net::nessus::client examples
Tiago
tstock at tiago.com
Tue Dec 7 00:07:36 EST 2004
The only thing I though weird in the code was
> $reply = $client->GetMsg('', '10');
I think you can use
> $reply = $client->GetMsg();
also, undef is not the same as '', they are both "false" in perl, but the
empty string is defined, undef is not.
let me know how that works,
Tiago
--
On Sun, 5 Dec 2004, Stuart Kendrick wrote:
> hi joe,
>
> would you have any Net::Nessus::Client examples you'd be willing to share
> with me?
>
> or would you be willing to point out what mistakes i'm making below?
>
> i would like to use your Perl module to write my own code to drive Nessus
> scans ... but i don't understand yet how to use your
> Net::Nessus::Client module.
>
>
>
> here's the basic code i'm using:
>
>
> ------------------------------------------------
> #!/opt/vdops/bin/perl
>
> use strict;
> use warnings;
> use Data::Dumper;
> use Net::Nessus::Client;
> use Net::Nessus::Message;
>
> my ($client, $errors, $messages, $nessusPrefs, $msg, $nessusPluginsPrefs,
> $reply, $target);
>
> $target = "lamb";
>
> $client = Net::Nessus::Client->new ( host => 'vishnu',
> user => 'smith',
> password => 'secret',
> ntp_proto => '1.2',
> Timeout => '1800'
> );
>
> $nessusPrefs = { ping_hosts => 'yes',
> port_range => 'foo-fozzle',
> optimize_test => 'yes',
> safe_checks => 'yes',
> auto_enable_dependencies => 'yes',
> plugin_set => '10265'
> };
>
> $msg = Net::Nessus::Message::PREFERENCES->new($nessusPrefs);
> $reply = $client->Print($msg);
> print "prefs reply =\n";
> print Dumper($reply);
>
> print "GetMsg for prefs=\n";
> $reply = $client->GetMsg('', '10');
> print Dumper($reply);
>
> $messages = $client->Attack($target);
> ------------------------------------------------
>
> notice the broken 'port_range' choice ... 'foo-fozzle' is nonsense ...
>
> vishnu> ./test-module
> prefs reply =
> $VAR1 = 1;
> GetMsg for prefs=
> Wrong message type, expected , received PREFERENCES_ERRORS at /opt/vdops/lib/per
> l5/site_perl/5.8.5/Net/Nessus/Message.pm line 137.
> vishnu>
>
> **********
> Question #1: from reading the documentation, i thought i could leave the
> first argument of GetMsg undefined ... but it looks like i cannot. what
> am i doing incorrectly?
> **********
>
> ok, so if i change:
> $reply = $client->GetMsg('', '10');
> to
> $reply = $client->GetMsg('PREFERENCES_ERRORS', '10');
>
>
> and try again:
>
> vishnu> ./test-module
> prefs reply =
> $VAR1 = 1;
> GetMsg for prefs=
> $VAR1 = bless( {
> 'fields' => [],
> 'prefs' => {},
> 'lines' => []
> }, 'Net::Nessus::Message::PREFERENCES_ERRORS' );
> read error: Connection reset by peer at
> /opt/vdops/lib/perl5/site_perl/5.8.5/Net/Nessus/Message.pm line 122
> vishnu>
>
> then ... i don't see Nessus returning any errors, despite the
> broken "foo-fozzle' parameter. the attack fails, of course, i'm guessing
> that Net::Telnet returns the 'read error'
>
>
> **********
> Question #2: how do i correctly retrieve PREFERENCES_ERRORS?
> **********
>
>
>
> ok, so let's say i fix my 'port_range' to read '160-162':
>
> $nessusPrefs = { ping_hosts => 'yes',
> port_range => '160-162',
> optimize_test => 'yes',
> safe_checks => 'yes',
> auto_enable_dependencies => 'yes',
> plugin_set => '10265'
> };
>
>
> and i add a little more code:
>
> ------------------------------------------------
> $messages = $client->Attack($target);
>
> print "messages =\n";
> print Dumper($messages);
>
> print "show status\n";
> eval { $msg = $client->GetMsg('STATUS', '10') };
> $reply = $client->ShowSTATUS($msg);
> print Dumper($reply);
>
> print "show error\n";
> eval { $msg = $client->GetMsg('ERROR', '10') };
> $reply = $client->ShowERROR($msg);
> print Dumper($reply);
>
> print "show port\n";
> eval { $msg = $client->GetMsg('PORT', '10') };
> $reply = $client->ShowPORT($msg);
> print Dumper($reply);
>
> print "show hole\n";
> eval { $msg = $client->GetMsg('HOLE', '10') };
> $reply = $client->ShowHOLE($msg);
> print Dumper($reply);
>
> print "show info\n";
> eval { $msg = $client->GetMsg('INFO', '10') };
> $reply = $client->ShowINFO($msg);
> print Dumper($reply);
>
> print "show bye\n";
> eval { $msg = $client->GetMsg('BYE', '10') };
> $reply = $client->ShowBYE($msg);
> print Dumper($reply);
> ------------------------------------------------
>
> and i try running this:
>
> vishnu> ./test-module
> prefs reply =
> $VAR1 = 1;
> GetMsg for prefs=
> $VAR1 = bless( {
> 'fields' => [],
> 'prefs' => {},
> 'lines' => []
> }, 'Net::Nessus::Message::PREFERENCES_ERRORS' );
> messages =
> show status
> $VAR1 = undef;
> show error
> $VAR1 = undef;
> show port
> Can't locate object method "Port" via package
> "Net::Nessus::Message::PREFERENCES" at /opt/vdops/lib/perl5/site_perl/5.8.5/Net/Nessus/Client.pm line 300.
> vishnu>
>
>
> **********
> Question #3
> **********
> how do i query the STATUS of a Nessus attack ... the $client->Attack call
> blocks until it is finished ... so by the time my code has a chance to
> call $client->GetMsg('STATUS' ...) ... the attack is completed.
>
>
> if i comment out the PORT lines in my code:
>
> #print "show port\n";
> #eval { $msg = $client->GetMsg('PORT', '10') };
> #$reply = $client->ShowPORT($msg);
> #print Dumper($reply);
>
> and run it again:
>
> vishnu> ./test-module
> [...]
> show error
> $VAR1 = undef;
> show hole
> Can't locate object method "Port" via package
> "Net::Nessus::Message::PREFERENCES" at /opt/vdops/lib/perl5/site_perl/5.8.5/Net/Nessus/Client.pm line 300.
> vishnu>
>
> i still see this 'Can't locate object method "Port" via package ..."
> message
>
>
> **********
> Question #4
> **********
> why does this "Port" error message show up, even when i'm invoking
> $client->ShowHOLE ?
>
>
>
> i realize that this is a lot to ask ... but i'm stuck, so i figured i
> would at least drop you a note. i've been searching the 'Net for sample
> code ... i learn well by example ... but i haven't found any.
>
> tia,
>
> --sk
>
> stuart kendrick
> fhcrc
>
More information about the Nessus
mailing list