#!perlenv -w #--------------------------------------------------------- # nessus-stable - nessus service table # David J Kyger - April 27, 2003 # Used to create a table that provides service and banner # information for each IP in a NessusWX export file. #--------------------------------------------------------- use strict; my $style = ""; my $header = ""; my $tablecolumn1astart = ""; my $tablecolumn2start = ""; my $tablecolumn3start = " "; my $servicestart = " "; my $bannerstart = ""; my ( $port, $uniqip, $longip ); my ( @nessusdata, @ports, @ips, @uniqip, @splitip, @rearranged ); my %longips; my $nessusdata = $ARGV[0]; my $num = 256; my $count = 0; my $bannerplace = 0; my $allbanners; my @allbanners; my @osreport; my $os; if ( $#ARGV < 1 ) { print "usage: stable "; exit; } my $htmlreport = $ARGV[1] . "\.html"; open( HTML, "> $htmlreport" ) || die "Could not open file: $! \n"; print HTML $style; print HTML $header; open( NESSUSDATA, "< $nessusdata" ) || die "Could not open file: $! \n"; @nessusdata = ; close(NESSUSDATA); if ( $nessusdata[0] !~ m/\[NessusWX Export File\]/ ) { print "File $ARGV[0] does not appear to be a valid NessusWX Export File\n"; exit 0; } foreach $nessusdata (@nessusdata) { my @result = split ( /\|/, $nessusdata ); if ( $result[0] =~ /(NessusWX|DATA)/ ) { next; } elsif ( !$result[2] ) { chomp $nessusdata; push @ports, $nessusdata; push @ips, $result[0]; } elsif ($nessusdata =~ m/10336\|INFO/) { $result[4] =~ s/Nmap(.*)running //; $result[4] =~ s/\;//; push(@osreport, $result[0] . "|" . $result[4]); } elsif ($nessusdata =~ m/10337\|INFO/) { $result[4] =~ s/QueSO(.*)host OS is//; $result[4] =~ s/(\;\;\;(.*)$| \;\* )//g; push(@osreport, $result[0] . "|" . $result[4]); } elsif ($nessusdata =~ m/10107(.*)web server/) { $result[4] =~ s/The remote(.*):\;\;//; $result[4] =~ s/\;\;Solution(.*)$//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10281(.*)telnet banner/) { $result[4] =~ s/Remote telnet banner ://; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10267(.*)SSH version/) { $result[4] =~ s/Remote SSH version : //; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10185(.*)POP server/) { push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10092(.*)FTP server banner/) { $result[4] =~ s/Remote FTP server banner :\;//; $result[4] =~ s/\;//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10330(.*)SMTP server/) { $result[4] =~ s/An SMTP server(.*)banner : \;//; $result[4] =~ s/ready at(.*)$//; $result[4] =~ s/\;(.*)$//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10159(.*)NNTP server version/) { $result[4] =~ s/Remote(.*)version ://; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10622(.*)PPTP server/) { $result[4] =~ s/A PPTP(.*)port\;//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10658(.*)Oracle tnslsnr/) { $result[4] =~ s/This host is running(.*)tnslsnr: //; $result[4] =~ s/- Production(.*)$//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } elsif ($nessusdata =~ m/10785(.*)lan manager/) { $result[4] =~ s/The remote(.*)manager is ://; $result[4] =~ s/\;The remote Operating (.*)$//; push(@allbanners,$result[0] . "|" . $result[1] . "|" . $result[4]); } } @uniqip = keys %{ { @ips, reverse @ips } }; foreach $uniqip (@uniqip) { @splitip = split ( /\./, $uniqip ); $longip = ( $splitip[0] * ( $num * $num * $num ) ) + ( $splitip[1] * ( $num * $num ) ) + ( $splitip[2] * $num ) + ( $splitip[3] ); $longips{$longip} = $uniqip; } @rearranged = sort { $a <=> $b } keys %longips; foreach (@rearranged) { my $osmarker = 0; my $rowspan = 1; foreach $port (@ports) { my @result = split ( /\|/, $port ); if ( $result[1] =~ m/general/ ) { next; } elsif ( $longips{$_} eq $result[0] ) { $rowspan = $rowspan + 1; } } print HTML $tablecolumn1astart . $rowspan . $tablecolumn1bstart . $longips{$_} . $tablecolumn1end; foreach $os (@osreport) { my @result = split ( /\|/, $os ); if ( $longips{$_} eq $result[0] ) { print HTML $tablecolumn2start . "OS" . $tablecolumn2end; print HTML $tablecolumn3start . $result[1] . $tablecolumn3end; $osmarker = 1; } } if ($osmarker != 1) { print HTML $tablecolumn2start . "OS" . $tablecolumn2end; print HTML $tablecolumn3start . "n/a" . $tablecolumn3end; $osmarker = 0; } foreach $port (@ports) { my $bannermarker = 0; my @result = split ( /\|/, $port ); if ( $result[1] =~ m/general/ ) { next; } elsif ( $longips{$_} eq $result[0] ) { print HTML $servicestart . $result[1] . $serviceend; foreach $allbanners (@allbanners) { my @resultban = split ( /\|/, $allbanners ); if ( $longips{$_} eq $resultban[0] && $resultban[1] eq $result[1] ) { chomp $resultban[2]; print HTML $bannerstart . $resultban[2] . $bannerend; $bannermarker = 1; } } if ($bannermarker != 1) { print HTML $bannerstart . "n/a" . $bannerend; } } } } print HTML "

IP Address/ Hostname	Ports Identified	System/Services Identification
"; my $tablecolumn1end = "	"; my $tablecolumn2end = "	"; my $tablecolumn3end = "
"; my $serviceend = "	"; my $bannerend = "

IP Address/

Hostname

Ports Identified

System/Services Identification

"; my $tablecolumn1end = "

"; my $tablecolumn2end = "

"; my $tablecolumn3end = "

"; my $serviceend = "

"; my $bannerend = "