NexposeRunner 0.0.16 → 0.0.17b
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/NexposeRunner.gemspec +1 -1
- data/bin/scan +3 -2
- data/config/scan.yml.example +2 -0
- data/lib/NexposeRunner/version.rb +2 -1
- data/lib/nexpose-runner/constants.rb +3 -1
- data/lib/nexpose-runner/scan.rb +8 -13
- data/lib/nexpose-runner/scan_run_description.rb +20 -0
- data/spec/scan_spec.rb +55 -64
- metadata +6 -8
- data/spec/data/test_exclist.txt +0 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e2590c12a930cd78ea7a98bc29b6ef168e3a58c9
|
|
4
|
+
data.tar.gz: 02cb068245f7a6f67ebd6766ac446dd83f08f21f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cffa73b37cd25356e60f12324274806734a614a8827b4a14d2b44835e0f6c21be55cfcd62b71d934cfeba006ffe14fa3085ccbf1bce2e8c78793786477c4afad
|
|
7
|
+
data.tar.gz: 45f65266bd748c9264e945dc2699189b9bfc376a54b31a8573d28fa047dcfca007e186299665d39e405dca14dc056487aa63b0dbfd9576249f8dc459854b39a8
|
data/NexposeRunner.gemspec
CHANGED
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
19
19
|
spec.require_paths = ['lib']
|
|
20
20
|
|
|
21
|
-
spec.add_dependency 'nexpose', '
|
|
21
|
+
spec.add_dependency 'nexpose', '7.1.1'
|
|
22
22
|
|
|
23
23
|
spec.add_development_dependency 'bundler', '~> 1.6'
|
|
24
24
|
spec.add_development_dependency 'rake', '< 11.0'
|
data/bin/scan
CHANGED
|
@@ -13,8 +13,9 @@ if ARGV.grep(/^--/).empty?
|
|
|
13
13
|
'site_name' => ARGV[4],
|
|
14
14
|
'ip_addresses' => ARGV[5],
|
|
15
15
|
'scan_template' => ARGV[6],
|
|
16
|
-
'engine' => ARGV[7]
|
|
17
|
-
|
|
16
|
+
'engine' => ARGV[7],
|
|
17
|
+
'timeout' => ARGV[8],
|
|
18
|
+
'open_timeout' => ARGV[9]})
|
|
18
19
|
else
|
|
19
20
|
NexposeRunner::Scan.start(ARGV)
|
|
20
21
|
end
|
data/config/scan.yml.example
CHANGED
|
@@ -8,8 +8,10 @@ module CONSTANTS
|
|
|
8
8
|
REQUIRED_SCAN_TEMPLATE_MESSAGE = 'OOPS! Looks like you forgot to give me a Scan Template to use'
|
|
9
9
|
VULNERABILITY_FOUND_MESSAGE = '---------All YOUR BASE ARE BELONG TO US---------------\nVulnerabilities were found, breaking build'
|
|
10
10
|
DEFAULT_PORT = '3780'
|
|
11
|
+
DEFAULT_TIMEOUT = '120'
|
|
12
|
+
DEFAULT_OPEN_TIMEOUT = '120'
|
|
11
13
|
VULNERABILITY_REPORT_NAME = 'nexpose-vulnerability-report.csv'
|
|
12
|
-
VULNERABILITY_DETAIL_REPORT_NAME = 'nexpose-vulnerability-detail-report.csv'
|
|
14
|
+
VULNERABILITY_DETAIL_REPORT_NAME = 'nexpose-vulnerability-detail-report.csv'
|
|
13
15
|
SOFTWARE_REPORT_NAME = 'nexpose-software-report.csv'
|
|
14
16
|
POLICY_REPORT_NAME = 'nexpose-policy-report.csv'
|
|
15
17
|
|
data/lib/nexpose-runner/scan.rb
CHANGED
|
@@ -8,7 +8,7 @@ require 'nexpose-runner/scan_run_description'
|
|
|
8
8
|
|
|
9
9
|
module NexposeRunner
|
|
10
10
|
module Scan
|
|
11
|
-
|
|
11
|
+
|
|
12
12
|
def self.allow_vulnerabilities?(vulnerabilities, run_details)
|
|
13
13
|
vuln_array = []
|
|
14
14
|
exceptions_array = get_exceptions(run_details)
|
|
@@ -33,13 +33,8 @@ module NexposeRunner
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def self.get_exceptions(run_details)
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
if path.include? "http:"
|
|
39
|
-
ex = Net::HTTP.get(uri).split("\n")
|
|
40
|
-
elsif (File.file?(path))
|
|
41
|
-
ex = File.read(path).split("\n")
|
|
42
|
-
end
|
|
36
|
+
uri = URI("#{run_details.exceptions_list_url}")
|
|
37
|
+
ex = Net::HTTP.get(uri).split("\n")
|
|
43
38
|
ex
|
|
44
39
|
end
|
|
45
40
|
|
|
@@ -63,7 +58,7 @@ module NexposeRunner
|
|
|
63
58
|
puts "Scan complete for #{run_details.site_name}, Generating Vulnerability Report"
|
|
64
59
|
vulnerabilities = generate_report(CONSTANTS::VULNERABILITY_REPORT_QUERY, site.id, nsc)
|
|
65
60
|
generate_csv(vulnerabilities, CONSTANTS::VULNERABILITY_REPORT_NAME)
|
|
66
|
-
|
|
61
|
+
|
|
67
62
|
puts "Scan complete for #{run_details.site_name}, Generating Vulnerability Detail Report"
|
|
68
63
|
vuln_details = generate_report(CONSTANTS:: VULNERABILITY_DETAIL_REPORT_QUERY, site.id, nsc)
|
|
69
64
|
generate_csv(vuln_details, CONSTANTS::VULNERABILITY_DETAIL_REPORT_NAME)
|
|
@@ -78,7 +73,7 @@ module NexposeRunner
|
|
|
78
73
|
|
|
79
74
|
puts "Scan complete for #{run_details.site_name}, Generating Audit Report"
|
|
80
75
|
generate_template_report(nsc, site.id, CONSTANTS::AUDIT_REPORT_FILE_NAME, CONSTANTS::AUDIT_REPORT_NAME, CONSTANTS::AUDIT_REPORT_FORMAT)
|
|
81
|
-
|
|
76
|
+
|
|
82
77
|
puts "Scan complete for #{run_details.site_name}, Generating Xml Report"
|
|
83
78
|
generate_template_report(nsc, site.id, CONSTANTS::XML_REPORT_FILE_NAME, CONSTANTS::XML_REPORT_NAME, CONSTANTS::XML_REPORT_FORMAT)
|
|
84
79
|
|
|
@@ -88,7 +83,7 @@ module NexposeRunner
|
|
|
88
83
|
def self.verify_run(vulnerabilities, run_details)
|
|
89
84
|
|
|
90
85
|
if run_details.exceptions_list_url.to_s.empty? and vulnerabilities.count > 0
|
|
91
|
-
raise StandardError, CONSTANTS::VULNERABILITY_FOUND_MESSAGE
|
|
86
|
+
raise StandardError, CONSTANTS::VULNERABILITY_FOUND_MESSAGE
|
|
92
87
|
|
|
93
88
|
elsif vulnerabilities.count == 0
|
|
94
89
|
puts "No vulnerabilities found!"
|
|
@@ -116,14 +111,14 @@ module NexposeRunner
|
|
|
116
111
|
puts "Creating a nexpose site named #{run_details.site_name}"
|
|
117
112
|
site = Nexpose::Site.new run_details.site_name, run_details.scan_template
|
|
118
113
|
run_details.ip_addresses.each { |address|
|
|
119
|
-
site.
|
|
114
|
+
site.included_addresses address
|
|
120
115
|
}
|
|
121
116
|
if run_details.engine
|
|
122
117
|
site.engine = run_details.engine
|
|
123
118
|
end
|
|
124
119
|
site.save nsc
|
|
125
120
|
puts "Created site #{run_details.site_name} successfully with the following host(s) #{run_details.ip_addresses.join(', ')}"
|
|
126
|
-
|
|
121
|
+
|
|
127
122
|
site
|
|
128
123
|
end
|
|
129
124
|
|
|
@@ -5,6 +5,8 @@ class ScanRunDescription
|
|
|
5
5
|
attr_accessor :connection_url, :exceptions_list_url, :username, :password, :port, :site_name, :ip_addresses, :scan_template, :engine
|
|
6
6
|
@@port_value = ''
|
|
7
7
|
@@ip_addresses = []
|
|
8
|
+
@@timeout = ''
|
|
9
|
+
@@open_timeout =''
|
|
8
10
|
exceptions_list_url_value = ''
|
|
9
11
|
|
|
10
12
|
def initialize(options)
|
|
@@ -23,6 +25,8 @@ class ScanRunDescription
|
|
|
23
25
|
self.ip_addresses = options['ip_addresses']
|
|
24
26
|
self.scan_template = options['scan_template']
|
|
25
27
|
self.engine = options['engine']
|
|
28
|
+
self.timeout = options['timeout']
|
|
29
|
+
self.open_timeout = options['open_timeout']
|
|
26
30
|
end
|
|
27
31
|
|
|
28
32
|
def verify
|
|
@@ -43,6 +47,22 @@ class ScanRunDescription
|
|
|
43
47
|
get_value(@@port_value, CONSTANTS::DEFAULT_PORT)
|
|
44
48
|
end
|
|
45
49
|
|
|
50
|
+
def timeout=(value)
|
|
51
|
+
@@timeout = value
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def timeout
|
|
55
|
+
get_value(@@timeout, CONSTANTS::DEFAULT_TIMEOUT)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def open_timeout=(value)
|
|
59
|
+
@@open_timeout = value
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def open_timeout
|
|
63
|
+
get_value(@@open_timeout, CONSTANTS::DEFAULT_OPEN_TIMEOUT)
|
|
64
|
+
end
|
|
65
|
+
|
|
46
66
|
def exceptions_list_url=(value)
|
|
47
67
|
@@exceptions_list_url_value = value
|
|
48
68
|
end
|
data/spec/scan_spec.rb
CHANGED
|
@@ -21,6 +21,8 @@ describe 'nexpose-runner' do
|
|
|
21
21
|
@expected_site_name = 'my_cool_software_build-28'
|
|
22
22
|
@expected_ips = '10.5.0.15,10.5.0.20,10.5.0.35'
|
|
23
23
|
@expected_scan_template = 'full-audit-widget-corp'
|
|
24
|
+
@timeout = '120'
|
|
25
|
+
@open_timeout = '120'
|
|
24
26
|
|
|
25
27
|
@mock_scan_id = '12'
|
|
26
28
|
@mock_site_id = '1'
|
|
@@ -29,8 +31,8 @@ describe 'nexpose-runner' do
|
|
|
29
31
|
@mock_vuln_report = 'ip_address,title,date_published,severity,summary,fix
|
|
30
32
|
10.5.0.15,Database Open Access,2010-01-01,Severe,Restrict database access,<p><p>Configure the database server to only allow access to trusted systems. For example, the PCI DSS standard requires you to place the database in an internal network zone, segregated from the DMZ </p></p>
|
|
31
33
|
10.5.0.15.180,MySQL Obsolete Version,2007-07-25,Critical,Upgrade to the latest version of Oracle MySQL,<p>Download and apply the upgrade from: <a href=http://dev.mysql.com/downloads/mysql>http://dev.mysql.com/downloads/mysql</a></p>'.chomp
|
|
32
|
-
@mock_exceptions = "Database Open Access\nMySQL Obsolete Version"
|
|
33
|
-
|
|
34
|
+
@mock_exceptions = "Database Open Access\nMySQL Obsolete Version"
|
|
35
|
+
|
|
34
36
|
@mock_vuln_detail_report = 'stuff'.chomp
|
|
35
37
|
|
|
36
38
|
@mock_software_report = 'name,ip_address,host_name,description,description,vendor,name,version
|
|
@@ -63,6 +65,8 @@ describe 'nexpose-runner' do
|
|
|
63
65
|
'site_name' => @expected_site_name,
|
|
64
66
|
'ip_addresses' => @expected_ips,
|
|
65
67
|
'scan_template' => @expected_scan_template,
|
|
68
|
+
'timeout' => @timeout,
|
|
69
|
+
'open_timeout' => @open_timeout
|
|
66
70
|
}
|
|
67
71
|
|
|
68
72
|
end
|
|
@@ -70,9 +74,10 @@ describe 'nexpose-runner' do
|
|
|
70
74
|
it 'should create a session with the nexpose server' do
|
|
71
75
|
expect(Nexpose::Connection).to receive(:new)
|
|
72
76
|
.with(@options['connection_url'],
|
|
73
|
-
@options['username'],
|
|
74
|
-
@options['password'],
|
|
75
|
-
@options['port']
|
|
77
|
+
@options['username'],
|
|
78
|
+
@options['password'],
|
|
79
|
+
@options['port']
|
|
80
|
+
)
|
|
76
81
|
.and_return(@mock_nexpose_client)
|
|
77
82
|
|
|
78
83
|
expect(@mock_nexpose_client).to receive(:login)
|
|
@@ -84,56 +89,56 @@ describe 'nexpose-runner' do
|
|
|
84
89
|
it 'should throw an error if no connection url is passed' do
|
|
85
90
|
options = @options.clone
|
|
86
91
|
options['connection_url'] = nil
|
|
87
|
-
expect {
|
|
88
|
-
NexposeRunner::Scan.start(options)
|
|
92
|
+
expect {
|
|
93
|
+
NexposeRunner::Scan.start(options)
|
|
89
94
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me the URL/IP address to your Nexpose Server')
|
|
90
95
|
end
|
|
91
96
|
|
|
92
97
|
it 'should throw an error if no username is passed' do
|
|
93
98
|
options = @options.clone
|
|
94
99
|
options['username'] = nil
|
|
95
|
-
expect {
|
|
96
|
-
NexposeRunner::Scan.start(options)
|
|
100
|
+
expect {
|
|
101
|
+
NexposeRunner::Scan.start(options)
|
|
97
102
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a username to login to Nexpose with')
|
|
98
103
|
end
|
|
99
104
|
|
|
100
105
|
it 'should throw an error if no password is passed' do
|
|
101
106
|
options = @options.clone
|
|
102
107
|
options['password'] = nil
|
|
103
|
-
expect {
|
|
104
|
-
NexposeRunner::Scan.start(options)
|
|
108
|
+
expect {
|
|
109
|
+
NexposeRunner::Scan.start(options)
|
|
105
110
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a password to login to Nexpose with')
|
|
106
111
|
end
|
|
107
112
|
|
|
108
113
|
it 'should throw an error if no site name is passed' do
|
|
109
114
|
options = @options.clone
|
|
110
115
|
options['site_name'] = nil
|
|
111
|
-
expect {
|
|
112
|
-
NexposeRunner::Scan.start(options)
|
|
116
|
+
expect {
|
|
117
|
+
NexposeRunner::Scan.start(options)
|
|
113
118
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a Nexpose Site Name')
|
|
114
119
|
end
|
|
115
120
|
|
|
116
121
|
it 'should throw an error if no ip address is passed' do
|
|
117
122
|
options = @options.clone
|
|
118
123
|
options['ip_addresses'] = '';
|
|
119
|
-
expect {
|
|
120
|
-
NexposeRunner::Scan.start(options)
|
|
124
|
+
expect {
|
|
125
|
+
NexposeRunner::Scan.start(options)
|
|
121
126
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me an IP Address to scan')
|
|
122
127
|
end
|
|
123
128
|
|
|
124
129
|
it 'should throw an error if no scan template is passed' do
|
|
125
130
|
options = @options.clone
|
|
126
131
|
options['scan_template'] = nil
|
|
127
|
-
expect {
|
|
128
|
-
NexposeRunner::Scan.start(options)
|
|
132
|
+
expect {
|
|
133
|
+
NexposeRunner::Scan.start(options)
|
|
129
134
|
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a Scan Template to use')
|
|
130
135
|
end
|
|
131
136
|
|
|
132
137
|
it 'should use 3780 as default if port is empty string' do
|
|
133
138
|
expect(Nexpose::Connection).to receive(:new)
|
|
134
|
-
.with(@options['connection_url'],
|
|
135
|
-
@options['username'],
|
|
136
|
-
@options['password'],
|
|
139
|
+
.with(@options['connection_url'],
|
|
140
|
+
@options['username'],
|
|
141
|
+
@options['password'],
|
|
137
142
|
'3780')
|
|
138
143
|
.and_return(@mock_nexpose_client)
|
|
139
144
|
|
|
@@ -153,7 +158,7 @@ describe 'nexpose-runner' do
|
|
|
153
158
|
|
|
154
159
|
it 'should add the supplied ip address to the newly created site' do
|
|
155
160
|
@expected_ips.split(',').each { |ip|
|
|
156
|
-
expect(@mock_nexpose_site).to receive(:
|
|
161
|
+
expect(@mock_nexpose_site).to receive(:included_addresses).with(ip)
|
|
157
162
|
}
|
|
158
163
|
NexposeRunner::Scan.start(@options)
|
|
159
164
|
end
|
|
@@ -176,37 +181,37 @@ describe 'nexpose-runner' do
|
|
|
176
181
|
describe 'wait for the Nexpose Scan to complete' do
|
|
177
182
|
it 'should call to check the status of the scan' do
|
|
178
183
|
expect(@mock_nexpose_client).to receive(:scan_statistics).with(@mock_scan_id)
|
|
179
|
-
|
|
184
|
+
|
|
180
185
|
NexposeRunner::Scan.start(@options)
|
|
181
186
|
end
|
|
182
|
-
|
|
187
|
+
|
|
183
188
|
it 'should call to check the status until it is not running' do
|
|
184
189
|
expect(@mock_scan_summary).to receive(:status)
|
|
185
190
|
.and_return(Nexpose::Scan::Status::RUNNING)
|
|
186
191
|
.exactly(3).times
|
|
187
192
|
.ordered
|
|
188
|
-
|
|
193
|
+
|
|
189
194
|
expect(@mock_scan_summary).to receive(:status)
|
|
190
195
|
.and_return(Nexpose::Scan::Status::FINISHED)
|
|
191
196
|
.once
|
|
192
197
|
.ordered
|
|
193
|
-
|
|
198
|
+
|
|
194
199
|
NexposeRunner::Scan.start(@options)
|
|
195
200
|
end
|
|
196
|
-
|
|
201
|
+
|
|
197
202
|
it 'should sleep for 3 seconds if the status is still running' do
|
|
198
203
|
expect(@mock_scan_summary).to receive(:status)
|
|
199
204
|
.and_return(Nexpose::Scan::Status::RUNNING)
|
|
200
205
|
.exactly(3).times
|
|
201
206
|
.ordered
|
|
202
|
-
|
|
207
|
+
|
|
203
208
|
expect(@mock_scan_summary).to receive(:status)
|
|
204
209
|
.and_return(Nexpose::Scan::Status::FINISHED)
|
|
205
210
|
.once
|
|
206
211
|
.ordered
|
|
207
212
|
|
|
208
213
|
expect(NexposeRunner::Scan).to receive(:sleep).with(3).exactly(4).times
|
|
209
|
-
|
|
214
|
+
|
|
210
215
|
NexposeRunner::Scan.start(@options)
|
|
211
216
|
end
|
|
212
217
|
end
|
|
@@ -225,16 +230,16 @@ describe 'nexpose-runner' do
|
|
|
225
230
|
expect(Nexpose::AdhocReportConfig).to receive(:new)
|
|
226
231
|
.with(CONSTANTS::AUDIT_REPORT_NAME, CONSTANTS::AUDIT_REPORT_FORMAT, @mock_site_id)
|
|
227
232
|
.and_return(@mock_report)
|
|
228
|
-
|
|
233
|
+
|
|
229
234
|
expect(Nexpose::AdhocReportConfig).to receive(:new)
|
|
230
235
|
.with(CONSTANTS::XML_REPORT_NAME, CONSTANTS::XML_REPORT_FORMAT, @mock_site_id)
|
|
231
236
|
.and_return(@mock_report)
|
|
232
237
|
|
|
233
238
|
expect_template_report_to_be_called_with(CONSTANTS::AUDIT_REPORT_FILE_NAME)
|
|
234
239
|
expect_template_report_to_be_called_with(CONSTANTS::XML_REPORT_FILE_NAME)
|
|
235
|
-
|
|
236
|
-
expect {
|
|
237
|
-
NexposeRunner::Scan.start(@options)
|
|
240
|
+
|
|
241
|
+
expect {
|
|
242
|
+
NexposeRunner::Scan.start(@options)
|
|
238
243
|
}.to raise_error(StandardError, CONSTANTS::VULNERABILITY_FOUND_MESSAGE)
|
|
239
244
|
end
|
|
240
245
|
end
|
|
@@ -242,30 +247,19 @@ describe 'nexpose-runner' do
|
|
|
242
247
|
it 'should throw exception if vulnerability exists' do
|
|
243
248
|
expect_report_to_be_called_with(CONSTANTS::VULNERABILITY_REPORT_NAME, CONSTANTS::VULNERABILITY_REPORT_QUERY, @mock_vuln_report)
|
|
244
249
|
|
|
245
|
-
expect {
|
|
246
|
-
NexposeRunner::Scan.start(@options)
|
|
250
|
+
expect {
|
|
251
|
+
NexposeRunner::Scan.start(@options)
|
|
247
252
|
}.to raise_error(StandardError, CONSTANTS::VULNERABILITY_FOUND_MESSAGE)
|
|
248
253
|
end
|
|
249
254
|
|
|
250
255
|
it 'should not throw exception if exceptions exist for all vulnerabilities' do
|
|
251
256
|
expect_report_to_be_called_with(CONSTANTS::VULNERABILITY_REPORT_NAME, CONSTANTS::VULNERABILITY_REPORT_QUERY, @mock_vuln_report)
|
|
252
|
-
|
|
257
|
+
|
|
253
258
|
options = @options.clone
|
|
254
259
|
options['exceptions_list_url'] = 'http://google.com'
|
|
255
|
-
|
|
260
|
+
|
|
256
261
|
expect_exceptions_to_be_called_with(options['exceptions_list_url'])
|
|
257
|
-
|
|
258
|
-
NexposeRunner::Scan.start(options)
|
|
259
|
-
end
|
|
260
|
-
|
|
261
|
-
it 'should not throw exception if exceptions exist from a file for all vulnerabilities' do
|
|
262
|
-
expect_report_to_be_called_with(CONSTANTS::VULNERABILITY_REPORT_NAME, CONSTANTS::VULNERABILITY_REPORT_QUERY, @mock_vuln_report)
|
|
263
|
-
|
|
264
|
-
options = @options.clone
|
|
265
|
-
options['exceptions_list_url'] = 'spec/data/test_exclist.txt'
|
|
266
|
-
|
|
267
|
-
expect_exceptions_to_be_called_with_file(options['exceptions_list_url'])
|
|
268
|
-
|
|
262
|
+
|
|
269
263
|
NexposeRunner::Scan.start(options)
|
|
270
264
|
end
|
|
271
265
|
end
|
|
@@ -281,10 +275,6 @@ def expect_exceptions_to_be_called_with(exceptions_list_url)
|
|
|
281
275
|
.with(uri).and_return(@mock_exceptions)
|
|
282
276
|
end
|
|
283
277
|
|
|
284
|
-
def expect_exceptions_to_be_called_with_file(exceptions_list_url)
|
|
285
|
-
expect(File.read(exceptions_list_url)).to eq "Database Open Access\nMySQL Obsolete Version\n"
|
|
286
|
-
end
|
|
287
|
-
|
|
288
278
|
def expect_report_to_be_called_with(report_name, report_query, report_response)
|
|
289
279
|
expect(@mock_report).to receive(:add_filter)
|
|
290
280
|
.with('version', '1.3.0')
|
|
@@ -321,29 +311,29 @@ def get_mock_nexpose_client
|
|
|
321
311
|
|
|
322
312
|
allow(Nexpose::Connection).to receive(:new)
|
|
323
313
|
.and_return(mock_nexpose_client)
|
|
324
|
-
|
|
314
|
+
|
|
325
315
|
allow(mock_nexpose_client).to receive(:make_xml)
|
|
326
316
|
.with(any_args)
|
|
327
317
|
.and_return(xml)
|
|
328
|
-
|
|
318
|
+
|
|
329
319
|
allow(mock_nexpose_client).to receive(:make_xml)
|
|
330
320
|
.with(any_args)
|
|
331
321
|
.and_return(xml)
|
|
332
|
-
|
|
322
|
+
|
|
333
323
|
allow(mock_nexpose_client).to receive(:filter)
|
|
334
324
|
.with(any_args)
|
|
335
|
-
.and_return({})
|
|
336
|
-
|
|
325
|
+
.and_return({})
|
|
326
|
+
|
|
337
327
|
allow(mock_nexpose_client).to receive(:execute)
|
|
338
328
|
.with(any_args)
|
|
339
329
|
.and_return(mock_api_request)
|
|
340
|
-
|
|
330
|
+
|
|
341
331
|
allow(mock_api_request).to receive(:success)
|
|
342
332
|
.and_return(false) #this is just to shut up the underlying api.
|
|
343
|
-
|
|
333
|
+
|
|
344
334
|
allow(mock_api_request).to receive(:attributes)
|
|
345
|
-
.and_return(xml)
|
|
346
|
-
|
|
335
|
+
.and_return(xml)
|
|
336
|
+
|
|
347
337
|
mock_nexpose_client
|
|
348
338
|
end
|
|
349
339
|
|
|
@@ -355,9 +345,9 @@ def get_mock_scan_summary
|
|
|
355
345
|
allow(mock_scan_summary).to receive(:tasks).and_return(tasks)
|
|
356
346
|
|
|
357
347
|
allow(mock_scan_summary).to receive(:status).and_return(
|
|
348
|
+
Nexpose::Scan::Status::RUNNING,
|
|
358
349
|
Nexpose::Scan::Status::RUNNING,
|
|
359
|
-
|
|
360
|
-
Nexpose::Scan::Status::RUNNING,
|
|
350
|
+
Nexpose::Scan::Status::RUNNING,
|
|
361
351
|
Nexpose::Scan::Status::FINISHED)
|
|
362
352
|
mock_scan_summary
|
|
363
353
|
end
|
|
@@ -374,7 +364,7 @@ def get_mock_nexpose_site
|
|
|
374
364
|
.and_return(@mock_site_id)
|
|
375
365
|
|
|
376
366
|
@expected_ips.split(',').each { |ip|
|
|
377
|
-
allow(mock_nexpose_site).to receive(:
|
|
367
|
+
allow(mock_nexpose_site).to receive(:included_addresses).with(ip)
|
|
378
368
|
}
|
|
379
369
|
|
|
380
370
|
allow(mock_nexpose_site).to receive(:save)
|
|
@@ -421,3 +411,4 @@ def get_mock_scan
|
|
|
421
411
|
allow(mock_scan).to receive(:id).and_return(@mock_scan_id)
|
|
422
412
|
mock_scan
|
|
423
413
|
end
|
|
414
|
+
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: NexposeRunner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.17b
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nathan Gibson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-10-
|
|
11
|
+
date: 2017-10-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nexpose
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 7.1.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: 7.1.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -91,7 +91,6 @@ files:
|
|
|
91
91
|
- lib/nexpose-runner/constants.rb
|
|
92
92
|
- lib/nexpose-runner/scan.rb
|
|
93
93
|
- lib/nexpose-runner/scan_run_description.rb
|
|
94
|
-
- spec/data/test_exclist.txt
|
|
95
94
|
- spec/scan_config_spec.rb
|
|
96
95
|
- spec/scan_spec.rb
|
|
97
96
|
- spec/spec_helper.rb
|
|
@@ -110,9 +109,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
110
109
|
version: '0'
|
|
111
110
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
112
111
|
requirements:
|
|
113
|
-
- - "
|
|
112
|
+
- - ">"
|
|
114
113
|
- !ruby/object:Gem::Version
|
|
115
|
-
version:
|
|
114
|
+
version: 1.3.1
|
|
116
115
|
requirements: []
|
|
117
116
|
rubyforge_project:
|
|
118
117
|
rubygems_version: 2.5.2
|
|
@@ -123,7 +122,6 @@ summary: This is a gem that provides the ability to create a new site, add an IP
|
|
|
123
122
|
and finally produce a reports for vulnerabilities, installed software, and policy
|
|
124
123
|
compliance.
|
|
125
124
|
test_files:
|
|
126
|
-
- spec/data/test_exclist.txt
|
|
127
125
|
- spec/scan_config_spec.rb
|
|
128
126
|
- spec/scan_spec.rb
|
|
129
127
|
- spec/spec_helper.rb
|
data/spec/data/test_exclist.txt
DELETED