Not much going on; need to clean out tabs
My friend Will stirred my curiosity in random programming tasks today insofar as I added a tweets of new malware urls to our work twitter account. So basically what happens is savory, the malware app, will tweet when it sees new urls. Being a really weird person, you can choose to follow these tweets if you want.
I can’t imagine that this is useful in any way, but it was fun and I wrote a new class, Zend_Services_Bitly in the process.
I also gained a list of all the Nessus XML-RPC endpoints. Tenable hasn’t released any official documentation on this yet. In fact, I haven’t found anything anywhere about it yet; makes it kinda hard to use it, ya know. Anyway, here they are refer to my other post for various required inputs.
Since I was unable to find any documentation concerning the XML-RPC endpoints for the new Nessus server, I ran it through Tamper Data and here’s what I got (not everything, but a good chunk)
URL=https://172.16.1.175:8834/login POSTDATA =seq=1505&password=MyPassword&login=tim
URL=https://172.16.1.175:8834/plugins/list
URL=https://172.16.1.175:8834/report/list
URL=https://172.16.1.175:8834/policy/list
URL=https://172.16.1.175:8834/plugins/preferences
URL=https://172.16.1.175:8834/preferences/list
URL=https://172.16.1.175:8834/policy/add POSTDATA =plugin%5Fselection%2Efamily%2EWindows%20%3A%20Microsoft%20Bulletins=enabled&Global%20variable%20settings%5Bfile%5D%3ASSL%20key%20to%20use%20%3A=
Basically it’s just everything you’d read from the XML file url-encoded and send in one gigantic post
URL=https://172.16.1.175:8834/scan/list
URL=https://172.16.1.175:8834/scan/new POSTDATA =seq=2145&target=172%2E16%2E1%2E101&scan%5Fname=265&policy%5Fid=1
URL=https://172.16.1.175:8834/scan/pause POSTDATA =seq=3587&scan%5Fuuid=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1
URL=https://172.16.1.175:8834/scan/resume POSTDATA =seq=9975&scan%5Fuuid=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1
URL=https://172.16.1.175:8834/report/hosts POSTDATA =report=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1&seq=5458
URL=https://172.16.1.175:8834/report/tags ditto
URL=https://172.16.1.175:8834/report/ports ditto
URL=https://172.16.1.175:8834/users/list
URL=https://172.16.1.175:8834/users/edit POSTDATA =seq=3802&admin=1&login=tim
URL=https://172.16.1.175:8834/report/hosts POSTDATA =report=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1&filter%2E0%2Efilter=plugin%5Fid&seq=7176&filter%2E0%2Evalue=10011&filter%2E0%2Equality=equal%2Dto
URL=https://172.16.1.175:8834/report/tags POSTDATA =report=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1&hostname=172%2E16%2E1%2E101&seq=5498
URL=https://172.16.1.175:8834/report/details POSTDATA =report=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1&protocol=tcp&hostname=172%2E16%2E1%2E101&seq=3380&port=445
URL=https://172.16.1.175:8834/report/delete POSTDATA =report=3b98722d%2Df5ec%2Da565%2D7a7e%2D88335e45a5a139828ae33ca3eed1&seq=4148
It’s unclear whether or not you can download and upload scan results using a home feed; probably not, and thus Tenable face palms itself yet again.