Calling nessus from shell..


 
Thread Tools Search this Thread
Special Forums Cybersecurity Calling nessus from shell..
# 1  
Old 09-05-2002
Calling nessus from shell..

I am trying to code a php script that calls upon the "nessus" client; and formats the output into a HTML table. Somehow, my shell scripts don't seen to be working correctly...is my syntax messed up?

Here's what i got:

<CENTER><BR><BR><BR><BR>
<table width="" border="0" cellspacing="1" cellpadding="0" bgcolor="#B1B78B"><tr><td>
<table width="" border="0" cellspacing="1" cellpadding="8" bgcolor="#F6F7EB"><tr><TD WIDTH="100%" BGCOLOR="#B1B78B"><b>Our scanner found the following interesting ports on node <? echo $_SERVER[REMOTE_HOST]; ?>
<? echo $_SERVER[REMOTE_ADDR]; ?>: </b></TD>
</TR>
<TR><?
$target = $_SERVER[REMOTE_ADDR];
$fp=fopen($target,'w') or exit (LogError($target));
fputs($fp,$target);
fclose($fp);
exec ("/usr/sbin/bin/nessus -q -c /usr/local/httpd/htdocs/postnuke/.nessusrc localhost 1241 thomas nimda $target $nessusResult 2> clientError");
$arraySize = sizeof($nessusResult);
$x = 3;
while($x < $arraySize){
echo "<tr>
<td><b>" .$nessusResult[$x]. "</b></td>"; $x++; } ?>
</tr>


Thanks!
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Programming

How to parse .nessus file to get result in human readable format?

Scripting Language: bash shell script, python I want to parse .nessus file in human readable format. If any one have any ideas please help me. (2 Replies)
Discussion started by: sk151993
2 Replies

2. Shell Programming and Scripting

How to write script to scan ip list through Nessus?

Scripting language: Shell script I want to Scan IP's from IPlist.txt through Nessus using shell scripting language. Give the Input (IPlist) to nessus and generate Nessus report in xml or PDF form which is saved automatically on computer . Please help if any one has idea about how to write... (2 Replies)
Discussion started by: sk151993
2 Replies

3. UNIX for Dummies Questions & Answers

VNC Server Unauthenticated Access - Nessus

hi guys Suse 10 SP2 Security guys run an app called Nessus for vulnerabilities and they found this one on my linux VNC Server Unauthenticated Access and I really don't know what they mean... I can update vnc on these servers but there is not guarantee this will fix the issue and the... (2 Replies)
Discussion started by: kopper
2 Replies

4. Shell Programming and Scripting

calling 'n' number of shell scripts based on dependency in one shell script.

Hello gurus, I have three korn shell script 3.1, 3.2, 3.3. I would like to call three shell script in one shell script. i m looking for something like this call 3.1; If 3.1 = "complete" then call 3.2; if 3.2 = ''COMPlete" then call 3.3; else exit The... (1 Reply)
Discussion started by: shashi369
1 Replies

5. Shell Programming and Scripting

shell script for nessus-adduser

I took a stab at writing a script to automate the interactive process of adding users to Nessus - I have zero previous coding experience. So far, it doesn't get me anywhere. I took small sections of code from posts I found on this site and others:... (1 Reply)
Discussion started by: nolamiami
1 Replies

6. Cybersecurity

how to hide os type from scaning of nmap or nessus

my os is freebsd 7.1 just open sshd and hide the sshd banner nessus still report correctly the os type how to hide os type from scaning of nmap or nessus? Thanx so much. my ipfw rule: ipfwcmd="ipfw -q add allow tcp" localip="192.168.1.254" $ipfwcmd from any to $localip 22 in setup... (2 Replies)
Discussion started by: overdose
2 Replies

7. Shell Programming and Scripting

Calling shell functions from another shell script

Hi, I have a query .. i have 2 scripts say 1.sh and 2.sh 1.sh contains many functions written using shell scripts. 2.sh is a script which needs to call the functions definded in 1.sh function calls are with arguments. Can some one tell me how to call the functions from 2.sh? Thanks in... (6 Replies)
Discussion started by: jisha
6 Replies

8. Shell Programming and Scripting

Calling Shell Script

Hello Friends, I have bash script on unix server which i want to call from windows server. Basically i want a command line which will call this script on unix server. Any one has any idea regarding this? Help really appreciated!! Thanks, Roshni. (1 Reply)
Discussion started by: onlyroshni
1 Replies
Login or Register to Ask a Question
SHELL-QUOTE(1)						User Contributed Perl Documentation					    SHELL-QUOTE(1)

NAME
shell-quote - quote arguments for safe use, unmodified in a shell command SYNOPSIS
shell-quote [switch]... arg... DESCRIPTION
shell-quote lets you pass arbitrary strings through the shell so that they won't be changed by the shell. This lets you process commands or files with embedded white space or shell globbing characters safely. Here are a few examples. EXAMPLES
ssh preserving args When running a remote command with ssh, ssh doesn't preserve the separate arguments it receives. It just joins them with spaces and passes them to "$SHELL -c". This doesn't work as intended: ssh host touch 'hi there' # fails It creates 2 files, hi and there. Instead, do this: cmd=`shell-quote touch 'hi there'` ssh host "$cmd" This gives you just 1 file, hi there. process find output It's not ordinarily possible to process an arbitrary list of files output by find with a shell script. Anything you put in $IFS to split up the output could legitimately be in a file's name. Here's how you can do it using shell-quote: eval set -- `find -type f -print0 | xargs -0 shell-quote --` debug shell scripts shell-quote is better than echo for debugging shell scripts. debug() { [ -z "$debug" ] || shell-quote "debug:" "$@" } With echo you can't tell the difference between "debug 'foo bar'" and "debug foo bar", but with shell-quote you can. save a command for later shell-quote can be used to build up a shell command to run later. Say you want the user to be able to give you switches for a command you're going to run. If you don't want the switches to be re-evaluated by the shell (which is usually a good idea, else there are things the user can't pass through), you can do something like this: user_switches= while [ $# != 0 ] do case x$1 in x--pass-through) [ $# -gt 1 ] || die "need an argument for $1" user_switches="$user_switches "`shell-quote -- "$2"` shift;; # process other switches esac shift done # later eval "shell-quote some-command $user_switches my args" OPTIONS
--debug Turn debugging on. --help Show the usage message and die. --version Show the version number and exit. AVAILABILITY
The code is licensed under the GNU GPL. Check http://www.argon.org/~roderick/ or CPAN for updated versions. AUTHOR
Roderick Schertler <roderick@argon.org> perl v5.16.3 2010-06-11 SHELL-QUOTE(1)