Nessus6 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +18 -0
- data/Nessus6.gemspec +1 -0
- data/README.md +2 -0
- data/Rakefile +11 -1
- data/bin/console +4 -4
- data/lib/Nessus6.rb +22 -18
- data/lib/Nessus6/editor.rb +88 -0
- data/lib/Nessus6/errors/authentication_error.rb +8 -0
- data/lib/Nessus6/errors/bad_request.rb +10 -6
- data/lib/Nessus6/errors/conflict.rb +9 -5
- data/lib/Nessus6/errors/forbidden.rb +9 -5
- data/lib/Nessus6/errors/internal_server_error.rb +8 -4
- data/lib/Nessus6/errors/not_found.rb +9 -5
- data/lib/Nessus6/errors/unauthorized.rb +11 -7
- data/lib/Nessus6/errors/unknown.rb +7 -3
- data/lib/Nessus6/file.rb +31 -0
- data/lib/Nessus6/folder.rb +72 -0
- data/lib/Nessus6/group.rb +115 -0
- data/lib/Nessus6/permission.rb +46 -0
- data/lib/Nessus6/scan.rb +135 -0
- data/lib/Nessus6/session.rb +106 -0
- data/lib/Nessus6/user.rb +136 -0
- data/lib/Nessus6/verification.rb +29 -0
- data/lib/Nessus6/version.rb +1 -1
- metadata +26 -10
- data/lib/Nessus6/editor/methods.rb +0 -108
- data/lib/Nessus6/file/methods.rb +0 -34
- data/lib/Nessus6/folders/methods.rb +0 -118
- data/lib/Nessus6/groups/methods.rb +0 -202
- data/lib/Nessus6/permissions/methods.rb +0 -66
- data/lib/Nessus6/scans/methods.rb +0 -106
- data/lib/Nessus6/session/methods.rb +0 -142
- data/lib/Nessus6/users/methods.rb +0 -180
@@ -1,66 +0,0 @@
|
|
1
|
-
require 'json'
|
2
|
-
require 'Nessus6/errors/forbidden' # 403
|
3
|
-
require 'Nessus6/errors/not_found' # 404
|
4
|
-
require 'Nessus6/errors/unknown'
|
5
|
-
|
6
|
-
module Nessus6
|
7
|
-
# The Editor class is for interacting with Nessus6 templates
|
8
|
-
class Permissions
|
9
|
-
def initialize(client)
|
10
|
-
@client = client
|
11
|
-
end
|
12
|
-
|
13
|
-
# Changes the permissions for an object.
|
14
|
-
#
|
15
|
-
# @param object_type [String] The type of object.
|
16
|
-
# @param object_id [String, Fixnum] The unique id of the object.
|
17
|
-
# @param permissions [String] An array of permission resources to apply
|
18
|
-
# to the object.
|
19
|
-
# @return [Hash]
|
20
|
-
def change(object_type, object_id, permissions)
|
21
|
-
response = @client.put("permissions/#{object_type}/#{object_id}",
|
22
|
-
body: permissions)
|
23
|
-
verify_change response
|
24
|
-
end
|
25
|
-
|
26
|
-
# Returns the current object's permissions.
|
27
|
-
#
|
28
|
-
# @param object_type [String] The type of object.
|
29
|
-
# @param object_id [String, Fixnum] The unique id of the object.
|
30
|
-
# @return [Hash]
|
31
|
-
def list(object_type, object_id)
|
32
|
-
response = @client.get("permissions/#{object_type}/#{object_id}")
|
33
|
-
verify_list response
|
34
|
-
end
|
35
|
-
|
36
|
-
private
|
37
|
-
|
38
|
-
def verify_change(response)
|
39
|
-
case response.status_code
|
40
|
-
when 200
|
41
|
-
return JSON.parse response.body
|
42
|
-
when 403
|
43
|
-
fail ForbiddenError, 'You do not have permission to edit the object'
|
44
|
-
when 404
|
45
|
-
fail NotFoundError, 'Object does not exist'
|
46
|
-
else
|
47
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
48
|
-
'for further details.'
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
def verify_list(response)
|
53
|
-
case response.status_code
|
54
|
-
when 200
|
55
|
-
return JSON.parse response.body
|
56
|
-
when 403
|
57
|
-
fail ForbiddenError, 'You do not have permission to view the object'
|
58
|
-
when 404
|
59
|
-
fail NotFoundError, 'Object does not exist'
|
60
|
-
else
|
61
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
62
|
-
'for further details.'
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
@@ -1,106 +0,0 @@
|
|
1
|
-
require 'json'
|
2
|
-
require 'Nessus6/errors/forbidden' # 403
|
3
|
-
require 'Nessus6/errors/not_found' # 404
|
4
|
-
require 'Nessus6/errors/conflict' # 409
|
5
|
-
require 'Nessus6/errors/internal_server_error' # 500
|
6
|
-
require 'Nessus6/errors/unknown'
|
7
|
-
|
8
|
-
module Nessus6
|
9
|
-
# The Editor class is for interacting with Nessus6 templates
|
10
|
-
class Scans
|
11
|
-
def initialize(client)
|
12
|
-
@client = client
|
13
|
-
end
|
14
|
-
|
15
|
-
# Launches a scan.
|
16
|
-
#
|
17
|
-
# @param scan_id [String, Fixnum] The id of the scan to launch.
|
18
|
-
# @param alt_targets [Array] If specified, these targets will be scanned
|
19
|
-
# instead of the default. Value can be an array where each index is a
|
20
|
-
# target, or an array with a single index of comma separated targets.
|
21
|
-
# @return [Hash] The scan UUID or throws an error
|
22
|
-
def launch(scan_id, alt_targets = nil)
|
23
|
-
if alt_targets.is_a? Array
|
24
|
-
response = @client.post "scans/#{scan_id}/launch",
|
25
|
-
alt_targets: alt_targets
|
26
|
-
else
|
27
|
-
response = @client.post "scans/#{scan_id}/launch"
|
28
|
-
end
|
29
|
-
|
30
|
-
verify_launch response
|
31
|
-
end
|
32
|
-
|
33
|
-
# Returns the scan list.
|
34
|
-
#
|
35
|
-
# @return [Hash] Returns the scan list.
|
36
|
-
def list
|
37
|
-
response = @client.get 'scans'
|
38
|
-
JSON.parse response.body
|
39
|
-
end
|
40
|
-
|
41
|
-
# Pauses a scan.
|
42
|
-
#
|
43
|
-
# @param scan_id [String, Fixnum] The id of the scan to pause.
|
44
|
-
# @return [Hash] The scan UUID or throws an error
|
45
|
-
def pause(scan_id)
|
46
|
-
response = @client.post "scans/#{scan_id}/pause"
|
47
|
-
verify_pause response
|
48
|
-
end
|
49
|
-
|
50
|
-
# Stops a scan.
|
51
|
-
#
|
52
|
-
# @param scan_id [String, Fixnum] The id of the scan to stop.
|
53
|
-
# @return [Hash] The scan UUID or throws an error
|
54
|
-
def stop(scan_id)
|
55
|
-
response = @client.post "scans/#{scan_id}/stop"
|
56
|
-
verify_stop response
|
57
|
-
end
|
58
|
-
|
59
|
-
private
|
60
|
-
|
61
|
-
def verify_launch(response)
|
62
|
-
case response.status_code
|
63
|
-
when 200
|
64
|
-
return JSON.parse response.body
|
65
|
-
when 403
|
66
|
-
fail ForbiddenError, 'This scan is disabled.'
|
67
|
-
when 404
|
68
|
-
fail NotFoundError, 'Scan does not exist.'
|
69
|
-
when 500
|
70
|
-
fail InternalServerError, 'Failed to launch scan. This is usually due to the'\
|
71
|
-
' scan already running.'
|
72
|
-
else
|
73
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
74
|
-
'for further details.'
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
def verify_pause(response)
|
79
|
-
case response.status_code
|
80
|
-
when 200
|
81
|
-
return JSON.parse response.body
|
82
|
-
when 403
|
83
|
-
fail ForbiddenError, 'This scan is disabled.'
|
84
|
-
when 409
|
85
|
-
fail ConflictError, 'Scan is not active.'
|
86
|
-
else
|
87
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
88
|
-
'for further details.'
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
def verify_stop(response)
|
93
|
-
case response.status_code
|
94
|
-
when 200
|
95
|
-
return JSON.parse response.body
|
96
|
-
when 404
|
97
|
-
fail NotFoundError, 'Scan does not exist.'
|
98
|
-
when 409
|
99
|
-
fail ConflictError, 'Scan is not active.'
|
100
|
-
else
|
101
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
102
|
-
'for further details.'
|
103
|
-
end
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
@@ -1,142 +0,0 @@
|
|
1
|
-
require 'json'
|
2
|
-
require 'Nessus6/errors/bad_request'
|
3
|
-
require 'Nessus6/errors/forbidden'
|
4
|
-
require 'Nessus6/errors/internal_server_error'
|
5
|
-
require 'Nessus6/errors/unauthorized'
|
6
|
-
require 'Nessus6/errors/unknown'
|
7
|
-
|
8
|
-
module Nessus6
|
9
|
-
class Session
|
10
|
-
attr_reader :token
|
11
|
-
|
12
|
-
def initialize(client)
|
13
|
-
@client = client
|
14
|
-
end
|
15
|
-
|
16
|
-
def create(username, password)
|
17
|
-
response = @client.post('session',
|
18
|
-
username: username, password: password)
|
19
|
-
verified = verify_create response
|
20
|
-
@token = verified['token']
|
21
|
-
end
|
22
|
-
|
23
|
-
def destroy
|
24
|
-
response = @client.delete('session')
|
25
|
-
|
26
|
-
case response.status_code
|
27
|
-
when 200
|
28
|
-
@token = ''
|
29
|
-
return true
|
30
|
-
when 401
|
31
|
-
fail 'No session exists'
|
32
|
-
else
|
33
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
34
|
-
'for further details.'
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
def edit(user)
|
39
|
-
if user[:name] && user[:email]
|
40
|
-
response = @client.put('session', name: user[:name],
|
41
|
-
email: user[:email])
|
42
|
-
elsif user[:name]
|
43
|
-
response = @client.put('session', name: user[:name])
|
44
|
-
elsif user[:email]
|
45
|
-
response = @client.put('session', email: user[:email])
|
46
|
-
else
|
47
|
-
fail "User's name or email was not provided in hash form."
|
48
|
-
end
|
49
|
-
verify_edit response
|
50
|
-
end
|
51
|
-
|
52
|
-
def get
|
53
|
-
verify_get @client.get('session')
|
54
|
-
end
|
55
|
-
|
56
|
-
def password(new_password)
|
57
|
-
response = @client.put('session/chpasswd', password: new_password)
|
58
|
-
verify_password response
|
59
|
-
end
|
60
|
-
|
61
|
-
def keys
|
62
|
-
response = @client.put('session/keys')
|
63
|
-
verify_keys response
|
64
|
-
end
|
65
|
-
|
66
|
-
private
|
67
|
-
|
68
|
-
def verify_create(response)
|
69
|
-
case response.status_code
|
70
|
-
when 200
|
71
|
-
return JSON.parse response.body
|
72
|
-
when 400
|
73
|
-
fail BadRequestError, 'Username format is not valid'
|
74
|
-
when 401
|
75
|
-
fail UnauthorizedError, 'Username or password is invalid'
|
76
|
-
when 500
|
77
|
-
fail InternalServerError, 'Too many users are connected'
|
78
|
-
else
|
79
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
80
|
-
'for further details.'
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
def verify_edit(response)
|
85
|
-
case response.status_code
|
86
|
-
when 200
|
87
|
-
return JSON.parse response.body
|
88
|
-
when 403
|
89
|
-
fail ForbiddenError,
|
90
|
-
'You do not have permission to edit the session data'
|
91
|
-
when 500
|
92
|
-
fail InternalServerError, 'Server failed to edit the user'
|
93
|
-
else
|
94
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
95
|
-
'for further details.'
|
96
|
-
end
|
97
|
-
end
|
98
|
-
|
99
|
-
def verify_get(response)
|
100
|
-
case response.status_code
|
101
|
-
when 200
|
102
|
-
return JSON.parse response.body
|
103
|
-
when 403
|
104
|
-
fail ForbiddenError,
|
105
|
-
'You do not have permission to view the session data'
|
106
|
-
else
|
107
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
108
|
-
'for further details.'
|
109
|
-
end
|
110
|
-
end
|
111
|
-
|
112
|
-
def verify_password(response)
|
113
|
-
case response.status_code
|
114
|
-
when 200
|
115
|
-
return JSON.parse response.body
|
116
|
-
when 400
|
117
|
-
fail BadRequestError, 'Password is too short'
|
118
|
-
when 401
|
119
|
-
fail UnauthorizedError,
|
120
|
-
'You do not have permission to change this password'
|
121
|
-
when 500
|
122
|
-
fail InternalServerError, 'Server failed to change the password'
|
123
|
-
else
|
124
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
125
|
-
'for further details.'
|
126
|
-
end
|
127
|
-
end
|
128
|
-
|
129
|
-
def verify_keys(response)
|
130
|
-
case response.status_code
|
131
|
-
when 200
|
132
|
-
return JSON.parse response.body
|
133
|
-
when 401
|
134
|
-
fail UnauthorizedError,
|
135
|
-
'You are not logged in / authenticated'
|
136
|
-
else
|
137
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
138
|
-
'for further details.'
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
end
|
@@ -1,180 +0,0 @@
|
|
1
|
-
require 'json'
|
2
|
-
require 'Nessus6/errors/bad_request'
|
3
|
-
require 'Nessus6/errors/conflict'
|
4
|
-
require 'Nessus6/errors/forbidden'
|
5
|
-
require 'Nessus6/errors/internal_server_error'
|
6
|
-
require 'Nessus6/errors/not_found'
|
7
|
-
require 'Nessus6/errors/unknown'
|
8
|
-
|
9
|
-
module Nessus6
|
10
|
-
class Users
|
11
|
-
def initialize(client)
|
12
|
-
@client = client
|
13
|
-
end
|
14
|
-
|
15
|
-
def create(credentials, user_perm, user_info = {})
|
16
|
-
new_user = {}.tap do |user|
|
17
|
-
user[:username] = credentials[:username]
|
18
|
-
user[:password] = credentials[:password]
|
19
|
-
user[:permissions] = user_perm[:permissions]
|
20
|
-
user[:type] = user_perm[:type]
|
21
|
-
user[:name] = user_info[:name] if user_info.key?(:name)
|
22
|
-
user[:email] = user_info[:email] if user_info.key?(:email)
|
23
|
-
end
|
24
|
-
|
25
|
-
response = @client.post('users', new_user)
|
26
|
-
|
27
|
-
verify_create response
|
28
|
-
end
|
29
|
-
|
30
|
-
def delete(user_id)
|
31
|
-
response = @client.delete("users/#{user_id}")
|
32
|
-
verify_delete response
|
33
|
-
end
|
34
|
-
|
35
|
-
def edit(user_id, permissions, user_info = {})
|
36
|
-
edit_user = {}.tap do |user|
|
37
|
-
user[:permissions] = permissions
|
38
|
-
user[:name] = user_info[:name] if user_info.key?(:name)
|
39
|
-
user[:email] = user_info[:email] if user_info.key?(:email)
|
40
|
-
end
|
41
|
-
response = @client.post("users/#{user_id}", edit_user)
|
42
|
-
verify_edit response
|
43
|
-
end
|
44
|
-
|
45
|
-
def get(user_id)
|
46
|
-
response = @client.get("users/#{user_id}")
|
47
|
-
verify_get response
|
48
|
-
end
|
49
|
-
|
50
|
-
def list
|
51
|
-
response = @client.get('users')
|
52
|
-
verify_list response
|
53
|
-
end
|
54
|
-
|
55
|
-
def password(user_id, new_password)
|
56
|
-
response = @client.post("users/#{user_id}/chpasswd",
|
57
|
-
password: new_password)
|
58
|
-
verify_password response
|
59
|
-
end
|
60
|
-
|
61
|
-
def keys(user_id)
|
62
|
-
response = @client.get("users/#{user_id}/keys")
|
63
|
-
verify_keys response
|
64
|
-
end
|
65
|
-
|
66
|
-
private
|
67
|
-
|
68
|
-
def verify_create(response)
|
69
|
-
case response.status_code
|
70
|
-
when 200
|
71
|
-
return JSON.parse response.body
|
72
|
-
when 400
|
73
|
-
fail BadRequestError, 'Field is invalid'
|
74
|
-
when 403
|
75
|
-
fail ForbiddenError, 'You do not have permission to create this user'
|
76
|
-
when 409
|
77
|
-
fail ConflictError, 'User already exists'
|
78
|
-
else
|
79
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
80
|
-
'for further details.'
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
def verify_delete(response)
|
85
|
-
case response.status_code
|
86
|
-
when 200
|
87
|
-
return true
|
88
|
-
when 403
|
89
|
-
fail ForbiddenError, 'Not authorized to delete users'
|
90
|
-
when 404
|
91
|
-
fail NotFoundError, 'You do not have permission to delete this user'
|
92
|
-
when 409
|
93
|
-
fail ConflictError, 'Cannot delete your own account'
|
94
|
-
when 500
|
95
|
-
fail InternalServerError,
|
96
|
-
'Failed to delete the user due to an interal server error'
|
97
|
-
else
|
98
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
99
|
-
'for further details.'
|
100
|
-
end
|
101
|
-
end
|
102
|
-
|
103
|
-
def verify_edit(response)
|
104
|
-
case response.status_code
|
105
|
-
when 200
|
106
|
-
return JSON.parse response.body
|
107
|
-
when 400
|
108
|
-
fail BadRequestError, 'Field is invalid'
|
109
|
-
when 403
|
110
|
-
fail ForbiddenError, 'You do not have permission to edit this user'
|
111
|
-
when 404
|
112
|
-
fail NotFoundError, 'User does not exist'
|
113
|
-
when 409
|
114
|
-
fail ConflictError, 'Cannot edit your own permissions'
|
115
|
-
else
|
116
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
117
|
-
'for further details.'
|
118
|
-
end
|
119
|
-
end
|
120
|
-
|
121
|
-
def verify_get(response)
|
122
|
-
case response.status_code
|
123
|
-
when 200
|
124
|
-
return JSON.parse response.body
|
125
|
-
when 404
|
126
|
-
fail NotFoundError, 'User does not exist'
|
127
|
-
else
|
128
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
129
|
-
'for further details.'
|
130
|
-
end
|
131
|
-
end
|
132
|
-
|
133
|
-
def verify_list(response)
|
134
|
-
case response.status_code
|
135
|
-
when 200
|
136
|
-
return JSON.parse response.body
|
137
|
-
when 403
|
138
|
-
fail ForbiddenError, 'You do not have permission to view the list'
|
139
|
-
else
|
140
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
141
|
-
'for further details.'
|
142
|
-
end
|
143
|
-
end
|
144
|
-
|
145
|
-
def verify_password(response)
|
146
|
-
case response.status_code
|
147
|
-
when 200
|
148
|
-
return true
|
149
|
-
when 400
|
150
|
-
fail BadRequestError, 'Password is too short'
|
151
|
-
when 403
|
152
|
-
fail ForbiddenError,
|
153
|
-
'You do not have permission to change the users password'
|
154
|
-
when 404
|
155
|
-
fail NotFoundError, 'User does not exist'
|
156
|
-
when 500
|
157
|
-
fail InternalServerError, 'Server failed to change the password'
|
158
|
-
else
|
159
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
160
|
-
'for further details.'
|
161
|
-
end
|
162
|
-
end
|
163
|
-
|
164
|
-
def verify_keys(response)
|
165
|
-
case response.status_code
|
166
|
-
when 200
|
167
|
-
return JSON.parse response.body
|
168
|
-
when 403
|
169
|
-
fail ForbiddenError, 'You do not have permission to generate API keys'
|
170
|
-
when 404
|
171
|
-
fail NotFoundError, 'User does not exist'
|
172
|
-
when 500
|
173
|
-
fail InternalServerError, 'Server failed to change the keys'
|
174
|
-
else
|
175
|
-
fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
|
176
|
-
'for further details.'
|
177
|
-
end
|
178
|
-
end
|
179
|
-
end
|
180
|
-
end
|