#VERSION,1.00 # $Id: $ ############################################################################### # Copyright (C) 2010 CIRT, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; version 2 # of the License only. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ############################################################################### # PURPOSE: # Reporting in Nessus NBE format. ############################################################################### sub nikto_report_nbe_init { my $id = { name => "report_nbe", full_name => "NBE reports", author => "Seccubus", description => "Produces a NBE report.", report_head => \&nbe_open, report_item => \&nbe_item, report_format => 'nbe', copyright => "2010 CIRT Inc." }; return $id; } sub nbe_open { my ($file) = @_; # Open file and produce header open(OUT, ">>$file") || die print STDERR "+ ERROR: Unable to open '$file' for write: $@\n"; # Write header print OUT "timestamps|network|host|port|nikto_id|prio|$NIKTO{'name'} v$NIKTO{'version'}/$NIKTO{'core_version'}\n"; return OUT; } sub nbe_item { my ($handle, $mark, $item) = @_; foreach my $uri (split(' ', $item->{'uri'})) { my ( $line, $network ); if ( $item->{'mark'}->{'hostname'} && $item->{'mark'}->{'port'} && $item->{'nikto_id'} ) { if ($item->{'mark'}->{'hostname'} =~ /^(\d+\.\d+\.\d+)\.\d+$/) { $network = $1; } $line.="results|"; $line.="$network|"; $line.="$item->{'mark'}->{'hostname'}|"; $line.="$item->{'mark'}->{'port'}|"; $line.="$item->{'nikto_id'}|"; $line.="Security Warning|"; if ($item->{'osvdb'}) { $line.="OSVDB-$item->{'osvdb'}: " }; if ($item->{'method'}) { $line.="$item->{'method'} " }; if ($uri) { $line.="${'uri'}: " }; $line.=$item->{'message'}; print $handle "$line\n"; } else { my $debug = "Data provided:\n$handle, $mark, $item"; $debug.= "\nContents of \$mark:"; foreach my $key ( sort keys %$mark ) { $debug .= "\n$key - $mark->{$key}"; } $debug.= "\nContents of \$item:"; foreach my $key ( sort keys %$item ) { $debug .= "\n$key - $item->{$key}"; } $debug.= "\nContents of \$item->{mark}:"; foreach my $key ( sort keys %{$item->{mark}} ) { $debug .= "\n$key - $item->{mark}->{$key}"; } #die $debug; nprint("+ Invalid reporting line: $debug"); } } } 1;