Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Nessus Automation Wrapper Script v0.1 (c) 2010 Adam Obringer, Robert Morris University
- #
- # Requirements:
- # - Perl
- # - update-nessusrc (George A Theall)
- # - cron (of course) if you want this to do anything on it's own
- # - Linuxy paths for common binaries
- # - Tenable Nessus
- # - Flat files created for network zones / custom scantypes, etc.
- #
- # * This is meant to be wrapped around cron to automate Nessus scans via commandline.
- # * Updates nessusrc files according to scantype specified and passed to update-nessusrc
- # * Calls flat files from input variables, as well as the Nessus binary and update-nessusrc script (George A Theall)
- # * Timestamps each completion line for reference via log output to /opt/autoscan/log/ per run
- # * Emails results to selected addresses once completed.
- # * Create NBE file for Nitro ESM import
- # * Create Apache-viewable HTML report
- #
- # TODO:
- #
- # - FIX full logging output to file!
- # - Add capability for custom network zone
- # - Add capability for 'all' zones
- # - Add capability for custom scan type
- # - Remove HTML reporting/add MySQL archiving and static code to call data
- #
- #!/bin/sh
- DATE=`/bin/date +%Y%m%d`
- TIME=$(date +%k%M%S)
- NOW=$(date +"%Y-%m-%d_%k.%M")
- NCMD=/opt/nessus/bin/nessus
- NHOST=localhost
- NPORT=1241
- NUSER=nessus
- NPASS=xxxxxxxxxxx
- NCONFIG1=/opt/autoscan/configs/admin_vlans.cfg
- NCONFIG2=/opt/autoscan/configs/other_vlans.cfg
- NCONFIG3=/opt/autoscan/configs/resnet_vlans.cfg
- NCONFIG4=/opt/autoscan/configs/student_vlans.cfg
- NCONFIG5=/opt/autoscan/configs/test_vlans.cfg
- NTARGET1=/opt/autoscan/targets/targets_admin.txt
- NTARGET2=/opt/autoscan/targets/targets_other.txt
- NTARGET3=/opt/autoscan/targets/targets_resnet.txt
- NTARGET4=/opt/autoscan/targets/targets_student.txt
- NTARGET5=/opt/autoscan/targets/targets_test.txt
- NRESULT1=/opt/autoscan/results/admin_vlans-$DATE.nbe
- NRESULT2=/opt/autoscan/results/other_vlans-$DATE.nbe
- NRESULT3=/opt/autoscan/results/resnet_vlans-$DATE.nbe
- NRESULT4=/opt/autoscan/results/student_vlans-$DATE.nbe
- NRESULT5=/opt/autoscan/results/test_vlans-$DATE.nbe
- NREPORT1=/opt/autoscan/reports/admin_vlans-$DATE.html
- NREPORT2=/opt/autoscan/reports/other_vlans-$DATE.html
- NREPORT3=/opt/autoscan/reports/resnet_vlans-$DATE.html
- NREPORT4=/opt/autoscan/reports/-student_vlans-$DATE.html
- NREPORT5=/opt/autoscan/reports/test_vlans-$DATE.html
- VLANINPUT=$1
- RCTOOL=/opt/autoscan/scripts/update-nessusrc
- RCINPUT=$2
- HTMLOUT=/opt/autoscan/results/
- LOGDIR=/opt/autoscan/log
- LOGFILE=nessusauto_$VLANINPUT-$NOW.log
- echo ""
- echo ""
- echo "Nessus AutoScan script v0.1 - (c) Adam Obringer, Robert Morris University"
- echo ""
- echo "Syntax: $0 <area> <scantype>"
- echo ""
- echo "Available areas: admin|other|resnet|student|test"
- echo "Available scantypes: default|debug|top20|crithigh"
- if [ $VLANINPUT = admin ] ; then
- echo ""
- echo ""
- echo "$DATE.$TIME x Configuring for admin VLAN scan."
- NCONFIG=$NCONFIG1
- NTARGET=$NTARGET1
- NRESULT=$NRESULT1
- NREPORT=$NREPORT1
- elif [ $VLANINPUT = other ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for other VLAN scan."
- NCONFIG=$NCONFIG2
- NTARGET=$NTARGET2
- NRESULT=$NRESULT2
- NREPORT=$NREPORT2
- elif [ $VLANINPUT = resnet ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for resnet VLAN scan."
- NCONFIG=$NCONFIG3
- NTARGET=$NTARGET3
- NRESULT=$NRESULT3
- NREPORT=$NREPORT3
- elif [ $VLANINPUT = student ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for student VLAN scan."
- NCONFIG=$NCONFIG4
- NTARGET=$NTARGET4
- NRESULT=$NRESULT4
- NREPORT=$NREPORT4
- elif [ $VLANINPUT = test ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for test VLAN scan."
- NCONFIG=$NCONFIG5
- NTARGET=$NTARGET5
- NRESULT=$NRESULT5
- NREPORT=$NREPORT5
- else
- echo ""
- echo "*** Syntax error: Please properly specify zone to scan!"
- echo "$0 admin|other|student|test"
- exit 1
- fi
- if [ $RCINPUT = default ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for default (non-dangerous/icmp/tcp_conn) Nessus plugins (with summary) via nessusrc."
- $RCTOOL -s $NCONFIG
- elif [ $RCINPUT = debug ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for default Nessus plugins with debugging via nessusrc."
- echo "* Warning * Does NOT replace RC file while debugging is enabled!"
- $RCTOOL -s -d $NCONFIG
- elif [ $RCINPUT = top20 ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for SANS Top20 plugins (with summary) via nessusrc."
- $RCTOOL -t -s $NCONFIG
- elif [ $RCINPUT = crithigh ] ; then
- echo ""
- echo "$DATE.$TIME x Configuring for Critical/High-risk vulnerabilities ONLY (with summary) via nessusrc."
- $RCTOOL -r "(Critical|High)" -s $NCONFIG
- else
- echo ""
- echo "*** Syntax error: Please specify plugin type(s)."
- echo "$0 default|debug|top20|crithigh"
- exit 1
- fi
- echo ""
- echo "$DATE.$TIME x Scanning hosts within $VLANINPUT zones via Nessus commandline..."
- $NCMD -c $NCONFIG -T nbe -xq $NHOST $NPORT $NUSER $NPASS $NTARGET $NRESULT > $LOGDIR/$LOGFILE
- #2>&1
- echo ""
- echo "$DATE.$TIME x Scan completed."
- echo ""
- echo "$DATE.$TIME x Generating reporting html..."
- $NCMD -i $NRESULT -o $NREPORT > $LOGDIR/$LOGFILE
- #2>&1
- echo ""
- echo "$DATE.$TIME x HTML report generation completed. File(s) output to $HTMLOUT for Apache."
- echo ""
- echo "$DATE.$TIME x Emailing results to recipient(s). TEMP DISABLED!"
- #cat - $LOGDIR/$LOGFILE << EOF | /usr/sbin/sendmail -t
- #to:obringer@rmu.edu,stewartm@rmu.edu
- #from:nessus-internal@security.rmu.edu
- #subject:Nessus Internal AutoScan Log Output - $VLANINPUT targets
- #
- #EOF
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement