Harry,
If you have a perl interpreter and a nessusrc (nessus config) file, try
the below script. Assuming you save the script as 'rcfilter.pl', you'd
use it like this:
rcfilter.pl nessusrc CVE-2001-0416 CVE-1999-0905 CVE-2001- >
new_nessusrc
You can list as many CVE IDs or partial IDs as you want (or any other
search parameter, for that matter). You'd then use the new rcfile with
the NessusClient -c switch.
Hope this helps.
NOTE: I just threw this together. Obviously, you wouldn't embed
credentials in a production script.
John Scherff
#!/usr/bin/perl
scalar @ARGV ge 2 or die "Usage: $0 <config> <filter> [<filter> ...]\n";
my $nConf = shift;
open( CONF, $nConf ) or die "Error opening config file $nConf: $!.\n";
my $pSet;
my $cveIdRgx = join( '|', @ARGV );
my ( $nHost, $nPort, $nUser, $nPass ) =
( 'myhost', '1241', 'john', 'foobar' );
foreach ( qx/NessusClient -xqp $nHost $nPort $nUser $nPass/ ) {
my $nId = ( split /\|/ )[0];
/$cveIdRgx/ and $pSet .= " $nId = yes\n"
or $pSet .= " $nId = no\n";
}
foreach ( <CONF> ) {
/ \d{5} =/ and next;
/end.PLUGIN_SET/ and print $pSet;
print;
}
close CONF;
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ron Gula
Sent: Thursday, May 17, 2007 2:40 AM
To: harry forbess
Cc: [email protected]
Subject: Re: picking a plugin for a particular CVE?
harry forbess wrote:
> is there a way to just pick the plugins for particular CVEs?
Not all plugins have a CVE in them. Many do, but enough don't that it
isn't a feature in the various Nessus clients. You can search by CVE at
the nessus.org plugins interface to find which plugins you should run.
http://www.nessus.org/plugins/index.php?view=search
Ron Gula, CTO
Tenable Network Security
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
