import
requests
import
json
class
NessusClient():
def
__init__(
self
, nessusServer, nessusPort,
validateCert
=
False
,initialSeqNumber
=
1
):
self
.nessusServer
=
nessusServer
self
.nessusPort
=
nessusPort
self
.url
=
'https://'
+
str
(nessusServer)
+
':'
+
str
(nessusPort)
self
.token
=
None
self
.headers
=
{}
self
.bodyRequest
=
{}
self
.seqNumber
=
initialSeqNumber
self
.validateCert
=
validateCert
def
constructParamsAndHeaders(
self
,
headers
=
{}, params
=
{}, jsonFormat
=
True
):
if
jsonFormat:
self
.body
=
{
'seq'
:
self
.seqNumber,
'json'
:
'1'
}
else
:
self
.body
=
{
'seq'
:
self
.seqNumber,
'json'
:
'0'
}
if
self
.token
is
not
None
:
self
.headers
=
{
'Host'
:
str
(
self
.nessusServer)
+
':'
+
str
(
self
.nessusPort),
'Content-type'
:
'application/x-www-form-urlencoded'
,
'X-Cookie'
:
'token='
+
self
.token,
'seq'
:
self
.seqNumber}
else
:
self
.headers
=
{
'Host'
:
str
(
self
.nessusServer)
+
':'
+
str
(
self
.nessusPort),
'Content-type'
:
'application/x-www-form-urlencoded'
}
self
.body.update(params)
self
.headers.update(headers)
print
self
.headers
def
requestNessus(
self
, url, method
=
"POST"
):
if
method
=
=
"GET"
:
response
=
requests.get(url,
data
=
self
.body, headers
=
self
.headers, verify
=
self
.validateCert)
else
:
response
=
requests.post(url,
data
=
self
.body, headers
=
self
.headers, verify
=
self
.validateCert)
self
.seqNumber
+
=
1
try
:
return
json.loads(response.content)
except
ValueError:
return
response.content
def
call(
self
, service, params
=
{},
jsonFormat
=
True
, method
=
"GET"
):
self
.constructParamsAndHeaders(params
=
params,
jsonFormat
=
jsonFormat)
content
=
self
.requestNessus(
self
.url
+
service, method
=
method)
return
content
def
login(
self
, nessusUser, nessusPassword,
jsonFormat
=
True
):
self
.constructParamsAndHeaders(params
=
'username'
:nessusUser,
'password'
:nessusPassword})
content
=
self
.requestNessus(
self
.url
+
"/session"
, method
=
"POST"
)
if
content.has_key(
"token"
):
self
.token
=
content[
'token'
]
return
content
client
=
NessusClient(
'127.0.0.1'
,
'8834'
)
client.login(
'adastra'
,
'password'
)
print
str
(client.call(
'/policies'
))
+
"
"
print
str
(client.call(
'/scans'
,
params
=
{
'folder_id'
:
1
,
'last_modification_date'
:
1
}))
+
"
"