NetExec/nxc/parsers/nessus.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import xmltodict

# Ideally i'd like to be able to pull this info out dynamically from each protocol object but i'm a lazy bastard
protocol_dict = {
    "smb": {"ports": [445, 139], "services": ["smb", "cifs"]},
    "mssql": {"ports": [1433], "services": ["mssql"]},
    "ssh": {"ports": [22], "services": ["ssh"]},
    "winrm": {"ports": [5986, 5985], "services": ["www", "https?"]},
    "http": {"ports": [80, 443, 8443, 8008, 8080, 8081], "services": ["www", "https?"]},
}


def parse_nessus_file(nessus_file, protocol):
    targets = []

    def handle_nessus_file(path, item):
        # Must return True otherwise xmltodict will throw a ParsingIterrupted() exception
        # https://github.com/martinblech/xmltodict/blob/master/xmltodict.py#L219

        if any("ReportHost" and "ReportItem" in values for values in path):
            item = dict(path)
            ip = item["ReportHost"]["name"]
            if ip in targets:
                return True

            port = item["ReportItem"]["port"]
            svc_name = item["ReportItem"]["svc_name"]

            if port in protocol_dict[protocol]["ports"]:
                targets.append(ip)
            if svc_name in protocol_dict[protocol]["services"]:
                targets.append(ip)

            return True
        else:
            return True

    with open(nessus_file, "r") as file_handle:
        xmltodict.parse(file_handle, item_depth=4, item_callback=handle_nessus_file)

    return targets
Adding shebang and encoding utf-8 for all python files 2022-07-18 23:59:14 +00:00			`#!/usr/bin/env python3`
			`# -- coding: utf-8 --`

Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`import xmltodict`

			`# Ideally i'd like to be able to pull this info out dynamically from each protocol object but i'm a lazy bastard`
			`protocol_dict = {`
black formating 2023-05-02 15:17:59 +00:00			`"smb": {"ports": [445, 139], "services": ["smb", "cifs"]},`
			`"mssql": {"ports": [1433], "services": ["mssql"]},`
			`"ssh": {"ports": [22], "services": ["ssh"]},`
			`"winrm": {"ports": [5986, 5985], "services": ["www", "https?"]},`
			`"http": {"ports": [80, 443, 8443, 8008, 8080, 8081], "services": ["www", "https?"]},`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`}`


			`def parse_nessus_file(nessus_file, protocol):`
			`targets = []`

			`def handle_nessus_file(path, item):`
			`# Must return True otherwise xmltodict will throw a ParsingIterrupted() exception`
			`# https://github.com/martinblech/xmltodict/blob/master/xmltodict.py#L219`

black formating 2023-05-02 15:17:59 +00:00			`if any("ReportHost" and "ReportItem" in values for values in path):`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`item = dict(path)`
black formating 2023-05-02 15:17:59 +00:00			`ip = item["ReportHost"]["name"]`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`if ip in targets:`
			`return True`

black formating 2023-05-02 15:17:59 +00:00			`port = item["ReportItem"]["port"]`
			`svc_name = item["ReportItem"]["svc_name"]`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00
black formating 2023-05-02 15:17:59 +00:00			`if port in protocol_dict[protocol]["ports"]:`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`targets.append(ip)`
black formating 2023-05-02 15:17:59 +00:00			`if svc_name in protocol_dict[protocol]["services"]:`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`targets.append(ip)`

			`return True`
			`else:`
			`return True`

black formating 2023-05-02 15:17:59 +00:00			`with open(nessus_file, "r") as file_handle:`
Added WINRM support, NMap XML and .Nessus parsing - Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting) - Added support for NMap XML and .Nessus files if given as targets - Fixed a bug in the MSSQL protocol which caused it to not retrieve host info - Version Bump 2017-10-25 02:08:19 +00:00			`xmltodict.parse(file_handle, item_depth=4, item_callback=handle_nessus_file)`

			`return targets`