how to submit targets via the nessus API? - nessus

I am trying to create a new scan in Nessus (6.4) via the API following the documentation. I have a policy set up and the code to create the scan is
import requests
headers = {
"X-ApiKeys": "accessKey = 8cc43676fe7e9046353fcd36c41c61f4f78f7a8df646653fbde4641e352d36d9; secretKey = ab7eeafbe3f9f544b10496ff63297f8f55692cc5f4dca3f3d74e0917b6ec2ed0;"
}
data = {
"uuid": "ab4bacd2-05f6-425c-9d79-3ba3940ad1c24e51e1f403febe40",
"settings": {
"name": "myscan1",
"policy_id": "4",
"enabled": "false",
"text_targets": "192.168.1.1"
}
}
r = requests.post('https://localhost:8834/scans', data=data, verify=False, headers=headers)
print(r.status_code, r.text)
This outputs
(400, u'{"error":"Invalid \'targets\' field"}')
The documentation explicitly gives an example for the POST body:
Below is a sample body for this request:
{
"uuid": {template_uuid},
"settings": {
"name": {string},
"description": {string},
"emails": {string},
"enabled": "true",
"launch": {string},
"folder_id": {integer},
"policy_id": {integer},
"scanner_id": {integer},
"text_targets": {string},
"use_dashboard": {boolean}
}
}
I checked an actual scan creation in the interface, analyzing the HTTPS traffic. The POST body starts with
{
"uuid":"ad629e16-03b6-8c1d-cef6-ef8c9dd3c658d24bd260ef5f9e66",
"settings":{
"name":"test1",
"description":"",
"folder_id":"3",
"scanner_id":"1",
"text_targets":"192.168.1.1",
"file_targets":"",
(...)
so it looks like the targets are provided correctly.
Any idea what else to check regarding the targets field??

I forgot to json.dumps() the POST payload (and possibly add a content-type to the header).
The example below works (this time the authentication is done via a token from /session, but the same works with the authorization keys in the question)
headers = {
"X-Cookie": "token={token};".format(token=token),
"content-type": "application/json"
}
data = {
"uuid": "ab4bacd2-05f6-425c-9d79-3ba3940ad1c24e51e1f403febe40",
"settings": {
"name": "myscan1",
"policy_id": "4",
"enabled": "false",
"text_targets": "192.168.1.1",
}
}
r = requests.post('https://localhost:8834/scans', data=json.dumps(data), verify=False, headers=headers)

Related

How to change the local payload when invoking a lambda in cloud9 IDE?

I'm developing in AWS Cloud9, and have a basic "Hello, World" API set up using Lambda.
Now I would like to iterate so that the API can accept parameters. Cloud9 used to have a convenient UI for modifying the payload when running "local" (in the IDE, without deploy). But I can't find where this has been moved, and the documentation still references the previous UI.
To test this, I've included a simple print(event) in my Lambda, and started modifying various components. So far I only print an empty dict ({}).
I suspect it's in the launch.json but so far everything I've modified has not been picked up. Showing below
{
"configurations": [
{
"type": "aws-sam",
"request": "direct-invoke",
"name": "API token-to-geojson:HelloWorldFunction (python3.9)",
"invokeTarget": {
"target": "api",
"templatePath": "token-to-geojson/template.yaml",
"logicalId": "HelloWorldFunction"
},
"api": {
"path": "/hello",
"httpMethod": "get",
"payload": {
"json": {}
}
},
"lambda": {
"runtime": "python3.9"
}
},
{
"type": "aws-sam",
"request": "direct-invoke",
"name": "token-to-geojson:HelloWorldFunction (python3.9)",
"invokeTarget": {
"target": "template",
"templatePath": "token-to-geojson/template.yaml",
"logicalId": "HelloWorldFunction"
},
"lambda": {
"payload": {
"ticky": "tacky"
},
"environmentVariables": {},
"runtime": "python3.9"
}
}
]
}
The only thing I saw is we need to add "json" before the actual json data. In the example below, it appears the IDE already knows the id is event.id (note event is the first argument of the handler).
"lambda": {
"payload": {
"json": {
"id": 1001
}
},
"environmentVariables": {}
}

Retrieve request data information's using JSR223 post processer in JMeter

I am using the following payload as post request to one of my test servers, and I want to retrieve the size of the payload, uniquid from the payload. I am using JSR223 post processer for this any help to get these information
Sample Payload:
POST https://test.eventgrid.azure.net/api/events
POST data:
[
{
"subject": "audit",
"id": "6aca5990-713b-47d1-be81-ed228bd81735",
"eventType": "test.audit",
"eventTime": "2020-08-31T05:02:02.462Z",
"data": {
"version": "1.0",
"application": {
"id": "PI0001",
"name": "PLMAS",
"component": {
"id": "PLMAS01",
"name": "SingleFileImporter",
"type": "LogicApp"
}
},
"audit": {
"id": "168999807c4c46af908ce7a455a5e5eb",
"timestamp": "2020-08-31T05:02:02.462Z",
"type": "input",
"entry": "File retrieved, validated and processed successfully",
"message": {
"headers": "J9SGinwTz0SSrEHrBrhMS3wquHlWu",
"payload": "00=SfsDZ0LESTLZ6VpCmIEDT5nqOPqlwUJknCSIQuAIBM8wKj",
"type": "csv",
"protocol": ""
},
"keys": [
{
"name": "file-archive-location",
"value": "Performance Test From Jmeter"
}
]
},
"context": {
"transactionId": "65174971-62d6-44da-9ecd-537b8d636464",
"messageId": "04cb206c-25dd-4385-bed7-42f770c67cb8",
"customerId": "FANSOI",
"studyId": "FANSOI1234"
}
},
"dataVersion": "1.0",
"metadataVersion": "1"
}
]
Is there any default method like sampler.getUrl() to get the request url and sampler.getArguments().getArgument(0).getValue() to get the request body.
This should do what you want:
import java.util.List;
def size = prev.getBodySizeAsLong() + prev.getHeadersSize();
List<String> list = com.jayway.jsonpath.JsonPath.read( prev.getQueryString(), "$..id");
String uniqueId = list.get(0).toString();
log.info("size:{}, uniqueId:{}", size, uniqueId);
You can use the same functions but instead of sampler go for ctx.getCurrentSampler(), something like:
def data = ctx.getCurrentSampler().getArguments().getArgument(0).getValue()
def size = data.length()
def id = new groovy.json.JsonSlurper().parseText(data)[0].id
log.info('Size: ' + size)
log.info('Id: ' + id)
Demo:
More information:
Apache Groovy - Parsing and producing JSON
Top 8 JMeter Java Classes You Should Be Using with Groovy

Data from geoJSON API call in Larvel 5.8

I am trying to retrieve data from the weather.gov API - it returns the format in geoJSON and I am not sure how to actually get the data I want from it.
If I am using the weatherbit.io API, I have no issues as it returns JSON format in which I can pull from rather easily.
I am using GuzzleHTTP to make the API call.
I am playing around with learning APIs and I have an interest in weather so I figured I would work on an application in which I could pull information from the local weather station and output it in to readable format for users in a table.
The code I am currently using is:
$api_call = https://api.weather.xxx/points/LAT,LON;
$client = new \GuzzleHttp\Client();
$request = $client->get($api_call);
if ($request->getStatusCode() == 200) {
$weatherRequest = $request->getBody();
$requestedWeather = json_decode($weatherRequest);
$currentweather = $requestedWeather; ** THIS IS WHERE I NEED HELP ***
}
return $currentweather;
});
return view('currentweather', ["currentweather" => $currentweather]);
When I am returning $currentweather and var_dump it to the view, it gives me all the geoJSON data but I don't know how to correctly iterate through the data to pull the information I need.
When I pull from another API it gives a different JSON format which I can just pull like so:
$api_call = https://api.weatherbit.xx/v2.0/current?
$client = new \GuzzleHttp\Client();
$request = $client->get($api_call);
if ($request->getStatusCode() == 200) {
$weatherRequest = $request->getBody();
$requestedWeather = json_decode($weatherRequest);
$currentweather = $requestedWeather->data;
}
return $currentweather;
});
return view('currentweather', ["currentweather" => $currentweather]);
}
And when I use $currentweather in my view I can pull any data I need with the object string name. I am not sure how to pull the data when it's leading off with the #Context tag.
The data I want lies in the "properties" part of the geoJSON array and I just can't seem to figure out how to get that in the way I am currently using.
This is my geoJSON array return:
{ "#context": [ "https://raw.githubusercontent.xxx/geojson/geojson-ld/master/contexts/geojson-base.jsonld", { "wx": "https://api.weather.xxx/ontology#", "s": "https://schema.org/", "geo": "http://www.opengis.xxx/ont/geosparql#", "unit": "http://codes.wmo.xxx/common/unit/", "#vocab": "https://api.weather.xxx/ontology#", "geometry":
{ "#id": "s:GeoCoordinates", "#type": "geo:wktLiteral" }, "city": "s:addressLocality", "state": "s:addressRegion", "distance": { "#id": "s:Distance", "#type": "s:QuantitativeValue" }, "bearing": { "#type": "s:QuantitativeValue" }, "value": { "#id": "s:value" }, "unitCode":
{ "#id": "s:unitCode", "#type": "#id" }, "forecastOffice": { "#type": "#id" }, "forecastGridData": { "#type": "#id" }, "publicZone": { "#type": "#id" }, "county": { "#type": "#id" } } ], "id": "https://api.weather.xxx/points/xxx,xxx", "type": "Feature", "geometry": { "type": "Point", "coordinates": [ xxx, xxx ] }, "properties":
{ "#id": "https://api.weather.xxx/points/xxx,xxx", "#type": "wx:Point", "cwa": "xxx", "forecastOffice": "https://api.weather.xxx/offices/xxx", "gridX": 86, "gridY": 77, "forecast": "https://api.weather.xxx/gridpoints/xxx/xx,xx/forecast", "forecastHourly": "https://api.weather.xxx/gridpoints/xxx/xx,xx/forecast/hourly", "forecastGridData": "https://api.weather.xxx/gridpoints/xxx/xx,xx", "observationStations": "https://api.weather.xxx/gridpoints/xxx/xx,xx/stations", "relativeLocation":
{ "type": "Feature", "geometry": { "type": "Point", "coordinates": [ xxx, xxx ] }, "properties": { "city": "xxx", "state": "xx", "distance": { "value": xxxx.xxxxxxxxx, "unitCode": "unit:m" }, "bearing": { "value": 150, "unitCode": "unit:degrees_true" } } }, "forecastZone": "https://api.weather.xxx/zones/forecast/xxxxxx", "county": "https://api.weather.xxx/zones/county/xxxxxx", "fireWeatherZone": "https://api.weather.xxx/zones/fire/SCZ050", "timeZone": "America/New_York", "radarStation": "xxxx" } }
Thanks for your help!
Any member of the JSON object can be accessed via the same name on the object returned by json_decode. Your weatherbit example $requestedWeather->data works because everything is in a member called data. So... $requestedWeather->properties will get you what you want from the weather.gov API.
You can also pass true as a second argument to json_decode to get back a plain PHP array instead.
$requestedWeather = json_decode($weatherRequest, true);
var_dump($requestedWeather['properties']);
This is often recommended because JSON allows member names that are not valid PHP object property names (e.g., names containing hyphens).

MobileFirst create wrong SMS request

IBM MobileFirst Platform Foundation 8.0.0.
After configuring SMS settings I am trying to send a message but the request is created in the wrong way. See the result below.
//REST API : send notification request
{
"message": {
"alert": "Hello World from an SMS message"
},
"notificationType":3,
"target" : {
"deviceIds" : ["9a149c24-8859-3383-6067-d161e46d2554"]
}
}
The created request:
473607:[2017-01-02 16:44:02.494] - [440093822] Request received: HTTP GET /send.aspx?
encode=false&name=toParamName&value=Recipients&encode=false&name=textParamName&value=MessageText&encode=false&name=MessageType&value=text&encode=false&name=SenderName&value=PLIX&encode=false&name=UserName&value=MahmoudSamy&encode=true&name=Password&value=xyz&to=20100051111&text=Hello+World+from+an+SMS+message+2
//SMS settings
{
"port": "80",
"programName": "/sendsms",
"host": "xyz.com",
"name": "SMSGateway",
"parameters": [
{
"encode": "false",
"name": "toParamName",
"value": "to"
},
{
"encode": "false",
"name": "textParamName",
"value": "text"
},
{
"encode": "false",
"name": "SenderName",
"value": "Support"
},
{
"encode": "false",
"name": "UserName",
"value": "xyz"
},
{
"encode": "false",
"name": "Password",
"value": "xyz"
}
]
}
We tried to send SMS with SMS settings shared by you.
We are able to get correct value pair in the created request.
Below is the created request
GET /gateway/add.php?encode=false&name=toParamName&value=to&encode=false&name=textParamName&value=text&encode=false&name=SenderName&value=Support&encode=false&name=UserName&value=xyz&encode=false&name=Password&value=xyz&to=99&text=Hello+World+from+an+SMS+message HTTP/1.1
Also in created request shared by you, I am noticing different username value than given in sms settings.
Could you please tell us how you are checking the request. We are using wireshark to capture.
the below configuration works with me but it force me to accept to and text parameters.
{
"port": "80",
"programName": "/sendsms",
"host": "xyz.com",
"name": "SMSGateway",
"parameters": [{
"SenderName": "Support",
"MessageType": "text",
"UserName": "xyz",
"Password": "xyz"
}]
}
HTTP GET /send.aspx?SenderName=Support&MessageType=text&UserName=xyz&Password=xyz&to=083127312763&to=hello+world

How can I get the timestamp value in Elasticsearch?

How do I get the timestamp value? I already set enable and store as true, I can see it on Sense, but was not able to get it.
{
"cubx": {
"mappings": {
"organization": {
"_timestamp": {
"enabled": true,
"store": true
},
"properties": {
"address": {
.
.
.
I can see it...
GET /abc/organization/1234?fields=_timestamp
{
"_index": "abc",
"_type": "organization",
"_id": "1234",
"_version": 1,
"found": true,
"fields": {
"_timestamp": 1430535032967
}
}
But I can't retrieve it...
public GetField getTimestamp(Long companyId) {
GetResponse response = client
.prepareGet(index, type, companyId.toString()).execute()
.actionGet();
return response.getField("_timestamp");
It returns null. I already read a lot of posts here but didn't find an example to get the value to a object. I also tried to use script_value as suggested in this post but without success.
Can someone help me to figure out what I'm doing wrong?
You would need to use it like this GetResponse response = client .prepareGet(index, type, companyId.toString()).setFields("_timestamp").execute() .actionGet();.

Resources