Monday, 25 July 2016

Schedule Scan using Qualys API

It's easy to schedule using GUI when the number of scan you want to schedule are hardly few, but what would you do if the numbers are exhaustive????

No Need to worry, just add details in CSC, use powershell and API and it will be done in few blinks.

Thanks to power of API and scripting (here powershell)

Below is the powershell code & Sample CSV entries that will be fetched

DCName AssetGrpName ID Scanner OptionProfile StartHour StartMin Duration Date
DC1     DD_DC1      123 scanner1 5858       3      0          36 8/9/2016
DC2     DD_DC2      456 scanner2 5858       2     30          36 8/9/2016

# Using Cookie.txt for storing cookie as input and output

param(
[Parameter(Mandatory=$true)][String]$username,
#End user must not be able to see the typed password, so protecting it
[Parameter(Mandatory=$true)][SecureString]$SecurePassword,
[Parameter(Mandatory=$false)][int]$ScanProfile=90348959

)
#Now we will convert back the securepassword input to the plain text as Qualys API works in that way
# Create a "password pointer"
$PasswordPointer = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
# Get the plain text version of the password
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto($PasswordPointer)
# Free the pointer
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($PasswordPointer)
# Plain text password is in $password

remove-item alias:curl


[String]$counter='AUG'


#[String]$Cookie1= "$qualys_scan_schedule.cookies"


function login{

#login to qualys and dump the response cookie into Cookie1 which is pointing to .cookies
$Login ='curl -H "X-Requested-With: Curl Sample"  -c "cookie.txt" -d "action=login&username=$username&password=$password" "https://qualysapi.qualys.eu/api/2.0/fo/session/"'
Invoke-Expression $Login
}

function list{

$filepath = "C:\Users\tarun.kumar1\Desktop\test3.csv"
$csv = Import-csv  $filepath
foreach ($item in $csv)
{
$title=$($item.AssetGrpName)
$title=$title+$counter

$assetid=$($item.ID)
$scannername=$($item.Scanner)
$startdate=$($item.Date)
$starthour=$($item.StartHour)
$startmin=$($item.StartMin)

#echo $title,$assetid,$scannername,$startdate,$starthour,$startmin
$List='curl  -H "X-Requested-With: curl" -b "cookie.txt" -X "POST" -d "scan_title=$title&active=1&option_id=90348959&target_from=assets&asset_group_ids=$assetid&iscanner_name=$scannername&occurrence=daily&frequency_days=1&start_date=$startdate&start_hour=$starthour&start_minute=$startmin&time_zone_code=ST&pause_after_hours=36&observe_dst=no&recurrence=1" "https://qualysapi.qualys.eu/api/2.0/fo/schedule/scan/?action=create"'
Invoke-Expression $List

}
}

function logout{
#Logout
curl -H "X-Requested-With: Curl Sample" -d "action=logout" -b "cookie.txt" "https://qualysapi.qualys.eu/api/2.0/fo/session/"
}

function Main{

login
list
logout

}

. Main

No comments:

Post a Comment