GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  NET::NESSUS::XMLRPC (3)

.ds Aq ’

NAME

Net::Nessus::XMLRPC - Communicate with Nessus scanner(v4.2+) via XMLRPC

CONTENTS

VERSION

Version 0.30

SYNOPSIS

This is Perl interface for communication with Nessus scanner over XMLRPC. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.



        use Net::Nessus::XMLRPC;

        #  is same as https://localhost:8834/
        my $n = Net::Nessus::XMLRPC->new (,user,pass);

        die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);

        print "Logged in\n";
        my $polid=$n->policy_get_first;
        print "Using policy ID: $polid ";
        my $polname=$n->policy_get_name($polid);
        print "with name: $polname\n";
        my $scanid=$n->scan_new($polid,"perl-test","127.0.0.1");

        while (not $n->scan_finished($scanid)) {
                print "$scanid: ".$n->scan_status($scanid)."\n";       
                sleep 15;
        }
        print "$scanid: ".$n->scan_status($scanid)."\n";       
        my $reportcont=$n->report_file_download($scanid);
        my $reportfile="report.xml";
        open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";
        print FILE $reportcont;
        close (FILE);



NOTICE

This CPAN module uses LWP for communicating with Nessus over XMLRPC via https. Therefore, make sure that you have Net::SSL (provided by Crypt::SSLeay): http://search.cpan.org/perldoc?Crypt::SSLeay or IO::Socket::SSL: http://search.cpan.org/perldoc?IO::Socket::SSL

If you think you have login problems, check this first!

METHODS

    new ([$nessus_url], [$user], [$pass])

creates new object Net::Nessus::XMLRPC

    DESTROY

destructor, calls logout method on destruction

    nurl ( [$nessus_url] )

get/set Nessus base URL

    token ( [$nessus_token] )

get/set Nessus login token

nessus_http_request ( CW$uri, CW$post_data )

low-level function, makes HTTP request to Nessus URL    

nessus_request ($uri, CW$post_data)

low-level function, makes XMLRPC request to Nessus URL and returns XML

login ( CW$user, CW$password )

login to Nessus server via $user and $password

    logout

logout from Nessus server

    logged_in

returns true if we’re logged in

scan_new ( CW$policy_id, CW$scan_name, CW$targets )

initiates new scan

scan_new_file ( CW$policy_id, CW$scan_name, CW$targets, CW$filename )

initiates new scan with hosts from file named $filename

scan_stop ( CW$scan_id )

stops the scan identified by $scan_id

    scan_stop_all

stops all scans

scan_pause ( CW$scan_id )

pauses the scan identified by $scan_id

    scan_pause_all

pauses all scans

scan_resume ( CW$scan_id )

resumes the scan identified by $scan_id

    scan_resume_all

resumes all scans

    scan_list_uids

returns array of IDs of (active) scans

scan_get_name ( CW$uuid )

returns name of the scan identified by $uuid

scan_status ( CW$uuid )

returns status of the scan identified by $uuid

scan_finished ( CW$uuid )

returns true if scan is finished/completed (identified by $uuid)

nessus_http_upload_request ( CW$uri, CW$post_data )

low-level function, makes HTTP upload request to URI specified

file_upload ( CW$filename )

uploads $filename to nessus server, returns filename of file uploaded or ’’ if failed

Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don’t logout or login again and use the filename! You need to upload it again!

upload ( CW$filename, CW$content )

uploads $filename to nessus server using $content as content of file, returns filename of file uploaded or ’’ if failed

Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don’t logout or login again and use the filename! You need to upload it again!

    policy_get_first

returns policy id for the first policy found

    policy_get_firsth

returns ref to hash %value with basic info of first policy/scan returned by the server

$value{’id’}, $value{’name’}, $value{’owner’}, $value{’visibility’}, $value{’comment’}

    policy_list_hash

returns ref to array of hashes %value with basic info of first policy/scan returned by the server

$value{’id’}, $value{’name’}, $value{’owner’}, $value{’visibility’}, $value{’comment’}

    policy_list_uids

returns ref to array of IDs of policies available

    policy_list_names

returns ref to array of names of policies available

policy_get_info ( CW$policy_id )

returns ref to hash %value with basic info of policy/scan identified by $policy_id

$value{’id’}, $value{’name’}, $value{’owner’}, $value{’visibility’}, $value{’comment’}

policy_get_id ( CW$policy_name )

returns ID of the scan/policy identified by $policy_name

policy_get_name ( CW$policy_id )

returns name of the scan/policy identified by $policy_id

policy_delete ( CW$policy_id )

delete policy identified by $policy_id

policy_copy ( CW$policy_id )

copy policy identified by $policy_id, returns $policy_id of new copied policy

policy_rename ( CW$policy_id, CW$policy_name )

rename policy to $policy_name identified by $policy_id

policy_edit ( CW$policy_id, CW$params )

edit policy identified by $policy_id

%params (must be present): policy_name => name policy_shared => 1

%params can be (examples) max_hosts => 50, max_checks=> 10, use_mac_addr => no, throttle_scan => yes, optimize_test => yes, log_whole_attack => no, ssl_cipher_list => strong, save_knowledge_base => no, port_range => 1-65535

policy_new ( CW$params )

create new policy with $params, %params must be present: policy_name policy_shared

the others parameters are same as policy_edit

policy_get_opts ( CW$policy_id )

returns hashref with different options for policy identified by $policy_id

policy_set_opts ( CW$policy_id , CW$params )

sets policy options via hashref $params identified by $policy_id

    report_list_uids

returns ref to array of IDs of reports available

    report_list_hash

returns ref to array of hashes with basic info of reports hash has following keys: name status readableName timestamp

    report_file_download ($report_id)

returns XML report identified by $report_id (Nessus XML v2)

    report_file1_download ($report_id)

returns XML report identified by $report_id (Nessus XML v1)

    report_delete ($report_id)

delete report identified by $report_id

report_import ( CW$filename )

tells nessus server to import already uploaded file named $filename ( i.e. you already uploaded the file via file_upload() )

report_import_file ( CW$filename )

uploads $filename to nessus server and imports it as nessus report

    users_list

returns ref to array of hash %values with users info $values{’name’} $values{’admin’} $values{’lastlogin’}

users_delete ( CW$login )

deletes user with $login

users_add ( CW$login, CW$password )

deletes user with $login and $password, return username created, ’’ if not

users_passwd ( CW$login, CW$password )

change user password to $password identified with $login, return username, ’’ if not

AUTHOR

Vlatko Kosturjak, <kost at linux.hr>

BUGS

Please report any bugs or feature requests to bug-net-nessus-xmlrpc at rt.cpan.org, or through the web interface at <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Nessus-XMLRPC>. I will be notified, and then you’ll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.



    perldoc Net::Nessus::XMLRPC



You can also look for information at:
o RT: CPAN’s request tracker

<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Net-Nessus-XMLRPC>

o AnnoCPAN: Annotated CPAN documentation

<http://annocpan.org/dist/Net-Nessus-XMLRPC>

o CPAN Ratings

<http://cpanratings.perl.org/d/Net-Nessus-XMLRPC>

o Search CPAN

<http://search.cpan.org/dist/Net-Nessus-XMLRPC>

REPOSITORY

Repository is available on GitHub: http://github.com/kost/nessus-xmlrpc-perl

ACKNOWLEDGEMENTS

I have made Ruby library as well: http://nessus-xmlrpc.rubyforge.org/

There you can find some early documentation about XMLRPC protocol used.

COPYRIGHT & LICENSE

Copyright 2010 Vlatko Kosturjak, all rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 NET::NESSUS::XMLRPC (3) 2010-05-21

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.