infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes #281. Add .nessus db support via db_import_nessus_xml 

Based on work by mephux and erwinp.  I started with the latter's patch and
reworked it to avoid all of duplication from the .nbe stuff.


git-svn-id: file:///home/svn/framework3/trunk@7005 4d416f70-5f16-0410-b530-b9f4589650da
unstable
kris 2009-09-05 04:29:53 +00:00
parent 64ff8b5181
commit 53775ed59b
1 changed files with 106 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
lib/msf/ui/console/command_dispatcher/db.rb
View File

@ -52,6 +52,7 @@ class Db
"db_autopwn" => "Automatically exploit everything",
"db_import_amap_mlog" => "Import a THC-Amap scan results file (-o -m)",
"db_import_nessus_nbe" => "Import a Nessus scan result file (NBE)",
"db_import_nessus_xml" => "Import a Nessus scan result file (NESSUS)",
"db_import_nmap_xml" => "Import a Nmap scan results file (-oX)",
"db_nmap" => "Executes nmap and records the output automatically",
}
@ -385,52 +386,33 @@ class Db
# EOM
end
#
# Import Nessus NBE files
# This holds all of the shared parsing/handling used by the
# Nessus NBE and NESSUS methods
#
def cmd_db_import_nessus_nbe(*args)
if (not (args and args.length == 1))
print_status("Usage: db_import_nessus_nbe [nessus.nbe]")
return
end
if (not File.readable?(args[0]))
print_status("Could not read the NBE file")
return
end
fd = File.open(args[0], 'r')
fd.each_line do |line|
r = line.split('|')
next if r[0] != 'results'
addr = r[2]
nasl = r[4]
hole = r[5]
data = r[6]
refs = {}
m = r[3].match(/^([^\(]+)\((\d+)\/([^\)]+)\)/)
next if not m
def handle_nessus(addr, port, nasl, data)
p = port.match(/^([^\(]+)\((\d+)\/([^\)]+)\)/)
return if not p
host = framework.db.get_host(nil, addr)
next if not host
return if not host
if host.state != Msf::HostState::Alive
framework.db.report_host_state(self, addr, Msf::HostState::Alive)
end
service = framework.db.get_service(nil, host, m[3].downcase, m[2].to_i)
name = m[1].strip
service = framework.db.get_service(nil, host, p[3].downcase, p[2].to_i)
name = p[1].strip
if name != "unknown"
service.name = name
service.save
end
next if not nasl
return if not nasl
data.gsub!("\\n", "\n")
refs = {}
if (data =~ /^CVE : (.*)$/)
$1.gsub(/C(VE|AN)\-/, '').split(',').map { |r| r.strip }.each do |r|
@ -451,9 +433,11 @@ class Db
end
end
refs[ 'NSS-' + nasl.to_s ] = true
nss = 'NSS-' + nasl.to_s
vuln = framework.db.get_vuln(nil, host, service, 'NSS-' + nasl.to_s, data)
refs[nss] = true
vuln = framework.db.get_vuln(nil, host, service, nss, data)
rids = []
refs.keys.each do |r|
@ -462,9 +446,66 @@ class Db
vuln.refs << (rids - vuln.refs)
end
#
# Import Nessus NBE files
#
def cmd_db_import_nessus_nbe(*args)
if (not (args and args.length == 1))
print_status("Usage: db_import_nessus_nbe [nessus.nbe]")
return
end
if (not File.readable?(args[0]))
print_status("Could not read the NBE file")
return
end
fd = File.open(args[0], 'r')
fd.each_line do |line|
r = line.split('|')
next if r[0] != 'results'
addr = r[2]
port = r[3]
nasl = r[4]
data = r[6]
handle_nessus(addr, port, nasl, data)
end
fd.close
end
#
# Import Nessus NESSUS files
#
def cmd_db_import_nessus_xml(*args)
if (not (args and args.length == 1))
print_status("Usage: db_import_nessus_xml [nessus.nessus]")
return
end
if (not File.readable?(args[0]))
print_status("Could not read the NESSUS file")
return
end
fd = File.open(args[0], 'r')
data = fd.read
fd.close
doc = REXML::Document.new(data)
doc.elements.each('/NessusClientData/Report/ReportHost') do |host|
addr = host.elements['HostName'].text
host.elements.each('ReportItem') do |item|
nasl = item.elements['pluginID'].text
port = item.elements['port'].text
data = item.elements['data'].text
handle_nessus(addr, port, nasl, data)
end
end
end
#
# Import Nmap data from a file