Roberto Álamos Moreno > Parse-Nessus-Plugin > Parse::Nessus::Plugin

Download:
Parse-Nessus-Plugin-0.5.tgz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  0
View/Report Bugs
Module Version: 0.4   Source  

NAME ^

Parse::Nessus::Plugin - OO methods to parse Nessus plugins

SYNOPSIS ^

  use Parse::Nessus::Plugin;

  $plugin = Parse::Nessus::Plugin->new || undef;
  if(!$plugin) {
    die("It wasn't posible to initialize parser");
  }

  $plugin->parse_file($nasl_file);     # Parse from a filename
  $plugin->parse_string($nasl_string); # Parse from a string

  $plugin->description; # Get description
  $plugin->solution;    # Get solution

DESCRIPTION ^

Parse::Nessus::Plugin provides OO methods that easily parse Nessus plugins written in NASL. With this module you can get the script id, solution, description, risk factor and many other information in your NASL plugin with a simple call to an OO method.

METHODS ^

Method new

Usage :

  my $plugin = Parse::Nessus::Plugin->new;

This method returns an instance of the Parse::Nessus::Plugin class.

Method parse_file

Usage :

  $plugin->parse_file($nasl_filename);

This method tells Parse::Nessus::Plugin to be ready to parse $nasl_filename, where $nasl_filename is the path to the .nasl plugin (for example /usr/nessus/cifs445.nasl). If this method returns true, then you can continue with the parsing, otherwise, the argument given wasn't a valid .nasl plugin.

Method parse_string

Usage :

  $plugin->parse_string($nasl_string);

This method tells Parse::Nessus::Plugin to be ready to parse $nasl_string, where $nasl_string is a SCALAR variable that contains the code of a Nessus plugin written in NASL. If this method returns true, then you can continue with the parsing, otherwise, the string given as argument isn't a valid .nasl plugin.

Method id

Usage :

  my $id = $plugin->id;

This method returns the plugin id of the last plugin processed with parse_file or parse_string, as SCALAR variable.

Method filename

Usage :

  my $filename = $plugin->filename;

This method returns the name of the plugin's file (only if you used parse_file method).

Method cve

Usage :

  my @cve = $plugin->cve;

This method returns the list of CVE names associated with the current plugin.

Method bugtraq

Usage :

  my @bugtraq = $plugin->bugtraq;

This method returns the list of bugtraq ids associated with the current plugin.

Method version

Usage :

  my $version = $plugin->version;

This method returns the version of the current plugin.

Method name

Usage :

  my $name = $plugin->name;

This method returns the name of the current plugin.

Method summary

Usage :

  my $summary = $plugin->summary;

This method returns the summary of the current plugin.

Method description

Usage :

  my $description = $plugin->description;

This method returns the description of the current plugin. Attention: JUST the description. Other data as solution, risk factor, etc. can be reached via their own methods.

Method solution

Usage :

  my $solution = $plugin->solution;

This method returns the solution of the current plugin.

Method risk

Usage :

  my $risk = $plugin->risk;

This method returns the risk factor of the current plugin.

Method family

Usage :

  my $family = $plugin->family;

This method returns the family of the current plugin.

Method category

Usage :

  my $category = $plugin->category;

This method returns the category of the current plugin.

Method copyright

Usage :

  my $copyright = $plugin->copyright;

This method returns the copyright of the current plugin.

Method register_service

Usage :

  my $is_fs = $plugin->register_service;

This method returns True if the plugin registers a service or False if it doesn't

Method register_service_proto

Usage:

  my $proto = $plugin->register_service_proto;

This method return the 'proto' argument of a call to the register_service function

Method error

Usage :

  my $error = $plugin->error;

This method returns the last error happened during the parsing of the current plugin.

List of errors:

  NO_FILE: The filename gived to parse_file method doesn't exist or it's empty.
  NO_NESSUS_PLUGIN: The string gived to parse_string method isn't a valid NASL plugin.
  NO_CVE: The current plugin hasn't an associated a CVE names list.
  NO_BUGTRAQID: The current plugin hasn't associated a BUGTRAQIDs list.
  NO_NAME: The current plugin hasn't a script_name field.
  NO_SUMMARY: The current plugin hasn't a script_summary field.
  NO_DESCRIPTION: The current plugin hasn't a script_description field.
  NO_SOLUTION: The current plugin hasn't a solution field inside the script_description field.
  NO_RISK: The current plugin hasn't a risk factor field inside the script_description field.
  NO_FAMILY: The current plugin hasn't a script_family field.
  NO_CATEGORY: The current plugin hasn't a script_category field.
  NO_COPYRIGHT: The current plugin hasn't a script_copyright field.
  NO_REGISTER_SERVICE: The current plugin doesn't execute the register_service function
  NO_REGISTER_SERVICE_PROTO: The current plugin does execute the register_service function but it doesn't specify a proto

EXAMPLE ^

  # This example takes a .nasl file and prints its file name, plugin id, name and CVE list
  use Parse::Nessus::Plugin;

  my $plugin = Parse::Nessus::Plugin->new;
  if($plugin->error) {
    die ("There were an error. Reason: ".$plugin->error);
  }

  if(!$plugin->parse_file('/path/to/plugin.nasl') {
    die ("There were an error. Reason: ".$plugin->error);
  }

  print "FILENAME:".$plugin->filename."\n";
  print "PLUGIN ID:".$plugin->id."\n";
  print "NAME:".$plugin->name."\n";
  my $cve = $plugin->cve;
  if($cve) {
    print " CVE:\n";
    foreach my $cve (@{$cve}) {
      print "  $cve\n";
    }
  }

Check the examples directory to see more examples.

BUGS ^

There aren't reported bugs yet, but that doesn't mean that it's free of them :)

AUTHOR ^

Roberto Alamos Moreno <ralamosm@cpan.org>

COPYRIGHT ^

Copyright (c) 2005-2007 Roberto Alamos Moreno. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

syntax highlighting: