Nessus plugin - add search to relevant commands
Utilize the SearchTerm param in Rex' Tables to filter scrolling outputs. Clean up argument parsing (implement one of the MSF standards). Update help commands to reflect changes Testing: basic functional tests only so farbug/bundler_fix
parent
1828b7fda6
commit
4992c5c3c5
|
@ -36,10 +36,6 @@ module Msf
|
||||||
"#{Msf::Config.local_directory}"
|
"#{Msf::Config.local_directory}"
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_index
|
|
||||||
nessus_index
|
|
||||||
end
|
|
||||||
|
|
||||||
def commands
|
def commands
|
||||||
{
|
{
|
||||||
"nessus_connect" => "Connect to a nessus server: nconnect username:password@hostname:port <verify_ssl>",
|
"nessus_connect" => "Connect to a nessus server: nconnect username:password@hostname:port <verify_ssl>",
|
||||||
|
@ -84,75 +80,6 @@ module Msf
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_help(*args)
|
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
|
||||||
'Columns' => [
|
|
||||||
"Command",
|
|
||||||
"Help Text"
|
|
||||||
],
|
|
||||||
'SortIndex' => -1
|
|
||||||
)
|
|
||||||
tbl << [ "Generic Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_connect", "Connect to a Nessus server" ]
|
|
||||||
tbl << [ "nessus_logout", "Logout from the Nessus server" ]
|
|
||||||
tbl << [ "nessus_login", "Login into the connected Nesssus server with a different username and password"]
|
|
||||||
tbl << [ "nessus_save", "Save credentials of the logged in user to nessus.yml"]
|
|
||||||
tbl << [ "nessus_help", "Listing of available nessus commands" ]
|
|
||||||
tbl << [ "nessus_server_properties", "Nessus server properties such as feed type, version, plugin set and server UUID." ]
|
|
||||||
tbl << [ "nessus_server_status", "Check the status of your Nessus Server" ]
|
|
||||||
tbl << [ "nessus_admin", "Checks if user is an admin" ]
|
|
||||||
tbl << [ "nessus_template_list", "List scan or policy templates" ]
|
|
||||||
tbl << [ "nessus_folder_list", "List all configured folders on the Nessus server" ]
|
|
||||||
tbl << [ "nessus_scanner_list", "List all the scanners configured on the Nessus server" ]
|
|
||||||
tbl << [ "Nessus Database Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------" ]
|
|
||||||
tbl << [ "nessus_db_scan", "Create a scan of all IP addresses in db_hosts" ]
|
|
||||||
tbl << [ "nessus_db_import", "Import Nessus scan to the Metasploit connected database" ]
|
|
||||||
tbl << [ "", ""]
|
|
||||||
tbl << [ "Reports Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_report_hosts", "Get list of hosts from a report" ]
|
|
||||||
tbl << [ "nessus_report_vulns", "Get list of vulns from a report" ]
|
|
||||||
tbl << [ "nessus_report_host_details", "Get detailed information from a report item on a host" ]
|
|
||||||
tbl << [ "", ""]
|
|
||||||
tbl << [ "Scan Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_scan_list", "List of all current Nessus scans" ]
|
|
||||||
tbl << [ "nessus_scan_new", "Create a new Nessus Scan" ]
|
|
||||||
tbl << [ "nessus_scan_launch", "Launch a newly created scan. New scans need to be manually launched through this command" ]
|
|
||||||
tbl << [ "nessus_scan_pause", "Pause a running Nessus scan" ]
|
|
||||||
tbl << [ "nessus_scan_pause_all", "Pause all running Nessus scans" ]
|
|
||||||
tbl << [ "nessus_scan_stop", "Stop a running or paused Nessus scan" ]
|
|
||||||
tbl << [ "nessus_scan_stop_all", "Stop all running or paused Nessus scans" ]
|
|
||||||
tbl << [ "nessus_scan_resume", "Resume a pasued Nessus scan" ]
|
|
||||||
tbl << [ "nessus_scan_resume_all", "Resume all paused Nessus scans" ]
|
|
||||||
tbl << [ "nessus_scan_details", "Return detailed information of a given scan" ]
|
|
||||||
tbl << [ "nessus_scan_export", "Export a scan result in either Nessus, HTML, PDF, CSV, or DB format" ]
|
|
||||||
tbl << [ "nessus_scan_export_status", "Check the status of an exported scan" ]
|
|
||||||
tbl << [ "", ""]
|
|
||||||
tbl << [ "Plugin Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_plugin_list", "List all plugins in a particular plugin family." ]
|
|
||||||
tbl << [ "nessus_family_list", "List all the plugin families along with their corresponding family IDs and plugin count." ]
|
|
||||||
tbl << [ "nessus_plugin_details", "List details of a particular plugin" ]
|
|
||||||
tbl << [ "", ""]
|
|
||||||
tbl << [ "User Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_user_list", "Show Nessus Users" ]
|
|
||||||
tbl << [ "nessus_user_add", "Add a new Nessus User" ]
|
|
||||||
tbl << [ "nessus_user_del", "Delete a Nessus User" ]
|
|
||||||
tbl << [ "nessus_user_passwd", "Change Nessus Users Password" ]
|
|
||||||
tbl << [ "", ""]
|
|
||||||
tbl << [ "Policy Commands", "" ]
|
|
||||||
tbl << [ "-----------------", "-----------------"]
|
|
||||||
tbl << [ "nessus_policy_list", "List all polciies" ]
|
|
||||||
tbl << [ "nessus_policy_del", "Delete a policy" ]
|
|
||||||
print_line ""
|
|
||||||
print_line tbl.to_s
|
|
||||||
print_line ""
|
|
||||||
end
|
|
||||||
|
|
||||||
def ncusage
|
def ncusage
|
||||||
print_status("%redYou must do this before any other commands.%clr")
|
print_status("%redYou must do this before any other commands.%clr")
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
|
@ -223,6 +150,24 @@ module Msf
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def nessus_login
|
||||||
|
if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0))
|
||||||
|
print_status("You need to connect to a server first.")
|
||||||
|
ncusage
|
||||||
|
return
|
||||||
|
end
|
||||||
|
@url = "https://#{@host}:#{@port}/"
|
||||||
|
print_status("Connecting to #{@url} as #{@user}")
|
||||||
|
@n = Nessus::Client.new(@url, @user, @pass,@sslv)
|
||||||
|
if @n.authenticated
|
||||||
|
print_status("User #{@user} authenticated successfully.")
|
||||||
|
@token = 1
|
||||||
|
else
|
||||||
|
print_error("Error connecting/logging to the server!")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def nessus_verify_token
|
def nessus_verify_token
|
||||||
if @token.nil? or @token == ''
|
if @token.nil? or @token == ''
|
||||||
ncusage
|
ncusage
|
||||||
|
@ -231,6 +176,132 @@ module Msf
|
||||||
true
|
true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def valid_policy(*args)
|
||||||
|
case args.length
|
||||||
|
when 1
|
||||||
|
pid = args[0]
|
||||||
|
else
|
||||||
|
print_error("No Policy ID supplied.")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
pol = @n.list_policies
|
||||||
|
pol["policies"].each { |p|
|
||||||
|
if p["template_uuid"] == pid
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
def nessus_verify_db
|
||||||
|
if !(framework.db and framework.db.active)
|
||||||
|
print_error("No database has been configured, please use db_create/db_connect first")
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_scan(*args)
|
||||||
|
case args.length
|
||||||
|
when 1
|
||||||
|
scan_id = args[0]
|
||||||
|
else
|
||||||
|
print_error("No scan ID supplied")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
scans = @n.scan_list
|
||||||
|
scans.each { |scan|
|
||||||
|
if scan["scans"]["id"] == scan_id && scan["scans"]["status"] == "completed"
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
def is_scan_complete(scan_id)
|
||||||
|
complete = false
|
||||||
|
status = @n.scan_list
|
||||||
|
status["scans"].each { |scan|
|
||||||
|
if scan["id"] == scan_id.to_i && (scan["status"] == "completed" || scan["status"] == "imported")
|
||||||
|
complete = true
|
||||||
|
end
|
||||||
|
}
|
||||||
|
complete
|
||||||
|
end
|
||||||
|
|
||||||
|
def cmd_nessus_help(*args)
|
||||||
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'Columns' => [
|
||||||
|
"Command",
|
||||||
|
"Help Text"
|
||||||
|
],
|
||||||
|
'SortIndex' => -1
|
||||||
|
)
|
||||||
|
tbl << [ "Generic Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_connect", "Connect to a Nessus server" ]
|
||||||
|
tbl << [ "nessus_logout", "Logout from the Nessus server" ]
|
||||||
|
tbl << [ "nessus_login", "Login into the connected Nesssus server with a different username and password"]
|
||||||
|
tbl << [ "nessus_save", "Save credentials of the logged in user to nessus.yml"]
|
||||||
|
tbl << [ "nessus_help", "Listing of available nessus commands" ]
|
||||||
|
tbl << [ "nessus_server_properties", "Nessus server properties such as feed type, version, plugin set and server UUID." ]
|
||||||
|
tbl << [ "nessus_server_status", "Check the status of your Nessus Server" ]
|
||||||
|
tbl << [ "nessus_admin", "Checks if user is an admin" ]
|
||||||
|
tbl << [ "nessus_template_list", "List scan or policy templates" ]
|
||||||
|
tbl << [ "nessus_folder_list", "List all configured folders on the Nessus server" ]
|
||||||
|
tbl << [ "nessus_scanner_list", "List all the scanners configured on the Nessus server" ]
|
||||||
|
tbl << [ "Nessus Database Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------" ]
|
||||||
|
tbl << [ "nessus_db_scan", "Create a scan of all IP addresses in db_hosts" ]
|
||||||
|
tbl << [ "nessus_db_import", "Import Nessus scan to the Metasploit connected database" ]
|
||||||
|
tbl << [ "", ""]
|
||||||
|
tbl << [ "Reports Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_report_hosts", "Get list of hosts from a report" ]
|
||||||
|
tbl << [ "nessus_report_vulns", "Get list of vulns from a report" ]
|
||||||
|
tbl << [ "nessus_report_host_details", "Get detailed information from a report item on a host" ]
|
||||||
|
tbl << [ "", ""]
|
||||||
|
tbl << [ "Scan Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_scan_list", "List of all current Nessus scans" ]
|
||||||
|
tbl << [ "nessus_scan_new", "Create a new Nessus Scan" ]
|
||||||
|
tbl << [ "nessus_scan_launch", "Launch a newly created scan. New scans need to be manually launched through this command" ]
|
||||||
|
tbl << [ "nessus_scan_pause", "Pause a running Nessus scan" ]
|
||||||
|
tbl << [ "nessus_scan_pause_all", "Pause all running Nessus scans" ]
|
||||||
|
tbl << [ "nessus_scan_stop", "Stop a running or paused Nessus scan" ]
|
||||||
|
tbl << [ "nessus_scan_stop_all", "Stop all running or paused Nessus scans" ]
|
||||||
|
tbl << [ "nessus_scan_resume", "Resume a pasued Nessus scan" ]
|
||||||
|
tbl << [ "nessus_scan_resume_all", "Resume all paused Nessus scans" ]
|
||||||
|
tbl << [ "nessus_scan_details", "Return detailed information of a given scan" ]
|
||||||
|
tbl << [ "nessus_scan_export", "Export a scan result in either Nessus, HTML, PDF, CSV, or DB format" ]
|
||||||
|
tbl << [ "nessus_scan_export_status", "Check the status of an exported scan" ]
|
||||||
|
tbl << [ "", ""]
|
||||||
|
tbl << [ "Plugin Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_plugin_list", "List all plugins in a particular plugin family." ]
|
||||||
|
tbl << [ "nessus_family_list", "List all the plugin families along with their corresponding family IDs and plugin count." ]
|
||||||
|
tbl << [ "nessus_plugin_details", "List details of a particular plugin" ]
|
||||||
|
tbl << [ "", ""]
|
||||||
|
tbl << [ "User Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_user_list", "Show Nessus Users" ]
|
||||||
|
tbl << [ "nessus_user_add", "Add a new Nessus User" ]
|
||||||
|
tbl << [ "nessus_user_del", "Delete a Nessus User" ]
|
||||||
|
tbl << [ "nessus_user_passwd", "Change Nessus Users Password" ]
|
||||||
|
tbl << [ "", ""]
|
||||||
|
tbl << [ "Policy Commands", "" ]
|
||||||
|
tbl << [ "-----------------", "-----------------"]
|
||||||
|
tbl << [ "nessus_policy_list", "List all polciies" ]
|
||||||
|
tbl << [ "nessus_policy_del", "Delete a policy" ]
|
||||||
|
print_line ""
|
||||||
|
print_line tbl.to_s
|
||||||
|
print_line ""
|
||||||
|
end
|
||||||
|
|
||||||
|
def cmd_nessus_index
|
||||||
|
nessus_index
|
||||||
|
end
|
||||||
|
|
||||||
def cmd_nessus_connect(*args)
|
def cmd_nessus_connect(*args)
|
||||||
# Check if config file exists and load it
|
# Check if config file exists and load it
|
||||||
if !args[0]
|
if !args[0]
|
||||||
|
@ -326,24 +397,6 @@ module Msf
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
def nessus_login
|
|
||||||
if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0))
|
|
||||||
print_status("You need to connect to a server first.")
|
|
||||||
ncusage
|
|
||||||
return
|
|
||||||
end
|
|
||||||
@url = "https://#{@host}:#{@port}/"
|
|
||||||
print_status("Connecting to #{@url} as #{@user}")
|
|
||||||
@n = Nessus::Client.new(@url, @user, @pass,@sslv)
|
|
||||||
if @n.authenticated
|
|
||||||
print_status("User #{@user} authenticated successfully.")
|
|
||||||
@token = 1
|
|
||||||
else
|
|
||||||
print_error("Error connecting/logging to the server!")
|
|
||||||
return
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def cmd_nessus_save(*args)
|
def cmd_nessus_save(*args)
|
||||||
#if we are logged in, save session details to nessus.yaml
|
#if we are logged in, save session details to nessus.yaml
|
||||||
if args[0] == "-h"
|
if args[0] == "-h"
|
||||||
|
@ -370,15 +423,23 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_server_properties(*args)
|
def cmd_nessus_server_properties(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_server_feed")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_server_feed")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Returns information about the feed type and server version.")
|
print_status("nessus_server_feed")
|
||||||
return
|
print_status("Example:> nessus_server_feed -S searchterm")
|
||||||
|
print_status()
|
||||||
|
print_status("Returns information about the feed type and server version.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
resp = @n.server_properties
|
resp = @n.server_properties
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Feed',
|
'Feed',
|
||||||
'Type',
|
'Type',
|
||||||
|
@ -392,14 +453,22 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_server_status(*args)
|
def cmd_nessus_server_status(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_server_status")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_server_status")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Returns some status items for the server..")
|
print_status("nessus_server_status")
|
||||||
return
|
print_status("Example:> nessus_server_status -S searchterm")
|
||||||
|
print_status()
|
||||||
|
print_status("Returns some status items for the server..")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Status',
|
'Status',
|
||||||
'Progress'
|
'Progress'
|
||||||
|
@ -410,13 +479,19 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_admin(*args)
|
def cmd_nessus_admin(*args)
|
||||||
|
while (arg = args.shift)
|
||||||
|
case arg
|
||||||
|
when '-h', '--help'
|
||||||
|
print_status("nessus_admin")
|
||||||
|
print_status("Example:> nessus_admin")
|
||||||
|
print_status()
|
||||||
|
print_status("Checks to see if the current user is an admin")
|
||||||
|
print_status("Use nessus_user_list to list all users")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
end
|
||||||
if args[0] == "-h"
|
if args[0] == "-h"
|
||||||
print_status("nessus_admin")
|
|
||||||
print_status("Example:> nessus_admin")
|
|
||||||
print_status()
|
|
||||||
print_status("Checks to see if the current user is an admin")
|
|
||||||
print_status("Use nessus_user_list to list all users")
|
|
||||||
return
|
|
||||||
end
|
end
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
|
@ -429,15 +504,22 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_template_list(*args)
|
def cmd_nessus_template_list(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_template_list <scan> | <policy>")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_template_list scan")
|
case arg
|
||||||
print_status("OR")
|
when '-h', '--help'
|
||||||
print_status("nessus_template_list policy")
|
print_status("nessus_template_list <scan> | <policy>")
|
||||||
print_status()
|
print_status("Example:> nessus_template_list scan -S searchterm")
|
||||||
print_status("Returns a list of information about the scan or policy templates..")
|
print_status("OR")
|
||||||
return
|
print_status("nessus_template_list policy")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Returns a list of information about the scan or policy templates..")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -465,11 +547,12 @@ module Msf
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Name',
|
'Name',
|
||||||
'Title',
|
'Title',
|
||||||
'Description',
|
'Description',
|
||||||
'Subscription Only',
|
'Subscription Only',
|
||||||
'Cloud Only'
|
'Cloud Only'
|
||||||
])
|
])
|
||||||
list["templates"].each { |template|
|
list["templates"].each { |template|
|
||||||
|
@ -479,12 +562,20 @@ module Msf
|
||||||
print_line tbl.to_s
|
print_line tbl.to_s
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_folder_list
|
def cmd_nessus_folder_list(*args)
|
||||||
|
search_term = nil
|
||||||
|
while (arg = args.shift)
|
||||||
|
case arg
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
list = @n.list_folders
|
list = @n.list_folders
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"ID",
|
"ID",
|
||||||
"Name",
|
"Name",
|
||||||
|
@ -497,7 +588,20 @@ module Msf
|
||||||
print_line tbl.to_s
|
print_line tbl.to_s
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_scanner_list
|
def cmd_nessus_scanner_list(*args)
|
||||||
|
search_term = nil
|
||||||
|
while (arg = args.shift)
|
||||||
|
case arg
|
||||||
|
when '-h', '--help'
|
||||||
|
print_status("nessus_scanner_list")
|
||||||
|
print_status("Example:> nessus_scanner_list -S searchterm")
|
||||||
|
print_status()
|
||||||
|
print_status("Returns information about the feed type and server version.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -506,6 +610,7 @@ module Msf
|
||||||
end
|
end
|
||||||
list = @n.list_scanners
|
list = @n.list_scanners
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"ID",
|
"ID",
|
||||||
"Name",
|
"Name",
|
||||||
|
@ -520,40 +625,31 @@ module Msf
|
||||||
print_line tbl.to_s
|
print_line tbl.to_s
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_scan(*args)
|
|
||||||
case args.length
|
|
||||||
when 1
|
|
||||||
scan_id = args[0]
|
|
||||||
else
|
|
||||||
print_error("No scan ID supplied")
|
|
||||||
return
|
|
||||||
end
|
|
||||||
scans = @n.scan_list
|
|
||||||
scans.each { |scan|
|
|
||||||
if scan["scans"]["id"] == scan_id && scan["scans"]["status"] == "completed"
|
|
||||||
return true
|
|
||||||
end
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
|
|
||||||
def cmd_nessus_report_hosts(*args)
|
def cmd_nessus_report_hosts(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_report_hosts <scan ID>")
|
scan_id = nil
|
||||||
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
while (arg = args.shift)
|
||||||
return
|
case arg
|
||||||
|
when '-h', '--help'
|
||||||
|
print_status("nessus_report_hosts <scan ID> -S searchterm")
|
||||||
|
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
else
|
||||||
|
scan_id = arg
|
||||||
|
end
|
||||||
end
|
end
|
||||||
case args.length
|
|
||||||
when 1
|
if scan_id.nil?
|
||||||
scan_id = args[0]
|
|
||||||
scan_id = scan_id
|
|
||||||
else
|
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_report_hosts <scan ID>")
|
print_status("nessus_report_hosts <scan ID> -S searchterm")
|
||||||
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"Host ID",
|
"Host ID",
|
||||||
"Hostname",
|
"Hostname",
|
||||||
|
@ -576,22 +672,28 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_report_vulns(*args)
|
def cmd_nessus_report_vulns(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_report_vulns <scan ID>")
|
scan_id = nil
|
||||||
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
while (arg = args.shift)
|
||||||
return
|
case arg
|
||||||
|
when '-h', '--help'
|
||||||
|
print_status("nessus_report_vulns <scan ID> -S searchterm")
|
||||||
|
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
else
|
||||||
|
scan_id = arg
|
||||||
|
end
|
||||||
end
|
end
|
||||||
case args.length
|
if scan_id.nil?
|
||||||
when 1
|
|
||||||
scan_id = args[0]
|
|
||||||
scan_id = scan_id.to_i
|
|
||||||
else
|
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_report_vulns <scan ID>")
|
print_status("nessus_report_vulns <scan ID>")
|
||||||
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"Plugin ID",
|
"Plugin ID",
|
||||||
"Plugin Name",
|
"Plugin Name",
|
||||||
|
@ -613,21 +715,29 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_report_host_details(*args)
|
def cmd_nessus_report_host_details(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_report_host_details <scan ID> <host ID>")
|
search_vuln = nil
|
||||||
print_status("Example:> nessus_report_host_details 10 5")
|
scan_id = nil
|
||||||
print_status("Use nessus_scan_list to get list of all scans. Only completed scans can be used for reporting.")
|
host_id = nil
|
||||||
print_status("Use nessus_report_hosts to get a list of all the hosts along with their corresponding host IDs.")
|
while (arg = args.shift)
|
||||||
return
|
case arg
|
||||||
end
|
when '-h', '--help'
|
||||||
if !nessus_verify_token
|
print_status("nessus_report_host_details <scan ID> <host ID>")
|
||||||
return
|
print_status("Example:> nessus_report_host_details 10 5 -S hostinfo -SV vulninfo")
|
||||||
end
|
print_status("Use nessus_scan_list to get list of all scans. Only completed scans can be used for reporting.")
|
||||||
case args.length
|
print_status("Use nessus_report_hosts to get a list of all the hosts along with their corresponding host IDs.")
|
||||||
when 2
|
return
|
||||||
scan_id = args[0]
|
when '-S', '--search'
|
||||||
host_id = args[1]
|
search_term = /#{args.shift}/nmi
|
||||||
else
|
when '-SV', '--search-vuln'
|
||||||
|
search_vuln = /#{args.shift}/nmi
|
||||||
|
else
|
||||||
|
scan_id = arg,
|
||||||
|
host_id = args.shift
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
if [scan_id, host_id].any?(&:nil?)
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_report_host_detail <scan ID> <host ID>")
|
print_status("nessus_report_host_detail <scan ID> <host ID>")
|
||||||
print_status("Example:> nessus_report_host_detail 10 5")
|
print_status("Example:> nessus_report_host_detail 10 5")
|
||||||
|
@ -636,6 +746,7 @@ module Msf
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Plugin Name',
|
'Plugin Name',
|
||||||
'Plugin Famil',
|
'Plugin Famil',
|
||||||
|
@ -654,6 +765,7 @@ module Msf
|
||||||
}
|
}
|
||||||
print_line tbl.to_s
|
print_line tbl.to_s
|
||||||
tbl2 = Rex::Ui::Text::Table.new(
|
tbl2 = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_vuln,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Plugin Name',
|
'Plugin Name',
|
||||||
'Plugin Famil',
|
'Plugin Famil',
|
||||||
|
@ -698,27 +810,33 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_report_host_ports(*args)
|
def cmd_nessus_report_host_ports(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_report_host_ports <hostname> <report id>")
|
rid = nil
|
||||||
print_status("Example:> nessus_report_host_ports 192.168.1.250 f0eabba3-4065-7d54-5763-f191e98eb0f7f9f33db7e75a06ca")
|
host = nil
|
||||||
print_status()
|
while (arg = args.shift)
|
||||||
print_status("Returns all the ports associated with a host and details about their vulnerabilities")
|
case arg
|
||||||
print_status("Use nessus_report_hosts to list all available hosts for a report")
|
when '-h', '--help'
|
||||||
end
|
print_status("nessus_report_host_ports <hostname> <report id>")
|
||||||
if !nessus_verify_token
|
print_status("Example:> nessus_report_host_ports 192.168.1.250 f0eabba3-4065-7d54-5763-f191e98eb0f7f9f33db7e75a06ca -S searchterm")
|
||||||
return
|
print_status()
|
||||||
end
|
print_status("Returns all the ports associated with a host and details about their vulnerabilities")
|
||||||
case args.length
|
print_status("Use nessus_report_hosts to list all available hosts for a report")
|
||||||
when 2
|
return
|
||||||
host = args[0]
|
when '-S', '--search'
|
||||||
rid = args[1]
|
search_term = /#{args.shift}/nmi
|
||||||
else
|
else
|
||||||
|
scan_id = arg
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
if [host,rid].any?(&:nil?)
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_report_host_ports <hostname> <report id>")
|
print_status("nessus_report_host_ports <hostname> <report id>")
|
||||||
print_status("Use nessus_report_list to list all available reports")
|
print_status("Use nessus_report_list to list all available reports")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Port',
|
'Port',
|
||||||
'Protocol',
|
'Protocol',
|
||||||
|
@ -775,13 +893,20 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_scan_list(*args)
|
def cmd_nessus_scan_list(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_scan_list")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_scan_list")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Returns a list of information about currently running scans.")
|
print_status("nessus_scan_list")
|
||||||
return
|
print_status("Example:> nessus_scan_list -S searchterm")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Returns a list of information about currently running scans.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -791,6 +916,7 @@ module Msf
|
||||||
return
|
return
|
||||||
else
|
else
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Scan ID',
|
'Scan ID',
|
||||||
'Name',
|
'Name',
|
||||||
|
@ -1014,18 +1140,6 @@ module Msf
|
||||||
else
|
else
|
||||||
print_error("Only completed scans could be used for import")
|
print_error("Only completed scans could be used for import")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
def is_scan_complete(scan_id)
|
|
||||||
complete = false
|
|
||||||
status = @n.scan_list
|
|
||||||
status["scans"].each { |scan|
|
|
||||||
if scan["id"] == scan_id.to_i && (scan["status"] == "completed" || scan["status"] == "imported")
|
|
||||||
complete = true
|
|
||||||
end
|
|
||||||
}
|
|
||||||
complete
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_scan_pause_all(*args)
|
def cmd_nessus_scan_pause_all(*args)
|
||||||
|
@ -1174,35 +1288,39 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_scan_details(*args)
|
def cmd_nessus_scan_details(*args)
|
||||||
if args[0] == "-h"
|
valid_categories = ['info', 'hosts', 'vulnerabilities', 'history']
|
||||||
print_status("nessus_scan_details <scan ID> <category>")
|
search_term = nil
|
||||||
print_status("Availble categories are info, hosts, vulnerabilities, and history")
|
scan_id = nil
|
||||||
print_status("Use nessus_scan_list to list all available scans with their corresponding scan IDs")
|
category = nil
|
||||||
return
|
while (arg = args.shift)
|
||||||
end
|
case arg
|
||||||
|
when '-h', '--help'
|
||||||
|
print_status("Usage: ")
|
||||||
|
print_status("nessus_scan_details <scan ID> <category> -S searchterm")
|
||||||
|
print_status("Availble categories are info, hosts, vulnerabilities, and history")
|
||||||
|
print_status("Use nessus_scan_list to list all available scans with their corresponding scan IDs")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
else
|
||||||
|
scan_id = arg
|
||||||
|
if args[0].in?(valid_categories)
|
||||||
|
category = args.shift
|
||||||
|
else
|
||||||
|
print_error("Invalid category. The available categories are info, hosts, vulnerabilities, and history")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
case args.length
|
|
||||||
when 2
|
|
||||||
scan_id = args[0]
|
|
||||||
category = args[1]
|
|
||||||
if category.in?(['info', 'hosts', 'vulnerabilities', 'history'])
|
|
||||||
category = args[1]
|
|
||||||
else
|
|
||||||
print_error("Invalid category. The available categories are info, hosts, vulnerabilities, and history")
|
|
||||||
return
|
|
||||||
end
|
|
||||||
else
|
|
||||||
print_status("Usage: ")
|
|
||||||
print_status("nessus_scan_details <scan ID> <category>")
|
|
||||||
print_status("Availble categories are info, hosts, vulnerabilities, and history")
|
|
||||||
print_status("Use nessus_scan_list to list all available scans with their corresponding scan IDs")
|
|
||||||
return
|
|
||||||
end
|
|
||||||
details = @n.scan_details(scan_id)
|
details = @n.scan_details(scan_id)
|
||||||
if category == "info"
|
if category == "info"
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"Status",
|
"Status",
|
||||||
"Policy",
|
"Policy",
|
||||||
|
@ -1214,6 +1332,7 @@ module Msf
|
||||||
tbl << [ details["info"]["status"], details["info"]["policy"], details["info"]["name"], details["info"]["targets"], details["info"]["scan_start"], details["info"]["scan_end"] ]
|
tbl << [ details["info"]["status"], details["info"]["policy"], details["info"]["name"], details["info"]["targets"], details["info"]["scan_start"], details["info"]["scan_end"] ]
|
||||||
elsif category == "hosts"
|
elsif category == "hosts"
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"Host ID",
|
"Host ID",
|
||||||
"Hostname",
|
"Hostname",
|
||||||
|
@ -1227,6 +1346,7 @@ module Msf
|
||||||
}
|
}
|
||||||
elsif category == "vulnerabilities"
|
elsif category == "vulnerabilities"
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"Plugin ID",
|
"Plugin ID",
|
||||||
"Plugin Name",
|
"Plugin Name",
|
||||||
|
@ -1238,6 +1358,7 @@ module Msf
|
||||||
}
|
}
|
||||||
elsif category == "history"
|
elsif category == "history"
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
"History ID",
|
"History ID",
|
||||||
"Status",
|
"Status",
|
||||||
|
@ -1319,27 +1440,32 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_plugin_list(*args)
|
def cmd_nessus_plugin_list(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_plugin_list <Family ID>")
|
family_id = nil
|
||||||
print_status("Example:> nessus_plugin_list 10")
|
while (arg = args.shift)
|
||||||
print_status()
|
case arg
|
||||||
print_status("Returns a list of all plugins in that family.")
|
when '-h', '--help'
|
||||||
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
|
print_status("nessus_plugin_list <Family ID> -S searchterm")
|
||||||
return
|
print_status("Example:> nessus_plugin_list 10")
|
||||||
end
|
print_status()
|
||||||
if !nessus_verify_token
|
print_status("Returns a list of all plugins in that family.")
|
||||||
return
|
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
|
||||||
end
|
return
|
||||||
case args.length
|
when '-S', '--search'
|
||||||
when 1
|
search_term = /#{args.shift}/nmi
|
||||||
family_id = args[0]
|
else
|
||||||
else
|
family_id = arg
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
if family_id.nil?
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_plugin_list <Family ID>")
|
print_status("nessus_plugin_list <Family ID>")
|
||||||
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
|
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Plugin ID',
|
'Plugin ID',
|
||||||
'Plugin Name'
|
'Plugin Name'
|
||||||
|
@ -1355,15 +1481,23 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_family_list(*args)
|
def cmd_nessus_family_list(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_family_list")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_family_list")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Returns a list of all the plugin families along with their corresponding family IDs and plugin count.")
|
print_status("nessus_family_list")
|
||||||
return
|
print_status("Example:> nessus_family_list -S searchterm")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Returns a list of all the plugin families along with their corresponding family IDs and plugin count.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
list = @n.list_families
|
list = @n.list_families
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Family ID',
|
'Family ID',
|
||||||
'Family Name',
|
'Family Name',
|
||||||
|
@ -1377,27 +1511,36 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_plugin_details(*args)
|
def cmd_nessus_plugin_details(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_plugin_details <Plugin ID>")
|
plugin_id = nil
|
||||||
print_status("Example:> nessus_plugin_details 10264")
|
while (arg = args.shift)
|
||||||
print_status()
|
case arg
|
||||||
print_status("Returns details on a particular plugin.")
|
when '-h', '--help'
|
||||||
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
|
print_status("nessus_plugin_details <Plugin ID>")
|
||||||
return
|
print_status("Example:> nessus_plugin_details 10264 -S searchterm")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Returns details on a particular plugin.")
|
||||||
|
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
else
|
||||||
|
plugin_id = arg
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
case args.length
|
|
||||||
when 1
|
if plugin_id.nil?
|
||||||
plugin_id = args[0]
|
|
||||||
else
|
|
||||||
print_status("Usage: ")
|
print_status("Usage: ")
|
||||||
print_status("nessus_plugin_details <Plugin ID>")
|
print_status("nessus_plugin_details <Plugin ID>")
|
||||||
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
|
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'Reference',
|
'Reference',
|
||||||
'Value'
|
'Value'
|
||||||
|
@ -1423,13 +1566,20 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_user_list(*args)
|
def cmd_nessus_user_list(*args)
|
||||||
if args[0] == "-h"
|
scan_id = nil
|
||||||
print_status("nessus_user_list")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_user_list")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Returns a list of the users on the Nessus server and their access level.")
|
print_status("nessus_user_list")
|
||||||
return
|
print_status("Example:> nessus_user_list -S searchterm")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Returns a list of the users on the Nessus server and their access level.")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -1438,6 +1588,7 @@ module Msf
|
||||||
end
|
end
|
||||||
list=@n.list_users
|
list=@n.list_users
|
||||||
tbl = Rex::Ui::Text::Table.new(
|
tbl = Rex::Ui::Text::Table.new(
|
||||||
|
'SearchTerm' => search_term,
|
||||||
'Columns' => [
|
'Columns' => [
|
||||||
'ID',
|
'ID',
|
||||||
'Name',
|
'Name',
|
||||||
|
@ -1574,13 +1725,20 @@ module Msf
|
||||||
end
|
end
|
||||||
|
|
||||||
def cmd_nessus_policy_list(*args)
|
def cmd_nessus_policy_list(*args)
|
||||||
if args[0] == "-h"
|
search_term = nil
|
||||||
print_status("nessus_policy_list")
|
while (arg = args.shift)
|
||||||
print_status("Example:> nessus_policy_list")
|
case arg
|
||||||
print_status()
|
when '-h', '--help'
|
||||||
print_status("Lists all policies on the server")
|
print_status("nessus_policy_list")
|
||||||
return
|
print_status("Example:> nessus_policy_list -S searchterm")
|
||||||
end
|
print_status()
|
||||||
|
print_status("Lists all policies on the server")
|
||||||
|
return
|
||||||
|
when '-S', '--search'
|
||||||
|
search_term = /#{args.shift}/nmi
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if !nessus_verify_token
|
if !nessus_verify_token
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
@ -1642,31 +1800,6 @@ module Msf
|
||||||
print_error("Unknown problem occured by deleting the user account having user ID #{user_id}.")
|
print_error("Unknown problem occured by deleting the user account having user ID #{user_id}.")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def valid_policy(*args)
|
|
||||||
case args.length
|
|
||||||
when 1
|
|
||||||
pid = args[0]
|
|
||||||
else
|
|
||||||
print_error("No Policy ID supplied.")
|
|
||||||
return
|
|
||||||
end
|
|
||||||
pol = @n.list_policies
|
|
||||||
pol["policies"].each { |p|
|
|
||||||
if p["template_uuid"] == pid
|
|
||||||
return true
|
|
||||||
end
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
|
|
||||||
def nessus_verify_db
|
|
||||||
if !(framework.db and framework.db.active)
|
|
||||||
print_error("No database has been configured, please use db_create/db_connect first")
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
true
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def initialize(framework, opts)
|
def initialize(framework, opts)
|
||||||
|
|
Loading…
Reference in New Issue