Listing 3, nessus.pl

#!/usr/bin/env perl

use Net::Nessus::ScanLite;

my $NESSUS_HOST = "localhost";
my $NESSUS_PORT = 1241;
my $NESSUS_SSL = 0;

my $NESSUS_USER = "nessus";
my $NESSUS_PASS = "nessus";

my $plugin = "10407;";

my $target_ip = $ARGV[0];

my $nessus = Net::Nessus::ScanLite -> new(host => $NESSUS_HOST,
					  port => $NESSUS_PORT,
					  ssl => $NESSUS_SSL);

$nessus -> preferences({ host_expansion => 'none',
			 safe_checks => 'yes',
			 checks_read_timeout => 1 } );

$nessus -> plugin_set($plugin);

if ($nessus -> login($NESSUS_USER, $NESSUS_PASS)) {
	$nessus -> attack($target_ip);
	# info
	print "Total info = " . $nessus -> total_info . "\n";
	foreach $info  ($nessus -> info_list) {
		print "Info:\n";
		print "ID: " . $info -> ScanID . "\n";
		print "Port: " . $info -> Port . "\n";
		print "Description: " . $info -> Description . "\n";
	}
	# holes
	print "Total holes = " . $nessus -> total_holes . "\n";
	foreach $hole ($nessus -> hole_list) {
		print "ID: " . $hole -> ScanID . "\n";
		print "Port: " . $hole -> Port . "\n";
		print "Description: " . $hole -> Description . "\n";
	}
} else {
	print "Nessus login failed!\n";
}


*Listing 4, getbanner.pl

#!/usr/bin/env perl

use Getopt::Std;
use Net::Nessus::ScanLite;
use Nmap::Parser;


$NESSUS_HOST = "localhost";
$NESSUS_PORT = 1241;
$NESSUS_SSL = 1;

$NESSUS_USER = "nessus";
$NESSUS_PASS = "nessus";

$NMAP_EXE = "/usr/local/bin/nmap";
$NMAP_ARGS = "-sT ";

&getopts('P:t:n:');

if (defined($opt_P)) {
	$port = $opt_P;
}

if ($opt_n) {
	$plugin_list = $opt_n;
}

if ($opt_t) {
	$target_net = $opt_t;
}

unless ($target_net && ($port >= 0 || $plugin_list)) { 
	die "$ARGV[0]: -t <target network> -n <plugin list> -P <port>\n";
}

# get an nmap parser going

$np = new Nmap::Parser;

# add the port to our args

$NEW_NMAP_ARGS = $NMAP_ARGS . "-p " . $port;

$np -> parse_filters({only_active => 1});
$np -> register_host_callback(\&host_found);
$np -> parsescan($NMAP_EXE, $NEW_NMAP_ARGS, $target_net);

# the host_found callback will accumulate a list of possible IPs for us

$np -> clean();

if ($plugin_list) {
	&run_nessus;
} else {
	&banners;
}


exit (0);

sub host_found {

	$self = shift;
	
	$ip = $self -> ipv4_addr();

	if ($self -> tcp_port_state($port) ne 'closed' &&
		$self -> tcp_port_state($port) ne 'filtered') {
		push(@target_list, $ip);
	}
	
	return;

}

sub banners {
	# now what we'll do is run a full port scan of the host
	
	foreach $target (@target_list) {
		print "Fully scanning $target\n";
		$newscan = new Nmap::Parser;
		$newscan -> parse_filters({only_active => 1});
		$newscan -> register_host_callback(\&grabber);
		$newscan -> parsescan($NMAP_EXE, $FULL_SCAN, $target);
		# free up some memory
		$newscan -> clean();
	}

}

sub grabber {
	$self = shift;

	$ip = $self -> ipv4_addr();	

	print "Getting banners from host: $ip\n";

	# ask Nmap::Parser for just the open ports

	foreach $port ($self -> tcp_ports('open')) {
		# establish a connection
		$nt = new Net::Telnet (
				Binmode => 0,
				Host => $ip,
				Port => $port,
				Errmode => 'return',
				Telnetmode => 0,
				Timeout => 5
				);

		if ($nt) {
			print "Connected to $ip:$port\n";
			$nt -> put("\n\n");
			$lines = 0;
			while ($lines < 5 && $nt) {
				$line = $nt -> getline();
				print "$line";
				$lines++;
			}
			# an extra newline, for tidy output
			print "\n";
			$nt -> close();
		} else {
			print "Unable to contact $ip:$port\n";

		}

	}

	return;
	
}

sub run_nessus {

	foreach $ip (@target_list) {
		# create a new connection to the Nessus server	
		print "Nessus scanning $ip\n";
		$nessus = Net::Nessus::ScanLite -> new (host => $NESSUS_HOST,
							port => $NESSUS_PORT,
							ssl => $NESSUS_SSL);
		$nessus -> preferences( { host_expansion => 'none',
					safe_checks => 'no',
					auto_enable_dependencies => 'yes',
					checks_read_timeout => 1 } );

		$nessus -> plugin_set($plugin_list);
		if ($nessus -> login($NESSUS_USER, $NESSUS_PASS)) {
			$nessus -> attack($ip);
			print "Total info: " . $nessus -> total_info . "\n";
			foreach $info ($nessus -> info_list) {
				print "Info:\n";
				print "ID: " . $info -> ScanID . "\n";
				print "Port: " . $info -> Port . "\n";
				print "Description: " . $info -> Description . "\n";
			}
			print "Total holes: " . $nessus -> total_holes . "\n";
			foreach $hole ($nessus -> hole_list) {
				print "Hole:\n";
				print "ID: " . $hole -> ScanID . "\n";
				print "Port: " . $hole -> Port . "\n";
				print "Description: " . $hole -> Description . "\n";
			}
		} else {
			die "Nessus login failed!\n";
		}
	}
	return;
}

