RubyGems - CloudyScripts - Versions diffs - 1.6.1 → 1.7.27 - Mend

CloudyScripts 1.6.1 → 1.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

data/Rakefile +1 -1
data/lib/audit/checks/APACHE2.group +6 -0
data/lib/audit/checks/APACHE2_CONFIG_01.check +36 -0
data/lib/audit/checks/APACHE2_CONFIG_02.check +34 -0
data/lib/audit/checks/APACHE2_CONFIG_03.check +60 -0
data/lib/audit/checks/APACHE2_CONFIG_04.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_05.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_06.check +30 -0
data/lib/audit/checks/APACHE2_INIT_1.check +14 -0
data/lib/audit/checks/APACHE2_INIT_2.check +66 -0
data/lib/audit/checks/APACHE2_INIT_3.check +13 -0
data/lib/audit/checks/APACHE2_USER_7.check +17 -0
data/lib/audit/checks/BACKUP_HOME_DOTFILES.check +26 -0
data/lib/audit/checks/BACKUP_LOG.check +24 -0
data/lib/audit/checks/BACKUP_MAIL.check +19 -0
data/lib/audit/checks/BACKUP_WEB.check +12 -0
data/lib/audit/checks/CONFIGURATION_BACKUP.check +14 -0
data/lib/audit/checks/DIRECTORY_LISTING.check +14 -0
data/lib/audit/checks/DISTRIBUTION_FACTS.check +60 -0
data/lib/audit/checks/DMESG_OUTPUT.check +14 -0
data/lib/audit/checks/FIND_GROUP_FILE.check +6 -0
data/lib/audit/checks/FIND_PASSWD_FILE.check +8 -0
data/lib/audit/checks/FIND_SHADOW_FILE.check +5 -0
data/lib/audit/checks/FIND_SUDOERS_FILE.check +6 -0
data/lib/audit/checks/FREE_SPACE.check +26 -0
data/lib/audit/checks/HAS_AWK.check +30 -0
data/lib/audit/checks/HAS_BASE.check +21 -0
data/lib/audit/checks/HAS_CAT.check +18 -0
data/lib/audit/checks/HAS_COMPRESSOR.check +30 -0
data/lib/audit/checks/HAS_CUT.check +18 -0
data/lib/audit/checks/HAS_DF.check +19 -0
data/lib/audit/checks/HAS_DPKG.check +18 -0
data/lib/audit/checks/HAS_FILE_DOWNLOADER.check +32 -0
data/lib/audit/checks/HAS_FIND.check +18 -0
data/lib/audit/checks/HAS_GREP.check +19 -0
data/lib/audit/checks/HAS_GROUPCHECK.check +23 -0
data/lib/audit/checks/HAS_GROUPS.check +19 -0
data/lib/audit/checks/HAS_HOSTNAME.check +7 -0
data/lib/audit/checks/HAS_ID.check +7 -0
data/lib/audit/checks/HAS_LSB_RELEASE.check +16 -0
data/lib/audit/checks/HAS_MOUNT.check +19 -0
data/lib/audit/checks/HAS_NETSTAT.check +20 -0
data/lib/audit/checks/HAS_PASSWD_CHECK.check +17 -0
data/lib/audit/checks/HAS_PS.check +19 -0
data/lib/audit/checks/HAS_ROUTE.check +19 -0
data/lib/audit/checks/HAS_SH.check +19 -0
data/lib/audit/checks/HAS_SORT.check +17 -0
data/lib/audit/checks/HAS_STAT.check +17 -0
data/lib/audit/checks/HAS_SUPERUSER.check +11 -0
data/lib/audit/checks/HAS_TAIL.check +16 -0
data/lib/audit/checks/HAS_TAR.check +7 -0
data/lib/audit/checks/HAS_TR.check +22 -0
data/lib/audit/checks/HAS_UNAME.check +7 -0
data/lib/audit/checks/HAS_UNIQ.check +17 -0
data/lib/audit/checks/HAS_WC.check +16 -0
data/lib/audit/checks/HAS_WHO.check +18 -0
data/lib/audit/checks/HAS_YUM.check +18 -0
data/lib/audit/checks/LASTLOG.check +28 -0
data/lib/audit/checks/LIST_ROUTES.check +33 -0
data/lib/audit/checks/LIST_USER_ACCOUNTS.check +25 -0
data/lib/audit/checks/LOADED_MODULES.check +22 -0
data/lib/audit/checks/LOCAL_NMAP.check +97 -0
data/lib/audit/checks/LOGGED_USERS.check +28 -0
data/lib/audit/checks/LYNIS_AUTH.group +9 -0
data/lib/audit/checks/LYNIS_AUTH_9204.check +43 -0
data/lib/audit/checks/LYNIS_AUTH_9208.check +35 -0
data/lib/audit/checks/LYNIS_AUTH_9216.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9222.check +25 -0
data/lib/audit/checks/LYNIS_AUTH_9226.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9228.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9252.check +19 -0
data/lib/audit/checks/MAYBE_HAS_BZIP2.check +17 -0
data/lib/audit/checks/MAYBE_HAS_CURL.check +17 -0
data/lib/audit/checks/MAYBE_HAS_DU.check +17 -0
data/lib/audit/checks/MAYBE_HAS_HOSTNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_ID.check +17 -0
data/lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check +15 -0
data/lib/audit/checks/MAYBE_HAS_SUPERUSER.check +36 -0
data/lib/audit/checks/MAYBE_HAS_TAR.check +19 -0
data/lib/audit/checks/MAYBE_HAS_UNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_WGET.check +17 -0
data/lib/audit/checks/MOUNTED_DEVICES.check +22 -0
data/lib/audit/checks/MYSQL_HISTORY_1.check +29 -0
data/lib/audit/checks/MYSQL_INIT_1.check +9 -0
data/lib/audit/checks/MYSQL_INIT_2.check +12 -0
data/lib/audit/checks/MYSQL_INIT_3.check +7 -0
data/lib/audit/checks/PACKAGES_INSTALLED_DPKG.check +38 -0
data/lib/audit/checks/PACKAGES_INSTALLED_YUM.check +36 -0
data/lib/audit/checks/PASSWORD_INFORMATION.check +33 -0
data/lib/audit/checks/PLATFORM_FACTS.check +35 -0
data/lib/audit/checks/PORTS_OPEN_NETSTAT.check +121 -0
data/lib/audit/checks/PROCESS_LIST.check +87 -0
data/lib/audit/checks/SLOW.group +7 -0
data/lib/audit/checks/SLOW_1.check +4 -0
data/lib/audit/checks/SLOW_2.check +4 -0
data/lib/audit/checks/SLOW_3.check +4 -0
data/lib/audit/checks/SSH.group +14 -0
data/lib/audit/checks/SSH_CONFIG_01.check +12 -0
data/lib/audit/checks/SSH_CONFIG_02.check +15 -0
data/lib/audit/checks/SSH_CONFIG_03.check +13 -0
data/lib/audit/checks/SSH_CONFIG_04.check +11 -0
data/lib/audit/checks/SSH_CONFIG_05.check +12 -0
data/lib/audit/checks/SSH_CONFIG_06.check +12 -0
data/lib/audit/checks/SSH_CONFIG_07.check +11 -0
data/lib/audit/checks/SSH_CONFIG_08.check +12 -0
data/lib/audit/checks/SSH_CONFIG_09.check +12 -0
data/lib/audit/checks/SSH_CONFIG_10.check +15 -0
data/lib/audit/checks/SSH_CONFIG_11.check +14 -0
data/lib/audit/checks/SSH_INIT_1.check +9 -0
data/lib/audit/checks/SSH_INIT_2.check +12 -0
data/lib/audit/checks/SSH_KEYS_1.check +32 -0
data/lib/audit/checks/USERS_INIT_1.check +9 -0
data/lib/audit/checks/USERS_INIT_2.check +5 -0
data/lib/audit/checks/USERS_INIT_3.check +5 -0
data/lib/audit/checks/USERS_INIT_4.check +9 -0
data/lib/audit/checks/USERS_INIT_5.check +10 -0
data/lib/audit/checks/USER_INFORMATION.check +29 -0
data/lib/audit/checks/VARIOUS.group +19 -0
data/lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check +5 -0
data/lib/audit/checks/benchmark.group +6 -0
data/lib/audit/checks/footer.template +12 -0
data/lib/audit/checks/header.template +10 -0
data/lib/audit/checks/helpers/head.sh +59 -0
data/lib/audit/checks/script_header.template +69 -0
data/lib/audit/create_benchmark.sh +93 -0
data/lib/audit/lib/audit.rb +136 -0
data/lib/audit/lib/audit_facade.rb +5 -0
data/lib/audit/lib/benchmark/audit_benchmark.rb +165 -0
data/lib/audit/lib/benchmark/automatic_dependencies.rb +13 -0
data/lib/audit/lib/benchmark/benchmark_factory.rb +23 -0
data/lib/audit/lib/benchmark/benchmark_result.rb +25 -0
data/lib/audit/lib/benchmark/check.rb +34 -0
data/lib/audit/lib/benchmark/group.rb +30 -0
data/lib/audit/lib/benchmark/item_exception.rb +13 -0
data/lib/audit/lib/benchmark/result_code.rb +11 -0
data/lib/audit/lib/benchmark/rule_result.rb +42 -0
data/lib/audit/lib/benchmark/rule_role.rb +5 -0
data/lib/audit/lib/benchmark/rule_severity.rb +13 -0
data/lib/audit/lib/benchmark/yaml_benchmark.rb +133 -0
data/lib/audit/lib/connection/ami_connection.rb +4 -0
data/lib/audit/lib/connection/connection_factory.rb +27 -0
data/lib/audit/lib/connection/ssh_connection.rb +243 -0
data/lib/audit/lib/ec2_utils.rb +245 -0
data/lib/audit/lib/http_fingerprint.rb +116 -0
data/lib/audit/lib/lazy.rb +37 -0
data/lib/audit/lib/linear_script_generator.rb +31 -0
data/lib/audit/lib/main.rb +13 -0
data/lib/audit/lib/my_option_parser.rb +106 -0
data/lib/audit/lib/nessus_new.rb +290 -0
data/lib/audit/lib/nessus_utils.rb +102 -0
data/lib/audit/lib/parser/command/abstract_command.rb +32 -0
data/lib/audit/lib/parser/command/abstract_command_result.rb +30 -0
data/lib/audit/lib/parser/command/attach_file_command.rb +63 -0
data/lib/audit/lib/parser/command/check_finished_command.rb +45 -0
data/lib/audit/lib/parser/command/cpe_name_command.rb +37 -0
data/lib/audit/lib/parser/command/data_command.rb +43 -0
data/lib/audit/lib/parser/command/listening_port_command.rb +46 -0
data/lib/audit/lib/parser/command/message_command.rb +21 -0
data/lib/audit/lib/parser/command/program_name_command.rb +42 -0
data/lib/audit/lib/parser/parse_exception.rb +2 -0
data/lib/audit/lib/parser/result_type.rb +13 -0
data/lib/audit/lib/parser/script_output_parser.rb +201 -0
data/lib/audit/lib/parser/stdout_line_buffer.rb +43 -0
data/lib/audit/lib/ssh_fingerprint.rb +220 -0
data/lib/audit/lib/ssh_fingerprint2.rb +170 -0
data/lib/audit/lib/ssh_utils.rb +292 -0
data/lib/audit/lib/transformers/web_view_transformer.rb +171 -0
data/lib/audit/lib/transformers/yaml_transformer.rb +50 -0
data/lib/audit/lib/util/random_string.rb +22 -0
data/lib/audit/lib/version.rb +7 -0
data/lib/help/ec2_helper.rb +65 -2
data/lib/help/remote_command_handler.rb +17 -0
data/lib/help/state_transition_helper.rb +8 -0
data/lib/scripts/ec2/open_port_checker.rb +112 -0
data/lib/scripts/ec2/port_range_detector.rb +0 -1
metadata +175 -16

data/lib/audit/lib/nessus_new.rb ADDED Viewed

@@ -0,0 +1,290 @@
+require 'rexml/document'
+require 'logger'
+include REXML
+class Nessus
+	attr_reader :token
+	def initialize(options = {})
+		options = {:host => "127.0.0.1", :port => "8834", :timeout => "120"}.merge(options)
+		@host = options[:host]
+		@port = options[:port]
+		@timeout = options[:timeout]
+		if options[:logger] then
+			@logger = options[:logger]
+		else
+			@logger = Logger.new(STDOUT)
+		end
+		@token = nil
+	end
+	def execute_command(command, parameters,  fail_on_error = true)
+		cmd = "curl --silent --max-time #{@timeout} --insecure "
+		parameters.each do|param|
+			if param[:type].nil? || param[:type] == :data then
+				cmd << "--data \"#{param[:value]}\" "
+			elsif param[:type] == :form then
+				cmd << "--form \"#{param[:value]}\" "
+			elsif param[:type] == :cookie then
+				cmd << "--cookie \"#{param[:value]}\" "
+			else
+				raise "unknown parameter type #{param[:type]}"
+			end
+		end
+		cmd << "https://#{@host}:#{@port}/#{command}"
+		@logger.info {"Executing command: #{cmd}"}
+		result_str = `#{cmd}`
+		raise "unexpected return value from nessus command #{command} " unless result_str.class == String
+		result = Document.new(result_str)
+		status = result.elements.inject("reply/status", []) {|r, x| r << x.text}
+		if fail_on_error then
+			raise "Invalid return status for nessus command #{command}" unless status && status.length == 1 && status[0] == "OK"
+		end
+		return result
+	end
+	def login(username, password)
+		result = execute_command("login", [{:value => "login=#{username}"}, {:value => "password=#{password}"}])
+		token = result.elements.inject("reply/contents/token", []) {|r, x| r << x.text}
+		raise "Invalid token during nessus login" unless token && token.length == 1
+		@token = token[0]
+	end
+	def upload_file(file)
+		raise "File '#{file}' is not accessible" unless File.exist?(file) && File.readable?(file)
+		reply = execute_command("file/upload",
+	   	                    [{:type => :cookie, :value => "token=#{@token}"},
+	      	                  {:type => :form, :value => "Filedata=@#{file}"}])
+		return reply.elements.inject("/reply/contents/fileUploaded", []) {|r, x| r << x.text}[0]
+	end
+	def import_policy(filename)
+		return execute_command("file/policy/import",
+	   	                           [{:value => "file=#{filename}"},
+	      	                         {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	def delete_policy(id)
+		return execute_command("policy/delete",
+	   	                           [{:value => "policy_id=#{id}"},
+	      	                         {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	def get_policy_ids(policy_name)
+		policies = execute_command("policy/list",
+	   	                               [{:type => :cookie, :value => "token=#{@token}"}])
+		return policies.elements.inject("/reply/contents/policies/policy[policyName='#{policy_name}']/policyID", []) {|r, x| r << x.text}
+	end
+	def import_policy_file(file)
+		policy_name = Nessus.get_policy_name_from_file(file)
+		policy_ids = get_policy_ids(policy_name)
+		policy_ids.each do|id|
+			delete_policy(id)
+		end
+		uploaded_name = upload_file(file)
+		policies = import_policy(uploaded_name)
+		return policies.elements.inject("/reply/contents/policies/policy[policyName='#{policy_name}']/policyID", []) {|r, x| r << x.text}[0]
+	end
+	#Start a new nessus scan
+	#
+	# @param :policy_id The policy id of the policy to use (String)
+	# @param :targets The scan targets (String or Array of String)
+	def start_scan(options)
+		raise "Missing parameter :policy_id" unless options[:policy_id]
+		raise "Missing parameter :targets" unless options[:targets]
+		scan_opts = [{:value => "policy_id=#{options[:policy_id]}"},
+		             {:type => :cookie, :value => "token=#{@token}"}]
+		if options[:targets].class() == String then
+			scan_opts << {:value => "target=#{options[:targets]}"}
+		elsif options[:targets].class() == Array then
+			options[:targets].each do|target|
+				scan_opts << {:value => "target=#{target}"}
+			end
+		else
+			raise "Unknown target type #{options[:targets].class().name()}"
+		end
+		scan_reply = execute_command("scan/new",  scan_opts)
+		return scan_reply.elements.inject("/reply/contents/scan/uuid", []) {|r, x| r << x.text}[0]
+	end
+	def scan_status(uuid)
+		report = list_report(uuid)
+		return "unknown" unless report
+		return report["status"]
+	end
+	def list_reports()
+		reply = execute_command("report/list", [{:type => :cookie, :value => "token=#{@token}"}])
+		results = []
+		reply.elements.each("/reply/contents/reports/report") do|elem|
+			result = {}
+			elem.elements.each do|subelem|
+				result[subelem.name] = subelem.text
+			end
+			results << result
+		end
+		return results
+	end
+	def list_report(uuid)
+		reports = list_reports()
+		report = reports.reject {|rep| rep["name"] != uuid}
+		return nil if report.length != 1
+		return report[0]
+	end
+	def save_report(uuid, file)
+		report = execute_command("file/report/download",
+		                       [{:value => "report=#{uuid}"},
+		                        {:type => :cookie, :value => "token=#{@token}"}],
+		                       false)
+		if report.elements.inject("/NessusClientData_v2", []) {|r, x| r << x}.empty? then
+			raise "error during save_report"
+		end
+		File.open(file, 'w') {|file| file << report.to_s}
+	end
+	def delete_report(uuid)
+		report = execute_command("report/delete",
+		                       [{:value => "report=#{uuid}"},
+		                        {:type => :cookie, :value => "token=#{@token}"}])
+	end
+	# Scan targets completely and return when scan is finished
+	#
+	# Note: Only one of :policy_id, :policy_name or :policy_file needs to be specified.
+	# @param :targets Hosts to scan (String or Array of String)
+	# @param :report_file Path to report file (String)
+	# @param :policy_id Policy ID of policy to use (String)
+	# @param :policy_name Name of policy to use (String)
+	# @param :policy_file Path to policy file to import and use (String)
+	# @param :delete_policy (optional) Delete policy when scan is finished (Boolean)
+	# @param :delete_report (optional) Delete report when scan is finished (Boolean)
+	def scan_targets(options)
+		raise "Need parameter :targets" unless options[:targets]
+		raise "Need parameter :report_file" unless options[:report_file]
+		policy_id = ""
+		if options[:policy_id] then
+			policy_id = options[:policy_id]
+		elsif options[:policy_name] then
+			policy_ids = get_policy_ids(policy_name)
+			raise "No policy with this name (#{policy_name}) found" if policy_ids.empty?
+			raise "Several policies with this name (#{policy_name}) found" if policy_ids.length > 1
+			policy_id = policy_ids[0]
+		elsif options[:policy_file] then
+			policy_id = import_policy_file(options[:policy_file])
+		else
+			raise "Need parameter :policy_file, :policy_name or :policy_id"
+		end
+		scan_uuid = start_scan(:policy_id => policy_id, :targets => options[:targets])
+		while scan_status(scan_uuid) != "completed" do
+			sleep 30
+		end
+		save_report(scan_uuid, options[:report_file])
+		delete_policy(policy_id) if options[:delete_policy]
+		delete_report(scan_uuid) if options[:delete_report]
+		return scan_uuid
+	end
+	def logout()
+		execute_command("logout",
+		                [{:type => :cookie, :value => "token=#{@token}"}])
+		@token = nil
+	end
+	def self.get_policy_name_from_file(file)
+		return (Document.new(File.new(file)).elements.inject("NessusClientData_v2/Policy/policyName", []) {|r, x| r << x.text})[0]
+	end
+	# Allowed values for configuration keys are:
+	#
+	#  "policy_name": "some_name"
+	#  "policy_shared": "0" if the policy is not shared, or "1" if it is shared
+	#  "SSH settings[entry]:SSH user name :": "root"
+	#  "SSH settings[file]:SSH private key to use :": {:type => :file, :file => "/tmp/key.pem"}
+	#  "plugin_selection.family.Service detection": "enabled", "disabled", "mixed"
+	#  "plugin_selection.individual_plugin.19679": "enabled", "disabled"
+	#  "SSH settings[radio]:Elevate privileges with :": "Nothing", "sudo", "su", ...
+	def new_policy(options)
+		raise "missing option \"policy_name\"" unless options["policy_name"]
+		raise "missing option \"policy_shared\"" unless options["policy_shared"]
+		cmd_params = [{:type => :cookie, :value => "token=#{@token}"}]
+		options.each do|key,value|
+			if value.class() == String then
+				cmd_params << {:value => "#{key}=#{value}"}
+			elsif value.class() == Hash then
+				if value[:type] == :file then
+					filename = upload_file(value[:file])
+					cmd_params << {:value => "#{key}=#{filename}"}
+				else
+					raise "Unknown value hash type '#{value[:type]}' for policy configuration key '#{key}'"
+				end
+			else
+				raise "Unknown value type '#{value.class()} for policy configuration key '#{key}'"
+			end
+		end
+		reply = execute_command("policy/add", cmd_params)
+		policy_ids = reply.elements.inject("/reply/contents/policy/policyID", []) {|r, x| r << x.text}
+		raise "Policy '#{options["policy_name"]}' already exists or was not imported (#{policy_ids.length()})" unless policy_ids.length() == 1
+		return policy_ids[0]
+	end
+	def list_plugin_families()
+		reply = execute_command("plugins/list",
+		                        [{:type => :cookie, :value => "token=#{@token}"}])
+		return reply.elements.inject("/reply/contents/pluginFamilyList/family/familyName", []) {|r, x| r << x.text}
+	end
+	def list_plugin_family(family_name)
+		reply = execute_command("plugins/list/family",
+		                        [{:type => :cookie, :value => "token=#{@token}"},
+		                         {:value => "family=#{family_name}"}])
+		results = []
+		reply.elements.each("/reply/contents/pluginList/plugin") do|elem|
+			result = {}
+			elem.elements.each do|subelem|
+				result[subelem.name] = subelem.text
+			end
+			results << result
+		end
+		return results
+	end
+end

data/lib/audit/lib/nessus_utils.rb ADDED Viewed

@@ -0,0 +1,102 @@
+require 'nessus-xmlrpc'
+module NessusXMLRPC
+	class NessusXMLRPCrexml
+		def file_upload(file)
+			cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --form \"Filedata=@#{file}\" #{@nurl}file/upload"
+			print "Executing Nessus command: '#{cmd}'\n"
+			body = `#{cmd}`
+			docxml = REXML::Document.new(body)
+			begin
+				status = docxml.root.elements['status'].text
+				filename = docxml.root.elements['contents'].elements['fileUploaded'].text
+			rescue => err
+				print "[e] Error in XML parsing\n"
+			end
+			if status == "OK" then
+				return filename
+			else
+				return nil
+			end
+		end
+		def policy_upload(policy_file)
+			filename = file_upload(policy_file)
+			if filename then
+				cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --data \"file=#{filename}\" #{@nurl}file/policy/import"
+				print "Executing Nessus command: '#{cmd}'\n"
+				body = `#{cmd}`
+				docxml = REXML::Document.new(body)
+				begin
+					status = docxml.root.elements['status'].text
+				rescue => err
+					print "[e] Error in XML parsing\n"
+				end
+				if status == "OK" then
+					return docxml
+				else
+					return nil
+				end
+			else
+				return nil
+			end
+		end
+		def policy_delete(policy_id)
+			cmd = "curl --max-time 120 --silent --insecure --cookie \"token=#{@token}\" --data \"policy_id=#{policy_id}\" #{@nurl}policy/delete"
+			print "Executing Nessus command: '#{cmd}'\n"
+			body = `#{cmd}`
+			docxml = REXML::Document.new(body)
+			begin
+				status = docxml.root.elements['status'].text
+			rescue => err
+				print "[e] Error in XML parsing\n"
+			end
+			if status == "OK" then
+				return true
+			else
+				return nil
+			end
+		end
+		def policy_file_get_policies(policy_file)
+			policy_names = []
+			REXML::Document.new(File.read(policy_file)).root.each_element('//Policy') {|p| policy_names << p.elements['policyName'].text}
+			return policy_names
+		end
+		def scan_execute(policy_file, policy_name, scan_name, target)
+			while (policy_id = policy_get_id(policy_name)) != '' do
+				policy_delete(policy_id)
+			end
+			policy_upload(policy_file)
+			policy_id = policy_get_id(policy_name)
+			if policy_id != '' then
+				scan = scan_new(policy_id, scan_name, target)
+				while scan_status(scan) == 'running' do
+					sleep(5)
+				end
+				report = report_file_download(scan)
+				report_delete(scan)
+				policy_delete(policy_id)
+				return report
+			else
+				return nil
+				# error: policy not found altough just imported
+			end
+		end
+	end
+end

data/lib/audit/lib/parser/command/abstract_command.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# The superclass for all response commands from scripts
+# each subclass must have a constant named COMMAND, which is the string
+# version of the command as sent by the worker script
+class AbstractCommand
+	# The check that issued this command.
+  attr_reader :check
+	# The severity of this command.
+  attr_reader :severity
+	# The message associated with this command.
+  attr_reader :message
+	# Create a new AbstractCommand.
+	# Should only be called from subclasses, as this class is abstract,
+	# * <em>check</em>
+	# * <em>severity</em>
+	# * <em>message</em>
+  def initialize(check, severity, message)
+    @check = check
+    @severity = severity
+    @message = message
+  end
+  # Abstract method to be implemented by subclasses.
+  # Perform any action neccessary to obtain results, like copying a file to the local host.
+  def process(parser)
+  end
+  # Abstract method to be implemented by subclasses.
+  # return a result object, contained in an instance of kind AbstractCommandResult
+  def result()
+  end
+end

data/lib/audit/lib/parser/command/abstract_command_result.rb ADDED Viewed

@@ -0,0 +1,30 @@
+# To change this template, choose Tools | Templates
+# and open the template in the editor.
+class AbstractCommandResult
+  attr_reader :check
+  attr_reader :severity
+  attr_reader :message
+  attr_reader :type
+  def initialize(check, severity, message, type)
+    @check = check
+    @severity = severity
+    @message = message
+    @type = type
+  end
+  def to_string()
+    return @message
+  end
+  def to_hash()
+    return {:rule => @check.id,
+            :severity => @severity,
+            :message => @message,
+            :type => @type}
+  end
+  def visible?
+    return true
+  end
+end