Ruby's NessusLibs
         
    ...and your slogan could go here  
 





Intro

Ruby's Nessus Libs helps developers easily create ruby clients for Nessus. For those of you who don't know Nessus is a great free (used to be open source, now you can still get an open source version, but doesn't have all the features the new one has) vulnerability scanner. You can find more infomation about Nessus as nessus.org. This library works much the same as Perl's Net::Nessus module. I've been a Perl guy for years and this is my first try at a real ruby program, hopefully it will be of some use to someone. If you have any suggestions of if I'm not doing something the "Ruby way" then please send me suggestions at nessuslibs@davewking.com.

Roadmap

The current version works ok, but it's missing some of the features (less used features) of Nessus. I'm planning on adding these over the next couple of weeks.

Currently Supported Features

  • connect to nessusd via TSLv1
  • use fast_login or slow login options
  • get a hashes with a lists of preferences, plugins, plugin dependencies, rules, and sessions
  • set preferences, plugins and rules
  • start scan
  • get results in organized into several hashes

Unsupported features we hope to add

  • better documentation
  • make a ruby gem
  • login without SSL for those who want plain text
  • ability to stop a scan
  • abiltiy to reconnect to a session
  • login with a cert instead of a password
  • parse descriptions (pull out risk, solution, etc into a sub hash)
  • detached scan stuff
  • ATTACHED_FILE stuff
  • md5_caching stuff
  • plugin upload stuff
  • save timestamps somewhere
  • PLUGINS_ORDER?

Sample Client

#!/usr/bin/env ruby

#example of a client using nessuslibs

#import the class
require 'nessuslibs'

#create new object parameters are(nessusd host's ip, nessusd port, ssl version, fastlogin 0=no 1=yes)
nc = NessusClient.new('10.0.0.40', '1241', 'TLSv1', 0)

#connect to nessusd
nc.connect

#login to nessusd parameters(username, password)
if nc.login('username', 'password') == 1
puts "done with logging in"
else
puts "error logging in"
end

#before you scan you must set the preferences, here we just set them from what was read in after login
#setPrefs sets the prefs, getPrefs gets the hash of prefs recieved after login
nc.setPrefs(nc.getPrefs)

#getPlugins gets a list of plugins sent by nessusd after login
myplugins = nc.getPlugins

pluginStr = ""

#here we're building a string of plugins to pass in using setPlugins
myplugins.each do |key, value|
pluginStr += key + ";"
end

#this is where you set the plugins you want nessusd to run, this is in the format of "plugin1;plugin2;plugin3" etc
nc.setPlugins(pluginStr)

#attack starts the attack, tell it the host you wish to attack
nc.attack("10.0.0.1")

#ports returns an array of a hash that has all the open ports found
#the hash has keys "host", "port", "proto", "service"
puts nc.ports

#ports returns an array of a hash that has all the holes found
#the hash has keys "host", "port", "proto", "service", "message"
puts nc.holes

#ports returns an array of a hash that has all the infos found
#the hash has keys "host", "port", "proto", "service", "message"
puts nc.infos

#ports returns an array of a hash that has all the notes found
#the hash has keys "host", "port", "proto", "service", "message"
puts nc.notes

#the class also has 4 empty methods for you to override if you'd like
#they allow you to imediatly proccess port, hole, note, and info messages as they come in
#they're called showHole, showPort, showInfo, and showNote
#they are passed a message hash, wich have the keys from the section above
class MyNC < NessusClient
def showHole(messageHash)
puts "HOLE " + messageHash["host"] + " " + messageHash["details"]
end
end

mync = NessusClient.new('10.0.0.40', '1241', 'TLSv1', 0)

#connect to nessusd
mync.connect

#login to nessusd parameters(username, password)
if mync.login('username', 'password') == 1
puts "done with logging in"
else
puts "error logging in"
end

#before you scan you must set the preferences, here we just set them from what was read in after login
#setPrefs sets the prefs, getPrefs gets the hash of prefs recieved after login
mync.setPrefs(mync.getPrefs)

#getPlugins gets a list of plugins sent by nessusd after login
myplugins = mync.getPlugins

pluginStr = ""

#here we're building a string of plugins to pass in using setPlugins
myplugins.each do |key, value|
pluginStr += key + ";"
end

#this is where you set the plugins you want nessusd to run, this is in the format of "plugin1;plugin2;plugin3" etc
mync.setPlugins(pluginStr)

#attack starts the attack, tell it the host you wish to attack
mync.attack("10.0.0.1")