Untitled

# Nessus Automation Wrapper Script v0.1 (c) 2010 Adam Obringer, Robert Morris University
#
# Requirements:
# - Perl
# - update-nessusrc (George A Theall)
# - cron (of course) if you want this to do anything on it's own
# - Linuxy paths for common binaries
# - Tenable Nessus
# - Flat files created for network zones / custom scantypes, etc.
#
# * This is meant to be wrapped around cron to automate Nessus scans via commandline.
# * Updates nessusrc files according to scantype specified and passed to update-nessusrc
# * Calls flat files from input variables, as well as the Nessus binary and update-nessusrc script (George A Theall)
# * Timestamps each completion line for reference via log output to /opt/autoscan/log/ per run
# * Emails results to selected addresses once completed.
# * Create NBE file for Nitro ESM import
# * Create Apache-viewable HTML report
#
# TODO:
#
# - FIX full logging output to file!
# - Add capability for custom network zone
# - Add capability for 'all' zones
# - Add capability for custom scan type
# - Remove HTML reporting/add MySQL archiving and static code to call data
#
#!/bin/sh
DATE=`/bin/date +%Y%m%d`
TIME=$(date +%k%M%S)
NOW=$(date +"%Y-%m-%d_%k.%M")
NCMD=/opt/nessus/bin/nessus
NHOST=localhost
NPORT=1241
NUSER=nessus
NPASS=xxxxxxxxxxx
NCONFIG1=/opt/autoscan/configs/admin_vlans.cfg
NCONFIG2=/opt/autoscan/configs/other_vlans.cfg
NCONFIG3=/opt/autoscan/configs/resnet_vlans.cfg
NCONFIG4=/opt/autoscan/configs/student_vlans.cfg
NCONFIG5=/opt/autoscan/configs/test_vlans.cfg
NTARGET1=/opt/autoscan/targets/targets_admin.txt
NTARGET2=/opt/autoscan/targets/targets_other.txt
NTARGET3=/opt/autoscan/targets/targets_resnet.txt
NTARGET4=/opt/autoscan/targets/targets_student.txt
NTARGET5=/opt/autoscan/targets/targets_test.txt
NRESULT1=/opt/autoscan/results/admin_vlans-$DATE.nbe
NRESULT2=/opt/autoscan/results/other_vlans-$DATE.nbe
NRESULT3=/opt/autoscan/results/resnet_vlans-$DATE.nbe
NRESULT4=/opt/autoscan/results/student_vlans-$DATE.nbe
NRESULT5=/opt/autoscan/results/test_vlans-$DATE.nbe
NREPORT1=/opt/autoscan/reports/admin_vlans-$DATE.html
NREPORT2=/opt/autoscan/reports/other_vlans-$DATE.html
NREPORT3=/opt/autoscan/reports/resnet_vlans-$DATE.html
NREPORT4=/opt/autoscan/reports/-student_vlans-$DATE.html
NREPORT5=/opt/autoscan/reports/test_vlans-$DATE.html
VLANINPUT=$1
RCTOOL=/opt/autoscan/scripts/update-nessusrc
RCINPUT=$2
HTMLOUT=/opt/autoscan/results/
LOGDIR=/opt/autoscan/log
LOGFILE=nessusauto_$VLANINPUT-$NOW.log


echo ""
echo ""
echo "Nessus AutoScan script v0.1 - (c) Adam Obringer, Robert Morris University"
echo ""
echo "Syntax: $0 <area> <scantype>"
echo ""
echo "Available areas: admin|other|resnet|student|test"
echo "Available scantypes: default|debug|top20|crithigh"

if [ $VLANINPUT = admin ] ; then
  echo ""
  echo ""
  echo "$DATE.$TIME x Configuring for admin VLAN scan."
  NCONFIG=$NCONFIG1
  NTARGET=$NTARGET1
  NRESULT=$NRESULT1
  NREPORT=$NREPORT1
elif [ $VLANINPUT = other ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for other VLAN scan."
  NCONFIG=$NCONFIG2
  NTARGET=$NTARGET2
  NRESULT=$NRESULT2
  NREPORT=$NREPORT2
elif [ $VLANINPUT = resnet ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for resnet VLAN scan."
  NCONFIG=$NCONFIG3
  NTARGET=$NTARGET3
  NRESULT=$NRESULT3
  NREPORT=$NREPORT3
elif [ $VLANINPUT = student ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for student VLAN scan."
  NCONFIG=$NCONFIG4
  NTARGET=$NTARGET4
  NRESULT=$NRESULT4
  NREPORT=$NREPORT4
elif [ $VLANINPUT = test ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for test VLAN scan."
  NCONFIG=$NCONFIG5
  NTARGET=$NTARGET5
  NRESULT=$NRESULT5
  NREPORT=$NREPORT5
else
 echo ""
 echo "*** Syntax error: Please properly specify zone to scan!"
 echo "$0 admin|other|student|test"
 exit 1
fi

if [ $RCINPUT = default ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for default (non-dangerous/icmp/tcp_conn) Nessus plugins (with summary) via nessusrc."
  $RCTOOL -s $NCONFIG
elif [ $RCINPUT = debug ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for default Nessus plugins with debugging via nessusrc."
  echo "* Warning * Does NOT replace RC file while debugging is enabled!"
  $RCTOOL -s -d $NCONFIG
elif [ $RCINPUT = top20 ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for SANS Top20 plugins (with summary) via nessusrc."
  $RCTOOL -t -s $NCONFIG
elif [ $RCINPUT = crithigh ] ; then
  echo ""
  echo "$DATE.$TIME x Configuring for Critical/High-risk vulnerabilities ONLY (with summary) via nessusrc."
  $RCTOOL -r "(Critical|High)" -s $NCONFIG
else
  echo ""
  echo "*** Syntax error: Please specify plugin type(s)."
  echo "$0 default|debug|top20|crithigh"
  exit 1
fi

echo ""
echo "$DATE.$TIME x Scanning hosts within $VLANINPUT zones via Nessus commandline..."
$NCMD -c $NCONFIG -T nbe -xq $NHOST $NPORT $NUSER $NPASS $NTARGET $NRESULT > $LOGDIR/$LOGFILE
#2>&1
echo ""
echo "$DATE.$TIME x Scan completed."

echo ""
echo "$DATE.$TIME x Generating reporting html..."
$NCMD -i $NRESULT -o $NREPORT > $LOGDIR/$LOGFILE
#2>&1
echo ""
echo "$DATE.$TIME x HTML report generation completed. File(s) output to $HTMLOUT for Apache."

echo ""
echo "$DATE.$TIME x Emailing results to recipient(s). TEMP DISABLED!"
#cat - $LOGDIR/$LOGFILE << EOF | /usr/sbin/sendmail -t
#to:obringer@rmu.edu,stewartm@rmu.edu
#from:nessus-internal@security.rmu.edu
#subject:Nessus Internal AutoScan Log Output - $VLANINPUT targets
#
#EOF