| Net::Nessus::XMLRPC(3pm) | User Contributed Perl Documentation | Net::Nessus::XMLRPC(3pm) |
Net::Nessus::XMLRPC - Communicate with Nessus scanner(v4.2+) via XMLRPC
Version 0.30
This is Perl interface for communication with Nessus scanner over XMLRPC. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.
use Net::Nessus::XMLRPC;
# '' is same as https://localhost:8834/
my $n = Net::Nessus::XMLRPC->new ('','user','pass');
die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);
print "Logged in\n";
my $polid=$n->policy_get_first;
print "Using policy ID: $polid ";
my $polname=$n->policy_get_name($polid);
print "with name: $polname\n";
my $scanid=$n->scan_new($polid,"perl-test","127.0.0.1");
while (not $n->scan_finished($scanid)) {
print "$scanid: ".$n->scan_status($scanid)."\n";
sleep 15;
}
print "$scanid: ".$n->scan_status($scanid)."\n";
my $reportcont=$n->report_file_download($scanid);
my $reportfile="report.xml";
open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";
print FILE $reportcont;
close (FILE);
This CPAN module uses LWP for communicating with Nessus over XMLRPC via https. Therefore, make sure that you have Net::SSL (provided by Crypt::SSLeay): http://search.cpan.org/perldoc?Crypt::SSLeay or IO::Socket::SSL: http://search.cpan.org/perldoc?IO::Socket::SSL
If you think you have login problems, check this first!
creates new object Net::Nessus::XMLRPC
destructor, calls logout method on destruction
get/set Nessus base URL
get/set Nessus login token
low-level function, makes HTTP request to Nessus URL
low-level function, makes XMLRPC request to Nessus URL and returns XML
login to Nessus server via $user and $password
logout from Nessus server
returns true if we're logged in
initiates new scan
initiates new scan with hosts from file named $filename
stops the scan identified by $scan_id
stops all scans
pauses the scan identified by $scan_id
pauses all scans
resumes the scan identified by $scan_id
resumes all scans
returns array of IDs of (active) scans
returns name of the scan identified by $uuid
returns status of the scan identified by $uuid
returns true if scan is finished/completed (identified by $uuid)
low-level function, makes HTTP upload request to URI specified
uploads $filename to nessus server, returns filename of file uploaded or '' if failed
Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
uploads $filename to nessus server using $content as content of file, returns filename of file uploaded or '' if failed
Note that uploaded file is per session (i.e. it will be there until logout/attack.) So, don't logout or login again and use the filename! You need to upload it again!
returns policy id for the first policy found
returns ref to hash %value with basic info of first policy/scan returned by the server
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
returns ref to array of hashes %value with basic info of first policy/scan returned by the server
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
returns ref to array of IDs of policies available
returns ref to array of names of policies available
returns ref to hash %value with basic info of policy/scan identified by $policy_id
$value{'id'}, $value{'name'}, $value{'owner'}, $value{'visibility'}, $value{'comment'}
returns ID of the scan/policy identified by $policy_name
returns name of the scan/policy identified by $policy_id
delete policy identified by $policy_id
copy policy identified by $policy_id, returns $policy_id of new copied policy
rename policy to $policy_name identified by $policy_id
edit policy identified by $policy_id
%params (must be present): policy_name => name policy_shared => 1
%params can be (examples) max_hosts => 50, max_checks=> 10, use_mac_addr => no, throttle_scan => yes, optimize_test => yes, log_whole_attack => no, ssl_cipher_list => strong, save_knowledge_base => no, port_range => 1-65535
create new policy with $params, %params must be present: policy_name policy_shared
the others parameters are same as policy_edit
returns hashref with different options for policy identified by $policy_id
sets policy options via hashref $params identified by $policy_id
returns ref to array of IDs of reports available
returns ref to array of hashes with basic info of reports hash has following keys: name status readableName timestamp
returns XML report identified by $report_id (Nessus XML v2)
returns XML report identified by $report_id (Nessus XML v1)
delete report identified by $report_id
tells nessus server to import already uploaded file named $filename ( i.e. you already uploaded the file via file_upload() )
uploads $filename to nessus server and imports it as nessus report
returns ref to array of hash %values with users info $values{'name'} $values{'admin'} $values{'lastlogin'}
deletes user with $login
deletes user with $login and $password, return username created, '' if not
change user password to $password identified with $login, return username, '' if not
Vlatko Kosturjak, "<kost at linux.hr>"
Please report any bugs or feature requests to "bug-net-nessus-xmlrpc at rt.cpan.org", or through the web interface at <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Nessus-XMLRPC>. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
You can find documentation for this module with the perldoc command.
perldoc Net::Nessus::XMLRPC
You can also look for information at:
<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Net-Nessus-XMLRPC>
<http://annocpan.org/dist/Net-Nessus-XMLRPC>
<http://cpanratings.perl.org/d/Net-Nessus-XMLRPC>
<http://search.cpan.org/dist/Net-Nessus-XMLRPC>
Repository is available on GitHub: http://github.com/kost/nessus-xmlrpc-perl
I have made Ruby library as well: http://nessus-xmlrpc.rubyforge.org/
There you can find some early documentation about XMLRPC protocol used.
Copyright 2010 Vlatko Kosturjak, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
| 2017-08-18 | perl v5.26.0 |