byt3bl33d3r/nessus_parser.py

## nessus_parser.py
import xmltodict
from contextlib import ContextDecorator

"""
with NessusParser("path/to/dotnessusfile.nessus") as parser:
  for url in parser:
    print(url)
"""

class NessusParser(ContextDecorator):
    def __init__(self, path_to_nessus_file):
        self.nessus_file = path_to_nessus_file
        self.urls = set()

    def parser_callback(self, path, item):
        """
        Apperently, Nessus's plugins are far from being consistent when trying to detect http/https pages
        https://github.com/FortyNorthSecurity/EyeWitness/blob/master/modules/helpers.py#L100-L106
        https://github.com/FortyNorthSecurity/EyeWitness/blob/master/modules/helpers.py#L225-L230
        """

        try:
            entry = dict(path)
            if entry['ReportItem']['svc_name'] == 'https?':
                self.urls.add(f"https://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")

            elif entry['ReportItem']['pluginID'] == "22964" and entry['ReportItem']['svc_name'] == 'www':
                if "A web server is running on this port through" in dict(item)['plugin_output']:
                    self.urls.add(f"https://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")
                else:
                    self.urls.add(f"http://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")

            elif entry['ReportItem']['svc_name'] in ['http?', 'www']:
                self.urls.add(f"http://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")
        except KeyError:
            pass

        return True

    def __enter__(self):
        with open(self.nessus_file, 'rb') as nessus_file:
            xmltodict.parse(
                nessus_file,
                item_depth=4,
                item_callback=self.parser_callback,
                process_namespaces=True
            )

            for url in self.urls:
                yield url

    def __exit__(self, *exc):
        self.urls = set()
	import xmltodict
	from contextlib import ContextDecorator

	"""
	with NessusParser("path/to/dotnessusfile.nessus") as parser:
	for url in parser:
	print(url)
	"""

	class NessusParser(ContextDecorator):
	def __init__(self, path_to_nessus_file):
	self.nessus_file = path_to_nessus_file
	self.urls = set()

	def parser_callback(self, path, item):
	"""
	Apperently, Nessus's plugins are far from being consistent when trying to detect http/https pages
	https://github.com/FortyNorthSecurity/EyeWitness/blob/master/modules/helpers.py#L100-L106
	https://github.com/FortyNorthSecurity/EyeWitness/blob/master/modules/helpers.py#L225-L230
	"""

	try:
	entry = dict(path)
	if entry['ReportItem']['svc_name'] == 'https?':
	self.urls.add(f"https://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")

	elif entry['ReportItem']['pluginID'] == "22964" and entry['ReportItem']['svc_name'] == 'www':
	if "A web server is running on this port through" in dict(item)['plugin_output']:
	self.urls.add(f"https://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")
	else:
	self.urls.add(f"http://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")

	elif entry['ReportItem']['svc_name'] in ['http?', 'www']:
	self.urls.add(f"http://{entry['ReportHost']['name']}:{entry['ReportItem']['port']}")
	except KeyError:
	pass

	return True

	def __enter__(self):
	with open(self.nessus_file, 'rb') as nessus_file:
	xmltodict.parse(
	nessus_file,
	item_depth=4,
	item_callback=self.parser_callback,
	process_namespaces=True
	)

	for url in self.urls:
	yield url

	def __exit__(self, *exc):
	self.urls = set()