Retrieving product expiration dates from Tenable Customer Support Portal

I don’t say that it is a rocket science or something, but maybe someone will need to automate Tenable Support portal routine, and here will be a script, which can be used. My own case was to get expiration date for purchased and trial Tenable products. To know in advance when and what products should be bought and updated.

Registered Products

It turned out that getting this data from deployed products via APIs is not as trivial as it sounds, but I will write about this topic next time.

To work with Tenable portal you must get cookies:

$ user=""; pass="qwerty"; curl -c tenable_cookie -s '' --compressed --data "form_submit=do_login&auth_user=$user&auth_pass=$pass&submit=Log+in"

If everything was successful, you should get tenable_cookie file containing something like:

cat tenable_cookie
# Netscape HTTP Cookie File
# This file was generated by libcurl! Edit at your own risk TRUE / FALSE 0 CerberusPublicGUI sbvhasd0ebrbgtqef5352rh8r1

Now getting the expiration date:

$ IFS=$'\n';for line in `curl -b tenable_cookie -s "" | egrep "plusminus[0-9]+"`; do id=`echo $line | egrep -o "plusminus[0-9]+" | sed 's/plusminus//'`; name=`echo "$line" | egrep -o ".*" | sed 's/<\/*b>//g'`; curl -b tenable_cookie -s "$id" | egrep -o "[0-9]{4}-[0-9]*-[0-9]*" | awk -v name="$name" '{print name";"$0}' | sort | uniq; done;
Nessus Manager;2016-11-17
Nessus Professional;2017-06-21
SecurityCenter Continuous View;2017-01-01

The idea is to find on the page with the activation key (mod_id=14), all lines containing Tenable product codes and names. Then for each product code we make request to get product description and parse out the expiration date. You can also get activation keys themselves, or perhaps the file you need to activate SecurityCenter.

Html parsing a thankless task. I apologize if you decide to try this example and it does not work. It simply means that Tenable changed something in their page and everything fell apart. Please write it in the comments in this case 😉

Leave a Reply

Your email address will not be published. Required fields are marked *