Monday, June 25, 2012

Rescan Validation

Code:
https://github.com/JasonMOliver/Java_Parsers/blob/master/XMLValidate.java

-----

I received a task a while back to validate that a .nessus artifact (some scan output) could support validation that a item found in the past was fixed.

I broke this task down into a few items:

  1. Was the pluginID scanned for in the file? 
  2. Was it found on any hosts in the scan output?
  3. What was scanned?

I created this little java command to validate these items from the command-line.

Its used thus:
 java XMLValidate <fileName> <pluginID>

You can check for more than one pluginID at a time just simply keep adding them as args to the command.

The output looks like this:

--------
java XMLValidate ScanInput.nessus 30218

PluginID: 30218 was located as item 11903 scanned for in the plugin_set.
----> PluginID 30218 was identified on host 10.10.10.1
----> PluginID 30218 was identified on host 10.10.10.2

Scanned Hosts:
10.10.10.1
10.10.10.2
10.10.10.3
10.10.10.4
10.10.10.5

--------
Or in the case the file is clean:

--------
java XMLValidate ScanInput.nessus 30218

PluginID: 30218 was located as item 11903 scanned for in the plugin_set.
----> PluginID 30218 was NOT identified on any scanned host.

Scanned Hosts:
10.10.10.1
10.10.10.2
10.10.10.3
10.10.10.4
10.10.10.5

---------

As always drop me a note with improvements as this just represents my hack and slash attempt to save time validating a files while on a airline flight.

cheers

JSN

No comments:

Post a Comment