API tools faq
paste
Guest User

Untitled

a guest
May 9th, 2019
54
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.62 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. #
  3. # OpenVAS automation script.
  4. # Mariusz B. / mgeeky, '17
  5. # v0.2
  6. #
  7.  
  8. trap ctrl_c INT
  9.  
  10. # --- CONFIGURATION ---
  11.  
  12. USER=<USERNAME>
  13. PASS=<PASSWORD>
  14. HOST=127.0.0.1
  15. PORT=9390
  16.  
  17. # Must be one of the below defined targets
  18. SCAN_PROFILE=""
  19. #SCAN_PROFILE="Full and fast ultimate"
  20.  
  21. FORMAT="PDF"
  22.  
  23. # A valid "alive_test" parameter
  24. # Defines how it is determined if the targets are alive
  25. # Currently, valid values are the following:
  26. # Scan Config Default
  27. # ICMP, TCP-ACK Service & ARP Ping
  28. # TCP-ACK Service & ARP Ping
  29. # ICMP & ARP Ping
  30. # ICMP & TCP-ACK Service Ping
  31. # ARP Ping
  32. # TCP-ACK Service Ping
  33. # TCP-SYN Service Ping
  34. # ICMP Ping
  35. # Consider Alive
  36. ALIVE_TEST='ICMP, TCP-ACK Service & ARP Ping'
  37.  
  38. # --- END OF CONFIGURATION ---
  39.  
  40. targets=(
  41. "Discovery"
  42. "Full and fast"
  43. "Full and fast ultimate"
  44. "Full and very deep"
  45. "Full and very deep ultimate"
  46. "Host Discovery"
  47. "System Discovery"
  48. )
  49.  
  50. formats=(
  51. "ARF"
  52. "CPE"
  53. "HTML"
  54. "ITG"
  55. "NBE"
  56. "PDF"
  57. "TXT"
  58. "XML"
  59. )
  60.  
  61. able_to_clean=1
  62.  
  63. function usage {
  64. echo
  65. echo -ne "Usage: openvas-automate.sh <host>"
  66. echo
  67. echo -ne "\n host\t- IP address or domain name of the host target."
  68. echo
  69. echo
  70. }
  71.  
  72. function omp_cmd {
  73. cmd="omp -u $USER -w \"$PASS\" -h $HOST -p $PORT $@"
  74. #>&2 echo "DBG: OMP cmd: \"$cmd\""
  75. eval $cmd 2>&1
  76. }
  77.  
  78. function omp_cmd_xml {
  79. omp_cmd "--xml='$@'"
  80. }
  81.  
  82. function end {
  83. echo "[>] Performing cleanup"
  84.  
  85. if [ $able_to_clean -eq 1 ]; then
  86. omp_cmd -D $task_id
  87. omp_cmd -X '<delete_target target_id="'$target_id'"/>'
  88. fi
  89. exit 1
  90. }
  91.  
  92. function ctrl_c() {
  93. echo "[?] CTRL-C trapped."
  94. exit 1
  95. end
  96. }
  97.  
  98. echo
  99. echo " :: OpenVAS automation script."
  100. echo " mgeeky, 0.2"
  101. echo
  102.  
  103. out=$(omp_cmd -g | grep -i "discovery")
  104. if [ -z "$out" ]; then
  105. echo "Exiting due to OpenVAS authentication failure."
  106. exit 1
  107. fi
  108.  
  109. echo "[+] OpenVAS authenticated."
  110.  
  111. if [ -z "$SCAN_PROFILE" ]; then
  112. echo "[>] Please select scan type:"
  113. echo -e "\t1. Discovery"
  114. echo -e "\t2. Full and fast"
  115. echo -e "\t3. Full and fast ultimate"
  116. echo -e "\t4. Full and very deep"
  117. echo -e "\t5. Full and very deep ultimate"
  118. echo -e "\t6. Host Discovery"
  119. echo -e "\t7. System Discovery"
  120. echo -e "\t9. Exit"
  121. echo ""
  122. echo "--------------------------------"
  123.  
  124. read -p "Please select an option: " m
  125.  
  126. if [ $m -eq 9 ]; then exit 0;
  127. elif [ $m -eq 1 ]; then SCAN_PROFILE="Discovery"
  128. elif [ $m -eq 2 ]; then SCAN_PROFILE="Full and fast"
  129. elif [ $m -eq 3 ]; then SCAN_PROFILE="Full and fast ultimate"
  130. elif [ $m -eq 4 ]; then SCAN_PROFILE="Full and very deep"
  131. elif [ $m -eq 5 ]; then SCAN_PROFILE="Full and very deep ultimate"
  132. elif [ $m -eq 6 ]; then SCAN_PROFILE="Host Discovery"
  133. elif [ $m -eq 7 ]; then SCAN_PROFILE="System Discovery"
  134. else echo "[!] Unknown profile selected" && exit 1
  135. fi
  136. echo
  137. fi
  138.  
  139. found=0
  140.  
  141. for i in "${targets[@]}"
  142. do
  143. if [ "$i" == "$SCAN_PROFILE" ]; then
  144. found=1
  145. break
  146. fi
  147. done
  148.  
  149. scan_profile_id=$(omp_cmd -g | grep "$SCAN_PROFILE" | cut -d' ' -f1)
  150. if [ $found -eq 0 ] || [ -z "$scan_profile_id" ]; then
  151. echo "[!] You've selected unknown SCAN_PROFILE. Please change it in script's settings."
  152. exit 1
  153. fi
  154.  
  155. found=0
  156.  
  157. for i in "${formats[@]}"
  158. do
  159. if [ "$i" == "$FORMAT" ]; then
  160. found=1
  161. break
  162. fi
  163. done
  164.  
  165. format_id=$(omp_cmd -F | grep "$FORMAT" | cut -d' ' -f1)
  166.  
  167. if [ $found -eq 0 ] || [ -z $format_id ]; then
  168. echo "[!] You've selected unknown FORMAT. Please change it in script's settings."
  169. exit 1
  170. fi
  171.  
  172. if [ -z "$1" ]; then
  173. usage
  174. exit 1
  175. fi
  176.  
  177. TARGET="$1"
  178. host "$TARGET" 2>&1 > /dev/null
  179.  
  180. if [ $? -ne 0 ]; then
  181. echo "[!] Specified target host seems to be unavailable!"
  182. read -p "Are you sure you want to continue [Y/n]? " -n 1 -r
  183. echo
  184. if [[ $REPLY =~ ^[Yy]$ ]]
  185. then
  186. echo > /dev/null
  187. else
  188. exit 1
  189. fi
  190. fi
  191.  
  192. echo "[+] Tasked: '$SCAN_PROFILE' scan against '$TARGET' "
  193.  
  194. target_id=$(omp_cmd -T | grep "$TARGET" | cut -d' ' -f1)
  195.  
  196. out=""
  197. if [ -z "$target_id" ]; then
  198.  
  199. echo "[>] Creating a target..."
  200. out=$(omp -u $USER -w '$PASS' -h $HOST -p $PORT --xml=\
  201. "<create_target>\
  202. <name>${TARGET}</name><hosts>$TARGET</hosts>\
  203. <alive_tests>$ALIVE_TEST</alive_tests>\
  204. </create_target>")
  205. target_id=$(echo "$out" | pcregrep -o1 'id="([^"]+)"')
  206.  
  207. else
  208. echo "[>] Reusing target..."
  209. fi
  210.  
  211. if [ -z "$target_id" ]; then
  212. echo "[!] Something went wrong, couldn't acquire target's ID! Output:"
  213. echo $out
  214. exit 1
  215. else
  216. echo "[+] Target's id: $target_id"
  217. fi
  218.  
  219. echo "[>] Creating a task..."
  220. task_id=$(omp_cmd -C -n "$TARGET" --target=$target_id --config=$scan_profile_id)
  221.  
  222. if [ $? -ne 0 ]; then
  223. echo "[!] Could not create a task."
  224. end
  225. fi
  226.  
  227. echo "[+] Task created successfully, id: '$task_id'"
  228.  
  229. echo "[>] Starting the task..."
  230. report_id=$(omp_cmd -S $task_id)
  231.  
  232. if [ $? -ne 0 ]; then
  233. echo "[!] Could not start a task."
  234. end
  235. fi
  236.  
  237. able_to_clean=0
  238.  
  239. echo "[+] Task started. Report id: $report_id"
  240. echo "[.] Awaiting for it to finish. This will take a long while..."
  241. echo
  242.  
  243. aborted=0
  244. while true; do
  245. RET=$(omp_cmd -G)
  246. if [ $? -ne 0 ]; then
  247. echo '[!] Querying jobs failed.';
  248. end
  249. fi
  250.  
  251. RET=$(echo -n "$RET" | grep -m1 "$task_id" | tr '\n' ' ')
  252. out=$(echo "$RET" | tr '\n' ' ')
  253. echo -ne "$out\r"
  254. if [ `echo "$RET" | grep -m1 -i "fail"` ]; then
  255. echo '[!] Failed getting running jobs list'
  256. end
  257. fi
  258. echo "$RET" | grep -m1 -i -E "done|Stopped"
  259. if [ $? -ne 1 ]; then
  260. aborted=1
  261. break
  262. fi
  263. sleep 1
  264.  
  265. done
  266.  
  267. if [ $aborted -eq 0 ]; then
  268. echo "[+] Job done, generating report..."
  269.  
  270. FILENAME=${TARGET// /_}
  271. FILENAME="openvas_${FILENAME//[^a-zA-Z0-9_\.\-]/}_$(date +%s)"
  272.  
  273. out=$(omp_cmd --get-report $report_id --format $format_id > $FILENAME.$FORMAT )
  274.  
  275. if [ $? -ne 0 ]; then
  276. echo '[!] Failed getting report.';
  277. echo "[!] Output: $out"
  278. #end
  279. fi
  280.  
  281. echo "[+] Scanning done."
  282. else
  283. echo "[?] Scan monitoring has been aborted. You're on your own now."
  284. fi
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!