C# Automation of Nessus Scans

My adventures in using C# in order to automate scans using the Nessus API.


I have been working through chapters of Gray Hat C# by Brandon Perry.

Before trying out the programs I do a couple things


  • Setup Windows XP host & Kali linux host in my virtual Host-Only network giving each vm an ip address of 10.0.0.0..
  • Startup Nessus within Kali using the command

/etc/init.d/nessusd start

  • Check that both hosts have an ip address that is within my defined range. Something like 10.0.0.1-10.0.0.100



Let’s get scannin’


Using Main, or the main method within Program.cs I do 2 things:

  • Return an authentication token alongside with a Nessus session for the session manager.
  • Create a new basic scan for my victim host.

    Important note : What are we scanning


    The program requires an ip address for the Nessus host and the scanned host. For me this was the ip for the Kali Linux VM and the Windows XP VM, all on the same Host-Only Adapter-Enable Virtual Network.


Output


` Scan status: running Scan status: running Scan status: running Scan status: running

{ “count”: 1, “plugin_name”: “MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)”, “vuln_index”: 50, “severity”: 4, “plugin_id”: 97833, “severity_index”: 31, “plugin_family”: “Windows” }
{ “count”: 1, “plugin_name”: “Windows NetBIOS / SMB Remote Host Information Disclosure”, “vuln_index”: 66, “severity”: 0, “plugin_id”: 10150, “severity_index”: 1, “plugin_family”: “Windows” } `


Written on April 15, 2018