Class: NessusREST::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/nessus_rest.rb

Overview

Client class implementation of Nessus (6+) JSON REST protocol. Class which uses standard JSON lib to parse nessus JSON REST replies.

Typical Usage:

require 'nessus_rest'

n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
qs=n.scan_quick_template('basic','name-of-scan','localhost')
scanid=qs['scan']['id']
n.scan_wait4finish(scanid)
n.report_download_file(scanid,'csv','myscanreport.csv')

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(params = {}) {|@connection| ... } ⇒ Client

initialize object: try to connect to Nessus Scanner using URL, user and password (or any other defaults)

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')

Yields:

  • (@connection) 


82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
# File 'lib/nessus_rest.rb', line 82

def initialize(params={})
  # defaults
  @nessusurl = params.fetch(:url,'https://127.0.0.1:8834/')
  @username = params.fetch(:username,'nessus')
  @password = params.fetch(:password,'nessus')
  @ssl_verify = params.fetch(:ssl_verify,false)
  @ssl_use = params.fetch(:ssl_use,true)
  @autologin = params.fetch(:autologin, true)
  @defsleep = params.fetch(:defsleep, 1)
  @httpretry = params.fetch(:httpretry, 3)
  @httpsleep = params.fetch(:httpsleep, 1)

  init_quick_defaults()

  uri = URI.parse(@nessusurl)
  @connection = Net::HTTP.new(uri.host, uri.port)
  @connection.use_ssl = @ssl_use

  if @ssl_verify
    @connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
  else
    @connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
  end
    
  yield @connection if block_given?
    authenticate(@username, @password) if @autologin
end

Instance Attribute Details

#autologinObject

Returns the value of attribute autologin.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def autologin
  @autologin
end

#defsleepObject

Returns the value of attribute defsleep.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def defsleep
  @defsleep
end

#httpretryObject

Returns the value of attribute httpretry.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def httpretry
  @httpretry
end

#httpsleepObject

Returns the value of attribute httpsleep.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def httpsleep
  @httpsleep
end

#quick_defaultsObject

Returns the value of attribute quick_defaults.



54
55
56
 
# File 'lib/nessus_rest.rb', line 54

def quick_defaults
  @quick_defaults
end

#ssl_useObject

Returns the value of attribute ssl_use.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def ssl_use
  @ssl_use
end

#ssl_verifyObject

Returns the value of attribute ssl_verify.



55
56
57
 
# File 'lib/nessus_rest.rb', line 55

def ssl_verify
  @ssl_verify
end

#x_cookieObject (readonly)

Returns the value of attribute x_cookie.



56
57
58
 
# File 'lib/nessus_rest.rb', line 56

def x_cookie
  @x_cookie
end

Instance Method Details

#authdefaultObject

Tries to authenticate to the Nessus REST JSON interface

returns: true if logged in, false if not

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :autologin=>false, 
   :username=>'nessususer', :password=>'nessuspassword')
if n.authdefault

puts “Logged in”

else

puts “Error”

end



142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
 
# File 'lib/nessus_rest.rb', line 142

def authdefault
  payload = {
    :username => @username,
    :password => @password,
    :json => 1,
    :authenticationmethod => true
  }
  res = http_post(:uri=>"/session", :data=>payload)
  if res['token']
    @token = "token=#{res['token']}"
    @x_cookie = {'X-Cookie'=>@token}
    return true
  else
    false
  end
end

#authenticate(username, password) ⇒ Object Also known as: login

Tries to authenticate to the Nessus REST JSON interface

returns: true if logged in, false if not

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :autologin=>false)
if n.authenticate('user','pass')

puts “Logged in”

else

puts “Error”

end



122
123
124
125
126
 
# File 'lib/nessus_rest.rb', line 122

def authenticate(username, password)
  @username = username
  @password = password
  authdefault
end

#authenticatedObject

checks if we’re logged in correctly

returns: true if logged in, false if not

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
if n.authenticated

puts “Logged in”

else

puts “Error”

end



171
172
173
174
175
176
177
 
# File 'lib/nessus_rest.rb', line 171

def authenticated
  if (@token && @token.include?('token='))
    return true
  else
    return false
  end
end

#editor_templates(type, uuid) ⇒ Object

Get template by type and uuid. Type can be ‘policy’ or ‘scan’

returns: JSON parsed object with template

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.editor_templates('scan',uuid)



465
466
467
 
# File 'lib/nessus_rest.rb', line 465

def editor_templates (type, uuid)
  res = http_get(:uri=>"/editor/#{type}/templates/#{uuid}", :fields=>x_cookie)
end

#get_server_propertiesObject Also known as: server_properties

try to get server properties

returns: JSON parsed object with server properties

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.get_server_properties



187
188
189
 
# File 'lib/nessus_rest.rb', line 187

def get_server_properties
  http_get(:uri=>"/server/properties", :fields=>x_cookie)
end

#host_detail(scan_id, host_id) ⇒ Object

Get host details from the scan

returns: JSON parsed object with host details

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.host_detail(123, 1234)



560
561
562
 
# File 'lib/nessus_rest.rb', line 560

def host_detail(scan_id, host_id)
  res = http_get(:uri=>"/scans/#{scan_id}/hosts/#{host_id}", :fields=>x_cookie)
end

#http_delete(opts = {}) ⇒ Object

Perform HTTP delete method with uri, data and fields

returns: HTTP result object

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
res = n.http_delete(:uri=>"/session", :fields=>n.x_cookie)
puts res.code



656
657
658
659
660
661
662
663
664
665
 
# File 'lib/nessus_rest.rb', line 656

def http_delete(opts={})
  ret=http_delete_low(opts)
  if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
	authdefault
	ret=http_delete_low(opts)
	return ret
  else
	return ret
  end
end

#http_delete_low(opts = {}) ⇒ Object 



667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
 
# File 'lib/nessus_rest.rb', line 667

def http_delete_low(opts={})
  uri    = opts[:uri]
  fields = opts[:fields] || {}
  res    = nil
  tries  = @httpretry

  req = Net::HTTP::Delete.new(uri)

  fields.each_pair do |name, value|
    req.add_field(name, value)
  end

  begin
	tries -= 1
    res = @connection.request(req)
  rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
	if tries>0
	  sleep @httpsleep
	  retry
	else
	  return res
	end
  rescue URI::InvalidURIError
    return res
  end

  res
end

#http_get(opts = {}) ⇒ Object

Perform HTTP get method with uri and fields

returns: JSON parsed object (if JSON parseable)

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.http_get(:uri=>"/users", :fields=>n.x_cookie)



704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
 
# File 'lib/nessus_rest.rb', line 704

def http_get(opts={})
  raw_content = opts[:raw_content] || false
  ret=http_get_low(opts)
  if !raw_content then
	if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
      authdefault
      ret=http_get_low(opts)
      return ret
    else
      return ret
	end
  else
	return ret
  end
end

#http_get_low(opts = {}) ⇒ Object 



720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
 
# File 'lib/nessus_rest.rb', line 720

def http_get_low(opts={})
  uri    = opts[:uri]
  fields = opts[:fields] || {}
  raw_content = opts[:raw_content] || false
  json   = {}
  tries  = @httpretry

  req = Net::HTTP::Get.new(uri)
  fields.each_pair do |name, value|
    req.add_field(name, value)
  end

  begin
    tries -= 1
    res = @connection.request(req)
  rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
    if tries>0
      sleep @httpsleep
      retry
    else
      return json
    end
  rescue URI::InvalidURIError
    return json
  end
  if !raw_content
    parse_json(res.body)
  else
    res.body
  end
end

#http_post(opts = {}) ⇒ Object

Perform HTTP post method with uri, data, body and fields

returns: JSON parsed object (if JSON parseable)

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>n.x_cookie)



760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
 
# File 'lib/nessus_rest.rb', line 760

def http_post(opts={})
  if opts.has_key?(:authenticationmethod) then
    # i know authzmethod = opts.delete(:authorizationmethod) is short, but not readable
    authzmethod = opts[:authenticationmethod]
    opts.delete(:authenticationmethod)
  end
  ret=http_post_low(opts)
  if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
	if not authzmethod
      authdefault
	  ret=http_post_low(opts)
	  return ret
    end
  else
	return ret
  end
end

#http_post_low(opts = {}) ⇒ Object 



778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
 
# File 'lib/nessus_rest.rb', line 778

def http_post_low(opts={})
  uri    = opts[:uri]
  data   = opts[:data]
  fields = opts[:fields] || {}
  body   = opts[:body]
  ctype  = opts[:ctype]
  json   = {}
  tries  = @httpretry

  req = Net::HTTP::Post.new(uri)
  req.set_form_data(data) unless (data.nil? || data.empty?)
  req.body = body unless (body.nil? || body.empty?)
  req['Content-Type'] = ctype unless (ctype.nil? || ctype.empty?)
  fields.each_pair do |name, value|
    req.add_field(name, value)
  end

  begin
	tries -= 1
    res = @connection.request(req)
  rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
	if tries>0
      sleep @httpsleep
	  retry
	else
	  return json
	end
  rescue URI::InvalidURIError
    return json
  end

  parse_json(res.body)
end

#http_put(opts = {}) ⇒ Object

Perform HTTP put method with uri, data and fields

returns: HTTP result object

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
payload = {
  :password => password, 
  :json => 1
}
res = n.http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>n.x_cookie)
puts res.code



606
607
608
609
610
611
612
613
614
615
 
# File 'lib/nessus_rest.rb', line 606

def http_put(opts={})
  ret=http_put_low(opts)
  if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
	authdefault
	ret=http_put_low(opts)
	return ret
  else
	return ret
  end
end

#http_put_low(opts = {}) ⇒ Object 



617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
 
# File 'lib/nessus_rest.rb', line 617

def http_put_low(opts={})
  uri    = opts[:uri]
  data   = opts[:data]
  fields = opts[:fields] || {}
  res    = nil
  tries  = @httpretry

  req = Net::HTTP::Put.new(uri)
  req.set_form_data(data) unless (data.nil? || data.empty?)
  fields.each_pair do |name, value|
    req.add_field(name, value)
  end

  begin
	tries -= 1
    res = @connection.request(req)
  rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
	if tries>0
	  sleep @httpsleep
	  retry
	else
	  return res
	end
  rescue URI::InvalidURIError
    return res
  end

  res
end

#init_quick_defaultsObject

initialize quick scan defaults: these will be used when not specifying defaults

Usage: 

n.init_quick_defaults()



68
69
70
71
72
73
74
 
# File 'lib/nessus_rest.rb', line 68

def init_quick_defaults
  @quick_defaults=Hash.new
  @quick_defaults['enabled']=false
  @quick_defaults['launch']='ONETIME'
  @quick_defaults['launch_now']=true
  @quick_defaults['description']='Created with nessus_rest'
end

#is_adminObject

check if logged in user is administrator

returns: boolean value depending if user is administrator or not

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
if n.is_admin

puts “Administrator”

else

puts “NOT administrator”

end



358
359
360
361
362
363
364
365
 
# File 'lib/nessus_rest.rb', line 358

def is_admin
  res = http_get(:uri=>"/session", :fields=>x_cookie)
  if res['permissions'] == 128
    return true
  else
    return false
  end
end

#list_familiesObject

Get List of Families

returns: JSON parsed object with list of families

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_families



314
315
316
 
# File 'lib/nessus_rest.rb', line 314

def list_families
  http_get(:uri=>"/plugins/families", :fields=>x_cookie)
end

#list_foldersObject

Get List of Folders

returns: JSON parsed object with list of folders

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_folders



290
291
292
 
# File 'lib/nessus_rest.rb', line 290

def list_folders
  http_get(:uri=>"/folders", :fields=>x_cookie)
end

#list_plugins(family_id) ⇒ Object

Get List of Plugins

returns: JSON parsed object with list of plugins

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_plugins



326
327
328
 
# File 'lib/nessus_rest.rb', line 326

def list_plugins(family_id)
  http_get(:uri=>"/plugins/families/#{family_id}", :fields=>x_cookie)
end

#list_policiesObject

Get List of Policies

returns: JSON parsed object with list of policies

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_policies



266
267
268
 
# File 'lib/nessus_rest.rb', line 266

def list_policies
  http_get(:uri=>"/policies", :fields=>x_cookie)
end

#list_scannersObject

Get List of Scanners

returns: JSON parsed object with list of scanners

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_scanners



302
303
304
 
# File 'lib/nessus_rest.rb', line 302

def list_scanners
  http_get(:uri=>"/scanners", :fields=>x_cookie)
end

#list_templates(type) ⇒ Object

Get List of Templates

returns: JSON parsed object with list of templates

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_templates



338
339
340
 
# File 'lib/nessus_rest.rb', line 338

def list_templates(type)
  res = http_get(:uri=>"/editor/#{type}/templates", :fields=>x_cookie)
end

#list_usersObject

Get List of Users

returns: JSON parsed object with list of users

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.list_users



278
279
280
 
# File 'lib/nessus_rest.rb', line 278

def list_users
  http_get(:uri=>"/users", :fields=>x_cookie)
end

#parse_json(body) ⇒ Object

Perform JSON parsing of body

returns: JSON parsed object (if JSON parseable)



816
817
818
819
820
821
822
823
824
825
 
# File 'lib/nessus_rest.rb', line 816

def parse_json(body)
  buf = {}

  begin
    buf = JSON.parse(body)
  rescue JSON::ParserError
  end

  buf
end

#plugin_details(plugin_id) ⇒ Object 



342
343
344
 
# File 'lib/nessus_rest.rb', line 342

def plugin_details(plugin_id)
  http_get(:uri=>"/plugins/plugin/#{plugin_id}", :fields=>x_cookie)
end

#policy_delete(policy_id) ⇒ Object 



452
453
454
455
 
# File 'lib/nessus_rest.rb', line 452

def policy_delete(policy_id)
  res = http_delete(:uri=>"/policies/#{policy_id}", :fields=>x_cookie)
  return res.code
end

#report_download(scan_id, file_id) ⇒ Object 



564
565
566
 
# File 'lib/nessus_rest.rb', line 564

def report_download(scan_id, file_id)
  res = http_get(:uri=>"/scans/#{scan_id}/export/#{file_id}/download", :raw_content=> true, :fields=>x_cookie)
end

#report_download_file(scan_id, format, outputfn) ⇒ Object 



582
583
584
585
586
587
 
# File 'lib/nessus_rest.rb', line 582

def report_download_file(scan_id, format, outputfn)
  report_content=report_download_quick(scan_id, format)
  File.open(outputfn, 'w') do |f| 
    f.write(report_content)
  end
end

#report_download_quick(scan_id, format) ⇒ Object 



568
569
570
571
572
573
574
575
576
577
578
579
580
 
# File 'lib/nessus_rest.rb', line 568

def report_download_quick(scan_id, format) 
  se=scan_export(scan_id,format)
  # ready, loading
  while (status = scan_export_status(scan_id,se['file'])['status']) != "ready" do
    # puts status
    if status.nil? or status == '' then
      return nil
    end
    sleep @defsleep
  end
  rf=report_download(scan_id,se['file'])
  return rf
end

#scan_create(uuid, settings) ⇒ Object 



379
380
381
382
383
384
385
386
 
# File 'lib/nessus_rest.rb', line 379

def scan_create(uuid, settings)
  payload = {
	:uuid => uuid, 
	:settings => settings,
	:json => 1
  }.to_json
  http_post(:uri=>"/scans", :body=>payload, :fields=>x_cookie, :ctype=>'application/json')
end

#scan_delete(scan_id) ⇒ Object

delete scan with scan_id

returns: boolean (true if deleted)

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
puts n.scan_delete(1)



444
445
446
447
448
449
450
 
# File 'lib/nessus_rest.rb', line 444

def scan_delete(scan_id)
  res = http_delete(:uri=>"/scans/#{scan_id}", :fields=>x_cookie)
  if res.code == 200 then
    return true
  end
  return false
end

#scan_details(scan_id) ⇒ Object 



405
406
407
 
# File 'lib/nessus_rest.rb', line 405

def scan_details(scan_id)
  http_get(:uri=>"/scans/#{scan_id}", :fields=>x_cookie)
end

#scan_export(scan_id, format) ⇒ Object 



421
422
423
424
425
426
 
# File 'lib/nessus_rest.rb', line 421

def scan_export(scan_id, format)
  payload = {
    :format => format
  }.to_json
  http_post(:uri=>"/scans/#{scan_id}/export", :body=>payload, :ctype=>'application/json', :fields=>x_cookie)
end

#scan_export_status(scan_id, file_id) ⇒ Object 



428
429
430
431
432
433
434
 
# File 'lib/nessus_rest.rb', line 428

def scan_export_status(scan_id, file_id)
  request = Net::HTTP::Get.new("/scans/#{scan_id}/export/#{file_id}/status")
  request.add_field("X-Cookie", @token)
  res = @connection.request(request)
  res = JSON.parse(res.body)
  return res
end

#scan_finished?(scan_id) ⇒ Boolean

Returns:

  • (Boolean) 


537
538
539
540
541
542
543
 
# File 'lib/nessus_rest.rb', line 537

def scan_finished?(scan_id)
  ss=scan_status(scan_id)
  if ss == 'completed' or ss == 'canceled' or ss == 'imported' then
    return true
  end
  return false
end

#scan_launch(scan_id) ⇒ Object 



388
389
390
 
# File 'lib/nessus_rest.rb', line 388

def scan_launch(scan_id)
  http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>x_cookie)
end

#scan_listObject Also known as: list_scans

Get List of Scans

returns: JSON parsed object with list of scans

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.scan_list



400
401
402
 
# File 'lib/nessus_rest.rb', line 400

def scan_list
  http_get(:uri=>"/scans", :fields=>x_cookie)
end

#scan_pause(scan_id) ⇒ Object 



409
410
411
 
# File 'lib/nessus_rest.rb', line 409

def scan_pause(scan_id)
  http_post(:uri=>"/scans/#{scan_id}/pause", :fields=>x_cookie)
end

#scan_quick_policy(policyname, name, targets) ⇒ Object

Performs scan with scan policy provided (uuid of policy or policy name). Name is your scan name and targets are targets for scan

returns: JSON parsed object with scan info

Usage:

require 'nessus_rest'

n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
qs=n.scan_quick_policy('myscanpolicy','name-of-scan','localhost')
scanid=qs['scan']['id']
n.scan_wait4finish(scanid)
n.report_download_file(scanid,'nessus','myscanreport.nessus')



514
515
516
517
518
519
520
521
522
523
524
525
526
527
 
# File 'lib/nessus_rest.rb', line 514

def scan_quick_policy (policyname, name, targets)
  templates=list_policies['policies'].select do |pol|
    pol['template_uuid'] == policyname or pol['name'] == policyname
  end
  if templates.nil? then
	return nil
  end
  tuuid=templates.first['template_uuid']
  et=Hash.new
  et.merge!(@quick_defaults)
  et['name']=name
  et['text_targets']=targets
  sc=scan_create(tuuid,et)
end

#scan_quick_template(templatename, name, targets) ⇒ Object

Performs scan with templatename provided (name, title or uuid of scan). Name is your scan name and targets are targets for scan

returns: JSON parsed object with scan info

Usage:

require 'nessus_rest'

n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
qs=n.scan_quick_template('basic','name-of-scan','localhost')
scanid=qs['scan']['id']
n.scan_wait4finish(scanid)
n.report_download_file(scanid,'csv','myscanreport.csv')



484
485
486
487
488
489
490
491
492
493
494
495
496
497
 
# File 'lib/nessus_rest.rb', line 484

def scan_quick_template (templatename, name, targets)
  templates=list_templates('scan')['templates'].select do |temp| 
    temp['uuid'] == templatename or temp['name'] == templatename or temp['title'] == templatename
  end
  if templates.nil? then
    return nil
  end
  tuuid=templates.first['uuid']
  et=editor_templates('scan',tuuid)
  et.merge!(@quick_defaults)
  et['name']=name
  et['text_targets']=targets
  sc=scan_create(tuuid,et)
end

#scan_resume(scan_id) ⇒ Object 



413
414
415
 
# File 'lib/nessus_rest.rb', line 413

def scan_resume(scan_id)
  http_post(:uri=>"/scans/#{scan_id}/resume", :fields=>x_cookie)
end

#scan_status(scan_id) ⇒ Object 



529
530
531
532
533
534
535
 
# File 'lib/nessus_rest.rb', line 529

def scan_status(scan_id)
  sd=scan_details(scan_id)
  if not sd['error'].nil?
    return 'error'
  end
  return sd['info']['status']
end

#scan_stop(scan_id) ⇒ Object 



417
418
419
 
# File 'lib/nessus_rest.rb', line 417

def scan_stop(scan_id)
  http_post(:uri=>"/scans/#{scan_id}/stop", :fields=>x_cookie)
end

#scan_wait4finish(scan_id) ⇒ Object 



545
546
547
548
549
550
 
# File 'lib/nessus_rest.rb', line 545

def scan_wait4finish(scan_id)
  while not scan_finished?(scan_id) do
    # puts scan_status(scan_id)
    sleep @defsleep
  end
end

#server_statusObject

Get server status

returns: JSON parsed object with server status

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.server_status



375
376
377
 
# File 'lib/nessus_rest.rb', line 375

def server_status
  http_get(:uri=>"/server/status", :fields=>x_cookie)
end

#user_add(username, password, permissions, type) ⇒ Object

Add user to server

returns: JSON parsed object

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
pp n.user_add('user','password','16','local')

Reference: localhost:8834/api#/resources/users/create



203
204
205
206
207
208
209
210
211
212
 
# File 'lib/nessus_rest.rb', line 203

def user_add(username, password, permissions, type)
  payload = {
    :username => username, 
    :password => password, 
    :permissions => permissions, 
    :type => type, 
    :json => 1
  }
  http_post(:uri=>"/users", :fields=>x_cookie, :data=>payload)
end

#user_chpasswd(user_id, password) ⇒ Object

change password for user_id

returns: result code

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
puts n.user_chpasswd(1,'newPassword')



235
236
237
238
239
240
241
242
 
# File 'lib/nessus_rest.rb', line 235

def user_chpasswd(user_id, password)
  payload = {
    :password => password, 
    :json => 1
  }
  res = http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>x_cookie)
  return res.code
end

#user_delete(user_id) ⇒ Object

delete user with user_id

returns: result code

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
puts n.user_delete(1)



222
223
224
225
 
# File 'lib/nessus_rest.rb', line 222

def user_delete(user_id)
  res = http_delete(:uri=>"/users/#{user_id}", :fields=>x_cookie)
  return res.code
end

#user_logoutObject Also known as: logout

logout from the server

returns: result code

Usage:

n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
puts n.user_logout



252
253
254
255
 
# File 'lib/nessus_rest.rb', line 252

def user_logout
  res = http_delete(:uri=>"/session", :fields=>x_cookie)
  return res.code
end