Beispiel #1
0
        private bool NessusScanIsRunning(string nessusScanID)
        {
            using (NessusManagerSession nessusSession = new NessusManagerSession(this.Configuration["nessusHost"])) {
                bool loggedIn = false;
                nessusSession.Authenticate(this.Configuration ["nessusUser"], this.Configuration ["nessusPass"], 1234, out loggedIn);

                if (!loggedIn)
                {
                    throw new Exception("Invalid username/password");
                }

                using (NessusObjectManager nessusManager = new NessusObjectManager(nessusSession)) {
                    var report = nessusManager.GetReports()
                                 .Where(r => r.ReadableName == nessusScanID)
                                 .SingleOrDefault();

                    if (report.Status == "completed")
                    {
                        return(false);
                    }

                    return(true);
                }
            }
        }
        public override void ProcessRequest(HttpContext context)
        {
            ISession sess = this.CurrentSession;

            PersistentUser   user   = sess.Get <PersistentUser>(new Guid(context.Request["UserID"]));
            PersistentClient client = sess.Get <PersistentClient>(new Guid(context.Request["ClientID"]));

            if (user == null || !user.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            if (client == null || !client.HasAPIAccess)
            {
                throw new Exception("no api access");
            }

            string readableName = context.Request["ReportReadableName"];

            if (string.IsNullOrEmpty(readableName))
            {
                throw new Exception("no readable name");
            }

            NessusManagerSession nessusSession = new NessusManagerSession("192.168.56.101");

            bool loggedIn = false;

            nessusSession.Authenticate("nessus", "nessus", 1234, out loggedIn);

            if (!loggedIn)
            {
                throw new Exception("Invalid username/password");
            }

            NessusObjectManager nessusManager = new NessusObjectManager(nessusSession);

            NessusReport report = nessusManager.GetReports()
                                  .Where(r => r.ReadableName == readableName)
                                  .SingleOrDefault();

            context.Response.Write(report.ToBusinessXml());
        }