nessus 0.0.1.beta.3 → 0.1.0.beta.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1c2d075dda69e44d4cc603f80886a948d3b58eaa
4
- data.tar.gz: 33d27d7a4d4eb464afbf945454eafa41c79bd1a1
3
+ metadata.gz: 6fd85eb8888a94b58d1226f393645331b145e108
4
+ data.tar.gz: 34b48099ad2a41235bb5ae6cf5bcb295869b06d1
5
5
  SHA512:
6
- metadata.gz: 64c28b7b1794a009b490dab3a5256a13b909c335781e435b7bb440cdac130ed3ee9ff618167a20f19cc87f78b5c3d0a12008642312587d950a18d4841aca66ac
7
- data.tar.gz: 10421c1a9117a11f2b8329e6906736432df072212ae644e0e49a94478bbadc15397ab78480e7260ecbf416c7733f8f0ba410f6f5d624a226533271cdef6c2c0f
6
+ metadata.gz: 1a1a16b769c6ef0636cfc208851f6800a1d0e5e0acf1842cd9d23042d0c5a5332f2088965b2d029e5d596dd2f6ed389ace0798f29dae9b29350c7a068c24096b
7
+ data.tar.gz: 5cbfdc551c37ae5525816d5221e787839c3003d121518f73e9afe717c35b6097218d193c40a944996cd9003c188402f70f1296abe7801efe5923593a02cc5e77
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.0.0-p247
data/lib/nessus/client.rb CHANGED
@@ -29,10 +29,12 @@ module Nessus
29
29
  attr_reader :connection
30
30
 
31
31
  # @param [String] host the base URL to use when connecting to the Nessus API
32
- def initialize(host)
32
+ def initialize(host, login = nil, password = nil)
33
33
  @verify_ssl = Nessus::Client.verify_ssl.nil? ? true : false
34
34
  @connection = Faraday.new host, :ssl => { :verify => @verify_ssl }
35
35
  @connection.headers[:user_agent] = "Nessus.rb v#{Nessus::VERSION}".freeze
36
+
37
+ authenticate(login, password) if login && password
36
38
  end
37
39
 
38
40
  # POST /login
@@ -45,7 +47,8 @@ module Nessus
45
47
  :password => password,
46
48
  :json => 1
47
49
  }
48
- resp = post '/login', payload
50
+ resp = connection.post '/login', payload
51
+ resp = JSON.parse(resp.body)
49
52
 
50
53
  if resp['reply']['status'].eql? 'OK'
51
54
  connection.headers[:cookie] = "token=#{resp['reply']['contents']['token']}"
@@ -53,27 +56,44 @@ module Nessus
53
56
 
54
57
  true
55
58
  end
59
+ alias_method :login, :authenticate
56
60
 
57
- # # @return [String] {#inspect}'s output with a censored session token
58
- # def inspect
59
- # inspected = super
60
- #
61
- # if connection
62
- # cookie = CGI::Cookie.parse(connection.headers[:cookie])
63
- #
64
- # if cookie.keys.include? 'token'
65
- # inspected.gsub cookie['token'].to_s, ('*' * cookie['token'].to_s.length)
66
- # end
67
- # end
68
- #
69
- # inspected
70
- # end
61
+ # POST /logout
62
+ #
63
+ # @param [String] login the username of the account to use for authentication
64
+ # @param [String] password the password of the account to use for authentication
65
+ def logout
66
+ resp = post '/logout', :json => 1
67
+
68
+ if resp['reply']['status'].eql? 'OK'
69
+ if connection.headers[:cookie].include? 'token='
70
+ connection.headers.delete(:cookie)
71
+ else
72
+ # TODO: Instead of warning the user
73
+ # and deleting the cookies anyway delete only the token
74
+
75
+ $stdout.puts 'Deleting cookies...'
76
+ connection.headers.delete(:cookie)
77
+ end
78
+ end
79
+
80
+ true
81
+ end
82
+
83
+ def authenticated?
84
+ headers = connection.headers
85
+ !!headers[:cookie] && headers[:cookie].include?('token=')
86
+ end
71
87
 
72
88
  # @param [String] url the URL/path to send a GET request using the
73
89
  # connection object and default headers/parameters
74
90
  # @param [Hash] params the query parameters to send with the request
75
91
  # @param [Hash] headers the headers to send along with the request
76
92
  def get(url, params = {}, headers = {})
93
+ unless authenticated?
94
+ raise Nessus::Forbidden, 'Unable to detect a session token cookie, use #authenticate before sending any other requests'
95
+ end
96
+
77
97
  params ||= {}
78
98
  params[:json] ||= 1
79
99
 
@@ -88,6 +108,10 @@ module Nessus
88
108
  # @param [Hash] payload the JSON body to send with the request
89
109
  # @param [Hash] headers the headers to send along with the request
90
110
  def post(url, payload = nil, headers = nil, &block)
111
+ unless authenticated?
112
+ raise Nessus::Forbidden, 'Unable to detect a session token cookie, use #authenticate before sending any other requests'
113
+ end
114
+
91
115
  payload ||= {}
92
116
  payload[:json] ||= 1
93
117
 
@@ -6,7 +6,7 @@ module Nessus
6
6
  #
7
7
  # @param [String] uuid the unique ID (name) of the report to download
8
8
  # @return [String] the specified report as an XML string
9
- def download_report(uuid)
9
+ def report_download(uuid)
10
10
  resp = connection.get '/file/report/download', :report => uuid
11
11
  resp.body
12
12
  end
@@ -3,10 +3,32 @@ module Nessus
3
3
  # @author Erran Carey <me@errancarey.com>
4
4
  module Policy
5
5
  # GET /policy/list
6
+ def policy_list
7
+ response = get '/policy/list'
8
+ response['reply']['contents']['policies']['policy']
9
+ end
10
+
11
+ # @!group Policy Auxiliary Methods
12
+
13
+ # @return [Array<Array<String>>] an object containing a list of policies
14
+ # and their policy IDs
6
15
  def policies
7
- resp = get '/policy/list'
8
- resp['reply']['contents']['policies']['policy']
16
+ policy_list.map do |policy|
17
+ [policy['policyname'], policy['policyid']]
18
+ end
19
+ end
20
+
21
+ # @return [String] looks up policy ID by policy name
22
+ def policy_id_by_name(name)
23
+ policy_list.find{|policy| policy['policyname'].eql? name}['policyid']
24
+ end
25
+
26
+ # @return [String] looks up policy name by policy ID
27
+ def policy_name_by_id(id)
28
+ policy_list.find{|policy| policy['policyid'].eql? id}['policyname']
9
29
  end
30
+
31
+ #@!endgroup
10
32
  end
11
33
  end
12
34
  end
@@ -5,11 +5,90 @@ module Nessus
5
5
  # GET /report/list
6
6
  #
7
7
  # @return [Array<Hash>] an array of report hashes
8
- def reports
9
- resp = get '/report/list'
8
+ def report_list
9
+ response = get '/report/list'
10
+ response['reply']['contents']['reports']['report']
11
+ end
10
12
 
11
- resp['reply']['contents']['reports']['report']
13
+ # GET /file/xslt/list
14
+ #
15
+ # @return [Array<Hash>] an object containing a list of XSLT transformations
16
+ def xslt_list
17
+ response = post '/file/xslt/list'
18
+ response['reply']['contents']
12
19
  end
20
+
21
+ # POST /report/delete
22
+ #
23
+ # @param [String] report unique identifier
24
+ #
25
+ # @return status OK if successful
26
+ def report_delete(report)
27
+ response = post '/report/delete', :report => report
28
+ response['reply']['contents']
29
+ end
30
+
31
+ # POST /report/hosts
32
+ #
33
+ # @param [String] report unique identifier
34
+ #
35
+ # @return status OK if successful
36
+ def report_hosts(report)
37
+ response = get '/report/hosts', :report => report
38
+ response['reply']['contents']
39
+ end
40
+
41
+
42
+ # POST /report/ports
43
+ #
44
+ # @param [String] report unique identifier
45
+ # @param [String] hostname name of host to display open ports for
46
+ #
47
+ # @return an object containing a list of open ports on a specified host
48
+ def report_ports(report, hostname)
49
+ arguments = {
50
+ :report => report,
51
+ :hostname => hostname
52
+ }
53
+ response = post '/report/ports', arguments
54
+ response['reply']['contents']
55
+ end
56
+
57
+ # POST /report/details
58
+ #
59
+ # @param [String] report unique identifier
60
+ # @param [String] hostname to display scan results for
61
+ # @param [String] port to display scan results for
62
+ # @param [String] protocol of open port on host to display scan details for
63
+ #
64
+ # @return an object containing a details of specified scan
65
+ def report_details(report, hostname, port, protocol)
66
+ arguments = {
67
+ :report => report,
68
+ :hostname => hostname,
69
+ :port => port,
70
+ :protocol => protocol
71
+ }
72
+ response = post '/report/details', arguments
73
+ response['reply']['contents']
74
+ end
75
+
76
+ # POST /report/tags
77
+ #
78
+ # @param [String] report unique identifier
79
+ # @param [String] hostname name of host to display open ports for
80
+ #
81
+ # @return an object containing a list of tags for the specified host
82
+ def report_tags(report, hostname)
83
+ arguments = {
84
+ :report => report,
85
+ :hostname => hostname
86
+ }
87
+ response = post '/report/tags', arguments
88
+ response['reply']['contents']
89
+ end
90
+
91
+
13
92
  end
14
93
  end
15
94
  end
@@ -7,10 +7,10 @@ module Nessus
7
7
  # @param [String] target a string that contains the scan target(s)
8
8
  # @param [Fixnum] policy_id a numeric ID that references the policy to use
9
9
  # @param [String] scan_name the name to assign to this scan
10
- # @param [Fixnum] seq a unique identifer for the specific request
10
+ # @param [Fixnum] seq a unique identifier for the specific request
11
11
  #
12
12
  # @return [Hash] the newly created scan object
13
- def create_scan(target, policy_id, scan_name, seq = nil)
13
+ def scan_new(target, policy_id, scan_name, seq = nil)
14
14
  payload = {
15
15
  :target => target,
16
16
  :policy_id => policy_id,
@@ -18,22 +18,51 @@ module Nessus
18
18
  :json => 1
19
19
  }
20
20
  payload[:seq] = seq if seq
21
- resp = post '/scan/new', payload
21
+ response = post '/scan/new', payload
22
22
 
23
- if resp['reply']['status'].eql? 'ERROR'
24
- raise Nessus::UnknownError, resp['reply']['contents']
23
+ if response['reply']['status'].eql? 'ERROR'
24
+ raise Nessus::UnknownError, response['reply']['contents']
25
25
  end
26
26
 
27
- resp['reply']['contents'] # ['scan']
27
+ response['reply']['contents'] # ['scan']
28
28
  end
29
29
 
30
30
  # GET /scan/list
31
31
  #
32
32
  # @return [Array<Hash>] an array of scan hashes
33
- def scans
34
- resp = get '/scan/list'
33
+ def scan_list
34
+ response = get '/scan/list'
35
+ response['reply']['contents']
36
+ end
37
+
38
+ # POST /scan/stop
39
+ #
40
+ # @param [String] scan_uuid unique identifier for the scan
41
+ #
42
+ # @return status OK if successful
43
+ def scan_stop(scan_uuid)
44
+ response = post '/scan/stop', :scan_uuid => scan_uuid
45
+ response['reply']['contents']
46
+ end
35
47
 
36
- resp['reply']['contents']
48
+ # POST /scan/pause
49
+ #
50
+ # @param [String] scan_uuid unique identifier for the scan
51
+ #
52
+ # @return status OK if successful
53
+ def scan_pause(scan_uuid)
54
+ response = post '/scan/pause', :scan_uuid => scan_uuid
55
+ response['reply']['contents']
56
+ end
57
+
58
+ # POST /scan/resume
59
+ #
60
+ # @param [String] scan_uuid unique identifier for the scan
61
+ #
62
+ # @return status OK if successful
63
+ def scan_resume(scan_uuid)
64
+ response = post '/scan/resume', :scan_uuid => scan_uuid
65
+ response['reply']['contents']
37
66
  end
38
67
  end
39
68
  end
data/lib/nessus/error.rb CHANGED
@@ -1,4 +1,8 @@
1
1
  module Nessus
2
2
  # @todo add more descriptive error classes
3
+
4
+ # 403
5
+ Forbidden = Class.new(StandardError)
6
+ # *
3
7
  UnknownError = Class.new(StandardError)
4
8
  end
@@ -1,4 +1,4 @@
1
1
  module Nessus
2
2
  # The version of the Nessus.rb library
3
- VERSION = '0.0.1.beta.3'
3
+ VERSION = '0.1.0.beta.1'
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nessus
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1.beta.3
4
+ version: 0.1.0.beta.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Erran Carey
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-11-13 00:00:00.000000000 Z
12
+ date: 2013-11-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -90,6 +90,7 @@ extensions: []
90
90
  extra_rdoc_files: []
91
91
  files:
92
92
  - .gitignore
93
+ - .ruby-version
93
94
  - Gemfile
94
95
  - Gemfile.lock
95
96
  - LICENSE.md