Scripting — Bash

In a project I had to get plugin list of Nessus PVS and compare them if they was also a plugin for the same vulnerability in Nessus. I could not find a way to get plugin list from a source. There were more than 8100 plugins and of course I did not want to get details we wanted one by one. So I typed a script to visit the pages of plugins to get the details we wanted.

It is not an impossible script to type, but a little long. Maybe can be useful for someone else or can give opinion for something completely different.

for i in {0..163}; do echo $i; wget -q -O foo.html “https://www.tenable.com/pvs-plugins?keys=&field_pvs_plugin_id_value=&field_pvs_plugin_family_tid=All&field_pvs_cve_id_value=&page=$i"; t=$(cat foo.html |grep “\<a href=\”\/pvs-plugins” | cut -d “\”” -f2); for url in $t; do wget -q -O foo2.html “https://www.tenable.com$url"; family=$(cat foo2.html |grep “Plugin ID” | cut -d “>” -f15 | cut -d “<” -f1); pvsid=$(cat foo2.html |grep “Plugin ID” | cut -d “>” -f6 | cut -d “<” -f1); severity=$(cat foo2.html |grep “Risk Factor” | cut -d “<” -f6 | cut -d “>” -f2); nessusid=$(cat foo2.html |grep “<a href=\”/plugins/index.php?view=single&id=” | cut -d “=” -f4 | cut -d “\”” -f1); name=$(cat foo2.html | grep “giga hmb” | cut -d “>” -f2 | cut -d “<” -f1); echo “$name,$severity,$pvsid,$family,$nessusid” | grep -v “^.\{4,6\}$” >> text.txt; done done