Created
September 22, 2021 17:59
-
-
Save allenmichael/08526546c2ab0139c0b73a61df53b1b3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import json | |
| from pprint import pprint | |
| from tenable.dl import Downloads | |
| from zipfile import ZipFile | |
| import re | |
| import hashlib | |
| import logging | |
| agent_version = '8.3.1' | |
| agent_name = f'NessusAgent-{agent_version}-amzn.x86_64.rpm' | |
| prefix = 'AL2Package' | |
| zip_package_name = 'NessusAgentPackageAmazonLinux.zip' | |
| bucket_name = 'nessusal2-distributor-packaging-amsxbg' | |
| region = 'us-east-1' | |
| sm = boto3.client('secretsmanager') | |
| ssm = boto3.client('ssm') | |
| s3 = boto3.client('s3') | |
| try: | |
| s3.create_bucket(Bucket=bucket_name, CreateBucketConfiguration={ | |
| 'LocationConstraint': region}) | |
| except ClientError as e: | |
| print(e) | |
| response = sm.get_secret_value( | |
| SecretId='TenableSecrets' | |
| ) | |
| tio_keys = json.loads(response['SecretString']) | |
| linking_key = tio_keys.get('agentLinkingKey') | |
| tdl = Downloads(tio_keys.get('apiKey')) | |
| with open('install.sh', 'r+') as f: | |
| content = f.read() | |
| content = re.sub(r'linking_key=.+', f'linking_key={linking_key}', content) | |
| content = re.sub(r'file=.+', f'file={agent_name}', content) | |
| print(content) | |
| f.seek(0) | |
| f.write(content) | |
| with open(agent_name, 'wb') as pkgfile: | |
| tdl.download('nessus-agents', agent_name, pkgfile) | |
| with ZipFile(zip_package_name, 'w') as zip: | |
| zip.write(agent_name) | |
| zip.write('install.sh') | |
| zip.write('uninstall.sh') | |
| h = hashlib.sha256() | |
| with open(zip_package_name, "rb") as f: | |
| for byte_block in iter(lambda: f.read(4096), b""): | |
| h.update(byte_block) | |
| with open('manifest.json', 'w') as manifest: | |
| mj = { | |
| "schemaVersion": "2.0", | |
| "version": agent_version, | |
| "packages": { | |
| "amazon": { | |
| "_any": { | |
| "_any": { | |
| "file": zip_package_name | |
| } | |
| } | |
| } | |
| }, | |
| "files": { | |
| zip_package_name: { | |
| "checksums": { | |
| "sha256": h.hexdigest() | |
| } | |
| } | |
| }} | |
| manifest.write(json.dumps(mj)) | |
| try: | |
| s3.upload_file('manifest.json', bucket_name, f'{prefix}/manifest.json') | |
| s3.upload_file(zip_package_name, bucket_name, | |
| f'{prefix}/{zip_package_name}') | |
| except ClientError as e: | |
| logging.error(e) | |
| with open('manifest.json', 'r') as manifest: | |
| content = manifest.read() | |
| ssm.create_document( | |
| Content=content, | |
| Attachments=[ | |
| { | |
| 'Key': 'SourceUrl', | |
| 'Values': [ | |
| f'https://s3.amazonaws.com/{bucket_name}/{prefix}', | |
| ] | |
| }, | |
| ], | |
| Name='NessusAgentInstallerAL2', | |
| VersionName=agent_version, | |
| DocumentType='Package', | |
| ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment