0

当我在 Nessus 扫描仪上工作时,我必须传递参数来创建扫描。请求的正文应该是:

    {
      "uuid": {template_uuid},
      "settings": {
        "name": {string},
        "description": {string},
        "emails": {string},
        "launch": {string},
        "folder_id": {integer},
        "policy_id": {integer},
        "scanner_id": {integer},
        "text_targets": {string}
      }
    }

目前我正在尝试通过以下代码传递这些参数:

public static void createScan(){
    String url = SERVER_URL+"/scans";
    String[] paramName = {"uuid", "settings.name","settings.policy_id","settings.text_targets"};
    String[] paramVal = {"xxxx", "xxxx", "xxxx","xx.xx.xxx.xxx"};
        try {
            String token = login();
            httpPost(url, paramName, paramVal, token);
        } catch (Exception e) {
            e.printStackTrace();
        }
}
public static String httpPost(String urlStr, String[] paramName, String[] paramVal, String token) throws Exception {
        URL url = new URL(urlStr);
        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
        conn.setRequestMethod("POST");
        conn.setDoOutput(true);
        conn.setDoInput(true);
        conn.setUseCaches(false);
        conn.setAllowUserInteraction(false);
        conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        conn.setConnectTimeout(500000);
        conn.setReadTimeout(500000);
        conn.setRequestProperty("X-Cookie:", "token=" + token + ";");


        if (paramName != null && paramVal != null) {
            OutputStream out = conn.getOutputStream();
            Writer writer = new OutputStreamWriter(out, "UTF-8");
            for (int i = 0; i < paramName.length; i++) {
                writer.write(paramName[i]);
                writer.write("=");
                writer.write(URLEncoder.encode(paramVal[i], "UTF-8"));
                writer.write("&");
            }
            writer.close();
            out.close();
        }

        if (conn.getResponseCode() != 200) {
            throw new IOException(conn.getResponseMessage());
        }

        BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
        StringBuilder sb = new StringBuilder();
        String line;
        while ((line = rd.readLine()) != null) {
            sb.append(line);
        }
        rd.close();
    conn.disconnect();
    return sb.toString();
}

目前通过运行上面的代码,我得到:

Response code: 403
java.io.IOException: Unauthorized

请帮助我成功传递这些参数以在 Nessus 中创建扫描

4

1 回答 1

0

我无法真正帮助您解决这个问题,但您应该考虑使用 jackson 或其他一些 xml/json 解析器,因为您似乎需要以 JSON 格式发送数据。传递一个对象更容易,Jackson 解析器会将其转换为 JSON。

更多信息:http: //jackson.codehaus.org/

还可以考虑使用 apache httpclient,因为它无论如何都包含在 android 中。方式更少凌乱,更易于维护。

于 2015-03-22T20:17:13.347 回答