Sun, 13 Oct 2013

Dead simple nessus xml file parsing with python .:.permalink.:.

Love nessus but hate the xml output?

Get the output you want via simple parsing the xml file with python in 20 lines or less:

#!/usr/bin/python
import sys
import lxml.objectify

nxml=lxml.objectify.parse(sys.argv[1])
nroot=nxml.getroot()

if len(nroot.findall("//*[local-name()='Report']"))==0:
       print("Hmm..no report information.")
       sys.exit(1)  

for nreportitem in nroot.findall("//*[local-name()='ReportItem']"):
       reporttags=[]
       for child in nreportitem.getchildren():
              reporttags.append(child.tag)       

       print('%s : severity: %s'%(nreportitem.attrib.get("pluginName"),nreportitem.attrib.get("severity")))
       if 'plugin_output' in reporttags:
              for line in str(nreportitem.plugin_output).split('\n'):
                     print('\t%s'%(line))

Using lxml and it's objectify function it's dead-simple to get a pythonic version of nessus' xml output. Give it a shot with your errant xml files you know you've got laying around. Don't like this format? Simple: change it to what you want ;-]

Posted at: Sun, 13 Oct 2013 | category: /itsec