pwn_nessus_cloud_create_scan Driver - add policy parameter

ninp0 · ninp0 · commit 2115eb3623c6 · 2022-05-18T09:01:16.000-06:00
diff --git a/Gemfile b/Gemfile
@@ -61,7 +61,7 @@ gem 'rspec', '3.11.0'
 gem 'rtesseract', '3.1.2'
 gem 'rubocop', '1.29.1'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.10.0'
+gem 'rubocop-rspec', '2.11.0'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '0.10.0'
 gem 'ruby-saml', '1.14.0'
diff --git a/README.md b/README.md
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.426]:001 >>> PWN.help
+pwn[v0.4.427]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.426]:001 >>> PWN.help
+pwn[v0.4.427]:001 >>> PWN.help
 ```
 
 
diff --git a/bin/pwn_nessus_cloud_create_scan b/bin/pwn_nessus_cloud_create_scan
@@ -15,8 +15,16 @@ OptionParser.new do |options|
     opts[:yaml_config] = c
   end
 
-  options.on('-nVALUE', '--scan-template-name=VALUE', '<Optional - Name of Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |n|
-    opts[:scan_template_name] = n
+  options.on('-nNAME', '--scan-name=NAME', '<Required - YAML Name of Scan to Create>') do |n|
+    opts[:scan_name] = n
+  end
+
+  options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan (Defaults to "")>') do |p|
+    opts[:policy_name] = p
+  end
+
+  options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
+    opts[:scan_template] = t
   end
 end.parse!
 
@@ -38,26 +46,35 @@ begin
   access_key = yaml[:access_key]
   secret_key = yaml[:secret_key]
 
-  scan_template_name = opts[:scan_template_name]
-  scan_template_name ||= 'Basic Network Scan'
+  scan_name = opts[:scan_name]
+
+  policy_name = opts[:policy_name]
+  policy_name ||= ''
+
+  scan_template = opts[:scan_template]
+  scan_template ||= 'Basic Network Scan'
 
   nessus_obj = PWN::Plugins::NessusCloud.login(
     access_key: access_key,
     secret_key: secret_key
   )
 
+  policy_list = PWN::Plugins::NessusCloud.get_policies(
+    nessus_obj: nessus_obj
+  )
+  puts policy_list.inspect
+
   scan_template_list = PWN::Plugins::NessusCloud.get_canned_scan_templates(
     nessus_obj: nessus_obj
   )
 
-  puts scan_template_list.inspect
   selected_scan_template = scan_template_list[:templates].select do |scan_template|
-    scan_template[:title] == scan_template_name
+    scan_template[:title] == scan_template
   end
-  puts selected_scan_template.inspect
 
   scan_template_id = selected_scan_template.first[:uuid]
-  puts scan_template_id
+
+  
 rescue Interrupt
   puts 'CTRL+C detected...goodbye.'
 rescue StandardError => e
diff --git a/lib/pwn/plugins/nessus_cloud.rb b/lib/pwn/plugins/nessus_cloud.rb
@@ -110,6 +110,42 @@ module NessusCloud
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_policies(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_policies(opts = {})
+        nessus_obj = opts[:nessus_obj]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'policies'
+        ).body
+
+        JSON.parse(scan_templates_resp, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_policies(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_folders(opts = {})
+        nessus_obj = opts[:nessus_obj]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'policies'
+        ).body
+
+        JSON.parse(scan_templates_resp, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_scans(
       #   nessus_obj: 'required - nessus_obj returned from #login method'
@@ -301,6 +337,14 @@ module NessusCloud
             secret_key: 'required - API secret key (will prompt if blank)'
           )
 
+          #{self}.get_policies(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
+          #{self}.get_folders(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
           #{self}.get_canned_scan_templates(
             nessus_obj: 'required - nessus_obj returned from #login method'
           )
diff --git a/lib/pwn/version.rb b/lib/pwn/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.426'
+  VERSION = '0.4.427'
 end
