NAME

Net::Nessus::XMLRPC - Communicate with Nessus scanner(v4.2+) via XMLRPC

VERSION

Version 0.30

SYNOPSIS

This is Perl interface for communication with Nessus scanner over XMLRPC. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.

        use Net::Nessus::XMLRPC;

        # '' is same as https://localhost:8834/
        my $n = Net::Nessus::XMLRPC->new ('','user','pass');

        die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);

        print "Logged in\n";
        my $polid=$n->policy_get_first;
        print "Using policy ID: $polid ";
        my $polname=$n->policy_get_name($polid);
        print "with name: $polname\n";
        my $scanid=$n->scan_new($polid,"perl-test","127.0.0.1");

        while (not $n->scan_finished($scanid)) {
                print "$scanid: ".$n->scan_status($scanid)."\n";        
                sleep 15;
        }
        print "$scanid: ".$n->scan_status($scanid)."\n";        
        my $reportcont=$n->report_file_download($scanid);
        my $reportfile="report.xml";
        open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";
        print FILE $reportcont;
        close (FILE);

NOTICE

This CPAN module uses LWP for communicating with Nessus over XMLRPC via https. Therefore, make sure that you have Net::SSL (provided by Crypt::SSLeay): http://search.cpan.org/perldoc?Crypt::SSLeay or IO::Socket::SSL: http://search.cpan.org/perldoc?IO::Socket::SSL

If you think you have login problems, check this first!

METHODS

new ([$nessus_url], [$user], [$pass])

creates new object Net::Nessus::XMLRPC

DESTROY

destructor, calls logout method on destruction

nurl ( [$nessus_url] )

get/set Nessus base URL

token ( [$nessus_token] )

get/set Nessus login token

nessus_http_request ( $uri, $post_data )

low-level function, makes HTTP request to Nessus URL

nessus_request ($uri, $post_data)

low-level function, makes XMLRPC request to Nessus URL and returns XML

login ( $user, $password )

login to Nessus server via $user and $password

logout

logout from Nessus server

logged_in

returns true if we're logged in

scan_new ( $policy_id, $scan_name, $targets )

initiates new scan

scan_new_file ( $policy_id, $scan_name, $targets, $filename )

initiates new scan with hosts from file named $filename

scan_stop ( $scan_id )

stops the scan identified by $scan_id

scan_stop_all

stops all scans

scan_pause ( $scan_id )

pauses the scan identified by $scan_id

scan_pause_all

pauses all scans

scan_resume ( $scan_id )

resumes the scan identified by $scan_id

scan_resume_all

resumes all scans

scan_list_uids

returns array of IDs of (active) scans

scan_get_name ( $uuid )

returns name of the scan identified by $uuid

scan_status ( $uuid )

returns status of the scan identified by $uuid

scan_finished ( $uuid )

returns true if scan is finished/completed (identified by $uuid)

nessus_http_upload_request ( $uri, $post_data )

low-level function, makes HTTP upload request to URI specified

file_upload ( $filename )

uploads $filename to nessus server, returns filename of file uploaded or '' if failed

Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!

upload ( $filename, $content )

uploads $filename to nessus server using $content as content of file, returns filename of file uploaded or '' if failed

Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!

policy_get_first

returns policy id for the first policy found

policy_get_firsth

returns ref to hash %value with basic info of first policy/scan returned by the server

$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}

policy_list_hash

returns ref to array of hashes %value with basic info of first policy/scan returned by the server

$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}

policy_list_uids

returns ref to array of IDs of policies available

policy_list_names

returns ref to array of names of policies available

policy_get_info ( $policy_id )

returns ref to hash %value with basic info of policy/scan identified by $policy_id

$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}

policy_get_id ( $policy_name )

returns ID of the scan/policy identified by $policy_name

policy_get_name ( $policy_id )

returns name of the scan/policy identified by $policy_id

policy_delete ( $policy_id )

delete policy identified by $policy_id

policy_copy ( $policy_id )

copy policy identified by $policy_id, returns $policy_id of new copied policy

policy_rename ( $policy_id, $policy_name )

rename policy to $policy_name identified by $policy_id

policy_edit ( $policy_id, $params )

edit policy identified by $policy_id

%params (must be present): policy_name => name policy_shared => 1

%params can be (examples) max_hosts => 50, max_checks=> 10, use_mac_addr => no, throttle_scan => yes, optimize_test => yes, log_whole_attack => no, ssl_cipher_list => strong, save_knowledge_base => no, port_range => 1-65535

policy_new ( $params )

create new policy with $params, %params must be present: policy_name policy_shared

the others parameters are same as policy_edit

policy_get_opts ( $policy_id )

returns hashref with different options for policy identified by $policy_id

policy_set_opts ( $policy_id , $params )

sets policy options via hashref $params identified by $policy_id

report_list_uids

returns ref to array of IDs of reports available

report_list_hash

returns ref to array of hashes with basic info of reports hash has following keys: name status readableName timestamp

report_file_download ($report_id)

returns XML report identified by $report_id (Nessus XML v2)

report_file1_download ($report_id)

returns XML report identified by $report_id (Nessus XML v1)

report_delete ($report_id)

delete report identified by $report_id

report_import ( $filename )

tells nessus server to import already uploaded file named $filename ( i.e. you already uploaded the file via file_upload() )

report_import_file ( $filename )

uploads $filename to nessus server and imports it as nessus report

users_list

returns ref to array of hash %values with users info $values{'name'} $values{'admin'} $values{'lastlogin'}

users_delete ( $login )

deletes user with $login

users_add ( $login, $password )

deletes user with $login and $password, return username created, '' if not

users_passwd ( $login, $password )

change user password to $password identified with $login, return username, '' if not

AUTHOR

Vlatko Kosturjak, <kost at linux.hr>

BUGS

Please report any bugs or feature requests to bug-net-nessus-xmlrpc at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Nessus-XMLRPC. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc Net::Nessus::XMLRPC

You can also look for information at:

REPOSITORY

Repository is available on GitHub: http://github.com/kost/nessus-xmlrpc-perl

ACKNOWLEDGEMENTS

I have made Ruby library as well: http://nessus-xmlrpc.rubyforge.org/

There you can find some early documentation about XMLRPC protocol used.

COPYRIGHT & LICENSE

Copyright 2010 Vlatko Kosturjak, all rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.