NexposeRunner 0.0.17b → 0.0.18b
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/bin/scan +1 -1
- data/config/scan.yml.example +2 -2
- data/lib/NexposeRunner/version.rb +1 -1
- data/lib/nexpose-runner/command_line_arg_parser.rb +5 -5
- data/lib/nexpose-runner/constants.rb +1 -1
- data/lib/nexpose-runner/scan.rb +4 -4
- data/lib/nexpose-runner/scan_run_description.rb +4 -4
- data/spec/scan_spec.rb +5 -5
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d1536cfdfc2c19fce8e94788b322f2e8a43b7537
|
4
|
+
data.tar.gz: '00728fc5b2cc85d0ee62c29bd2342829535c4a6e'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a6a8a660ea6f780fa7130d2e209f963e0271b2ac8d34deaa1c1983e187bc1ae5fedb395d3ef1e80409f7f949f0a5aa3d58db2d67b95ada0b44d3cc00547d545e
|
7
|
+
data.tar.gz: cf8835ed343017dbd61c39843a61f79d9e6c206bcb868b83453ce58b5e36e8cdb51c1999714b7f43ecc3615b8edfe077f02bdf1be2d69faad9e3ec26dd46db0e
|
data/README.md
CHANGED
@@ -30,7 +30,7 @@ This gem allows you to specify the Nexpose Server URL, Exceptions URL (optional)
|
|
30
30
|
|
31
31
|
EXAMPLE:
|
32
32
|
|
33
|
-
$ scan --connection test.com --exceptions_list_url raw.github.com/exceptions.txt --username username1 --password password1 --port 443 --site-name myfirstsite --ip-addresses 192.168.1.10 --scan-template full-audit --
|
33
|
+
$ scan --connection test.com --exceptions_list_url raw.github.com/exceptions.txt --username username1 --password password1 --port 443 --site-name myfirstsite --ip-addresses 192.168.1.10 --scan-template full-audit --engine_id 2
|
34
34
|
|
35
35
|
It is possible to use a YAML file to drive the configuration of this module. An example configuration file is provided in config/scan.yml.example. Simply copy it to config/scan.yml and modify it to work with your environment.
|
36
36
|
|
data/bin/scan
CHANGED
data/config/scan.yml.example
CHANGED
@@ -11,7 +11,7 @@ class CommandLineArgumentParser
|
|
11
11
|
options['site_name'] = ''
|
12
12
|
options['ip_addresses'] = ''
|
13
13
|
options['scan_template'] = ''
|
14
|
-
options['
|
14
|
+
options['engine_id'] = ''
|
15
15
|
|
16
16
|
opt_parser = OptionParser.new do |opts|
|
17
17
|
opts.banner = 'Usage: scan [options]'
|
@@ -46,12 +46,12 @@ class CommandLineArgumentParser
|
|
46
46
|
options['ip_addresses'] = ips
|
47
47
|
end
|
48
48
|
|
49
|
-
opts.on('--scan-template TEMPLATE', 'Nexpose scan template to use') do |template|
|
50
|
-
options['
|
49
|
+
opts.on('--scan-template-id TEMPLATE', 'Nexpose scan template to use') do |template|
|
50
|
+
options['scan_template_id'] = template
|
51
51
|
end
|
52
52
|
|
53
|
-
opts.on('--engine ENGINE', 'Nexpose scan engine to use') do |engine|
|
54
|
-
options['
|
53
|
+
opts.on('--engine-id ENGINE', 'Nexpose scan engine to use') do |engine|
|
54
|
+
options['engine_id'] = engine
|
55
55
|
end
|
56
56
|
|
57
57
|
|
@@ -5,7 +5,7 @@ module CONSTANTS
|
|
5
5
|
REQUIRED_PASSWORD_MESSAGE = 'OOPS! Looks like you forgot to give me a password to login to Nexpose with'
|
6
6
|
REQUIRED_SITE_NAME_MESSAGE = 'OOPS! Looks like you forgot to give me a Nexpose Site Name'
|
7
7
|
REQUIRED_IP_ADDRESS_MESSAGE = 'OOPS! Looks like you forgot to give me an IP Address to scan'
|
8
|
-
REQUIRED_SCAN_TEMPLATE_MESSAGE = 'OOPS! Looks like you forgot to give me a Scan Template to use'
|
8
|
+
REQUIRED_SCAN_TEMPLATE_MESSAGE = 'OOPS! Looks like you forgot to give me a Scan Template ID to use'
|
9
9
|
VULNERABILITY_FOUND_MESSAGE = '---------All YOUR BASE ARE BELONG TO US---------------\nVulnerabilities were found, breaking build'
|
10
10
|
DEFAULT_PORT = '3780'
|
11
11
|
DEFAULT_TIMEOUT = '120'
|
data/lib/nexpose-runner/scan.rb
CHANGED
@@ -96,7 +96,7 @@ module NexposeRunner
|
|
96
96
|
|
97
97
|
def self.start_scan(nsc, site, run_details)
|
98
98
|
|
99
|
-
puts "Starting scan for #{run_details.site_name} using the #{run_details.
|
99
|
+
puts "Starting scan for #{run_details.site_name} using the #{run_details.scan_template_id} scan template"
|
100
100
|
scan = site.scan nsc
|
101
101
|
|
102
102
|
begin
|
@@ -109,12 +109,12 @@ module NexposeRunner
|
|
109
109
|
|
110
110
|
def self.create_site(run_details, nsc)
|
111
111
|
puts "Creating a nexpose site named #{run_details.site_name}"
|
112
|
-
site = Nexpose::Site.new run_details.site_name, run_details.
|
112
|
+
site = Nexpose::Site.new run_details.site_name, run_details.scan_template_id
|
113
113
|
run_details.ip_addresses.each { |address|
|
114
114
|
site.included_addresses address
|
115
115
|
}
|
116
|
-
if run_details.
|
117
|
-
site.
|
116
|
+
if run_details.engine_id
|
117
|
+
site.engine_id = run_details.engine_id
|
118
118
|
end
|
119
119
|
site.save nsc
|
120
120
|
puts "Created site #{run_details.site_name} successfully with the following host(s) #{run_details.ip_addresses.join(', ')}"
|
@@ -2,7 +2,7 @@ require 'yaml'
|
|
2
2
|
require 'nexpose-runner/command_line_arg_parser'
|
3
3
|
|
4
4
|
class ScanRunDescription
|
5
|
-
attr_accessor :connection_url, :exceptions_list_url, :username, :password, :port, :site_name, :ip_addresses, :
|
5
|
+
attr_accessor :connection_url, :exceptions_list_url, :username, :password, :port, :site_name, :ip_addresses, :scan_template_id, :engine_id
|
6
6
|
@@port_value = ''
|
7
7
|
@@ip_addresses = []
|
8
8
|
@@timeout = ''
|
@@ -23,8 +23,8 @@ class ScanRunDescription
|
|
23
23
|
@@port_value = options['port']
|
24
24
|
self.site_name = options['site_name']
|
25
25
|
self.ip_addresses = options['ip_addresses']
|
26
|
-
self.
|
27
|
-
self.
|
26
|
+
self.scan_template_id = options['scan_template_id']
|
27
|
+
self.engine_id = options['engine_id']
|
28
28
|
self.timeout = options['timeout']
|
29
29
|
self.open_timeout = options['open_timeout']
|
30
30
|
end
|
@@ -35,7 +35,7 @@ class ScanRunDescription
|
|
35
35
|
raise StandardError, CONSTANTS::REQUIRED_PASSWORD_MESSAGE if password.nil? || password.empty?
|
36
36
|
raise StandardError, CONSTANTS::REQUIRED_SITE_NAME_MESSAGE if site_name.nil? || site_name.empty?
|
37
37
|
raise StandardError, CONSTANTS::REQUIRED_IP_ADDRESS_MESSAGE if ip_addresses.length == 0
|
38
|
-
raise StandardError, CONSTANTS::REQUIRED_SCAN_TEMPLATE_MESSAGE if
|
38
|
+
raise StandardError, CONSTANTS::REQUIRED_SCAN_TEMPLATE_MESSAGE if scan_template_id.nil? || scan_template_id.empty?
|
39
39
|
|
40
40
|
end
|
41
41
|
|
data/spec/scan_spec.rb
CHANGED
@@ -20,7 +20,7 @@ describe 'nexpose-runner' do
|
|
20
20
|
@expected_port = '3781'
|
21
21
|
@expected_site_name = 'my_cool_software_build-28'
|
22
22
|
@expected_ips = '10.5.0.15,10.5.0.20,10.5.0.35'
|
23
|
-
@
|
23
|
+
@expected_scan_template_id = 'full-audit-widget-corp'
|
24
24
|
@timeout = '120'
|
25
25
|
@open_timeout = '120'
|
26
26
|
|
@@ -64,7 +64,7 @@ describe 'nexpose-runner' do
|
|
64
64
|
'port' => @expected_port,
|
65
65
|
'site_name' => @expected_site_name,
|
66
66
|
'ip_addresses' => @expected_ips,
|
67
|
-
'
|
67
|
+
'scan_template_id' => @expected_scan_template_id,
|
68
68
|
'timeout' => @timeout,
|
69
69
|
'open_timeout' => @open_timeout
|
70
70
|
}
|
@@ -128,10 +128,10 @@ describe 'nexpose-runner' do
|
|
128
128
|
|
129
129
|
it 'should throw an error if no scan template is passed' do
|
130
130
|
options = @options.clone
|
131
|
-
options['
|
131
|
+
options['scan_template_id'] = nil
|
132
132
|
expect {
|
133
133
|
NexposeRunner::Scan.start(options)
|
134
|
-
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a Scan Template to use')
|
134
|
+
}.to raise_error(StandardError, 'OOPS! Looks like you forgot to give me a Scan Template ID to use')
|
135
135
|
end
|
136
136
|
|
137
137
|
it 'should use 3780 as default if port is empty string' do
|
@@ -150,7 +150,7 @@ describe 'nexpose-runner' do
|
|
150
150
|
|
151
151
|
it 'should create a new Nexpose site with the supplied site name and scan template' do
|
152
152
|
expect(Nexpose::Site).to receive(:new)
|
153
|
-
.with(@options['site_name'], @options['
|
153
|
+
.with(@options['site_name'], @options['scan_template_id'])
|
154
154
|
.and_return(@mock_nexpose_site)
|
155
155
|
|
156
156
|
NexposeRunner::Scan.start(@options)
|