static void Main(string[] args)
{
Connect connect = new Connect();
var logRepository = LogManager.GetRepository(Assembly.GetEntryAssembly());
NessusOperations nessusOperations = new NessusOperations();
string token = "";
int operation = 0;
XmlConfigurator.Configure(logRepository, new FileInfo("log4net.config"));
ConnectJsonOperations.ControlFileAndGetAuthInfo(ref connect);
token = nessusOperations.GetToken(connect.Url, connect);
if (token != null)
{
log.Info(" login test - establishing connection and getting token success");
}
else
{
log.Error("login test - error while getting token. Please check auth.json file");
Environment.Exit(0);
}
while (true)
{
Console.Write("--POSSUS--\n1 - Export last scan\n2 - Export scan by ID\n3 - List all scan IDs\n4 - Get last scan\n5 - Get scan by ID\n6 - Get server status\n\nOperation: ");
bool Valid = false;
while (Valid == false)
{
string Input = Console.ReadLine();
if (int.TryParse(Input, out operation))
{
Valid = true;
}
else
{
Console.Write("please write integer: ");
}
}
switch (operation)
{
case 1:
AppOperations.ExportLastScan(connect);
break;
case 2:
AppOperations.ExportScanById(connect);
break;
case 3:
AppOperations.ListAllScanIds(connect);
break;
case 4:
AppOperations.GetLastScan(connect);
break;
case 5:
AppOperations.GetScanById(connect);
break;
case 6:
AppOperations.GetServerStatus(connect);
break;
}
}
}
public void GetAndReturnScan(string URL, Connect na, string id, string file, int export = 0)
{
XmlDocument doc;
string xml;
List <JToken> Vulnerabilities;
IRestResponse Response = null;
JObject Details = null;
List <JToken> Tags;
ScanResult scanResult = new ScanResult();
Host host = new Host(); //host
Vulnerability vulnerability;
List <Vulnerability> vulnerabilities = new List <Vulnerability>();
try
{
string token = GetToken(URL, na);
Client = new RestClient(URL + "/scans/" + id + "/export/" + file + "/download");
SSLHandler();
Request = new RestRequest(Method.GET);
Request.AddHeader("X-Cookie", $"token={token}");
Response = Client.Execute(Request);
StatusCodeChecker(Response);
log.Info("GetAndReturnScan get request is success");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
log.Error("error while get request in GetAndReturnScan");
}
string json;
try
{
//convert and parse xml to json
xml = Response.Content;
doc = new XmlDocument();
doc.LoadXml(xml);
json = JsonConvert.SerializeXmlNode(doc);
Details = JObject.Parse(json);
File.WriteAllText($"zzz.json", JsonConvert.SerializeObject(Details)); //--------------------------
log.Info("convert and parse xml to json is success");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
log.Error("error while convert and parse xml to json");
}
Vulnerabilities = Details["NessusClientData_v2"]["Report"]["ReportHost"]["ReportItem"].ToList();
Tags = Details["NessusClientData_v2"]["Report"]["ReportHost"]["HostProperties"]["tag"].ToList();
//scan name
if (Details["NessusClientData_v2"]["Report"]["@name"] != null)
{
scanResult.ScanName = Details["NessusClientData_v2"]["Report"]["@name"].ToString();
}
//report generated
scanResult.ReportGenerated = DateTime.Now.ToString();
//hosts
foreach (var item in Tags)
{
//target
if (item["@name"].ToString() == "host-ip")
{
if (item["#text"] != null)
{
host.Target = item["#text"].ToString();
}
}
//scan start date
else if (item["@name"].ToString() == "HOST_START")
{
if (item["#text"] != null)
{
host.ScanStartDate = item["#text"].ToString();
}
}
//scan finish date
else if (item["@name"].ToString() == "HOST_END")
{
if (item["#text"] != null)
{
host.ScanFinishDate = item["#text"].ToString();
}
}
//mac address
else if (item["@name"].ToString() == "mac-address")
{
if (item["#text"] != null)
{
host.MacAddress = item["#text"].ToString();
}
}
//operating system
else if (item["@name"].ToString() == "operating-system")
{
if (item["#text"] != null)
{
host.OperatingSystem = item["#text"].ToString();
}
}
}
Console.WriteLine();
Console.WriteLine("ScanName : " + scanResult.ScanName);
Console.WriteLine("ReportGenerated : " + scanResult.ReportGenerated);
Console.WriteLine("Target : " + host.Target);
Console.WriteLine("ScanStartDate : " + host.ScanStartDate);
Console.WriteLine("ScanFinishDate : " + host.ScanFinishDate);
Console.WriteLine("MAC Address : " + host.MacAddress);
Console.WriteLine("OperatingSystem : " + host.OperatingSystem);
Console.WriteLine("\nVulnerabilities");
foreach (var item in Vulnerabilities)
{
vulnerability = new Vulnerability();
//protocol
if (item["@protocol"] != null)
{
vulnerability.Protocol = item["@protocol"].ToString();
}
//severity
if (item["@severity"] != null)
{
vulnerability.Severity = (SeverityEnum)int.Parse(item["@severity"].ToString());
}
//pluginid
if (item["@pluginID"] != null)
{
vulnerability.PluginId = item["@pluginID"].ToString();
}
//name
if (item["@pluginName"] != null)
{
vulnerability.Name = item["@pluginName"].ToString();
}
//cvss base score
if (item["cvss_base_score"] != null)
{
vulnerability.CvssBaseScore = item["cvss_base_score"].ToString();
}
//description
if (item["description"] != null)
{
vulnerability.Description = item["description"].ToString();
}
//solution
if (item["solution"] != null)
{
vulnerability.Solution = item["solution"].ToString();
}
//plugin output
if (item["plugin_output"] != null)
{
vulnerability.Output = item["plugin_output"].ToString();
}
vulnerabilities.Add(vulnerability);
Console.WriteLine("----------------------------------");
Console.WriteLine("\tprotocol : " + vulnerability.Protocol);
Console.WriteLine("\tseverity : " + vulnerability.Severity);
Console.WriteLine("\tpluginID : " + vulnerability.PluginId);
Console.WriteLine("\tname : " + vulnerability.Name);
Console.WriteLine("\tcvssBaseScore : " + vulnerability.CvssBaseScore);
Console.WriteLine("\tdescription : " + vulnerability.Description);
Console.WriteLine("\tsolution : " + vulnerability.Solution);
Console.WriteLine("\toutput : " + vulnerability.Output);
log.Info("writing info to console is success");
}
//export json
if (export == 1)
{
try
{
new ScanResultCollection(scanResult, host, vulnerabilities); //sikinti burada
log.Info("json export is success");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
log.Error("error while exporting json");
}
}
}
