Net::Nessus::ScanLite - This module uses NTP 1.2 fast over SSL to perform nessus attacks on given host(s).
use Net::Nessus::ScanLite; my $nessus = Net::Nessus::ScanLite->new( host => "some.host.net" port => 1234, ssl => 1, ); $nessus->preferences( { host_expansion => 'none', safe_checks => 'yes', checks_read_timeout => 1 }); $nessus->plugin_set("10835;10861;11808;11921;11790"); my $addr = "10.0.0.1"; if( $nessus->login() ) { $nessus->attack($addr); printf("Total info's = %d\n",$nessus->total_info); foreach( $nessus->info_list ) { my $info = $_; printf("Info:\nID: %s\nPort: %s\nDessc: %s\n", $info->ScanID, $info->Port, $info->Description); } printf("Total hole's = %d\n",$nessus->total_holes); foreach( $nessus->hole_list ) { my $info = $_; printf("Info:\nID: %s\nPort: %s\nDessc: %s\n", $info->ScanID, $info->Port, $info->Description); } } else { die("Nessus login failed %d: %s\n",$nessus->code,$nessus->error); }
This module is primarily designed to run single host nessus attacks over a secure ssl connection. Because is uses the nessus NTP 1.2 protocol's "fast_login" option, it can be used in real time applications such as NetReg.
Creates a new Net::Nessus::ScanLite object. OPTIONS are a list of key-value pairs, valid options are :
Host running nessusd daemon.
Port that the nessusd daemon is listning to.
Turn on/off using ssl to connect to nessusd. (Default: 1)
Admin user setup using nessus rules.
Password for the admin account.
NTP protocol version to use when connecting. (Default: 1.2)
A hash ref of valid nessus preferences such as those in nessusd.conf. Example: preferences => { plugin_set => "10835", safe_checks => 'no' }
Timeout passed to IO::Socket when connecting the remote server. (Default: 3)
This can be a path to an ini config file or a Config::IniFiles object.
Example: new( Cfg => "/path/to/inifile" );
Example: my $ini = Config::IniFiles->new( -file => "/path/to/inifile" ); new( Cfg => $ini );
Performs a nessus fast login using a given or preset user/password pair. Resurns 1 upon success, sets code and error methods.
Performs a nessus attack on a given hostname or ip address. Sets code and error methods.
Sets the plugin set for the attack method to use. Example: $nessus->plugin_set("10835;10861;11808;11921;11790");
Sets the preferences sent to the nessesd daemon. Useful to override defaults. Example: $nessus->preferences( { host_expansion => 'none', safe_checks => 'yes', checks_read_timeout => 1 });
Tells the class to use ssl or not. 0 = off, 1 = on. (Default: 1) Only tested using TLSV1 see ssl_version to change this.
Points the class at the server running the nessus daemon.
Points the class at the port the nessus daemon is listning to. (Default: 1241 )
Name of the account you set up using nessus-adduser
Password assigned to the account above.
NTP version sent at login time. This can change results so use with care. (Default: 1.2)
Version of ssl nessusd is using. I've not done much with this passed directly to IO::Socket::SSL::SSL_version
Returns or sets the current IO::Socket handle.
Timeout sent to IO::Socket; (Default: 3)
Returns the number of HOLES found in the scan.
Returns the number of INFO found in the scan.
Returns a reference to an array of Net::Nessus::Message::HOLE objects.
Sane as hole but holds info.
Returns an array of Net::Nessus::Message::HOLE objects.
Returns an array of Net::Nessus::Message::INFO objects.
Returns an array hash results suitable for use with an HTML::Template object.
The following keys are seeded for each Net::Nessus::Message objects;
port host description service proto scanid
Sane as holes2tmpl but holds info.
Returns the error code from last operation, non zero means error.
Returns an error message.
Returns the "host:port" of the server your connected to.
The path or handle of the Config::IniFiles configuration file if used.
Sets or gets the section in the ini file to get the nessus host/login infomation. (Default: nessus)
Sets or gets the section in the ini file to get the nessus preferences. (Default: preferences)
Sets or gets the section in the ini file to use as default in case it can't find something. (Default: defaults)
Note that this module has been tested using nessusd (Nessus) 2.0.9 for SunOS.
Perhaps configuration from a .nessusrc. Could be gnarly.
This class relies heavily on work done by Jochen Wiedmann's Net::Nessus bundle.
IO::Socket::SSL Config::IniFiles Net::Nessus::Client Net::Nessus::Message
John Ballem, <jpb@brown.edu>
Copyright (C) 2003 by John Ballem
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.0 or, at your option, any later version of Perl 5 you may have available.
1 POD Error
The following errors were encountered while parsing the POD:
You forgot a '=back' before '=head1'
To install Net::Nessus::ScanLite, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Net::Nessus::ScanLite
CPAN shell
perl -MCPAN -e shell install Net::Nessus::ScanLite
For more information on module installation, please visit the detailed CPAN module installation guide.