NAME
Net::Nessus::ScanLite - This module uses NTP 1.2 fast over SSL to perform nessus attacks on given host(s).
SYNOPSIS
use Net::Nessus::ScanLite;
my $nessus = Net::Nessus::ScanLite->new(
host => "some.host.net"
port => 1234,
ssl => 1,
);
$nessus->preferences( { host_expansion => 'none', safe_checks => 'yes', checks_read_timeout => 1 });
$nessus->plugin_set("10835;10861;11808;11921;11790");
my $addr = "10.0.0.1";
if( $nessus->login() )
{
$nessus->attack($addr);
printf("Total info's = %d\n",$nessus->total_info);
foreach( $nessus->info_list )
{
my $info = $_;
printf("Info:\nID: %s\nPort: %s\nDessc: %s\n",
$info->ScanID,
$info->Port,
$info->Description);
}
printf("Total hole's = %d\n",$nessus->total_holes);
foreach( $nessus->hole_list )
{
my $info = $_;
printf("Info:\nID: %s\nPort: %s\nDessc: %s\n",
$info->ScanID,
$info->Port,
$info->Description);
}
}
else
{
die("Nessus login failed %d: %s\n",$nessus->code,$nessus->error);
}
DESCRIPTION
This module is primarily designed to run single host nessus attacks over a secure ssl connection. Because is uses the nessus NTP 1.2 protocol's "fast_login" option, it can be used in real time applications such as NetReg.
CONSTRUCTOR
- new ( [ OPTIONS ] )
-
Creates a new Net::Nessus::ScanLite object. OPTIONS are a list of key-value pairs, valid options are :
- host
-
Host running nessusd daemon.
- port
-
Port that the nessusd daemon is listning to.
- ssl
-
Turn on/off using ssl to connect to nessusd. (Default: 1)
- user
-
Admin user setup using nessus rules.
- password
-
Password for the admin account.
- ntp_proto
-
NTP protocol version to use when connecting. (Default: 1.2)
- preferences
-
A hash ref of valid nessus preferences such as those in nessusd.conf. Example: preferences => { plugin_set => "10835", safe_checks => 'no' }
- timeout
-
Timeout passed to IO::Socket when connecting the remote server. (Default: 3)
- cfg ( PATH | REF )
-
This can be a path to an ini config file or a Config::IniFiles object.
Example: new( Cfg => "/path/to/inifile" );
Example: my $ini = Config::IniFiles->new( -file => "/path/to/inifile" ); new( Cfg => $ini );
METHODS
- login( [ USER, PASSWORD ] )
-
Performs a nessus fast login using a given or preset user/password pair. Resurns 1 upon success, sets code and error methods.
- attack( IP, [,IP] )
-
Performs a nessus attack on a given hostname or ip address. Sets code and error methods.
- plugin_set( SCALAR )
-
Sets the plugin set for the attack method to use. Example: $nessus->plugin_set("10835;10861;11808;11921;11790");
- preferences( HASH )
-
Sets the preferences sent to the nessesd daemon. Useful to override defaults. Example: $nessus->preferences( { host_expansion => 'none', safe_checks => 'yes', checks_read_timeout => 1 });
- ssl( [ BOOLEAN ] )
-
Tells the class to use ssl or not. 0 = off, 1 = on. (Default: 1) Only tested using TLSV1 see ssl_version to change this.
- host ( [ HOSTNAME | IP ] )
-
Points the class at the server running the nessus daemon.
- port ( [ PORT ] )
-
Points the class at the port the nessus daemon is listning to. (Default: 1241 )
- user ( [ NAME ] )
-
Name of the account you set up using nessus-adduser
- password ( [ PWD ] )
-
Password assigned to the account above.
- ntp_version ( [ VER ] )
-
NTP version sent at login time. This can change results so use with care. (Default: 1.2)
- ssl_version ( [ VER ] )
-
Version of ssl nessusd is using. I've not done much with this passed directly to IO::Socket::SSL::SSL_version
- socket ( [ GLOB ] )
-
Returns or sets the current IO::Socket handle.
- timeout ( [ VALUE ] )
-
Timeout sent to IO::Socket; (Default: 3)
- total_holes
-
Returns the number of HOLES found in the scan.
- total_info
-
Returns the number of INFO found in the scan.
- holes
-
Returns a reference to an array of Net::Nessus::Message::HOLE objects.
- info
-
Sane as hole but holds info.
- hole_list
-
Returns an array of Net::Nessus::Message::HOLE objects.
- info_list
-
Returns an array of Net::Nessus::Message::INFO objects.
- holes2tmpl
-
Returns an array hash results suitable for use with an HTML::Template object.
The following keys are seeded for each Net::Nessus::Message objects;
port host description service proto scanid
- infos2tmpl
-
Sane as holes2tmpl but holds info.
- code
-
Returns the error code from last operation, non zero means error.
- error
-
Returns an error message.
- hostport
-
Returns the "host:port" of the server your connected to.
- cfg
-
The path or handle of the Config::IniFiles configuration file if used.
- section ( [ SECT ] )
-
Sets or gets the section in the ini file to get the nessus host/login infomation. (Default: nessus)
- pref_section ( [ SECT ] )
-
Sets or gets the section in the ini file to get the nessus preferences. (Default: preferences)
- ini_default ( [ SECT ] )
-
Sets or gets the section in the ini file to use as default in case it can't find something. (Default: defaults)
PREREQUISITES
Note that this module has been tested using nessusd (Nessus) 2.0.9 for SunOS.
TODO
Perhaps configuration from a .nessusrc. Could be gnarly.
ACKNOWLEDGEMENTS
This class relies heavily on work done by Jochen Wiedmann's Net::Nessus bundle.
SEE ALSO
IO::Socket::SSL Config::IniFiles Net::Nessus::Client Net::Nessus::Message
AUTHOR
John Ballem, <jpb@brown.edu>
COPYRIGHT AND LICENSE
Copyright (C) 2003 by John Ballem
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.0 or, at your option, any later version of Perl 5 you may have available.
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 589:
You forgot a '=back' before '=head1'
You forgot a '=back' before '=head1'
You forgot a '=back' before '=head1'