The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.

NAME

NexposeSimpleXML::Parser - Parse NeXpose scan data with Perl

VERSION

This document describes the latest version of NexposeSimpleXML::Parser.

SYNOPSIS

 my $nxp = new NexposeSimpleXML::Parser;

 my $parser = $nxp->parse_file('test1.xml');
    #a NexposeSimpleXML::Parser Object

 my @host = $parser->get_all_hosts();
    #an Array of NexposeSimpleXML::Parser::Host Objects

 my $host1 = $hosts[0];
 
 my @services = $host1->get_all_services();
    #an Array of NexposeSimpleXML::Parser::Host::Service Objects
 
 my $service1 = $services[0];

 my @vulnerabilities = $host1->get_all_vulnerabilities();
    #an Array of NexposeSimpleXML::Parser::Vulnerabilities Objects for 
    #the host OS. 
 
    or

 my @vulnerabilities = $service1->get_all_vulnerabilities();
    #an Array of NexposeSimpleXML::Parser::Vulnerabilities Objects for 
    #this service. 
 
 my $vulnerability1 = $vulnerabilities[0];

 my @references = $$vulnerability1->get_all_references();
    #an Array of NexposeSimpleXML::Parser::References Objects for this 
    #specific vulnerability. 
 

For a full listing of methods see the documentation corresponding to each object.

DESCRIPTION

OVERVIEW

 NexposeSimpleXML::Parser                       -- Core parser
 |
 +--NexposeSimpleXML::Parser::Session           -- NeXpose scan session information
 |
 +--NexposeSimpleXML::Parser::Vulnerabilitiy    -- Vulnerability information
 |
 +--NexposeSimpleXML::Parser::Reference         -- Reference for vulnerability data
 |
 +--NexposeSimpleXML::Parser::Fingerprint       -- Fingerprint information (os or service)
 |  
 +--NexposeSimpleXML::Parser::Host              -- General host information
 |  |
 |  |--NexposeSimpleXML::Parser::Service        -- Port information
 |  |  |

METHODS

NexposeSimpleXML::Parser

The main idea behind the core modules is, you will first parse the scan data then extract the information. Therefore, you should run parse_file or parse_scan then the you can use any of the get_* methods.

parse_file($xml_file)

Parse a NeXpose SimpleXML file.

get_session()

Obtain the NexposeSimpleXML::Parser::Session object which contains the session scan information.

get_all_hosts()

Obtain an Array of NexposeSimpleXML::Parser::Host objects which contain host information.

NexposeSimpleXML::Parser::Session

This object contains the scan session information of the NeXpose scan.

generated()

Returns the timestamp the report was generated.

NexposeSimpleXML::Parser::Host

This object contains the information for a host.

address()

Returns a string which contains the ip of this host.

get_all_services()

Returns an array of NexposeSimpleXML::Parser::Host::Service objects, which represent the services that this host has open.

get_port($port)

Obtain a NexposeSimpleXML::Parser::Host::Service object which contains the service information.

get_all_ports()

Obtain an Array of NexposeSimpleXML::Parser::Host::Service objects which contain port information.

get_fingerprint()

Obtain a NexposeSimpleXML::Parser::Fingerprint object which contain the fingerprint of the OS for this host.

NexposeSimpleXML::Parser::Fingerprint

This object contains the fingerprint details for the OS or service.

certainty()

Returns a string which contains the certainty of this fingerprint.

description()

Returns a string which contains the description this fingerprint. Example of an OS fingerprint: Ubuntu Linux 8.10

vendor()

Returns a string which contains the vendor this fingerprint. Example of an OS fingerprint: Ubuntu

family()

Returns a string which contains the family of this fingerprint. Example of an OS fingerprint: Linux

product()

Returns a string which contains the product of this fingerprint. Example of an OS fingerprint: Linux

version()

Returns a string which contains the version of this fingerprint. Example of an OS fingerprint: 8.10

device_class()

Returns a string which contains the device_class of this fingerprint. This is undef for a service fingerprint.

arch()

Returns a string which contains the arch of this fingerprint. This is undef for a service fingerprint. Exampleo of an OS fingerprint: x86_64

NexposeSimpleXML::Parser::Host::Service

This object contains the information for a port.

name()

Returns a string which contains the service name.

protocol()

Returns a string which contains the protocol.

port()

Returns a string which contains the port number.

get_all_vulnerabilities()

Returns an Array of NexposeSimpleXML::Parser::Vulnerability objects which contain information about the vulnerabilities for this service.

get_fingerprint()

Obtain a NexposeSimpleXML::Parser::Fingerprint object which contain the fingerprint of the service.

NexposeSimpleXML::Parser::Vulnerability

This object contains the information for vulnerability.

id()

Returns the id of this vulnerability.

response_code()

Returns the response code. This can be VE or VV. VE means 'vulnerable exploited'. VV means 'vulnerable version'.

get_all_references()

Returns an Array of NexposeSimpleXML::Parser::Reference objects which contain reference details for the vulnerability.

NexposeSimpleXML::Parser::Reference

This object contains the reference details for a vulnerability.

id()

Returns the id of this reference.

type()

Returns the type of the reference. Example: cve

EXAMPLES

Here is an example of parsing an XML file using NexposeSimpleXML::Parser:

 my $nxp = new NexposeSimpleXML::Parser;

 my $parser = $nxp->parse_file('test1.xml');

 foreach my $h ( $parser->get_all_hosts() ){
     print "ip: " . $h->address . "\n";
     foreach my $s ( $h->get_all_services() ) {
         print "port: " . $s->port . "\n";
         print "name: " . $s->name . "\n";
         print "protocol: " . $s->protocol . "\n";
     }   
     print "---\n";
 }   

SEE ALSO

 XML::LibXML and Object::InsideOut
 

AUTHOR

Joshua D. Abraham, <jabra AT spl0it DOT org>

COPYRIGHT AND LICENSE

Copyright 2010 Joshua D. Abraham. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.