NAME

NexposeSimpleXML::Parser - Parse NeXpose scan data with Perl

VERSION

This document describes the latest version of NexposeSimpleXML::Parser.

SYNOPSIS

my $nxp = new NexposeSimpleXML::Parser;

my $parser = $nxp->parse_file('test1.xml');
   #a NexposeSimpleXML::Parser Object

my @host = $parser->get_all_hosts();
   #an Array of NexposeSimpleXML::Parser::Host Objects

my $host1 = $hosts[0];

my @services = $host1->get_all_services();
   #an Array of NexposeSimpleXML::Parser::Host::Service Objects

my $service1 = $services[0];

my @vulnerabilities = $host1->get_all_vulnerabilities();
   #an Array of NexposeSimpleXML::Parser::Vulnerabilities Objects for 
   #the host OS. 

   or

my @vulnerabilities = $service1->get_all_vulnerabilities();
   #an Array of NexposeSimpleXML::Parser::Vulnerabilities Objects for 
   #this service. 

my $vulnerability1 = $vulnerabilities[0];

my @references = $$vulnerability1->get_all_references();
   #an Array of NexposeSimpleXML::Parser::References Objects for this 
   #specific vulnerability. 

For a full listing of methods see the documentation corresponding to each object.

DESCRIPTION

OVERVIEW

NexposeSimpleXML::Parser			-- Core parser
|
+--NexposeSimpleXML::Parser::Session           -- NeXpose scan session information
|
+--NexposeSimpleXML::Parser::Vulnerabilitiy    -- Vulnerability information
|
+--NexposeSimpleXML::Parser::Reference         -- Reference for vulnerability data
|
+--NexposeSimpleXML::Parser::Fingerprint       -- Fingerprint information (os or service)
|  
+--NexposeSimpleXML::Parser::Host              -- General host information
|  |
|  |--NexposeSimpleXML::Parser::Service        -- Port information
|  |  |

METHODS

NexposeSimpleXML::Parser

The main idea behind the core modules is, you will first parse the scan data then extract the information. Therefore, you should run parse_file or parse_scan then the you can use any of the get_* methods.

parse_file($xml_file)

Parse a NeXpose SimpleXML file.

get_session()

Obtain the NexposeSimpleXML::Parser::Session object which contains the session scan information.

get_all_hosts()

Obtain an Array of NexposeSimpleXML::Parser::Host objects which contain host information.

NexposeSimpleXML::Parser::Session

This object contains the scan session information of the NeXpose scan.

generated()

Returns the timestamp the report was generated.

NexposeSimpleXML::Parser::Host

This object contains the information for a host.

address()

Returns a string which contains the ip of this host.

get_all_services()

Returns an array of NexposeSimpleXML::Parser::Host::Service objects, which represent the services that this host has open.

get_port($port)

Obtain a NexposeSimpleXML::Parser::Host::Service object which contains the service information.

get_all_ports()

Obtain an Array of NexposeSimpleXML::Parser::Host::Service objects which contain port information.

get_fingerprint()

Obtain a NexposeSimpleXML::Parser::Fingerprint object which contain the fingerprint of the OS for this host.

NexposeSimpleXML::Parser::Fingerprint

This object contains the fingerprint details for the OS or service.

certainty()

Returns a string which contains the certainty of this fingerprint.

description()

Returns a string which contains the description this fingerprint. Example of an OS fingerprint: Ubuntu Linux 8.10

vendor()

Returns a string which contains the vendor this fingerprint. Example of an OS fingerprint: Ubuntu

family()

Returns a string which contains the family of this fingerprint. Example of an OS fingerprint: Linux

product()

Returns a string which contains the product of this fingerprint. Example of an OS fingerprint: Linux

version()

Returns a string which contains the version of this fingerprint. Example of an OS fingerprint: 8.10

device_class()

Returns a string which contains the device_class of this fingerprint. This is undef for a service fingerprint.

arch()

Returns a string which contains the arch of this fingerprint. This is undef for a service fingerprint. Exampleo of an OS fingerprint: x86_64

NexposeSimpleXML::Parser::Host::Service

This object contains the information for a port.

name()

Returns a string which contains the service name.

protocol()

Returns a string which contains the protocol.

port()

Returns a string which contains the port number.

get_all_vulnerabilities()

Returns an Array of NexposeSimpleXML::Parser::Vulnerability objects which contain information about the vulnerabilities for this service.

get_fingerprint()

Obtain a NexposeSimpleXML::Parser::Fingerprint object which contain the fingerprint of the service.

NexposeSimpleXML::Parser::Vulnerability

This object contains the information for vulnerability.

id()

Returns the id of this vulnerability.

response_code()

Returns the response code. This can be VE or VV. VE means 'vulnerable exploited'. VV means 'vulnerable version'.

get_all_references()

Returns an Array of NexposeSimpleXML::Parser::Reference objects which contain reference details for the vulnerability.

NexposeSimpleXML::Parser::Reference

This object contains the reference details for a vulnerability.

id()

Returns the id of this reference.

type()

Returns the type of the reference. Example: cve

EXAMPLES

Here is an example of parsing an XML file using NexposeSimpleXML::Parser:

my $nxp = new NexposeSimpleXML::Parser;

my $parser = $nxp->parse_file('test1.xml');

foreach my $h ( $parser->get_all_hosts() ){
    print "ip: " . $h->address . "\n";
    foreach my $s ( $h->get_all_services() ) {
        print "port: " . $s->port . "\n";
        print "name: " . $s->name . "\n";
        print "protocol: " . $s->protocol . "\n";
    }   
    print "---\n";
}   

SEE ALSO

XML::LibXML and Object::InsideOut

AUTHOR

Joshua D. Abraham, <jabra AT spl0it DOT org>

COPYRIGHT AND LICENSE

Copyright 2010 Joshua D. Abraham. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.