RubyGems - CloudyScripts - Versions diffs - 1.6.1 → 1.7.27 - Mend

CloudyScripts 1.6.1 → 1.7.27

Files changed (176) hide show

data/Rakefile +1 -1
data/lib/audit/checks/APACHE2.group +6 -0
data/lib/audit/checks/APACHE2_CONFIG_01.check +36 -0
data/lib/audit/checks/APACHE2_CONFIG_02.check +34 -0
data/lib/audit/checks/APACHE2_CONFIG_03.check +60 -0
data/lib/audit/checks/APACHE2_CONFIG_04.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_05.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_06.check +30 -0
data/lib/audit/checks/APACHE2_INIT_1.check +14 -0
data/lib/audit/checks/APACHE2_INIT_2.check +66 -0
data/lib/audit/checks/APACHE2_INIT_3.check +13 -0
data/lib/audit/checks/APACHE2_USER_7.check +17 -0
data/lib/audit/checks/BACKUP_HOME_DOTFILES.check +26 -0
data/lib/audit/checks/BACKUP_LOG.check +24 -0
data/lib/audit/checks/BACKUP_MAIL.check +19 -0
data/lib/audit/checks/BACKUP_WEB.check +12 -0
data/lib/audit/checks/CONFIGURATION_BACKUP.check +14 -0
data/lib/audit/checks/DIRECTORY_LISTING.check +14 -0
data/lib/audit/checks/DISTRIBUTION_FACTS.check +60 -0
data/lib/audit/checks/DMESG_OUTPUT.check +14 -0
data/lib/audit/checks/FIND_GROUP_FILE.check +6 -0
data/lib/audit/checks/FIND_PASSWD_FILE.check +8 -0
data/lib/audit/checks/FIND_SHADOW_FILE.check +5 -0
data/lib/audit/checks/FIND_SUDOERS_FILE.check +6 -0
data/lib/audit/checks/FREE_SPACE.check +26 -0
data/lib/audit/checks/HAS_AWK.check +30 -0
data/lib/audit/checks/HAS_BASE.check +21 -0
data/lib/audit/checks/HAS_CAT.check +18 -0
data/lib/audit/checks/HAS_COMPRESSOR.check +30 -0
data/lib/audit/checks/HAS_CUT.check +18 -0
data/lib/audit/checks/HAS_DF.check +19 -0
data/lib/audit/checks/HAS_DPKG.check +18 -0
data/lib/audit/checks/HAS_FILE_DOWNLOADER.check +32 -0
data/lib/audit/checks/HAS_FIND.check +18 -0
data/lib/audit/checks/HAS_GREP.check +19 -0
data/lib/audit/checks/HAS_GROUPCHECK.check +23 -0
data/lib/audit/checks/HAS_GROUPS.check +19 -0
data/lib/audit/checks/HAS_HOSTNAME.check +7 -0
data/lib/audit/checks/HAS_ID.check +7 -0
data/lib/audit/checks/HAS_LSB_RELEASE.check +16 -0
data/lib/audit/checks/HAS_MOUNT.check +19 -0
data/lib/audit/checks/HAS_NETSTAT.check +20 -0
data/lib/audit/checks/HAS_PASSWD_CHECK.check +17 -0
data/lib/audit/checks/HAS_PS.check +19 -0
data/lib/audit/checks/HAS_ROUTE.check +19 -0
data/lib/audit/checks/HAS_SH.check +19 -0
data/lib/audit/checks/HAS_SORT.check +17 -0
data/lib/audit/checks/HAS_STAT.check +17 -0
data/lib/audit/checks/HAS_SUPERUSER.check +11 -0
data/lib/audit/checks/HAS_TAIL.check +16 -0
data/lib/audit/checks/HAS_TAR.check +7 -0
data/lib/audit/checks/HAS_TR.check +22 -0
data/lib/audit/checks/HAS_UNAME.check +7 -0
data/lib/audit/checks/HAS_UNIQ.check +17 -0
data/lib/audit/checks/HAS_WC.check +16 -0
data/lib/audit/checks/HAS_WHO.check +18 -0
data/lib/audit/checks/HAS_YUM.check +18 -0
data/lib/audit/checks/LASTLOG.check +28 -0
data/lib/audit/checks/LIST_ROUTES.check +33 -0
data/lib/audit/checks/LIST_USER_ACCOUNTS.check +25 -0
data/lib/audit/checks/LOADED_MODULES.check +22 -0
data/lib/audit/checks/LOCAL_NMAP.check +97 -0
data/lib/audit/checks/LOGGED_USERS.check +28 -0
data/lib/audit/checks/LYNIS_AUTH.group +9 -0
data/lib/audit/checks/LYNIS_AUTH_9204.check +43 -0
data/lib/audit/checks/LYNIS_AUTH_9208.check +35 -0
data/lib/audit/checks/LYNIS_AUTH_9216.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9222.check +25 -0
data/lib/audit/checks/LYNIS_AUTH_9226.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9228.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9252.check +19 -0
data/lib/audit/checks/MAYBE_HAS_BZIP2.check +17 -0
data/lib/audit/checks/MAYBE_HAS_CURL.check +17 -0
data/lib/audit/checks/MAYBE_HAS_DU.check +17 -0
data/lib/audit/checks/MAYBE_HAS_HOSTNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_ID.check +17 -0
data/lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check +15 -0
data/lib/audit/checks/MAYBE_HAS_SUPERUSER.check +36 -0
data/lib/audit/checks/MAYBE_HAS_TAR.check +19 -0
data/lib/audit/checks/MAYBE_HAS_UNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_WGET.check +17 -0
data/lib/audit/checks/MOUNTED_DEVICES.check +22 -0
data/lib/audit/checks/MYSQL_HISTORY_1.check +29 -0
data/lib/audit/checks/MYSQL_INIT_1.check +9 -0
data/lib/audit/checks/MYSQL_INIT_2.check +12 -0
data/lib/audit/checks/MYSQL_INIT_3.check +7 -0
data/lib/audit/checks/PACKAGES_INSTALLED_DPKG.check +38 -0
data/lib/audit/checks/PACKAGES_INSTALLED_YUM.check +36 -0
data/lib/audit/checks/PASSWORD_INFORMATION.check +33 -0
data/lib/audit/checks/PLATFORM_FACTS.check +35 -0
data/lib/audit/checks/PORTS_OPEN_NETSTAT.check +121 -0
data/lib/audit/checks/PROCESS_LIST.check +87 -0
data/lib/audit/checks/SLOW.group +7 -0
data/lib/audit/checks/SLOW_1.check +4 -0
data/lib/audit/checks/SLOW_2.check +4 -0
data/lib/audit/checks/SLOW_3.check +4 -0
data/lib/audit/checks/SSH.group +14 -0
data/lib/audit/checks/SSH_CONFIG_01.check +12 -0
data/lib/audit/checks/SSH_CONFIG_02.check +15 -0
data/lib/audit/checks/SSH_CONFIG_03.check +13 -0
data/lib/audit/checks/SSH_CONFIG_04.check +11 -0
data/lib/audit/checks/SSH_CONFIG_05.check +12 -0
data/lib/audit/checks/SSH_CONFIG_06.check +12 -0
data/lib/audit/checks/SSH_CONFIG_07.check +11 -0
data/lib/audit/checks/SSH_CONFIG_08.check +12 -0
data/lib/audit/checks/SSH_CONFIG_09.check +12 -0
data/lib/audit/checks/SSH_CONFIG_10.check +15 -0
data/lib/audit/checks/SSH_CONFIG_11.check +14 -0
data/lib/audit/checks/SSH_INIT_1.check +9 -0
data/lib/audit/checks/SSH_INIT_2.check +12 -0
data/lib/audit/checks/SSH_KEYS_1.check +32 -0
data/lib/audit/checks/USERS_INIT_1.check +9 -0
data/lib/audit/checks/USERS_INIT_2.check +5 -0
data/lib/audit/checks/USERS_INIT_3.check +5 -0
data/lib/audit/checks/USERS_INIT_4.check +9 -0
data/lib/audit/checks/USERS_INIT_5.check +10 -0
data/lib/audit/checks/USER_INFORMATION.check +29 -0
data/lib/audit/checks/VARIOUS.group +19 -0
data/lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check +5 -0
data/lib/audit/checks/benchmark.group +6 -0
data/lib/audit/checks/footer.template +12 -0
data/lib/audit/checks/header.template +10 -0
data/lib/audit/checks/helpers/head.sh +59 -0
data/lib/audit/checks/script_header.template +69 -0
data/lib/audit/create_benchmark.sh +93 -0
data/lib/audit/lib/audit.rb +136 -0
data/lib/audit/lib/audit_facade.rb +5 -0
data/lib/audit/lib/benchmark/audit_benchmark.rb +165 -0
data/lib/audit/lib/benchmark/automatic_dependencies.rb +13 -0
data/lib/audit/lib/benchmark/benchmark_factory.rb +23 -0
data/lib/audit/lib/benchmark/benchmark_result.rb +25 -0
data/lib/audit/lib/benchmark/check.rb +34 -0
data/lib/audit/lib/benchmark/group.rb +30 -0
data/lib/audit/lib/benchmark/item_exception.rb +13 -0
data/lib/audit/lib/benchmark/result_code.rb +11 -0
data/lib/audit/lib/benchmark/rule_result.rb +42 -0
data/lib/audit/lib/benchmark/rule_role.rb +5 -0
data/lib/audit/lib/benchmark/rule_severity.rb +13 -0
data/lib/audit/lib/benchmark/yaml_benchmark.rb +133 -0
data/lib/audit/lib/connection/ami_connection.rb +4 -0
data/lib/audit/lib/connection/connection_factory.rb +27 -0
data/lib/audit/lib/connection/ssh_connection.rb +243 -0
data/lib/audit/lib/ec2_utils.rb +245 -0
data/lib/audit/lib/http_fingerprint.rb +116 -0
data/lib/audit/lib/lazy.rb +37 -0
data/lib/audit/lib/linear_script_generator.rb +31 -0
data/lib/audit/lib/main.rb +13 -0
data/lib/audit/lib/my_option_parser.rb +106 -0
data/lib/audit/lib/nessus_new.rb +290 -0
data/lib/audit/lib/nessus_utils.rb +102 -0
data/lib/audit/lib/parser/command/abstract_command.rb +32 -0
data/lib/audit/lib/parser/command/abstract_command_result.rb +30 -0
data/lib/audit/lib/parser/command/attach_file_command.rb +63 -0
data/lib/audit/lib/parser/command/check_finished_command.rb +45 -0
data/lib/audit/lib/parser/command/cpe_name_command.rb +37 -0
data/lib/audit/lib/parser/command/data_command.rb +43 -0
data/lib/audit/lib/parser/command/listening_port_command.rb +46 -0
data/lib/audit/lib/parser/command/message_command.rb +21 -0
data/lib/audit/lib/parser/command/program_name_command.rb +42 -0
data/lib/audit/lib/parser/parse_exception.rb +2 -0
data/lib/audit/lib/parser/result_type.rb +13 -0
data/lib/audit/lib/parser/script_output_parser.rb +201 -0
data/lib/audit/lib/parser/stdout_line_buffer.rb +43 -0
data/lib/audit/lib/ssh_fingerprint.rb +220 -0
data/lib/audit/lib/ssh_fingerprint2.rb +170 -0
data/lib/audit/lib/ssh_utils.rb +292 -0
data/lib/audit/lib/transformers/web_view_transformer.rb +171 -0
data/lib/audit/lib/transformers/yaml_transformer.rb +50 -0
data/lib/audit/lib/util/random_string.rb +22 -0
data/lib/audit/lib/version.rb +7 -0
data/lib/help/ec2_helper.rb +65 -2
data/lib/help/remote_command_handler.rb +17 -0
data/lib/help/state_transition_helper.rb +8 -0
data/lib/scripts/ec2/open_port_checker.rb +112 -0
data/lib/scripts/ec2/port_range_detector.rb +0 -1
metadata +175 -16

data/lib/audit/lib/nessus_new.rb ADDED Viewed

@@ -0,0 +1,290 @@
+require 'rexml/document'
+require 'logger'
+include REXML
+class Nessus
+	attr_reader :token
+	def initialize(options = {})
+		options = {:host => "127.0.0.1", :port => "8834", :timeout => "120"}.merge(options)
+		@host = options[:host]
+		@port = options[:port]
+		@timeout = options[:timeout]
+		if options[:logger] then
+			@logger = options[:logger]
+		else
+			@logger = Logger.new(STDOUT)
+		end
+		@token = nil
+	end
+	def execute_command(command, parameters,  fail_on_error = true)
+		cmd = "curl --silent --max-time #{@timeout} --insecure "
+		parameters.each do|param|
+			if param[:type].nil? || param[:type] == :data then
+				cmd << "--data \"#{param[:value]}\" "
+			elsif param[:type] == :form then
+				cmd << "--form \"#{param[:value]}\" "
+			elsif param[:type] == :cookie then
+				cmd << "--cookie \"#{param[:value]}\" "
+			else
+				raise "unknown parameter type #{param[:type]}"
+			end
+		end
+		cmd << "https://#{@host}:#{@port}/#{command}"
+		@logger.info {"Executing command: #{cmd}"}
+		result_str = `#{cmd}`
+		raise "unexpected return value from nessus command #{command} " unless result_str.class == String
+		result = Document.new(result_str)
+		status = result.elements.inject("reply/status", []) {|r, x| r << x.text}
+		if fail_on_error then
+			raise "Invalid return status for nessus command #{command}" unless status && status.length == 1 && status[0] == "OK"
+		end
+		return result
+	end
+	def login(username, password)
+		result = execute_command("login", [{:value => "login=#{username}"}, {:value => "password=#{password}"}])
+		token = result.elements.inject("reply/contents/token", []) {|r, x| r << x.text}
+		raise "Invalid token during nessus login" unless token && token.length == 1
+		@token = token[0]
+	end
+	def upload_file(file)
+		raise "File '#{file}' is not accessible" unless File.exist?(file) && File.readable?(file)
+		reply = execute_command("file/upload",
+	   	                    [{:type => :cookie, :value => "token=#{@token}"},
+	      	                  {:type => :form, :value => "Filedata=@#{file}"}])
+		return reply.elements.inject("/reply/contents/fileUploaded", []) {|r, x| r << x.text}[0]
+	end
+	def import_policy(filename)
+		return execute_command("file/policy/import",
+	   	                           [{:value => "file=#{filename}"},
+	      	                         {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	def delete_policy(id)
+		return execute_command("policy/delete",
+	   	                           [{:value => "policy_id=#{id}"},
+	      	                         {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	def get_policy_ids(policy_name)
+		policies = execute_command("policy/list",
+	   	                               [{:type => :cookie, :value => "token=#{@token}"}])
+		return policies.elements.inject("/reply/contents/policies/policy[policyName='#{policy_name}']/policyID", []) {|r, x| r << x.text}
+	end
+	def import_policy_file(file)
+		policy_name = Nessus.get_policy_name_from_file(file)
+		policy_ids = get_policy_ids(policy_name)
+		policy_ids.each do|id|
+			delete_policy(id)
+		end
+		uploaded_name = upload_file(file)
+		policies = import_policy(uploaded_name)
+		return policies.elements.inject("/reply/contents/policies/policy[policyName='#{policy_name}']/policyID", []) {|r, x| r << x.text}[0]
+	end
+	#Start a new nessus scan
+	#
+	# @param :policy_id The policy id of the policy to use (String)
+	# @param :targets The scan targets (String or Array of String)
+	def start_scan(options)
+		raise "Missing parameter :policy_id" unless options[:policy_id]
+		raise "Missing parameter :targets" unless options[:targets]
+		scan_opts = [{:value => "policy_id=#{options[:policy_id]}"},
+		             {:type => :cookie, :value => "token=#{@token}"}]
+		if options[:targets].class() == String then
+			scan_opts << {:value => "target=#{options[:targets]}"}
+		elsif options[:targets].class() == Array then
+			options[:targets].each do|target|
+				scan_opts << {:value => "target=#{target}"}
+			end
+		else
+			raise "Unknown target type #{options[:targets].class().name()}"
+		end
+		scan_reply = execute_command("scan/new",  scan_opts)
+		return scan_reply.elements.inject("/reply/contents/scan/uuid", []) {|r, x| r << x.text}[0]
+	end
+	def scan_status(uuid)
+		report = list_report(uuid)
+		return "unknown" unless report
+		return report["status"]
+	end
+	def list_reports()
+		reply = execute_command("report/list", [{:type => :cookie, :value => "token=#{@token}"}])
+		results = []
+		reply.elements.each("/reply/contents/reports/report") do|elem|
+			result = {}
+			elem.elements.each do|subelem|
+				result[subelem.name] = subelem.text
+			end
+			results << result
+		end
+		return results
+	end
+	def list_report(uuid)
+		reports = list_reports()
+		report = reports.reject {|rep| rep["name"] != uuid}
+		return nil if report.length != 1
+		return report[0]
+	end
+	def save_report(uuid, file)
+		report = execute_command("file/report/download",
+		                       [{:value => "report=#{uuid}"},
+		                        {:type => :cookie, :value => "token=#{@token}"}],
+		                       false)
+		if report.elements.inject("/NessusClientData_v2", []) {|r, x| r << x}.empty? then
+			raise "error during save_report"
+		end
+		File.open(file, 'w') {|file| file << report.to_s}
+	end
+	def delete_report(uuid)
+		report = execute_command("report/delete",
+		                       [{:value => "report=#{uuid}"},
+		                        {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	# Scan targets completely and return when scan is finished
+	#
+	# Note: Only one of :policy_id, :policy_name or :policy_file needs to be specified.
+	# @param :targets Hosts to scan (String or Array of String)
+	# @param :report_file Path to report file (String)
+	# @param :policy_id Policy ID of policy to use (String)
+	# @param :policy_name Name of policy to use (String)
+	# @param :policy_file Path to policy file to import and use (String)
+	# @param :delete_policy (optional) Delete policy when scan is finished (Boolean)
+	# @param :delete_report (optional) Delete report when scan is finished (Boolean)
+	def scan_targets(options)
+		raise "Need parameter :targets" unless options[:targets]
+		raise "Need parameter :report_file" unless options[:report_file]
+		policy_id = ""
+		if options[:policy_id] then
+			policy_id = options[:policy_id]
+		elsif options[:policy_name] then
+			policy_ids = get_policy_ids(policy_name)
+			raise "No policy with this name (#{policy_name}) found" if policy_ids.empty?
+			raise "Several policies with this name (#{policy_name}) found" if policy_ids.length > 1
+			policy_id = policy_ids[0]
+		elsif options[:policy_file] then
+			policy_id = import_policy_file(options[:policy_file])
+		else
+			raise "Need parameter :policy_file, :policy_name or :policy_id"
+		end
+		scan_uuid = start_scan(:policy_id => policy_id, :targets => options[:targets])
+		while scan_status(scan_uuid) != "completed" do
+			sleep 30
+		end
+		save_report(scan_uuid, options[:report_file])
+		delete_policy(policy_id) if options[:delete_policy]
+		delete_report(scan_uuid) if options[:delete_report]
+		return scan_uuid
+	end
+	def logout()
+		execute_command("logout",
+		                [{:type => :cookie, :value => "token=#{@token}"}])
+		@token = nil
+	end
+	def self.get_policy_name_from_file(file)
+		return (Document.new(File.new(file)).elements.inject("NessusClientData_v2/Policy/policyName", []) {|r, x| r << x.text})[0]
+	end
+	# Allowed values for configuration keys are:
+	#
+	#  "policy_name": "some_name"
+	#  "policy_shared": "0" if the policy is not shared, or "1" if it is shared
+	#  "SSH settings[entry]:SSH user name :": "root"
+	#  "SSH settings[file]:SSH private key to use :": {:type => :file, :file => "/tmp/key.pem"}
+	#  "plugin_selection.family.Service detection": "enabled", "disabled", "mixed"
+	#  "plugin_selection.individual_plugin.19679": "enabled", "disabled"
+	#  "SSH settings[radio]:Elevate privileges with :": "Nothing", "sudo", "su", ...
+	def new_policy(options)
+		raise "missing option \"policy_name\"" unless options["policy_name"]
+		raise "missing option \"policy_shared\"" unless options["policy_shared"]
+		cmd_params = [{:type => :cookie, :value => "token=#{@token}"}]
+		options.each do|key,value|
+			if value.class() == String then
+				cmd_params << {:value => "#{key}=#{value}"}
+			elsif value.class() == Hash then
+				if value[:type] == :file then
+					filename = upload_file(value[:file])
+					cmd_params << {:value => "#{key}=#{filename}"}
+				else
+					raise "Unknown value hash type '#{value[:type]}' for policy configuration key '#{key}'"
+				end
+			else
+				raise "Unknown value type '#{value.class()} for policy configuration key '#{key}'"
+			end
+		end
+		reply = execute_command("policy/add", cmd_params)
+		policy_ids = reply.elements.inject("/reply/contents/policy/policyID", []) {|r, x| r << x.text}
+		raise "Policy '#{options["policy_name"]}' already exists or was not imported (#{policy_ids.length()})" unless policy_ids.length() == 1
+		return policy_ids[0]
+	end
+	def list_plugin_families()
+		reply = execute_command("plugins/list",
+		                        [{:type => :cookie, :value => "token=#{@token}"}])
+		return reply.elements.inject("/reply/contents/pluginFamilyList/family/familyName", []) {|r, x| r << x.text}
+	end
+	def list_plugin_family(family_name)
+		reply = execute_command("plugins/list/family",
+		                        [{:type => :cookie, :value => "token=#{@token}"},
+		                         {:value => "family=#{family_name}"}])
+		results = []
+		reply.elements.each("/reply/contents/pluginList/plugin") do|elem|
+			result = {}
+			elem.elements.each do|subelem|
+				result[subelem.name] = subelem.text
+			end
+			results << result
+		end
+		return results
+	end
+end

data/lib/audit/lib/nessus_utils.rb ADDED Viewed

@@ -0,0 +1,102 @@
+require 'nessus-xmlrpc'
+module NessusXMLRPC
+	class NessusXMLRPCrexml
+		def file_upload(file)
+			cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --form \"Filedata=@#{file}\" #{@nurl}file/upload"
+			print "Executing Nessus command: '#{cmd}'\n"
+			body = `#{cmd}`
+			docxml = REXML::Document.new(body)
+			begin
+				status = docxml.root.elements['status'].text
+				filename = docxml.root.elements['contents'].elements['fileUploaded'].text
+			rescue => err
+				print "[e] Error in XML parsing\n"
+			end
+			if status == "OK" then
+				return filename
+			else
+				return nil
+			end
+		end
+		def policy_upload(policy_file)
+			filename = file_upload(policy_file)
+			if filename then
+				cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --data \"file=#{filename}\" #{@nurl}file/policy/import"
+				print "Executing Nessus command: '#{cmd}'\n"
+				body = `#{cmd}`
+				docxml = REXML::Document.new(body)
+				begin
+					status = docxml.root.elements['status'].text
+				rescue => err
+					print "[e] Error in XML parsing\n"
+				end
+				if status == "OK" then
+					return docxml
+				else
+					return nil
+				end
+			else
+				return nil
+			end
+		end
+		def policy_delete(policy_id)
+			cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --data \"policy_id=#{policy_id}\" #{@nurl}policy/delete"
+			print "Executing Nessus command: '#{cmd}'\n"
+			body = `#{cmd}`
+			docxml = REXML::Document.new(body)
+			begin
+				status = docxml.root.elements['status'].text
+			rescue => err
+				print "[e] Error in XML parsing\n"
+			end
+			if status == "OK" then
+				return true
+			else
+				return nil
+			end
+		end
+		def policy_file_get_policies(policy_file)
+			policy_names = []
+			REXML::Document.new(File.read(policy_file)).root.each_element('//Policy') {|p| policy_names << p.elements['policyName'].text}
+			return policy_names
+		end
+		def scan_execute(policy_file, policy_name, scan_name, target)
+			while (policy_id = policy_get_id(policy_name)) != '' do
+				policy_delete(policy_id)
+			end
+			policy_upload(policy_file)
+			policy_id = policy_get_id(policy_name)
+			if policy_id != '' then
+				scan = scan_new(policy_id, scan_name, target)
+				while scan_status(scan) == 'running' do
+					sleep(5)
+				end
+				report = report_file_download(scan)
+				report_delete(scan)
+				policy_delete(policy_id)
+				return report
+			else
+				return nil
+				# error: policy not found altough just imported
+			end
+		end
+	end
+end

data/lib/audit/lib/parser/command/abstract_command.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# The superclass for all response commands from scripts
+# each subclass must have a constant named COMMAND, which is the string
+# version of the command as sent by the worker script
+class AbstractCommand
+	# The check that issued this command.
+  attr_reader :check
+	# The severity of this command.
+  attr_reader :severity
+	# The message associated with this command.
+  attr_reader :message
+	# Create a new AbstractCommand.
+	# Should only be called from subclasses, as this class is abstract,
+	# * <em>check</em>
+	# * <em>severity</em>
+	# * <em>message</em>
+  def initialize(check, severity, message)
+    @check = check
+    @severity = severity
+    @message = message
+  end
+  # Abstract method to be implemented by subclasses.
+  # Perform any action neccessary to obtain results, like copying a file to the local host.
+  def process(parser)
+  end
+  # Abstract method to be implemented by subclasses.
+  # return a result object, contained in an instance of kind AbstractCommandResult
+  def result()
+  end
+end

data/lib/audit/lib/parser/command/abstract_command_result.rb ADDED Viewed

@@ -0,0 +1,30 @@
+# To change this template, choose Tools | Templates
+# and open the template in the editor.
+class AbstractCommandResult
+  attr_reader :check
+  attr_reader :severity
+  attr_reader :message
+  attr_reader :type
+  def initialize(check, severity, message, type)
+    @check = check
+    @severity = severity
+    @message = message
+    @type = type
+  end
+  def to_string()
+    return @message
+  end
+  def to_hash()
+    return {:rule => @check.id,
+            :severity => @severity,
+            :message => @message,
+            :type => @type}
+  end
+  def visible?
+    return true
+  end
+end