当我在 Nessus 扫描仪上工作时,我必须传递参数来创建扫描。请求的正文应该是:
{
"uuid": {template_uuid},
"settings": {
"name": {string},
"description": {string},
"emails": {string},
"launch": {string},
"folder_id": {integer},
"policy_id": {integer},
"scanner_id": {integer},
"text_targets": {string}
}
}
目前我正在尝试通过以下代码传递这些参数:
public static void createScan(){
String url = SERVER_URL+"/scans";
String[] paramName = {"uuid", "settings.name","settings.policy_id","settings.text_targets"};
String[] paramVal = {"xxxx", "xxxx", "xxxx","xx.xx.xxx.xxx"};
try {
String token = login();
httpPost(url, paramName, paramVal, token);
} catch (Exception e) {
e.printStackTrace();
}
}
public static String httpPost(String urlStr, String[] paramName, String[] paramVal, String token) throws Exception {
URL url = new URL(urlStr);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
conn.setAllowUserInteraction(false);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setConnectTimeout(500000);
conn.setReadTimeout(500000);
conn.setRequestProperty("X-Cookie:", "token=" + token + ";");
if (paramName != null && paramVal != null) {
OutputStream out = conn.getOutputStream();
Writer writer = new OutputStreamWriter(out, "UTF-8");
for (int i = 0; i < paramName.length; i++) {
writer.write(paramName[i]);
writer.write("=");
writer.write(URLEncoder.encode(paramVal[i], "UTF-8"));
writer.write("&");
}
writer.close();
out.close();
}
if (conn.getResponseCode() != 200) {
throw new IOException(conn.getResponseMessage());
}
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
StringBuilder sb = new StringBuilder();
String line;
while ((line = rd.readLine()) != null) {
sb.append(line);
}
rd.close();
conn.disconnect();
return sb.toString();
}
目前通过运行上面的代码,我得到:
Response code: 403
java.io.IOException: Unauthorized
请帮助我成功传递这些参数以在 Nessus 中创建扫描