[go: up one dir, main page]
Scribd
Upload
7 views9 pages

Lab Exercise - Module 4 - API Operations

Uploaded by

mohamedjaralla9
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views9 pages

Lab Exercise - Module 4 - API Operations

Uploaded by

mohamedjaralla9
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

rev 121324

Lab Exercise 4: API Operations


At the end of this exercise, you will be able to:
● Create and launch a non-credentialed scan
● Create managed credentials
● Create and launch a credentialed scan
● Export results as a CSV and PDF report
● Export cumulative data

If you complete the advanced topics, you will be able to:


● Create a python script that creates a set of credentials, creates a scan, launches it and exports
results
● Use functions to improve code functionality

Note: This lab assumes a working knowledge of using Python 3. The Advanced topics assume a greater
depth of knowledge in coding in Python 3. Throughout this lab, instructions surrounded by less than <
and greater than > signs denote keys on the keyboard to be pressed (e.g., <tab> or <enter>).

Part 1, Task 1 through Part 4 is meant as one continuous session. DO NOT close the Terminal window or
the Python session throughout this lab, after Part 1, Task 1. If you do close it, you will have to restart this
exercise.

TOTAL ESTIMATED LAB TIME: 40:00 MINUTES

Part 1 - Perform a Non-Credentialed Scan


In this exercise, use Python interactively to perform a non-credentialed scan of 10.0.0.24.

Part 1: Task 1 - Create a non-credentialed scan


Create a non-credentialed scan of 10.0.0.0/24 using python interactively.

Step-by-step Instructions:
1. If you have just completed the lab exercise from Module 3, and still have the python session and
virtual terminal open in the Tenable Core + Nessus, you may skip to Step 10. Otherwise, proceed to
the next step.

2. If not signed in to Tenable Core + Nessus:

a. Connect to Tenable Core + Nessus using the URL and credentials provided.

b. Click Terminal.

3. If Python is not being run in Interactive mode (see a prompt of >>>):

a. Type source api-labs/bin/activate and then press <enter>.

b. Type sudo su - and then press <enter>.

i. Type the admin password when prompted.

c. Type python3.8 and then press <enter>.

.
COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
1
d. Type from tenable.io import TenableIO and then press <enter>.

4. Type tio=TenableIO(access_key='<access key>',secret_key= '<secret key>')


and then press <enter>.

a. Obtain your access key and secret key from your previous lab instructions.

5. Type scanners=tio.scanners.list() and then press <enter>.

6. Type for scanner in scanners: and then press <enter>.

7. Press <tab>.

8. Type print(scanner['name']) and then press <enter> twice.

9. Locate the scanner with your name that does NOT have AWS in the name, and copy the name to
Notepad.

10. Type createscan=tio.scans.create(name='<YourName> - non credentialed


scan', targets=['10.0.0.0/24'], scanner='<Scanner identified in step 7 (or
previous lab)>') then press <enter>.

a. Example: createscan=tio.scans.create(name='JaneFoster - non


credentialed scan', targets=['10.0.0.0/24'],
scanner='Jane-Foster_Scanner')

11. Type print(createscan['id']) and then press <enter>.

12. Note the number provided after Step 10.

Challenge Questions:
1. Why are the values for targets in brackets?

2. In order to display the name of the scan as well as the ID in Step 11, what change needs to occur to
the print command in Step 10?

Part 1: Task 2 - Launch Scan


Use the scan ID from Task 1 to launch the scan.

Step-by-step Instructions:
1. Type launch=tio.scans.launch('<scan id from task 1>') and then press <enter>.

2. Type status=tio.scans.status('<scan id from task 1>') and then press <enter>.

3. Type print(status) and then press <enter>.

Challenge Questions:
1. What status was displayed after typing print(status) and then pressing <enter>?

2. Wait a couple of minutes and type print(status) and then press <enter>. Does the value
change when the scan status changes from pending to running to completed?

3. Given the answer in Step 2, is there a way to easily get notification when a scan has completed?

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
2
Part 2 - Create a Windows Credentialed Scan
In this exercise, using the managed credentials in Tenable Vulnerability Management, create a
credentialed scan of 10.0.0.0/24 with Windows credentials of scanadmin/Tenable123!.

Part: 2 Task 1 - Create credentials


Create a set of Windows credentials named “{your name} - Windows Credentials” with a username of
scanadmin and a password of Tenable123!.

Step-by-step Instructions:
1. Type createcred=tio.credentials.create('<YourName> - Windows credentials',
'Windows',username='scanadmin',password='Tenable123!',
auth_method='Password') and then press <enter>.

2. Type print(createcred) and then press <enter>.

3. Note the value returned, as this will be used later.

4. Sign in to cloud.tenable.com.

5. Click the Menu and select Settings.

6. Click Credentials.

Challenge Questions:
1. Have the credentials been used?

2. What domain are these credentials associated with?

Part: 2 Task 2 - Create a Windows Credentialed Scan


Create a Windows credentialed scan of 10.0.0.0 called {yourname} API Windows credentialed scan
using the credentials created in Part 2, Task 1.

Step-by-step Instructions:
1. Type credscancreate=tio.scans.create( and then press <enter>.

2. Press <tab>, then type name='<Your Name> API Windows credentialed scan', and press
<enter>.

3. Press <tab>, and then type targets=['10.0.0.0/24'], and press <enter>.

4. Press <tab>, and then type scanner='<Your first name>-<Your Last name>_Scanner', and press
<enter>.

5. Press <tab>, and then type credentials={'Host':{'Windows':[{'id':'<credential


id from part 2 task 1 step 5>'}]}}) and press <enter> twice.

6. Type print(credscancreate['id'])

7. Note the number provided after Step 8.

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
3
Part: 2 Task 3 - Launch the Scan
Launch the scan created in Part 2, Task 2.

Step-by-step Instructions:
1. Type launch1=tio.scans.launch('<The number resulted in Part 2>')

Challenge Questions:
1. What should be changed above for SSH credentials?

2. What domain are these credentials associated with?

3. What action is needed to set the domain?

Part 3 - Save Results to a CSV File


In this section, export the results of your scan to a csv file.

Part: 3 Task 1 - Export Scan Results


Export the results of your scan to a .csv file named myresults.csv.

Step-by-step Instructions:
1. If the scan ID is not remembered:

a. Type scans=tio.scans.list() and then press <enter>.

b. Type for scan in scans: and then press <enter>.

c. Press <tab> then type print(scan['name'],'-',scan['id']) and then press


<enter> twice.

d. Note the scan ID of the credentialed scan.

2. Type print(tio.scans.status(<the ID of your scan>))

a. If the results are “Completed”, proceed to Step 6. Otherwise, wait a few minutes and repeat
Steps 4-5.

3. Type with open('myscan.csv','wb') as reportobj:

4. Press <tab>, and then type tio.scans.export('<the ID of your


scan>',format='csv', fobj=reportobj) and press <enter> twice.

a. Note: Do not press <enter> more than twice. It may take a few moments for the >>>
prompt to reappear.

5. Type quit() and press <enter>.

6. Type more myscan.csv

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
4
Challenge Questions:
1. How can the file format be changed to PDF instead of CSV?

2. How is the location specified for storing the file myscan.csv?

Part: 3 Task 2 - Print the Contents of the File


Use python to display the contents of the file.

Step-by-step Instructions:
1. If not signed in to Tenable Core + Nessus:

a. Sign in to Tenable Core + Nessus using the provided credentials.

b. Click Terminal.

2. If Python is not being run in Interactive mode (see a prompt of >>>):

a. Type source api-labs/bin/activate and then press <enter>.

b. Type python3 and then press <enter>.

c. Type from tenable.io import TenableIO then press <enter>.

d. Type tio=TenableIO('<access key>', '<secret key>') then press <enter>.

3. Type a_file = open("myscan.csv")

4. Type lines = a_file.readlines()

5. Type for line in lines:

6. Press <tab>, and then type print(line) and press <enter> twice.

Challenge Questions:
1. What script should be used to print the first 10 lines of the file?

2. What two types of applications are CSV files best used for?

Part 4 - Export from Cumulative Data


In this exercise, export a complete list of assets.

Part: 4 Task 1 - Export a List of IP addresses for Assets


Display a list of assets.

Step-by-step Instructions:
1. If not signed in to Tenable Core + Nessus:

a. Sign in to Tenable Core + Nessus using the provided credentials.

b. Click Terminal.

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
5
2. If Python is not being run in Interactive mode (see a prompt of >>>):

a. Type source api-labs/bin/activate and then press <enter>.

b. Type sudo su - and then press <enter>.

i. Type the admin password when prompted.

c. Type python3.8 and then press <enter>.

d. Type from tenable.io import TenableIO and then press <enter>.

e. Type tio=TenableIO('<access key>', '<secret key>') and then press <enter>.

3. Type assets=tio.exports.assets() and then press <enter>.

4. Type for asset in assets: and then press <enter>.

5. Press <tab> then type print(asset['ipv4s'])

6. Press <enter> twice.

Challenge Questions:
1. What query change should be made to export assets that have been tagged with Regions:HQ?

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
6
Optional Advanced Problems
This section is optional and can be completed during any free time available while taking this course.

TOTAL ESTIMATED OPTIONAL EXERCISE TIME: 40:00 MINUTES

Task 1 - Create a Python Script to Launch a Credentialed Scan


Create a standalone Python script that creates and launches a credentialed scan.

Example script:
#!/usr/bin/python3
from tenable.io import TenableIO
#Please enter the values for the empty variables below in order #to
create and launch a credentialed scan
access_key=""
secret_key=""
cred_username=""
cred_password=""
cred_type="Host"
cred_os="Windows"
cred_name=""
authmeth="Password"
scan_name=""
trgts=""
scannr=""
tio=TenableIO(access_key, secret_key)
#The Following command creates credentials
createcred=tio.credentials.create(cred_name,cred_os,username=cred_username,pas
sword=cred_password, auth_method='Password')
#The following command creates a scan
createscan=tio.scans.create(name=scan_name,targets=[trgts],scanner=scannr
credentials={cred_type:{cred_os: [{'id':createcred}]}})
launcher=tio.scans.launch(createscan['id'])

Task 2 - Create a Python Script to Export Scan Data to CSV

Task 3 - Create a Python Script to Export Scan Data to PDF

End of Exercises

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
7
Answer Key

Part 1: Task 1
1. Why are the values for targets in brackets?
● Targets is a list, so there can be multiple entries in this variable for different targets and
ranges.
2. In order to display the name of the scan as well as the ID in Step 10, what change needs to occur to
the print command in Step 10?
● print(createscan['name'] + ' - ' + str(createscan['id']))

Part 1: Task 2
1. What status was displayed after typing print(status)<enter>?
● Depending upon the amount of time, it would either return pending, running, or
completed.
2. Wait a couple of minutes and type print(status) <enter>. Does the value change when the
scan changes from pending to running to completed?
● No, once the query has been sent, it does not change the value automatically.
3. Given the answer in Step 2, is there a way to easily get notification when a scan has completed?
● status=""
while status !="completed"
status=tio.scans.status({'scanid'}
print(status)

Part 2: Task 1
1. Have the credentials been used?
● No.
2. What domain are these credentials associated with?
● These credentials are not associated with the domain.

Part 2: Task 3
1. What should be changed above for SSH credentials?
● Change Windows to SSH and provide SSH managed credentials.
2. What domain are these credentials associated with?
● These credentials are not associated with the domain.
3. What action is needed to set the domain?
● Add the credentials to the item by adding domain=’{domain name’} inside the createcred
command shown in Task 2.

Part 3: Task 1
1. How can the file format be changed to PDF instead of CSV?
● Change the field format=’pdf’ to format=’pdf’ and change the file name.
2. How is the location specified for storing the file myscan.csv?
● On the line starting with “with open”, specify the directory before the file name (e.g., with
open('/home/myuser/myscan.csv'...)

Part 3: Task 2
1. What python script should be used to print the first 10 lines of the file?
● a_file = open('myscan.csv')
for i in range(10):
line=a_file.readline()
print(line)
2. What two types of applications are CSV files best used for?
● Spreadsheet programs and databases.

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
8
Part 4: Task 1
1. What query change should be made to export assets that have been tagged with Regions:HQ?
● Change assets=tio.exports.assets() to
assets=tio.exports.assets(tags=[('Regions','HQ')])

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
9

You might also like