File Coverage

blib/lib/Net/OpenVAS/OMP.pm

Criterion	Covered	Total	%
statement	30	98	30.6
branch	0	22	0.0
condition	0	16	0.0
subroutine	10	18	55.5
pod	3	3	100.0
total	43	157	27.3

line	stmt	bran	cond	sub	pod	time	code
1							package Net::OpenVAS::OMP;
2
3	1			1		7	use strict;
	1					2
	1					29
4	1			1		5	use warnings;
	1					1
	1					22
5	1			1		4	use utf8;
	1					2
	1					5
6	1			1		48	use feature ':5.10';
	1					2
	1					77
7
8	1			1		6	use Carp;
	1					2
	1					58
9	1			1		840	use IO::Socket::SSL;
	1					86611
	1					12
10
11	1			1		735	use Net::OpenVAS::Error;
	1					3
	1					37
12	1			1		469	use Net::OpenVAS::OMP::Response;
	1					2
	1					30
13	1			1		457	use Net::OpenVAS::OMP::Request;
	1					2
	1					261
14
15							our $VERSION = '0.200';
16
17							sub import {
18
19	0			0			my ( $class, @flags ) = @_;
20
21	0	0					if ( grep( /^-commands$/, @_ ) ) {
22	0						my @commands = qw(
23							authenticate commands create_agent create_alert create_asset create_config
24							create_credential create_filter create_group create_note create_override
25							create_permission create_port_list create_port_range create_report
26							create_report_format create_role create_scanner create_schedule create_tag
27							create_target create_task create_user delete_agent delete_asset
28							delete_config delete_alert delete_credential delete_filter delete_group
29							delete_note delete_override delete_report delete_permission delete_port_list
30							delete_port_range delete_report_format delete_role delete_scanner
31							delete_schedule delete_tag delete_target delete_task delete_user
32							describe_auth empty_trashcan get_agents get_configs get_aggregates
33							get_alerts get_assets get_credentials get_feeds get_filters get_groups
34							get_info get_notes get_nvts get_nvt_families get_overrides get_permissions
35							get_port_lists get_preferences get_reports get_report_formats get_results
36							get_roles get_scanners get_schedules get_settings get_system_reports
37							get_tags get_targets get_tasks get_users get_version help modify_agent
38							modify_alert modify_asset modify_auth modify_config modify_credential
39							modify_filter modify_group modify_note modify_override modify_permission
40							modify_port_list modify_report modify_report_format modify_role
41							modify_scanner modify_schedule modify_setting modify_target modify_tag
42							modify_task modify_user move_task restore resume_task run_wizard start_task
43							stop_task sync_cert sync_feed sync_config sync_scap test_alert verify_agent
44							verify_report_format verify_scanner
45							);
46
47	0						foreach my $command (@commands) {
48
49							my $sub = sub {
50	0			0			my ( $self, %hash ) = @_;
51	0						return $self->command( $command, \%hash );
52	0						};
53
54	1			1		8	no strict 'refs'; ## no critic
	1					2
	1					1065
55	0						*{$command} = $sub;
	0
56
57							}
58							}
59
60							}
61
62							sub new {
63
64	0			0	1		my ( $class, %options ) = @_;
65
66	0		0				my $openvas = delete( $options{'host'} ) \|\| undef;
67	0		0				my $ssl_opts = delete( $options{'ssl_options'} ) \|\| {};
68	0		0				my $logger = delete( $options{'logger'} ) \|\| undef;
69	0		0				my $timeout = delete( $options{'timeout'} ) \|\| 60;
70	0						my $username = delete( $options{'username'} );
71	0						my $password = delete( $options{'password'} );
72
73	0	0					if ( !$openvas ) {
74	0						$@ = 'Specify valid OpenVAS hostname or IP address and port (eg. 127.0.0.1:9330)'; ## no critic
75	0						return;
76							}
77
78	0	0	0				if ( !$username \|\| !$password ) {
79	0						$@ = 'Specify OpenVAS username and password'; ## no critic
80	0						return;
81							}
82
83	0						my ( $host, $port ) = split /:/, $openvas;
84
85	0		0				$port \|\|= 9390;
86
87	0						my $self = {
88							host => $host,
89							port => $port,
90							options => \%options,
91							logger => $logger,
92							timeout => $timeout,
93							username => $username,
94							password => $password,
95							socket => undef,
96							error => undef,
97							};
98
99	0						bless $self, $class;
100
101	0	0					if ( !$self->_connect ) {
102	0						$@ = $self->error;
103	0						return;
104							}
105
106	0						return $self;
107
108							}
109
110							sub _connect {
111
112	0			0			my ($self) = @_;
113
114							my %ssl = (
115							PeerHost => $self->{'host'},
116							PeerPort => $self->{'port'},
117	0						Timeout => $self->{'timeout'},
118							Proto => 'tcp',
119							SSL_verify_mode => 0,
120							);
121
122							my $socket = IO::Socket::SSL->new(%ssl)
123							or croak( sprintf 'Unable to connect to OpenVAS via %s:%s (%s - %s)',
124	0	0					$self->{'host'}, $self->{'port'}, $!, $SSL_ERROR );
125
126	0						$self->{'socket'} = \*$socket;
127
128							my $request = Net::OpenVAS::OMP::Request->new(
129							command => 'authenticate',
130							arguments => {
131							'credentials' => [
132							{
133							'username' => [ $self->{'username'} ],
134	0						'password' => [ $self->{'password'} ]
135							}
136							]
137							}
138							);
139
140	0						$self->{'socket'}->syswrite( $request->raw );
141
142	0						my $omp_response = $self->_read;
143	0						my $response = Net::OpenVAS::OMP::Response->new(
144							request => $request,
145							response => $omp_response
146							);
147
148	0	0					if ( !$response->error ) {
149	0						return 1;
150							} else {
151	0						$self->{'error'} = $response->error;
152							}
153
154	0						return;
155
156							}
157
158							sub _read {
159
160	0			0			my ($self) = @_;
161
162	0						my $response;
163
164	0						while ( my $length = $self->{'socket'}->sysread( my $buffer, 1024 ) ) {
165	0						$response .= $buffer;
166	0	0	0				last if ( $length < 1024 \|\| $length == 0 );
167							}
168
169	0						return $response;
170
171							}
172
173							sub _write {
174
175	0			0			my ( $self, $data ) = @_;
176
177	0						$self->_connect;
178
179	0						$self->{'socket'}->syswrite($data);
180	0						my $response = $self->_read;
181
182	0						return $response;
183
184							}
185
186							sub command {
187
188	0			0	1		my ( $self, $command, $arguments ) = @_;
189
190	0						my $request = Net::OpenVAS::OMP::Request->new(
191							command => $command,
192							arguments => $arguments
193							);
194
195	0	0					if ( defined( $self->{'logger'} ) ) {
196	0						$self->{'logger'}->debug( $request->raw );
197							}
198
199	0						my $omp_response = $self->_write( $request->raw );
200
201	0	0					if ( defined( $self->{'logger'} ) ) {
202	0						$self->{'logger'}->debug($omp_response);
203							}
204
205	0						my $response = Net::OpenVAS::OMP::Response->new(
206							request => $request,
207							response => $omp_response
208							);
209
210	0	0					if ( $response->error ) {
211	0						$self->{'error'} = $response->error;
212							}
213
214	0						return $response;
215
216							}
217
218							sub error {
219
220	0			0	1		my ( $self, $message, $code ) = @_;
221
222	0	0					if ( defined $message ) {
223	0						$self->{'error'} = Net::OpenVAS::Error->new( $message, $code );
224							}
225
226	0						return $self->{'error'};
227
228							}
229
230							1;
231
232							=head1 NAME
233
234							Net::OpenVAS - Perl extension for OpenVAS Scanner
235
236							=head1 SYNOPSIS
237
238							use Net::OpenVAS qw( -commands );
239
240							my $openvas = Net::OpenVAS->new(
241							host => 'localhost:9390',
242							username => 'admin',
243							password => 's3cr3t'
244							) or die "ERROR: $@";
245
246							my $task = $openvas->create_task(
247							name => [ 'Scan created via Net::OpenVAS' ],
248							target => { id => 'a800d5c7-3493-4f73-8401-c42e5f2bfc9c' },
249							config => { id => 'daba56c8-73ec-11df-a475-002264764cea' }
250							);
251
252							if ( $task->is_created ) {
253
254							my $task_id = $task->result->{id};
255
256							say "Created task $task_id";
257
258							my $task_start = $openvas->start_task( task_id => $task_id );
259
260							say "Task $task_id started (" . $task_start->status_text . ')' if ( $task_start->is_accepted );
261
262							}
263
264							if ( $openvas->error ) {
265							say "ERROR: " . $openvas->error;
266							}
267
268							=head1 DESCRIPTION
269
270							This module provides Perl scripts easy way to interface the OMP (OpenVAS Management Protocol) of OpenVAS.
271
272							For more information about the OPM follow the online documentation:
273
274							L
275
276
277							=head1 CONSTRUCTOR
278
279							=head2 Net::OpenVAS::OMP->new ( host => $host, username => $username, password => $password [, logger => $logger, timeout => 60, ssl_options => \%ssl_options ] )
280
281							Create a new instance of L.
282
283							Params:
284
285							=over 4
286
287							=item * C : OpenVAS host (and port)
288
289							=item * C, C : OpenVAS Credentials
290
291							=item * C : Request timeout in seconds (default is 60) If a socket open,
292							read or write takes longer than the timeout, an exception is thrown.
293
294							=item * C : A hashref of C options to pass through to L.
295
296							=item * C : A logger instance (eg. L or L for log
297							the REST request and response messages.
298
299							=back
300
301
302							=head1 METHODS
303
304							=head2 $openvas->command ( $command [, \%arguments ] )
305
306							Execute a command to OpenVAS via OMP and return L class instance.
307
308							my $task = $openvas->command( 'get_tasks', task_id => '46f15597-b721-403c-96a1-cce439af63a7' );
309
310							=head2 $openvas->error
311
312							Return L class instance.
313
314							=head2 COMMANDS HELPER
315
316							L provide a flag (C<-commands>) for import all OpenVAS OMP commands.
317
318							use Net::OpenVAS::OMP;
319							[...]
320							my $version = $openvas->command('get_version');
321
322							use Net::OpenVAS::OMP qw( -commands );
323							[...]
324							my $version = $openvas->get_version;
325
326							Available commands:
327
328							=over 4
329
330							=item * C : Authenticate with the manager.
331
332							=item * C : Run a list of commands.
333
334							=item * C : Create an agent.
335
336							=item * C : Create a config.
337
338							=item * C : Create an escalator.
339
340							=item * C : Create an LSC credential.
341
342							=item * C : Create a note.
343
344							=item * C : Create an override.
345
346							=item * C : Create a report format.
347
348							=item * C : Create a schedule.
349
350							=item * C : Create a slave.
351
352							=item * C : Create a target.
353
354							=item * C : Create a task.
355
356							=item * C : Delete an agent.
357
358							=item * C : Delete a config.
359
360							=item * C : Delete an escalator.
361
362							=item * C : Delete an LSC credential.
363
364							=item * C : Delete a note.
365
366							=item * C : Delete an override.
367
368							=item * C : Delete a report.
369
370							=item * C : Delete a report format.
371
372							=item * C : Delete a schedule.
373
374							=item * C : Delete a slave.
375
376							=item * C : Delete a target.
377
378							=item * C : Delete a task.
379
380							=item * C : Get all agents.
381
382							=item * C : Get all configs.
383
384							=item * C : Get dependencies for all available NVTs.
385
386							=item * C : Get all escalators.
387
388							=item * C : Get all LSC credentials.
389
390							=item * C : Get all notes.
391
392							=item * C : Get all NVTs.
393
394							=item * C : Get a list of all NVT families.
395
396							=item * C : Get checksum for entire NVT collection.
397
398							=item * C : Get all overrides.
399
400							=item * C : Get all preferences.
401
402							=item * C : Get all reports.
403
404							=item * C : Get all report formats.
405
406							=item * C : Get results.
407
408							=item * C : Get all schedules.
409
410							=item * C : Get all slaves.
411
412							=item * C : Get all system reports.
413
414							=item * C : Get configured target locators.
415
416							=item * C : Get all targets.
417
418							=item * C : Get all tasks.
419
420							=item * C : Get the OpenVAS Manager Protocol version.
421
422							=item * C : Get the help text.
423
424							=item * C : Update an existing config.
425
426							=item * C : Modify an existing LSC credential.
427
428							=item * C : Modify an existing note.
429
430							=item * C : Modify an existing override.
431
432							=item * C : Modify an existing report.
433
434							=item * C : Update an existing report format.
435
436							=item * C : Modify an existing task.
437
438							=item * C : Pause a running task.
439
440							=item * C : Resume task if stopped, else start task.
441
442							=item * C : Resume a paused task.
443
444							=item * C : Resume a stopped task.
445
446							=item * C : Manually start an existing task.
447
448							=item * C : Stop a running task.
449
450							=item * C : Run an escalator.
451
452							=item * C : Verify an agent.
453
454							=item * C : Verify a report format.
455
456							=back
457
458
459							=head1 SUPPORT
460
461							=head2 Bugs / Feature Requests
462
463							Please report any bugs or feature requests through the issue tracker
464							at L.
465							You will be notified automatically of any progress on your issue.
466
467							=head2 Source Code
468
469							This is open source software. The code repository is available for
470							public review and contribution under the terms of the license.
471
472							L
473
474							git clone https://github.com/giterlizzi/perl-Net-OpenVAS.git
475
476
477							=head1 AUTHOR
478
479							=over 4
480
481							=item * Giuseppe Di Terlizzi
482
483							=back
484
485
486							=head1 LICENSE AND COPYRIGHT
487
488							This software is copyright (c) 2020 by Giuseppe Di Terlizzi.
489
490							This is free software; you can redistribute it and/or modify it under
491							the same terms as the Perl 5 programming language system itself.
492
493							=cut