nessus_api 2.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 21bf2c9f1cca3c36a7d49f20cf5d945045754c15
+  data.tar.gz: 716f4ffad165197e24db6cebbaba20b43d5f8e0e
+SHA512:
+  metadata.gz: 61762f9aa9dc1e1a858c26cd6ce585ce8f83a05be63fc0cf186ffe4e6da4ca4d0b7adb90bd15c0e7c9d564105408c1c4faacc5d90cbdf332461deba6c4c3690c
+  data.tar.gz: 8cbbf1276608c843a40ff7a28dc51d76df8dc8b59af1c5a2f7cc7b9acad504258a3732b8506c73286ed91d4cfe1553125ec2ed85ee609c67ec75cfb8b64fce57

data/LICENSE.md

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2013 Nicholas Wold
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/nessus_api/report.rb

@@ -0,0 +1,35 @@
+# report.rb
+# A collection of helper functions
+# that make API calls and then return
+# wanted information.
+
+module NessusAPI
+  module Helpers
+    def self.getSeverity(uuid, session=Session.current)
+      result = 0
+      xml = session.get('report2/hosts', {'report' => uuid})
+      xml.css('item').each do |i|
+        level = i.css('severityLevel').text.to_i
+        threat = i.css('count').text.to_i
+        if level > result
+          if threat
+            result = level
+          end
+        end
+      end
+      return result
+    end
+
+    def self.translateSeverity(n)
+      if n < 0 or n > 4
+        return 'Unknown'
+      end
+
+      return {0 => 'Minimal',
+              1 => 'Low',
+              2 => 'Medium',
+              3 => 'High',
+              4 => 'Critical'}[n]
+    end
+  end
+end

data/lib/nessus_api/scan.rb

@@ -0,0 +1,55 @@
+# scan.rb
+# Handles all of the scan logic
+# between the API and the installation.
+
+module NessusAPI
+  class Scan
+    # The class that handles API calls
+    # for individuals scans.
+    def initialize(target, scan_name, policy, session=Session.current)
+      # Creates a new scan on the Nessus
+      # installation using the given params.
+      @target = target
+      @name = scan_name
+      @policy = policy
+      @session = session
+      @uuid = @session.get('scan/new', {'target' => @target,
+        'scan_name' => @name, 'policy_id' => @policy}).at_css("uuid").text
+    end
+
+    def stop
+      changeStatus('stop')
+    end
+
+    def pause
+      # Pauses the current scan.
+      changeStatus('pause')
+    end
+
+    def resume
+      # Resumes the current scan from being
+      # paused.
+      changeStatus('resume')
+    end
+
+    def changeStatus(path)
+      # Helper function for stop, pause
+      # and resume.
+      if @session.get("scan/#{path}",
+                      {'scan_uuid' => @uuid}).css('status').text == 'OK'
+        return true
+      else
+        return false
+      end
+    end
+
+    def uuid
+      @uuid
+    end
+
+    def self.list(session = Session.current)
+      # Returns all currently running scan jobs.
+      session.scanList
+    end
+  end
+end

data/lib/nessus_api/session.rb

@@ -0,0 +1,96 @@
+# session.rb
+# Handles all of the session shit between
+# the gem and the Nessus installation.
+
+require 'uri'
+require 'net/http'
+require 'nokogiri'
+require 'openssl'
+
+module NessusAPI
+  class Session
+    # Keep that in mind when I start extending
+    # the class.
+    @@current = nil
+
+    def initialize(host=ENV['NESSUS_HOST'], user=ENV['NESSUS_USER'],
+                   pw=ENV['NESSUS_PASS'], port=ENV['NESSUS_PORT'])
+      # Attempts to connect with the given instance
+      # of Nessus. Returns errors when it cannot reach
+      # an installation, or if there are bad credentials
+      # given. Returns a token otherwise.
+      @host = host
+      @port = port
+      @token = self.get('login', {'login' => user, 'password' => pw},
+                   nil).css("token").text
+      @@current = self
+    end
+
+    def get(path, args={}, token=@token)
+      # Performs an API call using the path and arguments given.
+      # Returns a token if there is not already a token.
+      # Otherwise, it returns the response from the server.
+      args['token'] = @token
+      args['seq'] = Random.new.rand(9999).to_s
+      url = URI('https://' + @host + ':' + @port + '/' + path)
+      request = Net::HTTP::Post.new(url.path)
+      request.set_form_data(args)
+      conn = Net::HTTP.new(url.host, url.port)
+      conn.use_ssl = true
+      conn.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      begin
+        response = conn.request(request)
+        if response.is_a?(Net::HTTPSuccess)
+          response_xml = Nokogiri::XML(response.body)
+          if response_xml.at_css("seq").text != args['seq']
+            raise StandardError, "Secret token did not match!"
+          elsif response_xml.at_css("status").text != 'OK'
+            raise AuthenticationError, "Credentials are not valid!"
+          end
+          return response_xml
+        else
+          raise ConnectionError, "Could not connect properly!"
+        end
+      rescue => e
+        raise e
+      end
+    end
+
+    def close
+      # Logs out of Nessus installation
+      # Returns a true, if it works.
+      if self.get('logout').css('contents').text == 'OK'
+        return true
+      else
+        return false
+      end
+    end
+
+    def self.current
+      @@current
+    end
+
+    def current
+      @@current
+    end
+
+    def scanList
+      get('scan/list', {}).at_css('scanList')
+    end
+
+    def policies
+      results = []
+      @doc = get('policy/list', {})
+        (0..@doc.css("policies policyName").length-1).each do |i|
+          results << [@doc.css("policies policyName")[i].text, @doc.css("policies policyID")[i].text]
+        end
+      return results
+    end
+  end
+
+  class AuthenticationError < StandardError
+  end
+
+  class ConnectionError < StandardError
+  end
+end

data/lib/nessus_api/template.rb

@@ -0,0 +1,60 @@
+# template.rb
+# Does API things with installation.
+
+module NessusAPI
+  class Template
+    # The class that handles the specific
+    # calls for templates.
+    def initialize(template_name, policy_id, target,
+                  startTime=nil, rRules=nil,
+                  session=Session.current)
+      @name = template_name
+      @policy = policy_id
+      @target = target
+      @session = session
+      @time = startTime
+      @rules = rRules
+      params = optional({'template_name' => @name, 'policy_id' => @policy,
+                'target' => @target}, @time, @rules)
+      @uuid = @session.get('scan/template/new', params).at_css("name").text
+    end
+
+    def edit(old_name, new_name, policy_id, target,
+             startTime=nil, rRules=nil)
+      params = optional({'template' => old_name, 'template_name' => new_name,
+                'policy_id' => policy_id, 'target' => target})
+      if @session.get('scan/template/edit', params).css('status').text == 'OK'
+        return true
+      else
+        return false
+      end
+    end
+
+    def launch(uuid=@uuid)
+      # Returns the uuid of a template scan.
+      return @session.get('scan/template/launch',
+                     {'template' => uuid}).at_css('uuid').text
+    end
+
+    def delete(uuid=@uuid)
+      if @session.get('scan/template/delete',
+                     {'template' => uuid}).css('status').text == 'OK'
+        return true
+      else
+        return false
+      end
+    end
+
+    def optional(params, startTime, rRules)
+      # Returns a hash given with a new hash
+      # with the optional attributes added.
+      if !startTime.nil?
+        params['startTime'] = startTime
+      end
+      if !rRules.nil?
+        params['rRules'] = rRules
+      end
+      return params
+    end
+  end
+end

data/lib/nessus_api.rb

@@ -0,0 +1,11 @@
+require 'dotenv'
+Dotenv.load()
+
+require_relative "nessus_api/scan.rb"
+require_relative "nessus_api/session.rb"
+require_relative "nessus_api/template.rb"
+require_relative "nessus_api/report.rb"
+
+module NessusAPI
+  VERSION = '2.0.0'
+end

data/spec/api_spec.rb

@@ -0,0 +1,110 @@
+# session_spec.rb
+require 'factory_girl'
+require_relative '../lib/nessus_api'
+require 'nokogiri'
+
+RSpec.configure do |config|
+  config.include FactoryGirl::Syntax::Methods
+end
+
+describe NessusAPI::Session do
+  describe ".new" do
+    context 'can connect' do
+      it 'does not raise an error' do
+        expect{NessusAPI::Session.new().close()}.to_not raise_error()
+      end
+    end
+
+    context 'cannot connect' do
+      it 'responds with an error' do
+        expect{NessusAPI::Session.new('256.256.256.256').close}.to raise_error
+      end
+    end
+
+    context 'bad credentials' do
+      it 'responds with an error' do
+        expect{NessusAPI::Session.new(ENV['NESSUS_HOST'], nil, nil).close}.to raise_error
+      end
+    end
+  end
+
+  describe ".close" do
+    context 'done doing things' do
+      it 'returns true' do
+        expect{NessusAPI::Session.new.close}.to be_true
+      end
+    end
+  end
+
+  describe ".list" do
+    let(:scan) {NessusAPI::Session.new()}
+    it 'returns an xml object' do
+      expect {scan.scanList.is_a?(Nokogiri::XML::Document)}.to be_true
+      scan.close()
+    end
+  end
+end
+
+describe NessusAPI::Scan do
+  let(:session) { NessusAPI::Session.new() }
+  let(:scan) { NessusAPI::Scan.new('127.0.0.1', 'API Test Scan', '-9') }
+
+  describe ".new" do
+    it 'to have a uuid' do
+      expect{scan.uuid}.to_not be_nil()
+    end
+  end
+
+  describe ".pause" do
+    it 'returns true' do
+      expect {scan.pause}.to be_true
+    end
+  end
+
+  describe ".resume" do
+    it 'returns true' do
+      expect {scan.resume}.to be_true
+    end
+  end
+
+  describe ".stop" do
+    it 'returns true' do
+      expect {scan.stop}.to be_true
+    end
+  end
+
+  describe ".list" do
+    it 'returns a nokogiri object' do
+      expect {NessusAPI::Scan.list.is_a?(Nokogiri::XML::Document)}.to be_true
+    end
+  end
+end
+
+describe NessusAPI::Template do
+  let(:session) {NessusAPI::Session.new()}
+  let(:template) {NessusAPI::Template.new('Test Template', '-9', '127.0.0.1')}
+  describe ".new" do
+    it 'does not raise an error' do
+      expect {template.is_a?(NessusAPI::Template)}.to be_true
+    end
+  end
+
+  describe ".edit" do
+    it 'returns true' do
+      expect {template.edit('Test Template', 'Test 2: Test Harder', '-9',
+                            '127.0.0.1')}.to be_true
+    end
+  end
+
+  describe '.launch' do
+    it 'returns true' do
+      expect {template.launch}.to be_true
+    end
+  end
+
+  describe '.delete' do
+    it 'returns true' do
+      expect {template.delete}.to be_true
+    end
+  end
+end

data/spec/factories.rb

@@ -0,0 +1,7 @@
+FactoryGirl.define do
+  factory :scan do
+    target '127.0.0.1'
+    scan_name 'API Test Scan'
+    policy '-9'
+  end
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: nessus_api
+version: !ruby/object:Gem::Version
+  version: 2.0.0
+platform: ruby
+authors:
+- Nicholas Wold
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Intelligently allows for use of Nessus API, both with gathering and editing
+  information.
+email: nicholas.wold@berkeley.edu
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/nessus_api/report.rb
+- lib/nessus_api/template.rb
+- lib/nessus_api/session.rb
+- lib/nessus_api/scan.rb
+- lib/nessus_api.rb
+- spec/api_spec.rb
+- spec/factories.rb
+- README.md
+- LICENSE.md
+homepage: http://www.nicholaswold.com
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.10
+signing_key: 
+specification_version: 4
+summary: Allows interaction with Nessus REST API.
+test_files: []
+has_rdoc: