Search This Blog

Thursday, January 6, 2011

Nessus reports by email

Here is a script compiled from different sources and examples:

#!/usr/bin/perl
# Script to run Nessus scan on targets.txt and send HTML report
# tested under CentOS 5
# create a user in Nessus GUI and create one policy with credentilas you want.
# place this script and targets.txt in /opt/nessus-scripts
# Use "perl -MCPAN -e shell" and then "install Net::Nessus::XMLRPC" etc to install
# perl modules needed (in "use" directive below)
# You will also need xsltproc - installed with "yum libxslt"


use Net::Nessus::XMLRPC;
use Net::SMTP;
use MIME::Lite;
use strict;
use warnings;


my $my_file = '/opt/nessus-scripts/report.html';
my $your_file = 'report.html';
my $reportfile ='/opt/nessus-scripts/report.xml';
my $targetsfile ='/opt/nessus-scripts/targets.txt';

### Adjust sender, recipient and your SMTP mailhost
my $from_address = 'you@test.com';
my $to_address = 'you@test.com';
my $mail_host = 'smtp.test.com';

### Adjust subject and body message
my $subject = 'Nessus';
my $message_body = "Report attached";



#--------------------------------------------------------------------------------------------------
#Scan
# '' is same as https://localhost:8834/
my $n = Net::Nessus::XMLRPC->new ('','user','password');
die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);
print "Logged in\n";
my $polid=$n->policy_get_first;
print "Using policy ID: $polid ";
my $polname=$n->policy_get_name($polid);
print "with name: $polname\n";
my $targets = "";
my $scanid=$n->scan_new_file($polid,"automated-script",$targets,$targetsfile);
while (not $n->scan_finished($scanid)) {
print "$scanid: ".$n->scan_status($scanid)."\n";
sleep 100;
}
print "$scanid: ".$n->scan_status($scanid)."\n";
my $reportcont=$n->report_file_download($scanid);
open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";
print FILE $reportcont;
close (FILE);

#--------------------------------------------------------------------------------------------------
#convert

system ('/usr/bin/xsltproc -o /opt/nessus-scripts/report.html /opt/nessus/var/nessus/www/html.xsl /opt/nessus-scripts/report.xml');


#--------------------------------------------------------------------------------------------------
#send



### Adjust the filenames

### Create the multipart container
my $msg = MIME::Lite->new (
From => $from_address,
To => $to_address,
Subject => $subject,
Type =>'multipart/mixed'
) or die "Error creating multipart container: $!\n";

### Add the text message part
$msg->attach (
Type => 'TEXT',
Data => $message_body
) or die "Error adding the text message part: $!\n";

### Add the file
$msg->attach (
Type => 'text/html',
Path => $my_file,
Filename => $your_file,
Disposition => 'attachment'
) or die "Error adding $my_file: $!\n";

### Send the Message
MIME::Lite->send('smtp', $mail_host, Timeout=>60);
$msg->send;

No comments: