )
        rescue 
                puts "[e] error connecting to server: "+ @nurl + " with URI: " + uri

                exit
        end
        # puts response.body
        return response.body
end
nessus_request(uri, post_data) click to toggle source

send standard Nessus XML request and check

returns: rexml/document root

# File lib/nessus-xmlrpc.rb, line 105
def nessus_request(uri, post_data) 
        body=nessus_http_request(uri, post_data)
        # puts response.body
        docxml = REXML::Document.new(body)
        begin 
        status = docxml.root.elements['status'].text
        rescue
                puts "[e] error in XML parsing"
        end
        if status == "OK"
                return docxml 
        else 
                return ''
        end
end
plugins_list() click to toggle source
# File lib/nessus-xmlrpc.rb, line 403
def plugins_list
        post= { "token" => @token } 
        docxml=nessus_request('plugins/list', post)
        return docxml
end
policy_get_first() click to toggle source

get first policy from server and returns: policyID, policyName

returns: policyID, policyName

# File lib/nessus-xmlrpc.rb, line 229
def policy_get_first
        post= { "token" => @token } 
        docxml=nessus_request('policy/list', post)
        docxml.root.elements['contents'].elements['policies'].each_element('//policy') {|policy|
                        return policy.elements['policyID'].text, policy.elements['policyName'].text
        }
end
policy_get_id(textname) click to toggle source

get policy by textname and return policyID

returns: policyID

# File lib/nessus-xmlrpc.rb, line 215
def policy_get_id(textname) 
        post= { "token" => @token } 
        docxml=nessus_request('policy/list', post)
        docxml.root.elements['contents'].elements['policies'].each_element('//policy') {|policy|
                if policy.elements['policyName'].text == textname
                        return policy.elements['policyID'].text 
                end
        }
        return ''
end
policy_list_names() click to toggle source

get list of names of policies

returns: array of names

# File lib/nessus-xmlrpc.rb, line 363
def policy_list_names
        post= { "token" => @token } 
        docxml=nessus_request('policy/list', post)
        list = Array.new
        docxml.root.elements['contents'].elements['policies'].each_element('//policy') {|policy|
                        list.push policy.elements['policyName'].text
        }
        return list
end
policy_list_uids() click to toggle source

get list of policy IDs

returns: array of all policy uids

# File lib/nessus-xmlrpc.rb, line 240
def policy_list_uids
        post= { "token" => @token } 
        docxml=nessus_request('policy/list', post)
        pids=Array.new
        docxml.root.elements['contents'].elements['policies'].each_element('//policy') { |policy| 
                pids.push(policy.elements['policyID'].text) }
        return pids
end
report_delete(id) click to toggle source

delete report by report ID

# File lib/nessus-xmlrpc.rb, line 354
def report_delete(id)
        post= { "token" => @token, "report" => id } 
        docxml=nessus_request('report/delete', post)
        return docxml
end
report_file1_download(report) click to toggle source

get report by reportID and return XML file (version 1)

returns: XML file of report (nessus v1 format)

# File lib/nessus-xmlrpc.rb, line 347
def report_file1_download(report)
        post= { "token" => @token, "report" => report, "v1" => "true" } 
        file=nessus_http_request('file/report/download', post)
        return file
end
report_file_download(report) click to toggle source

get report by reportID and return XML file

returns: XML file of report (nessus v2 format)

# File lib/nessus-xmlrpc.rb, line 338
def report_file_download(report)
        post= { "token" => @token, "report" => report } 
        file=nessus_http_request('file/report/download', post)
        return file
end
report_get_host(report_id,host) click to toggle source

get host details for particular host identified by report id

returns: severity, current, total

# File lib/nessus-xmlrpc.rb, line 389
def report_get_host(report_id,host)
        post= { "token" => @token, "report" => report_id } 
        docxml=nessus_request('report/hosts', post)
        docxml.root.elements['contents'].elements['hostList'].each_element('//host') { |host| 
                if host.elements['hostname'].text == host
                        retval={}
                        retval["severity"] = host.elements['severity'].text
                        retval["current"] = host.elements['scanProgressCurrent'].text
                        retval["total"] = host.elements['scanProgressTotal'].text
                        return retval
                end
        }
end
report_hosts(report_id) click to toggle source

get hosts for particular report

returns: array of hosts

# File lib/nessus-xmlrpc.rb, line 376
def report_hosts(report_id)
        post= { "token" => @token, "report" => report_id } 
        docxml=nessus_request('report/hosts', post)
        list = Array.new
        docxml.root.elements['contents'].elements['hostList'].each_element('//host') { |host| 
                list.push host.elements['hostname'].text
        }
        return list
end
scan_finished(uuid) click to toggle source

check if scan is finished (completed to be exact) identified by uuid

# File lib/nessus-xmlrpc.rb, line 326
def scan_finished(uuid)
        status=scan_status(uuid)
        if status == "completed"
                return true
        else
                return false
        end
end
scan_list_hash() click to toggle source

get hash of active scan data

returns: array of hash of active scans

# File lib/nessus-xmlrpc.rb, line 197
def scan_list_hash
        post= { "token" => @token } 
        docxml=nessus_request('scan/list', post)
        scans=Array.new
        docxml.root.elements['contents'].elements['scans'].elements['scanList'].each_element('//scan') {|scan| 
                entry=Hash.new
                entry['id']=scan.elements['uuid'].text
                entry['name']=scan.elements['readableName'].text
                entry['current']=scan.elements['completion_current'].text;
                entry['total']=scan.elements['completion_total'].text;               
                scans.push(entry) 
        }
        return scans
end
scan_list_uids() click to toggle source

get uids of scans

returns: array of uids of active scans

# File lib/nessus-xmlrpc.rb, line 186
def scan_list_uids
        post= { "token" => @token } 
        docxml=nessus_request('scan/list', post)
        uuids=Array.new
        docxml.root.elements['contents'].elements['scans'].elements['scanList'].each_element('//scan') {|scan| uuids.push(scan.elements['uuid'].text) }
        return uuids
end
scan_new(policy_id,scan_name,target) click to toggle source

initiate new scan with policy id, descriptive name and list of targets

returns: uuid of scan

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
if n.logged_in
    id,name = n.policy_get_first
    puts "using policy ID: " + id + " with name: " + name
    uid=n.scan_new(id,"textxmlrpc","127.0.0.1")
end
# File lib/nessus-xmlrpc.rb, line 172
def scan_new(policy_id,scan_name,target)
        post= { "token" => @token, "policy_id" => policy_id, "scan_name" => scan_name, "target" => target } 
        docxml=nessus_request('scan/new', post)
        if docxml == '' 
                return ''
        else
                uuid=docxml.root.elements['contents'].elements['scan'].elements['uuid'].text
                return uuid
        end   
end
scan_pause(uuid) click to toggle source

pause scan identified by scan_uuid

# File lib/nessus-xmlrpc.rb, line 271
def scan_pause(uuid)
        post= { "token" => @token, "scan_uuid" => uuid } 
        docxml=nessus_request('scan/pause', post)
        return docxml
end
scan_pause_all() click to toggle source

pause all active scans

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
if n.logged_in
    n.scan_pause_all
end
# File lib/nessus-xmlrpc.rb, line 284
def scan_pause_all
        b=scan_list_uids
        b.each {|uuid|
                scan_pause(uuid)
        }
        return b
end
scan_resume(uuid) click to toggle source

remove scan identified by uuid

# File lib/nessus-xmlrpc.rb, line 292
def scan_resume(uuid)
        post= { "token" => @token, "scan_uuid" => uuid } 
        docxml=nessus_request('scan/resume', post)
        return docxml
end
scan_resume_all() click to toggle source

resume all active scans

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
if n.logged_in
    n.scan_resume_all
end
# File lib/nessus-xmlrpc.rb, line 305
def scan_resume_all
        b=scan_list_uids
        b.each {|uuid|
                scan_resume(uuid)
        }
        return b
end
scan_status(uuid) click to toggle source

check status of scan identified by uuid

# File lib/nessus-xmlrpc.rb, line 314
def scan_status(uuid)
        post= { "token" => @token, "report" => uuid } 
        docxml=nessus_request('report/list', post)
        docxml.root.elements['contents'].elements['reports'].each_element('//report') { |report|
                if report.elements['name'].text == uuid
                        return (report.elements['status'].text)
                end
        }
        return ''
end
scan_stop(uuid) click to toggle source

stop scan identified by scan_uuid

# File lib/nessus-xmlrpc.rb, line 250
def scan_stop(uuid)
        post= { "token" => @token, "scan_uuid" => uuid } 
        docxml=nessus_request('scan/stop', post)
        return docxml
end
scan_stop_all() click to toggle source

stop all active scans

Usage:

n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
if n.logged_in
    n.scan_stop_all
end
# File lib/nessus-xmlrpc.rb, line 263
def scan_stop_all
        b=scan_list_uids
        b.each {|uuid|
                scan_stop(uuid)
        }
        return b
end
users_list() click to toggle source
# File lib/nessus-xmlrpc.rb, line 408
def users_list
        post= { "token" => @token } 
        docxml=nessus_request('users/list', post)
        return docxml
end