Parsing .Nessus files - Part 3-ish

Today I'm finally getting around to re-packaging Melcara's script to include the latest version released in September 2017. I'll also need to make the new changes to the perl script (which I foolishly did not save from prior changes).

So:

cpan install XML:TreePP Data::Dumper Math::Round Excel::Writer::XLSX Excel::Writer::XLSX::Chart Data::Table Getopt::Std Net::IP pp

Perl file changes (changed here, can be used to generate report in linux assuming you have all the right libraries):

1. Include "use Net::IP;" at top.
2. Re-order sections to write excel sheets at bottom to "Summary", Criticals, Highs, Mediums, Lows, Informational, Vulnerability to IP Summary.
3. Add block to sort IPs in that last sheet before writing them out.

Install Strawberry Perl Portable in Windows, then through trial-and-error install the modules needed to get pp to work. Pray that something works. But it never did and I gave up after six hours of frustration.

pp -M JSON -M PAR::Dist -M URI::Escape -M LWP::UserAgent -M HTTP::Cookies -M Data::Dump -M Data::Dumper -M XML::Hash::XS -M XML::TreePP -M MIME::Base64 -M Math::Round -M Excel::Writer::XLSX  -M Excel::Writer::XLSX::Chart -M Excel::Writer::XLSX::Chart::Pie -M Data::Table -M Getopt::Std Net::IP parse_nessus_xml.v24.pl

Note: some of these libraries may not be needed anymore but it worked last time and extra bits don't hurt in this case.

Dpkg::Options note

When installing linux upgrades check this page for references on how to let apt upgrade do its own thing with new/old/updated configuration files:

https://raphaelhertzog.com/2010/09/21/debian-conffile-configuration-file-managed-by-dpkg/

Quick review of Alfa AWUS036AC (or AC1200?)

Some time in March I read this article which has a great run-down on the state of 5 ghz packet injection in Kali Linux and the most capable wireless cards. I got all excited and attempting ed to order the AC1200 without carefully examining the provider. Instead I got the device pictured on Amazon but it says AWUS036AC on the back.

Oh well. Driver support out of the box is flaky and airmon-ng doesn't play well with it even with the proper drivers installed.

 apt install dkms realtek-rtl88xxau-dkms  

Then, to put the card into monitor mode, perform the following set of commands each time:

 ip link set wlan1 down  
 iw dev wlan1 set type monitor  
 ip link set wlan1 up  

To take it out of monitor mode (very important) before unplugging:

 ip link set wlan1 down  
 iw dev wlan1 set type managed  
 ip link set wlan1 up  

So those are the cons.

Pros: Great reception of nearby access points. Where before I could barely manage 56 for the closest APs, now it shows as mid-30s. This makes capturing handshakes potentially much easier. As it is, most likely that's what I'll use this device for.

CISSP Training

I'm at a company event doing CISSP training, ready to bite the bullet and schedule the exam in June, either before or after Toorcamp. Currently we're going over a somewhat familiar domain involing cryptography, so I'm reading a lot of Feedly and tweets using Tweetdeck.

https://khanism.org/society/how-social-media-destroyed-my-generation/

Not terribly convinced by this post's hyperbole; to be fair the author isn't so sure himself anymore.

https://www.npr.org/sections/thetwo-way/2018/05/01/607054795/nra-bans-guns-during-convention-speech-by-president-vice-president

This is literally a non-issue. The President and Vice President are speaking, the last thing the Secret Service wants is guns not in their hands in the same room or hall as the colloquial "45" and Co. I might dislike Trump intensely but still understand that security protocols have to be followed everywhere, regardless of the supporting stance of the organization under whose auspices they are there. If they were talking at a pen-knife convention would people be up in arms if pocket-knives were banned? Maybe if pocket-knives were used as weapons of mass destruction and killings? Something smells fishy.