Okay, I've searched thru the forum and I am unable to see this one addressed.
First, let me say that this is a great forum to get ideas and suggestions for MySQL. In fact, the whole site is very useful.
Now with the sucking up out of the way - on to the issue.
I am attempting to convert some XML files into something that I can easily import into my MySQL DB. I am trying to model this after the NessQuick program that was developed for importing Nessus NBE files into MySQL. However, getting the XML files into something similar to NBE files has proved to be a no-go as the format is not one to follow the same type output. Let me explain:
Nessus NBE files are formatted to have the results|<host domain>|<host IP>|<port name & number>|<vulnerability number>|<Security threat level>|<Summary> all deliminated by the pipe "|".
The XML files are basically as follows:
<Session><URL> address/dir</URL><Scheme>http</Scheme><Host>IP Address</Host><Port>80</Port><Issues><Issue><Type>Passive</Type><Methodol
ogy/><VulnerabilityID>3508</VulnerabilityID><Name>Internal IP Disclosure</Name><
Severity>25</Severity><Summary>Explanation of vulnerabiltiy</Summary><Execution/><Implication/><Solution
>What can be done about it.</Solution><Referen
ces/></Issue></Issues> etc......
I can program to get the tags out and place everything for each tag on a separate line. And I can even deliminate it all by pipes "|". The problem is where Nessus files have each vulnerability on a separate line, these files can contain mutilple vulnerabilities per Session.
I have even toyed with putting the tags into variables successfully.
Okay, the question - is there a way to program a Perl script to take these tags and place them into a DB to be associated with the Sessions?
Sorry for the long query, but I thought it better to give you as much info as possible.
Thanks,
cmarchman
First, let me say that this is a great forum to get ideas and suggestions for MySQL. In fact, the whole site is very useful.
Now with the sucking up out of the way - on to the issue.
I am attempting to convert some XML files into something that I can easily import into my MySQL DB. I am trying to model this after the NessQuick program that was developed for importing Nessus NBE files into MySQL. However, getting the XML files into something similar to NBE files has proved to be a no-go as the format is not one to follow the same type output. Let me explain:
Nessus NBE files are formatted to have the results|<host domain>|<host IP>|<port name & number>|<vulnerability number>|<Security threat level>|<Summary> all deliminated by the pipe "|".
The XML files are basically as follows:
<Session><URL> address/dir</URL><Scheme>http</Scheme><Host>IP Address</Host><Port>80</Port><Issues><Issue><Type>Passive</Type><Methodol
ogy/><VulnerabilityID>3508</VulnerabilityID><Name>Internal IP Disclosure</Name><
Severity>25</Severity><Summary>Explanation of vulnerabiltiy</Summary><Execution/><Implication/><Solution
>What can be done about it.</Solution><Referen
ces/></Issue></Issues> etc......
I can program to get the tags out and place everything for each tag on a separate line. And I can even deliminate it all by pipes "|". The problem is where Nessus files have each vulnerability on a separate line, these files can contain mutilple vulnerabilities per Session.
I have even toyed with putting the tags into variables successfully.
Okay, the question - is there a way to program a Perl script to take these tags and place them into a DB to be associated with the Sessions?
Sorry for the long query, but I thought it better to give you as much info as possible.
Thanks,
cmarchman