metasploit-framework/lib/nessus/README

Nessus XML RPC library and Nessus Command Line interface to XML RPC

(C) Vlatko Kosturjak, Kost. Distributed under GPL and BSD (dual licensed).

Requirements
============
Requirements are quite standard Ruby libraries for HTTPS and XML
parsing:
require 'uri'
require 'net/https'
require 'rexml/document'

nessus-cli.rb
=============
Nessus command line interface for XML-RPC.

Type ./nessus-cli.rb --help for command line options.

Examples:
---------

./nessus-cli.rb --user john --password doe --scan scan-localhost --wait --output report.xml --target localhost

./nessus-cli.rb --user user --password pass --scan localhost-scan --wait 5 -D --output report-localhost.xml --target localhost --verbose 

./nessus-cli.rb --user user --password pass --scan localhost-scan --wait 5 -D --output report-localhost.xml --target 127.0.0.1 --verbose --policy mypolicy --url https://localhost:8834

Or if you want to have detached scans:
--------------------------------------

./nessus-cli.rb --user user --password pass --scan localhost-scan --target 127.0.0.1 --policy mypolicy

./nessus-cli.rb --user user --password pass --list-scans 

./nessus-cli.rb --user user --password pass --pause 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e

./nessus-cli.rb --user user --password pass --resume 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e

./nessus-cli.rb --user user --password pass --stop 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e

./nessus-cli.rb --user user --password pass --stop-all

./nessus-cli.rb --user user --password pass --report 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e --output report.xml

nessus-xmlrpc.rb
================
communicate with Nessus(4.2+) over XML RPC interface

Simple example:

require 'nessus-xmlrpc'
n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');
# n=NessusXMLRPC::NessusXMLRPC.new('','user','pass'); # it's same
if n.logged_in
      id,name = n.policy_get_first
      puts "using policy ID: " + id + " with name: " + name
      uid=n.scan_new(id,"textxmlrpc","127.0.0.1")
      puts "status: " + n.scan_status(uid)
      while not n.scan_finished(uid)
              sleep 10
      end
      content=n.report_file_download(uid)
      File.open('report.xml', 'w') {|f| f.write(content) }
end

Take a look at nessus-cli.rb for more advanced examples.
Import of the dual-licensed (GPL/BSD) nessus-xmlrpc client from Vlatko Kosturjak git-svn-id: file:///home/svn/framework3/trunk@10323 4d416f70-5f16-0410-b530-b9f4589650da 2010-09-15 08:22:28 +00:00			`Nessus XML RPC library and Nessus Command Line interface to XML RPC`

			`(C) Vlatko Kosturjak, Kost. Distributed under GPL and BSD (dual licensed).`

			`Requirements`
			`============`
			`Requirements are quite standard Ruby libraries for HTTPS and XML`
			`parsing:`
			`require 'uri'`
			`require 'net/https'`
			`require 'rexml/document'`

			`nessus-cli.rb`
			`=============`
			`Nessus command line interface for XML-RPC.`

			`Type ./nessus-cli.rb --help for command line options.`

			`Examples:`
			`---------`

			`./nessus-cli.rb --user john --password doe --scan scan-localhost --wait --output report.xml --target localhost`

			`./nessus-cli.rb --user user --password pass --scan localhost-scan --wait 5 -D --output report-localhost.xml --target localhost --verbose`

			`./nessus-cli.rb --user user --password pass --scan localhost-scan --wait 5 -D --output report-localhost.xml --target 127.0.0.1 --verbose --policy mypolicy --url https://localhost:8834`

			`Or if you want to have detached scans:`
			`--------------------------------------`

			`./nessus-cli.rb --user user --password pass --scan localhost-scan --target 127.0.0.1 --policy mypolicy`

			`./nessus-cli.rb --user user --password pass --list-scans`

			`./nessus-cli.rb --user user --password pass --pause 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e`

			`./nessus-cli.rb --user user --password pass --resume 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e`

			`./nessus-cli.rb --user user --password pass --stop 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e`

			`./nessus-cli.rb --user user --password pass --stop-all`

			`./nessus-cli.rb --user user --password pass --report 5329fae9-fb1d-0c67-a401-a0db12637c0d5bcd67900d34e00e --output report.xml`

			`nessus-xmlrpc.rb`
			`================`
			`communicate with Nessus(4.2+) over XML RPC interface`

			`Simple example:`

			`require 'nessus-xmlrpc'`
			`n=NessusXMLRPC::NessusXMLRPC.new('https://localhost:8834','user','pass');`
			`# n=NessusXMLRPC::NessusXMLRPC.new('','user','pass'); # it's same`
			`if n.logged_in`
			`id,name = n.policy_get_first`
			`puts "using policy ID: " + id + " with name: " + name`
			`uid=n.scan_new(id,"textxmlrpc","127.0.0.1")`
			`puts "status: " + n.scan_status(uid)`
			`while not n.scan_finished(uid)`
			`sleep 10`
			`end`
			`content=n.report_file_download(uid)`
			`File.open('report.xml', 'w') {\|f\| f.write(content) }`
			`end`

			`Take a look at nessus-cli.rb for more advanced examples.`