Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- import urllib2
- import urllib
- import json
- def connect(module, action, input={}):
- data = {'module': module,
- 'action': action,
- 'input': json.dumps(input),
- 'token': token,
- 'request_id': 1}
- headers = {'Cookie': 'TNS_SESSIONID=' + cookie}
- url = server + '/request.php'
- try:
- request = urllib2.Request(url, urllib.urlencode(data), headers)
- response = urllib2.urlopen(request)
- content = json.loads(response.read())
- return content['response']
- except Exception, e:
- print e #"Error: " + str(e)
- return None
- server = 'https://192.168.37.51'
- username = 'rapid7'
- password = 'password'
- token = ''
- cookie = ''
- # First login to the server using the auth module with the login action. The
- # server's response will include a token and a cookie that needs to be used on
- # subsequent requests.
- input = {'username': username, 'password': password}
- resp = connect('auth', 'login', input)
- token = resp['token']
- cookie = resp['sessionID']
- # After setting the token and cookie we can use the rest of the API as normal.
- # Query the SC server to get the first 10 critical and high vulnerabilities.
- filters = [{'filterName': 'severity',
- 'operator': '=',
- 'value': '4,3'}]
- input = {'tool': 'vulndetails',
- 'sourceType': 'cumulative',
- 'filters': filters,
- 'startOffset': 0,
- 'endOffset': 10}
- vulns = connect('vuln', 'query', input)
- for vuln in vulns['results']:
- print 'IP: ' + vuln['ip']
- print 'Name: ' + vuln['pluginName']
- print 'Severity: ' + vuln['severity']
- print
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement