Core Impact Advanced Techniques | Restful API Utilization
Core Impact's automation API is a restful API which can be used to control Core Impact and initiate scans and other automatic exploitation activities. This video demonstrates how to setup the API and use it through the documentation interface.
First, let’s set up the automation API. Go to tools and select Options.
A pop up box will appear. Select Automation WS API. Check the box next to Enable Automation WS API. The API requires a certificate—it is https only. In this example, the certificate files have already been loaded. You’ll need a self-signed certificate, or one that has been issued through some other mechanism.
Next, we’ll need to create an authentication token. Click New. Copy it to the clipboard by clicking Copy.
The API is now configured and ready.
We’ll now go over to the web browser and load the page. The page, which is a standard Swagger interface, is available at the /docs URI and will allow you to initiate actions within the API.
First, let’s finish the authentication process. Click Authorize.
A pop up box will appear. Paste in the code that we copied when we created the token and click Authorize.
The API is now appropriately authorized and we can initiate a scan. Let’s select the Network scan. Click Try it Out.
This will generate a JSON Blob that we can use.
In this example, we’ll name the scan “API-Run” and fill out the Blob with the following parameters:
Hit execute.
If we scroll down, we can see our scan id and check that the status confirms the scan is running. Copy the scan id to the clipboard.
Scroll back up and select /scan/{scan_id} to get the specifics of the scan. Paste in the scan id and hit execute.
Let it continue running until it is completed and your scan results generate.
