nessus 0.0.1.beta.3 → 0.1.0.beta.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1c2d075dda69e44d4cc603f80886a948d3b58eaa
-  data.tar.gz: 33d27d7a4d4eb464afbf945454eafa41c79bd1a1
+  metadata.gz: 6fd85eb8888a94b58d1226f393645331b145e108
+  data.tar.gz: 34b48099ad2a41235bb5ae6cf5bcb295869b06d1
 SHA512:
-  metadata.gz: 64c28b7b1794a009b490dab3a5256a13b909c335781e435b7bb440cdac130ed3ee9ff618167a20f19cc87f78b5c3d0a12008642312587d950a18d4841aca66ac
-  data.tar.gz: 10421c1a9117a11f2b8329e6906736432df072212ae644e0e49a94478bbadc15397ab78480e7260ecbf416c7733f8f0ba410f6f5d624a226533271cdef6c2c0f
+  metadata.gz: 1a1a16b769c6ef0636cfc208851f6800a1d0e5e0acf1842cd9d23042d0c5a5332f2088965b2d029e5d596dd2f6ed389ace0798f29dae9b29350c7a068c24096b
+  data.tar.gz: 5cbfdc551c37ae5525816d5221e787839c3003d121518f73e9afe717c35b6097218d193c40a944996cd9003c188402f70f1296abe7801efe5923593a02cc5e77

data/.ruby-version

@@ -0,0 +1 @@
+2.0.0-p247

data/lib/nessus/client.rb

@@ -29,10 +29,12 @@ module Nessus
     attr_reader :connection
 
     # @param [String] host the base URL to use when connecting to the Nessus API
-    def initialize(host)
+    def initialize(host, login = nil, password = nil)
       @verify_ssl = Nessus::Client.verify_ssl.nil? ? true : false
       @connection = Faraday.new host, :ssl => { :verify => @verify_ssl }
       @connection.headers[:user_agent] = "Nessus.rb v#{Nessus::VERSION}".freeze
+
+      authenticate(login, password) if login && password
     end
 
     # POST /login
@@ -45,7 +47,8 @@ module Nessus
         :password => password,
         :json => 1
       }
-      resp = post '/login', payload
+      resp = connection.post '/login', payload
+      resp = JSON.parse(resp.body)
 
       if resp['reply']['status'].eql? 'OK'
         connection.headers[:cookie] = "token=#{resp['reply']['contents']['token']}"
@@ -53,27 +56,44 @@ module Nessus
 
       true
     end
+    alias_method :login, :authenticate
 
-#    # @return [String] {#inspect}'s output with a censored session token
-#    def inspect
-#      inspected = super
-#
-#      if connection
-#        cookie = CGI::Cookie.parse(connection.headers[:cookie])
-#
-#        if cookie.keys.include? 'token'
-#          inspected.gsub cookie['token'].to_s, ('*' * cookie['token'].to_s.length)
-#        end
-#      end
-#
-#      inspected
-#    end
+    # POST /logout
+    #
+    # @param [String] login the username of the account to use for authentication
+    # @param [String] password the password of the account to use for authentication
+    def logout
+      resp = post '/logout', :json => 1
+
+      if resp['reply']['status'].eql? 'OK'
+        if connection.headers[:cookie].include? 'token='
+          connection.headers.delete(:cookie)
+        else
+          # TODO: Instead of warning the user
+          # and deleting the cookies anyway delete only the token
+
+          $stdout.puts 'Deleting cookies...'
+          connection.headers.delete(:cookie)
+        end
+      end
+
+      true
+    end
+
+    def authenticated?
+      headers = connection.headers
+      !!headers[:cookie] && headers[:cookie].include?('token=')
+    end
 
     # @param [String] url the URL/path to send a GET request using the
     #   connection object and default headers/parameters
     # @param [Hash] params the query parameters to send with the request
     # @param [Hash] headers the headers to send along with the request
     def get(url, params = {}, headers = {})
+      unless authenticated?
+        raise Nessus::Forbidden, 'Unable to detect a session token cookie, use #authenticate before sending any other requests'
+      end
+
       params ||= {}
       params[:json] ||= 1
 
@@ -88,6 +108,10 @@ module Nessus
     # @param [Hash] payload the JSON body to send with the request
     # @param [Hash] headers the headers to send along with the request
     def post(url, payload = nil, headers = nil, &block)
+      unless authenticated?
+        raise Nessus::Forbidden, 'Unable to detect a session token cookie, use #authenticate before sending any other requests'
+      end
+
       payload ||= {}
       payload[:json] ||= 1
 

data/lib/nessus/client/file.rb

@@ -6,7 +6,7 @@ module Nessus
       #
       # @param [String] uuid the unique ID (name) of the report to download
       # @return [String] the specified report as an XML string
-      def download_report(uuid)
+      def report_download(uuid)
         resp = connection.get '/file/report/download', :report => uuid
         resp.body
       end

data/lib/nessus/client/policy.rb

@@ -3,10 +3,32 @@ module Nessus
     # @author Erran Carey <me@errancarey.com>
     module Policy
       # GET /policy/list
+      def policy_list
+        response = get '/policy/list'
+        response['reply']['contents']['policies']['policy']
+      end
+
+      # @!group Policy Auxiliary Methods
+
+      # @return [Array<Array<String>>] an object containing a list of policies
+      # and their policy IDs
       def policies
-        resp = get '/policy/list'
-        resp['reply']['contents']['policies']['policy']
+        policy_list.map do |policy|
+          [policy['policyname'], policy['policyid']]
+        end
+      end
+
+      # @return [String] looks up policy ID by policy name
+      def policy_id_by_name(name)
+        policy_list.find{|policy| policy['policyname'].eql? name}['policyid']
+      end
+
+      # @return [String] looks up policy name by policy ID
+      def policy_name_by_id(id)
+        policy_list.find{|policy| policy['policyid'].eql? id}['policyname']
       end
+
+      #@!endgroup
     end
   end
 end

data/lib/nessus/client/report.rb

@@ -5,11 +5,90 @@ module Nessus
       # GET /report/list
       #
       # @return [Array<Hash>] an array of report hashes
-      def reports
-        resp = get '/report/list'
+      def report_list
+        response = get '/report/list'
+        response['reply']['contents']['reports']['report']
+      end
 
-        resp['reply']['contents']['reports']['report']
+      # GET /file/xslt/list
+      #
+      # @return [Array<Hash>] an object containing a list of XSLT transformations
+      def xslt_list
+        response = post '/file/xslt/list'
+        response['reply']['contents']
       end
+
+      # POST /report/delete
+      #
+      # @param [String] report unique identifier
+      #
+      # @return status OK if successful
+      def report_delete(report)
+        response = post '/report/delete', :report => report
+        response['reply']['contents']
+      end
+
+      # POST /report/hosts
+      #
+      # @param [String] report unique identifier
+      #
+      # @return status OK if successful
+      def report_hosts(report)
+        response = get '/report/hosts', :report => report
+        response['reply']['contents']
+      end
+
+
+      # POST /report/ports
+      #
+      # @param [String] report unique identifier
+      # @param [String] hostname name of host to display open ports for
+      #
+      # @return an object containing a list of open ports on a specified host
+      def report_ports(report, hostname)
+        arguments = {
+                      :report => report,
+                      :hostname => hostname
+                    }
+        response = post '/report/ports', arguments
+        response['reply']['contents']
+      end
+
+      # POST /report/details
+      #
+      # @param [String] report unique identifier
+      # @param [String] hostname to display scan results for
+      # @param [String] port to display scan results for
+      # @param [String] protocol of open port on host to display scan details for
+      #
+      # @return an object containing a details of specified scan
+      def report_details(report, hostname, port, protocol)
+        arguments = {
+                       :report => report,
+                       :hostname => hostname,
+                       :port => port,
+                       :protocol => protocol
+                     }
+        response = post '/report/details', arguments
+        response['reply']['contents']
+      end
+
+      # POST /report/tags
+      #
+      # @param [String] report unique identifier
+      # @param [String] hostname name of host to display open ports for
+      #
+      # @return an object containing a list of tags for the specified host
+      def report_tags(report, hostname)
+        arguments = {
+                      :report => report,
+                      :hostname => hostname
+                    }
+        response = post '/report/tags', arguments
+        response['reply']['contents']
+      end
+
+
     end
   end
 end

data/lib/nessus/client/scan.rb

@@ -7,10 +7,10 @@ module Nessus
       # @param [String] target a string that contains the scan target(s)
       # @param [Fixnum] policy_id a numeric ID that references the policy to use
       # @param [String] scan_name the name to assign to this scan
-      # @param [Fixnum] seq a unique identifer for the specific request
+      # @param [Fixnum] seq a unique identifier for the specific request
       #
       # @return [Hash] the newly created scan object
-      def create_scan(target, policy_id, scan_name, seq = nil)
+      def scan_new(target, policy_id, scan_name, seq = nil)
         payload = {
           :target => target,
           :policy_id => policy_id,
@@ -18,22 +18,51 @@ module Nessus
           :json => 1
         }
         payload[:seq] = seq if seq
-        resp = post '/scan/new', payload
+        response = post '/scan/new', payload
 
-        if resp['reply']['status'].eql? 'ERROR'
-          raise Nessus::UnknownError, resp['reply']['contents']
+        if response['reply']['status'].eql? 'ERROR'
+          raise Nessus::UnknownError, response['reply']['contents']
         end
 
-        resp['reply']['contents'] # ['scan']
+        response['reply']['contents'] # ['scan']
       end
 
       # GET /scan/list
       #
       # @return [Array<Hash>] an array of scan hashes
-      def scans
-        resp = get '/scan/list'
+      def scan_list
+        response = get '/scan/list'
+        response['reply']['contents']
+      end
+
+      # POST /scan/stop
+      #
+      # @param [String] scan_uuid unique identifier for the scan
+      #
+      # @return status OK if successful
+      def scan_stop(scan_uuid)
+        response = post '/scan/stop', :scan_uuid => scan_uuid
+        response['reply']['contents']
+      end
 
-        resp['reply']['contents']
+      # POST /scan/pause
+      #
+      # @param [String] scan_uuid unique identifier for the scan
+      #
+      # @return status OK if successful
+      def scan_pause(scan_uuid)
+        response = post '/scan/pause', :scan_uuid => scan_uuid
+        response['reply']['contents']
+      end
+
+      # POST /scan/resume
+      #
+      # @param [String] scan_uuid unique identifier for the scan
+      #
+      # @return status OK if successful
+      def scan_resume(scan_uuid)
+        response = post '/scan/resume', :scan_uuid => scan_uuid
+        response['reply']['contents']
       end
     end
   end

data/lib/nessus/error.rb

@@ -1,4 +1,8 @@
 module Nessus
   # @todo add more descriptive error classes
+
+  # 403
+  Forbidden = Class.new(StandardError)
+  # *
   UnknownError = Class.new(StandardError)
 end

data/lib/nessus/version.rb

@@ -1,4 +1,4 @@
 module Nessus
   # The version of the Nessus.rb library
-  VERSION = '0.0.1.beta.3'
+  VERSION = '0.1.0.beta.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nessus
 version: !ruby/object:Gem::Version
-  version: 0.0.1.beta.3
+  version: 0.1.0.beta.1
 platform: ruby
 authors:
 - Erran Carey
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-13 00:00:00.000000000 Z
+date: 2013-11-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -90,6 +90,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .ruby-version
 - Gemfile
 - Gemfile.lock
 - LICENSE.md