dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Nessus plugin - add search to relevant commands 

Utilize the SearchTerm param in Rex' Tables to filter scrolling
outputs.
Clean up argument parsing (implement one of the MSF standards).
Update help commands to reflect changes

Testing: basic functional tests only so far
This commit is contained in:
RageLtMan 2016-01-31 22:11:20 -05:00
parent 1828b7fda6
commit 4992c5c3c5
1 changed files with 435 additions and 302 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

589
plugins/nessus.rb
View File

@ -36,10 +36,6 @@ module Msf
"#{Msf::Config.local_directory}"
end
def cmd_nessus_index
nessus_index
end
def commands
{
"nessus_connect" => "Connect to a nessus server: nconnect username:password@hostname:port <verify_ssl>",
@ -84,75 +80,6 @@ module Msf
}
end
def cmd_nessus_help(*args)
tbl = Rex::Ui::Text::Table.new(
'Columns' => [
"Command",
"Help Text"
],
'SortIndex' => -1
)
tbl << [ "Generic Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_connect", "Connect to a Nessus server" ]
tbl << [ "nessus_logout", "Logout from the Nessus server" ]
tbl << [ "nessus_login", "Login into the connected Nesssus server with a different username and password"]
tbl << [ "nessus_save", "Save credentials of the logged in user to nessus.yml"]
tbl << [ "nessus_help", "Listing of available nessus commands" ]
tbl << [ "nessus_server_properties", "Nessus server properties such as feed type, version, plugin set and server UUID." ]
tbl << [ "nessus_server_status", "Check the status of your Nessus Server" ]
tbl << [ "nessus_admin", "Checks if user is an admin" ]
tbl << [ "nessus_template_list", "List scan or policy templates" ]
tbl << [ "nessus_folder_list", "List all configured folders on the Nessus server" ]
tbl << [ "nessus_scanner_list", "List all the scanners configured on the Nessus server" ]
tbl << [ "Nessus Database Commands", "" ]
tbl << [ "-----------------", "-----------------" ]
tbl << [ "nessus_db_scan", "Create a scan of all IP addresses in db_hosts" ]
tbl << [ "nessus_db_import", "Import Nessus scan to the Metasploit connected database" ]
tbl << [ "", ""]
tbl << [ "Reports Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_report_hosts", "Get list of hosts from a report" ]
tbl << [ "nessus_report_vulns", "Get list of vulns from a report" ]
tbl << [ "nessus_report_host_details", "Get detailed information from a report item on a host" ]
tbl << [ "", ""]
tbl << [ "Scan Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_scan_list", "List of all current Nessus scans" ]
tbl << [ "nessus_scan_new", "Create a new Nessus Scan" ]
tbl << [ "nessus_scan_launch", "Launch a newly created scan. New scans need to be manually launched through this command" ]
tbl << [ "nessus_scan_pause", "Pause a running Nessus scan" ]
tbl << [ "nessus_scan_pause_all", "Pause all running Nessus scans" ]
tbl << [ "nessus_scan_stop", "Stop a running or paused Nessus scan" ]
tbl << [ "nessus_scan_stop_all", "Stop all running or paused Nessus scans" ]
tbl << [ "nessus_scan_resume", "Resume a pasued Nessus scan" ]
tbl << [ "nessus_scan_resume_all", "Resume all paused Nessus scans" ]
tbl << [ "nessus_scan_details", "Return detailed information of a given scan" ]
tbl << [ "nessus_scan_export", "Export a scan result in either Nessus, HTML, PDF, CSV, or DB format" ]
tbl << [ "nessus_scan_export_status", "Check the status of an exported scan" ]
tbl << [ "", ""]
tbl << [ "Plugin Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_plugin_list", "List all plugins in a particular plugin family." ]
tbl << [ "nessus_family_list", "List all the plugin families along with their corresponding family IDs and plugin count." ]
tbl << [ "nessus_plugin_details", "List details of a particular plugin" ]
tbl << [ "", ""]
tbl << [ "User Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_user_list", "Show Nessus Users" ]
tbl << [ "nessus_user_add", "Add a new Nessus User" ]
tbl << [ "nessus_user_del", "Delete a Nessus User" ]
tbl << [ "nessus_user_passwd", "Change Nessus Users Password" ]
tbl << [ "", ""]
tbl << [ "Policy Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_policy_list", "List all polciies" ]
tbl << [ "nessus_policy_del", "Delete a policy" ]
print_line ""
print_line tbl.to_s
print_line ""
end
def ncusage
print_status("%redYou must do this before any other commands.%clr")
print_status("Usage: ")
@ -223,6 +150,24 @@ module Msf
end
end
def nessus_login
if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0))
print_status("You need to connect to a server first.")
ncusage
return
end
@url = "https://#{@host}:#{@port}/"
print_status("Connecting to #{@url} as #{@user}")
@n = Nessus::Client.new(@url, @user, @pass,@sslv)
if @n.authenticated
print_status("User #{@user} authenticated successfully.")
@token = 1
else
print_error("Error connecting/logging to the server!")
return
end
end
def nessus_verify_token
if @token.nil? or @token == ''
ncusage
@ -231,6 +176,132 @@ module Msf
true
end
def valid_policy(*args)
case args.length
when 1
pid = args[0]
else
print_error("No Policy ID supplied.")
return
end
pol = @n.list_policies
pol["policies"].each { |p|
if p["template_uuid"] == pid
return true
end
}
return false
end
def nessus_verify_db
if !(framework.db and framework.db.active)
print_error("No database has been configured, please use db_create/db_connect first")
return false
end
true
end
def check_scan(*args)
case args.length
when 1
scan_id = args[0]
else
print_error("No scan ID supplied")
return
end
scans = @n.scan_list
scans.each { |scan|
if scan["scans"]["id"] == scan_id && scan["scans"]["status"] == "completed"
return true
end
}
return false
end
def is_scan_complete(scan_id)
complete = false
status = @n.scan_list
status["scans"].each { |scan|
if scan["id"] == scan_id.to_i && (scan["status"] == "completed" || scan["status"] == "imported")
complete = true
end
}
complete
end
def cmd_nessus_help(*args)
tbl = Rex::Ui::Text::Table.new(
'Columns' => [
"Command",
"Help Text"
],
'SortIndex' => -1
)
tbl << [ "Generic Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_connect", "Connect to a Nessus server" ]
tbl << [ "nessus_logout", "Logout from the Nessus server" ]
tbl << [ "nessus_login", "Login into the connected Nesssus server with a different username and password"]
tbl << [ "nessus_save", "Save credentials of the logged in user to nessus.yml"]
tbl << [ "nessus_help", "Listing of available nessus commands" ]
tbl << [ "nessus_server_properties", "Nessus server properties such as feed type, version, plugin set and server UUID." ]
tbl << [ "nessus_server_status", "Check the status of your Nessus Server" ]
tbl << [ "nessus_admin", "Checks if user is an admin" ]
tbl << [ "nessus_template_list", "List scan or policy templates" ]
tbl << [ "nessus_folder_list", "List all configured folders on the Nessus server" ]
tbl << [ "nessus_scanner_list", "List all the scanners configured on the Nessus server" ]
tbl << [ "Nessus Database Commands", "" ]
tbl << [ "-----------------", "-----------------" ]
tbl << [ "nessus_db_scan", "Create a scan of all IP addresses in db_hosts" ]
tbl << [ "nessus_db_import", "Import Nessus scan to the Metasploit connected database" ]
tbl << [ "", ""]
tbl << [ "Reports Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_report_hosts", "Get list of hosts from a report" ]
tbl << [ "nessus_report_vulns", "Get list of vulns from a report" ]
tbl << [ "nessus_report_host_details", "Get detailed information from a report item on a host" ]
tbl << [ "", ""]
tbl << [ "Scan Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_scan_list", "List of all current Nessus scans" ]
tbl << [ "nessus_scan_new", "Create a new Nessus Scan" ]
tbl << [ "nessus_scan_launch", "Launch a newly created scan. New scans need to be manually launched through this command" ]
tbl << [ "nessus_scan_pause", "Pause a running Nessus scan" ]
tbl << [ "nessus_scan_pause_all", "Pause all running Nessus scans" ]
tbl << [ "nessus_scan_stop", "Stop a running or paused Nessus scan" ]
tbl << [ "nessus_scan_stop_all", "Stop all running or paused Nessus scans" ]
tbl << [ "nessus_scan_resume", "Resume a pasued Nessus scan" ]
tbl << [ "nessus_scan_resume_all", "Resume all paused Nessus scans" ]
tbl << [ "nessus_scan_details", "Return detailed information of a given scan" ]
tbl << [ "nessus_scan_export", "Export a scan result in either Nessus, HTML, PDF, CSV, or DB format" ]
tbl << [ "nessus_scan_export_status", "Check the status of an exported scan" ]
tbl << [ "", ""]
tbl << [ "Plugin Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_plugin_list", "List all plugins in a particular plugin family." ]
tbl << [ "nessus_family_list", "List all the plugin families along with their corresponding family IDs and plugin count." ]
tbl << [ "nessus_plugin_details", "List details of a particular plugin" ]
tbl << [ "", ""]
tbl << [ "User Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_user_list", "Show Nessus Users" ]
tbl << [ "nessus_user_add", "Add a new Nessus User" ]
tbl << [ "nessus_user_del", "Delete a Nessus User" ]
tbl << [ "nessus_user_passwd", "Change Nessus Users Password" ]
tbl << [ "", ""]
tbl << [ "Policy Commands", "" ]
tbl << [ "-----------------", "-----------------"]
tbl << [ "nessus_policy_list", "List all polciies" ]
tbl << [ "nessus_policy_del", "Delete a policy" ]
print_line ""
print_line tbl.to_s
print_line ""
end
def cmd_nessus_index
nessus_index
end
def cmd_nessus_connect(*args)
# Check if config file exists and load it
if !args[0]
@ -326,24 +397,6 @@ module Msf
return
end
def nessus_login
if !((@user and @user.length > 0) and (@host and @host.length > 0) and (@port and @port.length > 0 and @port.to_i > 0) and (@pass and @pass.length > 0))
print_status("You need to connect to a server first.")
ncusage
return
end
@url = "https://#{@host}:#{@port}/"
print_status("Connecting to #{@url} as #{@user}")
@n = Nessus::Client.new(@url, @user, @pass,@sslv)
if @n.authenticated
print_status("User #{@user} authenticated successfully.")
@token = 1
else
print_error("Error connecting/logging to the server!")
return
end
end
def cmd_nessus_save(*args)
#if we are logged in, save session details to nessus.yaml
if args[0] == "-h"
@ -370,15 +423,23 @@ module Msf
end
def cmd_nessus_server_properties(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_server_feed")
print_status("Example:> nessus_server_feed")
print_status("Example:> nessus_server_feed -S searchterm")
print_status()
print_status("Returns information about the feed type and server version.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
resp = @n.server_properties
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Feed',
'Type',
@ -392,14 +453,22 @@ module Msf
end
def cmd_nessus_server_status(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_server_status")
print_status("Example:> nessus_server_status")
print_status("Example:> nessus_server_status -S searchterm")
print_status()
print_status("Returns some status items for the server..")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Status',
'Progress'
@ -410,7 +479,9 @@ module Msf
end
def cmd_nessus_admin(*args)
if args[0] == "-h"
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_admin")
print_status("Example:> nessus_admin")
print_status()
@ -418,6 +489,10 @@ module Msf
print_status("Use nessus_user_list to list all users")
return
end
end
if args[0] == "-h"
end
if !nessus_verify_token
return
end
@ -429,15 +504,22 @@ module Msf
end
def cmd_nessus_template_list(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_template_list <scan> | <policy>")
print_status("Example:> nessus_template_list scan")
print_status("Example:> nessus_template_list scan -S searchterm")
print_status("OR")
print_status("nessus_template_list policy")
print_status()
print_status("Returns a list of information about the scan or policy templates..")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
@ -465,6 +547,7 @@ module Msf
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Name',
'Title',
@ -479,12 +562,20 @@ module Msf
print_line tbl.to_s
end
def cmd_nessus_folder_list
def cmd_nessus_folder_list(*args)
search_term = nil
while (arg = args.shift)
case arg
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
list = @n.list_folders
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"ID",
"Name",
@ -497,7 +588,20 @@ module Msf
print_line tbl.to_s
end
def cmd_nessus_scanner_list
def cmd_nessus_scanner_list(*args)
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_scanner_list")
print_status("Example:> nessus_scanner_list -S searchterm")
print_status()
print_status("Returns information about the feed type and server version.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
@ -506,6 +610,7 @@ module Msf
end
list = @n.list_scanners
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"ID",
"Name",
@ -520,40 +625,31 @@ module Msf
print_line tbl.to_s
end
def check_scan(*args)
case args.length
when 1
scan_id = args[0]
else
print_error("No scan ID supplied")
def cmd_nessus_report_hosts(*args)
search_term = nil
scan_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_report_hosts <scan ID> -S searchterm")
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
scan_id = arg
end
scans = @n.scan_list
scans.each { |scan|
if scan["scans"]["id"] == scan_id && scan["scans"]["status"] == "completed"
return true
end
}
return false
end
def cmd_nessus_report_hosts(*args)
if args[0] == "-h"
print_status("nessus_report_hosts <scan ID>")
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
return
end
case args.length
when 1
scan_id = args[0]
scan_id = scan_id
else
if scan_id.nil?
print_status("Usage: ")
print_status("nessus_report_hosts <scan ID>")
print_status("nessus_report_hosts <scan ID> -S searchterm")
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"Host ID",
"Hostname",
@ -576,22 +672,28 @@ module Msf
end
def cmd_nessus_report_vulns(*args)
if args[0] == "-h"
print_status("nessus_report_vulns <scan ID>")
search_term = nil
scan_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_report_vulns <scan ID> -S searchterm")
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
return
end
case args.length
when 1
scan_id = args[0]
scan_id = scan_id.to_i
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
scan_id = arg
end
end
if scan_id.nil?
print_status("Usage: ")
print_status("nessus_report_vulns <scan ID>")
print_status("Use nessus_scan_list to get a list of all the scans. Only completed scans can be reported.")
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"Plugin ID",
"Plugin Name",
@ -613,21 +715,29 @@ module Msf
end
def cmd_nessus_report_host_details(*args)
if args[0] == "-h"
search_term = nil
search_vuln = nil
scan_id = nil
host_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_report_host_details <scan ID> <host ID>")
print_status("Example:> nessus_report_host_details 10 5")
print_status("Example:> nessus_report_host_details 10 5 -S hostinfo -SV vulninfo")
print_status("Use nessus_scan_list to get list of all scans. Only completed scans can be used for reporting.")
print_status("Use nessus_report_hosts to get a list of all the hosts along with their corresponding host IDs.")
return
end
if !nessus_verify_token
return
end
case args.length
when 2
scan_id = args[0]
host_id = args[1]
when '-S', '--search'
search_term = /#{args.shift}/nmi
when '-SV', '--search-vuln'
search_vuln = /#{args.shift}/nmi
else
scan_id = arg,
host_id = args.shift
end
end
if [scan_id, host_id].any?(&:nil?)
print_status("Usage: ")
print_status("nessus_report_host_detail <scan ID> <host ID>")
print_status("Example:> nessus_report_host_detail 10 5")
@ -636,6 +746,7 @@ module Msf
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Plugin Name',
'Plugin Famil',
@ -654,6 +765,7 @@ module Msf
}
print_line tbl.to_s
tbl2 = Rex::Ui::Text::Table.new(
'SearchTerm' => search_vuln,
'Columns' => [
'Plugin Name',
'Plugin Famil',
@ -698,27 +810,33 @@ module Msf
end
def cmd_nessus_report_host_ports(*args)
if args[0] == "-h"
search_term = nil
rid = nil
host = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_report_host_ports <hostname> <report id>")
print_status("Example:> nessus_report_host_ports 192.168.1.250 f0eabba3-4065-7d54-5763-f191e98eb0f7f9f33db7e75a06ca")
print_status("Example:> nessus_report_host_ports 192.168.1.250 f0eabba3-4065-7d54-5763-f191e98eb0f7f9f33db7e75a06ca -S searchterm")
print_status()
print_status("Returns all the ports associated with a host and details about their vulnerabilities")
print_status("Use nessus_report_hosts to list all available hosts for a report")
end
if !nessus_verify_token
return
end
case args.length
when 2
host = args[0]
rid = args[1]
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
scan_id = arg
end
end
if [host,rid].any?(&:nil?)
print_status("Usage: ")
print_status("nessus_report_host_ports <hostname> <report id>")
print_status("Use nessus_report_list to list all available reports")
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Port',
'Protocol',
@ -775,13 +893,20 @@ module Msf
end
def cmd_nessus_scan_list(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_scan_list")
print_status("Example:> nessus_scan_list")
print_status("Example:> nessus_scan_list -S searchterm")
print_status()
print_status("Returns a list of information about currently running scans.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
@ -791,6 +916,7 @@ module Msf
return
else
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Scan ID',
'Name',
@ -1014,18 +1140,6 @@ module Msf
else
print_error("Only completed scans could be used for import")
end
end
def is_scan_complete(scan_id)
complete = false
status = @n.scan_list
status["scans"].each { |scan|
if scan["id"] == scan_id.to_i && (scan["status"] == "completed" || scan["status"] == "imported")
complete = true
end
}
complete
end
def cmd_nessus_scan_pause_all(*args)
@ -1174,35 +1288,39 @@ module Msf
end
def cmd_nessus_scan_details(*args)
if args[0] == "-h"
print_status("nessus_scan_details <scan ID> <category>")
valid_categories = ['info', 'hosts', 'vulnerabilities', 'history']
search_term = nil
scan_id = nil
category = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("Usage: ")
print_status("nessus_scan_details <scan ID> <category> -S searchterm")
print_status("Availble categories are info, hosts, vulnerabilities, and history")
print_status("Use nessus_scan_list to list all available scans with their corresponding scan IDs")
return
end
if !nessus_verify_token
return
end
case args.length
when 2
scan_id = args[0]
category = args[1]
if category.in?(['info', 'hosts', 'vulnerabilities', 'history'])
category = args[1]
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
scan_id = arg
if args[0].in?(valid_categories)
category = args.shift
else
print_error("Invalid category. The available categories are info, hosts, vulnerabilities, and history")
return
end
else
print_status("Usage: ")
print_status("nessus_scan_details <scan ID> <category>")
print_status("Availble categories are info, hosts, vulnerabilities, and history")
print_status("Use nessus_scan_list to list all available scans with their corresponding scan IDs")
end
end
if !nessus_verify_token
return
end
details = @n.scan_details(scan_id)
if category == "info"
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"Status",
"Policy",
@ -1214,6 +1332,7 @@ module Msf
tbl << [ details["info"]["status"], details["info"]["policy"], details["info"]["name"], details["info"]["targets"], details["info"]["scan_start"], details["info"]["scan_end"] ]
elsif category == "hosts"
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"Host ID",
"Hostname",
@ -1227,6 +1346,7 @@ module Msf
}
elsif category == "vulnerabilities"
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"Plugin ID",
"Plugin Name",
@ -1238,6 +1358,7 @@ module Msf
}
elsif category == "history"
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
"History ID",
"Status",
@ -1319,27 +1440,32 @@ module Msf
end
def cmd_nessus_plugin_list(*args)
if args[0] == "-h"
print_status("nessus_plugin_list <Family ID>")
search_term = nil
family_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_plugin_list <Family ID> -S searchterm")
print_status("Example:> nessus_plugin_list 10")
print_status()
print_status("Returns a list of all plugins in that family.")
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
return
end
if !nessus_verify_token
return
end
case args.length
when 1
family_id = args[0]
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
family_id = arg
end
end
if family_id.nil?
print_status("Usage: ")
print_status("nessus_plugin_list <Family ID>")
print_status("Use nessus_family_list to display all the plugin families along with their corresponding family IDs")
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Plugin ID',
'Plugin Name'
@ -1355,15 +1481,23 @@ module Msf
end
def cmd_nessus_family_list(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_family_list")
print_status("Example:> nessus_family_list")
print_status("Example:> nessus_family_list -S searchterm")
print_status()
print_status("Returns a list of all the plugin families along with their corresponding family IDs and plugin count.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
list = @n.list_families
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Family ID',
'Family Name',
@ -1377,27 +1511,36 @@ module Msf
end
def cmd_nessus_plugin_details(*args)
if args[0] == "-h"
search_term = nil
plugin_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_plugin_details <Plugin ID>")
print_status("Example:> nessus_plugin_details 10264")
print_status("Example:> nessus_plugin_details 10264 -S searchterm")
print_status()
print_status("Returns details on a particular plugin.")
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
else
plugin_id = arg
end
end
if !nessus_verify_token
return
end
case args.length
when 1
plugin_id = args[0]
else
if plugin_id.nil?
print_status("Usage: ")
print_status("nessus_plugin_details <Plugin ID>")
print_status("Use nessus_plugin_list to list all plugins and their corresponding plugin IDs belonging to a particular plugin family.")
return
end
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'Reference',
'Value'
@ -1423,13 +1566,20 @@ module Msf
end
def cmd_nessus_user_list(*args)
if args[0] == "-h"
scan_id = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_user_list")
print_status("Example:> nessus_user_list")
print_status("Example:> nessus_user_list -S searchterm")
print_status()
print_status("Returns a list of the users on the Nessus server and their access level.")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
@ -1438,6 +1588,7 @@ module Msf
end
list=@n.list_users
tbl = Rex::Ui::Text::Table.new(
'SearchTerm' => search_term,
'Columns' => [
'ID',
'Name',
@ -1574,13 +1725,20 @@ module Msf
end
def cmd_nessus_policy_list(*args)
if args[0] == "-h"
search_term = nil
while (arg = args.shift)
case arg
when '-h', '--help'
print_status("nessus_policy_list")
print_status("Example:> nessus_policy_list")
print_status("Example:> nessus_policy_list -S searchterm")
print_status()
print_status("Lists all policies on the server")
return
when '-S', '--search'
search_term = /#{args.shift}/nmi
end
end
if !nessus_verify_token
return
end
@ -1642,31 +1800,6 @@ module Msf
print_error("Unknown problem occured by deleting the user account having user ID #{user_id}.")
end
end
def valid_policy(*args)
case args.length
when 1
pid = args[0]
else
print_error("No Policy ID supplied.")
return
end
pol = @n.list_policies
pol["policies"].each { |p|
if p["template_uuid"] == pid
return true
end
}
return false
end
def nessus_verify_db
if !(framework.db and framework.db.active)
print_error("No database has been configured, please use db_create/db_connect first")
return false
end
true
end
end
def initialize(framework, opts)