コード例 #1
0
ファイル: scan-maker.php プロジェクト: TheProjecter/nessquik 
/**
* Merge plugins in special plugin profile into the scanner set
*
* This function will iterate through plugins associated with
* a special plugin profile and set the plugins equal to 'yes'
* that have been specified in the special plugin profile
*
* @param string $profile_id Profile ID of the scan whose
*	plugin list is to be updated 
* @param array $scanner_set List of all plugins used by nessus.
*	The array is indexed by plugin ID with the values of
*	each item being either 'yes' if the plugin should be
*/
function merge_plugin_profiles($profile_id, &$scanner_set)
{
    global $client;
    $client->query('jobs.getProfilePlugins', _CLIENT_KEY, $profile_id, 'spe');
    $special = $client->getResponse();
    if (count($special) < 1) {
        return;
    }
    foreach ($special as $key => $spe) {
        $client->query('jobs.getSpecialProfileItems', $profile_id);
        $profile_items = $client->getResponse();
        foreach ($profile_items as $key => $item) {
            $type = $item['plugin_type'];
            $plugin = $item['plugin'];
            if ($type == 'fam') {
                merge_families($profile_id, $scanner_set);
            } else {
                if ($type == 'sev') {
                    merge_severities($profile_id, $scanner_set);
                } else {
                    if ($type == 'plu') {
                        $scanner_set[$plugin] = 'yes';
                    }
                }
            }
        }
    }
}
コード例 #2
0
ファイル: runnow.php プロジェクト: TheProjecter/nessquik 
$stmt->execute();
while ($row = $stmt->fetch_assoc()) {
    $scanner_set[$row['pluginid']] = 'no';
}
$set = $scanner_set;
// Get the information for all the profiles
$stmt2->execute($profile_id);
// Loop through each profile's information
$row = $stmt2->fetch_assoc();
$machine_list = array();
$username = $row['username'];
$rand = rand(0, 1000000);
$scanner_set = $set;
$output = array();
$machine_list = make_machine_list($profile_id);
merge_severities($profile_id, $scanner_set);
merge_all($profile_id, $scanner_set);
merge_families($profile_id, $scanner_set);
merge_plugins($profile_id, $scanner_set);
$ml = make_ml_file($username, $rand, $machine_list);
$nrc = make_nrc_file($username, $rand, $scanner_set);
$stmt3->execute($profile_id);
$stmt4->execute($profile_id);
$stmt5->execute($profile_id);
$command = escapeshellcmd("nohup " . _NESSUS_CMD . " -q -c {$nrc} -T html -x " . _NESSUS_SERVER . ' ' . _NESSUS_PORT . ' ' . _NESSUS_USER . ' ' . _NESSUS_PASS . " {$ml} -");
exec($command, $output);
if (count($output) < 1) {
    $retval = "The scan was not run. Did you remeber to give appropriate sudo privileges to the web user?";
} else {
    foreach ($output as $key => $val) {
        $val = trim($val);