nessus

package
v2.6.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 8, 2023 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source
const (
	INFO     = "INFO"
	OK       = "OK"
	LOW      = "LOW"
	MEDIUM   = "MEDIUM"
	HIGH     = "HIGH"
	CRITICAL = "CRITICAL"
)

Variables

View Source
var PluginNameToWorkflowPath = map[string]string{
	"ActiveMQ":           "activemq-workflow.yaml",
	"Solr":               "solr-workflow.yaml",
	"Tomcat":             "tomcat-workflow.yaml",
	"Confluence":         "confluence-workflow.yaml",
	"Jira":               "jira-workflow.yaml",
	"Artifactory":        "artifactory-workflow.yaml",
	"Cacti":              "cacti-workflow.yaml",
	"iDRAC":              "dell-idrac-workflow.yaml",
	"GitLab":             "gitlab-workflow.yaml",
	"F5 BigIP":           "bigip-workflow.yaml",
	"fortinet":           "fortinet-workflow.yaml",
	"Grafana":            "grafana-workflow.yaml",
	"Jenkins":            "jenkins-workflow.yaml",
	"Kibana":             "kibana-workflow.yaml",
	"SharePoint":         "sharepoint-workflow.yaml",
	"Microsoft Exchange": "microsoft-exchange-workflow.yaml",
	"phpMyAdmin":         "phpmyadmin-workflow.yaml",
	"PRTG":               "prtg-workflow.yaml",
	"Pivotal RabbitMQ":   "rabbitmq-workflow.yaml",
	"WebLogic":           "weblogic-workflow.yaml",
	"Splunk":             "splunk-workflow.yaml",
	"TikiWiki":           "tikiwiki-workflow.yaml",
	"VMware":             "vmware-workflow.yaml",
	"Webmin":             "webmin-workflow.yaml",
	"Zabbix":             "zabbix-workflow.yaml",
}

PluginNameToWorkflowPath TODO map out more service types to nuclei workflows... also, these keys aren't utilized really unless required for later on ToDos.

View Source
var ScriptMaps = map[string]string{
	"amqp":      "amqp-info.nse",
	"ajp13":     "ajp-headers.nse,ajp-methods.nse,ajp-request.nse",
	"ftp":       "ftp-anon.nse,ftp-libopie.nse,ftp-proftpd-backdoor.nse,ftp-vsftpd-backdoor.nse,ftp-vuln-cve2010-4221.nse,ftp-syst.nse",
	"ssh":       "ssh-auth-methods.nse,ssh-hostkey.nse,ssh-publickey-acceptance.nse,ssh-run.nse,ssh2-enum-algos.nse,sshv1.nse",
	"telnet":    "banner.nse,telnet-encryption.nse,telnet-ntlm-info.nse",
	"smtp":      "smtp-commands.nse,smtp-enum-users.nse,smtp-ntlm-info.nse,smtp-open-relay.nse",
	"smb":       "smb-enum-domains.nse,smb-enum-groups.nse,smb-enum-processes.nse,smb-enum-sessions.nse,smb-enum-shares.nse,smb-enum-users.nse,smb-ls.nse,smb-mbenum.nse,smb-os-discovery.nse,smb-print-text.nse,smb-security-mode.nse,smb-server-stats.nse,smb-system-info.nse",
	"tftp":      "tftp-enum.nse",
	"vnc":       "realvnc-auth-bypass.nse,vnc-info.nse,vnc-title.nse",
	"oracle":    "oracle-enum-users.nse,oracle-sid-brute.nse,oracle-tns-version.nse",
	"ldap":      "ldap-novell-getpass.nse,ldap-rootdse.nse,ldap-search.nse",
	"rpc-nfs":   "nfs-ls.nse,nfs-statfs.nse,nfs-showmount.nse",
	"mssql":     "ms-sql-info.nse,ms-sql-config.nse,broadcast-ms-sql-discover.nse,ms-sql-ntlm-info.nse,ms-sql-empty-password.nse",
	"mysql":     "mysql-variables.nse,mysql-users.nse,mysql-query.nse,mysql-enum.nse,mysql-empty-password.nse,mysql-databases.nse",
	"mongodb":   "mongodb-databases.nse,mongodb-info.nse",
	"kerberos":  "banner.nse,krb5-enum-users.nse",
	"ike":       "ike-version.nse",
	"sip":       "banner.nse,sip-enum-users.nse,sip-methods.nse",
	"javarmi":   "rmi-dumpregistry.nse,rmi-vuln-classloader.nse",
	"cups":      "cups-info.nse,cups-queue-info.nse",
	"cassandra": "cassandra-info.nse",
	"webdav":    "http-iis-webdav-vuln.nse",
	"pop3":      "pop3-capabilities.nse,pop3-ntlm-info.nse",
	"snmp":      "snmp-info.nse,snmp-interfaces.nse,snmp-netstat.nse,snmp-processes.nse,snmp-sysdescr.nse,snmp-win32-services.nse,snmp-win32-shares.nse,snmp-win32-software.nse,snmp-win32-users.nse",
	"stun":      "stun-info.nse,stun-version.nse",
}
View Source
var ServiceKinds = []string{

	"ajp13",
	"amqp",

	"ftp",

	"ldap",

	"mssql",
	"mysql",

	"ike",

	"rpc-nfs",

	"sip",

	"smb",
	"snmp",
	"ssh",
	"stun",
	"telnet",
	"tftp",

	"vnc",
}

Functions

func ConfigureCommand

func ConfigureCommand(cmd *cobra.Command) error

func GenerateAllURLs

func GenerateAllURLs(n *Data) ([]string, error)

GenerateAllURLs parses all web service URLs from a .nessus xml file and returns a sorted slice of unique URLs

func Parse

func Parse(opts *Options) error

Parse parses the nessus file and prints the results table

func RangeStructer

func RangeStructer(args ...interface{}) []interface{}

RangeStructer takes the first argument, which must be a struct, and returns the value of each field in a slice. It will return nil if there are no arguments or first argument is not a struct

Types

type Data

type Data struct {
	Report Report `xml:"Report"`
}

Data contains a nessus report.

type Entry

type Entry struct {
	// contains filtered or unexported fields
}

type Enum4LinuxInfo

type Enum4LinuxInfo struct {
	RepoPath       string
	VirtualENVPath string
	OutputDir      string
}

type HTMLReportRows

type HTMLReportRows struct {
	Key      string
	PluginID string
	Hosts    string
}

type HTMLTableRows

type HTMLTableRows struct {
	Rows string
}

type HostProperties

type HostProperties struct {
	Tags []Tag `xml:"tag"`
}

HostProperties are tags filled with likely useless information.

type HostsByServiceKind added in v2.6.2

type HostsByServiceKind struct {
	ServiceType        string
	NucleiWorkflowPath string
	HostPorts          []string
	HostPortsFile      string
}

type NmapStdoutStreamer

type NmapStdoutStreamer struct {
	nmap.Streamer
	File string
}

NmapStdoutStreamer is your custom type in code. You just have to make it a Streamer.

func (*NmapStdoutStreamer) Bytes

func (c *NmapStdoutStreamer) Bytes() []byte

Bytes returns scan result bytes.

func (*NmapStdoutStreamer) Write

func (c *NmapStdoutStreamer) Write(d []byte) (int, error)

Write is a function that handles the normal nmap stdout.

type NmapTargetInfo

type NmapTargetInfo struct {
	Target   string
	TCPPorts []string
	UDPPorts []string
	Scripts  string
	SVCName  string
}

type Options

type Options struct {
	NessusFile          string
	Output              string
	TestSSL             bool
	SSHAudit            bool
	StreamNmap          bool
	AsyncNmap           bool
	AsyncNmapSVCScripts bool
	Nuclei              bool
	NucleiWorkflow      bool
	Enum4LinuxNG        bool
}

func (*Options) LoadFromCommand

func (opts *Options) LoadFromCommand(cmd *cobra.Command) error

type Report

type Report struct {
	Name        string       `xml:"name,attr"`
	ReportHosts []ReportHost `xml:"ReportHost"`
}

Report has a name and contains all the host details.

type ReportHost

type ReportHost struct {
	Name           string         `xml:"name,attr"`
	HostProperties HostProperties `xml:"HostProperties"`
	ReportItems    []ReportItem   `xml:"ReportItem"`
}

ReportHost containts the hostname or ip address for the host and all vulnerability and service information.

type ReportItem

type ReportItem struct {
	Port                       int      `xml:"port,attr"`
	SvcName                    string   `xml:"svc_name,attr"`
	Protocol                   string   `xml:"protocol,attr"`
	Severity                   int      `xml:"severity,attr"`
	PluginID                   string   `xml:"pluginID,attr"`
	PluginName                 string   `xml:"pluginName,attr"`
	PluginFamily               string   `xml:"pluginFamily,attr"`
	PluginType                 string   `xml:"plugin_type,name"`
	PluginVersion              string   `xml:"plugin_version"`
	Fname                      string   `xml:"fname,name"`
	RiskFactor                 string   `xml:"risk_factor,name"`
	Synopsis                   string   `xml:"synopsis,name"`
	Description                string   `xml:"description,name"`
	Solution                   string   `xml:"solution,name"`
	PluginOutput               string   `xml:"plugin_output,name"`
	SeeAlso                    string   `xml:"see_also,name"`
	CVE                        []string `xml:"cve,name"`
	BID                        []string `xml:"bid,name"`
	XREF                       []string `xml:"xref,name"`
	PluginModificationDate     string   `xml:"plugin_modification_date,name"`
	PluginPublicationDate      string   `xml:"plugin_publication_date,name"`
	VulnPublicationDate        string   `xml:"vuln_publication_date,name"`
	ExploitabilityEase         string   `xml:"exploitability_ease,name"`
	ExploitAvailable           bool     `xml:"exploit_available,name"`
	ExploitFrameworkCanvas     bool     `xml:"exploit_framework_canvas,name"`
	ExploitFrameworkMetasploit bool     `xml:"exploit_framework_metasploit,name"`
	ExploitFrameworkCore       bool     `xml:"exploit_framework_core,name"`
	MetasploitName             string   `xml:"metasploit_name,name"`
	CanvasPackage              string   `xml:"canvas_package,name"`
	CoreName                   string   `xml:"core_name,name"`
	CVSSVector                 string   `xml:"cvss_vector,name"`
	CVSSBaseScore              float64  `xml:"cvss_base_score,name"`
	CVSSTemporalScore          string   `xml:"cvss_temporal_score,name"`
	ComplianceResult           string   `xml:"cm:compliance-result,name"`
	ComplianceActualValue      string   `xml:"cm:compliance-actual-value,name"`
	ComplianceCheckID          string   `xml:"cm:compliance-check-id,name"`
	ComplianceAuditFile        string   `xml:"cm:compliance-audit-file,name"`
	ComplianceCheckValue       string   `xml:"cm:compliance-check-name,name"`
}

ReportItem is vulnerability plugin output.

type Row

type Row struct {
	Finding          string
	PluginID         string
	Severity         string
	CVSSBaseScore    float64
	ExploitAvailable string
	Count            string
	Hosts            string
	FileName         string
	Algorithms       string
}

type SSHAuditEntry

type SSHAuditEntry struct {
	// contains filtered or unexported fields
}

type SSHAuditHTMLReportRows

type SSHAuditHTMLReportRows struct {
	Key        string
	Algorithms string
	Hosts      string
}

type SSHAuditInfo

type SSHAuditInfo struct {
	RepoPath       string
	VirtualENVPath string
	OutputDir      string
}

type SSHAuditReport

type SSHAuditReport struct {
	Banner struct {
		Comments interface{} `json:"comments,omitempty"`
		Protocol []int       `json:"protocol,omitempty"`
		Raw      string      `json:"raw,omitempty"`
		Software string      `json:"software,omitempty"`
	} `json:"banner,omitempty"`
	Compression []string `json:"compression,omitempty"`
	Cves        struct {
		Critical []struct {
			CVSSv2      float64 `json:"CVSSv2,omitempty"`
			Cve         string  `json:"cve,omitempty"`
			Description string  `json:"description,omitempty"`
		} `json:"critical,omitempty"`
		Warning []struct {
			CVSSv2      float64 `json:"CVSSv2,omitempty"`
			Cve         string  `json:"cve,omitempty"`
			Description string  `json:"description,omitempty"`
		} `json:"warning,omitempty"`
	} `json:"cves,omitempty"`
	Enc          []string `json:"enc,omitempty"`
	Fingerprints []struct {
		Hash    string `json:"hash,omitempty"`
		HashAlg string `json:"hash_alg,omitempty"`
		Hostkey string `json:"hostkey,omitempty"`
	} `json:"fingerprints,omitempty"`
	Kex []struct {
		Algorithm string `json:"algorithm,omitempty"`
		Keysize   int    `json:"keysize,omitempty"`
	} `json:"kex,omitempty"`
	Key []struct {
		Algorithm string `json:"algorithm,omitempty"`
		Keysize   int    `json:"keysize,omitempty"`
	} `json:"key,omitempty"`
	Mac             []string `json:"mac,omitempty"`
	Port            string   `json:"port,omitempty"`
	Recommendations struct {
		Critical struct {
			Chg struct {
				Kex []string `json:"kex,omitempty"`
			} `json:"chg,omitempty"`
			Del struct {
				Enc []string `json:"enc,omitempty"`
				Kex []string `json:"kex,omitempty"`
				Key []string `json:"key,omitempty"`
				Mac []string `json:"mac,omitempty"`
			} `json:"del,omitempty"`
		} `json:"critical,omitempty"`
		Warning struct {
			Del struct {
				Enc []string `json:"enc,omitempty"`
				Kex []string `json:"kex,omitempty"`
				Key []string `json:"key,omitempty"`
				Mac []string `json:"mac,omitempty"`
			} `json:"del,omitempty"`
		} `json:"warning,omitempty"`
	} `json:"recommendations,omitempty"`
	Target string `json:"target,omitempty"`
}

type SSHAuditReports

type SSHAuditReports struct {
	Report []SSHAuditReport
}

type ScanStats

type ScanStats struct {
	TotalCritical int
	TotalHigh     int
	TotalMedium   int
	TotalLow      int
}

type Tag

type Tag struct {
	Name string `xml:"name,attr"`
	Data string `xml:",chardata"`
}

Tag is used to split the tag into name and the tag content.

type TestSSLEntry

type TestSSLEntry struct {
	// contains filtered or unexported fields
}

type TestSSLHTMLReportRows

type TestSSLHTMLReportRows struct {
	Key   string
	Hosts string
}

type TestSSLReport

type TestSSLReport struct {
	Invocation string `json:"Invocation,omitempty"`
	At         string `json:"at,omitempty"`
	Version    string `json:"version,omitempty"`
	Openssl    string `json:"openssl,omitempty"`
	StartTime  string `json:"startTime,omitempty"`
	ScanResult []struct {
		TargetHost string `json:"targetHost,omitempty"`
		IP         string `json:"ip,omitempty"`
		Port       string `json:"port,omitempty"`
		RDNS       string `json:"rDNS,omitempty"`
		Service    string `json:"service,omitempty"`
		Pretest    []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"pretest,omitempty"`
		Protocols []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Cve      string `json:"cve,omitempty"`
			Cwe      string `json:"cwe,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"protocols,omitempty"`
		Grease  []interface{} `json:"grease,omitempty"`
		Ciphers []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Cwe      string `json:"cwe,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"ciphers,omitempty"`
		ServerPreferences []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"serverPreferences,omitempty"`
		Fs []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"fs,omitempty"`
		ServerDefaults []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"serverDefaults,omitempty"`
		HeaderResponse []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
			Cwe      string `json:"cwe,omitempty"`
		} `json:"headerResponse,omitempty"`
		Vulnerabilities []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Cve      string `json:"cve,omitempty"`
			Cwe      string `json:"cwe,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"vulnerabilities,omitempty"`
		CipherTests        []interface{} `json:"cipherTests,omitempty"`
		BrowserSimulations []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"browserSimulations,omitempty"`
		Rating []struct {
			ID       string `json:"id,omitempty"`
			Severity string `json:"severity,omitempty"`
			Finding  string `json:"finding,omitempty"`
		} `json:"rating,omitempty"`
	} `json:"scanResult,omitempty"`
	ScanTime int `json:"scanTime,omitempty"`
}

type TestSSLReports

type TestSSLReports struct {
	Report []TestSSLReport
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL