excl_site_asset_scan 0.0.1

data/bin/nexpose_api_util

@@ -0,0 +1,51 @@
+#!/usr/bin/env ruby
+
+require File.expand_path(File.join(File.dirname(__FILE__), '../lib/extended-api.rb'))
+
+#------------------------------------------------------------------------------------------------------
+# == Synopsis
+# Main script to execute specified  API commands against a specified NSC
+#
+# == Usage
+# ruby nexpose_api_util.rb --help
+#
+# == Author
+# Christopher Lee, Rapid7 LLC
+#------------------------------------------------------------------------------------------------------
+
+begin
+	if ARGV.length > 0
+		$is_command_line = false
+		begin
+			options = Options.parse ARGV
+			extended_api = ::ExtendedAPI.new options.user, options.password, options.host
+			extended_api.do_login
+			case options.key
+				when 1 then
+					extended_api.print_asset_groups
+				when 2 then
+					extended_api.print_asset_group_info options.args
+				when 3 then
+					extended_api.start_excluded_scan options.args
+				else
+					puts "Invalid Input!"
+			end
+
+		rescue Exception => e
+			puts e
+		ensure
+			begin
+				if extended_api
+					extended_api.do_logout
+				end
+			rescue Nexpose::APIError => e
+				# Don't care, maybe session already dead
+			end
+		end
+		exit 0
+	else
+		puts 'Input required'
+	end
+end
+
+

data/lib/api-options.rb

@@ -0,0 +1,41 @@
+require 'ostruct'
+require 'optparse'
+
+#------------------------------------------------------------------------------------------------------
+# Defines options to be executed against the NeXpose API
+#------------------------------------------------------------------------------------------------------
+class Options
+    def self.parse(args)
+      options = OpenStruct.new
+      options.verbose = false
+
+      option_parser = OptionParser.new  do |option_parser|
+        option_parser.on("-h HOST", "The network address of the NeXpose instance - Required") {|arg| options.host=arg}
+        option_parser.on("-u USER", "The user name - Required") {|arg| options.user=arg}
+        option_parser.on("-p PASSWORD", "The password - Required") {|arg| options.password=arg}
+        option_parser.on("--n1", "List all the asset groups") {|arg| options.key=1}
+        option_parser.on("--n2 GI", "List an asset groups config. The GI (group id or group name is required)") do |arg|
+          options.key=2
+          options.args=arg
+        end
+        option_parser.on("--ses params", "Start an asset group excluded scan where params are a comma separated list of the site-id to scan followed by
+                         asset group id(s) to exclude") do |arg|
+          options.key=3
+          options.args=arg.chomp
+        end
+        option_parser.on_tail("--help", "Help") do
+          puts option_parser
+          exit 0
+        end
+      end
+
+      begin
+       option_parser.parse!(args)
+        rescue OptionParser::ParseError => e
+            puts "#{e}\n\n#{option_parser}"
+            exit 1
+      end
+
+      options
+    end
+end

data/lib/extended-api.rb

@@ -0,0 +1,117 @@
+require File.expand_path(File.join(File.dirname(__FILE__), 'util.rb'))
+require File.expand_path(File.join(File.dirname(__FILE__), 'api-options.rb'))
+require 'rubygems'
+require 'rexml/document'
+require 'hirb'
+require 'nexpose'
+
+#------------------------------------------------------------------------------------------------------
+# Extends the base API functionality by combining common API commands to produce a simplified
+# user command.
+#------------------------------------------------------------------------------------------------------
+class ExtendedAPI
+	attr_accessor :user_name, :password, :host, :nexpose_api, :scan_manager
+	@@connected = false
+
+	def initialize user_name, password, host
+		@user_name = user_name
+		@password = password
+		@host = host
+		@nexpose_api = Nexpose::Connection.new @host, @user_name, @password
+	end
+
+	#-------------------------------------------------------------------
+	# Logs in to NeXpose and sets a session key on the connector object.
+	#-------------------------------------------------------------------
+	def do_login
+		if not @@connected
+			begin
+				if @nexpose_api.login
+					@@connected = true
+				end
+			rescue Exception => e
+				puts e.message
+			end
+		end
+	end
+
+	#------------------------------------------------------
+	# Prints all asset group information in tabular format:
+	# | site_id | device_id | address | riskfactor |
+	#------------------------------------------------------
+	def print_asset_group_info group_id
+		group_configs = @nexpose_api.asset_group_config group_id
+		puts "\nASSET GROUP INFO (id: #{group_id})"
+		puts Hirb::Helpers::AutoTable.render group_configs, :fields => [:site_id, :device_id, :address, :riskfactor]
+	rescue Exception => e
+		if e.message =~ /Invalid groupID/
+			puts 'Group ID does not exist'
+		else
+			puts e.message
+		end
+	end
+
+	#----------------------------------------------------------------
+	# Prints asset group configuration information in tabular format:
+	# | site_id | device_id | address | riskfactor |
+	#----------------------------------------------------------------
+	def print_asset_groups
+		res = @nexpose_api.asset_groups_listing
+		puts "\nASSET GROUPS:"
+		puts Hirb::Helpers::AutoTable.render res, :fields => [:asset_group_id, :name, :description, :risk_score]
+	end
+
+	#
+	#
+	#
+	def start_excluded_scan scan_info
+		# Parse the scan_info object to get site
+		# to be scanned and the asset group(s) to exclude
+		parsed_string = scan_info.to_s.split ','
+		site_id = parsed_string[0]
+		unless Util.is_number? site_id
+			raise ArgumentError.new 'The site-id must be a number'
+		end
+
+		# Get all the device_ids for the site
+		device_listing_hash = @nexpose_api.site_device_listing site_id
+		device_ids = []
+		device_listing_hash.each do |device_listing|
+			device_ids << device_listing[:device_id].to_i
+		end
+
+		# Get all the devices associated with the group(s)
+		device_ids_excluded = []
+		parsed_string.delete_at(0)
+		parsed_string.each do |group_id|
+			group_infos = @nexpose_api.asset_group_config group_id
+			group_infos.each do |group_info|
+				device_ids_excluded << group_info[:device_id].to_i
+			end
+		end
+
+		# Remove all the devices in the group
+		devices_to_scan = device_ids - device_ids_excluded
+
+		# Hopefully this is not an empty set
+		if not devices_to_scan or devices_to_scan.empty?
+			raise "There are no devices left to scan after devices in groups: #{parsed_string.inspect} are removed from site: #{site_id}"
+		end
+
+		# Start an ad-hoc scan.
+		res = @nexpose_api.site_device_scan_start site_id, devices_to_scan, nil
+		if res
+			puts "Scan started scan ID: #{res[:scan_id]}, on engine ID: #{res[:engine_id]}"
+		else
+			put "Scan start failed for site #{site}"
+		end
+	end
+
+	#
+	#
+	#
+	def do_logout
+		@nexpose_api.logout
+	end
+
+end

data/lib/util.rb

@@ -0,0 +1,33 @@
+class Util
+
+  #------------------------------------------------------------------------------------------------------
+  # Checks if the input is a number
+  #
+  # input: The object that will be tested
+  #------------------------------------------------------------------------------------------------------
+  def self.is_number? input
+    true if Float input rescue false
+  end
+
+  #------------------------------------------------------------------------------------------------------
+  # Retrieves numeric input only from the command line
+  #
+  # mssg: The message to display that requests the input
+  #------------------------------------------------------------------------------------------------------
+  def self.get_numeric_input mssg
+      begin
+        while true
+          print mssg
+          input = gets().chomp()
+          if Util.is_number? input
+            return input.to_i
+          else
+            puts "Input is not a number"
+          end
+        end
+        rescue Exception => e
+            puts e.message
+      end
+    end
+
+end

metadata

@@ -0,0 +1,75 @@
+--- !ruby/object:Gem::Specification
+name: excl_site_asset_scan
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Christopher Lee
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-07-20 00:00:00.000000000 -07:00
+default_executable: 
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: nexpose
+  requirement: &23552100 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.0.3
+  type: :runtime
+  prerelease: false
+  version_requirements: *23552100
+- !ruby/object:Gem::Dependency
+  name: hirb
+  requirement: &23551800 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.5
+  type: :runtime
+  prerelease: false
+  version_requirements: *23551800
+description: ! "  \tList asset groups, list information about certain asset groups,
+  start a site scan with certain asset groups excluded.\n"
+email: christopher_lee@rapid7.com
+executables:
+- nexpose_api_util
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/api-options.rb
+- lib/extended-api.rb
+- lib/util.rb
+- bin/nexpose_api_util
+has_rdoc: true
+homepage: https://github.com/chrlee/NeXpose-ScanManager-Interface/tree/master/examples/excluded_asset_scan
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.5.2
+signing_key: 
+specification_version: 3
+summary: List asset groups, list information about certain asset groups, start a site
+  scan with certain asset groups excluded.
+test_files: []