4

I am evaluating the product Nessus 7 to perform vulnerability scans on the systems in my network.I am able to perform the scans successfully, but I am unable to automate it with a python Nessrest client. The following error is thrown by the nessrest client. Please help me out with this issue. Thank you.

 No Title
 *****************START ERROR*****************
 JSON    :
 {"uuid": "ab4bacd2-05f6-425c-9d79-3ba3940ad1c24e51e1f403febe40", 
 "settings": {"text_targets": "targetIp", "file_targets": "", 
 "folder_id": 82, "description": "Created with REST API", "filters": [], 
 "launch": "ON_DEMAND", "scanner_id": "1", "emails": "", "filter_type": "", 
 "name": ""}}
 {}
 HEADERS :
 {'X-Cookie': 'token=1c1c4f11e325eb19440feaaf04706d1265f347d105a06f44', 
 'Content-type': 'application/json', 'Accept': 'text/plain'}
 URL     : https://ipaddress:8834/scans 
 METHOD  : POST
 RESPONSE: 412


 {
   "error": "API is not available"
 }


 ******************END ERROR******************
 Traceback (most recent call last):
 File "nessrest.py", line 1, in <module>
      import nessrest
 File "C:\Users\ballalc\nessrest.py", line 8, in <module>
      scan.scan_add(targets="ipaddress")
 File "C:\Users\ballalc\ness6rest.py", line 705, in scan_add
      self.scan_uuid = self.res["scan"]["uuid"]
 KeyError: 'scan'
Ranjan
  • 91
  • 8
  • which Nessus version are you using? nessrest only works on Nessus 6.x. From Nessus 7.x, you cannot use API. – tech_enthusiast Apr 09 '18 at 05:13
  • I am using Nessus 7. Is there a download link available for Nessus 6? I am unable to find one.Please help – Ranjan Apr 09 '18 at 05:16
  • You cannot download it anymore from their website. You can only request the customer support (if you have one) and they can revert you back to Nessus 6.11 (they will provide FTP download link). Note: I am only talking about official versions. You might find unofficial versions from the web. – tech_enthusiast Apr 09 '18 at 05:18
  • Okay thank you so much – Ranjan Apr 10 '18 at 05:24

2 Answers2

0

Nessus has stopped implicit API Support from 7.x. You should either be using their Free Version "Nessus Home" or licensed to "SecurityCenter or Tenable.io" to use API for automation.

If you were an existing licensee, you can still use API until December, 2018 provided you don't update to Nessus Pro v7 Nessus Update ScreenShot

Suraj
  • 38
  • 7
  • Thanks for the reply, I found a way to link Nessus scanner to Tenable API and scan the devices locally. Through Tenable API, I can now automate scanning process locally. – Ranjan Jul 04 '18 at 10:12
0

I know you are willing to see copy/past solution here, but not that easy just read till the end.

Also suffer for API removal, but finally developed a small java workaround class to handle all the automation and bypass Nessus API restrictions. Do not want to publish it since if they see will block it as well. They no longer want people to use Nessus and actively forcing everyone to switch to tenable.io I can send it to anyone personally or if needed explain how it's work.

sedrakpc
  • 508
  • 4
  • 18