stevecoward / nasl-parser Goto Github PK
View Code? Open in Web Editor NEWNOT ACTIVELY MAINTAINED - Parses a Nessus Script Language script plugin and extracts details from it
License: MIT License
NOT ACTIVELY MAINTAINED - Parses a Nessus Script Language script plugin and extracts details from it
License: MIT License
Is it possible that only work with Nessus and not with OpenVas files.
When I run with my openvas nasl files, the parser get all the variables empty.
{'attributes': {},
'bugtraq_id': [11071],
'category': 'ACT_GATHER_INFO',
'checks': [],
'copyright': [],
'cve_id': [],
'cvs_date': '',
'cvss3_base_vector': '',
'cvss3_temporal_vector': '',
'cvss_base_vector': '',
'cvss_temporal_vector': '',
'cwe_id': [],
'family': [],
'id': 0,
'name': [],
'osvdb_id': [],
'summary': '',
'version': '',
'xref': {}}
Found an issue with the attribute keys. The following are the different keys that are meant to be the same attribute keys but aren't same due to programmer errors in the NASL files. I added the double quotes to demonstrate the erroneous leading and trailing whitespaces and single quotes.
Everything between the double quotes seems to appear in the keys of the attributes dict, which is not supposed to be the case.
***ATTRIBUTES***
" 'cvss_vector'"
" cvss_vector"
"patch_publication_date "
"'patch_publication_date'"
"patch_publication_date"
" patch_publication_date"
"cpe"
"'cpe'"
" cpe"
"description"
"'description'"
" description"
"vuln_publication_date"
"vuln_publication_date "
"'vuln_publication_date'"
"exploit_framework_metasploit"
"plugin_publication_date"
" plugin_publication_date"
"'plugin_publication_date'"
"solution"
"'solution'"
" solution"
"cvss_score_rationale"
"'cvss_score_rationale'"
"synopsis"
" synopsis"
"'synopsis'"
"cvss_score_source"
"'cvss_score_source'"
"risk_factor"
"'risk_factor'"
" 'risk_factor'"
" risk_factor"
"see_also"
" see_also"
"'see_also'"
" 'see_also'"
"plugin_type"
" plugin_type"
"'plugin_type'"
I've made a change to to GenericDictType
class, stripping leading and trailing white spaces and single quotes in that order to fix the issue and it works for the all the plugins published by Tenable in my SecurityCenter.
class GenericDictType(RegexValueFinder):
def __init__(self, value):
attributes = {}
for attribute in value:
parsed_attribute = attribute.replace(',value', ', value').split(', value:')
try:
attributes.update({
parsed_attribute[0].split(':')[1].strip().strip("'"): parsed_attribute[1].strip(),
})
except:
pass
self.values = attributes
Fixed by #4.
Is this library compatible with python3?
Hi, i have difficult to understand how can i use it?
Can you show me an example?
Thanks
Do you have any usage guidelines or examples?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.