Monday, June 25, 2012

Download All Nessus Reports at Command-line

So I have a lot of Nessus scan files and have been looking for a quick way to download all of the reports in Nessus V2 format for processing; I found this to be the simple way - if you put all 3 lines into a shell script even simpler.

token="$(/opt/local/bin/wget --no-check-certificate --post-data 'login=userIDn&password=password' https://127.0.0.1:8834/login -O - | grep '<token>' | sed 's/<contents><token>//g' | sed 's/<\/token><user>//g')"

/opt/local/bin/wget --post-data "token=$token" --no-check-certificate https://127.0.0.1:8834/report/list -O - | grep 'name' | sed 's/<name>//g' | sed 's/<\/name>//g' > reports

for i in $(cat reports); do /opt/local/bin/wget --post-data "token=$token&report=$i" --no-check-certificate https://127.0.0.1:8834/file/report/download -O - > $i.nessus; done;


You will need to swap out the userID and password for your local Nessus User ID and Password - but there you go a few lines and you have all of your reports.

You also my need to adjust the path for wget - I was using it from MacPorts on my machine.

cheers

JSN

No comments:

Post a Comment