Code:
https://github.com/JasonMOliver/Java_Parsers/blob/master/XMLTable.java
-----
I have been working on a bit of code in my free time as Nessus seems to be moving away from the .nbe format and honestly the .nessus format has a lot more information.
I still need to move this data into a format that is more friendly with the command-line from time to time and also I need the data in a format acceptable for reports. This bit of java will take the V2 .nessus files and convert them to a html table or xls if you so desire as Excel supports html tables.
You need to pass this the .nessus file at the command-line
java XMLTable Input.nessus > output.[html/xls]
and it should churn out the table available for sorting and calculations. I have included the columns useful to me thus far but the java is simple enough to adjust for more or less columns.
I am working on another project to produce NIST style tables and statistics when I get some more free time. Also I would really like to clean up this code.
I wanted to get this out the door as I have some work that needs this data next week and a few people waiting to use it.
I seem to always be coding under a dire need / deadline .... thus its not pretty.
If this is useful to you as always great use it abuse it drop me a copy.
cheers
JSN
--- A Thanks to @dhongyt for the XML jump start.
This looks like exactly what I'm looking for, but no matter how I execute, I get an "Could not find or load main class XMLTable.java" error. I'm definitely no java expert, would you mind enlightening me?
ReplyDeleteWith out the error I am not 100% sure but it sounds like you are not compiling the file into a .class from the .java source. You can do that with the command javac. http://www.blackhat.org/2012/06/java-101-howto.html <-- Howto
DeleteAlso take a look at the current version of XMLTable in on GitHub it has even more data.
Thanks. I got it to work now. Have you thought about hyper-linking Nessus ID or CVE results within the cells?
DeleteOne more question too. I was reading through your README, and I don't see the syntax of the commands. Are they all similar to the above? (java XMLWhatever Input.nessus > output.[html/xls]) Thanks!
The linking would not be hard to add in you would just have to change the output line in the code.
DeleteAll of the command lines are in the blog for that script and in the comments in the header of the .java file. You should be able to find them, most are that format by the way.
This comment has been removed by the author.
ReplyDeleteI get these errors...any ideas?
ReplyDeletecom.sun.org.apache.xerces.internal.impl.io.MalformedByteSequenceException: Invalid byte 1 of 1-byte UTF-8 sequence.
at com.sun.org.apache.xerces.internal.impl.io.UTF8Reader.invalidByte(UTF8Reader.java:687)
at com.sun.org.apache.xerces.internal.impl.io.UTF8Reader.read(UTF8Reader.java:557)
at com.sun.org.apache.xerces.internal.impl.XMLEntityScanner.load(XMLEntityScanner.java:1719)
at com.sun.org.apache.xerces.internal.impl.XMLEntityScanner.arrangeCapacity(XMLEntityScanner.java:1596)
at com.sun.org.apache.xerces.internal.impl.XMLEntityScanner.skipString(XMLEntityScanner.java:1634)
at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:196)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:783)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:748)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:123)
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:239)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:288)
at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:205)
at XMLTable.main(XMLTable.java:36)
I have seen this before, most of the time its a Nessus plugin thats putting non-UTF-8 chars in the output and its an actual bug in Nessus or your scanning on US machines.
DeleteThe quick fix is to clean up the file manually;
iconv -c -f utf-8 -t ascii input.nessus > ascii_output.nessus
You can see more on the forums - https://discussions.nessus.org/thread/4772
hope this helps
This comment has been removed by the author.
ReplyDeleteJason,
ReplyDeletewhen running java XMLVulnStatsV3 scan_v2.nessus output.html I end up with an empty html and my nessus source file being overwriten
what's the proper syntax to run it ?
You have the files in the wrong order - java XMLVulnStatsV3 output.html scan_v2.nessus
ReplyDelete