nasl-wrapper.pl
Nessus scripts on your own terms
or have any suggestions, please contact me.
Latest Version is: 0.2
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Description
Written by: MadHat at Unspecific.comThis is a simple script that scans a range of hosts with NASL scripts used by Nessus.
"Why?" you might ask...
NASL is a great tool for creating vulnerability assesments, but I don't like having to run nessusd all the time. I also don't care of any of the GUIs. Recently I wanted to scan hosts for the MS ASN.1 vulnerability, but nothing else. I found it dificult to scan a large network for this one vulnerability. When using just nasl (windows_asn1_vuln_ntlm.nasl), which will scan a large network on it's own, it is slow and does a poor job of reporting. Specifcially when scanning it will say success, but not tell the IP that is vulnerable. So with this and using my nmap-wrapper as a guide, I through this together to scan "large" networks for a specific vulnerability.
An example of the time difference. Running nasl with a simple script (yahoo_msg_running.nasl) on a callss C took almost 10 minutes while my wrapper took less than one minute.
$ time sudo nasl -t10.0.0.0/24 /usr/local/lib/nessus/plugins/yahoo_msg_running.nasl Success Success ... Success Success real 9m51.984s user 0m0.070s sys 0m0.020s $ time sudo ./nasl-wrapper.pl -l10.0.0.0/24 -t yahoo_msg_running.nasl 10.0.0.22 is Vulnerable 10.0.0.20 is Vulnerable ... 10.0.0.167 is Vulnerable 10.0.0.197 is Vulnerable real 0m59.954s user 0m1.100s sys 0m1.020s
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Features
- Fast
- Simple
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
BUGS
Send your bugs to Bugs at Unspecific.com- None at this time
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Requirements
perl (>5.6 prefered)Nessus
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Download
nasl-wrapper.pl - v0.2Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
ToDo
- Multiple scans at once
- More output options (like including a description from the nals file).
- Better control, such as non-standard port
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Output
$ sudo ./nasl-wrapper.pl -l10.0.0.0/24 -t yahoo_msg_running.nasl 10.0.0.22 is Vulnerable 10.0.0.20 is Vulnerable 10.0.0.19 is Vulnerable
With Verbose Output
$ sudo ./nasl-wrapper.pl -v -l10.0.0.0/24 -t yahoo_msg_running.nasl Password: scanning 10.0.0.0/24 10.0.0.22 (machine22.unspecific.com) Vulnerable to Check for a Yahoo Messenger Instance 10.0.0.20 (machine20.unspecific.com) Vulnerable to Check for a Yahoo Messenger Instance ... 10.0.0.146 (machine146.unspecific.com) Vulnerable to Check for a Yahoo Messenger Instance 10.0.0.167 (machine167.unspecific.com) Vulnerable to Check for a Yahoo Messenger Instance 10.0.0.197 (machine197.unspecific.com) Vulnerable to Check for a Yahoo Messenger Instance -- Scan Finished. Scan of 256 ip(s) took 61 seconds
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Usage (output from ./nasl-wrapper.pl -h)
$ ./nasl-wrapper.pl : nasl-wrapper v0.2 - MadHat (at) Unspecific.com : http://www.unspecific.com/ ./nasl-wrapper.pl [ -hv ] -i <filename> | -l <host_list> -t <nasl_script> \ [ -n <num_children> [-e <nasl_exec> options: -h help (this stuff) -v verbose - will add details -l network list in comma delimited form: a.b.c.d/M,e.f.g.h/x.y.z.M -i input file containing network list, one network per line -n max number of children to fork -t This is the nasl script to run on each host. -e Location of the nasl executable
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log
Change Log
- 0.2
- Added -v to allow for Verbose ouput of nasl name and DNS name
- added more robustness and better checks for nessus/nasl and the nasl scripts
- 0.1
- Created the damn thing
Description | Features | Bugs | ToDo | Requirements | Download | Output | Usage/Docs | Change Log