使用Nessus API下载自定义Nessus扫描报告

Question

我有成功下载csv格式Nessus扫描报告的python代码，但我需要在下载的报告中添加一些额外的字段。我在请求负载中包含参数以包含某些字段，但下载的扫描不包含这些字段。

我尝试使用reportedContents关键字将参数的值更改为实际的布尔类型。

此外，我将格式更改为pdf，它导出的PDF文件只是一个标题页和一个空白目录的页面。

下载的csv文件中有数据，但只包含默认头部(即)：

Plugin ID,CVE,CVSS v2.0 Base Score,Risk,Host,Protocol,Port,Name,Synopsis,Description,Solution,See Also,Plugin Output

POST请求的原始输出如下所示：

POST https://localhost:8834/scans/<scan_id>/export  
X-ApiKeys: accessKey=accessKey;secretKey=secretKey  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 122   

format=csv&reportContents.vulnerabilitySections.exploitable_with=true&reportContents.vulnerabilitySections.references=true

def download_scan(scan_num):

    # Post an export request
    headers = {
        'X-ApiKeys': 'accessKey=accessKey;secretKey=secretKey',
        'Content-Type': 'application/x-www-form-urlencoded'
    }
    
    
    data = {
        'format': 'csv',
        'reportContents.vulnerabilitySections.exploitable_with': 'true',
        'reportContents.vulnerabilitySections.references': 'true'
    }       

    res = requests.post(url + '/scans/{id_num}/export'.format(id_num = scan_num), data=data, verify=False, headers=headers)

    if res.status_code == 200:
        export = json.loads(res.text)
        file_id = export.get('file')
    
    # Continually check the scan status until the status is ready
    while True:
        # Check file status
        res = requests.get(url + '/scans/{id_num}/export/{file_num}/status'.format(id_num = scan_num, file_num = file_id), verify=False, headers=headers)
        
        if res.status_code == 200:
            status = json.loads(res.text)['status'] 
            if status == 'ready':
                break

    # Download the scan
    res = requests.get(url + '/scans/{scan_num}/export/{file_num}/download'.format(scan_num = scan_num, file_num = file_id), verify=False, headers=headers)

    # If the scan is successfully downloaded, get the attachment file
    if res.status_code == 200:
        attachment = res.content
        print("Scan downloaded!!!")
    else:
        raise Exception("Download request failed with status code: " + str(res))
    
    return attachment

def main():

    # Download the scan based on the scan_id. I have a helper function that returns the id that I am omitting here
    try:
        scan = download_scan(scan_id)   
    except Exception as e:
        print(e)
        quit()
    
    with open("scan.csv", "wb") as f:
        f.write(scan)
    f.close()

if __name__ == "__main__":
    main()

Answer 1

我和PowerShell有完全相同的问题。我的附加列和筛选器似乎都不起作用。是不是想知道你有没有得到任何乐趣让它工作？

如果我更改scan_id，我会得到正确的不同结果，这表明它正在接收JSON，但忽略了列和过滤器。

我的JSON如下...

{
"scan_id":  3416,
"format":  "csv",
"reportContents.vulnerabilitySections.cvss3_base_score":  true,
"filters":  {
                "filter.0.quality":  "gt",
                "filter.0.filter":  "cvss2_base_score",
                "filter.0.value":  "6.9",
                "filter.1.quality":  "neq",
                "filter.1.filter":  "cvss2_base_score",
                "filter.1.value":  ""
            }
 }